forked from OneshotGH/supremacy
-
Notifications
You must be signed in to change notification settings - Fork 1
/
nt.h
38 lines (32 loc) · 1.18 KB
/
nt.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
#pragma once
#define THREAD_CREATE_FLAGS_CREATE_SUSPENDED 0x00000001
#define THREAD_CREATE_FLAGS_SKIP_THREAD_ATTACH 0x00000002 // ?
#define THREAD_CREATE_FLAGS_HIDE_FROM_DEBUGGER 0x00000004
#define THREAD_CREATE_FLAGS_HAS_SECURITY_DESCRIPTOR 0x00000010 // ?
#define THREAD_CREATE_FLAGS_ACCESS_CHECK_IN_TARGET 0x00000020 // ?
#define THREAD_CREATE_FLAGS_INITIAL_THREAD 0x00000080
typedef struct _OBJECT_ATTRIBUTES {
ULONG Length;
HANDLE RootDirectory;
UNICODE_STRING* ObjectName;
ULONG Attributes;
PVOID SecurityDescriptor;
PVOID SecurityQualityOfService;
} OBJECT_ATTRIBUTES;
typedef OBJECT_ATTRIBUTES *POBJECT_ATTRIBUTES;
using NTSTATUS = LONG;
#define NT_SUCCESS(x) ((x)>=0)
typedef NTSTATUS( __stdcall* NtCreateThreadEx_t )(
OUT PHANDLE ThreadHandle,
IN ACCESS_MASK DesiredAccess,
IN OPTIONAL POBJECT_ATTRIBUTES ObjectAttributes,
IN HANDLE ProcessHandle,
IN LPTHREAD_START_ROUTINE StartRoutine,
IN OPTIONAL LPVOID Parameter,
IN ULONG CreateFlags,
IN OPTIONAL SIZE_T StackZeroBits,
IN OPTIONAL SIZE_T SizeOfStackCommit,
IN OPTIONAL SIZE_T SizeOfStackReserve,
IN OPTIONAL LPVOID AttributeList
);
typedef NTSTATUS( __stdcall* NtClose_t )( HANDLE );