Last active
June 7, 2021 10:22
-
-
Save mesaleh/1a0869fccfe8ca8ed333 to your computer and use it in GitHub Desktop.
Used in my blog http://moustafasaleh.blogspot.com/2015/03/using-windows-native-apis-with-cl-and.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| http://moustafasaleh.blogspot.com/ (@msaleh83) | |
| Example of dynamically linking ZwDelayExecution Windows internal API | |
| compile: | |
| cl ZwDelayExecution1.cpp kernel32.lib user32.lib | |
| gcc ZwDelayExecution1.cpp -o ZwDelayExecution1.exe | |
| */ | |
| #define UNICODE | |
| #define _UNICODE | |
| #include <windows.h> | |
| #pragma comment(linker,"/entry:main") // for CL | |
| typedef DWORD (__stdcall *pfZwDelayExecution)(BOOLEAN, __int64*); | |
| int foo() | |
| { | |
| HMODULE hm = LoadLibrary(L"ntdll"); | |
| pfZwDelayExecution ZwDelayExecution = (pfZwDelayExecution)GetProcAddress(hm, "ZwDelayExecution"); | |
| MessageBox(0,L"Before the delay",L"@msaleh83",0); | |
| __int64 x = -20000000; // sleep for 2 seconds (100 ns granuality) | |
| ZwDelayExecution(FALSE, &x); | |
| MessageBox(0,L"After the delay",L"@msaleh83",0); | |
| return 0; | |
| } | |
| int main(int argc, char* argv[]) { | |
| foo(); | |
| ExitProcess(0); | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment