Sunday, January 30, 2011

Creates a thread that runs in the virtual address space of another process.

Tip - CreateRemoteThread()

Details - The CreateRemoteThread function causes a new thread of execution to begin in the address space of the specified process. The thread has access to all objects that the process opens.

HANDLE WINAPI CreateRemoteThread(
  __in   HANDLE hProcess,
  __in   LPSECURITY_ATTRIBUTES lpThreadAttributes,
  __in   SIZE_T dwStackSize,
  __in   LPTHREAD_START_ROUTINE lpStartAddress,
  __in   LPVOID lpParameter,
  __in   DWORD dwCreationFlags,
  __out  LPDWORD lpThreadId
);

The hProcess parameter specifies a handle to the process in which the thread is to be created. If the function succeeds, the return value is a handle to the new thread. The new thread handle is created with full access to the new thread. If a security descriptor is not provided, the handle may be used in any function that requires a thread object handle. When a security descriptor is provided, an access check is performed on all subsequent uses of the handle before access is granted. If the access check denies access, the requesting process cannot use the handle to gain access to the thread. The thread object remains in the system until the thread has terminated and all handles to it are closed through a call to CloseHandle function.

Reference   -

Posted By : Velayudhan Pillai K

No comments:

Post a Comment