librex 0.0.42 → 0.0.43
Sign up to get free protection for your applications and to get access to all the features.
- data/README.markdown +1 -1
- data/lib/rex/compat.rb +10 -0
- data/lib/rex/post/meterpreter/channels/pools/file.rb +1 -1
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/dir.rb +20 -18
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/file.rb +11 -22
- data/lib/rex/post/meterpreter/extensions/stdapi/fs/file_stat.rb +2 -1
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun.rb.ts.rb +4 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb +27 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/api_constants.rb.ut.rb +7 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_advapi32.rb +498 -242
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_iphlpapi.rb +18 -18
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_kernel32.rb +695 -694
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_netapi32.rb +6 -5
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ntdll.rb +24 -24
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_shell32.rb +5 -4
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_user32.rb +551 -551
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/def/def_ws2_32.rb +93 -93
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb +56 -42
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll.rb.ut.rb +4 -4
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_helper.rb.ut.rb +5 -5
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb +26 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/dll_wrapper.rb.ut.rb +63 -0
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/multicall.rb +4 -4
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb +151 -96
- data/lib/rex/post/meterpreter/extensions/stdapi/railgun/railgun.rb.ut.rb +80 -5
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/config.rb +3 -3
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/process.rb +11 -11
- data/lib/rex/post/meterpreter/extensions/stdapi/sys/registry.rb +3 -3
- data/lib/rex/post/meterpreter/packet.rb +12 -11
- data/lib/rex/proto/dhcp/server.rb +36 -42
- data/lib/rex/socket/range_walker.rb +1 -1
- data/lib/rex/text.rb +18 -1
- data/lib/rex/ui/text/table.rb +1 -1
- metadata +5 -3
data/README.markdown
CHANGED
|
@@ -3,7 +3,7 @@
|
|
|
3
3
|
A non-official re-packaging of the Rex library as a gem for easy of usage of the Metasploit REX framework in a non Metasploit application. I received permission from HDM to create this package.
|
|
4
4
|
|
|
5
5
|
Currently based on:
|
|
6
|
-
SVN Revision:
|
|
6
|
+
SVN Revision: 13247
|
|
7
7
|
|
|
8
8
|
# Credits
|
|
9
9
|
The Metasploit development team <http://www.metasploit.com>
|
data/lib/rex/compat.rb
CHANGED
|
@@ -220,6 +220,16 @@ def self.win32_winexec(cmd)
|
|
|
220
220
|
exe.call(cmd, 0)
|
|
221
221
|
end
|
|
222
222
|
|
|
223
|
+
#
|
|
224
|
+
# Verify the Console2 environment
|
|
225
|
+
#
|
|
226
|
+
def self.win32_console2_verify
|
|
227
|
+
buf = "\x00" * 512
|
|
228
|
+
out = Win32API.new("kernel32", "GetStdHandle", ["L"], "L").call(STD_OUTPUT_HANDLE)
|
|
229
|
+
res = Win32API.new("kernel32","GetConsoleTitle", ["PL"], "L").call(buf, buf.length-1) rescue 0
|
|
230
|
+
( res > 0 and buf.index("Console2 command").nil? ) ? false : true
|
|
231
|
+
end
|
|
232
|
+
|
|
223
233
|
#
|
|
224
234
|
# Platform independent socket pair
|
|
225
235
|
#
|
|
@@ -36,7 +36,7 @@ class File < Rex::Post::Meterpreter::Channels::Pool
|
|
|
36
36
|
[
|
|
37
37
|
{
|
|
38
38
|
'type' => Rex::Post::Meterpreter::Extensions::Stdapi::TLV_TYPE_FILE_PATH,
|
|
39
|
-
'value' => name
|
|
39
|
+
'value' => Rex::Text.unicode_filter_decode( name )
|
|
40
40
|
},
|
|
41
41
|
{
|
|
42
42
|
'type' => Rex::Post::Meterpreter::Extensions::Stdapi::TLV_TYPE_FILE_MODE,
|
|
@@ -56,14 +56,14 @@ class Dir < Rex::Post::Dir
|
|
|
56
56
|
request = Packet.create_request('stdapi_fs_ls')
|
|
57
57
|
files = []
|
|
58
58
|
|
|
59
|
-
request.add_tlv(TLV_TYPE_DIRECTORY_PATH, name)
|
|
59
|
+
request.add_tlv(TLV_TYPE_DIRECTORY_PATH, Rex::Text.unicode_filter_decode(name))
|
|
60
60
|
|
|
61
61
|
response = client.send_request(request)
|
|
62
62
|
|
|
63
63
|
response.each(TLV_TYPE_FILE_NAME) { |file_name|
|
|
64
|
-
files << file_name.value
|
|
64
|
+
files << Rex::Text.unicode_filter_encode( file_name.value )
|
|
65
65
|
}
|
|
66
|
-
|
|
66
|
+
|
|
67
67
|
return files
|
|
68
68
|
end
|
|
69
69
|
|
|
@@ -74,7 +74,7 @@ class Dir < Rex::Post::Dir
|
|
|
74
74
|
request = Packet.create_request('stdapi_fs_ls')
|
|
75
75
|
files = []
|
|
76
76
|
|
|
77
|
-
request.add_tlv(TLV_TYPE_DIRECTORY_PATH, name)
|
|
77
|
+
request.add_tlv(TLV_TYPE_DIRECTORY_PATH, Rex::Text.unicode_filter_decode(name))
|
|
78
78
|
|
|
79
79
|
response = client.send_request(request)
|
|
80
80
|
|
|
@@ -88,7 +88,7 @@ class Dir < Rex::Post::Dir
|
|
|
88
88
|
|
|
89
89
|
fname.each_with_index { |file_name, idx|
|
|
90
90
|
st = nil
|
|
91
|
-
|
|
91
|
+
|
|
92
92
|
if (sbuf[idx])
|
|
93
93
|
st = ::Rex::Post::FileStat.new
|
|
94
94
|
st.update(sbuf[idx].value)
|
|
@@ -96,12 +96,12 @@ class Dir < Rex::Post::Dir
|
|
|
96
96
|
|
|
97
97
|
files <<
|
|
98
98
|
{
|
|
99
|
-
'FileName' => file_name.value,
|
|
100
|
-
'FilePath' => fpath[idx].value,
|
|
99
|
+
'FileName' => Rex::Text.unicode_filter_encode( file_name.value ),
|
|
100
|
+
'FilePath' => Rex::Text.unicode_filter_encode( fpath[idx].value ),
|
|
101
101
|
'StatBuf' => st,
|
|
102
102
|
}
|
|
103
103
|
}
|
|
104
|
-
|
|
104
|
+
|
|
105
105
|
return files
|
|
106
106
|
end
|
|
107
107
|
|
|
@@ -117,20 +117,20 @@ class Dir < Rex::Post::Dir
|
|
|
117
117
|
def Dir.chdir(path)
|
|
118
118
|
request = Packet.create_request('stdapi_fs_chdir')
|
|
119
119
|
|
|
120
|
-
request.add_tlv(TLV_TYPE_DIRECTORY_PATH, path)
|
|
120
|
+
request.add_tlv(TLV_TYPE_DIRECTORY_PATH, Rex::Text.unicode_filter_decode( path ))
|
|
121
121
|
|
|
122
122
|
response = client.send_request(request)
|
|
123
123
|
|
|
124
124
|
return 0
|
|
125
125
|
end
|
|
126
|
-
|
|
126
|
+
|
|
127
127
|
#
|
|
128
128
|
# Creates a directory.
|
|
129
129
|
#
|
|
130
130
|
def Dir.mkdir(path)
|
|
131
131
|
request = Packet.create_request('stdapi_fs_mkdir')
|
|
132
132
|
|
|
133
|
-
request.add_tlv(TLV_TYPE_DIRECTORY_PATH, path)
|
|
133
|
+
request.add_tlv(TLV_TYPE_DIRECTORY_PATH, Rex::Text.unicode_filter_decode( path ))
|
|
134
134
|
|
|
135
135
|
response = client.send_request(request)
|
|
136
136
|
|
|
@@ -145,7 +145,7 @@ class Dir < Rex::Post::Dir
|
|
|
145
145
|
|
|
146
146
|
response = client.send_request(request)
|
|
147
147
|
|
|
148
|
-
return response.get_tlv(TLV_TYPE_DIRECTORY_PATH).value
|
|
148
|
+
return Rex::Text.unicode_filter_encode( response.get_tlv(TLV_TYPE_DIRECTORY_PATH).value )
|
|
149
149
|
end
|
|
150
150
|
|
|
151
151
|
#
|
|
@@ -161,7 +161,7 @@ class Dir < Rex::Post::Dir
|
|
|
161
161
|
def Dir.delete(path)
|
|
162
162
|
request = Packet.create_request('stdapi_fs_delete_dir')
|
|
163
163
|
|
|
164
|
-
request.add_tlv(TLV_TYPE_DIRECTORY_PATH, path)
|
|
164
|
+
request.add_tlv(TLV_TYPE_DIRECTORY_PATH, Rex::Text.unicode_filter_decode( path ))
|
|
165
165
|
|
|
166
166
|
response = client.send_request(request)
|
|
167
167
|
|
|
@@ -193,9 +193,10 @@ class Dir < Rex::Post::Dir
|
|
|
193
193
|
# local directory, optionally in a recursive fashion.
|
|
194
194
|
#
|
|
195
195
|
def Dir.download(dst, src, recursive = false, force = true, &stat)
|
|
196
|
+
|
|
196
197
|
self.entries(src).each { |src_sub|
|
|
197
|
-
dst_item = dst + ::File::SEPARATOR + src_sub
|
|
198
|
-
src_item = src + File::SEPARATOR + src_sub
|
|
198
|
+
dst_item = dst + ::File::SEPARATOR + Rex::Text.unicode_filter_encode( src_sub )
|
|
199
|
+
src_item = src + File::SEPARATOR + Rex::Text.unicode_filter_encode( src_sub )
|
|
199
200
|
|
|
200
201
|
if (src_sub == '.' or src_sub == '..')
|
|
201
202
|
next
|
|
@@ -215,7 +216,7 @@ class Dir < Rex::Post::Dir
|
|
|
215
216
|
raise e
|
|
216
217
|
end
|
|
217
218
|
end
|
|
218
|
-
|
|
219
|
+
|
|
219
220
|
elsif (src_stat.directory?)
|
|
220
221
|
if (recursive == false)
|
|
221
222
|
next
|
|
@@ -239,8 +240,8 @@ class Dir < Rex::Post::Dir
|
|
|
239
240
|
#
|
|
240
241
|
def Dir.upload(dst, src, recursive = false, &stat)
|
|
241
242
|
::Dir.entries(src).each { |src_sub|
|
|
242
|
-
dst_item = dst + File::SEPARATOR + src_sub
|
|
243
|
-
src_item = src + ::File::SEPARATOR + src_sub
|
|
243
|
+
dst_item = dst + File::SEPARATOR + Rex::Text.unicode_filter_encode( src_sub )
|
|
244
|
+
src_item = src + ::File::SEPARATOR + Rex::Text.unicode_filter_encode( src_sub )
|
|
244
245
|
|
|
245
246
|
if (src_sub == '.' or src_sub == '..')
|
|
246
247
|
next
|
|
@@ -280,3 +281,4 @@ protected
|
|
|
280
281
|
end
|
|
281
282
|
|
|
282
283
|
end; end; end; end; end; end
|
|
284
|
+
|
|
@@ -44,6 +44,7 @@ class File < Rex::Post::Meterpreter::Extensions::Stdapi::Fs::IO
|
|
|
44
44
|
|
|
45
45
|
request = Packet.create_request( 'stdapi_fs_search' )
|
|
46
46
|
|
|
47
|
+
root = Rex::Text.unicode_filter_decode(root) if root
|
|
47
48
|
root = root.chomp( '\\' ) if root
|
|
48
49
|
|
|
49
50
|
request.add_tlv( TLV_TYPE_SEARCH_ROOT, root )
|
|
@@ -56,8 +57,8 @@ class File < Rex::Post::Meterpreter::Extensions::Stdapi::Fs::IO
|
|
|
56
57
|
if( response.result == 0 )
|
|
57
58
|
response.each( TLV_TYPE_SEARCH_RESULTS ) do | results |
|
|
58
59
|
files << {
|
|
59
|
-
'path' => results.get_tlv_value( TLV_TYPE_FILE_PATH ).chomp( '\\' ),
|
|
60
|
-
'name' => results.get_tlv_value( TLV_TYPE_FILE_NAME ),
|
|
60
|
+
'path' => Rex::Text.unicode_filter_encode( results.get_tlv_value( TLV_TYPE_FILE_PATH ).chomp( '\\' ) ),
|
|
61
|
+
'name' => Rex::Text.unicode_filter_encode( results.get_tlv_value( TLV_TYPE_FILE_NAME ) ),
|
|
61
62
|
'size' => results.get_tlv_value( TLV_TYPE_FILE_SIZE )
|
|
62
63
|
}
|
|
63
64
|
end
|
|
@@ -87,11 +88,11 @@ class File < Rex::Post::Meterpreter::Extensions::Stdapi::Fs::IO
|
|
|
87
88
|
def File.expand_path(path)
|
|
88
89
|
request = Packet.create_request('stdapi_fs_file_expand_path')
|
|
89
90
|
|
|
90
|
-
request.add_tlv(TLV_TYPE_FILE_PATH, path)
|
|
91
|
+
request.add_tlv(TLV_TYPE_FILE_PATH, Rex::Text.unicode_filter_decode( path ))
|
|
91
92
|
|
|
92
93
|
response = client.send_request(request)
|
|
93
94
|
|
|
94
|
-
return response.get_tlv_value(TLV_TYPE_FILE_PATH)
|
|
95
|
+
return Rex::Text.unicode_filter_encode( response.get_tlv_value(TLV_TYPE_FILE_PATH) )
|
|
95
96
|
end
|
|
96
97
|
|
|
97
98
|
|
|
@@ -101,10 +102,11 @@ class File < Rex::Post::Meterpreter::Extensions::Stdapi::Fs::IO
|
|
|
101
102
|
def File.md5(path)
|
|
102
103
|
request = Packet.create_request('stdapi_fs_md5')
|
|
103
104
|
|
|
104
|
-
request.add_tlv(TLV_TYPE_FILE_PATH, path)
|
|
105
|
+
request.add_tlv(TLV_TYPE_FILE_PATH, Rex::Text.unicode_filter_decode( path ))
|
|
105
106
|
|
|
106
107
|
response = client.send_request(request)
|
|
107
108
|
|
|
109
|
+
# This is not really a file name, but a raw hash in bytes
|
|
108
110
|
return response.get_tlv_value(TLV_TYPE_FILE_NAME)
|
|
109
111
|
end
|
|
110
112
|
|
|
@@ -114,32 +116,19 @@ class File < Rex::Post::Meterpreter::Extensions::Stdapi::Fs::IO
|
|
|
114
116
|
def File.sha1(path)
|
|
115
117
|
request = Packet.create_request('stdapi_fs_sha1')
|
|
116
118
|
|
|
117
|
-
request.add_tlv(TLV_TYPE_FILE_PATH, path)
|
|
119
|
+
request.add_tlv(TLV_TYPE_FILE_PATH, Rex::Text.unicode_filter_decode( path ))
|
|
118
120
|
|
|
119
121
|
response = client.send_request(request)
|
|
120
122
|
|
|
123
|
+
# This is not really a file name, but a raw hash in bytes
|
|
121
124
|
return response.get_tlv_value(TLV_TYPE_FILE_NAME)
|
|
122
125
|
end
|
|
123
126
|
|
|
124
|
-
#
|
|
125
|
-
# Expands a file path, substituting all environment variables, such as
|
|
126
|
-
# %TEMP%.
|
|
127
|
-
#
|
|
128
|
-
def File.expand_path(path)
|
|
129
|
-
request = Packet.create_request('stdapi_fs_file_expand_path')
|
|
130
|
-
|
|
131
|
-
request.add_tlv(TLV_TYPE_FILE_PATH, path)
|
|
132
|
-
|
|
133
|
-
response = client.send_request(request)
|
|
134
|
-
|
|
135
|
-
return response.get_tlv_value(TLV_TYPE_FILE_PATH)
|
|
136
|
-
end
|
|
137
|
-
|
|
138
127
|
#
|
|
139
128
|
# Performs a stat on a file and returns a FileStat instance.
|
|
140
129
|
#
|
|
141
130
|
def File.stat(name)
|
|
142
|
-
return client.fs.filestat.new(name)
|
|
131
|
+
return client.fs.filestat.new( name )
|
|
143
132
|
end
|
|
144
133
|
|
|
145
134
|
#
|
|
@@ -156,7 +145,7 @@ class File < Rex::Post::Meterpreter::Extensions::Stdapi::Fs::IO
|
|
|
156
145
|
def File.rm(name)
|
|
157
146
|
request = Packet.create_request('stdapi_fs_delete_file')
|
|
158
147
|
|
|
159
|
-
request.add_tlv(TLV_TYPE_FILE_PATH,name)
|
|
148
|
+
request.add_tlv(TLV_TYPE_FILE_PATH, Rex::Text.unicode_filter_decode( name ))
|
|
160
149
|
|
|
161
150
|
response = client.send_request(request)
|
|
162
151
|
|
|
@@ -88,7 +88,7 @@ protected
|
|
|
88
88
|
def stat(file)
|
|
89
89
|
request = Packet.create_request('stdapi_fs_stat')
|
|
90
90
|
|
|
91
|
-
request.add_tlv(TLV_TYPE_FILE_PATH, file)
|
|
91
|
+
request.add_tlv(TLV_TYPE_FILE_PATH, Rex::Text.unicode_filter_decode( file ))
|
|
92
92
|
|
|
93
93
|
response = self.class.client.send_request(request)
|
|
94
94
|
stat_buf = response.get_tlv(TLV_TYPE_STAT_BUF).value
|
|
@@ -101,3 +101,4 @@ protected
|
|
|
101
101
|
end
|
|
102
102
|
|
|
103
103
|
end; end; end; end; end; end
|
|
104
|
+
|
|
@@ -9,3 +9,7 @@ require 'railgun/buffer_item.rb.ut'
|
|
|
9
9
|
require 'railgun/dll_function.rb.ut'
|
|
10
10
|
require 'railgun/dll_helper.rb.ut'
|
|
11
11
|
require 'railgun/win_const_manager.rb.ut'
|
|
12
|
+
require 'railgun/dll.rb.ut.rb'
|
|
13
|
+
require 'railgun/dll_wrapper.rb.ut.rb'
|
|
14
|
+
require 'railgun/railgun.rb.ut.rb'
|
|
15
|
+
require 'railgun/win_const_manager.rb.ut.rb'
|
|
@@ -1,3 +1,5 @@
|
|
|
1
|
+
require 'rex/post/meterpreter/extensions/stdapi/railgun/win_const_manager'
|
|
2
|
+
require 'thread'
|
|
1
3
|
|
|
2
4
|
module Rex
|
|
3
5
|
module Post
|
|
@@ -8,6 +10,31 @@ module Railgun
|
|
|
8
10
|
|
|
9
11
|
class ApiConstants
|
|
10
12
|
|
|
13
|
+
# This will be lazily loaded in self.manager
|
|
14
|
+
@@manager = nil
|
|
15
|
+
@@manager_semaphore = Mutex.new
|
|
16
|
+
|
|
17
|
+
# provides a frozen constant manager for the constants defined in self.add_constants
|
|
18
|
+
def self.manager
|
|
19
|
+
|
|
20
|
+
# The first check for nil is to potentially skip the need to synchronize
|
|
21
|
+
if @@manager.nil?
