Data Structures |
| struct | PMSV1_0_INTERACTIVE_LOGON |
| struct | PMSV1_0_INTERACTIVE_PROFILE |
| struct | PMSV1_0_LM20_LOGON |
| struct | PMSV1_0_SUBAUTH_LOGON |
| struct | PMSV1_0_LM20_LOGON_PROFILE |
| struct | PMSV1_0_SUPPLEMENTAL_CREDENTIAL |
| struct | PMSV1_0_NTLM3_RESPONSE |
| struct | PMSV1_0_AV_PAIR |
| struct | PMSV1_0_LM20_CHALLENGE_REQUEST |
| struct | PMSV1_0_LM20_CHALLENGE_RESPONSE |
| struct | PMSV1_0_GETCHALLENRESP_REQUEST_V1 |
| struct | PMSV1_0_GETCHALLENRESP_REQUEST |
| struct | PMSV1_0_GETCHALLENRESP_RESPONSE |
| struct | PMSV1_0_ENUMUSERS_REQUEST |
| struct | PMSV1_0_ENUMUSERS_RESPONSE |
| struct | PMSV1_0_GETUSERINFO_REQUEST |
| struct | PMSV1_0_GETUSERINFO_RESPONSE |
| struct | PPUBLIC_OBJECT_TYPE_INFORMATION |
| struct | PNETWORK_OPEN_ECP_CONTEXT |
| struct | PNETWORK_OPEN_ECP_CONTEXT_V0 |
| struct | PPREFETCH_OPEN_ECP_CONTEXT |
| struct | PPNFS_OPEN_ECP_CONTEXT |
| struct | PSRV_OPEN_ECP_CONTEXT |
| struct | PQUERY_PATH_REQUEST |
| struct | PQUERY_PATH_REQUEST_EX |
| struct | PQUERY_PATH_RESPONSE |
| struct | POBJECT_BASIC_INFORMATION |
| struct | PBITMAP_RANGE |
| struct | PFILE_COPY_ON_WRITE_INFORMATION |
| struct | PFILE_FULL_DIRECTORY_INFORMATION |
| struct | PFILE_SHARED_LOCK_ENTRY |
| struct | PFILE_EXCLUSIVE_LOCK_ENTRY |
| struct | PFILE_MAILSLOT_PEEK_BUFFER |
| struct | PFILE_OLE_CLASSID_INFORMATION |
| struct | PFILE_OLE_ALL_INFORMATION |
| struct | PFILE_OLE_DIR_INFORMATION |
| struct | PFILE_OLE_INFORMATION |
| struct | PFILE_OLE_STATE_BITS_INFORMATION |
| struct | PMAPPING_PAIR |
| struct | PGET_RETRIEVAL_DESCRIPTOR |
| struct | PMBCB |
| struct | PMOVEFILE_DESCRIPTOR |
| struct | POBJECT_BASIC_INFO |
| struct | POBJECT_HANDLE_ATTRIBUTE_INFO |
| struct | POBJECT_NAME_INFO |
| struct | POBJECT_PROTECTION_INFO |
| struct | POBJECT_TYPE_INFO |
| struct | POBJECT_ALL_TYPES_INFO |
| struct | PPORT_MESSAGE |
| struct | PPORT_VIEW |
| struct | PREMOTE_PORT_VIEW |
| struct | PVAD_HEADER |
Defines |
| #define | _NTIFS_INCLUDED_ |
| #define | _GNU_NTIFS_ |
| #define | FlagOn(_F, _SF) ((_F) & (_SF)) |
| #define | BooleanFlagOn(F, SF) ((BOOLEAN)(((F) & (SF)) != 0)) |
| #define | SetFlag(_F, _SF) ((_F) |= (_SF)) |
| #define | ClearFlag(_F, _SF) ((_F) &= ~(_SF)) |
| #define | COMPRESSION_FORMAT_NONE (0x0000) |
| #define | COMPRESSION_FORMAT_DEFAULT (0x0001) |
| #define | COMPRESSION_FORMAT_LZNT1 (0x0002) |
| #define | COMPRESSION_ENGINE_STANDARD (0x0000) |
| #define | COMPRESSION_ENGINE_MAXIMUM (0x0100) |
| #define | COMPRESSION_ENGINE_HIBER (0x0200) |
| #define | MAX_UNICODE_STACK_BUFFER_LENGTH 256 |
| #define | METHOD_FROM_CTL_CODE(ctrlCode) ((ULONG)(ctrlCode & 3)) |
| #define | METHOD_DIRECT_TO_HARDWARE METHOD_IN_DIRECT |
| #define | METHOD_DIRECT_FROM_HARDWARE METHOD_OUT_DIRECT |
| #define | _NTLSA_AUDIT_ |
| #define | _NTLSA_IFS_ |
| #define | MSV1_0_PACKAGE_NAME "MICROSOFT_AUTHENTICATION_PACKAGE_V1_0" |
| #define | MSV1_0_PACKAGE_NAMEW L"MICROSOFT_AUTHENTICATION_PACKAGE_V1_0" |
| #define | MSV1_0_PACKAGE_NAMEW_LENGTH sizeof(MSV1_0_PACKAGE_NAMEW) - sizeof(WCHAR) |
| #define | MSV1_0_SUBAUTHENTICATION_KEY "SYSTEM\\CurrentControlSet\\Control\\Lsa\\MSV1_0" |
| #define | MSV1_0_SUBAUTHENTICATION_VALUE "Auth" |
| #define | MSV1_0_CHALLENGE_LENGTH 8 |
| #define | MSV1_0_USER_SESSION_KEY_LENGTH 16 |
| #define | MSV1_0_LANMAN_SESSION_KEY_LENGTH 8 |
| #define | MSV1_0_CLEARTEXT_PASSWORD_ALLOWED 0x02 |
| #define | MSV1_0_UPDATE_LOGON_STATISTICS 0x04 |
| #define | MSV1_0_RETURN_USER_PARAMETERS 0x08 |
| #define | MSV1_0_DONT_TRY_GUEST_ACCOUNT 0x10 |
| #define | MSV1_0_ALLOW_SERVER_TRUST_ACCOUNT 0x20 |
| #define | MSV1_0_RETURN_PASSWORD_EXPIRY 0x40 |
| #define | MSV1_0_USE_CLIENT_CHALLENGE 0x80 |
| #define | MSV1_0_TRY_GUEST_ACCOUNT_ONLY 0x100 |
| #define | MSV1_0_RETURN_PROFILE_PATH 0x200 |
| #define | MSV1_0_TRY_SPECIFIED_DOMAIN_ONLY 0x400 |
| #define | MSV1_0_ALLOW_WORKSTATION_TRUST_ACCOUNT 0x800 |
| #define | MSV1_0_DISABLE_PERSONAL_FALLBACK 0x00001000 |
| #define | MSV1_0_ALLOW_FORCE_GUEST 0x00002000 |
| #define | MSV1_0_SUBAUTHENTICATION_DLL_EX 0x00100000 |
| #define | MSV1_0_ALLOW_MSVCHAPV2 0x00010000 |
| #define | MSV1_0_SUBAUTHENTICATION_DLL 0xFF000000 |
| #define | MSV1_0_SUBAUTHENTICATION_DLL_SHIFT 24 |
| #define | MSV1_0_MNS_LOGON 0x01000000 |
| #define | MSV1_0_SUBAUTHENTICATION_DLL_RAS 2 |
| #define | MSV1_0_SUBAUTHENTICATION_DLL_IIS 132 |
| #define | LOGON_GUEST 0x01 |
| #define | LOGON_NOENCRYPTION 0x02 |
| #define | LOGON_CACHED_ACCOUNT 0x04 |
| #define | LOGON_USED_LM_PASSWORD 0x08 |
| #define | LOGON_EXTRA_SIDS 0x20 |
| #define | LOGON_SUBAUTH_SESSION_KEY 0x40 |
| #define | LOGON_SERVER_TRUST_ACCOUNT 0x80 |
| #define | LOGON_NTLMV2_ENABLED 0x100 |
| #define | LOGON_RESOURCE_GROUPS 0x200 |
| #define | LOGON_PROFILE_PATH_RETURNED 0x400 |
| #define | LOGON_NT_V2 0x800 |
| #define | LOGON_LM_V2 0x1000 |
| #define | LOGON_NTLM_V2 0x2000 |
| #define | MSV1_0_SUBAUTHENTICATION_FLAGS 0xFF000000 |
| #define | LOGON_GRACE_LOGON 0x01000000 |
