如何在NtCreateThreadEx(& ThreadHandle,...)中从其句柄获取线程ID? [英] How can I get Thread Id from its handle in NtCreateThreadEx(&ThreadHandle,...)?
本文介绍了如何在NtCreateThreadEx(& ThreadHandle,...)中从其句柄获取线程ID?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
嗨
如何从NtCreateThread(&ThreadHandle)系统调用或NtCreateThreadEx(&ThreadHandle,...)的句柄中获取线程ID?
我尝试通过调用NtQueryInformationThread来加载线程的信息,但是此系统调用失败并显示错误代码.现在,我需要一个解决方案来通过内核驱动程序中的线程句柄获取线程的ID,同时抑制访问该ID的所有限制,例如权限访问.
在此先感谢
Hi
How can I get Thread Id from its handle in NtCreateThread(&ThreadHandle) system call or NtCreateThreadEx(&ThreadHandle, ...)?
I try to load thread''s information by calling NtQueryInformationThread but this system call fails with ambiguous error code. Now I need a solution to get an ID of thread by its handle in kernel driver with suppressed all restriction in accessing to this ID ,e.g. Permission access.
Thanks in advance
推荐答案
在Windows中,这是这样的:https://msdn.microsoft.com/zh-CN/library/windows/desktop/ms683233%28v=vs.85%29.aspx [ ^ ].
请注意,这些句柄仅在单个进程内有效(可以由子进程直接继承);在其他过程中,相同的算术值可能有所不同或有意义. ID提供了系统范围内唯一的线程标识.
另请参阅: https://msdn.microsoft.com /en-us/library/windows/desktop/ms686746%28v=vs.85%29.aspx [
In Windows, this is how: https://msdn.microsoft.com/en-us/library/windows/desktop/ms683233%28v=vs.85%29.aspx[^].
Note that the handles are only valid inside a single process (it can be inherited as is by child processes); and the same arithmetic value can be something different or meaningful in other processes. IDs provides unique system-wide identification of threads.
See also: https://msdn.microsoft.com/en-us/library/windows/desktop/ms686746%28v=vs.85%29.aspx[^].
—SA
这篇关于如何在NtCreateThreadEx(& ThreadHandle,...)中从其句柄获取线程ID?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
