这两个结构究竟谁是正确的?
问题1>

C/C++ code

typedef struct _INITIAL_TEB{    PVOID PreviousStackBase;    PVOID PreviousStackLimit;    PVOID StackBase;    PVOID StackLimit;    PVOID AllocatedStackBase;} INITIAL_TEB, *PINITIAL_TEB;typedef struct _INITIAL_TEB {  PVOID                StackBase;  PVOID                StackLimit;  PVOID                StackCommit;  PVOID                StackCommitMax;  PVOID                StackReserved;} INITIAL_TEB, *PINITIAL_TEB;

如AllocatedStackBase和StackReserved名称有歧义.

哪个定义比较准确呢?



问题2>

C/C++ code

HANDLE APIENTRY CreateRemoteThread(HANDLE hProcess, LPSECURITY_ATTRIBUTES lpThreadAttributes, DWORD dwStackSize, LPTHREAD_START_ROUTINE lpStartAddress, LPVOID lpParameter, DWORD dwCreationFlags, LPDWORD lpThreadId){    NTSTATUS Status;    OBJECT_ATTRIBUTES Obja;    POBJECT_ATTRIBUTES pObja;    HANDLE Handle;    CONTEXT ThreadContext;    INITIAL_TEB InitialTeb;    CLIENT_ID ClientId;    // Allocate a stack for this thread    Status = BaseCreateStack(hProcess, dwStackSize, 0L, &InitialTeb );    // Create an initial context    BaseInitializeContext( &ThreadContext, lpParameter, (PVOID)lpStartAddress, InitialTeb.StackBase, BaseContextTypeThread);    pObja = BaseFormatObjectAttributes(&Obja, lpThreadAttributes, NULL);    Status = NtCreateThread( &Handle, THREAD_ALL_ACCESS, pObja, hProcess, &ClientId, &ThreadContext, &InitialTeb, TRUE ); }

NtCreateThread究竟怎么使用?
我找不到BaseCreateStack、BaseContextTypeThread、BaseFormatObjectAttributes的定义。

[解决办法]
问题1
感觉第一个结构的名称比较准确

问题2
得自定义这些结构
所谓的undocument的结构和函数，就是得自己声明这些结构和函数，并从dll中动态加载