| #define | MSV1_0_OWF_PASSWORD_LENGTH 16 |
| #define | MSV1_0_CRED_LM_PRESENT 0x1 |
| #define | MSV1_0_CRED_NT_PRESENT 0x2 |
| #define | MSV1_0_CRED_VERSION 0 |
| #define | MSV1_0_NTLM3_RESPONSE_LENGTH 16 |
| #define | MSV1_0_NTLM3_OWF_LENGTH 16 |
| #define | MSV1_0_MAX_NTLM3_LIFE 129600 |
| #define | MSV1_0_MAX_AVL_SIZE 64000 |
| #define | MSV1_0_NTLM3_INPUT_LENGTH (sizeof(MSV1_0_NTLM3_RESPONSE) - MSV1_0_NTLM3_RESPONSE_LENGTH) |
| #define | USE_PRIMARY_PASSWORD 0x01 |
| #define | RETURN_PRIMARY_USERNAME 0x02 |
| #define | RETURN_PRIMARY_LOGON_DOMAINNAME 0x04 |
| #define | RETURN_NON_NT_USER_SESSION_KEY 0x08 |
| #define | GENERATE_CLIENT_CHALLENGE 0x10 |
| #define | GCR_NTLM3_PARMS 0x20 |
| #define | GCR_TARGET_INFO 0x40 |
| #define | RETURN_RESERVED_PARAMETER 0x80 |
| #define | GCR_ALLOW_NTLM 0x100 |
| #define | GCR_USE_OEM_SET 0x200 |
| #define | GCR_MACHINE_CREDENTIAL 0x400 |
| #define | GCR_USE_OWF_PASSWORD 0x800 |
| #define | GCR_ALLOW_LM 0x1000 |
| #define | GCR_ALLOW_NO_TARGET 0x2000 |
| #define | SYSTEM_PAGE_PRIORITY_BITS 3 |
| #define | SYSTEM_PAGE_PRIORITY_LEVELS (1 << SYSTEM_PAGE_PRIORITY_BITS) |
| #define | NLS_OEM_LEAD_BYTE_INFO NlsOemLeadByteInfo |
| #define | NLS_MB_CODE_PAGE_TAG NlsMbOemCodePageTag |
| #define | NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_COLLAPSING 0x1 |
| #define | NETWORK_OPEN_ECP_IN_FLAG_DISABLE_HANDLE_DURABILITY 0x2 |
| #define | NETWORK_OPEN_ECP_IN_FLAG_FORCE_BUFFERED_SYNCHRONOUS_IO_HACK 0x80000000 |
| #define | PIN_WAIT (1) |
| #define | PIN_EXCLUSIVE (2) |
| #define | PIN_NO_READ (4) |
| #define | PIN_IF_BCB (8) |
| #define | PIN_CALLER_TRACKS_DIRTY_DATA (32) |
| #define | PIN_HIGH_PRIORITY (64) |
| #define | MAP_WAIT 1 |
| #define | MAP_NO_READ (16) |
| #define | MAP_HIGH_PRIORITY (64) |
| #define | IOCTL_REDIR_QUERY_PATH CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 99, METHOD_NEITHER, FILE_ANY_ACCESS) |
| #define | IOCTL_REDIR_QUERY_PATH_EX CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 100, METHOD_NEITHER, FILE_ANY_ACCESS) |
| #define | VOLSNAPCONTROLTYPE 0x00000053 |
| #define | IOCTL_VOLSNAP_FLUSH_AND_HOLD_WRITES CTL_CODE(VOLSNAPCONTROLTYPE, 0, METHOD_BUFFERED, FILE_READ_ACCESS | FILE_WRITE_ACCESS) |
| #define | VER_PRODUCTBUILD 10000 |
| #define | FS_LFN_APIS 0x00004000 |
| #define | FILE_STORAGE_TYPE_SPECIFIED 0x00000041 /* FILE_DIRECTORY_FILE | FILE_NON_DIRECTORY_FILE */ |
| #define | FILE_STORAGE_TYPE_DEFAULT (StorageTypeDefault << FILE_STORAGE_TYPE_SHIFT) |
| #define | FILE_STORAGE_TYPE_DIRECTORY (StorageTypeDirectory << FILE_STORAGE_TYPE_SHIFT) |
| #define | FILE_STORAGE_TYPE_FILE (StorageTypeFile << FILE_STORAGE_TYPE_SHIFT) |
| #define | FILE_STORAGE_TYPE_DOCFILE (StorageTypeDocfile << FILE_STORAGE_TYPE_SHIFT) |
| #define | FILE_STORAGE_TYPE_JUNCTION_POINT (StorageTypeJunctionPoint << FILE_STORAGE_TYPE_SHIFT) |
| #define | FILE_STORAGE_TYPE_CATALOG (StorageTypeCatalog << FILE_STORAGE_TYPE_SHIFT) |
| #define | FILE_STORAGE_TYPE_STRUCTURED_STORAGE (StorageTypeStructuredStorage << FILE_STORAGE_TYPE_SHIFT) |
| #define | FILE_STORAGE_TYPE_EMBEDDING (StorageTypeEmbedding << FILE_STORAGE_TYPE_SHIFT) |
| #define | FILE_STORAGE_TYPE_STREAM (StorageTypeStream << FILE_STORAGE_TYPE_SHIFT) |
| #define | FILE_MINIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_DEFAULT |
| #define | FILE_MAXIMUM_STORAGE_TYPE FILE_STORAGE_TYPE_STREAM |
| #define | FILE_STORAGE_TYPE_MASK 0x000f0000 |
| #define | FILE_STORAGE_TYPE_SHIFT 16 |
| #define | FILE_VC_QUOTAS_LOG_VIOLATIONS 0x00000004 |
| #define | IO_ATTACH_DEVICE_API 0x80000000 |
| #define | IO_TYPE_APC 18 |
| #define | IO_TYPE_DPC 19 |
| #define | IO_TYPE_DEVICE_QUEUE 20 |
| #define | IO_TYPE_EVENT_PAIR 21 |
| #define | IO_TYPE_INTERRUPT 22 |
| #define | IO_TYPE_PROFILE 23 |
| #define | IRP_BEING_VERIFIED 0x10 |
| #define | MAILSLOT_CLASS_FIRSTCLASS 1 |
| #define | MAILSLOT_CLASS_SECONDCLASS 2 |
| #define | MAILSLOT_SIZE_AUTO 0 |
| #define | MEM_DOS_LIM 0x40000000 |
| #define | OB_TYPE_TYPE 1 |
| #define | OB_TYPE_DIRECTORY 2 |
| #define | OB_TYPE_SYMBOLIC_LINK 3 |
| #define | OB_TYPE_TOKEN 4 |
| #define | OB_TYPE_PROCESS 5 |
| #define | OB_TYPE_THREAD 6 |
| #define | OB_TYPE_EVENT 7 |
| #define | OB_TYPE_EVENT_PAIR 8 |
| #define | OB_TYPE_MUTANT 9 |
| #define | OB_TYPE_SEMAPHORE 10 |
| #define | OB_TYPE_TIMER 11 |
| #define | OB_TYPE_PROFILE 12 |
| #define | OB_TYPE_WINDOW_STATION 13 |
| #define | OB_TYPE_DESKTOP 14 |
| #define | OB_TYPE_SECTION 15 |
| #define | OB_TYPE_KEY 16 |
| #define | OB_TYPE_PORT 17 |
| #define | OB_TYPE_ADAPTER 18 |
| #define | OB_TYPE_CONTROLLER 19 |
| #define | OB_TYPE_DEVICE 20 |
| #define | OB_TYPE_DRIVER 21 |
| #define | OB_TYPE_IO_COMPLETION 22 |
| #define | OB_TYPE_FILE 23 |
| #define | SEC_BASED 0x00200000 |
| #define | TOKEN_HAS_ADMIN_GROUP 0x08 |
| #define | FSCTL_GET_HFS_INFORMATION CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 31, METHOD_BUFFERED, FILE_ANY_ACCESS) |
