Exetools

Exetools (https://forum.exetools.com/index.php)
-   General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)
-   -   ZwTerminateProcess (https://forum.exetools.com/showthread.php?t=5227)

Teerayoot 09-05-2004 00:27
ZwTerminateProcess
 
*From "Window Nt Native API Reference"
Quote:
ZwTerminateProcess terminates a process and the threads that it contains.
NTSYSAPI
NTSTATUS
NTAPI
ZwTerminateProcess(
IN HANDLE ProcessHandle OPTIONAL,
IN NTSTATUS ExitStatus
);
////////////////////////////////////////////////////////

I try to using this function but the process do not terminate ,here is my code snippet

//// Global ////
Quote:
#define NTSTATUS ULONG
typedef
NTSYSAPI
NTSTATUS
NTAPI
(*ZwTerminateProcess)(
IN HANDLE ProcessHandle OPTIONAL,
IN NTSTATUS ExitStatus
);
ZwTerminateProcess fZwTerminateProcess;
//// Use ////
Quote:
fZwTerminateProcess = (ZwTerminateProcess)GetProcAddress(GetModuleHandleA("ntdll.dll"),"ZwTerminateProcess");
fZwTerminateProcess(NULL,1);
All compiling made sucessfull ,but when the process do not terminate.
Do i make somethings wrong?:(

omega_red 09-05-2004 01:48
You should read carefully. If the process handle is 0, this function terminates all threads of current process, except current thread.

Teerayoot 09-05-2004 02:15
Quote:
Originally Posted by omega_red
You should read carefully. If the process handle is 0, this function terminates all threads of current process, except current thread.
except current thread Where u got that message?? :confused:


As it stated
ZwTerminateProcess terminates a process and the threads that it contains.

Quote:
Parameters
ProcessHandle
A handle to a process object.The handle must grant PROCESS_TERMINATE access. If this
value is zero, the current process is terminated.

I try pass NULL(0) as parameter as want to terminate current process ,but it do nothing.

omega_red 09-05-2004 02:30
Strange, that was citation from the book you've mentioned (actually, a polish translation). My edition is from year 2000.

Teerayoot 09-05-2004 02:45
Windows NT2000 Native API Reference - Gary Nebbett

Gary NebbettWho is he?He make me crazy!


I don't know the date publish ,i'm just download from internet.

lifewire 09-05-2004 03:05
that citate is in my book neither. (english edition)

omega_red 09-05-2004 03:20
This is quote from my paper version:

Quote:
Original title: "Windows NT/2000 Native API reference", Gary Nebbett, ISBN: 83-7197-508-2.
Authorized translation from the English language edition published by MTP
Copyright (c) 2000

Polish language edition published by Helion
Copyright (c) 2001
Description of ZwTerminateProcess is the same as yours, except this little difference mentioned above.


All times are GMT +8. The time now is 07:56.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX