x64dbg
/
TitanEngine
mirror of https://github.com/x64dbg/TitanEngine
1
0
Fork 0
Code Releases Activity

fixed thread start address

This commit is contained in:
NtQuery 2014-03-16 17:21:43 +01:00
parent 2ebf55ebba
commit b427a1f218
1 changed files with 7 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
TitanEngine/TitanEngine.Threader.cpp
View File

@ -53,7 +53,7 @@ __declspec(dllexport) bool TITCALL ThreaderImportRunningThreadData(DWORD Process
NewThreadData.ContextSwitches = pIterThread->ContextSwitches; NewThreadData.ContextSwitches = pIterThread->ContextSwitches;
NewThreadData.Priority = pIterThread->Priority; NewThreadData.Priority = pIterThread->Priority;
NewThreadData.BasePriority = pIterThread->BasePriority; NewThreadData.BasePriority = pIterThread->BasePriority;
NewThreadData.ThreadStartAddress = pIterThread->StartAddress; //NewThreadData.ThreadStartAddress = pIterThread->StartAddress; <- wrong value
NewThreadData.ThreadState = pIterThread->ThreadState; NewThreadData.ThreadState = pIterThread->ThreadState;
NewThreadData.WaitReason = pIterThread->WaitReason; NewThreadData.WaitReason = pIterThread->WaitReason;
NewThreadData.WaitTime = pIterThread->WaitTime; NewThreadData.WaitTime = pIterThread->WaitTime;
@ -63,6 +63,12 @@ __declspec(dllexport) bool TITCALL ThreaderImportRunningThreadData(DWORD Process
if (NewThreadData.hThread) if (NewThreadData.hThread)
{ {
NewThreadData.TebAddress = GetTEBLocation(NewThreadData.hThread); NewThreadData.TebAddress = GetTEBLocation(NewThreadData.hThread);
PVOID startAddress = 0;
if (NtQueryInformationThread(NewThreadData.hThread, ThreadQuerySetWin32StartAddress, &startAddress, sizeof(PVOID), NULL) == STATUS_SUCCESS)
{
NewThreadData.ThreadStartAddress = startAddress;
}
} }
hListThread.push_back(NewThreadData); hListThread.push_back(NewThreadData);