PEB - NtQueryInformationnProcess is undefined
So, I need to acess the PEB structure to retrieve some information about the process, namely the dwBuildNumber and OSMajorVersion fields.
I tried to achieve that with the following code:
char nt_func[] = "NtQueryInformationProcess";
HINSTANCE dll_handle;
dll_handle = LoadLibrary(TEXT("C:\\Windows\\System32\\ntdll.dll"));
if (dll_handle == NULL)
exit(EXIT_FAILURE);
else
{
cout << "dll handle: " << dll_handle << endl << endl;
HANDLE nt_proc = GetProcAddress(dll_handle, nt_func);
if (nt_proc == NULL)
exit(EXIT_FAILURE);
}
HANDLE p_handle = GetCurrentProcess();
NTSTATUS status;
PROCESS_BASIC_INFORMATION info_buff;
status = NtQueryInformationProcess(p_handle, 0, &info_buff, sizeof(PROCESS_BASIC_INFO), NULL);
PPEB p_peb = info_buff.PebBaseAddress;
ULONG bn = p_peb->dwBuildNumber;
ULONG os_mv = p_peb->OsMajorVersion;
VisualStudio, however, won't even compile this, stating that the identifiers PROCESS_BASIC_INFORMATION,PPEB and NtQueryInformationProcess are undefined.
Why am I getting these errors, and how do I fix this?
I tried to achieve that with the following code:
char nt_func[] = "NtQueryInformationProcess";
HINSTANCE dll_handle;
dll_handle = LoadLibrary(TEXT("C:\\Windows\\System32\\ntdll.dll"));
if (dll_handle == NULL)
exit(EXIT_FAILURE);
else
{
cout << "dll handle: " << dll_handle << endl << endl;
HANDLE nt_proc = GetProcAddress(dll_handle, nt_func);
if (nt_proc == NULL)
exit(EXIT_FAILURE);
}
HANDLE p_handle = GetCurrentProcess();
NTSTATUS status;
PROCESS_BASIC_INFORMATION info_buff;
status = NtQueryInformationProcess(p_handle, 0, &info_buff, sizeof(PROCESS_BASIC_INFO), NULL);
PPEB p_peb = info_buff.PebBaseAddress;
ULONG bn = p_peb->dwBuildNumber;
ULONG os_mv = p_peb->OsMajorVersion;
VisualStudio, however, won't even compile this, stating that the identifiers PROCESS_BASIC_INFORMATION,PPEB and NtQueryInformationProcess are undefined.
Why am I getting these errors, and how do I fix this?
Комментарии
Отправить комментарий