rbmm · February 10, 2025 14:05
diff --git a/gistfile1.txt b/gistfile1.txt
 #define RTL_USER_PROC_UTF8_PROCESS 0x08000000

 NTSTATUS SetPtocessUtf8(HANDLE hProcess)
 {
 	PROCESS_BASIC_INFORMATION pbi;
 	_RTL_USER_PROCESS_PARAMETERS* ProcessParameters;
 	ULONG Flags;
 	NTSTATUS status;

 	0 <= (status = NtQueryInformationProcess(hProcess, ProcessBasicInformation, &pbi, sizeof(pbi), 0)) &&
 		0 <= (status = ZwReadVirtualMemory(hProcess, &reinterpret_cast<_PEB*>(pbi.PebBaseAddress)->ProcessParameters, &ProcessParameters, sizeof(ProcessParameters), 0)) &&
 		0 <= (status = ZwReadVirtualMemory(hProcess, &ProcessParameters->Flags, &Flags, sizeof(Flags), 0)) &&
 		0 <= (status = ZwWriteVirtualMemory(hProcess, &ProcessParameters->Flags, &(Flags |= RTL_USER_PROC_UTF8_PROCESS), sizeof(Flags), 0));

 	return status;
 }
	#define RTL_USER_PROC_UTF8_PROCESS 0x08000000

	NTSTATUS SetPtocessUtf8(HANDLE hProcess)
	{
	PROCESS_BASIC_INFORMATION pbi;
	_RTL_USER_PROCESS_PARAMETERS* ProcessParameters;
	ULONG Flags;
	NTSTATUS status;

	0 <= (status = NtQueryInformationProcess(hProcess, ProcessBasicInformation, &pbi, sizeof(pbi), 0)) &&
	0 <= (status = ZwReadVirtualMemory(hProcess, &reinterpret_cast<_PEB*>(pbi.PebBaseAddress)->ProcessParameters, &ProcessParameters, sizeof(ProcessParameters), 0)) &&
	0 <= (status = ZwReadVirtualMemory(hProcess, &ProcessParameters->Flags, &Flags, sizeof(Flags), 0)) &&
	0 <= (status = ZwWriteVirtualMemory(hProcess, &ProcessParameters->Flags, &(Flags \|= RTL_USER_PROC_UTF8_PROCESS), sizeof(Flags), 0));

	return status;
	}