/// <summary> /// Duplicate an instance from current process to an other process /// </summary> /// <param name="process">The destination process (with DupHandle access)</param> /// <param name="handle">The handle value to duplicate</param> /// <param name="access">The access rights to duplicate with</param> /// <param name="options">The options for duplication.</param> /// <param name="throw_on_error">True to throw an exception on error.</param> /// <returns>The NT status code and object result.</returns> public static NtResult <IntPtr> DuplicateTo(NtProcess process, SafeKernelObjectHandle handle, A access, DuplicateObjectOptions options, bool throw_on_error) { return(DuplicateHandle(NtProcess.Current, handle.DangerousGetHandle(), process, ToGenericAccess(access), AttributeFlags.None, options, throw_on_error)); }
/// <summary> /// Create a .NET wait handle from an object. /// </summary> /// <param name="obj">The object to create the wait handle on</param> internal NtWaitHandle(NtObject obj) { using (SafeKernelObjectHandle handle = NtObject.DuplicateHandle(obj.Handle)) { SafeWaitHandle = new SafeWaitHandle(handle.DangerousGetHandle(), true); handle.SetHandleAsInvalid(); } }
private static SafeRegistryHandle DuplicateAsRegistry(SafeHandle handle) { using (SafeKernelObjectHandle dup_handle = DuplicateHandle(NtProcess.Current, handle, NtProcess.Current)) { SafeRegistryHandle ret = new SafeRegistryHandle(dup_handle.DangerousGetHandle(), true); dup_handle.SetHandleAsInvalid(); return(ret); } }
public static NtStatus SetDynamicCodeTrust(SafeKernelObjectHandle handle) { SystemCodeIntegrityVerificationInformation info = new SystemCodeIntegrityVerificationInformation() { FileHandle = handle.DangerousGetHandle() }; return(Set(SystemInformationClass.SystemCodeIntegrityVerificationInformation, info, false)); }
/// <summary> /// Duplicate the internal handle to a new handle. /// </summary> /// <param name="flags">Attribute flags for new handle</param> /// <param name="src_handle">The source handle to duplicate</param> /// <param name="src_process">The source process to duplicate from</param> /// <param name="dest_process">The desination process for the handle</param> /// <param name="options">Duplicate handle options</param> /// <param name="access_rights">The access rights for the new handle</param> /// <param name="throw_on_error">True to throw an exception on error.</param> /// <returns>The NT status code and object result.</returns> internal static NtResult <SafeKernelObjectHandle> DuplicateHandle( NtProcess src_process, SafeKernelObjectHandle src_handle, NtProcess dest_process, AccessMask access_rights, AttributeFlags flags, DuplicateObjectOptions options, bool throw_on_error) { return(DuplicateHandle(src_process, src_handle.DangerousGetHandle(), dest_process, access_rights, flags, options, throw_on_error).Map(h => new SafeKernelObjectHandle(h, true))); }
public static NtStatus QueryDynamicCodeTrust(SafeKernelObjectHandle handle, IntPtr image, int image_size) { SystemCodeIntegrityVerificationInformation info = new SystemCodeIntegrityVerificationInformation() { FileHandle = handle.DangerousGetHandle(), Image = image, ImageSize = image_size }; return(Query(SystemInformationClass.SystemCodeIntegrityVerificationInformation, info, false).Status); }
/// <summary> /// Close a handle. /// </summary> /// <param name="handle">The handle to close.</param> /// <returns>The NT status code.</returns> public static NtStatus CloseHandle(SafeKernelObjectHandle handle) { return(CloseHandle(handle.DangerousGetHandle())); }