Process Hacker
Data Structures | Typedefs | Enumerations | Functions
hidnproc.h File Reference

Go to the source code of this file.

Data Structures

struct  _PH_HIDDEN_PROCESS_ENTRY
 
struct  _PH_CSR_HANDLE_INFO
 

Typedefs

typedef enum
_PH_HIDDEN_PROCESS_METHOD 		PH_HIDDEN_PROCESS_METHOD
 
typedef enum
_PH_HIDDEN_PROCESS_TYPE 		PH_HIDDEN_PROCESS_TYPE
 
typedef struct
_PH_HIDDEN_PROCESS_ENTRY 		PH_HIDDEN_PROCESS_ENTRY
 
typedef struct
_PH_HIDDEN_PROCESS_ENTRY		PPH_HIDDEN_PROCESS_ENTRY
 
typedef struct _PH_CSR_HANDLE_INFO PH_CSR_HANDLE_INFO
 
typedef struct
_PH_CSR_HANDLE_INFO		PPH_CSR_HANDLE_INFO
 
typedef BOOLEAN(NTAPI * PPH_ENUM_HIDDEN_PROCESSES_CALLBACK )(_In_ PPH_HIDDEN_PROCESS_ENTRY Process, _In_opt_ PVOID Context)
 
typedef BOOLEAN(NTAPI * PPH_ENUM_CSR_PROCESS_HANDLES_CALLBACK )(_In_ PPH_CSR_HANDLE_INFO Handle, _In_opt_ PVOID Context)
 

Enumerations

enum  _PH_HIDDEN_PROCESS_METHOD { BruteForceScanMethod, CsrHandlesScanMethod }
 
enum  _PH_HIDDEN_PROCESS_TYPE { UnknownProcess, NormalProcess, HiddenProcess, TerminatedProcess }
 

Functions

NTSTATUS NTAPI PhEnumHiddenProcesses (_In_ PH_HIDDEN_PROCESS_METHOD Method, _In_ PPH_ENUM_HIDDEN_PROCESSES_CALLBACK Callback, _In_opt_ PVOID Context)
 
NTSTATUS NTAPI PhEnumCsrProcessHandles (_In_ PPH_ENUM_CSR_PROCESS_HANDLES_CALLBACK Callback, _In_opt_ PVOID Context)
 
NTSTATUS NTAPI PhOpenProcessByCsrHandle (_Out_ PHANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _In_ PPH_CSR_HANDLE_INFO Handle)
 
NTSTATUS NTAPI PhOpenProcessByCsrHandles (_Out_ PHANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _In_ HANDLE ProcessId)
 

Typedef Documentation

typedef struct _PH_CSR_HANDLE_INFO PH_CSR_HANDLE_INFO
typedef struct _PH_HIDDEN_PROCESS_ENTRY PH_HIDDEN_PROCESS_ENTRY
typedef enum _PH_HIDDEN_PROCESS_METHOD PH_HIDDEN_PROCESS_METHOD
typedef enum _PH_HIDDEN_PROCESS_TYPE PH_HIDDEN_PROCESS_TYPE
typedef struct _PH_CSR_HANDLE_INFO * PPH_CSR_HANDLE_INFO
typedef BOOLEAN(NTAPI * PPH_ENUM_CSR_PROCESS_HANDLES_CALLBACK)(_In_ PPH_CSR_HANDLE_INFO Handle, _In_opt_ PVOID Context)

Definition at line 47 of file hidnproc.h.

typedef BOOLEAN(NTAPI * PPH_ENUM_HIDDEN_PROCESSES_CALLBACK)(_In_ PPH_HIDDEN_PROCESS_ENTRY Process, _In_opt_ PVOID Context)

Definition at line 34 of file hidnproc.h.

typedef struct _PH_HIDDEN_PROCESS_ENTRY * PPH_HIDDEN_PROCESS_ENTRY

Enumeration Type Documentation

enum _PH_HIDDEN_PROCESS_METHOD
Enumerator:
BruteForceScanMethod 
CsrHandlesScanMethod 

Definition at line 4 of file hidnproc.h.

enum _PH_HIDDEN_PROCESS_TYPE
Enumerator:
UnknownProcess 
NormalProcess 
HiddenProcess 
TerminatedProcess 

Definition at line 10 of file hidnproc.h.

Function Documentation

NTSTATUS NTAPI PhEnumCsrProcessHandles ( _In_ PPH_ENUM_CSR_PROCESS_HANDLES_CALLBACK  Callback,
_In_opt_ PVOID  Context 
)

Definition at line 1094 of file hidnproc.c.

NTSTATUS NTAPI PhEnumHiddenProcesses ( _In_ PH_HIDDEN_PROCESS_METHOD  Method,
_In_ PPH_ENUM_HIDDEN_PROCESSES_CALLBACK  Callback,
_In_opt_ PVOID  Context 
)

Definition at line 968 of file hidnproc.c.

NTSTATUS NTAPI PhOpenProcessByCsrHandle ( _Out_ PHANDLE  ProcessHandle,
_In_ ACCESS_MASK  DesiredAccess,
_In_ PPH_CSR_HANDLE_INFO  Handle 
)

Definition at line 1164 of file hidnproc.c.

NTSTATUS NTAPI PhOpenProcessByCsrHandles ( _Out_ PHANDLE  ProcessHandle,
_In_ ACCESS_MASK  DesiredAccess,
_In_ HANDLE  ProcessId 
)

Definition at line 1239 of file hidnproc.c.