Jump to content

[VB6]GetProcessID using PEB (Process Enviroment Block)

- - - - -
Started by kresh7, Sep 25 2009 07:15 AM

  • Please log in to reply
No replies to this topic

#1
kresh7
Posted 25 September 2009 - 07:15 AM

kresh7

    Programming God

  • Members
  • PipPipPipPipPipPipPip
  • 661 posts
Ok Days ago i did this function to get The ProcessID using PEB by reading THE FS = Segment Registry on position 0x20 

Option Explicit

Private Declare Function NtCurrentTeb Lib "NTDLL" () As Long

Private Declare Sub CopyMemory _

                Lib "kernel32" _

                Alias "RtlMoveMemory" (pDst As Any, _

                                       pSrc As Any, _

                                       ByVal ByteLen As Long)

Private Declare Sub GetMem4 Lib "MSVBVM60" (ByVal Addr As Long, ByRef RetVal As Long)


Public Function GetProIDbyGetMem4() As Long

    Dim MemBuffer As Long

    Call GetMem4(NtCurrentTeb + &H20&, MemBuffer)

    GetProIDbyGetMem4 = MemBuffer

End Function

Hope this comes handle for anyone of you guys
Posted Image

Back to Classes and Code Snippets


1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users



  1. CODECALL Programming Forum
  2. Programming Tutorials
  3. Classes and Code Snippets
IPB skins by Skinbox