📄 native.pas
字号:
end;
THREAD_BASIC_INFORMATION = _THREAD_BASIC_INFORMATION;
PTHREAD_BASIC_INFORMATION = ^THREAD_BASIC_INFORMATION;
function NtSuspendThread(ThreadHandle: HANDLE; PreviousSuspendCount: PULONG): NTSTATUS; stdcall;
function NtResumeThread(ThreadHandle: HANDLE; PreviousSuspendCount: PULONG): NTSTATUS; stdcall;
function NtGetContextThread(ThreadHandle: HANDLE; Context: PCONTEXT): NTSTATUS; stdcall;
function NtSetContextThread(ThreadHandle: HANDLE; Context: PCONTEXT): NTSTATUS; stdcall;
function NtQueueApcThread(ThreadHandle: HANDLE; ApcRoutine: PKNORMAL_ROUTINE; ApcContext: PVOID; Argument1: PVOID; Argument2: PVOID): NTSTATUS; stdcall;
function NtTestAlert: NTSTATUS; stdcall;
function NtAlertThread(ThreadHandle: HANDLE): NTSTATUS; stdcall;
function NtAlertResumeThread(ThreadHandle: HANDLE; PreviousSuspendCount: PULONG): NTSTATUS; stdcall;
function NtRegisterThreadTerminatePort(PortHandle: HANDLE): NTSTATUS; stdcall;
function NtImpersonateThread(ThreadHandle: HANDLE; TargetThreadHandle: HANDLE; SecurityQos: PSECURITY_QUALITY_OF_SERVICE): NTSTATUS; stdcall;
function NtImpersonateAnonymousToken(ThreadHandle: HANDLE): NTSTATUS; stdcall;
function NtCreateProcess(ProcessHandle: PHANDLE; DesiredAccess: ACCESS_MASK; ObjectAttributes: POBJECT_ATTRIBUTES; InheritFromProcessHandle: HANDLE; InheritHandles: ByteBool; SectionHandle: HANDLE; DebugPort: HANDLE; ExceptionPort: HANDLE): NTSTATUS; stdcall;
function NtOpenProcess(ProcessHandle: PHANDLE; DesiredAccess: ACCESS_MASK; ObjectAttributes: POBJECT_ATTRIBUTES; ClientId: PCLIENT_ID): NTSTATUS; stdcall;
function NtTerminateProcess(ProcessHandle: HANDLE; ExitStatus: NTSTATUS): NTSTATUS; stdcall;
function NtQueryInformationProcess(ProcessHandle: HANDLE; ProcessInformationClass: PROCESSINFOCLASS; ProcessInformation: PVOID; ProcessInformationLength: ULONG; ReturnLength: PULONG): NTSTATUS; stdcall;
function NtSetInformationProcess(ProcessHandle: HANDLE; ProcessInformationClass: PROCESSINFOCLASS; ProcessInformation: PVOID; ProcessInformationLength: ULONG): NTSTATUS; stdcall;
type
_PROCESS_PRIORITY_CLASS = record // Information Class 18
Foreground: ByteBool;
PriorityClass: UCHAR;
end;
PROCESS_PRIORITY_CLASS = _PROCESS_PRIORITY_CLASS;
PPROCESS_PRIORITY_CLASS = ^PROCESS_PRIORITY_CLASS;
_PROCESS_PARAMETERS = record
AllocationSize: ULONG;
Size: ULONG;
Flags: ULONG;
Zero: ULONG;
Console: LONG;
ProcessGroup: ULONG;
hStdInput: HANDLE;
hStdOutput: HANDLE;
hStdError: HANDLE;
CurrentDirectoryName: UNICODE_STRING;
CurrentDirectoryHandle: HANDLE;
DllPath: UNICODE_STRING;
ImageFile: UNICODE_STRING;
CommandLine: UNICODE_STRING;
Environment: PWSTR;
dwX: ULONG;
dwY: ULONG;
dwXSize: ULONG;
dwYSize: ULONG;
dwXCountChars: ULONG;
dwYCountChars: ULONG;
dwFillAttribute: ULONG;
dwFlags: ULONG;
wShowWindow: ULONG;
WindowTitle: UNICODE_STRING;
Desktop: UNICODE_STRING;
Reserved: UNICODE_STRING;
Reserved2: UNICODE_STRING;
end;
PROCESS_PARAMETERS = _PROCESS_PARAMETERS;
PPROCESS_PARAMETERS = ^PROCESS_PARAMETERS;
