📄 ntinternals.h
字号:
#if !defined(AFX_NTINTERNALS_H__FD441B4D_D174_423B_9CB2_697D877CD065__INCLUDED_)
#define AFX_NTINTERNALS_H__FD441B4D_D174_423B_9CB2_697D877CD065__INCLUDED_
#if _MSC_VER > 1000
#pragma once
#endif // _MSC_VER > 1000
#include <afxwin.h>
typedef LONG NTSTATUS;
typedef int WINBOOL;
#define STDCALL _stdcall
class NTInternals {
typedef NTSTATUS (NTAPI *fcnZwSuspendThread)(HANDLE hThread, PULONG pSuspendCount);
typedef NTSTATUS (STDCALL *fcnZwSuspendProcess)(HANDLE Process);
typedef NTSTATUS (STDCALL *fcnZwResumeProcess)(HANDLE Process);
typedef WINBOOL (STDCALL *fcnDebugActiveProcessStop)(DWORD dwProcessId);
typedef DWORD (STDCALL *fcnGetProcessId)(HANDLE Process);
public:
WINBOOL STDCALL DebugActiveProcessStop(DWORD dwProcessId);
NTSTATUS NTAPI ZwSuspendThread(HANDLE hThread, PULONG pSuspendCount);
NTSTATUS STDCALL ZwSuspendProcess(HANDLE Process);
NTSTATUS STDCALL ZwResumeProcess(HANDLE Process);
DWORD STDCALL GetProcessId(HANDLE Process);
// Hide debugger from IsDebuggerPresent API calling into the victim process's space
BOOL HideDebugger(HANDLE thread, HANDLE hproc);
};
#endif //AFX_NTINTERNALS_H__FD441B4D_D174_423B_9CB2_697D877CD065__INCLUDED_⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -