hi, I need ProcessHandleToId function but I don`t want use madRemote,
can anybody give me a hint how to do this?
ProcessHandleToId() ?
This thread is old, nonetheless....
I posted this on madCodeHook area some time ago, I wrote it so that u would not need madRemote to do such thing and make light-weight replacement without needing to include remote unit, try using search feature next time. It works identical to Kernel32.GetProcessId() found in XP and greater OS's but also works on NT OS's previous to XP so it's better. There's a Thread Handle to Thread ID function there too.
--Iconic
I posted this on madCodeHook area some time ago, I wrote it so that u would not need madRemote to do such thing and make light-weight replacement without needing to include remote unit, try using search feature next time. It works identical to Kernel32.GetProcessId() found in XP and greater OS's but also works on NT OS's previous to XP so it's better. There's a Thread Handle to Thread ID function there too.
Code: Select all
type
PPROCESS_BASIC_INFORMATION = ^PROCESS_BASIC_INFORMATION;
PROCESS_BASIC_INFORMATION = packed record
ExitStatus: DWORD;
PebBaseAddress: Pointer;
AffinityMask: DWORD;
BasePriority: DWORD;
UniqueProcessId: DWORD;
InheritedUniquePID: DWORD;
end;
PClientID = ^TClientID;
TClientID = packed record
UniqueProcess: DWORD;
UniqueThread: DWORD;
end;
PTHREAD_BASIC_INFORMATION = ^THREAD_BASIC_INFORMATION;
THREAD_BASIC_INFORMATION = packed record
ExitStatus: DWORD;
TebBaseAddress: Pointer;
ClientId: TClientID;
AffinityMask: DWORD;
Priority: DWORD;
BasePriority: DWORD;
end;
TNtQueryInformationProcess = function(hProcess: THandle;
ProcessInformationClass: Integer;
var ProcessInformation;
ProcessInformationLength: Integer;
var ReturnLength: Integer): Integer; stdcall;
TNtQueryInformationThread = function(hThread: THandle;
ThreadInformationClass: Integer;
var ThreadInformation;
ThreadInformationLength: Integer;
var ReturnLength: Integer): Integer; stdcall;
const
ProcessBasicInformation = $00000000;
ThreadBasicInformation = ProcessBasicInformation;
PROCESS_QUERY_INFORMATION = $00000400;
THREAD_QUERY_INFORMATION = PROCESS_QUERY_INFORMATION shr 4;
NTDLL = 'NTDLL.dll';
function PHtoPID(const hProcess: THandle): Integer; stdcall; //ret -1 = fail
var
status: Integer;
pbi: PROCESS_BASIC_INFORMATION;
hDup: THandle;
NtQueryInformationProcess: TNtQueryInformationProcess;
ret: Integer;
begin
result :=-1;
if (not DuplicateHandle(GetCurrentProcess(),
hProcess,
GetCurrentProcess(),
@hDup,
PROCESS_QUERY_INFORMATION,
False,
0)) then Exit;
@NtQueryInformationProcess := GetProcAddress(GetModuleHandleW(NTDLL), 'NtQueryInformationProcess');
if @NtQueryInformationProcess = nil then
Exit;
ZeroMemory(@pbi, sizeof(pbi));
status := NtQueryInformationProcess(hDup,
ProcessBasicInformation,
pbi,
sizeof(pbi),
ret);
CloseHandle(hDup);
if (status >= 0) then
result := pbi.UniqueProcessId;
end;
function THtoTID(const hThread: THandle): Integer; stdcall; //ret -1 = fail
var
status: Integer;
tbi: THREAD_BASIC_INFORMATION;
hDup: THandle;
ret: Integer;
NtQueryInformationThread: TNtQueryInformationThread;
begin
result :=-1;
if (not DuplicateHandle(GetCurrentProcess(),
hThread,
GetCurrentProcess(),
@hDup,
THREAD_QUERY_INFORMATION,
False,
0)) then Exit;
@NtQueryInformationThread := GetProcAddress(GetModuleHandleW(NTDLL), 'NtQueryInformationThread');
if @NtQueryInformationThread = nil then
Exit;
ZeroMemory(@tbi, sizeof(tbi));
Status := NtQueryInformationThread(hDup,
ThreadBasicInformation,
tbi,
sizeof(tbi),
ret);
CloseHandle(hDup);
if (status >= 0) then
result := tbi.ClientId.UniqueThread;
end;
//* test it
initialization
if ((GetVersion and $80000000)= 0) then
begin
Assert((DWORD(GetCurrentThreadId()) = DWORD(THtoTID(GetCurrentThread()))), 'THtoTID() Failure!');
Assert((DWORD(GetCurrentProcessId()) = DWORD(PHtoPID(GetCurrentProcess()))), 'PHtoPID() Failure!');
end;