|
|
22
|
+
# Looks like we MAY need to load manager
|
|
23
|
+
@@manager_semaphore.synchronize do
|
|
24
|
+
# We check once more. Now our options are synchronized
|
|
25
|
+
if @@manager.nil?
|
|
26
|
+
@@manager = WinConstManager.new
|
|
27
|
+
|
|
28
|
+
self.add_constants(@@manager)
|
|
29
|
+
|
|
30
|
+
@@manager.freeze
|
|
31
|
+
end
|
|
32
|
+
end
|
|
33
|
+
end
|
|
34
|
+
|
|
35
|
+
return @@manager
|
|
36
|
+
end
|
|
37
|
+
|
|
11
38
|
def self.add_constants(win_const_mgr)
|
|
12
39
|
win_const_mgr.add_const('MCI_DGV_SETVIDEO_TINT',0x00004003)
|
|
13
40
|
win_const_mgr.add_const('EVENT_TRACE_FLAG_PROCESS',0x00000001)
|
|
@@ -14,6 +14,13 @@ module Extensions
|
|
|
14
14
|
module Stdapi
|
|
15
15
|
module Railgun
|
|
16
16
|
class ApiConstants::UnitTest < Test::Unit::TestCase
|
|
17
|
+
def test_manager
|
|
18
|
+
const_manager = ApiConstants.manager
|
|
19
|
+
|
|
20
|
+
assert_equal(0, const_manager.parse('SUCCESS'),
|
|
21
|
+
"ApiConstants.manager should return a functional constant manager for WinAPI constants")
|
|
22
|
+
end
|
|
23
|
+
|
|
17
24
|
def test_add_constants
|
|
18
25
|
const_manager = WinConstManager.new
|
|
19
26
|
|
|
@@ -8,19 +8,273 @@ module Def
|
|
|
8
8
|
|
|
9
9
|
class Def_advapi32
|
|
10
10
|
|
|
11
|
-
def self.
|
|
11
|
+
def self.create_dll(dll_path = 'advapi32')
|
|
12
|
+
dll = DLL.new(dll_path, ApiConstants.manager)
|
|
13
|
+
|
|
14
|
+
#Functions for Windows CryptoAPI
|
|
15
|
+
dll.add_function( 'CryptAcquireContextW', 'BOOL',[
|
|
16
|
+
['PDWORD', 'phProv', 'out'],
|
|
17
|
+
['PWCHAR', 'pszContainer', 'in'],
|
|
18
|
+
['PWCHAR', 'pszProvider', 'in'],
|
|
19
|
+
['DWORD', 'dwProvType', 'in'],
|
|
20
|
+
['DWORD', 'dwflags', 'in']])
|
|
21
|
+
|
|
22
|
+
dll.add_function( 'CryptAcquireContextA', 'BOOL',[
|
|
23
|
+
['PDWORD', 'phProv', 'out'],
|
|
24
|
+
['PWCHAR', 'pszContainer', 'in'],
|
|
25
|
+
['PWCHAR', 'pszProvider', 'in'],
|
|
26
|
+
['DWORD', 'dwProvType', 'in'],
|
|
27
|
+
['DWORD', 'dwflags', 'in']])
|
|
28
|
+
|
|
29
|
+
|
|
30
|
+
dll.add_function( 'CryptContextAddRef', 'BOOL', [
|
|
31
|
+
['LPVOID', 'hProv', 'in'],
|
|
32
|
+
['DWORD', 'pdwReserved', 'in'],
|
|
33
|
+
['DWORD', 'dwFlags', 'in']])
|
|
34
|
+
|
|
35
|
+
dll.add_function( 'CryptEnumProvidersW', 'BOOL', [
|
|
36
|
+
['DWORD', 'dwIndex', 'in'],
|
|
37
|
+
['DWORD', 'pdwReserved', 'in'],
|
|
38
|
+
['DWORD', 'dwFlags', 'in'],
|
|
39
|
+
['PDWORD', 'pdwProvType', 'out'],
|
|
40
|
+
['PWCHAR', 'pszProvName', 'out'],
|
|
41
|
+
['PDWORD', 'pcbProvName', 'inout']])
|
|
42
|
+
|
|
43
|
+
dll.add_function( 'CryptEnumProvidersA', 'BOOL', [
|
|
44
|
+
['DWORD', 'dwIndex', 'in'],
|
|
45
|
+
['DWORD', 'pdwReserved', 'in'],
|
|
46
|
+
['DWORD', 'dwFlags', 'in'],
|
|
47
|
+
['PDWORD', 'pdwProvType', 'out'],
|
|
48
|
+
['PCHAR', 'pszProvName', 'out'],
|
|
49
|
+
['PDWORD', 'pcbProvName', 'inout']])
|
|
50
|
+
|
|
51
|
+
dll.add_function( 'CryptEnumProviderTypesW', 'BOOL', [
|
|
52
|
+
['DWORD', 'dwIndex', 'in'],
|
|
53
|
+
['DWORD', 'pdwReserved', 'in'],
|
|
54
|
+
['DWORD', 'dwFlags', 'in'],
|
|
55
|
+
['PDWORD', 'pdwProvType', 'out'],
|
|
56
|
+
['PWCHAR', 'pszTypeName', 'out'],
|
|
57
|
+
['PDWORD', 'pcbTypeName', 'inout']])
|
|
58
|
+
|
|
59
|
+
dll.add_function( 'CryptEnumProviderTypesA', 'BOOL', [
|
|
60
|
+
['DWORD', 'dwIndex', 'in'],
|
|
61
|
+
['DWORD', 'pdwReserved', 'in'],
|
|
62
|
+
['DWORD', 'dwFlags', 'in'],
|
|
63
|
+
['PDWORD', 'pdwProvType', 'out'],
|
|
64
|
+
['PCHAR', 'pszTypeName', 'out'],
|
|
65
|
+
['PDWORD', 'pcbTypeName', 'inout']])
|
|
66
|
+
|
|
67
|
+
dll.add_function( 'CryptGetDefaultProviderW ', 'BOOL', [
|
|
68
|
+
['DWORD', 'dwProvType', 'in'],
|
|
69
|
+
['DWORD', 'pwdReserved', 'in'],
|
|
70
|
+
['DWORD', 'dwFlags', 'in'],
|
|
71
|
+
['PWCHAR', 'pszProvName', 'out'],
|
|
72
|
+
['PDWORD', 'pcbProvName', 'inout']])
|
|
73
|
+
|
|
74
|
+
dll.add_function( 'CryptGetDefaultProviderA ', 'BOOL', [
|
|
75
|
+
['DWORD', 'dwProvType', 'in'],
|
|
76
|
+
['DWORD', 'pwdReserved', 'in'],
|
|
77
|
+
['DWORD', 'dwFlags', 'in'],
|
|
78
|
+
['PCHAR', 'pszProvName', 'out'],
|
|
79
|
+
['PDWORD', 'pcbProvName', 'inout']])
|
|
80
|
+
|
|
81
|
+
dll.add_function( 'CryptGetProvParam', 'BOOL', [
|
|
82
|
+
['LPVOID', 'hProv', 'in'],
|
|
83
|
+
['DWORD', 'dwParam', 'in'],
|
|
84
|
+
['PBLOB', 'pbData', 'out'],
|
|
85
|
+
['PDWORD', 'pwdDataLen', 'inout'],
|
|
86
|
+
['DWORD', 'dwFlags', 'in']])
|
|
87
|
+
|
|
88
|
+
dll.add_function( 'CryptSetProviderW', 'BOOL', [
|
|
89
|
+
['PWCHAR', 'pszProvName', 'in'],
|
|
90
|
+
['DWORD', 'dwProvType', 'in']])
|
|
91
|
+
|
|
92
|
+
dll.add_function( 'CryptSetProviderA', 'BOOL', [
|
|
93
|
+
['PCHAR', 'pszProvName', 'in'],
|
|
94
|
+
['DWORD', 'dwProvType', 'in']])
|
|
95
|
+
|
|
96
|
+
dll.add_function( 'CryptSetProviderExW', 'BOOL', [
|
|
97
|
+
['PWCHAR', 'pszProvName', 'in'],
|
|
98
|
+
['DWORD', 'dwProvType', 'in'],
|
|
99
|
+
['DWORD', 'pdwReserved', 'in'],
|
|
100
|
+
['DWORD', 'dwFlags', 'in']])
|
|
101
|
+
|
|
102
|
+
dll.add_function( 'CryptSetProviderExA', 'BOOL', [
|
|
103
|
+
['PCHAR', 'pszProvName', 'in'],
|
|
104
|
+
['DWORD', 'dwProvType', 'in'],
|
|
105
|
+
['DWORD', 'pdwReserved', 'in'],
|
|
106
|
+
['DWORD', 'dwFlags', 'in']])
|
|
107
|
+
|
|
108
|
+
dll.add_function( 'CryptSetProvParam', 'BOOL', [
|
|
109
|
+
['LPVOID', 'hProv', 'in'],
|
|
110
|
+
['DWORD', 'dwParam', 'in'],
|
|
111
|
+
['PBLOB', 'pbData', 'in'],
|
|
112
|
+
['DWORD', 'dwFlags','in']])
|
|
113
|
+
|
|
114
|
+
dll.add_function( 'CryptDuplicateKey', 'BOOL', [
|
|
115
|
+
['LPVOID', 'hKey', 'in'],
|
|
116
|
+
['DWORD', 'pdwReserved', 'in'],
|
|
117
|
+
['DWORD', 'dwFlags', 'in'],
|
|
118
|
+
['PDWORD', 'phKey', 'out']])
|
|
119
|
+
|
|
120
|
+
dll.add_function( 'CryptExportKey', 'BOOL', [
|
|
121
|
+
['LPVOID', 'hKey', 'in'],
|
|
122
|
+
['LPVOID', 'hExpKey', 'in'],
|
|
123
|
+
['DWORD', 'dwBlobType', 'in'],
|
|
124
|
+
['DWORD', 'dwFlags', 'in'],
|
|
125
|
+
['PBLOB', 'pbData', 'out'],
|
|
126
|
+
['PDWORD', 'pwdDataLen', 'inout']])
|
|
127
|
+
|
|
128
|
+
dll.add_function( 'CryptGenKey', 'BOOL', [
|
|
129
|
+
['LPVOID', 'hProv', 'in'],
|
|
130
|
+
['DWORD', 'Algid', 'in'],
|
|
131
|
+
['DWORD', 'dwFlags', 'in'],
|
|
132
|
+
['PDWORD', 'phKey', 'out']])
|
|
133
|
+
|
|
134
|
+
dll.add_function( 'CryptGenRandom', 'BOOL', [
|
|
135
|
+
['LPVOID', 'hProv', 'in'],
|
|
136
|
+
['DWORD', 'dwLen', 'in'],
|
|
137
|
+
['PBLOB', 'pbBuffer', 'inout']])
|
|
138
|
+
|
|
139
|
+
dll.add_function( 'CryptGetKeyParam', 'BOOL', [
|
|
140
|
+
['LPVOID', 'hKey', 'in'],
|
|
141
|
+
['DWORD', 'dwParam', 'in'],
|
|
142
|
+
['PBLOB', 'pbData', 'out'],
|
|
143
|
+
['PDWORD', 'pdwDataLen', 'inout'],
|
|
144
|
+
['DWORD', 'dwFlags', 'in']])
|
|
145
|
+
|
|
146
|
+
dll.add_function( 'CryptGetUserKey', 'BOOL', [
|
|
147
|
+
['LPVOID', 'hProv', 'in'],
|
|
148
|
+
['DWORD', 'dwKeySpec', 'in'],
|
|
149
|
+
['PDWORD', 'phUserKey', 'out']])
|
|
12
150
|
|
|
13
|
-
|
|
151
|
+
dll.add_function( 'CryptImportKey', 'BOOL', [
|
|
152
|
+
['LPVOID', 'hProv', 'in'],
|
|
153
|
+
['PBLOB', 'pbData', 'in'],
|
|
154
|
+
['DWORD', 'dwDataLen', 'in'],
|
|
155
|
+
['LPVOID', 'hPubKey', 'in'],
|
|
156
|
+
['DWORD', 'dwFlags', 'in'],
|
|
157
|
+
['PDWORD', 'phKey', 'out']])
|
|
14
158
|
|
|
159
|
+
dll.add_function( 'CryptSetKeyParam', 'BOOL', [
|
|
160
|
+
['LPVOID', 'hKey', 'in'],
|
|
161
|
+
['DWORD', 'dwParam', 'in'],
|
|
162
|
+
['PBLOB', 'pbData', 'in'],
|
|
163
|
+
['DWORD', 'dwFlags', 'in']])
|
|
164
|
+
|
|
165
|
+
dll.add_function( 'CryptEncrypt', 'BOOL', [
|
|
166
|
+
['LPVOID', 'hKey', 'in'],
|
|
167
|
+
['LPVOID', 'hHash', 'in'],
|
|
168
|
+
['BOOL', 'Final', 'in'],
|
|
169
|
+
['DWORD', 'dwFlags', 'in'],
|
|
170
|
+
['PBLOB', 'pbData', 'inout'],
|
|
171
|
+
['PDWORD', 'pdwDataLen', 'inout'],
|
|
172
|
+
['DWORD', 'dwBufLen', 'in']])
|
|
173
|
+
|
|
174
|
+
dll.add_function( 'CryptDuplicateHash', 'BOOL', [
|
|
175
|
+
['LPVOID', 'hHash', 'in'],
|
|
176
|
+
['DWORD', 'pdwReserved', 'in'],
|
|
177
|
+
['DWORD', 'dwFlags', 'in'],
|
|
178
|
+
['PDWORD', 'phHash', 'out']])
|
|
179
|
+
|
|
180
|
+
dll.add_function( 'CryptGetHashParam', 'BOOL', [
|
|
181
|
+
['LPVOID', 'hHash', 'in'],
|
|
182
|
+
['DWORD', 'dwParam', 'in'],
|
|
183
|
+
['PBLOB', 'pbData', 'out'],
|
|
184
|
+
['PDWORD', 'pdwDataLen', 'out'],
|
|
185
|
+
['DWORD', 'dwFlags', 'in']])
|
|
186
|
+
|
|
187
|
+
dll.add_function( 'CryptHashSessionKey', 'BOOL', [
|
|
188
|
+
['LPVOID', 'hHash', 'in'],
|
|
189
|
+
['LPVOID', 'hKey', 'in'],
|
|
190
|
+
['DWORD', 'dwFlags', 'in']])
|
|
191
|
+
|
|
192
|
+
dll.add_function( 'CryptSetHashParam', 'BOOL', [
|
|
193
|
+
['LPVOID', 'hHash', 'in'],
|
|
194
|
+
['DWORD', 'dwParam', 'in'],
|
|
195
|
+
['PBLOB', 'pbData', 'in'],
|
|
196
|
+
['DWORD', 'dwFlags', 'in']])
|
|
197
|
+
|
|
198
|
+
dll.add_function( 'CryptSignHashW', 'BOOL', [
|
|
199
|
+
['LPVOID', 'hHash', 'in'],
|
|
200
|
+
['DWORD', 'dwKeySpec', 'in'],
|
|
201
|
+
['PWCHAR', 'sDescription', 'in'],
|
|
202
|
+
['DWORD', 'dwFlags', 'in'],
|
|
203
|
+
['PBLOB', 'pbSignature', 'out'],
|
|
204
|
+
['PDWORD', 'pdwSigLen', 'inout']])
|
|
205
|
+
|
|
206
|
+
dll.add_function( 'CryptSignHashA', 'BOOL', [
|
|
207
|
+
['LPVOID', 'hHash', 'in'],
|
|
208
|
+
['DWORD', 'dwKeySpec', 'in'],
|
|
209
|
+
['PCHAR', 'sDescription', 'in'],
|
|
210
|
+
['DWORD', 'dwFlags', 'in'],
|
|
211
|
+
['PBLOB', 'pbSignature', 'out'],
|
|
212
|
+
['PDWORD', 'pdwSigLen', 'inout']])
|
|
213
|
+
|
|
214
|
+
dll.add_function( 'CryptVerifySignatureW', 'BOOL', [
|
|
215
|
+
['LPVOID', 'hHash', 'in'],
|
|
216
|
+
['PBLOB', 'pbSignature', 'in'],
|
|
217
|
+
['DWORD', 'dwSigLen', 'in'],
|
|
218
|
+
['LPVOID', 'hPubKey', 'in'],
|
|
219
|
+
['PWCHAR', 'sDescription', 'in'],
|
|
220
|
+
['DWORD', 'dwFlags', 'in']])
|
|
221
|
+
|
|
222
|
+
dll.add_function( 'CryptVerifySignatureA', 'BOOL', [
|
|
223
|
+
['LPVOID', 'hHash', 'in'],
|
|
224
|
+
['PBLOB', 'pbSignature', 'in'],
|
|
225
|
+
['DWORD', 'dwSigLen', 'in'],
|
|
226
|
+
['LPVOID', 'hPubKey', 'in'],
|
|
227
|
+
['PCHAR', 'sDescription', 'in'],
|
|
228
|
+
['DWORD', 'dwFlags', 'in']])
|
|
229
|
+
|
|
230
|
+
dll.add_function( 'CryptCreateHash', 'BOOL',[
|
|
231
|
+
['LPVOID', 'hProv', 'in'],
|
|
232
|
+
['DWORD', 'Algid', 'in'],
|
|
233
|
+
['LPVOID', 'hKey', 'in'],
|
|
234
|
+
['DWORD', 'dwFlags', 'in'],
|
|
235
|
+
['PDWORD', 'phHash', 'out']])
|
|
236
|
+
|
|
237
|
+
dll.add_function( 'CryptHashData', 'BOOL',[
|
|
238
|
+
['LPVOID', 'hHash', 'in'],
|
|
239
|
+
['PWCHAR', 'pbData', 'in'],
|
|
240
|
+
['DWORD', 'dwDataLen', 'in'],
|
|
241
|
+
['DWORD', 'dwFlags', 'in']])
|
|
242
|
+
|
|
243
|
+
dll.add_function( 'CryptDeriveKey', 'BOOL',[
|
|
244
|
+
['LPVOID', 'hProv', 'in'],
|
|
245
|
+
