I have started to use SerpentFly’s suggestions, thus:
PEPROCESS pEprocess = PsGetCurrentProcess();
HANDLE SectionHandle = pEprocess->SectionHandle;
The first line is fine, but I immediately get a compiler error “error C2037: left of ‘SectionHandle’ specifies undefined struct/union ‘_EPROCESS'” on the second line.
Although
typedef struct _EPROCESS *PEPROCESS;
occurs in several header files in the DDK, I can’t find a definition of _EPROCESS anywhere. I’m new to kernal mode programming and have obviously misunderstood something. Any help please.
