I have problem in Delphi application with determining current application (current Thread) handle. I know that I can get Current Thread ID with Windows API function GetCurrentThreadID, but I need current Thread handle to use as param for another Windows API fu开发者_JS百科nction that is SuspendThread.
Actually what I am trying to do is to make one of my old dll's made for hooking API functions located in kernel32.dll like OpenProcess or TerminateProcessto also do hook for SuspendProcess. Hook is located in dll file and using SetWindowsHookEx to be injected in running processes then finding base address of target functions.
I had no problem with hooking functions like TerminateProcess because it needs process ID as param that is easy to obtain in main application using GetCurrentProcessID. To make similar hook for SuspendThread function i need to pass thread handle as param.
Only place where I found thread handle is PROCESS_INFORMATION structure that contains
typedef struct _PROCESS_INFORMATION { // pi
HANDLE hProcess;
HANDLE hThread;
DWORD dwProcessId;
DWORD dwThreadId;
} PROCESS_INFORMATION;
but problem is that this structure is available only after creating process with CreateProcess API function. Main goal is to prevent program users to use different tools available online like ProcessExplorer etc to terminate process. I acheived that with success hooking TerminateProcess API calls and preventing that way closing my app but Suspend option in those process exploring tools can Suspend my process. It is internet kiosk application and it is vital that users can't close that application. Applications is currently running in Windows XP and it has to be run on administrator account because other apps that users are using after logging in my application requires administrator account to operate, so I can't simply run my application under restricted user.
Is there any way that I can get my main application main thread handle in Delphi ?
Thanks in advance
The only safe way to call SuspendThread is with a handle to the current thread. Suspending any other thread is a bad idea. To get a handle to the current thread, just call GetCurrentThread. You can use it pretty much anywhere a thread handle is required. But don't give that handle to another thread — it's a special "pseudo-handle" that always means "current thread," no matter which thread has it.
You can use OpenThread or DuplicateHandle to get a "real" thread handle, but that probably won't get you where you want to go. You won't be able to recognize attempts to suspend your thread or process because the handle another program uses to suspend your thread won't necessarily be the same value that you got when you called OpenThread. Handles are only meaningful within the process that opened them, and it's possible to acquire multiple handles to the same thing, and that may or may not yield the same value each time.
Instead, call GetThreadId to get the ID of the thread being suspended, and then see whether it matches any of your program's thread IDs. Thread IDs uniquely identify threads; handles don't. Likewise for process IDs and handles.
If you have the thread ID, you can get a handle for it using OpenThread:
HANDLE WINAPI OpenThread(
__in DWORD dwDesiredAccess,
__in BOOL bInheritHandle,
__in DWORD dwThreadId
);
![Interactive visualization of a graph in python [closed]](https://www.devze.com/res/2023/04-10/09/92d32fe8c0d22fb96bd6f6e8b7d1f457.gif)
加载中,请稍侯......
精彩评论