['DWORD', 'Algid', 'in'],
|
|
246
|
+
['LPVOID', 'hBaseData', 'in'],
|
|
247
|
+
['DWORD', 'dwFlags', 'in'],
|
|
248
|
+
['PDWORD', 'phKey', 'inout']])
|
|
249
|
+
|
|
250
|
+
dll.add_function( 'CryptDecrypt', 'BOOL',[
|
|
251
|
+
['LPVOID', 'hKey', 'in'],
|
|
252
|
+
['LPVOID', 'hHash', 'in'],
|
|
253
|
+
['BOOL', 'Final', 'in'],
|
|
254
|
+
['DWORD', 'dwFlags', 'in'],
|
|
255
|
+
['PBLOB', 'pbData', 'inout'],
|
|
256
|
+
['PDWORD', 'pdwDataLen', 'inout']])
|
|
257
|
+
|
|
258
|
+
dll.add_function( 'CryptDestroyHash', 'BOOL',[
|
|
259
|
+
['LPVOID', 'hHash', 'in']])
|
|
260
|
+
|
|
261
|
+
dll.add_function( 'CryptDestroyKey', 'BOOL',[
|
|
262
|
+
['LPVOID', 'hKey', 'in']])
|
|
263
|
+
|
|
264
|
+
dll.add_function( 'CryptReleaseContext', 'BOOL',[
|
|
265
|
+
['LPVOID', 'hProv', 'in'],
|
|
266
|
+
['DWORD', 'dwFlags', 'in']])
|
|
267
|
+
|
|
268
|
+
|
|
15
269
|
# Function to open the Service Control Database
|
|
16
|
-
|
|
270
|
+
dll.add_function('OpenSCManagerA','DWORD',[
|
|
17
271
|
[ "PCHAR", "lpMachineName", "inout" ],
|
|
18
272
|
[ "PCHAR", "lpDatabaseName", "inout" ],
|
|
19
273
|
[ "DWORD", "dwDesiredAccess", "in" ]
|
|
20
274
|
])
|
|
21
275
|
|
|
22
276
|
# Function for creating a Service
|
|
23
|
-
|
|
277
|
+
dll.add_function('CreateServiceA','DWORD',[
|
|
24
278
|
[ "DWORD", "hSCManager", "in" ],
|
|
25
279
|
[ "PCHAR", "lpServiceName", "in" ],
|
|
26
280
|
[ "PCHAR", "lpDisplayName", "in" ],
|
|
@@ -36,7 +290,7 @@ class Def_advapi32
|
|
|
36
290
|
[ "PCHAR", "lpPassword", "in" ]
|
|
37
291
|
])
|
|
38
292
|
|
|
39
|
-
|
|
293
|
+
dll.add_function('OpenServiceA','DWORD',[
|
|
40
294
|
[ "DWORD", "hSCManager", "in" ],
|
|
41
295
|
[ "PCHAR", "lpServiceName", "in" ],
|
|
42
296
|
[ "DWORD", "dwDesiredAccess", "in" ]
|
|
@@ -45,13 +299,13 @@ class Def_advapi32
|
|
|
45
299
|
#access rights: SERVICE_CHANGE_CONFIG (0x0002) SERVICE_START (0x0010)
|
|
46
300
|
#SERVICE_STOP (0x0020)
|
|
47
301
|
|
|
48
|
-
|
|
302
|
+
dll.add_function('StartServiceA','BOOL',[
|
|
49
303
|
[ "DWORD", "hService", "in" ],
|
|
50
304
|
[ "DWORD", "dwNumServiceArgs", "in" ],
|
|
51
305
|
[ "PCHAR", "lpServiceArgVectors", "in" ]
|
|
52
306
|
])
|
|
53
307
|
|
|
54
|
-
|
|
308
|
+
dll.add_function('ControlService','BOOL',[
|
|
55
309
|
[ "DWORD", "hService", "in" ],
|
|
56
310
|
[ "DWORD", "dwControl", "in" ],
|
|
57
311
|
[ "PBLOB", "lpServiceStatus", "out" ]
|
|
@@ -63,7 +317,7 @@ class Def_advapi32
|
|
|
63
317
|
#dwCurrentState; dwControlsAccepted; dwWin32ExitCode;
|
|
64
318
|
#dwServiceSpecificExitCode; dwCheckPoint; dwWaitHint;
|
|
65
319
|
|
|
66
|
-
|
|
320
|
+
dll.add_function('ChangeServiceConfigA','BOOL',[
|
|
67
321
|
[ "DWORD", "hService", "in" ],
|
|
68
322
|
[ "DWORD", "dwServiceType", "in" ],
|
|
69
323
|
[ "DWORD", "dwStartType", "in" ],
|
|
@@ -77,19 +331,19 @@ class Def_advapi32
|
|
|
77
331
|
[ "PCHAR", "lpDisplayName", "in" ]
|
|
78
332
|
])
|
|
79
333
|
|
|
80
|
-
|
|
334
|
+
dll.add_function('CloseServiceHandle','BOOL',[
|
|
81
335
|
[ "DWORD", "hSCObject", "in" ]
|
|
82
336
|
])
|
|
83
337
|
|
|
84
|
-
|
|
338
|
+
dll.add_function('AbortSystemShutdownA', 'BOOL',[
|
|
85
339
|
["PCHAR","lpMachineName","in"],
|
|
86
340
|
])
|
|
87
341
|
|
|
88
|
-
|
|
342
|
+
dll.add_function('AbortSystemShutdownW', 'BOOL',[
|
|
89
343
|
["PWCHAR","lpMachineName","in"],
|
|
90
344
|
])
|
|
91
345
|
|
|
92
|
-
|
|
346
|
+
dll.add_function('InitiateSystemShutdownA', 'BOOL',[
|
|
93
347
|
["PCHAR","lpMachineName","in"],
|
|
94
348
|
["PCHAR","lpMessage","in"],
|
|
95
349
|
["DWORD","dwTimeout","in"],
|
|
@@ -97,7 +351,7 @@ class Def_advapi32
|
|
|
97
351
|
["BOOL","bRebootAfterShutdown","in"],
|
|
98
352
|
])
|
|
99
353
|
|
|
100
|
-
|
|
354
|
+
dll.add_function('InitiateSystemShutdownExA', 'BOOL',[
|
|
101
355
|
["PCHAR","lpMachineName","in"],
|
|
102
356
|
["PCHAR","lpMessage","in"],
|
|
103
357
|
["DWORD","dwTimeout","in"],
|
|
@@ -106,7 +360,7 @@ class Def_advapi32
|
|
|
106
360
|
["DWORD","dwReason","in"],
|
|
107
361
|
])
|
|
108
362
|
|
|
109
|
-
|
|
363
|
+
dll.add_function('InitiateSystemShutdownExW', 'BOOL',[
|
|
110
364
|
["PWCHAR","lpMachineName","in"],
|
|
111
365
|
["PWCHAR","lpMessage","in"],
|
|
112
366
|
["DWORD","dwTimeout","in"],
|
|
@@ -115,7 +369,7 @@ class Def_advapi32
|
|
|
115
369
|
["DWORD","dwReason","in"],
|
|
116
370
|
])
|
|
117
371
|
|
|
118
|
-
|
|
372
|
+
dll.add_function('InitiateSystemShutdownW', 'BOOL',[
|
|
119
373
|
["PWCHAR","lpMachineName","in"],
|
|
120
374
|
["PWCHAR","lpMessage","in"],
|
|
121
375
|
["DWORD","dwTimeout","in"],
|
|
@@ -123,43 +377,43 @@ class Def_advapi32
|
|
|
123
377
|
["BOOL","bRebootAfterShutdown","in"],
|
|
124
378
|
])
|
|
125
379
|
|
|
126
|
-
|
|
380
|
+
dll.add_function('RegCloseKey', 'DWORD',[
|
|
127
381
|
["DWORD","hKey","in"],
|
|
128
382
|
])
|
|
129
383
|
|
|
130
|
-
|
|
384
|
+
dll.add_function('RegConnectRegistryA', 'DWORD',[
|
|
131
385
|
["PCHAR","lpMachineName","in"],
|
|
132
386
|
["DWORD","hKey","in"],
|
|
133
387
|
["PDWORD","phkResult","out"],
|
|
134
388
|
])
|
|
135
389
|
|
|
136
|
-
|
|
390
|
+
dll.add_function('RegConnectRegistryExA', 'DWORD',[
|
|
137
391
|
["PCHAR","lpMachineName","in"],
|
|
138
392
|
["DWORD","hKey","in"],
|
|
139
393
|
["DWORD","Flags","in"],
|
|
140
394
|
["PDWORD","phkResult","out"],
|
|
141
395
|
])
|
|
142
396
|
|
|
143
|
-
|
|
397
|
+
dll.add_function('RegConnectRegistryExW', 'DWORD',[
|
|
144
398
|
["PWCHAR","lpMachineName","in"],
|
|
145
399
|
["DWORD","hKey","in"],
|
|
146
400
|
["DWORD","Flags","in"],
|
|
147
401
|
["PDWORD","phkResult","out"],
|
|
148
402
|
])
|
|
149
403
|
|
|
150
|
-
|
|
404
|
+
dll.add_function('RegConnectRegistryW', 'DWORD',[
|
|
151
405
|
["PWCHAR","lpMachineName","in"],
|
|
152
406
|
["DWORD","hKey","in"],
|
|
153
407
|
["PDWORD","phkResult","out"],
|
|
154
408
|
])
|
|
155
409
|
|
|
156
|
-
|
|
410
|
+
dll.add_function('RegCreateKeyA', 'DWORD',[
|
|
157
411
|
["DWORD","hKey","in"],
|
|
158
412
|
["PCHAR","lpSubKey","in"],
|
|
159
413
|
["PDWORD","phkResult","out"],
|
|
160
414
|
])
|
|
161
415
|
|
|
162
|
-
|
|
416
|
+
dll.add_function('RegCreateKeyExA', 'DWORD',[
|
|
163
417
|
["DWORD","hKey","in"],
|
|
164
418
|
["PCHAR","lpSubKey","in"],
|
|
165
419
|
["DWORD","Reserved","inout"],
|
|
@@ -171,7 +425,7 @@ class Def_advapi32
|
|
|
171
425
|
["PDWORD","lpdwDisposition","out"],
|
|
172
426
|
])
|
|
173
427
|
|
|
174
|
-
|
|
428
|
+
dll.add_function('RegCreateKeyExW', 'DWORD',[
|
|
175
429
|
["DWORD","hKey","in"],
|
|
176
430
|
["PWCHAR","lpSubKey","in"],
|
|
177
431
|
["DWORD","Reserved","inout"],
|
|
@@ -183,65 +437,65 @@ class Def_advapi32
|
|
|
183
437
|
["PDWORD","lpdwDisposition","out"],
|
|
184
438
|
])
|
|
185
439
|
|
|
186
|
-
|
|
440
|
+
dll.add_function('RegCreateKeyW', 'DWORD',[
|
|
187
441
|
["DWORD","hKey","in"],
|
|
188
442
|
["PWCHAR","lpSubKey","in"],
|
|
189
443
|
["PDWORD","phkResult","out"],
|
|
190
444
|
])
|
|
191
445
|
|
|
192
|
-
|
|
446
|
+
dll.add_function('RegDeleteKeyA', 'DWORD',[
|
|
193
447
|
["DWORD","hKey","in"],
|
|
194
448
|
["PCHAR","lpSubKey","in"],
|
|
195
449
|
])
|
|
196
450
|
|
|
197
|
-
|
|
451
|
+
dll.add_function('RegDeleteKeyExA', 'DWORD',[
|
|
198
452
|
["DWORD","hKey","in"],
|
|
199
453
|
["PCHAR","lpSubKey","in"],
|
|
200
454
|
["DWORD","samDesired","in"],
|
|
201
455
|
["DWORD","Reserved","inout"],
|
|
202
456
|
])
|
|
203
457
|
|
|
204
|
-
|
|
458
|
+
dll.add_function('RegDeleteKeyExW', 'DWORD',[
|
|
205
459
|
["DWORD","hKey","in"],
|
|
206
460
|
["PWCHAR","lpSubKey","in"],
|
|
207
461
|
["DWORD","samDesired","in"],
|
|
208
462
|
["DWORD","Reserved","inout"],
|
|
209
463
|
])
|
|
210
464
|
|
|
211
|
-
|
|
465
|
+
dll.add_function('RegDeleteKeyW', 'DWORD',[
|
|
212
466
|
["DWORD","hKey","in"],
|
|
213
467
|
["PWCHAR","lpSubKey","in"],
|
|
214
468
|
])
|
|
215
469
|
|
|
216
|
-
|
|
470
|
+
dll.add_function('RegDeleteValueA', 'DWORD',[
|
|
217
471
|
["DWORD","hKey","in"],
|
|
218
472
|
["PCHAR","lpValueName","in"],
|
|
219
473
|
])
|
|
220
474
|
|
|
221
|
-
|
|
475
|
+
dll.add_function('RegDeleteValueW', 'DWORD',[
|
|
222
476
|
["DWORD","hKey","in"],
|
|
223
477
|
["PWCHAR","lpValueName","in"],
|
|
224
478
|
])
|
|
225
479
|
|
|
226
|
-
|
|
480
|
+
dll.add_function('RegDisablePredefinedCache', 'DWORD',[
|
|
227
481
|
])
|
|
228
482
|
|
|
229
|
-
|
|
483
|
+
dll.add_function('RegDisableReflectionKey', 'DWORD',[
|
|
230
484
|
["DWORD","hBase","in"],
|
|
231
485
|
])
|
|
232
486
|
|
|
233
|
-
|
|
487
|
+
dll.add_function('RegEnableReflectionKey', 'DWORD',[
|
|
234
488
|
["DWORD","hBase","in"],
|
|
235
489
|
])
|
|
236
490
|
|
|
237
|
-
|
|
491
|
+
dll.add_function('RegEnumKeyA', 'DWORD',[
|
|
238
492
|
["DWORD","hKey","in"],
|
|
239
493
|
["DWORD","dwIndex","in"],
|
|
240
494
|
["PCHAR","lpName","out"],
|
|
241
495
|
["DWORD","cchName","in"],
|
|
242
496
|
])
|
|
243
497
|
|
|
244
|
-
|
|
498
|
+
dll.add_function('RegEnumKeyExA', 'DWORD',[
|
|
245
499
|
["DWORD","hKey","in"],
|
|
246
500
|
["DWORD","dwIndex","in"],
|
|
247
501
|
["PCHAR","lpName","out"],
|
|
@@ -252,7 +506,7 @@ class Def_advapi32
|
|
|
252
506
|
["PBLOB","lpftLastWriteTime","out"],
|
|
253
507
|
])
|
|
254
508
|
|
|
255
|
-
|
|
509
|
+
dll.add_function('RegEnumKeyExW', 'DWORD',[
|
|
256
510
|
["DWORD","hKey","in"],
|
|
257
511
|
["DWORD","dwIndex","in"],
|
|
258
512
|
["PWCHAR","lpName","out"],
|
|
@@ -263,14 +517,14 @@ class Def_advapi32
|
|
|
263
517
|
["PBLOB","lpftLastWriteTime","out"],
|
|
264
518
|
])
|
|
265
519
|
|
|
266
|
-
|
|
520
|
+
dll.add_function('RegEnumKeyW', 'DWORD',[
|
|
267
521
|
["DWORD","hKey","in"],
|
|
268
522
|
["DWORD","dwIndex","in"],
|
|
269
523
|
["PWCHAR","lpName","out"],
|
|
270
524
|
["DWORD","cchName","in"],
|
|
271
525
|
])
|
|
272
526
|
|
|
273
|
-
|
|
527
|
+
dll.add_function('RegEnumValueA', 'DWORD',[
|
|
274
528
|
["DWORD","hKey","in"],
|
|
275
529
|
["DWORD","dwIndex","in"],
|
|
276
530
|
["PCHAR","lpValueName","out"],
|
|
@@ -281,7 +535,7 @@ class Def_advapi32
|
|
|
281
535
|
["PDWORD","lpcbData","inout"],
|
|
282
536
|
])
|
|
283
537
|
|
|
284
|
-
|
|
538
|
+
dll.add_function('RegEnumValueW', 'DWORD',[
|
|
285
539
|
["DWORD","hKey","in"],
|
|
286
540
|
["DWORD","dwIndex","in"],
|
|
287
541
|
["PWCHAR","lpValueName","out"],
|
|
@@ -292,18 +546,18 @@ class Def_advapi32
|
|
|
292
546
|
["PDWORD","lpcbData","inout"],
|
|
293
547
|
])
|
|
294
548
|
|
|
295
|
-
|
|
549
|
+
dll.add_function('RegFlushKey', 'DWORD',[
|
|
296
550
|
["DWORD","hKey","in"],
|
|
297
551
|
])
|
|
298
552
|
|
|
299
|
-
|
|
553
|
+
dll.add_function('RegGetKeySecurity', 'DWORD',[
|
|
300
554
|
["DWORD","hKey","in"],
|
|
301
555
|
["PBLOB","SecurityInformation","in"],
|
|
302
556
|
["PBLOB","pSecurityDescriptor","out"],
