Re: Using ZwCreateProcess



AFAIK this is not defined in any DDK include file, it is an undocumented
call that will not do what you want. The steps to create a process involve
a lot of calls and the is no kernel equivalent of the user "CreateProcess"
call. While I have heard claims by people having done this in kernel, I
have never been able to find a working solution (most of the claims end up,
well we did these steps and it is obvious we could finish it).

By the way the executable is not specified in the OBJECT_ATTRIBUTES that is
for the attributes of the process object.

Now tell the group why you think you need this, and maybe we can suggest a
solution that works.


--
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
http://www.windrvr.com
Remove StopSpam from the email to reply


"Jon" <TheFakeJon@xxxxxxxxx> wrote in message
news:1153337337.678920.261300@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hello,

I am trying to call ZwCreateProcess defined in the Windows DDK, and I
was curious how I would go about using this to create a process. I
cannot find the parameter in which I provide the path to the executable
I would like to run. I am pretty certain though that I must fill the
OBJECT_ATTRIBUTES
struct. I am not sure which information must be provided though.

Thanks



.



Relevant Pages

  • Re: Using ZwCreateProcess
    ... a lot of calls and the is no kernel equivalent of the user "CreateProcess" ... have never been able to find a working solution (most of the claims end up, ... Don Burn (MVP, Windows DDK) ... I am trying to call ZwCreateProcess defined in the Windows DDK, ...
    (microsoft.public.win32.programmer.kernel)
  • Re: Using ZwCreateProcess
    ... Well the OP called it a DDK function. ... Don Burn (MVP, Windows DDK) ... have never been able to find a working solution (most of the claims end ...
    (microsoft.public.win32.programmer.kernel)
  • error: W2KBASE environment variable not set
    ... trying to compile "passThru" example of windows ddk in a VC++ 6.0 IDE... ...
    (microsoft.public.development.device.drivers)
  • Re: IoReuseIrp wont compile
    ... us, maybe not Walter, recommends BUILD and for Visual Studio a Makefile ... >> Windows DDK development", which I must admit sounds a little bit sad. ... >> the first point in developing a driver was to escape the DOS-based DDK ...
    (microsoft.public.development.device.drivers)
  • Re: IoReuseIrp wont compile
    ... Windows DDK Support ... > Windows DDK development", which I must admit sounds a little bit sad. ... >> Windows DDK Support ... done either in a command window set up ...
    (microsoft.public.development.device.drivers)