Examples of org.rzo.yajsw.os.ms.win.w32.WindowsXPProcess$Ntdll$PROCESS_BASIC_INFORMATION

org.rzo.yajsw.os.ms.win.w32.WindowsXPProcess.Ntdll.RTL_USER_PROCESS_PARAMETERS
The Class PROCESS_BASIC_INFORMATION.

      hProcess = MyKernel32.INSTANCE.OpenProcess(MyKernel32.PROCESS_QUERY_INFORMATION, false, pid);
    if (hProcess == null)
      return null;


    result._pid = pid;
    result._processInformation = new PROCESS_INFORMATION();
    result._processInformation.dwProcessId = pid;
    result._processInformation.hProcess = hProcess;
    result._cmd = result.getCommandLineInternal();
    // this does not always work (why ??), if so try again, then this
    // normally does

View Full Code Here

    try
    {
      destroyed = false;
      _startupInfo = new STARTUPINFO();
      _startupInfo.clear();
      _processInformation = new PROCESS_INFORMATION();
      _processInformation.clear();
      if (_pipeStreams)
      {
        if (sa == null)
        {

View Full Code Here

      _processInformation.clear();
      if (_pipeStreams)
      {
        if (sa == null)
        {
          sa = new SECURITY_ATTRIBUTES();
          sa.clear();
          sa.nLength = sa.size();
          sa.lpSecurityDescriptor = null;
          sa.bInheritHandle = true;// 1; // true otherwise streams are
          // not piped

View Full Code Here

      return false;
    }
    try
    {
      destroyed = false;
      _startupInfo = new STARTUPINFO();
      _startupInfo.clear();
      _processInformation = new PROCESS_INFORMATION();
      _processInformation.clear();
      if (_pipeStreams)
      {

View Full Code Here

    if (ret == 0)
    {
      pbi.read();
      if (pbi.PebBaseAddress != null)
      {
        PEB peb = new PEB();
        // System.out.println(""+1);
        if (readVirtualMemoryToStructure(pbi.PebBaseAddress, peb))
          if (peb.ProcessParameters != null)
          {
            RTL_USER_PROCESS_PARAMETERS userParams = new RTL_USER_PROCESS_PARAMETERS();

View Full Code Here

    if (ret == 0)
    {
      pbi.read();
      if (pbi.PebBaseAddress != null)
      {
        PEB64 peb = new PEB64();
        // System.out.println("64 " + 1);
        if (readVirtualMemoryToStructure(pbi.PebBaseAddress, peb))
          if (peb.ProcessParameters != null)
          {
            RTL_USER_PROCESS_PARAMETERS userParams = new RTL_USER_PROCESS_PARAMETERS();

View Full Code Here

   */
  String getCommandLineInternal()
  {
    // System.out.println("get command internal "+getPid());
    String result = "?";
    PROCESS_BASIC_INFORMATION pbi = null;


    pbi = new PROCESS_BASIC_INFORMATION();
    IntByReference returnLength = new IntByReference();
    HANDLE hProcess = _processInformation.hProcess;
    int pbiSize = pbi.size(); // x64 = 48 bytes, x32 = 24
    int ret = Ntdll.INSTANCE.ZwQueryInformationProcess(hProcess, (byte) 0, pbi.getPointer(), pbiSize, returnLength);
    if (ret == 0)
    {
      pbi.read();
      if (pbi.PebBaseAddress != null)
      {
        PEB peb = new PEB();
        // System.out.println(""+1);
        if (readVirtualMemoryToStructure(pbi.PebBaseAddress, peb))

View Full Code Here

  // PEB64.ProcessParameters is empty
  String getCommandLineInternal64()
  {
    log("get command internal 64 " + getPid());
    String result = "?";
    PROCESS_BASIC_INFORMATION pbi = null;


    pbi = new PROCESS_BASIC_INFORMATION();
    IntByReference returnLength = new IntByReference();
    HANDLE hProcess = _processInformation.hProcess;
    int size = pbi.size();
    int ret = Ntdll.INSTANCE.ZwQueryInformationProcess(hProcess, (byte) 0, pbi.getPointer(), size, returnLength);
    if (ret == 0)
    {
      pbi.read();
      if (pbi.PebBaseAddress != null)
      {
        PEB64 peb = new PEB64();
        // System.out.println("64 " + 1);
        if (readVirtualMemoryToStructure(pbi.PebBaseAddress, peb))

View Full Code Here

        PEB peb = new PEB();
        // System.out.println(""+1);
        if (readVirtualMemoryToStructure(pbi.PebBaseAddress, peb))
          if (peb.ProcessParameters != null)
          {
            RTL_USER_PROCESS_PARAMETERS userParams = new RTL_USER_PROCESS_PARAMETERS();
            int userParamsSize = userParams.size(); //x32 = 784, x64 = 1264
            // System.out.println(""+2);
            if (readVirtualMemoryToStructure(peb.ProcessParameters, userParams))
            {
              // System.out.println("MaximumLength "+userParams.CommandLine.MaximumLength);
              if (userParams.CommandLine.MaximumLength > 0)

View Full Code Here

        PEB64 peb = new PEB64();
        // System.out.println("64 " + 1);
        if (readVirtualMemoryToStructure(pbi.PebBaseAddress, peb))
          if (peb.ProcessParameters != null)
          {
            RTL_USER_PROCESS_PARAMETERS userParams = new RTL_USER_PROCESS_PARAMETERS();
            // System.out.println("64 " + 2);
            if (readVirtualMemoryToStructure(peb.ProcessParameters, userParams))
            {
              // System.out.println("MaximumLength " +
              // userParams.CommandLine.MaximumLength);

View Full Code Here

0 1

TOP

Related Classes of org.rzo.yajsw.os.ms.win.w32.WindowsXPProcess$Ntdll$PROCESS_BASIC_INFORMATION

com.sun.jna.Memory

com.sun.jna.NativeLong

com.sun.jna.platform.win32.WinNT.HANDLE

com.sun.jna.Pointer

com.sun.jna.ptr.IntByReference

com.sun.jna.ptr.LongByReference

com.sun.jna.ptr.NativeLongByReference

com.sun.jna.ptr.PointerByReference

com.sun.jna.StringBlock

com.sun.jna.WString

All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.