|
|
303
557
|
["PDWORD","lpcbSecurityDescriptor","inout"],
|
|
304
558
|
])
|
|
305
559
|
|
|
306
|
-
|
|
560
|
+
dll.add_function('RegGetValueA', 'DWORD',[
|
|
307
561
|
["DWORD","hkey","in"],
|
|
308
562
|
["PCHAR","lpSubKey","in"],
|
|
309
563
|
["PCHAR","lpValue","in"],
|
|
@@ -313,7 +567,7 @@ class Def_advapi32
|
|
|
313
567
|
["PDWORD","pcbData","inout"],
|
|
314
568
|
])
|
|
315
569
|
|
|
316
|
-
|
|
570
|
+
dll.add_function('RegGetValueW', 'DWORD',[
|
|
317
571
|
["DWORD","hkey","in"],
|
|
318
572
|
["PWCHAR","lpSubKey","in"],
|
|
319
573
|
["PWCHAR","lpValue","in"],
|
|
@@ -323,19 +577,19 @@ class Def_advapi32
|
|
|
323
577
|
["PDWORD","pcbData","inout"],
|
|
324
578
|
])
|
|
325
579
|
|
|
326
|
-
|
|
580
|
+
dll.add_function('RegLoadKeyA', 'DWORD',[
|
|
327
581
|
["DWORD","hKey","in"],
|
|
328
582
|
["PCHAR","lpSubKey","in"],
|
|
329
583
|
["PCHAR","lpFile","in"],
|
|
330
584
|
])
|
|
331
585
|
|
|
332
|
-
|
|
586
|
+
dll.add_function('RegLoadKeyW', 'DWORD',[
|
|
333
587
|
["DWORD","hKey","in"],
|
|
334
588
|
["PWCHAR","lpSubKey","in"],
|
|
335
589
|
["PWCHAR","lpFile","in"],
|
|
336
590
|
])
|
|
337
591
|
|
|
338
|
-
|
|
592
|
+
dll.add_function('RegNotifyChangeKeyValue', 'DWORD',[
|
|
339
593
|
["DWORD","hKey","in"],
|
|
340
594
|
["BOOL","bWatchSubtree","in"],
|
|
341
595
|
["DWORD","dwNotifyFilter","in"],
|
|
@@ -343,18 +597,18 @@ class Def_advapi32
|
|
|
343
597
|
["BOOL","fAsynchronous","in"],
|
|
344
598
|
])
|
|
345
599
|
|
|
346
|
-
|
|
600
|
+
dll.add_function('RegOpenCurrentUser', 'DWORD',[
|
|
347
601
|
["DWORD","samDesired","in"],
|
|
348
602
|
["PDWORD","phkResult","out"],
|
|
349
603
|
])
|
|
350
604
|
|
|
351
|
-
|
|
605
|
+
dll.add_function('RegOpenKeyA', 'DWORD',[
|
|
352
606
|
["DWORD","hKey","in"],
|
|
353
607
|
["PCHAR","lpSubKey","in"],
|
|
354
608
|
["PDWORD","phkResult","out"],
|
|
355
609
|
])
|
|
356
610
|
|
|
357
|
-
|
|
611
|
+
dll.add_function('RegOpenKeyExA', 'DWORD',[
|
|
358
612
|
["DWORD","hKey","in"],
|
|
359
613
|
["PCHAR","lpSubKey","in"],
|
|
360
614
|
["DWORD","ulOptions","inout"],
|
|
@@ -362,7 +616,7 @@ class Def_advapi32
|
|
|
362
616
|
["PDWORD","phkResult","out"],
|
|
363
617
|
])
|
|
364
618
|
|
|
365
|
-
|
|
619
|
+
dll.add_function('RegOpenKeyExW', 'DWORD',[
|
|
366
620
|
["DWORD","hKey","in"],
|
|
367
621
|
["PWCHAR","lpSubKey","in"],
|
|
368
622
|
["DWORD","ulOptions","inout"],
|
|
@@ -370,25 +624,25 @@ class Def_advapi32
|
|
|
370
624
|
["PDWORD","phkResult","out"],
|
|
371
625
|
])
|
|
372
626
|
|
|
373
|
-
|
|
627
|
+
dll.add_function('RegOpenKeyW', 'DWORD',[
|
|
374
628
|
["DWORD","hKey","in"],
|
|
375
629
|
["PWCHAR","lpSubKey","in"],
|
|
376
630
|
["PDWORD","phkResult","out"],
|
|
377
631
|
])
|
|
378
632
|
|
|
379
|
-
|
|
633
|
+
dll.add_function('RegOpenUserClassesRoot', 'DWORD',[
|
|
380
634
|
["DWORD","hToken","in"],
|
|
381
635
|
["DWORD","dwOptions","inout"],
|
|
382
636
|
["DWORD","samDesired","in"],
|
|
383
637
|
["PDWORD","phkResult","out"],
|
|
384
638
|
])
|
|
385
639
|
|
|
386
|
-
|
|
640
|
+
dll.add_function('RegOverridePredefKey', 'DWORD',[
|
|
387
641
|
["DWORD","hKey","in"],
|
|
388
642
|
["DWORD","hNewHKey","in"],
|
|
389
643
|
])
|
|
390
644
|
|
|
391
|
-
|
|
645
|
+
dll.add_function('RegQueryInfoKeyA', 'DWORD',[
|
|
392
646
|
["DWORD","hKey","in"],
|
|
393
647
|
["PCHAR","lpClass","out"],
|
|
394
648
|
["PDWORD","lpcchClass","inout"],
|
|
@@ -403,7 +657,7 @@ class Def_advapi32
|
|
|
403
657
|
["PBLOB","lpftLastWriteTime","out"],
|
|
404
658
|
])
|
|
405
659
|
|
|
406
|
-
|
|
660
|
+
dll.add_function('RegQueryInfoKeyW', 'DWORD',[
|
|
407
661
|
["DWORD","hKey","in"],
|
|
408
662
|
["PWCHAR","lpClass","out"],
|
|
409
663
|
["PDWORD","lpcchClass","inout"],
|
|
@@ -418,7 +672,7 @@ class Def_advapi32
|
|
|
418
672
|
["PBLOB","lpftLastWriteTime","out"],
|
|
419
673
|
])
|
|
420
674
|
|
|
421
|
-
|
|
675
|
+
dll.add_function('RegQueryMultipleValuesA', 'DWORD',[
|
|
422
676
|
["DWORD","hKey","in"],
|
|
423
677
|
["PBLOB","val_list","out"],
|
|
424
678
|
["DWORD","num_vals","in"],
|
|
@@ -426,7 +680,7 @@ class Def_advapi32
|
|
|
426
680
|
["PDWORD","ldwTotsize","inout"],
|
|
427
681
|
])
|
|
428
682
|
|
|
429
|
-
|
|
683
|
+
dll.add_function('RegQueryMultipleValuesW', 'DWORD',[
|
|
430
684
|
["DWORD","hKey","in"],
|
|
431
685
|
["PBLOB","val_list","out"],
|
|
432
686
|
["DWORD","num_vals","in"],
|
|
@@ -434,19 +688,19 @@ class Def_advapi32
|
|
|
434
688
|
["PDWORD","ldwTotsize","inout"],
|
|
435
689
|
])
|
|
436
690
|
|
|
437
|
-
|
|
691
|
+
dll.add_function('RegQueryReflectionKey', 'DWORD',[
|
|
438
692
|
["DWORD","hBase","in"],
|
|
439
693
|
["PBLOB","bIsReflectionDisabled","out"],
|
|
440
694
|
])
|
|
441
695
|
|
|
442
|
-
|
|
696
|
+
dll.add_function('RegQueryValueA', 'DWORD',[
|
|
443
697
|
["DWORD","hKey","in"],
|
|
444
698
|
["PCHAR","lpSubKey","in"],
|
|
445
699
|
["PCHAR","lpData","out"],
|
|
446
700
|
["PDWORD","lpcbData","inout"],
|
|
447
701
|
])
|
|
448
702
|
|
|
449
|
-
|
|
703
|
+
dll.add_function('RegQueryValueExA', 'DWORD',[
|
|
450
704
|
["DWORD","hKey","in"],
|
|
451
705
|
["PCHAR","lpValueName","in"],
|
|
452
706
|
["PDWORD","lpReserved","inout"],
|
|
@@ -455,7 +709,7 @@ class Def_advapi32
|
|
|
455
709
|
["PDWORD","lpcbData","inout"],
|
|
456
710
|
])
|
|
457
711
|
|
|
458
|
-
|
|
712
|
+
dll.add_function('RegQueryValueExW', 'DWORD',[
|
|
459
713
|
["DWORD","hKey","in"],
|
|
460
714
|
["PWCHAR","lpValueName","in"],
|
|
461
715
|
["PDWORD","lpReserved","inout"],
|
|
@@ -464,72 +718,72 @@ class Def_advapi32
|
|
|
464
718
|
["PDWORD","lpcbData","inout"],
|
|
465
719
|
])
|
|
466
720
|
|
|
467
|
-
|
|
721
|
+
dll.add_function('RegQueryValueW', 'DWORD',[
|
|
468
722
|
["DWORD","hKey","in"],
|
|
469
723
|
["PWCHAR","lpSubKey","in"],
|
|
470
724
|
["PWCHAR","lpData","out"],
|
|
471
725
|
["PDWORD","lpcbData","inout"],
|
|
472
726
|
])
|
|
473
727
|
|
|
474
|
-
|
|
728
|
+
dll.add_function('RegReplaceKeyA', 'DWORD',[
|
|
475
729
|
["DWORD","hKey","in"],
|
|
476
730
|
["PCHAR","lpSubKey","in"],
|
|
477
731
|
["PCHAR","lpNewFile","in"],
|
|
478
732
|
["PCHAR","lpOldFile","in"],
|
|
479
733
|
])
|
|
480
734
|
|
|
481
|
-
|
|
735
|
+
dll.add_function('RegReplaceKeyW', 'DWORD',[
|
|
482
736
|
["DWORD","hKey","in"],
|
|
483
737
|
["PWCHAR","lpSubKey","in"],
|
|
484
738
|
["PWCHAR","lpNewFile","in"],
|
|
485
739
|
["PWCHAR","lpOldFile","in"],
|
|
486
740
|
])
|
|
487
741
|
|
|
488
|
-
|
|
742
|
+
dll.add_function('RegRestoreKeyA', 'DWORD',[
|
|
489
743
|
["DWORD","hKey","in"],
|
|
490
744
|
["PCHAR","lpFile","in"],
|
|
491
745
|
["DWORD","dwFlags","in"],
|
|
492
746
|
])
|
|
493
747
|
|
|
494
|
-
|
|
748
|
+
dll.add_function('RegRestoreKeyW', 'DWORD',[
|
|
495
749
|
["DWORD","hKey","in"],
|
|
496
750
|
["PWCHAR","lpFile","in"],
|
|
497
751
|
["DWORD","dwFlags","in"],
|
|
498
752
|
])
|
|
499
753
|
|
|
500
|
-
|
|
754
|
+
dll.add_function('RegSaveKeyA', 'DWORD',[
|
|
501
755
|
["DWORD","hKey","in"],
|
|
502
756
|
["PCHAR","lpFile","in"],
|
|
503
757
|
["PBLOB","lpSecurityAttributes","in"],
|
|
504
758
|
])
|
|
505
759
|
|
|
506
|
-
|
|
760
|
+
dll.add_function('RegSaveKeyExA', 'DWORD',[
|
|
507
761
|
["DWORD","hKey","in"],
|
|
508
762
|
["PCHAR","lpFile","in"],
|
|
509
763
|
["PBLOB","lpSecurityAttributes","in"],
|
|
510
764
|
["DWORD","Flags","in"],
|
|
511
765
|
])
|
|
512
766
|
|
|
513
|
-
|
|
767
|
+
dll.add_function('RegSaveKeyExW', 'DWORD',[
|
|
514
768
|
["DWORD","hKey","in"],
|
|
515
769
|
["PWCHAR","lpFile","in"],
|
|
516
770
|
["PBLOB","lpSecurityAttributes","in"],
|
|
517
771
|
["DWORD","Flags","in"],
|
|
518
772
|
])
|
|
519
773
|
|
|
520
|
-
|
|
774
|
+
dll.add_function('RegSaveKeyW', 'DWORD',[
|
|
521
775
|
["DWORD","hKey","in"],
|
|
522
776
|
["PWCHAR","lpFile","in"],
|
|
523
777
|
["PBLOB","lpSecurityAttributes","in"],
|
|
524
778
|
])
|
|
525
779
|
|
|
526
|
-
|
|
780
|
+
dll.add_function('RegSetKeySecurity', 'DWORD',[
|
|
527
781
|
["DWORD","hKey","in"],
|
|
528
782
|
["PBLOB","SecurityInformation","in"],
|
|
529
783
|
["PBLOB","pSecurityDescriptor","in"],
|
|
530
784
|
])
|
|
531
785
|
|
|
532
|
-
|
|
786
|
+
dll.add_function('RegSetValueA', 'DWORD',[
|
|
533
787
|
["DWORD","hKey","in"],
|
|
534
788
|
["PCHAR","lpSubKey","in"],
|
|
535
789
|
["DWORD","dwType","in"],
|
|
@@ -537,7 +791,7 @@ class Def_advapi32
|
|
|
537
791
|
["DWORD","cbData","in"],
|
|
538
792
|
])
|
|
539
793
|
|
|
540
|
-
|
|
794
|
+
dll.add_function('RegSetValueExA', 'DWORD',[
|
|
541
795
|
["DWORD","hKey","in"],
|
|
542
796
|
["PCHAR","lpValueName","in"],
|
|
543
797
|
["DWORD","Reserved","inout"],
|
|
@@ -546,7 +800,7 @@ class Def_advapi32
|
|
|
546
800
|
["DWORD","cbData","in"],
|
|
547
801
|
])
|
|
548
802
|
|
|
549
|
-
|
|
803
|
+
dll.add_function('RegSetValueExW', 'DWORD',[
|
|
550
804
|
["DWORD","hKey","in"],
|
|
551
805
|
["PWCHAR","lpValueName","in"],
|
|
552
806
|
["DWORD","Reserved","inout"],
|
|
@@ -555,7 +809,7 @@ class Def_advapi32
|
|
|
555
809
|
["DWORD","cbData","in"],
|
|
556
810
|
])
|
|
557
811
|
|
|
558
|
-
|
|
812
|
+
dll.add_function('RegSetValueW', 'DWORD',[
|
|
559
813
|
["DWORD","hKey","in"],
|
|
560
814
|
["PWCHAR","lpSubKey","in"],
|
|
561
815
|
["DWORD","dwType","in"],
|
|
@@ -563,23 +817,23 @@ class Def_advapi32
|
|
|
563
817
|
["DWORD","cbData","in"],
|
|
564
818
|
])
|
|
565
819
|
|
|
566
|
-
|
|
820
|
+
dll.add_function('RegUnLoadKeyA', 'DWORD',[
|
|
567
821
|
["DWORD","hKey","in"],
|
|
568
822
|
["PCHAR","lpSubKey","in"],
|
|
569
823
|
])
|
|
570
824
|
|
|
571
|
-
|
|
825
|
+
dll.add_function('RegUnLoadKeyW', 'DWORD',[
|
|
572
826
|
["DWORD","hKey","in"],
|
|
573
827
|
["PWCHAR","lpSubKey","in"],
|
|
574
828
|
])
|
|
575
829
|
|
|
576
|
-
|
|
830
|
+
dll.add_function('Wow64Win32ApiEntry', 'DWORD',[
|
|
577
831
|
["DWORD","dwFuncNumber","in"],
|
|
578
832
|
["DWORD","dwFlag","in"],
|
|
579
833
|
["DWORD","dwRes","in"],
|
|
580
834
|
])
|
|
581
835
|
|
|
582
|
-
|
|
836
|
+
dll.add_function('AccessCheck', 'BOOL',[
|
|
583
837
|
["PBLOB","pSecurityDescriptor","in"],
|
|
584
838
|
["DWORD","ClientToken","in"],
|
|
585
839
|
["DWORD","DesiredAccess","in"],
|
|
@@ -590,7 +844,7 @@ class Def_advapi32
|
|
|
590
844
|
["PBLOB","AccessStatus","out"],
|
|
591
845
|
])
|
|
592
846
|
|
|
593
|
-
|
|
847
|
+
dll.add_function('AccessCheckAndAuditAlarmA', 'BOOL',[
|
|
594
848
|
["PCHAR","SubsystemName","in"],
|
|
595
849
|
["PBLOB","HandleId","in"],
|
|
596
850
|
["PCHAR","ObjectTypeName","in"],
|
|
@@ -604,7 +858,7 @@ class Def_advapi32
|
|
|
604
858
|
["PBLOB","pfGenerateOnClose","out"],
|
|
605
859
|
])
|
|
606
860
|
|
|
607
|
-
|
|
861
|
+
dll.add_function('AccessCheckAndAuditAlarmW', 'BOOL',[
|
|
608
862
|
["PWCHAR","SubsystemName","in"],
|
|
609
863
|
["PBLOB","HandleId","in"],