PPPROCESS_PARAMETERS = ^PPROCESS_PARAMETERS;
function RtlCreateProcessParameters(ProcessParameters: PPPROCESS_PARAMETERS; ImageFile: PUNICODE_STRING; DllPath: PUNICODE_STRING; CurrentDirectory: PUNICODE_STRING; CommandLine: PUNICODE_STRING; CreationFlags: ULONG; WindowTitle: PUNICODE_STRING; Desktop: PUNICODE_STRING; Reserved: PUNICODE_STRING; Reserved2: PUNICODE_STRING): NTSTATUS; stdcall;
function RtlDestroyProcessParameters(ProcessParameters: PPROCESS_PARAMETERS): NTSTATUS; stdcall;
type
_DEBUG_BUFFER = record
SectionHandle: HANDLE;
SectionBase: PVOID;
RemoteSectionBase: PVOID;
SectionBaseDelta: ULONG;
EventPairHandle: HANDLE;
Unknown: array [0..1] of ULONG;
RemoteThreadHandle: HANDLE;
InfoClassMask: ULONG;
SizeOfInfo: ULONG;
AllocatedSize: ULONG;
SectionSize: ULONG;
ModuleInformation: PVOID;
BackTraceInformation: PVOID;
HeapInformation: PVOID;
LockInformation: PVOID;
Reserved: array [0..7] of PVOID;
end;
DEBUG_BUFFER = _DEBUG_BUFFER;
PDEBUG_BUFFER = ^DEBUG_BUFFER;
const
PDI_MODULES = $01;
PDI_BACKTRACE = $02;
PDI_HEAPS = $04;
PDI_HEAP_TAGS = $08;
PDI_HEAP_BLOCKS = $10;
PDI_LOCKS = $20;
type
_DEBUG_MODULE_INFORMATION = record // c.f. SYSTEM_MODULE_INFORMATION
Reserved: array [0..1] of ULONG;
Base: ULONG;
Size: ULONG;
Flags: ULONG;
Index: USHORT;
Unknown: USHORT;
LoadCount: USHORT;
ModuleNameOffset: USHORT;
ImageName: array [0..255] of CHAR;
end;
DEBUG_MODULE_INFORMATION = _DEBUG_MODULE_INFORMATION;
PDEBUG_MODULE_INFORMATION = ^DEBUG_MODULE_INFORMATION;
_DEBUG_HEAP_INFORMATION = record
Base: ULONG;
Flags: ULONG;
Granularity: USHORT;
Unknown: USHORT;
Allocated: ULONG;
Committed: ULONG;
TagCount: ULONG;
BlockCount: ULONG;
Reserved: array [0..6] of ULONG;
Tags: PVOID;
Blocks: PVOID;
end;
DEBUG_HEAP_INFORMATION = _DEBUG_HEAP_INFORMATION;
PDEBUG_HEAP_INFORMATION = ^DEBUG_HEAP_INFORMATION;
_DEBUG_LOCK_INFORMATION = record // c.f. SYSTEM_LOCK_INFORMATION
Address: PVOID;
Type_: USHORT;
CreatorBackTraceIndex: USHORT;
OwnerThreadId: ULONG;
ActiveCount: ULONG;
ContentionCount: ULONG;
EntryCount: ULONG;
RecursionCount: ULONG;
NumberOfSharedWaiters: ULONG;
NumberOfExclusiveWaiters: ULONG;
end;
DEBUG_LOCK_INFORMATION = _DEBUG_LOCK_INFORMATION;
PDEBUG_LOCK_INFORMATION = ^DEBUG_LOCK_INFORMATION;
function RtlCreateQueryDebugBuffer(Size: ULONG; EventPair: ByteBool): PDEBUG_BUFFER; stdcall;
function RtlQueryProcessDebugInformation(ProcessId: ULONG; DebugInfoClassMask: ULONG; DebugBuffer: PDEBUG_BUFFER): NTSTATUS; stdcall;
function RtlDestroyQueryDebugBuffer(DebugBuffer: PDEBUG_BUFFER): NTSTATUS; stdcall;
function NtCreateJobObject(JobHandle: PHANDLE; DesiredAccess: ACCESS_MASK; ObjectAttributes: POBJECT_ATTRIBUTES): NTSTATUS; stdcall;
function NtOpenJobObject(JobHandle: PHANDLE; DesiredAccess: ACCESS_MASK; ObjectAttributes: POBJECT_ATTRIBUTES): NTSTATUS; stdcall;
function NtTerminateJobObject(JobHandle: HANDLE; ExitStatus: NTSTATUS): NTSTATUS; stdcall;
function NtAssignProcessToJobObject(JobHandle: HANDLE; ProcessHandle: HANDLE): NTSTATUS; stdcall;
