void
*
Stack
=
NULL;
INITIAL_TEB InitialTeb
=
{
0
};
InitialTeb.OldInitialTeb.OldStackBase
=
NULL;
InitialTeb.OldInitialTeb.OldStackLimit
=
NULL;
InitialTeb.StackAllocationBase
=
Stack;
InitialTeb.StackBase
=
(void
*
)((ULONG64)Stack
+
0x2000
-
0x100
);
InitialTeb.StackLimit
=
Stack;
SIZE_T CommittedStackSize
=
0x2000
;
NTSTATUS retStatus
=
ZwAllocateVirtualMemory(hProces, (PVOID
*
)&Stack,
0
, &CommittedStackSize, MEM_COMMIT, PAGE_READWRITE);
if
(!NT_SUCCESS(retStatus)) {
DbgPrint(
"创建内存失败\n"
);
return
status;
}
DbgPrint(
"Stack = %p\n"
, Stack);
CONTEXT context
=
{
0
};
RtlInitializeContext(hProces, &context, (void
*
)
0
, (void
*
)
0x0040101D
, (void
*
)((ULONG64)Stack
-
0x100
));
HANDLE hThread
=
NULL;
CLIENT_ID cid;
retStatus
=
pNtCreateThread(&hThread, THREAD_ALL_ACCESS, NULL, hProces, &cid, &context, &InitialTeb, FALSE);
if
(!NT_SUCCESS(retStatus)) {
DbgPrint(
"创建线程失败 = %08X\n"
, retStatus);
return
status;
}