| #define | FSCTL_READ_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 33, METHOD_NEITHER, FILE_ANY_ACCESS) |
| #define | FSCTL_WRITE_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 34, METHOD_NEITHER, FILE_ANY_ACCESS) |
| #define | FSCTL_DUMP_PROPERTY_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 37, METHOD_NEITHER, FILE_ANY_ACCESS) |
| #define | FSCTL_HSM_MSG CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 66, METHOD_BUFFERED, FILE_READ_DATA | FILE_WRITE_DATA) |
| #define | FSCTL_NSS_CONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 67, METHOD_BUFFERED, FILE_WRITE_DATA) |
| #define | FSCTL_HSM_DATA CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 68, METHOD_NEITHER, FILE_READ_DATA | FILE_WRITE_DATA) |
| #define | FSCTL_NSS_RCONTROL CTL_CODE(FILE_DEVICE_FILE_SYSTEM, 70, METHOD_BUFFERED, FILE_READ_DATA) |
| #define | FSCTL_NETWORK_SET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 102, METHOD_IN_DIRECT, FILE_ANY_ACCESS) |
| #define | FSCTL_NETWORK_GET_CONFIGURATION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 103, METHOD_OUT_DIRECT, FILE_ANY_ACCESS) |
| #define | FSCTL_NETWORK_GET_CONNECTION_INFO CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 104, METHOD_NEITHER, FILE_ANY_ACCESS) |
| #define | FSCTL_NETWORK_ENUMERATE_CONNECTIONS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 105, METHOD_NEITHER, FILE_ANY_ACCESS) |
| #define | FSCTL_NETWORK_DELETE_CONNECTION CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 107, METHOD_BUFFERED, FILE_ANY_ACCESS) |
| #define | FSCTL_NETWORK_GET_STATISTICS CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 116, METHOD_BUFFERED, FILE_ANY_ACCESS) |
| #define | FSCTL_NETWORK_SET_DOMAIN_NAME CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 120, METHOD_BUFFERED, FILE_ANY_ACCESS) |
| #define | FSCTL_NETWORK_REMOTE_BOOT_INIT_SCRT CTL_CODE(FILE_DEVICE_NETWORK_FILE_SYSTEM, 250, METHOD_BUFFERED, FILE_ANY_ACCESS) |
| #define | LPC_CLIENT_ID CLIENT_ID |
| #define | LPC_SIZE_T SIZE_T |
| #define | LPC_PVOID PVOID |
| #define | LPC_HANDLE HANDLE |
| #define | LPC_KERNELMODE_MESSAGE (CSHORT)((USHORT)0x8000) |
| #define | PsDereferenceImpersonationToken(T) |
| #define | SeEnableAccessToExports() SeExports = *(PSE_EXPORTS *)SeExports; |
Typedefs |
| typedef STRING | LSA_STRING |
| typedef STRING * | PLSA_STRING |
| typedef OBJECT_ATTRIBUTES | LSA_OBJECT_ATTRIBUTES |
| typedef OBJECT_ATTRIBUTES * | PLSA_OBJECT_ATTRIBUTES |
| typedef ULONG | LSA_OPERATIONAL_MODE |
| typedef ULONG * | PLSA_OPERATIONAL_MODE |
| typedef enum _SECURITY_LOGON_TYPE * | PSECURITY_LOGON_TYPE |
typedef enum
_MSV1_0_LOGON_SUBMIT_TYPE * | PMSV1_0_LOGON_SUBMIT_TYPE |
typedef enum
_MSV1_0_PROFILE_BUFFER_TYPE * | PMSV1_0_PROFILE_BUFFER_TYPE |
typedef enum
_MSV1_0_PROTOCOL_MESSAGE_TYPE * | PMSV1_0_PROTOCOL_MESSAGE_TYPE |
| typedef struct sockaddr_storage * | PSOCKADDR_STORAGE_NFS |
Enumerations |
| enum | SECURITY_LOGON_TYPE {
UndefinedLogonType = 0,
Interactive = 2,
Network,
Batch,
Service,
Proxy,
Unlock,
NetworkCleartext,
NewCredentials,
Interactive = 2,
Network,
Batch,
Service,
Proxy,
Unlock,
UndefinedLogonType = 0,
Interactive = 2,
Network,
Batch,
Service,
Proxy,
Unlock,
NetworkCleartext,
NewCredentials
} |
| enum | MSV1_0_LOGON_SUBMIT_TYPE {
MsV1_0InteractiveLogon = 2,
MsV1_0Lm20Logon,
MsV1_0NetworkLogon,
MsV1_0SubAuthLogon,
MsV1_0WorkstationUnlockLogon = 7,
MsV1_0S4ULogon = 12,
MsV1_0VirtualLogon = 82,
MsV1_0InteractiveLogon = 2,
MsV1_0Lm20Logon,
MsV1_0NetworkLogon,
MsV1_0SubAuthLogon,
MsV1_0WorkstationUnlockLogon = 7,
MsV1_0InteractiveLogon = 2,
MsV1_0Lm20Logon,
MsV1_0NetworkLogon,
MsV1_0SubAuthLogon,
MsV1_0WorkstationUnlockLogon = 7,
MsV1_0S4ULogon = 12,
MsV1_0VirtualLogon = 82
} |
| enum | MSV1_0_PROFILE_BUFFER_TYPE {
MsV1_0InteractiveProfile = 2,
MsV1_0Lm20LogonProfile,
MsV1_0SmartCardProfile,
MsV1_0InteractiveProfile = 2,
MsV1_0Lm20LogonProfile,
MsV1_0SmartCardProfile,
MsV1_0InteractiveProfile = 2,
MsV1_0Lm20LogonProfile,
MsV1_0SmartCardProfile
} |
| enum | MSV1_0_AVID {
MsvAvEOL,
MsvAvNbComputerName,
MsvAvNbDomainName,
MsvAvDnsComputerName,
MsvAvDnsDomainName,
MsvAvEOL,
MsvAvNbComputerName,
MsvAvNbDomainName,
MsvAvDnsComputerName,
MsvAvDnsDomainName,
MsvAvEOL,
MsvAvNbComputerName,
MsvAvNbDomainName,
MsvAvDnsComputerName,
MsvAvDnsDomainName
} |
| enum | MSV1_0_PROTOCOL_MESSAGE_TYPE {
MsV1_0Lm20ChallengeRequest = 0,
MsV1_0Lm20GetChallengeResponse,
MsV1_0EnumerateUsers,
MsV1_0GetUserInfo,
MsV1_0ReLogonUsers,
MsV1_0ChangePassword,
MsV1_0ChangeCachedPassword,
MsV1_0GenericPassthrough,
MsV1_0CacheLogon,
MsV1_0SubAuth,
MsV1_0DeriveCredential,
MsV1_0CacheLookup,
MsV1_0Lm20ChallengeRequest = 0,
MsV1_0Lm20GetChallengeResponse,
MsV1_0EnumerateUsers,
MsV1_0GetUserInfo,
MsV1_0ReLogonUsers,
MsV1_0ChangePassword,
MsV1_0ChangeCachedPassword,
MsV1_0GenericPassthrough,
MsV1_0CacheLogon,
MsV1_0SubAuth,
MsV1_0DeriveCredential,
MsV1_0CacheLookup,
MsV1_0Lm20ChallengeRequest = 0,
MsV1_0Lm20GetChallengeResponse,
