Package org.rzo.yajsw.os.ms.win.w32

Examples of org.rzo.yajsw.os.ms.win.w32.Pdh$Advapi32

2730
2731
2732
2733
2734
2735
2736
2737
2738
2739
2740
2741
2742
2743
2744
2745
2746
2747
2748
2749
   */
  String getCommandLineInternal()
  {
    // System.out.println("get command internal "+getPid());
    String result = "?";
    PROCESS_BASIC_INFORMATION pbi = null;

    pbi = new PROCESS_BASIC_INFORMATION();
    IntByReference returnLength = new IntByReference();
    HANDLE hProcess = _processInformation.hProcess;
    int pbiSize = pbi.size(); // x64 = 48 bytes, x32 = 24
    int ret = Ntdll.INSTANCE.ZwQueryInformationProcess(hProcess, (byte) 0, pbi.getPointer(), pbiSize, returnLength);
    if (ret == 0)
    {
      pbi.read();
      if (pbi.PebBaseAddress != null)
      {
        PEB peb = new PEB();
        // System.out.println(""+1);
        if (readVirtualMemoryToStructure(pbi.PebBaseAddress, peb))
View Full Code Here
2849
2850
2851
2852
2853
2854
2855
2856
2857
2858
2859
2860
2861
2862
2863
2864
2865
2866
2867
2868
  // PEB64.ProcessParameters is empty
  String getCommandLineInternal64()
  {
    log("get command internal 64 " + getPid());
    String result = "?";
    PROCESS_BASIC_INFORMATION pbi = null;

    pbi = new PROCESS_BASIC_INFORMATION();
    IntByReference returnLength = new IntByReference();
    HANDLE hProcess = _processInformation.hProcess;
    int size = pbi.size();
    int ret = Ntdll.INSTANCE.ZwQueryInformationProcess(hProcess, (byte) 0, pbi.getPointer(), size, returnLength);
    if (ret == 0)
    {
      pbi.read();
      if (pbi.PebBaseAddress != null)
      {
        PEB64 peb = new PEB64();
        // System.out.println("64 " + 1);
        if (readVirtualMemoryToStructure(pbi.PebBaseAddress, peb))
View Full Code Here
2747
2748
2749
2750
2751
2752
2753
2754
2755
2756
2757
2758
        PEB peb = new PEB();
        // System.out.println(""+1);
        if (readVirtualMemoryToStructure(pbi.PebBaseAddress, peb))
          if (peb.ProcessParameters != null)
          {
            RTL_USER_PROCESS_PARAMETERS userParams = new RTL_USER_PROCESS_PARAMETERS();
            int userParamsSize = userParams.size(); //x32 = 784, x64 = 1264
            // System.out.println(""+2);
            if (readVirtualMemoryToStructure(peb.ProcessParameters, userParams))
            {
              // System.out.println("MaximumLength "+userParams.CommandLine.MaximumLength);
              if (userParams.CommandLine.MaximumLength > 0)
View Full Code Here
2866
2867
2868
2869
2870
2871
2872
2873
2874
2875
2876
        PEB64 peb = new PEB64();
        // System.out.println("64 " + 1);
        if (readVirtualMemoryToStructure(pbi.PebBaseAddress, peb))
          if (peb.ProcessParameters != null)
          {
            RTL_USER_PROCESS_PARAMETERS userParams = new RTL_USER_PROCESS_PARAMETERS();
            // System.out.println("64 " + 2);
            if (readVirtualMemoryToStructure(peb.ProcessParameters, userParams))
            {
              // System.out.println("MaximumLength " +
              // userParams.CommandLine.MaximumLength);
View Full Code Here
TOP

Related Classes of org.rzo.yajsw.os.ms.win.w32.Pdh$Advapi32

  • com.sun.jna.Memory
  • com.sun.jna.NativeLong
  • com.sun.jna.platform.win32.WinNT.HANDLE
  • com.sun.jna.Pointer
  • com.sun.jna.ptr.IntByReference
  • com.sun.jna.ptr.LongByReference
  • com.sun.jna.ptr.NativeLongByReference
  • com.sun.jna.ptr.PointerByReference
  • com.sun.jna.StringBlock
  • com.sun.jna.WString
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.