Hi,
I’ve to get the thread CONTEXT of a process. I’ve attempt to use the
ZwGetContextThread/ZwSetContextThread but the linker don’t resolve the
Function name.
I’ve looked inside the ntdll.lib (WIN2K) and the entry
xxxxx@8 is present.
I’ve defined the fn prototype as follow:
NTSYSAPI
NTSTATUS
NTAPI
ZwGetContextThread(
IN HANDLE ThreadHandle,
OUT PCONTEXT pContext );
NTSYSAPI
NTSTATUS
NTAPI
ZwSetContextThread(
IN HANDLE ThreadHandle,
IN PCONTEXT Context );
For my project I’ve to get and set the thread’s starting point.
There is other’s ways to do the same things?
I’ve read that with ObReferenceObjectByHandle I could get the pointer to
the thread context, is true?
Thank’s