|
|
610
864
|
["PWCHAR","ObjectTypeName","in"],
|
|
@@ -618,7 +872,7 @@ class Def_advapi32
|
|
|
618
872
|
["PBLOB","pfGenerateOnClose","out"],
|
|
619
873
|
])
|
|
620
874
|
|
|
621
|
-
|
|
875
|
+
dll.add_function('AccessCheckByType', 'BOOL',[
|
|
622
876
|
["PBLOB","pSecurityDescriptor","in"],
|
|
623
877
|
["LPVOID","PrincipalSelfSid","in"],
|
|
624
878
|
["DWORD","ClientToken","in"],
|
|
@@ -632,7 +886,7 @@ class Def_advapi32
|
|
|
632
886
|
["PBLOB","AccessStatus","out"],
|
|
633
887
|
])
|
|
634
888
|
|
|
635
|
-
|
|
889
|
+
dll.add_function('AccessCheckByTypeAndAuditAlarmA', 'BOOL',[
|
|
636
890
|
["PCHAR","SubsystemName","in"],
|
|
637
891
|
["PBLOB","HandleId","in"],
|
|
638
892
|
["PCHAR","ObjectTypeName","in"],
|
|
@@ -651,7 +905,7 @@ class Def_advapi32
|
|
|
651
905
|
["PBLOB","pfGenerateOnClose","out"],
|
|
652
906
|
])
|
|
653
907
|
|
|
654
|
-
|
|
908
|
+
dll.add_function('AccessCheckByTypeAndAuditAlarmW', 'BOOL',[
|
|
655
909
|
["PWCHAR","SubsystemName","in"],
|
|
656
910
|
["PBLOB","HandleId","in"],
|
|
657
911
|
["PWCHAR","ObjectTypeName","in"],
|
|
@@ -670,7 +924,7 @@ class Def_advapi32
|
|
|
670
924
|
["PBLOB","pfGenerateOnClose","out"],
|
|
671
925
|
])
|
|
672
926
|
|
|
673
|
-
|
|
927
|
+
dll.add_function('AccessCheckByTypeResultList', 'BOOL',[
|
|
674
928
|
["PBLOB","pSecurityDescriptor","in"],
|
|
675
929
|
["LPVOID","PrincipalSelfSid","in"],
|
|
676
930
|
["DWORD","ClientToken","in"],
|
|
@@ -684,7 +938,7 @@ class Def_advapi32
|
|
|
684
938
|
["PDWORD","AccessStatusList","out"],
|
|
685
939
|
])
|
|
686
940
|
|
|
687
|
-
|
|
941
|
+
dll.add_function('AccessCheckByTypeResultListAndAuditAlarmA', 'BOOL',[
|
|
688
942
|
["PCHAR","SubsystemName","in"],
|
|
689
943
|
["PBLOB","HandleId","in"],
|
|
690
944
|
["PCHAR","ObjectTypeName","in"],
|
|
@@ -703,7 +957,7 @@ class Def_advapi32
|
|
|
703
957
|
["PBLOB","pfGenerateOnClose","out"],
|
|
704
958
|
])
|
|
705
959
|
|
|
706
|
-
|
|
960
|
+
dll.add_function('AccessCheckByTypeResultListAndAuditAlarmByHandleA', 'BOOL',[
|
|
707
961
|
["PCHAR","SubsystemName","in"],
|
|
708
962
|
["PBLOB","HandleId","in"],
|
|
709
963
|
["DWORD","ClientToken","in"],
|
|
@@ -723,7 +977,7 @@ class Def_advapi32
|
|
|
723
977
|
["PBLOB","pfGenerateOnClose","out"],
|
|
724
978
|
])
|
|
725
979
|
|
|
726
|
-
|
|
980
|
+
dll.add_function('AccessCheckByTypeResultListAndAuditAlarmByHandleW', 'BOOL',[
|
|
727
981
|
["PWCHAR","SubsystemName","in"],
|
|
728
982
|
["PBLOB","HandleId","in"],
|
|
729
983
|
["DWORD","ClientToken","in"],
|
|
@@ -743,7 +997,7 @@ class Def_advapi32
|
|
|
743
997
|
["PBLOB","pfGenerateOnClose","out"],
|
|
744
998
|
])
|
|
745
999
|
|
|
746
|
-
|
|
1000
|
+
dll.add_function('AccessCheckByTypeResultListAndAuditAlarmW', 'BOOL',[
|
|
747
1001
|
["PWCHAR","SubsystemName","in"],
|
|
748
1002
|
["PBLOB","HandleId","in"],
|
|
749
1003
|
["PWCHAR","ObjectTypeName","in"],
|
|
@@ -762,14 +1016,14 @@ class Def_advapi32
|
|
|
762
1016
|
["PBLOB","pfGenerateOnClose","out"],
|
|
763
1017
|
])
|
|
764
1018
|
|
|
765
|
-
|
|
1019
|
+
dll.add_function('AddAccessAllowedAce', 'BOOL',[
|
|
766
1020
|
["PBLOB","pAcl","inout"],
|
|
767
1021
|
["DWORD","dwAceRevision","in"],
|
|
768
1022
|
["DWORD","AccessMask","in"],
|
|
769
1023
|
["LPVOID","pSid","in"],
|
|
770
1024
|
])
|
|
771
1025
|
|
|
772
|
-
|
|
1026
|
+
dll.add_function('AddAccessAllowedAceEx', 'BOOL',[
|
|
773
1027
|
["PBLOB","pAcl","inout"],
|
|
774
1028
|
["DWORD","dwAceRevision","in"],
|
|
775
1029
|
["DWORD","AceFlags","in"],
|
|
@@ -777,7 +1031,7 @@ class Def_advapi32
|
|
|
777
1031
|
["LPVOID","pSid","in"],
|
|
778
1032
|
])
|
|
779
1033
|
|
|
780
|
-
|
|
1034
|
+
dll.add_function('AddAccessAllowedObjectAce', 'BOOL',[
|
|
781
1035
|
["PBLOB","pAcl","inout"],
|
|
782
1036
|
["DWORD","dwAceRevision","in"],
|
|
783
1037
|
["DWORD","AceFlags","in"],
|
|
@@ -787,14 +1041,14 @@ class Def_advapi32
|
|
|
787
1041
|
["LPVOID","pSid","in"],
|
|
788
1042
|
])
|
|
789
1043
|
|
|
790
|
-
|
|
1044
|
+
dll.add_function('AddAccessDeniedAce', 'BOOL',[
|
|
791
1045
|
["PBLOB","pAcl","inout"],
|
|
792
1046
|
["DWORD","dwAceRevision","in"],
|
|
793
1047
|
["DWORD","AccessMask","in"],
|
|
794
1048
|
["LPVOID","pSid","in"],
|
|
795
1049
|
])
|
|
796
1050
|
|
|
797
|
-
|
|
1051
|
+
dll.add_function('AddAccessDeniedAceEx', 'BOOL',[
|
|
798
1052
|
["PBLOB","pAcl","inout"],
|
|
799
1053
|
["DWORD","dwAceRevision","in"],
|
|
800
1054
|
["DWORD","AceFlags","in"],
|
|
@@ -802,7 +1056,7 @@ class Def_advapi32
|
|
|
802
1056
|
["LPVOID","pSid","in"],
|
|
803
1057
|
])
|
|
804
1058
|
|
|
805
|
-
|
|
1059
|
+
dll.add_function('AddAccessDeniedObjectAce', 'BOOL',[
|
|
806
1060
|
["PBLOB","pAcl","inout"],
|
|
807
1061
|
["DWORD","dwAceRevision","in"],
|
|
808
1062
|
["DWORD","AceFlags","in"],
|
|
@@ -812,7 +1066,7 @@ class Def_advapi32
|
|
|
812
1066
|
["LPVOID","pSid","in"],
|
|
813
1067
|
])
|
|
814
1068
|
|
|
815
|
-
|
|
1069
|
+
dll.add_function('AddAce', 'BOOL',[
|
|
816
1070
|
["PBLOB","pAcl","inout"],
|
|
817
1071
|
["DWORD","dwAceRevision","in"],
|
|
818
1072
|
["DWORD","dwStartingAceIndex","in"],
|
|
@@ -820,7 +1074,7 @@ class Def_advapi32
|
|
|
820
1074
|
["DWORD","nAceListLength","in"],
|
|
821
1075
|
])
|
|
822
1076
|
|
|
823
|
-
|
|
1077
|
+
dll.add_function('AddAuditAccessAce', 'BOOL',[
|
|
824
1078
|
["PBLOB","pAcl","inout"],
|
|
825
1079
|
["DWORD","dwAceRevision","in"],
|
|
826
1080
|
["DWORD","dwAccessMask","in"],
|
|
@@ -829,7 +1083,7 @@ class Def_advapi32
|
|
|
829
1083
|
["BOOL","bAuditFailure","in"],
|
|
830
1084
|
])
|
|
831
1085
|
|
|
832
|
-
|
|
1086
|
+
dll.add_function('AddAuditAccessAceEx', 'BOOL',[
|
|
833
1087
|
["PBLOB","pAcl","inout"],
|
|
834
1088
|
["DWORD","dwAceRevision","in"],
|
|
835
1089
|
["DWORD","AceFlags","in"],
|
|
@@ -839,7 +1093,7 @@ class Def_advapi32
|
|
|
839
1093
|
["BOOL","bAuditFailure","in"],
|
|
840
1094
|
])
|
|
841
1095
|
|
|
842
|
-
|
|
1096
|
+
dll.add_function('AddAuditAccessObjectAce', 'BOOL',[
|
|
843
1097
|
["PBLOB","pAcl","inout"],
|
|
844
1098
|
["DWORD","dwAceRevision","in"],
|
|
845
1099
|
["DWORD","AceFlags","in"],
|
|
@@ -851,7 +1105,7 @@ class Def_advapi32
|
|
|
851
1105
|
["BOOL","bAuditFailure","in"],
|
|
852
1106
|
])
|
|
853
1107
|
|
|
854
|
-
|
|
1108
|
+
dll.add_function('AdjustTokenGroups', 'BOOL',[
|
|
855
1109
|
["DWORD","TokenHandle","in"],
|
|
856
1110
|
["BOOL","ResetToDefault","in"],
|
|
857
1111
|
["PBLOB","NewState","in"],
|
|
@@ -860,7 +1114,7 @@ class Def_advapi32
|
|
|
860
1114
|
["PDWORD","ReturnLength","out"],
|
|
861
1115
|
])
|
|
862
1116
|
|
|
863
|
-
|
|
1117
|
+
dll.add_function('AdjustTokenPrivileges', 'BOOL',[
|
|
864
1118
|
["DWORD","TokenHandle","in"],
|
|
865
1119
|
["BOOL","DisableAllPrivileges","in"],
|
|
866
1120
|
["PBLOB","NewState","in"],
|
|
@@ -869,7 +1123,7 @@ class Def_advapi32
|
|
|
869
1123
|
["PDWORD","ReturnLength","out"],
|
|
870
1124
|
])
|
|
871
1125
|
|
|
872
|
-
|
|
1126
|
+
dll.add_function('AllocateAndInitializeSid', 'BOOL',[
|
|
873
1127
|
["PBLOB","pIdentifierAuthority","in"],
|
|
874
1128
|
["BYTE","nSubAuthorityCount","in"],
|
|
875
1129
|
["DWORD","nSubAuthority0","in"],
|
|
@@ -883,55 +1137,55 @@ class Def_advapi32
|
|
|
883
1137
|
["PDWORD","pSid","out"],
|
|
884
1138
|
])
|
|
885
1139
|
|
|
886
|
-
|
|
1140
|
+
dll.add_function('AllocateLocallyUniqueId', 'BOOL',[
|
|
887
1141
|
["PBLOB","Luid","out"],
|
|
888
1142
|
])
|
|
889
1143
|
|
|
890
|
-
|
|
1144
|
+
dll.add_function('AreAllAccessesGranted', 'BOOL',[
|
|
891
1145
|
["DWORD","GrantedAccess","in"],
|
|
892
1146
|
["DWORD","DesiredAccess","in"],
|
|
893
1147
|
])
|
|
894
1148
|
|
|
895
|
-
|
|
1149
|
+
dll.add_function('AreAnyAccessesGranted', 'BOOL',[
|
|
896
1150
|
["DWORD","GrantedAccess","in"],
|
|
897
1151
|
["DWORD","DesiredAccess","in"],
|
|
898
1152
|
])
|
|
899
1153
|
|
|
900
|
-
|
|
1154
|
+
dll.add_function('BackupEventLogA', 'BOOL',[
|
|
901
1155
|
["DWORD","hEventLog","in"],
|
|
902
1156
|
["PCHAR","lpBackupFileName","in"],
|
|
903
1157
|
])
|
|
904
1158
|
|
|
905
|
-
|
|
1159
|
+
dll.add_function('BackupEventLogW', 'BOOL',[
|
|
906
1160
|
["DWORD","hEventLog","in"],
|
|
907
1161
|
["PWCHAR","lpBackupFileName","in"],
|
|
908
1162
|
])
|
|
909
1163
|
|
|
910
|
-
|
|
1164
|
+
dll.add_function('CheckTokenMembership', 'BOOL',[
|
|
911
1165
|
["DWORD","TokenHandle","in"],
|
|
912
1166
|
["PBLOB","SidToCheck","in"],
|
|
913
1167
|
["PBLOB","IsMember","out"],
|
|
914
1168
|
])
|
|
915
1169
|
|
|
916
|
-
|
|
1170
|
+
dll.add_function('ClearEventLogA', 'BOOL',[
|
|
917
1171
|
["DWORD","hEventLog","in"],
|
|
918
1172
|
["PCHAR","lpBackupFileName","in"],
|
|
919
1173
|
])
|
|
920
1174
|
|
|
921
|
-
|
|
1175
|
+
dll.add_function('ClearEventLogW', 'BOOL',[
|
|
922
1176
|
["DWORD","hEventLog","in"],
|
|
923
1177
|
["PWCHAR","lpBackupFileName","in"],
|
|
924
1178
|
])
|
|
925
1179
|
|
|
926
|
-
|
|
1180
|
+
dll.add_function('CloseEncryptedFileRaw', 'VOID',[
|
|
927
1181
|
["PBLOB","pvContext","in"],
|
|
928
1182
|
])
|
|
929
1183
|
|
|
930
|
-
|
|
1184
|
+
dll.add_function('CloseEventLog', 'BOOL',[
|
|
931
1185
|
["DWORD","hEventLog","in"],
|
|
932
1186
|
])
|
|
933
1187
|
|
|
934
|
-
|
|
1188
|
+
dll.add_function('ConvertToAutoInheritPrivateObjectSecurity', 'BOOL',[
|
|
935
1189
|
["PBLOB","ParentDescriptor","in"],
|
|
936
1190
|
["PBLOB","CurrentSecurityDescriptor","in"],
|
|
937
1191
|
["PBLOB","NewSecurityDescriptor","out"],
|
|
@@ -940,23 +1194,23 @@ class Def_advapi32
|
|
|
940
1194
|
["PBLOB","GenericMapping","in"],
|
|
941
1195
|
])
|
|
942
1196
|
|
|
943
|
-
|
|
1197
|
+
dll.add_function('ConvertStringSidToSidA', 'BOOL',[
|
|
944
1198
|
["PCHAR","StringSid","in"],
|
|
945
1199
|
["PDWORD","pSid","out"],
|
|
946
1200
|
])
|
|
947
1201
|
|
|
948
|
-
|
|
1202
|
+
dll.add_function('ConvertStringSidToSidW', 'BOOL',[
|
|
949
1203
|
["PWCHAR","StringSid","in"],
|
|
950
1204
|
["PDWORD","pSid","out"],
|
|
951
1205
|
])
|
|
952
1206
|
|
|
953
|
-
|
|
1207
|
+
dll.add_function('CopySid', 'BOOL',[
|
|
954
1208
|
["DWORD","nDestinationSidLength","in"],
|
|
955
1209
|
["PBLOB","pDestinationSid","out"],
|
|
956
1210
|
["LPVOID","pSourceSid","in"],
|
|
957
1211
|
])
|
|
958
1212
|
|
|
959
|
-
|
|
1213
|
+
dll.add_function('CreatePrivateObjectSecurity', 'BOOL',[
|
|
960
1214
|
["PBLOB","ParentDescriptor","in"],
|
|
961
1215
|
["PBLOB","CreatorDescriptor","in"],
|
|
962
1216
|
["PBLOB","NewDescriptor","out"],
|
|
@@ -965,7 +1219,7 @@ class Def_advapi32
|
|
|
965
1219
|
["PBLOB","GenericMapping","in"],
|
|
966
1220
|
])
|
|
967
1221
|
|
|
968
|
-
|
|
1222
|
+
dll.add_function('CreatePrivateObjectSecurityEx', 'BOOL',[
|
|
969
1223
|
["PBLOB","ParentDescriptor","in"],
|
|
970
1224
|
["PBLOB","CreatorDescriptor","in"],
