File tree Expand file tree Collapse file tree 1 file changed +2
-2
lines changed
Expand file tree Collapse file tree 1 file changed +2
-2
lines changed Original file line number Diff line number Diff line change @@ -1679,7 +1679,7 @@ _NtQueryObject pfnNtQueryObject =
16791679 &dupHandle,
16801680 0 ,
16811681 0 ,
1682- 0
1682+ DUPLICATE_SAME_ACCESS
16831683 )))
16841684 {
16851685 printf (" [%#x] Error!\n " Handle );
@@ -2044,7 +2044,7 @@ void PIDinspect(DWORD pid) { // ooh guys look i'm in the void
20442044
20452045
20462046
2047- HANDLE hProcess = OpenProcess (PROCESS_QUERY_INFORMATION | PROCESS_VM_READ, FALSE , pid);
2047+ HANDLE hProcess = OpenProcess (PROCESS_QUERY_INFORMATION | PROCESS_VM_READ | PROCESS_DUP_HANDLE , FALSE , pid);
20482048 // The above little handle opener is currently a somwehat "agressive" flag, since it
20492049 // Requests read access directly to the process' actual memory. This can get us rejected if called
20502050 // on a very high privilege process, such as lsass.exe This means that we can't read the memory
You can’t perform that action at this time.
0 commit comments