How to use NtOpenProcess

I am trying to use NtOpenProcess() I have not find any example in town.

I am getting an error any help is much appreciated.

int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE prevInstance, PSTR szCmdLine, int showCmd)
{
    HANDLE handle;
    HWND myWindow =FindWindow(NULL, L"Notepad");
    PCLIENT_ID PID;
    GetWindowThreadProcessId(myWindow, (LPDWORD)&PID);
    ZwOpenProcess(&handle, PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_VM_WRITE, NULL,PID);
    return 0;
}

The errors are

1>c:\users\asus\source\repos\windowsproject2\windowsproject2\windowsproject2.cpp(14): error C2065: 'PCLIENT_ID': undeclared identifier
1>c:\users\asus\source\repos\windowsproject2\windowsproject2\windowsproject2.cpp(14): error C2146: syntax error: missing ')' before identifier 'PID'
1>c:\users\asus\source\repos\windowsproject2\windowsproject2\windowsproject2.cpp(14): error C3861: 'NtOpenProcess': identifier not found
1>c:\users\asus\source\repos\windowsproject2\windowsproject2\windowsproject2.cpp(14): error C2146: syntax error: missing ';' before identifier 'PID'
1>c:\users\asus\source\repos\windowsproject2\windowsproject2\windowsproject2.cpp(14): error C2059: syntax error: ')'

This are my include files.

#include <Windows.h>
#include <ntddk.h>
#include <Ntifs.h>
#include "stdafx.h"

at first look at code:

FindWindow(NULL, L"Notepad");

faster of all you want

FindWindow(L"Notepad", 0);

because L"Notepad" is class name (not window name) and class name first parameter.

PCLIENT_ID PID;
GetWindowThreadProcessId(myWindow, (LPDWORD)&PID);

the GetWindowThreadProcessId wait pointer to DWORD memory, where it store process id. but you pass to it uninitialized pointer, to random memory. need use this:

CLIENT_ID pid = { };
if (GetWindowThreadProcessId(myWindow, (PDWORD)&pid.UniqueProcess))

finally ObjectAttributes in call NtOpenProcess is mandatory parameter and can not be 0.

about undeclared identifiers - all this declared in ntifs.h and it sub-headers (ntifs.h include ntddk.k - so you not need include it direct). problem that windows.h and ntifs.h is conflict - many common declarations. if you include both - you got a lot of errors. but solution exist - include ntifs.h in some namespace. but even after this you got some errors. but this also can be fixed, if deep understand source of errors. also you will be need include own code to this namespace too, for have easy access to ntifs declarations. and finally you need use ntdll.lib or ntdllp.lib (will be conflict with CRT libs if you use it) as linker input.

so if you want use native api in own code, without add custom headers, where you copy-paste some nt definitions and call it without resolve api in runtime, but use static linking - this is possible, but require deep knowledge and understanding what you doing. example

#define DECLSPEC_DEPRECATED_DDK

#define _XX_BEGIN   namespace XX {
#define _XX_END     }

_XX_BEGIN

struct _SECURITY_QUALITY_OF_SERVICE;
struct _CONTEXT;

_XX_END

#define _INC_MMSYSTEM  /* Prevent inclusion of mmsystem.h in windows.h */
#include <windows.h>

#pragma warning(disable : 4005)

_XX_BEGIN

#ifdef _RTL_RUN_ONCE_DEF
#undef _RTL_RUN_ONCE_DEF
#endif

#define RtlCompareMemory ::RtlCompareMemory

#include <ntifs.h>

_XX_END

#undef _INC_MMSYSTEM  /* Prevent inclusion of mmsystem.h in windows.h */
#include <MMSystem.h>

_XX_BEGIN

void demo()
{
    if (HWND myWindow = FindWindow(L"Notepad", 0))
    {
        CLIENT_ID pid = { };
        if (GetWindowThreadProcessId(myWindow, (PDWORD)&pid.UniqueProcess))
        {
            HANDLE handle;
            static OBJECT_ATTRIBUTES zoa = { sizeof(zoa) };
            if (0 <= NtOpenProcess(&handle, 
                PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_VM_WRITE, 
                &zoa, &pid))
            {
                NtClose(handle);
            }
        }
    }
}
_XX_END