|
|
971
1225
|
["PBLOB","NewDescriptor","out"],
|
|
@@ -976,7 +1230,7 @@ class Def_advapi32
|
|
|
976
1230
|
["PBLOB","GenericMapping","in"],
|
|
977
1231
|
])
|
|
978
1232
|
|
|
979
|
-
|
|
1233
|
+
dll.add_function('CreatePrivateObjectSecurityWithMultipleInheritance', 'BOOL',[
|
|
980
1234
|
["PBLOB","ParentDescriptor","in"],
|
|
981
1235
|
["PBLOB","CreatorDescriptor","in"],
|
|
982
1236
|
["PBLOB","NewDescriptor","out"],
|
|
@@ -988,7 +1242,7 @@ class Def_advapi32
|
|
|
988
1242
|
["PBLOB","GenericMapping","in"],
|
|
989
1243
|
])
|
|
990
1244
|
|
|
991
|
-
|
|
1245
|
+
dll.add_function('CreateProcessAsUserA', 'BOOL',[
|
|
992
1246
|
["DWORD","hToken","in"],
|
|
993
1247
|
["PCHAR","lpApplicationName","in"],
|
|
994
1248
|
["PCHAR","lpCommandLine","inout"],
|
|
@@ -1002,7 +1256,7 @@ class Def_advapi32
|
|
|
1002
1256
|
["PBLOB","lpProcessInformation","out"],
|
|
1003
1257
|
])
|
|
1004
1258
|
|
|
1005
|
-
|
|
1259
|
+
dll.add_function('CreateProcessAsUserW', 'BOOL',[
|
|
1006
1260
|
["DWORD","hToken","in"],
|
|
1007
1261
|
["PWCHAR","lpApplicationName","in"],
|
|
1008
1262
|
["PWCHAR","lpCommandLine","inout"],
|
|
@@ -1016,7 +1270,7 @@ class Def_advapi32
|
|
|
1016
1270
|
["PBLOB","lpProcessInformation","out"],
|
|
1017
1271
|
])
|
|
1018
1272
|
|
|
1019
|
-
|
|
1273
|
+
dll.add_function('CreateProcessWithLogonW', 'BOOL',[
|
|
1020
1274
|
["PWCHAR","lpUsername","in"],
|
|
1021
1275
|
["PWCHAR","lpDomain","in"],
|
|
1022
1276
|
["PWCHAR","lpPassword","in"],
|
|
@@ -1030,7 +1284,7 @@ class Def_advapi32
|
|
|
1030
1284
|
["PBLOB","lpProcessInformation","out"],
|
|
1031
1285
|
])
|
|
1032
1286
|
|
|
1033
|
-
|
|
1287
|
+
dll.add_function('CreateProcessWithTokenW', 'BOOL',[
|
|
1034
1288
|
["DWORD","hToken","in"],
|
|
1035
1289
|
["DWORD","dwLogonFlags","in"],
|
|
1036
1290
|
["PWCHAR","lpApplicationName","in"],
|
|
@@ -1042,7 +1296,7 @@ class Def_advapi32
|
|
|
1042
1296
|
["PBLOB","lpProcessInformation","out"],
|
|
1043
1297
|
])
|
|
1044
1298
|
|
|
1045
|
-
|
|
1299
|
+
dll.add_function('CreateRestrictedToken', 'BOOL',[
|
|
1046
1300
|
["DWORD","ExistingTokenHandle","in"],
|
|
1047
1301
|
["DWORD","Flags","in"],
|
|
1048
1302
|
["DWORD","DisableSidCount","in"],
|
|
@@ -1054,43 +1308,43 @@ class Def_advapi32
|
|
|
1054
1308
|
["PDWORD","NewTokenHandle","out"],
|
|
1055
1309
|
])
|
|
1056
1310
|
|
|
1057
|
-
|
|
1311
|
+
dll.add_function('CreateWellKnownSid', 'BOOL',[
|
|
1058
1312
|
["DWORD","WellKnownSidType","in"],
|
|
1059
1313
|
["PBLOB","DomainSid","in"],
|
|
1060
1314
|
["PBLOB","pSid","out"],
|
|
1061
1315
|
["PDWORD","cbSid","inout"],
|
|
1062
1316
|
])
|
|
1063
1317
|
|
|
1064
|
-
|
|
1318
|
+
dll.add_function('DecryptFileA', 'BOOL',[
|
|
1065
1319
|
["PCHAR","lpFileName","in"],
|
|
1066
1320
|
["DWORD","dwReserved","inout"],
|
|
1067
1321
|
])
|
|
1068
1322
|
|
|
1069
|
-
|
|
1323
|
+
dll.add_function('DecryptFileW', 'BOOL',[
|
|
1070
1324
|
["PWCHAR","lpFileName","in"],
|
|
1071
1325
|
["DWORD","dwReserved","inout"],
|
|
1072
1326
|
])
|
|
1073
1327
|
|
|
1074
|
-
|
|
1328
|
+
dll.add_function('DeleteAce', 'BOOL',[
|
|
1075
1329
|
["PBLOB","pAcl","inout"],
|
|
1076
1330
|
["DWORD","dwAceIndex","in"],
|
|
1077
1331
|
])
|
|
1078
1332
|
|
|
1079
|
-
|
|
1333
|
+
dll.add_function('DeregisterEventSource', 'BOOL',[
|
|
1080
1334
|
["DWORD","hEventLog","in"],
|
|
1081
1335
|
])
|
|
1082
1336
|
|
|
1083
|
-
|
|
1337
|
+
dll.add_function('DestroyPrivateObjectSecurity', 'BOOL',[
|
|
1084
1338
|
["PBLOB","ObjectDescriptor","in"],
|
|
1085
1339
|
])
|
|
1086
1340
|
|
|
1087
|
-
|
|
1341
|
+
dll.add_function('DuplicateToken', 'BOOL',[
|
|
1088
1342
|
["DWORD","ExistingTokenHandle","in"],
|
|
1089
1343
|
["DWORD","ImpersonationLevel","in"],
|
|
1090
1344
|
["PDWORD","DuplicateTokenHandle","out"],
|
|
1091
1345
|
])
|
|
1092
1346
|
|
|
1093
|
-
|
|
1347
|
+
dll.add_function('DuplicateTokenEx', 'BOOL',[
|
|
1094
1348
|
["DWORD","hExistingToken","in"],
|
|
1095
1349
|
["DWORD","dwDesiredAccess","in"],
|
|
1096
1350
|
["PBLOB","lpTokenAttributes","in"],
|
|
@@ -1099,71 +1353,71 @@ class Def_advapi32
|
|
|
1099
1353
|
["PDWORD","phNewToken","out"],
|
|
1100
1354
|
])
|
|
1101
1355
|
|
|
1102
|
-
|
|
1356
|
+
dll.add_function('EncryptFileA', 'BOOL',[
|
|
1103
1357
|
["PCHAR","lpFileName","in"],
|
|
1104
1358
|
])
|
|
1105
1359
|
|
|
1106
|
-
|
|
1360
|
+
dll.add_function('EncryptFileW', 'BOOL',[
|
|
1107
1361
|
["PWCHAR","lpFileName","in"],
|
|
1108
1362
|
])
|
|
1109
1363
|
|
|
1110
|
-
|
|
1364
|
+
dll.add_function('EqualDomainSid', 'BOOL',[
|
|
1111
1365
|
["LPVOID","pSid1","in"],
|
|
1112
1366
|
["LPVOID","pSid2","in"],
|
|
1113
1367
|
["PBLOB","pfEqual","out"],
|
|
1114
1368
|
])
|
|
1115
1369
|
|
|
1116
|
-
|
|
1370
|
+
dll.add_function('EqualPrefixSid', 'BOOL',[
|
|
1117
1371
|
["LPVOID","pSid1","in"],
|
|
1118
1372
|
["LPVOID","pSid2","in"],
|
|
1119
1373
|
])
|
|
1120
1374
|
|
|
1121
|
-
|
|
1375
|
+
dll.add_function('EqualSid', 'BOOL',[
|
|
1122
1376
|
["LPVOID","pSid1","in"],
|
|
1123
1377
|
["LPVOID","pSid2","in"],
|
|
1124
1378
|
])
|
|
1125
1379
|
|
|
1126
|
-
|
|
1380
|
+
dll.add_function('FileEncryptionStatusA', 'BOOL',[
|
|
1127
1381
|
["PCHAR","lpFileName","in"],
|
|
1128
1382
|
["PDWORD","lpStatus","out"],
|
|
1129
1383
|
])
|
|
1130
1384
|
|
|
1131
|
-
|
|
1385
|
+
dll.add_function('FileEncryptionStatusW', 'BOOL',[
|
|
1132
1386
|
["PWCHAR","lpFileName","in"],
|
|
1133
1387
|
["PDWORD","lpStatus","out"],
|
|
1134
1388
|
])
|
|
1135
1389
|
|
|
1136
|
-
|
|
1390
|
+
dll.add_function('FindFirstFreeAce', 'BOOL',[
|
|
1137
1391
|
["PBLOB","pAcl","in"],
|
|
1138
1392
|
["PBLOB","pAce","out"],
|
|
1139
1393
|
])
|
|
1140
1394
|
|
|
1141
|
-
|
|
1395
|
+
dll.add_function('FreeSid', 'LPVOID',[
|
|
1142
1396
|
["LPVOID","pSid","in"],
|
|
1143
1397
|
])
|
|
1144
1398
|
|
|
1145
|
-
|
|
1399
|
+
dll.add_function('GetAce', 'BOOL',[
|
|
1146
1400
|
["PBLOB","pAcl","in"],
|
|
1147
1401
|
["DWORD","dwAceIndex","in"],
|
|
1148
1402
|
["PBLOB","pAce","out"],
|
|
1149
1403
|
])
|
|
1150
1404
|
|
|
1151
|
-
|
|
1405
|
+
dll.add_function('GetAclInformation', 'BOOL',[
|
|
1152
1406
|
["PBLOB","pAcl","in"],
|
|
1153
1407
|
["PBLOB","pAclInformation","out"],
|
|
1154
1408
|
["DWORD","nAclInformationLength","in"],
|
|
1155
1409
|
["DWORD","dwAclInformationClass","in"],
|
|
1156
1410
|
])
|
|
1157
1411
|
|
|
1158
|
-
|
|
1412
|
+
dll.add_function('GetCurrentHwProfileA', 'BOOL',[
|
|
1159
1413
|
["PBLOB","lpHwProfileInfo","out"],
|
|
1160
1414
|
])
|
|
1161
1415
|
|
|
1162
|
-
|
|
1416
|
+
dll.add_function('GetCurrentHwProfileW', 'BOOL',[
|
|
1163
1417
|
["PBLOB","lpHwProfileInfo","out"],
|
|
1164
1418
|
])
|
|
1165
1419
|
|
|
1166
|
-
|
|
1420
|
+
dll.add_function('GetEventLogInformation', 'BOOL',[
|
|
1167
1421
|
["DWORD","hEventLog","in"],
|
|
1168
1422
|
["DWORD","dwInfoLevel","in"],
|
|
1169
1423
|
["PBLOB","lpBuffer","out"],
|
|
@@ -1171,23 +1425,23 @@ class Def_advapi32
|
|
|
1171
1425
|
["PDWORD","pcbBytesNeeded","out"],
|
|
1172
1426
|
])
|
|
1173
1427
|
|
|
1174
|
-
|
|
1428
|
+
dll.add_function('GetFileSecurityA', 'BOOL',[
|
|
1175
1429
|
["PCHAR","lpFileName","in"],
|
|
1176
|
-
["
|
|
1430
|
+
["DWORD","RequestedInformation","in"],
|
|
1177
1431
|
["PBLOB","pSecurityDescriptor","out"],
|
|
1178
1432
|
["DWORD","nLength","in"],
|
|
1179
1433
|
["PDWORD","lpnLengthNeeded","out"],
|
|
1180
1434
|
])
|
|
1181
1435
|
|
|
1182
|
-
|
|
1436
|
+
dll.add_function('GetFileSecurityW', 'BOOL',[
|
|
1183
1437
|
["PWCHAR","lpFileName","in"],
|
|
1184
|
-
["
|
|
1438
|
+
["DWORD","RequestedInformation","in"],
|
|
1185
1439
|
["PBLOB","pSecurityDescriptor","out"],
|
|
1186
1440
|
["DWORD","nLength","in"],
|
|
1187
1441
|
["PDWORD","lpnLengthNeeded","out"],
|
|
1188
1442
|
])
|
|
1189
1443
|
|
|
1190
|
-
|
|
1444
|
+
dll.add_function('GetKernelObjectSecurity', 'BOOL',[
|
|
1191
1445
|
["DWORD","Handle","in"],
|
|
1192
1446
|
["PBLOB","RequestedInformation","in"],
|
|
1193
1447
|
["PBLOB","pSecurityDescriptor","out"],
|
|
@@ -1195,21 +1449,21 @@ class Def_advapi32
|
|
|
1195
1449
|
["PDWORD","lpnLengthNeeded","out"],
|
|
1196
1450
|
])
|
|
1197
1451
|
|
|
1198
|
-
|
|
1452
|
+
dll.add_function('GetLengthSid', 'DWORD',[
|
|
1199
1453
|
["LPVOID","pSid","in"],
|
|
1200
1454
|
])
|
|
1201
1455
|
|
|
1202
|
-
|
|
1456
|
+
dll.add_function('GetNumberOfEventLogRecords', 'BOOL',[
|
|
1203
1457
|
["DWORD","hEventLog","in"],
|
|
1204
1458
|
["PDWORD","NumberOfRecords","out"],
|
|
1205
1459
|
])
|
|
1206
1460
|
|
|
1207
|
-
|
|
1461
|
+
dll.add_function('GetOldestEventLogRecord', 'BOOL',[
|
|
1208
1462
|
["DWORD","hEventLog","in"],
|
|
1209
1463
|
["PDWORD","OldestRecord","out"],
|
|
1210
1464
|
])
|
|
1211
1465
|
|
|
1212
|
-
|
|
1466
|
+
dll.add_function('GetPrivateObjectSecurity', 'BOOL',[
|
|
1213
1467
|
["PBLOB","ObjectDescriptor","in"],
|
|
1214
1468
|
["PBLOB","SecurityInformation","in"],
|
|
1215
1469
|
["PBLOB","ResultantDescriptor","out"],
|
|
@@ -1217,52 +1471,52 @@ class Def_advapi32
|
|
|
1217
1471
|
["PDWORD","ReturnLength","out"],
|
|
1218
1472
|
])
|
|
1219
1473
|
|
|
1220
|
-
|
|
1474
|
+
dll.add_function('GetSecurityDescriptorControl', 'BOOL',[
|
|
1221
1475
|
["PBLOB","pSecurityDescriptor","in"],
|
|
1222
1476
|
["PBLOB","pControl","out"],
|
|
1223
1477
|
["PDWORD","lpdwRevision","out"],
|
|
1224
1478
|
])
|
|
1225
1479
|
|
|
1226
|
-
|
|
1480
|
+
dll.add_function('GetSecurityDescriptorDacl', 'BOOL',[
|
|
1227
1481
|
["PBLOB","pSecurityDescriptor","in"],
|
|
1228
1482
|
["PBLOB","lpbDaclPresent","out"],
|
|
1229
1483
|
["PBLOB","pDacl","out"],
|
|
1230
1484
|
["PBLOB","lpbDaclDefaulted","out"],
|
|
1231
1485
|
])
|
|
1232
1486
|
|
|
1233
|
-
|
|
1487
|
+
dll.add_function('GetSecurityDescriptorGroup', 'BOOL',[
|
|
1234
1488
|
["PBLOB","pSecurityDescriptor","in"],
|
|
1235
1489
|
["PBLOB","pGroup","out"],
|
|
1236
1490
|
["PBLOB","lpbGroupDefaulted","out"],
|
|
1237
1491
|
])
|
|
1238
1492
|
|
|
1239
|
-
|
|
1493
|
+
dll.add_function('GetSecurityDescriptorLength', 'DWORD',[
|
|
1240
1494
|
["PBLOB","pSecurityDescriptor","in"],
|
|
1241
1495
|
])
|
|
1242
1496
|
|
|
1243
|
-
|
|
1497
|
+
dll.add_function('GetSecurityDescriptorOwner', 'BOOL',[
|
|
1244
1498
|
["PBLOB","pSecurityDescriptor","in"],
|
|
1245
1499
|
["PBLOB","pOwner","out"],
|
|
1246
1500
|
["PBLOB","lpbOwnerDefaulted","out"],
|
|
1247
1501
|
])
|
|
1248
1502
|
|
|
1249
|
-
|
|
1503
|
+
dll.add_function('GetSecurityDescriptorRMControl', 'DWORD',[
|
|
1250
1504
|
["PBLOB","SecurityDescriptor","in"],
|
|
1251
1505
|
["PBLOB","RMControl","out"],
|
|
1252
1506
|
])
|
|
1253
1507
|
|
|
1254
|
-
|
|
1508
|
+
dll.add_function('GetSecurityDescriptorSacl', 'BOOL',[
|
|
1255
1509
|
["PBLOB","pSecurityDescriptor","in"],
