Hello friends, I'm trying to figure out the implementation. Help me who is good at it.

I want to use NtCreateprocessEx. But the code fails with an error.

  unsafe {
        let mut hProcess: HANDLE = null_mut();
        let mut hSection: HANDLE = null_mut();
        let mut object_attributes: OBJECT_ATTRIBUTES = std::mem::zeroed();
        let flags: ULONG = 4;

        let status_process: NTSTATUS = NtCreateProcessEx(
            &mut hProcess,
            &mut object_attributes,
            null_mut(), // NtCurrentProcess()
            FALSE as u8 as u32 

        if status_process == 0 {
        } else {
            println!("Error: {:?}", status_process);

Error -1073741811

that's a STATUS_INVALID_PARAMETER error. why are you calling the Nt native functions directly? what's the reason you don't use the Windows SDK CreateProcessW function? the system calls are not documented as detailed as the SDK APIs. so try figure out what's the correct parameter range is more work.

1 Like

This topic was automatically closed 90 days after the last reply. We invite you to open a new topic if you have further questions or comments.