MsV1_0EnumerateUsers,
MsV1_0GetUserInfo,
MsV1_0ReLogonUsers,
MsV1_0ChangePassword,
MsV1_0ChangeCachedPassword,
MsV1_0GenericPassthrough,
MsV1_0CacheLogon,
MsV1_0SubAuth,
MsV1_0DeriveCredential,
MsV1_0CacheLookup
} |
| enum | NETWORK_OPEN_LOCATION_QUALIFIER {
NetworkOpenLocationAny,
NetworkOpenLocationRemote,
NetworkOpenLocationLoopback,
NetworkOpenLocationAny,
NetworkOpenLocationRemote,
NetworkOpenLocationLoopback
} |
| enum | NETWORK_OPEN_INTEGRITY_QUALIFIER {
NetworkOpenIntegrityAny,
NetworkOpenIntegrityNone,
NetworkOpenIntegritySigned,
NetworkOpenIntegrityEncrypted,
NetworkOpenIntegrityMaximum,
NetworkOpenIntegrityAny,
NetworkOpenIntegrityNone,
NetworkOpenIntegritySigned,
NetworkOpenIntegrityEncrypted,
NetworkOpenIntegrityMaximum
} |
| enum | FILE_STORAGE_TYPE {
StorageTypeDefault = 1,
StorageTypeDirectory,
StorageTypeFile,
StorageTypeJunctionPoint,
StorageTypeCatalog,
StorageTypeStructuredStorage,
StorageTypeEmbedding,
StorageTypeStream,
StorageTypeDefault = 1,
StorageTypeDirectory,
StorageTypeFile,
StorageTypeJunctionPoint,
StorageTypeCatalog,
StorageTypeStructuredStorage,
StorageTypeEmbedding,
StorageTypeStream
} |
Functions |
| | $define (_NTIFS_) typedef UNICODE_STRING LSA_UNICODE_STRING |
| | $include (setypes.h) $include(obtypes.h) $include(rtltypes.h) $include(rtlfuncs.h) _IRQL_requires_max_(PASSIVE_LEVEL) __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtQueryObject(_In_opt_ HANDLE Handle |
| _In_ OBJECT_INFORMATION_CLASS | _Out_writes_bytes_opt_ (ObjectInformationLength) PVOID ObjectInformation |
_Must_inspect_result_
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtOpenThreadToken (_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _Out_ PHANDLE TokenHandle) |
_Must_inspect_result_
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtOpenProcessToken (_In_ HANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _Out_ PHANDLE TokenHandle) |
| | _When_ (TokenInformationClass==TokenAccessInformation, _At_(TokenInformationLength, _In_range_(>=, sizeof(TOKEN_ACCESS_INFORMATION)))) _Must_inspect_result_ __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtQueryInformationToken(_In_ HANDLE TokenHandle |
| _In_ TOKEN_INFORMATION_CLASS | _Out_writes_bytes_to_opt_ (TokenInformationLength,*ReturnLength) PVOID TokenInformation |
_Must_inspect_result_
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtAdjustPrivilegesToken (_In_ HANDLE TokenHandle, _In_ BOOLEAN DisableAllPrivileges, _In_opt_ PTOKEN_PRIVILEGES NewState, _In_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength,*ReturnLength) PTOKEN_PRIVILEGES PreviousState, _Out_ _When_(PreviousState==NULL, _Out_opt_) PULONG ReturnLength) |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtCreateFile (_Out_ PHANDLE FileHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_opt_ PLARGE_INTEGER AllocationSize, _In_ ULONG FileAttributes, _In_ ULONG ShareAccess, _In_ ULONG CreateDisposition, _In_ ULONG CreateOptions, _In_reads_bytes_opt_(EaLength) PVOID EaBuffer, _In_ ULONG EaLength) |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtDeviceIoControlFile (_In_ HANDLE FileHandle, _In_opt_ HANDLE Event, _In_opt_ PIO_APC_ROUTINE ApcRoutine, _In_opt_ PVOID ApcContext, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ ULONG IoControlCode, _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer, _In_ ULONG InputBufferLength, _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer, _In_ ULONG OutputBufferLength) |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtFsControlFile (_In_ HANDLE FileHandle, _In_opt_ HANDLE Event, _In_opt_ PIO_APC_ROUTINE ApcRoutine, _In_opt_ PVOID ApcContext, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ ULONG FsControlCode, _In_reads_bytes_opt_(InputBufferLength) PVOID InputBuffer, _In_ ULONG InputBufferLength, _Out_writes_bytes_opt_(OutputBufferLength) PVOID OutputBuffer, _In_ ULONG OutputBufferLength) |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtLockFile (_In_ HANDLE FileHandle, _In_opt_ HANDLE Event, _In_opt_ PIO_APC_ROUTINE ApcRoutine, _In_opt_ PVOID ApcContext, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ PLARGE_INTEGER ByteOffset, _In_ PLARGE_INTEGER Length, _In_ ULONG Key, _In_ BOOLEAN FailImmediately, _In_ BOOLEAN ExclusiveLock) |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtOpenFile (_Out_ PHANDLE FileHandle, _In_ ACCESS_MASK DesiredAccess, _In_ POBJECT_ATTRIBUTES ObjectAttributes, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ ULONG ShareAccess, _In_ ULONG OpenOptions) |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtQueryDirectoryFile (_In_ HANDLE FileHandle, _In_opt_ HANDLE Event, _In_opt_ PIO_APC_ROUTINE ApcRoutine, _In_opt_ PVOID ApcContext, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _Out_writes_bytes_(Length) PVOID FileInformation, _In_ ULONG Length, _In_ FILE_INFORMATION_CLASS FileInformationClass, _In_ BOOLEAN ReturnSingleEntry, _In_opt_ PUNICODE_STRING FileName, _In_ BOOLEAN RestartScan) |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtQueryInformationFile (_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _Out_writes_bytes_(Length) PVOID FileInformation, _In_ ULONG Length, _In_ FILE_INFORMATION_CLASS FileInformationClass) |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtQueryQuotaInformationFile (_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _Out_writes_bytes_(Length) PVOID Buffer, _In_ ULONG Length, _In_ BOOLEAN ReturnSingleEntry, _In_reads_bytes_opt_(SidListLength) PVOID SidList, _In_ ULONG SidListLength, _In_reads_bytes_opt_((8+(4 *((SID *) StartSid)->SubAuthorityCount))) PSID StartSid, _In_ BOOLEAN RestartScan) |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtQueryVolumeInformationFile (_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _Out_writes_bytes_(Length) PVOID FsInformation, _In_ ULONG Length, _In_ FS_INFORMATION_CLASS FsInformationClass) |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtReadFile (_In_ HANDLE FileHandle, _In_opt_ HANDLE Event, _In_opt_ PIO_APC_ROUTINE ApcRoutine, _In_opt_ PVOID ApcContext, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _Out_writes_bytes_(Length) PVOID Buffer, _In_ ULONG Length, _In_opt_ PLARGE_INTEGER ByteOffset, _In_opt_ PULONG Key) |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtSetInformationFile (_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_reads_bytes_(Length) PVOID FileInformation, _In_ ULONG Length, _In_ FILE_INFORMATION_CLASS FileInformationClass) |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtSetQuotaInformationFile (_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_reads_bytes_(Length) PVOID Buffer, _In_ ULONG Length) |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtSetVolumeInformationFile (_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_reads_bytes_(Length) PVOID FsInformation, _In_ ULONG Length, _In_ FS_INFORMATION_CLASS FsInformationClass) |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtWriteFile (_In_ HANDLE FileHandle, _In_opt_ HANDLE Event, _In_opt_ PIO_APC_ROUTINE ApcRoutine, _In_opt_ PVOID ApcContext, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_reads_bytes_(Length) PVOID Buffer, _In_ ULONG Length, _In_opt_ PLARGE_INTEGER ByteOffset, _In_opt_ PULONG Key) |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtUnlockFile (_In_ HANDLE FileHandle, _Out_ PIO_STATUS_BLOCK IoStatusBlock, _In_ PLARGE_INTEGER ByteOffset, _In_ PLARGE_INTEGER Length, _In_ ULONG Key) |
| | _IRQL_requires_max_ (PASSIVE_LEVEL) __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtSetSecurityObject(_In_ HANDLE Handle |
| _In_ SECURITY_INFORMATION | _Out_writes_bytes_opt_ (Length) PSECURITY_DESCRIPTOR SecurityDescriptor |
| _Must_inspect_result_ | __drv_allocatesMem (Mem) __kernel_entry NTSYSCALLAPI NTSTATUS NTAPI NtAllocateVirtualMemory(_In_ HANDLE ProcessHandle |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtFreeVirtualMemory (_In_ HANDLE ProcessHandle, _Inout_ __drv_freesMem(Mem) PVOID *BaseAddress, _Inout_ PSIZE_T RegionSize, _In_ ULONG FreeType) |
_Must_inspect_result_
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtOpenThreadTokenEx (_In_ HANDLE ThreadHandle, _In_ ACCESS_MASK DesiredAccess, _In_ BOOLEAN OpenAsSelf, _In_ ULONG HandleAttributes, _Out_ PHANDLE TokenHandle) |
_Must_inspect_result_
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtOpenProcessTokenEx (_In_ HANDLE ProcessHandle, _In_ ACCESS_MASK DesiredAccess, _In_ ULONG HandleAttributes, _Out_ PHANDLE TokenHandle) |
_Must_inspect_result_ NTSYSAPI
NTSTATUS NTAPI | NtOpenJobObjectToken (_In_ HANDLE JobHandle, _In_ ACCESS_MASK DesiredAccess, _Out_ PHANDLE TokenHandle) |
_Must_inspect_result_
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtDuplicateToken (_In_ HANDLE ExistingTokenHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_ BOOLEAN EffectiveOnly, _In_ TOKEN_TYPE TokenType, _Out_ PHANDLE NewTokenHandle) |
_Must_inspect_result_
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtFilterToken (_In_ HANDLE ExistingTokenHandle, _In_ ULONG Flags, _In_opt_ PTOKEN_GROUPS SidsToDisable, _In_opt_ PTOKEN_PRIVILEGES PrivilegesToDelete, _In_opt_ PTOKEN_GROUPS RestrictedSids, _Out_ PHANDLE NewTokenHandle) |
_Must_inspect_result_
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtImpersonateAnonymousToken (_In_ HANDLE ThreadHandle) |
_Must_inspect_result_
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtSetInformationToken (_In_ HANDLE TokenHandle, _In_ TOKEN_INFORMATION_CLASS TokenInformationClass, _In_reads_bytes_(TokenInformationLength) PVOID TokenInformation, _In_ ULONG TokenInformationLength) |
_Must_inspect_result_
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtAdjustGroupsToken (_In_ HANDLE TokenHandle, _In_ BOOLEAN ResetToDefault, _In_opt_ PTOKEN_GROUPS NewState, _In_opt_ ULONG BufferLength, _Out_writes_bytes_to_opt_(BufferLength,*ReturnLength) PTOKEN_GROUPS PreviousState, _Out_ PULONG ReturnLength) |
