| HANDLE CreateRemoteThread(hProcess, lpThreadAttributes, dwStackSize, lpStartAddress, lpParameter, dwCreationFlags, lpThreadId) | |||
| HANDLE hProcess; | |||
| LPSECURITY_ATTRIBUTES lpThreadAttributes; | |||
| DWORD dwStackSize; | |||
| LPTHREAD_START_ROUTINE lpStartAddress; | |||
| LPVOID lpParameter; | |||
| DWORD dwCreationFlags; | |||
| LPDWORD lpThreadId; |
The CreateRemoteThread function creates a thread that runs in the address space of the another process.
hProcess
Supplies the handle to the process in which the thread is to be create in. The caller must have created or opened this handle requesting PROCESS_CREATE_THREAD access to the process.
lpThreadAttributes
An optional parameter that may be used to specify the attributes of the new thread. If the parameter is not specified, then the thread is created without a security descriptor, and the resulting handle is not inherited on process creation.
dwStackSize
Supplies the size in bytes of the stack for the new thread. A value of zero specifies that the thread's stack size should be the same size as the stack size of the first thread in the process. This size is specified in the application's executable file.
lpStartAddress
Supplies the starting address of the new thread. The address is logically a procedure that never returns and that accepts a single 32-bit pointer argument.
lpParameter
Supplies a single parameter value passed to the thread.
dwCreationFlags
Supplies additional flags that control the creation of the thread.
dwCreationFlags Flags:
CREATE_SUSPENDED – The thread is created in a suspended state. The creator can resume this thread using ResumeThread. Until this is done, the thread will not begin execution.
lpThreadId
Returns the thread identifier of the thread. The thread ID is valid until the thread terminates.
If the function is successful, the return value is a handle to the new thread. The handle has full access to the new thread and may be used with any function that requires a handle to a thread object.
If the function fails, the return value is NULL. To obtain extended error information, use the GetLastError function.
Creating a thread causes a new thread of execution to begin in the address space of the specified process. The thread has access to all objects opened by the process.
The thread begins executing at the address specified by the lpStartAddress parameter. If the thread returns from this procedure, the results are unspecified.
The thread remains in the system until it has terminated and all handles to the thread have been closed through a call to CloseHandle.
When a thread terminates, it attains a state of signaled satisfying all waits on the object.
In addition to the STANDARD_RIGHTS_REQUIRED access flags, the following object type specific access flags are valid for thread objects:
| Value | Meaning |
| THREAD_QUERY_INFORMATION | ||
| This access is required to read certain information from the thread object. | ||
| SYNCHRONIZE | ||
| This access is required to wait on a thread object. | ||
| THREAD_GET_CONTEXT | ||
| This access is required to read the context of a thread using GetThreadContext. | ||
| THREAD_SET_CONTEXT | ||
| This access is required to write the context of a thread using SetThreadContext. | ||
| THREAD_SUSPEND_RESUME | ||
| This access is required to suspend or resume a thread using SuspendThread or ResumeThread. | ||
| THREAD_ALL_ACCESS | ||
| This set of access flags specifies all of the possible access flags for a thread object. | ||