Click here to Skip to main content
15,894,646 members
Search within:


Articles / Programming Languages / Visual Basic 6
 

Professional System Library: Introduction

Rate me:
Please Sign up or sign in to vote.
4.84/5 (93 votes)
22 Nov 2010CPOL14 min read 194.3K   3.4K   232  
A simplified and unified way for accessing most frequently used information about Process, System, and Environment.
 
#include "stdafx.h"
#include "SystemInfoAccessor.h"

CSystemInfoAccessor g_SIA;

CSystemInfoAccessor::CSystemInfoAccessor()
{
	m_pZwQuerySystemInformation = NULL;
	m_pZwReadVirtualMemory = NULL;
	m_pNtQueryInformationProcess = NULL;

	HMODULE hModule = ::GetModuleHandle(_T("ntdll.dll"));
	if(hModule)
	{
		m_pZwQuerySystemInformation = (ZwQuerySystemInformationType)::GetProcAddress(hModule, "ZwQuerySystemInformation");
		m_pZwReadVirtualMemory = (ZwReadVirtualMemoryType)::GetProcAddress(hModule, "ZwReadVirtualMemory");
		m_pNtQueryInformationProcess = (NtQueryInformationProcessType)::GetProcAddress(hModule, "NtQueryInformationProcess");
	}

	m_pGetProcessHandleCount = NULL;
	m_pCheckRemoteDebuggerPresent = NULL;

	hModule = ::GetModuleHandle(_T("kernel32.dll"));
	if(hModule)
	{
		m_pGetProcessHandleCount = (GetProcessHandleCountType)::GetProcAddress(hModule, "GetProcessHandleCount");
		m_pCheckRemoteDebuggerPresent = (CheckRemoteDebuggerPresentType)::GetProcAddress(hModule, "CheckRemoteDebuggerPresent");
	}
}

LONG CSystemInfoAccessor::ZwQuerySystemInformation(ULONG SystemInformationClass, PVOID SystemInformation, ULONG SystemInformationLength, PULONG ReturnLength)
{
	if(!g_SIA.m_pZwQuerySystemInformation)
		return 0;

	return g_SIA.m_pZwQuerySystemInformation(SystemInformationClass, SystemInformation, SystemInformationLength, ReturnLength);
}

LONG CSystemInfoAccessor::ZwReadVirtualMemory(HANDLE ProcessHandle, PVOID BaseAddress, PVOID Buffer, ULONG BufferLength, PULONG ReturnLength)
{
	if(!g_SIA.m_pZwReadVirtualMemory)
		return 0;

	return g_SIA.m_pZwReadVirtualMemory(ProcessHandle, BaseAddress, Buffer, BufferLength, ReturnLength);
}

LONG CSystemInfoAccessor::NtQueryInformationProcess(HANDLE ProcessHandle, PROCESSINFOCLASS ProcessInformationClass, PVOID ProcessInformation, ULONG ProcessInformationLength, PULONG ReturnLength)
{
	if(!g_SIA.m_pNtQueryInformationProcess)
		return 0;

	return g_SIA.m_pNtQueryInformationProcess(ProcessHandle, ProcessInformationClass, ProcessInformation, ProcessInformationLength, ReturnLength);
}

BOOL CSystemInfoAccessor::GetProcessHandleCount(HANDLE hProcess, PDWORD pdwHandleCount)
{
	if(!g_SIA.m_pGetProcessHandleCount || !pdwHandleCount)
		return FALSE;

	return g_SIA.m_pGetProcessHandleCount(hProcess, pdwHandleCount);
}

BOOL CSystemInfoAccessor::CheckRemoteDebuggerPresent(HANDLE hProcess, PBOOL pbDebuggerPresent)
{
	if(!g_SIA.m_pCheckRemoteDebuggerPresent || !pbDebuggerPresent)
		return FALSE;

	return g_SIA.m_pCheckRemoteDebuggerPresent(hProcess, pbDebuggerPresent);
}

By viewing downloads associated with this article you agree to the Terms of Service and the article's licence.

If a file you wish to view isn't highlighted, and is a text file (not binary), please let us know and we'll add colourisation support for it.

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)


Written By
Vitaly Tomilov
Software Developer (Senior) Sibedge IT
Ireland Ireland
My online CV: cv.vitalytomilov.com

Comments and Discussions

Permalink
Advertise
Privacy
Cookies
Terms of Use
Layout: fixed | fluid

Posted 29 Jul 2008

Article Copyright 2008 by Vitaly Tomilov
Everything else Copyright © CodeProject, 1999-2024

Web02 2.8:2024-04-02:1