_Must_inspect_result_
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtPrivilegeCheck (_In_ HANDLE ClientToken, _Inout_ PPRIVILEGE_SET RequiredPrivileges, _Out_ PBOOLEAN Result) |
_Must_inspect_result_
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtAccessCheckAndAuditAlarm (_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ ACCESS_MASK DesiredAccess, _In_ PGENERIC_MAPPING GenericMapping, _In_ BOOLEAN ObjectCreation, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus, _Out_ PBOOLEAN GenerateOnClose) |
_Must_inspect_result_
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtAccessCheckByTypeAndAuditAlarm (_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_opt_ PSID PrincipalSelfSid, _In_ ACCESS_MASK DesiredAccess, _In_ AUDIT_EVENT_TYPE AuditType, _In_ ULONG Flags, _In_reads_opt_(ObjectTypeLength) POBJECT_TYPE_LIST ObjectTypeList, _In_ ULONG ObjectTypeLength, _In_ PGENERIC_MAPPING GenericMapping, _In_ BOOLEAN ObjectCreation, _Out_ PACCESS_MASK GrantedAccess, _Out_ PNTSTATUS AccessStatus, _Out_ PBOOLEAN GenerateOnClose) |
_Must_inspect_result_
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtAccessCheckByTypeResultListAndAuditAlarm (_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_opt_ PSID PrincipalSelfSid, _In_ ACCESS_MASK DesiredAccess, _In_ AUDIT_EVENT_TYPE AuditType, _In_ ULONG Flags, _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList, _In_ ULONG ObjectTypeListLength, _In_ PGENERIC_MAPPING GenericMapping, _In_ BOOLEAN ObjectCreation, _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess, _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus, _Out_ PBOOLEAN GenerateOnClose) |
_Must_inspect_result_
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtAccessCheckByTypeResultListAndAuditAlarmByHandle (_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ HANDLE ClientToken, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_opt_ PSID PrincipalSelfSid, _In_ ACCESS_MASK DesiredAccess, _In_ AUDIT_EVENT_TYPE AuditType, _In_ ULONG Flags, _In_reads_opt_(ObjectTypeListLength) POBJECT_TYPE_LIST ObjectTypeList, _In_ ULONG ObjectTypeListLength, _In_ PGENERIC_MAPPING GenericMapping, _In_ BOOLEAN ObjectCreation, _Out_writes_(ObjectTypeListLength) PACCESS_MASK GrantedAccess, _Out_writes_(ObjectTypeListLength) PNTSTATUS AccessStatus, _Out_ PBOOLEAN GenerateOnClose) |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtOpenObjectAuditAlarm (_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ PUNICODE_STRING ObjectTypeName, _In_ PUNICODE_STRING ObjectName, _In_opt_ PSECURITY_DESCRIPTOR SecurityDescriptor, _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, _In_ ACCESS_MASK GrantedAccess, _In_opt_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN ObjectCreation, _In_ BOOLEAN AccessGranted, _Out_ PBOOLEAN GenerateOnClose) |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtPrivilegeObjectAuditAlarm (_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ HANDLE ClientToken, _In_ ACCESS_MASK DesiredAccess, _In_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN AccessGranted) |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtCloseObjectAuditAlarm (_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ BOOLEAN GenerateOnClose) |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtDeleteObjectAuditAlarm (_In_ PUNICODE_STRING SubsystemName, _In_opt_ PVOID HandleId, _In_ BOOLEAN GenerateOnClose) |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtPrivilegedServiceAuditAlarm (_In_ PUNICODE_STRING SubsystemName, _In_ PUNICODE_STRING ServiceName, _In_ HANDLE ClientToken, _In_ PPRIVILEGE_SET Privileges, _In_ BOOLEAN AccessGranted) |
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtSetInformationThread (_In_ HANDLE ThreadHandle, _In_ THREADINFOCLASS ThreadInformationClass, _In_reads_bytes_(ThreadInformationLength) PVOID ThreadInformation, _In_ ULONG ThreadInformationLength) |
_Must_inspect_result_
__kernel_entry NTSYSCALLAPI
NTSTATUS NTAPI | NtCreateSection (_Out_ PHANDLE SectionHandle, _In_ ACCESS_MASK DesiredAccess, _In_opt_ POBJECT_ATTRIBUTES ObjectAttributes, _In_opt_ PLARGE_INTEGER MaximumSize, _In_ ULONG SectionPageProtection, _In_ ULONG AllocationAttributes, _In_opt_ HANDLE FileHandle) |
_IRQL_requires_same_ _In_
PLSA_STRING _In_
SECURITY_LOGON_TYPE _In_ ULONG | _In_reads_bytes_ (AuthenticationInformationLength) PVOID AuthenticationInformation |
| _IRQL_requires_same_ NTSTATUS NTAPI | LsaFreeReturnBuffer (_In_ PVOID Buffer) |
| | $include (iotypes.h) typedef struct _PUBLIC_OBJECT_BASIC_INFORMATION |
| | $include (ketypes.h) $include(kefuncs.h) $include(extypes.h) $include(exfuncs.h) $include(sefuncs.h) $include(psfuncs.h) $include(iofuncs.h) $include(potypes.h) $include(pofuncs.h) $include(mmtypes.h) $include(mmfuncs.h) $include(obfuncs.h) $include(fsrtltypes.h) $include(fsrtlfuncs.h) $include(cctypes.h) $include(ccfuncs.h) $include(zwfuncs.h) $include(sspi.h) C_ASSERT(sizeof(ERESOURCE) |