|
|
1256
1510
|
["PBLOB","lpbSaclPresent","out"],
|
|
1257
1511
|
["PBLOB","pSacl","out"],
|
|
1258
1512
|
["PBLOB","lpbSaclDefaulted","out"],
|
|
1259
1513
|
])
|
|
1260
1514
|
|
|
1261
|
-
|
|
1515
|
+
dll.add_function('GetSidLengthRequired', 'DWORD',[
|
|
1262
1516
|
["BYTE","nSubAuthorityCount","in"],
|
|
1263
1517
|
])
|
|
1264
1518
|
|
|
1265
|
-
|
|
1519
|
+
dll.add_function('GetTokenInformation', 'BOOL',[
|
|
1266
1520
|
["DWORD","TokenHandle","in"],
|
|
1267
1521
|
["DWORD","TokenInformationClass","in"],
|
|
1268
1522
|
["PBLOB","TokenInformation","out"],
|
|
@@ -1270,86 +1524,86 @@ class Def_advapi32
|
|
|
1270
1524
|
["PDWORD","ReturnLength","out"],
|
|
1271
1525
|
])
|
|
1272
1526
|
|
|
1273
|
-
|
|
1527
|
+
dll.add_function('GetUserNameA', 'BOOL',[
|
|
1274
1528
|
["PCHAR","lpBuffer","out"],
|
|
1275
1529
|
["PDWORD","pcbBuffer","inout"],
|
|
1276
1530
|
])
|
|
1277
1531
|
|
|
1278
|
-
|
|
1532
|
+
dll.add_function('GetUserNameW', 'BOOL',[
|
|
1279
1533
|
["PWCHAR","lpBuffer","out"],
|
|
1280
1534
|
["PDWORD","pcbBuffer","inout"],
|
|
1281
1535
|
])
|
|
1282
1536
|
|
|
1283
|
-
|
|
1537
|
+
dll.add_function('GetWindowsAccountDomainSid', 'BOOL',[
|
|
1284
1538
|
["LPVOID","pSid","in"],
|
|
1285
1539
|
["PBLOB","pDomainSid","out"],
|
|
1286
1540
|
["PDWORD","cbDomainSid","inout"],
|
|
1287
1541
|
])
|
|
1288
1542
|
|
|
1289
|
-
|
|
1543
|
+
dll.add_function('ImpersonateAnonymousToken', 'BOOL',[
|
|
1290
1544
|
["DWORD","ThreadHandle","in"],
|
|
1291
1545
|
])
|
|
1292
1546
|
|
|
1293
|
-
|
|
1547
|
+
dll.add_function('ImpersonateLoggedOnUser', 'BOOL',[
|
|
1294
1548
|
["DWORD","hToken","in"],
|
|
1295
1549
|
])
|
|
1296
1550
|
|
|
1297
|
-
|
|
1551
|
+
dll.add_function('ImpersonateNamedPipeClient', 'BOOL',[
|
|
1298
1552
|
["DWORD","hNamedPipe","in"],
|
|
1299
1553
|
])
|
|
1300
1554
|
|
|
1301
|
-
|
|
1555
|
+
dll.add_function('ImpersonateSelf', 'BOOL',[
|
|
1302
1556
|
["DWORD","ImpersonationLevel","in"],
|
|
1303
1557
|
])
|
|
1304
1558
|
|
|
1305
|
-
|
|
1559
|
+
dll.add_function('InitializeAcl', 'BOOL',[
|
|
1306
1560
|
["PBLOB","pAcl","out"],
|
|
1307
1561
|
["DWORD","nAclLength","in"],
|
|
1308
1562
|
["DWORD","dwAclRevision","in"],
|
|
1309
1563
|
])
|
|
1310
1564
|
|
|
1311
|
-
|
|
1565
|
+
dll.add_function('InitializeSecurityDescriptor', 'BOOL',[
|
|
1312
1566
|
["PBLOB","pSecurityDescriptor","out"],
|
|
1313
1567
|
["DWORD","dwRevision","in"],
|
|
1314
1568
|
])
|
|
1315
1569
|
|
|
1316
|
-
|
|
1570
|
+
dll.add_function('InitializeSid', 'BOOL',[
|
|
1317
1571
|
["PBLOB","Sid","out"],
|
|
1318
1572
|
["PBLOB","pIdentifierAuthority","in"],
|
|
1319
1573
|
["BYTE","nSubAuthorityCount","in"],
|
|
1320
1574
|
])
|
|
1321
1575
|
|
|
1322
|
-
|
|
1576
|
+
dll.add_function('IsTextUnicode', 'BOOL',[
|
|
1323
1577
|
["DWORD","iSize","in"],
|
|
1324
1578
|
["PDWORD","lpiResult","inout"],
|
|
1325
1579
|
])
|
|
1326
1580
|
|
|
1327
|
-
|
|
1581
|
+
dll.add_function('IsTokenRestricted', 'BOOL',[
|
|
1328
1582
|
["DWORD","TokenHandle","in"],
|
|
1329
1583
|
])
|
|
1330
1584
|
|
|
1331
|
-
|
|
1585
|
+
dll.add_function('IsTokenUntrusted', 'BOOL',[
|
|
1332
1586
|
["DWORD","TokenHandle","in"],
|
|
1333
1587
|
])
|
|
1334
1588
|
|
|
1335
|
-
|
|
1589
|
+
dll.add_function('IsValidAcl', 'BOOL',[
|
|
1336
1590
|
["PBLOB","pAcl","in"],
|
|
1337
1591
|
])
|
|
1338
1592
|
|
|
1339
|
-
|
|
1593
|
+
dll.add_function('IsValidSecurityDescriptor', 'BOOL',[
|
|
1340
1594
|
["PBLOB","pSecurityDescriptor","in"],
|
|
1341
1595
|
])
|
|
1342
1596
|
|
|
1343
|
-
|
|
1597
|
+
dll.add_function('IsValidSid', 'BOOL',[
|
|
1344
1598
|
["LPVOID","pSid","in"],
|
|
1345
1599
|
])
|
|
1346
1600
|
|
|
1347
|
-
|
|
1601
|
+
dll.add_function('IsWellKnownSid', 'BOOL',[
|
|
1348
1602
|
["LPVOID","pSid","in"],
|
|
1349
1603
|
["DWORD","WellKnownSidType","in"],
|
|
1350
1604
|
])
|
|
1351
1605
|
|
|
1352
|
-
|
|
1606
|
+
dll.add_function('LogonUserA', 'BOOL',[
|
|
1353
1607
|
["PCHAR","lpszUsername","in"],
|
|
1354
1608
|
["PCHAR","lpszDomain","in"],
|
|
1355
1609
|
["PCHAR","lpszPassword","in"],
|
|
@@ -1358,7 +1612,7 @@ class Def_advapi32
|
|
|
1358
1612
|
["PDWORD","phToken","out"],
|
|
1359
1613
|
])
|
|
1360
1614
|
|
|
1361
|
-
|
|
1615
|
+
dll.add_function('LogonUserExA', 'BOOL',[
|
|
1362
1616
|
["PCHAR","lpszUsername","in"],
|
|
1363
1617
|
["PCHAR","lpszDomain","in"],
|
|
1364
1618
|
["PCHAR","lpszPassword","in"],
|
|
@@ -1371,7 +1625,7 @@ class Def_advapi32
|
|
|
1371
1625
|
["PBLOB","pQuotaLimits","out"],
|
|
1372
1626
|
])
|
|
1373
1627
|
|
|
1374
|
-
|
|
1628
|
+
dll.add_function('LogonUserExW', 'BOOL',[
|
|
1375
1629
|
["PWCHAR","lpszUsername","in"],
|
|
1376
1630
|
["PWCHAR","lpszDomain","in"],
|
|
1377
1631
|
["PWCHAR","lpszPassword","in"],
|
|
@@ -1384,7 +1638,7 @@ class Def_advapi32
|
|
|
1384
1638
|
["PBLOB","pQuotaLimits","out"],
|
|
1385
1639
|
])
|
|
1386
1640
|
|
|
1387
|
-
|
|
1641
|
+
dll.add_function('LogonUserW', 'BOOL',[
|
|
1388
1642
|
["PWCHAR","lpszUsername","in"],
|
|
1389
1643
|
["PWCHAR","lpszDomain","in"],
|
|
1390
1644
|
["PWCHAR","lpszPassword","in"],
|
|
@@ -1393,7 +1647,7 @@ class Def_advapi32
|
|
|
1393
1647
|
["PDWORD","phToken","out"],
|
|
1394
1648
|
])
|
|
1395
1649
|
|
|
1396
|
-
|
|
1650
|
+
dll.add_function('LookupAccountNameA', 'BOOL',[
|
|
1397
1651
|
["PCHAR","lpSystemName","in"],
|
|
1398
1652
|
["PCHAR","lpAccountName","in"],
|
|
1399
1653
|
["PBLOB","Sid","out"],
|
|
@@ -1403,7 +1657,7 @@ class Def_advapi32
|
|
|
1403
1657
|
["PBLOB","peUse","out"],
|
|
1404
1658
|
])
|
|
1405
1659
|
|
|
1406
|
-
|
|
1660
|
+
dll.add_function('LookupAccountNameW', 'BOOL',[
|
|
1407
1661
|
["PWCHAR","lpSystemName","in"],
|
|
1408
1662
|
["PWCHAR","lpAccountName","in"],
|
|
1409
1663
|
["PBLOB","Sid","out"],
|
|
@@ -1413,7 +1667,7 @@ class Def_advapi32
|
|
|
1413
1667
|
["PBLOB","peUse","out"],
|
|
1414
1668
|
])
|
|
1415
1669
|
|
|
1416
|
-
|
|
1670
|
+
dll.add_function('LookupAccountSidA', 'BOOL',[
|
|
1417
1671
|
["PCHAR","lpSystemName","in"],
|
|
1418
1672
|
["LPVOID","Sid","in"],
|
|
1419
1673
|
["PCHAR","Name","out"],
|
|
@@ -1423,7 +1677,7 @@ class Def_advapi32
|
|
|
1423
1677
|
["PBLOB","peUse","out"],
|
|
1424
1678
|
])
|
|
1425
1679
|
|
|
1426
|
-
|
|
1680
|
+
dll.add_function('LookupAccountSidW', 'BOOL',[
|
|
1427
1681
|
["PWCHAR","lpSystemName","in"],
|
|
1428
1682
|
["LPVOID","Sid","in"],
|
|
1429
1683
|
["PWCHAR","Name","out"],
|
|
@@ -1433,7 +1687,7 @@ class Def_advapi32
|
|
|
1433
1687
|
["PBLOB","peUse","out"],
|
|
1434
1688
|
])
|
|
1435
1689
|
|
|
1436
|
-
|
|
1690
|
+
dll.add_function('LookupPrivilegeDisplayNameA', 'BOOL',[
|
|
1437
1691
|
["PCHAR","lpSystemName","in"],
|
|
1438
1692
|
["PCHAR","lpName","in"],
|
|
1439
1693
|
["PCHAR","lpDisplayName","out"],
|
|
@@ -1441,7 +1695,7 @@ class Def_advapi32
|
|
|
1441
1695
|
["PDWORD","lpLanguageId","out"],
|
|
1442
1696
|
])
|
|
1443
1697
|
|
|
1444
|
-
|
|
1698
|
+
dll.add_function('LookupPrivilegeDisplayNameW', 'BOOL',[
|
|
1445
1699
|
["PWCHAR","lpSystemName","in"],
|
|
1446
1700
|
["PWCHAR","lpName","in"],
|
|
1447
1701
|
["PWCHAR","lpDisplayName","out"],
|
|
@@ -1449,33 +1703,33 @@ class Def_advapi32
|
|
|
1449
1703
|
["PDWORD","lpLanguageId","out"],
|
|
1450
1704
|
])
|
|
1451
1705
|
|
|
1452
|
-
|
|
1706
|
+
dll.add_function('LookupPrivilegeNameA', 'BOOL',[
|
|
1453
1707
|
["PCHAR","lpSystemName","in"],
|
|
1454
1708
|
["PBLOB","lpLuid","in"],
|
|
1455
1709
|
["PCHAR","lpName","out"],
|
|
1456
1710
|
["PDWORD","cchName","inout"],
|
|
1457
1711
|
])
|
|
1458
1712
|
|
|
1459
|
-
|
|
1713
|
+
dll.add_function('LookupPrivilegeNameW', 'BOOL',[
|
|
1460
1714
|
["PWCHAR","lpSystemName","in"],
|
|
1461
1715
|
["PBLOB","lpLuid","in"],
|
|
1462
1716
|
["PWCHAR","lpName","out"],
|
|
1463
1717
|
["PDWORD","cchName","inout"],
|
|
1464
1718
|
])
|
|
1465
1719
|
|
|
1466
|
-
|
|
1720
|
+
dll.add_function('LookupPrivilegeValueA', 'BOOL',[
|
|
1467
1721
|
["PCHAR","lpSystemName","in"],
|
|
1468
1722
|
["PCHAR","lpName","in"],
|
|
1469
1723
|
["PBLOB","lpLuid","out"],
|
|
1470
1724
|
])
|
|
1471
1725
|
|
|
1472
|
-
|
|
1726
|
+
dll.add_function('LookupPrivilegeValueW', 'BOOL',[
|
|
1473
1727
|
["PWCHAR","lpSystemName","in"],
|
|
1474
1728
|
["PWCHAR","lpName","in"],
|
|
1475
1729
|
["PBLOB","lpLuid","out"],
|
|
1476
1730
|
])
|
|
1477
1731
|
|
|
1478
|
-
|
|
1732
|
+
dll.add_function('MakeAbsoluteSD', 'BOOL',[
|
|
1479
1733
|
["PBLOB","pSelfRelativeSecurityDescriptor","in"],
|
|
1480
1734
|
["PBLOB","pAbsoluteSecurityDescriptor","out"],
|
|
1481
1735
|
["PDWORD","lpdwAbsoluteSecurityDescriptorSize","inout"],
|
|
@@ -1489,52 +1743,52 @@ class Def_advapi32
|
|
|
1489
1743
|
["PDWORD","lpdwPrimaryGroupSize","inout"],
|
|
1490
1744
|
])
|
|
1491
1745
|
|
|
1492
|
-
|
|
1746
|
+
dll.add_function('MakeAbsoluteSD2', 'BOOL',[
|
|
1493
1747
|
["PBLOB","pSelfRelativeSecurityDescriptor","inout"],
|
|
1494
1748
|
["PDWORD","lpdwBufferSize","inout"],
|
|
1495
1749
|
])
|
|
1496
1750
|
|
|
1497
|
-
|
|
1751
|
+
dll.add_function('MakeSelfRelativeSD', 'BOOL',[
|
|
1498
1752
|
["PBLOB","pAbsoluteSecurityDescriptor","in"],
|
|
1499
1753
|
["PBLOB","pSelfRelativeSecurityDescriptor","out"],
|
|
1500
1754
|
["PDWORD","lpdwBufferLength","inout"],
|
|
1501
1755
|
])
|
|
1502
1756
|
|
|
1503
|
-
|
|
1757
|
+
dll.add_function('MapGenericMask', 'VOID',[
|
|
1504
1758
|
["PDWORD","AccessMask","inout"],
|
|
1505
1759
|
["PBLOB","GenericMapping","in"],
|
|
1506
1760
|
])
|
|
1507
1761
|
|
|
1508
|
-
|
|
1762
|
+
dll.add_function('NotifyChangeEventLog', 'BOOL',[
|
|
1509
1763
|
["DWORD","hEventLog","in"],
|
|
1510
1764
|
["DWORD","hEvent","in"],
|
|
1511
1765
|
])
|
|
1512
1766
|
|
|
1513
|
-
|
|
1767
|
+
dll.add_function('ObjectCloseAuditAlarmA', 'BOOL',[
|
|
1514
1768
|
["PCHAR","SubsystemName","in"],
|
|
1515
1769
|
["PBLOB","HandleId","in"],
|
|
1516
1770
|
["BOOL","GenerateOnClose","in"],
|
|
1517
1771
|
])
|
|
1518
1772
|
|
|
1519
|
-
|
|
1773
|
+
dll.add_function('ObjectCloseAuditAlarmW', 'BOOL',[
|
|
1520
1774
|
["PWCHAR","SubsystemName","in"],
|
|
1521
1775
|
["PBLOB","HandleId","in"],
|
|
1522
1776
|
["BOOL","GenerateOnClose","in"],
|
|
1523
1777
|
])
|
|
1524
1778
|
|
|
1525
|
-
|
|
1779
|
+
dll.add_function('ObjectDeleteAuditAlarmA', 'BOOL',[
|
|
1526
1780
|
["PCHAR","SubsystemName","in"],
|
|
1527
1781
|
["PBLOB","HandleId","in"],
|
|
1528
1782
|
["BOOL","GenerateOnClose","in"],
|
|
1529
1783
|
])
|
|
1530
1784
|
|
|
1531
|
-
|
|
1785
|
+
dll.add_function('ObjectDeleteAuditAlarmW', 'BOOL',[
|
|
1532
1786
|
["PWCHAR","SubsystemName","in"],
|
|
1533
1787
|
["PBLOB","HandleId","in"],
|
|
1534
1788
|
["BOOL","GenerateOnClose","in"],
|
|
1535
1789
|
])
|
|
1536
1790
|
|
|
1537
|
-
|
|
1791
|
+
