Type a page name and press Enter. You'll jump to the page if it exists, or you can create it if it doesn't.
To create a page in a module other than ntdll, prefix the name with the module name and a period.
[DllImport("ntdll.dll", SetLastError : true)]
def NtCreateUserProcess(
ref ProcessHandle as IntPtr,
ref ThreadHandle as IntPtr,
ProcessDesiredAccess as AccessMask,
ThreadDesiredAccess as AccessMask,
ProcessObjectAttributes as IntPtr,
ThreadObjectAttributes as IntPtr,
ProcessFlags as UInt32,
ThreadFlags as UInt32,
ProcessParameters as IntPtr,
ref CreateInfo as PS_CREATE_INFO,
ref AttributeList as PS_ATTRIBUTE_LIST) as UInt32:
pass
User-Defined Types:
// https://www.geoffchappell.com/studies/windows/km/ntoskrnl/api/ps/psexec/create_info.htm
// simplified version
struct PS_CREATE_INFO:
Size as UIntPtr
State as PS_CREATE_STATE
InitFlags as UInt32
AdditionalFileAccess as UInt32
struct PS_ATTRIBUTE:
Attribute as UInt64
Size as UIntPtr
Value as IntPtr
ReturnLength as IntPtr
// you might need more or less elements than 3
struct PS_ATTRIBUTE_LIST:
TotalLength as UIntPtr
[MarshalAs(UnmanagedType.ByValArray, SizeConst : 3)]
Attributes as (PS_ATTRIBUTE)
Alternative Managed API:
Do you know one? Please contribute it!
Notes:
None.
Tips & Tricks:
Please add some!
Sample Code:
Please add some!
Please edit this page!
Do you have...
helpful tips or sample code to share for using this API in managed code?
corrections to the existing content?
variations of the signature you want to share?
additional languages you want to include?
Select "Edit This Page" on the right hand toolbar and edit it! Or add new pages containing supporting types needed for this API (structures, delegates, and more).