| | C_ASSERT (FIELD_OFFSET(ERESOURCE, ActiveCount)==0x0c) |
| | C_ASSERT (FIELD_OFFSET(ERESOURCE, Flag)==0x0e) |
| | DEFINE_GUID (GUID_ECP_NETWORK_OPEN_CONTEXT, 0xc584edbf, 0x00df, 0x4d28, 0xb8, 0x84, 0x35, 0xba, 0xca, 0x89, 0x11, 0xe8) |
| | DEFINE_GUID (GUID_ECP_PREFETCH_OPEN, 0xe1777b21, 0x847e, 0x4837, 0xaa, 0x45, 0x64, 0x16, 0x1d, 0x28, 0x6, 0x55) |
| | DEFINE_GUID (GUID_ECP_NFS_OPEN, 0xf326d30c, 0xe5f8, 0x4fe7, 0xab, 0x74, 0xf5, 0xa3, 0x19, 0x6d, 0x92, 0xdb) |
| | DEFINE_GUID (GUID_ECP_SRV_OPEN, 0xbebfaebc, 0xaabf, 0x489d, 0x9d, 0x2c, 0xe9, 0xe3, 0x61, 0x10, 0x28, 0x53) |
| NTKERNELAPI LARGE_INTEGER NTAPI | CcGetLsnForFileObject (IN PFILE_OBJECT FileObject, OUT PLARGE_INTEGER OldestLsn OPTIONAL) |
| NTKERNELAPI PVOID NTAPI | FsRtlAllocatePool (IN POOL_TYPE PoolType, IN ULONG NumberOfBytes) |
| NTKERNELAPI PVOID NTAPI | FsRtlAllocatePoolWithQuota (IN POOL_TYPE PoolType, IN ULONG NumberOfBytes) |
| NTKERNELAPI PVOID NTAPI | FsRtlAllocatePoolWithQuotaTag (IN POOL_TYPE PoolType, IN ULONG NumberOfBytes, IN ULONG Tag) |
| NTKERNELAPI PVOID NTAPI | FsRtlAllocatePoolWithTag (IN POOL_TYPE PoolType, IN ULONG NumberOfBytes, IN ULONG Tag) |
| NTKERNELAPI BOOLEAN NTAPI | FsRtlMdlReadComplete (IN PFILE_OBJECT FileObject, IN PMDL MdlChain) |
| NTKERNELAPI BOOLEAN NTAPI | FsRtlMdlWriteComplete (IN PFILE_OBJECT FileObject, IN PLARGE_INTEGER FileOffset, IN PMDL MdlChain) |
| NTKERNELAPI VOID NTAPI | FsRtlNotifyChangeDirectory (IN PNOTIFY_SYNC NotifySync, IN PVOID FsContext, IN PSTRING FullDirectoryName, IN PLIST_ENTRY NotifyList, IN BOOLEAN WatchTree, IN ULONG CompletionFilter, IN PIRP NotifyIrp) |
| NTKERNELAPI NTSTATUS NTAPI | ObCreateObject (IN KPROCESSOR_MODE ObjectAttributesAccessMode OPTIONAL, IN POBJECT_TYPE ObjectType, IN POBJECT_ATTRIBUTES ObjectAttributes OPTIONAL, IN KPROCESSOR_MODE AccessMode, IN OUT PVOID ParseContext OPTIONAL, IN ULONG ObjectSize, IN ULONG PagedPoolCharge OPTIONAL, IN ULONG NonPagedPoolCharge OPTIONAL, OUT PVOID *Object) |
| NTKERNELAPI ULONG NTAPI | ObGetObjectPointerCount (IN PVOID Object) |
| NTKERNELAPI NTSTATUS NTAPI | ObReferenceObjectByName (IN PUNICODE_STRING ObjectName, IN ULONG Attributes, IN PACCESS_STATE PassedAccessState OPTIONAL, IN ACCESS_MASK DesiredAccess OPTIONAL, IN POBJECT_TYPE ObjectType, IN KPROCESSOR_MODE AccessMode, IN OUT PVOID ParseContext OPTIONAL, OUT PVOID *Object) |
| NTKERNELAPI NTSTATUS NTAPI | PsLookupProcessThreadByCid (IN PCLIENT_ID Cid, OUT PEPROCESS *Process OPTIONAL, OUT PETHREAD *Thread) |
| NTSYSAPI NTSTATUS NTAPI | RtlSetSaclSecurityDescriptor (IN OUT PSECURITY_DESCRIPTOR SecurityDescriptor, IN BOOLEAN SaclPresent, IN PACL Sacl, IN BOOLEAN SaclDefaulted) |
| NTSYSAPI NTSTATUS NTAPI | ZwAdjustPrivilegesToken (IN HANDLE TokenHandle, IN BOOLEAN DisableAllPrivileges, IN PTOKEN_PRIVILEGES NewState, IN ULONG BufferLength, OUT PTOKEN_PRIVILEGES PreviousState OPTIONAL, OUT PULONG ReturnLength) |
| NTSYSAPI NTSTATUS NTAPI | ZwAlertThread (IN HANDLE ThreadHandle) |
| NTSYSAPI NTSTATUS NTAPI | ZwAccessCheckAndAuditAlarm (IN PUNICODE_STRING SubsystemName, IN PVOID HandleId, IN PUNICODE_STRING ObjectTypeName, IN PUNICODE_STRING ObjectName, IN PSECURITY_DESCRIPTOR SecurityDescriptor, IN ACCESS_MASK DesiredAccess, IN PGENERIC_MAPPING GenericMapping, IN BOOLEAN ObjectCreation, OUT PACCESS_MASK GrantedAccess, OUT PBOOLEAN AccessStatus, OUT PBOOLEAN GenerateOnClose) |
| NTSYSAPI NTSTATUS NTAPI | ZwCancelIoFile (IN HANDLE FileHandle, OUT PIO_STATUS_BLOCK IoStatusBlock) |
| NTSYSAPI NTSTATUS NTAPI | ZwClearEvent (IN HANDLE EventHandle) |
| NTSYSAPI NTSTATUS NTAPI | ZwCloseObjectAuditAlarm (IN PUNICODE_STRING SubsystemName, IN PVOID HandleId, IN BOOLEAN GenerateOnClose) |
| NTSYSAPI NTSTATUS NTAPI | ZwCreateSymbolicLinkObject (OUT PHANDLE SymbolicLinkHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN PUNICODE_STRING TargetName) |
| NTSYSAPI NTSTATUS NTAPI | ZwFlushInstructionCache (IN HANDLE ProcessHandle, IN PVOID BaseAddress OPTIONAL, IN ULONG FlushSize) |
| NTSYSAPI NTSTATUS NTAPI | ZwFlushBuffersFile (IN HANDLE FileHandle, OUT PIO_STATUS_BLOCK IoStatusBlock) |
| NTSYSAPI NTSTATUS NTAPI | ZwInitiatePowerAction (IN POWER_ACTION SystemAction, IN SYSTEM_POWER_STATE MinSystemState, IN ULONG Flags, IN BOOLEAN Asynchronous) |
| NTSYSAPI NTSTATUS NTAPI | ZwLoadKey (IN POBJECT_ATTRIBUTES KeyObjectAttributes, IN POBJECT_ATTRIBUTES FileObjectAttributes) |
| NTSYSAPI NTSTATUS NTAPI | ZwOpenProcessToken (IN HANDLE ProcessHandle, IN ACCESS_MASK DesiredAccess, OUT PHANDLE TokenHandle) |
| NTSYSAPI NTSTATUS NTAPI | ZwOpenThread (OUT PHANDLE ThreadHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN PCLIENT_ID ClientId) |
| NTSYSAPI NTSTATUS NTAPI | ZwOpenThreadToken (IN HANDLE ThreadHandle, IN ACCESS_MASK DesiredAccess, IN BOOLEAN OpenAsSelf, OUT PHANDLE TokenHandle) |
| NTSYSAPI NTSTATUS NTAPI | ZwPulseEvent (IN HANDLE EventHandle, OUT PLONG PreviousState OPTIONAL) |