dll.add_function('ObjectOpenAuditAlarmA', 'BOOL',[
|
|
1538
1792
|
["PCHAR","SubsystemName","in"],
|
|
1539
1793
|
["PBLOB","HandleId","in"],
|
|
1540
1794
|
["PCHAR","ObjectTypeName","in"],
|
|
@@ -1549,7 +1803,7 @@ class Def_advapi32
|
|
|
1549
1803
|
["PBLOB","GenerateOnClose","out"],
|
|
1550
1804
|
])
|
|
1551
1805
|
|
|
1552
|
-
|
|
1806
|
+
dll.add_function('ObjectOpenAuditAlarmW', 'BOOL',[
|
|
1553
1807
|
["PWCHAR","SubsystemName","in"],
|
|
1554
1808
|
["PBLOB","HandleId","in"],
|
|
1555
1809
|
["PWCHAR","ObjectTypeName","in"],
|
|
@@ -1564,7 +1818,7 @@ class Def_advapi32
|
|
|
1564
1818
|
["PBLOB","GenerateOnClose","out"],
|
|
1565
1819
|
])
|
|
1566
1820
|
|
|
1567
|
-
|
|
1821
|
+
dll.add_function('ObjectPrivilegeAuditAlarmA', 'BOOL',[
|
|
1568
1822
|
["PCHAR","SubsystemName","in"],
|
|
1569
1823
|
["PBLOB","HandleId","in"],
|
|
1570
1824
|
["DWORD","ClientToken","in"],
|
|
@@ -1573,7 +1827,7 @@ class Def_advapi32
|
|
|
1573
1827
|
["BOOL","AccessGranted","in"],
|
|
1574
1828
|
])
|
|
1575
1829
|
|
|
1576
|
-
|
|
1830
|
+
dll.add_function('ObjectPrivilegeAuditAlarmW', 'BOOL',[
|
|
1577
1831
|
["PWCHAR","SubsystemName","in"],
|
|
1578
1832
|
["PBLOB","HandleId","in"],
|
|
1579
1833
|
["DWORD","ClientToken","in"],
|
|
@@ -1582,58 +1836,58 @@ class Def_advapi32
|
|
|
1582
1836
|
["BOOL","AccessGranted","in"],
|
|
1583
1837
|
])
|
|
1584
1838
|
|
|
1585
|
-
|
|
1839
|
+
dll.add_function('OpenBackupEventLogA', 'DWORD',[
|
|
1586
1840
|
["PCHAR","lpUNCServerName","in"],
|
|
1587
1841
|
["PCHAR","lpFileName","in"],
|
|
1588
1842
|
])
|
|
1589
1843
|
|
|
1590
|
-
|
|
1844
|
+
dll.add_function('OpenBackupEventLogW', 'DWORD',[
|
|
1591
1845
|
["PWCHAR","lpUNCServerName","in"],
|
|
1592
1846
|
["PWCHAR","lpFileName","in"],
|
|
1593
1847
|
])
|
|
1594
1848
|
|
|
1595
|
-
|
|
1849
|
+
dll.add_function('OpenEncryptedFileRawA', 'DWORD',[
|
|
1596
1850
|
["PCHAR","lpFileName","in"],
|
|
1597
1851
|
["DWORD","ulFlags","in"],
|
|
1598
1852
|
["PBLOB","pvContext","out"],
|
|
1599
1853
|
])
|
|
1600
1854
|
|
|
1601
|
-
|
|
1855
|
+
dll.add_function('OpenEncryptedFileRawW', 'DWORD',[
|
|
1602
1856
|
["PWCHAR","lpFileName","in"],
|
|
1603
1857
|
["DWORD","ulFlags","in"],
|
|
1604
1858
|
["PBLOB","pvContext","out"],
|
|
1605
1859
|
])
|
|
1606
1860
|
|
|
1607
|
-
|
|
1861
|
+
dll.add_function('OpenEventLogA', 'DWORD',[
|
|
1608
1862
|
["PCHAR","lpUNCServerName","in"],
|
|
1609
1863
|
["PCHAR","lpSourceName","in"],
|
|
1610
1864
|
])
|
|
1611
1865
|
|
|
1612
|
-
|
|
1866
|
+
dll.add_function('OpenEventLogW', 'DWORD',[
|
|
1613
1867
|
["PWCHAR","lpUNCServerName","in"],
|
|
1614
1868
|
["PWCHAR","lpSourceName","in"],
|
|
1615
1869
|
])
|
|
1616
1870
|
|
|
1617
|
-
|
|
1871
|
+
dll.add_function('OpenProcessToken', 'BOOL',[
|
|
1618
1872
|
["DWORD","ProcessHandle","in"],
|
|
1619
1873
|
["DWORD","DesiredAccess","in"],
|
|
1620
1874
|
["PDWORD","TokenHandle","out"],
|
|
1621
1875
|
])
|
|
1622
1876
|
|
|
1623
|
-
|
|
1877
|
+
dll.add_function('OpenThreadToken', 'BOOL',[
|
|
1624
1878
|
["DWORD","ThreadHandle","in"],
|
|
1625
1879
|
["DWORD","DesiredAccess","in"],
|
|
1626
1880
|
["BOOL","OpenAsSelf","in"],
|
|
1627
1881
|
["PDWORD","TokenHandle","out"],
|
|
1628
1882
|
])
|
|
1629
1883
|
|
|
1630
|
-
|
|
1884
|
+
dll.add_function('PrivilegeCheck', 'BOOL',[
|
|
1631
1885
|
["DWORD","ClientToken","in"],
|
|
1632
1886
|
["PBLOB","RequiredPrivileges","inout"],
|
|
1633
1887
|
["PBLOB","pfResult","out"],
|
|
1634
1888
|
])
|
|
1635
1889
|
|
|
1636
|
-
|
|
1890
|
+
dll.add_function('PrivilegedServiceAuditAlarmA', 'BOOL',[
|
|
1637
1891
|
["PCHAR","SubsystemName","in"],
|
|
1638
1892
|
["PCHAR","ServiceName","in"],
|
|
1639
1893
|
["DWORD","ClientToken","in"],
|
|
@@ -1641,7 +1895,7 @@ class Def_advapi32
|
|
|
1641
1895
|
["BOOL","AccessGranted","in"],
|
|
1642
1896
|
])
|
|
1643
1897
|
|
|
1644
|
-
|
|
1898
|
+
dll.add_function('PrivilegedServiceAuditAlarmW', 'BOOL',[
|
|
1645
1899
|
["PWCHAR","SubsystemName","in"],
|
|
1646
1900
|
["PWCHAR","ServiceName","in"],
|
|
1647
1901
|
["DWORD","ClientToken","in"],
|
|
@@ -1649,13 +1903,13 @@ class Def_advapi32
|
|
|
1649
1903
|
["BOOL","AccessGranted","in"],
|
|
1650
1904
|
])
|
|
1651
1905
|
|
|
1652
|
-
|
|
1906
|
+
dll.add_function('ReadEncryptedFileRaw', 'DWORD',[
|
|
1653
1907
|
["PBLOB","pfExportCallback","in"],
|
|
1654
1908
|
["PBLOB","pvCallbackContext","in"],
|
|
1655
1909
|
["PBLOB","pvContext","in"],
|
|
1656
1910
|
])
|
|
1657
1911
|
|
|
1658
|
-
|
|
1912
|
+
dll.add_function('ReadEventLogA', 'BOOL',[
|
|
1659
1913
|
["DWORD","hEventLog","in"],
|
|
1660
1914
|
["DWORD","dwReadFlags","in"],
|
|
1661
1915
|
["DWORD","dwRecordOffset","in"],
|
|
@@ -1665,7 +1919,7 @@ class Def_advapi32
|
|
|
1665
1919
|
["PDWORD","pnMinNumberOfBytesNeeded","out"],
|
|
1666
1920
|
])
|
|
1667
1921
|
|
|
1668
|
-
|
|
1922
|
+
dll.add_function('ReadEventLogW', 'BOOL',[
|
|
1669
1923
|
["DWORD","hEventLog","in"],
|
|
1670
1924
|
["DWORD","dwReadFlags","in"],
|
|
1671
1925
|
["DWORD","dwRecordOffset","in"],
|
|
@@ -1675,17 +1929,17 @@ class Def_advapi32
|
|
|
1675
1929
|
["PDWORD","pnMinNumberOfBytesNeeded","out"],
|
|
1676
1930
|
])
|
|
1677
1931
|
|
|
1678
|
-
|
|
1932
|
+
dll.add_function('RegisterEventSourceA', 'DWORD',[
|
|
1679
1933
|
["PCHAR","lpUNCServerName","in"],
|
|
1680
1934
|
["PCHAR","lpSourceName","in"],
|
|
1681
1935
|
])
|
|
1682
1936
|
|
|
1683
|
-
|
|
1937
|
+
dll.add_function('RegisterEventSourceW', 'DWORD',[
|
|
1684
1938
|
["PWCHAR","lpUNCServerName","in"],
|
|
1685
1939
|
["PWCHAR","lpSourceName","in"],
|
|
1686
1940
|
])
|
|
1687
1941
|
|
|
1688
|
-
|
|
1942
|
+
dll.add_function('ReportEventA', 'BOOL',[
|
|
1689
1943
|
["DWORD","hEventLog","in"],
|
|
1690
1944
|
["WORD","wType","in"],
|
|
1691
1945
|
["WORD","wCategory","in"],
|
|
@@ -1697,7 +1951,7 @@ class Def_advapi32
|
|
|
1697
1951
|
["PBLOB","lpRawData","in"],
|
|
1698
1952
|
])
|
|
1699
1953
|
|
|
1700
|
-
|
|
1954
|
+
dll.add_function('ReportEventW', 'BOOL',[
|
|
1701
1955
|
["DWORD","hEventLog","in"],
|
|
1702
1956
|
["WORD","wType","in"],
|
|
1703
1957
|
["WORD","wCategory","in"],
|
|
@@ -1709,35 +1963,35 @@ class Def_advapi32
|
|
|
1709
1963
|
["PBLOB","lpRawData","in"],
|
|
1710
1964
|
])
|
|
1711
1965
|
|
|
1712
|
-
|
|
1966
|
+
dll.add_function('RevertToSelf', 'BOOL',[
|
|
1713
1967
|
])
|
|
1714
1968
|
|
|
1715
|
-
|
|
1969
|
+
dll.add_function('SetAclInformation', 'BOOL',[
|
|
1716
1970
|
["PBLOB","pAcl","inout"],
|
|
1717
1971
|
["PBLOB","pAclInformation","in"],
|
|
1718
1972
|
["DWORD","nAclInformationLength","in"],
|
|
1719
1973
|
["DWORD","dwAclInformationClass","in"],
|
|
1720
1974
|
])
|
|
1721
1975
|
|
|
1722
|
-
|
|
1976
|
+
dll.add_function('SetFileSecurityA', 'BOOL',[
|
|
1723
1977
|
["PCHAR","lpFileName","in"],
|
|
1724
1978
|
["PBLOB","SecurityInformation","in"],
|
|
1725
1979
|
["PBLOB","pSecurityDescriptor","in"],
|
|
1726
1980
|
])
|
|
1727
1981
|
|
|
1728
|
-
|
|
1982
|
+
dll.add_function('SetFileSecurityW', 'BOOL',[
|
|
1729
1983
|
["PWCHAR","lpFileName","in"],
|
|
1730
1984
|
["PBLOB","SecurityInformation","in"],
|
|
1731
1985
|
["PBLOB","pSecurityDescriptor","in"],
|
|
1732
1986
|
])
|
|
1733
1987
|
|
|
1734
|
-
|
|
1988
|
+
dll.add_function('SetKernelObjectSecurity', 'BOOL',[
|
|
1735
1989
|
["DWORD","Handle","in"],
|
|
1736
1990
|
["PBLOB","SecurityInformation","in"],
|
|
1737
1991
|
["PBLOB","SecurityDescriptor","in"],
|
|
1738
1992
|
])
|
|
1739
1993
|
|
|
1740
|
-
|
|
1994
|
+
dll.add_function('SetPrivateObjectSecurity', 'BOOL',[
|
|
1741
1995
|
["PBLOB","SecurityInformation","in"],
|
|
1742
1996
|
["PBLOB","ModificationDescriptor","in"],
|
|
1743
1997
|
["PBLOB","ObjectsSecurityDescriptor","inout"],
|
|
@@ -1745,7 +1999,7 @@ class Def_advapi32
|
|
|
1745
1999
|
["DWORD","Token","in"],
|
|
1746
2000
|
])
|
|
1747
2001
|
|
|
1748
|
-
|
|
2002
|
+
dll.add_function('SetPrivateObjectSecurityEx', 'BOOL',[
|
|
1749
2003
|
["PBLOB","SecurityInformation","in"],
|
|
1750
2004
|
["PBLOB","ModificationDescriptor","in"],
|
|
1751
2005
|
["PBLOB","ObjectsSecurityDescriptor","inout"],
|
|
@@ -1754,61 +2008,63 @@ class Def_advapi32
|
|
|
1754
2008
|
["DWORD","Token","in"],
|
|
1755
2009
|
])
|
|
1756
2010
|
|
|
1757
|
-
|
|
2011
|
+
dll.add_function('SetSecurityDescriptorControl', 'BOOL',[
|
|
1758
2012
|
["PBLOB","pSecurityDescriptor","in"],
|
|
1759
2013
|
["WORD","ControlBitsOfInterest","in"],
|
|
1760
2014
|
["WORD","ControlBitsToSet","in"],
|
|
1761
2015
|
])
|
|
1762
2016
|
|
|
1763
|
-
|
|
2017
|
+
dll.add_function('SetSecurityDescriptorDacl', 'BOOL',[
|
|
1764
2018
|
["PBLOB","pSecurityDescriptor","inout"],
|
|
1765
2019
|
["BOOL","bDaclPresent","in"],
|
|
1766
2020
|
["PBLOB","pDacl","in"],
|
|
1767
2021
|
["BOOL","bDaclDefaulted","in"],
|
|
1768
2022
|
])
|
|
1769
2023
|
|
|
1770
|
-
|
|
2024
|
+
dll.add_function('SetSecurityDescriptorGroup', 'BOOL',[
|
|
1771
2025
|
["PBLOB","pSecurityDescriptor","inout"],
|
|
1772
2026
|
["PBLOB","pGroup","in"],
|
|
1773
2027
|
["BOOL","bGroupDefaulted","in"],
|
|
1774
2028
|
])
|
|
1775
2029
|
|
|
1776
|
-
|
|
2030
|
+
dll.add_function('SetSecurityDescriptorOwner', 'BOOL',[
|
|
1777
2031
|
["PBLOB","pSecurityDescriptor","inout"],
|
|
1778
2032
|
["PBLOB","pOwner","in"],
|
|
1779
2033
|
["BOOL","bOwnerDefaulted","in"],
|
|
1780
2034
|
])
|
|
1781
2035
|
|
|
1782
|
-
|
|
2036
|
+
dll.add_function('SetSecurityDescriptorRMControl', 'DWORD',[
|
|
1783
2037
|
["PBLOB","SecurityDescriptor","inout"],
|
|
1784
2038
|
["PBLOB","RMControl","in"],
|
|
1785
2039
|
])
|
|
1786
2040
|
|
|
1787
|
-
|
|
2041
|
+
dll.add_function('SetSecurityDescriptorSacl', 'BOOL',[
|
|
1788
2042
|
["PBLOB","pSecurityDescriptor","inout"],
|
|
1789
2043
|
["BOOL","bSaclPresent","in"],
|
|
1790
2044
|
["PBLOB","pSacl","in"],
|
|
1791
2045
|
["BOOL","bSaclDefaulted","in"],
|
|
1792
2046
|
])
|
|
1793
2047
|
|
|
1794
|
-
|
|
2048
|
+
dll.add_function('SetThreadToken', 'BOOL',[
|
|
1795
2049
|
["PDWORD","Thread","in"],
|
|
1796
2050
|
["DWORD","Token","in"],
|
|
1797
2051
|
])
|
|
1798
2052
|
|
|
1799
|
-
|
|
2053
|
+
dll.add_function('SetTokenInformation', 'BOOL',[
|
|
1800
2054
|
["DWORD","TokenHandle","in"],
|
|
1801
2055
|
["DWORD","TokenInformationClass","in"],
|
|
1802
2056
|
["PBLOB","TokenInformation","in"],
|
|
1803
2057
|
["DWORD","TokenInformationLength","in"],
|
|
1804
2058
|
])
|
|
1805
2059
|
|
|
1806
|
-
|
|
2060
|
+
dll.add_function('WriteEncryptedFileRaw', 'DWORD',[
|
|
1807
2061
|
["PBLOB","pfImportCallback","in"],
|
|
1808
2062
|
["PBLOB","pvCallbackContext","in"],
|
|
1809
2063
|
["PBLOB","pvContext","in"],
|
|
1810
2064
|
])
|
|
1811
2065
|
|
|
2066
|
+
|
|
2067
|
+
return dll
|
|
1812
2068
|
end
|
|
1813
2069
|
|
|
1814
2070
|
end
|