This Blog Has Been Moved !

This Blog Has been moved to

It is really amazing how the .NET Framework has made the development tasks easier. The Framework Class Library is undoubtedly an extremely rich set of API’s. I wanted to dump the entire address space of any process. So, I thought of doing a small Dump Tool in the free time which I get occasionally in the evenings or on weekends. I’ll post the complete code when it’s complete.

Anyway I wrote the following C++ code to get SeDebugPrivilige for a process. SeDebugPrivilige allows any process to access memory and other information of operating system processes which you do not have access to otherwise.

BOOL CTaskManagerDlg::SetPrivilege()


   HANDLE hToken;
   LUID luid;
   DWORD cbPrevious=sizeof(TOKEN_PRIVILEGES);

     return FALSE;

   if(!LookupPrivilegeValue( NULL, SE_DEBUG_NAME, &luid ))
     return FALSE;
   tp.PrivilegeCount           = 1;
   tp.Privileges[0].Luid       = luid;
   tp.Privileges[0].Attributes = 0;

   if (GetLastError() != ERROR_SUCCESS)
     return FALSE;

   tpPrevious.PrivilegeCount       = 1;
   tpPrevious.Privileges[0].Luid   = luid;

   AdjustTokenPrivileges(hToken,FALSE, &tpPrevious,cbPrevious,
   if (GetLastError() != ERROR_SUCCESS)
     return FALSE;

   return TRUE;


This code has been taken mostly from the MSDN Article Article ID: Q131065

To do all this from C# you just need to call a simple function J



Yes ! Its that easy. The Base Class Library is quite rich but you only have to find the things. However, I still could not find the equivalent of Functions from the native ToolHelp32 library defined in the Kernel32.dll. So, I have to write a complete PInvoke wrapper for that. I will post the complete code on the weekend.


Can anyone tell me where to find .NET Equivalents of  ToolHelp32 Functions ?



4 comments have been posted.