Sign in to follow this  
Followers 0
eracross

Thread address.

2 posts in this topic

Guys how can i get the address of a thread? :graduated:

something like this "StartAddress"

Share this post


Link to post
Share on other sites



#2 ·  Posted (edited)

You'll need to open a thread handle with THREAD_QUERY_INFORMATION access, and you can retrieve the start address using something along the lines of the below code. (Note '-2' is a pseudo-handle to the current thread):

Local $iPtrSz=4,$aRet,$hThread=Ptr(-2)
If @AutoItX64 Then $iPtrSz*=2
$aRet=DllCall("ntdll.dll","long","NtQueryInformationThread","handle",$hThread,"int",9,"ptr*",0,"ulong",$iPtrSz,"ulong*",0)
If Not @error And $aRet[0]=0 And $aRet[5]=$iPtrSz Then
    ConsoleWrite("Start address:"&$aRet[3]&@CRLF)
Else
    ConsoleWrite("Error getting start address"&@CRLF)
EndIf

*edit: added @error check

Edited by Ascend4nt

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0