function NtQueryInformationJobObject(JobHandle: HANDLE; JobInformationClass: JOBOBJECTINFOCLASS; JobInformation: PVOID; JobInformationLength: ULONG; ReturnLength: PULONG): NTSTATUS; stdcall;
function NtSetInformationJobObject(JobHandle: HANDLE; JobInformationClass: JOBOBJECTINFOCLASS; JobInformation: PVOID; JobInformationLength: ULONG): NTSTATUS; stdcall;
function NtCreateToken(TokenHandle: PHANDLE; DesiredAccess: ACCESS_MASK; ObjectAttributes: POBJECT_ATTRIBUTES; Type_: TOKEN_TYPE; AuthenticationId: PLUID; ExpirationTime: PLARGE_INTEGER; User: PTOKEN_USER; Groups: PTOKEN_GROUPS; Privileges: PTOKEN_PRIVILEGES; Owner: PTOKEN_OWNER; PrimaryGroup: PTOKEN_PRIMARY_GROUP; DefaultDacl: PTOKEN_DEFAULT_DACL; Source: PTOKEN_SOURCE): NTSTATUS; stdcall;
function NtOpenProcessToken(ProcessHandle: HANDLE; DesiredAccess: ACCESS_MASK; TokenHandle: PHANDLE): NTSTATUS; stdcall;
function NtOpenThreadToken(ThreadHandle: HANDLE; DesiredAccess: ACCESS_MASK; OpenAsSelf: ByteBool; TokenHandle: PHANDLE): NTSTATUS; stdcall;
function NtDuplicateToken(ExistingTokenHandle: HANDLE; DesiredAccess: ACCESS_MASK; ObjectAttributes: POBJECT_ATTRIBUTES; EffectiveOnly: ByteBool; TokenType: TOKEN_TYPE; NewTokenHandle: PHANDLE): NTSTATUS; stdcall;
function NtFilterToken(ExistingTokenHandle: HANDLE; Flags: ULONG; SidsToDisable: PTOKEN_GROUPS; PrivilegesToDelete: PTOKEN_PRIVILEGES; SidsToRestricted: PTOKEN_GROUPS; NewTokenHandle: PHANDLE): NTSTATUS; stdcall;
function NtAdjustPrivilegesToken(TokenHandle: HANDLE; DisableAllPrivileges: ByteBool; NewState: PTOKEN_PRIVILEGES; BufferLength: ULONG; PreviousState: PTOKEN_PRIVILEGES; ReturnLength: PULONG): NTSTATUS; stdcall;
function NtAdjustGroupsToken(TokenHandle: HANDLE; ResetToDefault: ByteBool; NewState: PTOKEN_GROUPS; BufferLength: ULONG; PreviousState: PTOKEN_GROUPS; ReturnLength: PULONG): NTSTATUS; stdcall;
function NtQueryInformationToken(TokenHandle: HANDLE; TokenInformationClass: TOKEN_INFORMATION_CLASS; TokenInformation: PVOID; TokenInformationLength: ULONG; ReturnLength: PULONG): NTSTATUS; stdcall;
function NtSetInformationToken(TokenHandle: HANDLE; TokenInformationClass: TOKEN_INFORMATION_CLASS; TokenInformation: PVOID; TokenInformationLength: ULONG): NTSTATUS; stdcall;
function NtWaitForSingleObject(Handle: HANDLE; Alertable: ByteBool; Timeout: PLARGE_INTEGER): NTSTATUS; stdcall;
function NtSignalAndWaitForSingleObject(HandleToSignal: HANDLE; HandleToWait: HANDLE; Alertable: ByteBool; Timeout: PLARGE_INTEGER): NTSTATUS; stdcall;
function NtWaitForMultipleObjects(HandleCount: ULONG; Handles: PHANDLE; WaitType: WAIT_TYPE; Alertable: ByteBool; Timeout: PLARGE_INTEGER): NTSTATUS; stdcall;
function NtCreateTimer(TimerHandle: PHANDLE; DesiredAccess: ACCESS_MASK; ObjectAttributes: POBJECT_ATTRIBUTES; TimerType: TIMER_TYPE): NTSTATUS; stdcall;
function NtOpenTimer(TimerHandle: PHANDLE; DesiredAccess: ACCESS_MASK; ObjectAttributes: POBJECT_ATTRIBUTES): NTSTATUS; stdcall;
