Hi I'm Trying To Hook NtOpenProcess And Do a Lookup Through Kernel With PsLookupProcessByProcessId However That Its Working On x64 I Get BSOD on x86 Processes
with Error Code : STATUS_ACCESS_DENIED
typedef struct _CLIENT_ID
{
HANDLE UniqueProcess;
HANDLE UniqueThread;
} CLIENT_ID, * PCLIENT_ID;
What Can I Do ?
I Even Tried PsSetCreateProcessNotifyRoutine Doesn't Work