This Blog Has Been Moved !
This Blog Has been moved to http://aleemkhan.wordpress.com
It is really amazing how the .NET Framework has made the development tasks easier. The Framework Class Library is undoubtedly an extremely rich set of API’s. I wanted to dump the entire address space of any process. So, I thought of doing a small Dump Tool in the free time which I get occasionally in the evenings or on weekends. I’ll post the complete code when it’s complete.
Anyway I wrote the following C++ code to get SeDebugPrivilige for a process. SeDebugPrivilige allows any process to access memory and other information of operating system processes which you do not have access to otherwise.
if(!LookupPrivilegeValue( NULL, SE_DEBUG_NAME, &luid ))
tpPrevious.PrivilegeCount = 1;
This code has been taken mostly from the MSDN Article Article ID: Q131065
To do all this from C# you just need to call a simple function J
Yes ! Its that easy. The Base Class Library is quite rich but you only have to find the things. However, I still could not find the equivalent of Functions from the native ToolHelp32 library defined in the Kernel32.dll. So, I have to write a complete PInvoke wrapper for that. I will post the complete code on the weekend.
RSS Feed for this Site
Archives by Date