madshi.net

Nico Bendlin wrote:Does somebody know which parameters should be passed to RtlWow64CallFunction64 (32-bit) to succeed (call 64-bit RtlpQueryProcessDebugInformationFromWow64)?

I somewhere found such information. Can do it to you it is useful. Excuse me, I didn't look at date of the message.

Kuzya69 wrote:Excuse me, I didn't look at date of the message.

No need to apologize, many thanks for sharing this information.

Does this really make it possible to call *any* 64bit function from a 32bit process? E.g. you can use that to create remote threads in 64bit processes?

Which OSs is this function supported?

I too am interested in this question of this function. If at you is, something new, show me please. I want to write the program for 32 bits to read memory of others 64 and 32 bits process. But I can't guess as from the 32-bit program to cause 64-bit function GetProcAddress.
I am beginning programmer, excuse me.

madshi wrote:Does this really make it possible to call *any* 64bit function from a 32bit process? E.g. you can use that to create remote threads in 64bit processes?

I told everything that I know about this function. I am not sure that my information will be suitable for your function. Maybe this info for ZwWow64CallFunction64 or NtWow64CallFunction64.

madshi wrote: Which OSs is this function supported?

It is necessary to look at the table of the exported functions for library "ntdll.dll" from the necessary operating system. If this function is in the table of export, the operating system means is supported.
In "Win7 max 64bit" this function is supported (Ordinal = 1281, EntryPoint = 19910).