| NTSYSAPI NTSTATUS NTAPI | ZwQueryDefaultLocale (IN BOOLEAN ThreadOrSystem, OUT PLCID Locale) |
| NTSYSAPI NTSTATUS NTAPI | ZwQueryDirectoryObject (IN HANDLE DirectoryHandle, OUT PVOID Buffer, IN ULONG Length, IN BOOLEAN ReturnSingleEntry, IN BOOLEAN RestartScan, IN OUT PULONG Context, OUT PULONG ReturnLength OPTIONAL) |
| NTSYSAPI NTSTATUS NTAPI | ZwQueryInformationProcess (IN HANDLE ProcessHandle, IN PROCESSINFOCLASS ProcessInformationClass, OUT PVOID ProcessInformation, IN ULONG ProcessInformationLength, OUT PULONG ReturnLength OPTIONAL) |
| NTSYSAPI NTSTATUS NTAPI | ZwReplaceKey (IN POBJECT_ATTRIBUTES NewFileObjectAttributes, IN HANDLE KeyHandle, IN POBJECT_ATTRIBUTES OldFileObjectAttributes) |
| NTSYSAPI NTSTATUS NTAPI | ZwResetEvent (IN HANDLE EventHandle, OUT PLONG PreviousState OPTIONAL) |
| NTSYSAPI NTSTATUS NTAPI | ZwRestoreKey (IN HANDLE KeyHandle, IN HANDLE FileHandle, IN ULONG Flags) |
| NTSYSAPI NTSTATUS NTAPI | ZwSaveKey (IN HANDLE KeyHandle, IN HANDLE FileHandle) |
| NTSYSAPI NTSTATUS NTAPI | ZwSetDefaultLocale (IN BOOLEAN ThreadOrSystem, IN LCID Locale) |
| NTSYSAPI NTSTATUS NTAPI | ZwSetDefaultUILanguage (IN LANGID LanguageId) |
| NTSYSAPI NTSTATUS NTAPI | ZwSetInformationProcess (IN HANDLE ProcessHandle, IN PROCESSINFOCLASS ProcessInformationClass, IN PVOID ProcessInformation, IN ULONG ProcessInformationLength) |
| NTSYSAPI NTSTATUS NTAPI | ZwSetSystemTime (IN PLARGE_INTEGER NewTime, OUT PLARGE_INTEGER OldTime OPTIONAL) |
| NTSYSAPI NTSTATUS NTAPI | ZwUnloadKey (IN POBJECT_ATTRIBUTES KeyObjectAttributes) |
| NTSYSAPI NTSTATUS NTAPI | ZwWaitForMultipleObjects (IN ULONG HandleCount, IN PHANDLE Handles, IN WAIT_TYPE WaitType, IN BOOLEAN Alertable, IN PLARGE_INTEGER Timeout OPTIONAL) |
| NTSYSAPI NTSTATUS NTAPI | ZwYieldExecution (VOID) |
Variables |
| * | PLSA_UNICODE_STRING |
| _In_ OBJECT_INFORMATION_CLASS | ObjectInformationClass |
_In_ OBJECT_INFORMATION_CLASS
_In_ ULONG | ObjectInformationLength |
_In_ OBJECT_INFORMATION_CLASS
_In_ ULONG _Out_opt_ PULONG | ReturnLength |
| _In_ TOKEN_INFORMATION_CLASS | TokenInformationClass |
_In_ TOKEN_INFORMATION_CLASS
_In_ ULONG | TokenInformationLength |
| _In_ SECURITY_INFORMATION | SecurityInformation |
_In_ SECURITY_INFORMATION _In_
PSECURITY_DESCRIPTOR | SecurityDescriptor |
_In_ SECURITY_INFORMATION _In_
ULONG | Length |
_In_ SECURITY_INFORMATION _In_
ULONG _Out_ PULONG | LengthNeeded |
_Must_inspect_result_
_Outptr_result_bytebuffer_
RegionSize PVOID * | BaseAddress |
_Must_inspect_result_
_Outptr_result_bytebuffer_
RegionSize PVOID _In_
ULONG_PTR | ZeroBits |
_Must_inspect_result_
_Outptr_result_bytebuffer_
RegionSize PVOID _In_
ULONG_PTR _Inout_ PSIZE_T | RegionSize |
_Must_inspect_result_
_Outptr_result_bytebuffer_
RegionSize PVOID _In_
ULONG_PTR _Inout_ PSIZE_T _In_
ULONG | AllocationType |
_Must_inspect_result_
_Outptr_result_bytebuffer_
RegionSize PVOID _In_
ULONG_PTR _Inout_ PSIZE_T _In_
ULONG _In_ ULONG | Protect |
| _IRQL_requires_same_ _Out_ PHANDLE | LsaHandle |
_IRQL_requires_same_ _Out_
PHANDLE _Out_
PLSA_OPERATIONAL_MODE | SecurityMode |
_IRQL_requires_same_ _In_
PLSA_STRING | OriginName |
_IRQL_requires_same_ _In_
PLSA_STRING _In_
SECURITY_LOGON_TYPE | LogonType |
_IRQL_requires_same_ _In_
PLSA_STRING _In_
SECURITY_LOGON_TYPE _In_ ULONG | AuthenticationPackage |
_IRQL_requires_same_ _In_
PLSA_STRING _In_
SECURITY_LOGON_TYPE _In_ ULONG
_In_ ULONG | AuthenticationInformationLength |
_IRQL_requires_same_ _In_
PLSA_STRING _In_
SECURITY_LOGON_TYPE _In_ ULONG
_In_ ULONG _In_opt_
PTOKEN_GROUPS | LocalGroups |
_IRQL_requires_same_ _In_
PLSA_STRING _In_
SECURITY_LOGON_TYPE _In_ ULONG
_In_ ULONG _In_opt_
PTOKEN_GROUPS _In_
PTOKEN_SOURCE | SourceContext |
_IRQL_requires_same_ _In_
PLSA_STRING _In_
SECURITY_LOGON_TYPE _In_ ULONG
_In_ ULONG _In_opt_
PTOKEN_GROUPS _In_
PTOKEN_SOURCE _Out_ PVOID * | ProfileBuffer |
_IRQL_requires_same_ _In_
PLSA_STRING _In_
SECURITY_LOGON_TYPE _In_ ULONG
_In_ ULONG _In_opt_
PTOKEN_GROUPS _In_
PTOKEN_SOURCE _Out_ PVOID
_Out_ PULONG | ProfileBufferLength |
_IRQL_requires_same_ _In_
PLSA_STRING _In_
SECURITY_LOGON_TYPE _In_ ULONG
_In_ ULONG _In_opt_
PTOKEN_GROUPS _In_
PTOKEN_SOURCE _Out_ PVOID
_Out_ PULONG _Inout_ PLUID | LogonId |
_IRQL_requires_same_ _In_
PLSA_STRING _In_
SECURITY_LOGON_TYPE _In_ ULONG
_In_ ULONG _In_opt_
PTOKEN_GROUPS _In_
PTOKEN_SOURCE _Out_ PVOID
_Out_ PULONG _Inout_ PLUID
_Out_ PHANDLE | Token |
_IRQL_requires_same_ _In_
PLSA_STRING _In_
SECURITY_LOGON_TYPE _In_ ULONG
_In_ ULONG _In_opt_
PTOKEN_GROUPS _In_
PTOKEN_SOURCE _Out_ PVOID
_Out_ PULONG _Inout_ PLUID
_Out_ PHANDLE _Out_
PQUOTA_LIMITS | Quotas |
_IRQL_requires_same_ _In_
PLSA_STRING _In_
SECURITY_LOGON_TYPE _In_ ULONG
_In_ ULONG _In_opt_
PTOKEN_GROUPS _In_
PTOKEN_SOURCE _Out_ PVOID
_Out_ PULONG _Inout_ PLUID
_Out_ PHANDLE _Out_
PQUOTA_LIMITS _Out_ PNTSTATUS | SubStatus |
| | PUBLIC_OBJECT_BASIC_INFORMATION |
| * | PPUBLIC_OBJECT_BASIC_INFORMATION |
| NTKERNELAPI PUSHORT | NlsOemLeadByteInfo |
1.7.6.1
