#include "stdafx.h"
#include "SystemInfoAccessor.h"
CSystemInfoAccessor g_SIA;
CSystemInfoAccessor::CSystemInfoAccessor()
{
m_pZwQuerySystemInformation = NULL;
m_pZwReadVirtualMemory = NULL;
m_pNtQueryInformationProcess = NULL;
HMODULE hModule = ::GetModuleHandle(_T("ntdll.dll"));
if(hModule)
{
m_pZwQuerySystemInformation = (ZwQuerySystemInformationType)::GetProcAddress(hModule, "ZwQuerySystemInformation");
m_pZwReadVirtualMemory = (ZwReadVirtualMemoryType)::GetProcAddress(hModule, "ZwReadVirtualMemory");
m_pNtQueryInformationProcess = (NtQueryInformationProcessType)::GetProcAddress(hModule, "NtQueryInformationProcess");
}
m_pGetProcessHandleCount = NULL;
m_pCheckRemoteDebuggerPresent = NULL;
hModule = ::GetModuleHandle(_T("kernel32.dll"));
if(hModule)
{
m_pGetProcessHandleCount = (GetProcessHandleCountType)::GetProcAddress(hModule, "GetProcessHandleCount");
m_pCheckRemoteDebuggerPresent = (CheckRemoteDebuggerPresentType)::GetProcAddress(hModule, "CheckRemoteDebuggerPresent");
}
}
LONG CSystemInfoAccessor::ZwQuerySystemInformation(ULONG SystemInformationClass, PVOID SystemInformation, ULONG SystemInformationLength, PULONG ReturnLength)
{
if(!g_SIA.m_pZwQuerySystemInformation)
return 0;
return g_SIA.m_pZwQuerySystemInformation(SystemInformationClass, SystemInformation, SystemInformationLength, ReturnLength);
}
LONG CSystemInfoAccessor::ZwReadVirtualMemory(HANDLE ProcessHandle, PVOID BaseAddress, PVOID Buffer, ULONG BufferLength, PULONG ReturnLength)
{
if(!g_SIA.m_pZwReadVirtualMemory)
return 0;
return g_SIA.m_pZwReadVirtualMemory(ProcessHandle, BaseAddress, Buffer, BufferLength, ReturnLength);
}
LONG CSystemInfoAccessor::NtQueryInformationProcess(HANDLE ProcessHandle, PROCESSINFOCLASS ProcessInformationClass, PVOID ProcessInformation, ULONG ProcessInformationLength, PULONG ReturnLength)
{
if(!g_SIA.m_pNtQueryInformationProcess)
return 0;
return g_SIA.m_pNtQueryInformationProcess(ProcessHandle, ProcessInformationClass, ProcessInformation, ProcessInformationLength, ReturnLength);
}
BOOL CSystemInfoAccessor::GetProcessHandleCount(HANDLE hProcess, PDWORD pdwHandleCount)
{
if(!g_SIA.m_pGetProcessHandleCount || !pdwHandleCount)
return FALSE;
return g_SIA.m_pGetProcessHandleCount(hProcess, pdwHandleCount);
}
BOOL CSystemInfoAccessor::CheckRemoteDebuggerPresent(HANDLE hProcess, PBOOL pbDebuggerPresent)
{
if(!g_SIA.m_pCheckRemoteDebuggerPresent || !pbDebuggerPresent)
return FALSE;
return g_SIA.m_pCheckRemoteDebuggerPresent(hProcess, pbDebuggerPresent);
}