Welcome

[dabennos]

Nice board. To my question: I try to build a debugger(x86), which is able to debug x64 processes. I need to get ProcessBasicInformation of target process, by using NtWow64QueryInformationProcess64, for peb64 i use this structure, thats giving me false output. Maybe someone can help.

Code: Select all

typedef struct _PEB64 {
    BYTE Reserved1[2];
    BYTE BeingDebugged;
    BYTE Reserved2[21];
    PPEB_LDR_DATA Ldr;
    PPROCESS_PARAMETERS ProcessParameters;
    BYTE Reserved3[520];
    ULONG PostProcessInitRoutine;
    BYTE Reserved4[136];
    ULONG SessionId;
} PEB64;