function NtCancelTimer(TimerHandle: HANDLE; PreviousState: PBOOLEAN): NTSTATUS; stdcall;
type
PTIMER_APC_ROUTINE = procedure (TimerContext: PVOID; TimerLowValue: ULONG; TimerHighValue: LONG); stdcall;
function NtSetTimer(TimerHandle: HANDLE; DueTime: PLARGE_INTEGER; TimerApcRoutine: PTIMER_APC_ROUTINE; TimerContext: PVOID; Resume: ByteBool; Period: LONG; PreviousState: PBOOLEAN): NTSTATUS; stdcall;
type
_TIMER_INFORMATION_CLASS = (TimerBasicInformation);
TIMER_INFORMATION_CLASS = _TIMER_INFORMATION_CLASS;
function NtQueryTimer(TimerHandle: HANDLE; TimerInformationClass: TIMER_INFORMATION_CLASS; TimerInformation: PVOID; TimerInformationLength: ULONG; ResultLength: PULONG): NTSTATUS; stdcall;
type
_TIMER_BASIC_INFORMATION = record
TimeRemaining: LARGE_INTEGER;
SignalState: ByteBool;
end;
TIMER_BASIC_INFORMATION = _TIMER_BASIC_INFORMATION;
PTIMER_BASIC_INFORMATION = ^TIMER_BASIC_INFORMATION;
function NtCreateEvent(EventHandle: PHANDLE; DesiredAccess: ACCESS_MASK; ObjectAttributes: POBJECT_ATTRIBUTES; EventType: EVENT_TYPE; InitialState: ByteBool): NTSTATUS; stdcall;
function NtOpenEvent(EventHandle: PHANDLE; DesiredAccess: ACCESS_MASK; ObjectAttributes: POBJECT_ATTRIBUTES): NTSTATUS; stdcall;
function NtSetEvent(EventHandle: HANDLE; PreviousState: PULONG): NTSTATUS; stdcall;
function NtPulseEvent(EventHandle: HANDLE; PreviousState: PULONG): NTSTATUS; stdcall;
function NtResetEvent(EventHandle: HANDLE; PreviousState: PULONG): NTSTATUS; stdcall;
function NtClearEvent(EventHandle: HANDLE): NTSTATUS; stdcall;
type
_EVENT_INFORMATION_CLASS = (EventBasicInformation);
EVENT_INFORMATION_CLASS = _EVENT_INFORMATION_CLASS;
function NtQueryEvent(EventHandle: HANDLE; EventInformationClass: EVENT_INFORMATION_CLASS; EventInformation: PVOID; EventInformationLength: ULONG; ResultLength: PULONG): NTSTATUS; stdcall;
type
_EVENT_BASIC_INFORMATION = record
EventType: EVENT_TYPE;
SignalState: LONG;
end;
EVENT_BASIC_INFORMATION = _EVENT_BASIC_INFORMATION;
PEVENT_BASIC_INFORMATION = ^EVENT_BASIC_INFORMATION;
function NtCreateSemaphore(SemaphoreHandle: PHANDLE; DesiredAccess: ACCESS_MASK; ObjectAttributes: POBJECT_ATTRIBUTES; InitialCount: LONG; MaximumCount: LONG): NTSTATUS; stdcall;
function NtOpenSemaphore(SemaphoreHandle: PHANDLE; DesiredAccess: ACCESS_MASK; ObjectAttributes: POBJECT_ATTRIBUTES): NTSTATUS; stdcall;
function NtReleaseSemaphore(SemaphoreHandle: HANDLE; ReleaseCount: LONG; PreviousCount: PLONG): NTSTATUS; stdcall;
type
_SEMAPHORE_INFORMATION_CLASS = (SemaphoreBasicInformation);
SEMAPHORE_INFORMATION_CLASS = _SEMAPHORE_INFORMATION_CLASS;
function NtQuerySemaphore(SemaphoreHandle: HANDLE; SemaphoreInformationClass: SEMAPHORE_INFORMATION_CLASS; SemaphoreInformation: PVOID; SemaphoreInformationLength: ULONG; ResultLength: PULONG): NTSTATUS; stdcall;
type
_SEMAPHORE_BASIC_INFORMATION = record
CurrentCount: LONG;
MaximumCount: LONG;
end;
SEMAPHORE_BASIC_INFORMATION = _SEMAPHORE_BASIC_INFORMATION;
PSEMAPHORE_BASIC_INFORMATION = ^SEMAPHORE_BASIC_INFORMATION;
