NtdllBase.cpp
1 #include "pch.h" 2 3 #include "NtdllBase.h" 4 5 Ntdll::Ntdll() 6 { 7 m_module = GetModuleHandleW(L"ntdll.dll"); 8 if (m_module == 0) 9 { 10 throw std::runtime_error{ "GetModuleHandleW returned null" }; 11 } 12 13 m_NtQuerySystemInformation = reinterpret_cast<NtQuerySystemInformation_t>(GetProcAddress(m_module, "NtQuerySystemInformation")); 14 if (m_NtQuerySystemInformation == 0) 15 { 16 throw std::runtime_error{ "GetProcAddress returned null for NtQuerySystemInformation" }; 17 } 18 19 m_NtDuplicateObject = reinterpret_cast<NtDuplicateObject_t>(GetProcAddress(m_module, "NtDuplicateObject")); 20 if (m_NtDuplicateObject == 0) 21 { 22 throw std::runtime_error{ "GetProcAddress returned null for NtDuplicateObject" }; 23 } 24 25 m_NtQueryObject = reinterpret_cast<NtQueryObject_t>(GetProcAddress(m_module, "NtQueryObject")); 26 if (m_NtQueryObject == 0) 27 { 28 throw std::runtime_error{ "GetProcAddress returned null for NtQueryObject" }; 29 } 30 } 31 32 NTSTATUS Ntdll::NtQuerySystemInformation( 33 ULONG SystemInformationClass, 34 PVOID SystemInformation, 35 ULONG SystemInformationLength, 36 PULONG ReturnLength) 37 { 38 return m_NtQuerySystemInformation(SystemInformationClass, SystemInformation, SystemInformationLength, ReturnLength); 39 } 40 41 NTSTATUS Ntdll::NtDuplicateObject( 42 HANDLE SourceProcessHandle, 43 HANDLE SourceHandle, 44 HANDLE TargetProcessHandle, 45 PHANDLE TargetHandle, 46 ACCESS_MASK DesiredAccess, 47 ULONG Attributes, 48 ULONG Options) 49 { 50 return m_NtDuplicateObject(SourceProcessHandle, SourceHandle, TargetProcessHandle, TargetHandle, DesiredAccess, Attributes, Options); 51 } 52 53 NTSTATUS Ntdll::NtQueryObject( 54 HANDLE ObjectHandle, 55 ULONG ObjectInformationClass, 56 PVOID ObjectInformation, 57 ULONG ObjectInformationLength, 58 PULONG ReturnLength) 59 { 60 return m_NtQueryObject(ObjectHandle, ObjectInformationClass, ObjectInformation, ObjectInformationLength, ReturnLength); 61 }