'2025/01/10'에 해당되는 글 1건
2025. 1. 10. 18:14
How to change the parent process when calling CreateProcess API
2025. 1. 10. 18:14 in text/window general
Usually, the parent process is the process that creats the new process. But you can change this behavior by setting STARTUPINFOEX.lpAttributeList.
HANDLE hParentProcess{ nullptr };
LPPROC_THREAD_ATTRIBUTE_LIST attrList{ nullptr };
// Initialize LPPROC_THREAD_ATTRIBUTE_LIST
hParentProcess = OpenProcess(PROCESS_CREATE_PROCESS, FALSE, parentProcessId);
SIZE_T attrListSize = 0;
InitializeProcThreadAttributeList(nullptr, 1, 0, &attrListSize);
attrList = (LPPROC_THREAD_ATTRIBUTE_LIST)malloc(attrListSize);
InitializeProcThreadAttributeList(attrList, 1, 0, &attrListSize);
UpdateProcThreadAttribute(attrList, 0, PROC_THREAD_ATTRIBUTE_PARENT_PROCESS, &hParentProcess,
sizeof(hParentProcess), nullptr, nullptr);
// Set LPPROC_THREAD_ATTRIBUTE_LIST to the STARTUPINFOEX
STARTUPINFOEX si = { sizeof(si) };
si.StartupInfo.cb = sizeof(si);
si.lpAttributeList = attrList;
PROCESS_INFORMATION pi = { 0 };
CreateProcess(nullptr, argv[1], nullptr, nullptr, FALSE, EXTENDED_STARTUPINFO_PRESENT, nullptr, nullptr, &si.StartupInfo, &pi);
Prev
Rss Feed