function NtCreateMutant(MutantHandle: PHANDLE; DesiredAccess: ACCESS_MASK; ObjectAttributes: POBJECT_ATTRIBUTES; InitialOwner: ByteBool): NTSTATUS; stdcall;
function NtOpenMutant(MutantHandle: PHANDLE; DesiredAccess: ACCESS_MASK; ObjectAttributes: POBJECT_ATTRIBUTES): NTSTATUS; stdcall;
function NtReleaseMutant(MutantHandle: HANDLE; PreviousState: PULONG): NTSTATUS; stdcall;
type
_MUTANT_INFORMATION_CLASS = (MutantBasicInformation);
MUTANT_INFORMATION_CLASS = _MUTANT_INFORMATION_CLASS;
function NtQueryMutant(MutantHandle: HANDLE; MutantInformationClass: MUTANT_INFORMATION_CLASS; MutantInformation: PVOID; MutantInformationLength: ULONG; ResultLength: PULONG): NTSTATUS; stdcall;
type
_MUTANT_BASIC_INFORMATION = record
SignalState: LONG;
Owned: ByteBool;
Abandoned: ByteBool;
end;
MUTANT_BASIC_INFORMATION = _MUTANT_BASIC_INFORMATION;
PMUTANT_BASIC_INFORMATION = ^MUTANT_BASIC_INFORMATION;
function NtCreateIoCompletion(IoCompletionHandle: PHANDLE; DesiredAccess: ACCESS_MASK; ObjectAttributes: POBJECT_ATTRIBUTES; NumberOfConcurrentThreads: ULONG): NTSTATUS; stdcall;
function NtOpenIoCompletion(IoCompletionHandle: PHANDLE; DesiredAccess: ACCESS_MASK; ObjectAttributes: POBJECT_ATTRIBUTES): NTSTATUS; stdcall;
function NtSetIoCompletion(IoCompletionHandle: HANDLE; CompletionKey: ULONG; CompletionValue: ULONG; Status: NTSTATUS; Information: ULONG): NTSTATUS; stdcall;
function NtRemoveIoCompletion(IoCompletionHandle: HANDLE; CompletionKey: PULONG; CompletionValue: PULONG; IoStatusBlock: PIO_STATUS_BLOCK; Timeout: PLARGE_INTEGER): NTSTATUS; stdcall;
type
_IO_COMPLETION_INFORMATION_CLASS = (IoCompletionBasicInformation);
IO_COMPLETION_INFORMATION_CLASS = _IO_COMPLETION_INFORMATION_CLASS;
function NtQueryIoCompletion(IoCompletionHandle: HANDLE; IoCompletionInformationClass: IO_COMPLETION_INFORMATION_CLASS; IoCompletionInformation: PVOID; IoCompletionInformationLength: ULONG; ResultLength: PULONG): NTSTATUS; stdcall;
type
_IO_COMPLETION_BASIC_INFORMATION = record
SignalState: LONG;
end;
IO_COMPLETION_BASIC_INFORMATION = _IO_COMPLETION_BASIC_INFORMATION;
PIO_COMPLETION_BASIC_INFORMATION = ^IO_COMPLETION_BASIC_INFORMATION;
function NtCreateEventPair(EventPairHandle: PHANDLE; DesiredAccess: ACCESS_MASK; ObjectAttributes: POBJECT_ATTRIBUTES): NTSTATUS; stdcall;
function NtOpenEventPair(EventPairHandle: PHANDLE; DesiredAccess: ACCESS_MASK; ObjectAttributes: POBJECT_ATTRIBUTES): NTSTATUS; stdcall;
function NtWaitLowEventPair(EventPairHandle: HANDLE): NTSTATUS; stdcall;
function NtWaitHighEventPair(EventPairHandle: HANDLE): NTSTATUS; stdcall;
function NtSetLowWaitHighEventPair(EventPairHandle: HANDLE): NTSTATUS; stdcall;
function NtSetHighWaitLowEventPair(EventPairHandle: HANDLE): NTSTATUS; stdcall;
function NtSetLowEventPair(EventPairHandle: HANDLE): NTSTATUS; stdcall;
function NtSetHighEventPair(EventPairHandle: HANDLE): NTSTATUS; stdcall;
function NtQuerySystemTime(CurrentTime: PLARGE_INTEGER): NTSTATUS; stdcall;
