Hi All,
I want to see the data type of system handle information returned by
ZwQuerySystemInformation using dt command. what command I should
use. Actually I dont know what to write instead of XXXX in following
command…
dt nt!XXXX
Thanks & Regards,
Amit.
That makes two of us - ZwQuerySystemInformation().
What information class are you using?
mm
I am using SystemHandleInformation (16 value)
As far as I know, it’s not documented, so other than trying the two obvious values (which don’t appear to work on my target, at least), I’m not sure what to suggest.
nt!_SYSTEM_HANDLE_INFORMATION
nt!SYSTEM_HANDLE_INFORMATION
I suppose that it’s possible that it could be in ntdll.pdb.
Good luck,
mm
No it is giving me error Symbol _SYSTEM_HANDLE_INFORMATION not found.
Did you tried it with your debugger
Yes, I tried and it and that’s what I got too - not found.
mm
Can any one tell me the structure of SYSTEM_HANDLE_INFORMATION
on 32 bit as well as 64 bit OS.
What about the !handle command, that should give the same information ?
//Daniel
wrote in message news:xxxxx@ntdev…
> Hi All,
>
> I want to see the data type of system handle information returned by
> ZwQuerySystemInformation using dt command. what command I should
> use. Actually I dont know what to write instead of XXXX in following
> command…
>
> dt nt!XXXX
>
> Thanks & Regards,
> Amit.
>
It’s an undocumented structure. Google will give you a definition, though
due to the fact that it’s undocumented you won’t have any way of knowing if
it’s the right one (or if it won’t change in the future).
Why are you down this road in the first place?
-scott
–
Scott Noone
Consulting Associate
OSR Open Systems Resources, Inc.
http://www.osronline.com
wrote in message news:xxxxx@ntdev…
> Can any one tell me the structure of SYSTEM_HANDLE_INFORMATION
> on 32 bit as well as 64 bit OS.
>