C# Signature:
[DllImport("ntdll.dll", SetLastError=true)]
static extern UInt32 ZwQueryInformationProcess(
IntPtr hProcess,
PROCESS_INFORMATION_CLASS procInformationClass,
ref PROCESS_BASIC_INFORMATION procInformation,
UInt32 ProcInfoLen,
ref UInt32 retlen);
Boo Signature:
[DllImport("ntdll.dll", SetLastError : true)]
def ZwQueryInformationProcess(
hProcess as IntPtr,
procInformationClass as Int32,
ref procInformation as PROCESS_BASIC_INFORMATION,
ProcInfoLen as UInt32,
ref retlen as UInt32) as UInt32:
pass
User-Defined Types:
[StructLayout(LayoutKind.Sequential)]
struct PROCESS_BASIC_INFORMATION:
Reserved1 as IntPtr
PebAddress as IntPtr
[MarshalAs(UnmanagedType.ByValArray, SizeConst : 2)]
Reserved2 as (IntPtr)
UniquePid as IntPtr
Reserved3 as IntPtr
enum PROCESS_INFORMATION_CLASS : Int32 {
ProcessBasicInformation = 0,
ProcessDebugPort = 7,
ProcessWow64Information = 26,
ProcessImageFileName = 27,
ProcessBreakOnTermination = 29,
ProcessSubsystemInformation = 75
}
Alternative Managed API:
Do you know one? Please contribute it!
Notes:
None.
Tips & Tricks:
Please add some!
Sample Code:
Please add some!