function NtSetSystemTime(NewTime: PLARGE_INTEGER; OldTime: PLARGE_INTEGER): NTSTATUS; stdcall;
function NtQueryPerformanceCounter(PerformanceCount: PLARGE_INTEGER; PerformanceFrequency: PLARGE_INTEGER): NTSTATUS; stdcall;
function NtSetTimerResolution(RequestedResolution: ULONG; Set_: ByteBool; ActualResolution: PULONG): NTSTATUS; stdcall;
function NtQueryTimerResolution(CoarsestResolution: PULONG; FinestResolution: PULONG; ActualResolution: PULONG): NTSTATUS; stdcall;
function NtDelayExecution(Alertable: ByteBool; Interval: PLARGE_INTEGER): NTSTATUS; stdcall;
function NtYieldExecution: NTSTATUS; stdcall;
function NtGetTickCount: ULONG; stdcall;
function NtCreateProfile(ProfileHandle: PHANDLE; ProcessHandle: HANDLE; Base: PVOID; Size: ULONG; BucketShift: ULONG; Buffer: PULONG; BufferLength: ULONG; Source: KPROFILE_SOURCE; ProcessorMask: ULONG): NTSTATUS; stdcall;
function NtSetIntervalProfile(Interval: ULONG; Source: KPROFILE_SOURCE): NTSTATUS; stdcall;
function NtQueryIntervalProfile(Source: KPROFILE_SOURCE; Interval: PULONG): NTSTATUS; stdcall;
function NtStartProfile(ProfileHandle: HANDLE): NTSTATUS; stdcall;
function NtStopProfile(ProfileHandle: HANDLE): NTSTATUS; stdcall;
type
_PORT_MESSAGE = record
DataSize: USHORT;
MessageSize: USHORT;
MessageType: USHORT;
VirtualRangesOffset: USHORT;
ClientId: CLIENT_ID;
MessageId: ULONG;
SectionSize: ULONG;
// UCHAR Data[];
end;
PORT_MESSAGE = _PORT_MESSAGE;
PPORT_MESSAGE = ^PORT_MESSAGE;
_LPC_TYPE = (
LPC_NEW_MESSAGE, // A new message
LPC_REQUEST, // A request message
LPC_REPLY, // A reply to a request message
LPC_DATAGRAM, //
LPC_LOST_REPLY, //
LPC_PORT_CLOSED, // Sent when port is deleted
LPC_CLIENT_DIED, // Messages to thread termination ports
LPC_EXCEPTION, // Messages to thread exception port
LPC_DEBUG_EVENT, // Messages to thread debug port
LPC_ERROR_EVENT, // Used by ZwRaiseHardError
LPC_CONNECTION_REQUEST); // Used by ZwConnectPort
LPC_TYPE = _LPC_TYPE;
_PORT_SECTION_WRITE = record
Length: ULONG;
SectionHandle: HANDLE;
SectionOffset: ULONG;
ViewSize: ULONG;
ViewBase: PVOID;
TargetViewBase: PVOID;
end;
PORT_SECTION_WRITE = _PORT_SECTION_WRITE;
PPORT_SECTION_WRITE = ^PORT_SECTION_WRITE;
_PORT_SECTION_READ = record
Length: ULONG;
ViewSize: ULONG;
ViewBase: ULONG;
end;
PORT_SECTION_READ = _PORT_SECTION_READ;
PPORT_SECTION_READ = ^PORT_SECTION_READ;
function NtCreatePort(PortHandle: PHANDLE; ObjectAttributes: POBJECT_ATTRIBUTES; MaxDataSize: ULONG; MaxMessageSize: ULONG; Reserved: ULONG): NTSTATUS; stdcall;
function NtCreateWaitablePort(PortHandle: PHANDLE; ObjectAttributes: POBJECT_ATTRIBUTES; MaxDataSize: ULONG; MaxMessageSize: ULONG; Reserved: ULONG): NTSTATUS; stdcall;
function NtConnectPort(PortHandle: PHANDLE; PortName: PUNICODE_STRING; SecurityQos: PSECURITY_QUALITY_OF_SERVICE; WriteSection: PPORT_SECTION_WRITE; ReadSection: PPORT_SECTION_READ; MaxMessageSize: PULONG; ConnectData: PVOID; ConnectDataLength: PULONG): NTSTATUS; ⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -