undocnt.h

Undocumented Windows NT 中文版CHM格式

NTSYSAPI
NTSTATUS
NTAPI
NtDuplicateObject(
	IN HANDLE hSourceProcessHandle,
	IN HANDLE hSourceHandle,
	IN HANDLE hTargetProcessHandle,
	IN OUT PHANDLE hTargetHandle,
	IN ACCESS_MASK AccessMask,
	IN BOOLEAN bInheritHandle,
	IN ULONG dwOptions
);

NTSYSAPI
NTSTATUS
NTAPI
ZwDuplicateObject(
	IN HANDLE hSourceProcessHandle,
	IN HANDLE hSourceHandle,
	IN HANDLE hTargetProcessHandle,
	IN OUT PHANDLE hTargetHandle,
	IN ACCESS_MASK AccessMask,
	IN BOOLEAN bInheritHandle,
	IN ULONG dwOptions
);


NTSYSAPI
NTSTATUS
NTAPI
NtCreateDirectoryObject(
    OUT PHANDLE DirectoryHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes
);

NTSYSAPI
NTSTATUS
NTAPI
ZwCreateDirectoryObject(
    OUT PHANDLE DirectoryHandle,
    IN ACCESS_MASK DesiredAccess,
    IN POBJECT_ATTRIBUTES ObjectAttributes
);

NTSYSAPI
NTSTATUS
NTAPI
NtCreateSymbolicLinkObject(
	OUT PHANDLE hSymbolicLink,
	IN ACCESS_MASK AccessMask,
	IN POBJECT_ATTRIBUTES ObjectAttributes,
	IN PUNICODE_STRING SymbolicLinkValue
);

NTSYSAPI
NTSTATUS
NTAPI
ZwCreateSymbolicLinkObject(
	OUT PHANDLE hSymbolicLink,
	IN ACCESS_MASK AccessMask,
	IN POBJECT_ATTRIBUTES ObjectAttributes,
	IN PUNICODE_STRING SymbolicLinkValue
);

NTSYSAPI
NTSTATUS
NTAPI
NtMakeTemporaryObject(
	IN HANDLE hObject
);

NTSYSAPI
NTSTATUS
NTAPI
ZwMakeTemporaryObject(
	IN HANDLE hObject
);

NTSYSAPI
NTSTATUS
NTAPI
NtOpenDirectoryObject(
	OUT PHANDLE hDirectory,
	IN ACCESS_MASK AccessMask,
	IN POBJECT_ATTRIBUTES ObjectAttributes
);

NTSYSAPI
NTSTATUS
NTAPI
ZwOpenDirectoryObject(
	OUT PHANDLE hDirectory,
	IN ACCESS_MASK AccessMask,
	IN POBJECT_ATTRIBUTES ObjectAttributes
);


typedef struct QueryDirectoryObjectBuffer_t {
	UNICODE_STRING DirectoryEntry;
	UNICODE_STRING DirectoryEntryType;
	char Buffer[1000];
} QUERYDIRECTORYOBJECTBUFFER, *PQUERYDIRECTORYOBJECTBUFFER;

NTSYSAPI
NTSTATUS
NTAPI
NtQueryDirectoryObject(
	IN HANDLE hDirectory,
	OUT PQUERYDIRECTORYOBJECTBUFFER DirectoryEntryBuffer,
	IN ULONG DirectoryEntryBufferSize,
	IN BOOLEAN  bOnlyFirstEntry,
	IN BOOLEAN bFirstEntry,
	IN PULONG  BytesReturned,
	IN PULONG  EntryIndex
);

NTSTATUS
NTAPI
ZwQueryDirectoryObject(
	IN HANDLE hDirectory,
	OUT PQUERYDIRECTORYOBJECTBUFFER DirectoryEntryBuffer,
	IN ULONG DirectoryEntryBufferSize,
	IN BOOLEAN  bOnlyFirstEntry,
	IN BOOLEAN bFirstEntry,
	IN PULONG  BytesReturned,
	IN PULONG  EntryIndex
);

NTSYSAPI
NTSTATUS
NTAPI
NtOpenSymbolicLinkObject(
	OUT PHANDLE hSymbolicLink,
	IN ACCESS_MASK AccessMask,
	IN POBJECT_ATTRIBUTES ObjectAttributes
);

NTSYSAPI
NTSTATUS
NTAPI
ZwOpenSymbolicLinkObject(
	OUT PHANDLE hSymbolicLink,
	IN ACCESS_MASK AccessMask,
	IN POBJECT_ATTRIBUTES ObjectAttributes
);

NTSYSAPI
NTSTATUS
NTAPI
NtQuerySymbolicLinkObject(
	IN HANDLE hSymbolicLink,
	IN OUT PUNICODE_STRING ObjectName,
	OUT PULONG BytesReturned
);

NTSYSAPI
NTSTATUS
NTAPI
ZwQuerySymbolicLinkObject(
	IN HANDLE hSymbolicLink,
	IN OUT PUNICODE_STRING ObjectName,
	OUT PULONG BytesReturned
);

typedef struct ObjectBasicInfo_t {
	char Unknown1[8];
	ULONG HandleCount;
	ULONG ReferenceCount;
	ULONG PagedQuota;
	ULONG NonPagedQuota;
	char Unknown2[32];
} OBJECT_BASIC_INFO, *POBJECT_BASIC_INFO;

typedef struct ObjectNameInfo_t {
	UNICODE_STRING ObjectName;
	WCHAR ObjectNameBuffer[1];
} OBJECT_NAME_INFO, *POBJECT_NAME_INFO;

typedef struct ObjectTypeInfo_t {
	UNICODE_STRING ObjectTypeName;
	char Unknown[0x58];
	WCHAR ObjectTypeNameBuffer[1];
} OBJECT_TYPE_INFO, *POBJECT_TYPE_INFO;

typedef struct ObjectAllTypeInfo_t {
	ULONG NumberOfObjectTypes;
	OBJECT_TYPE_INFO ObjectsTypeInfo[1];
} OBJECT_ALL_TYPES_INFO, *POBJECT_ALL_TYPES_INFO;

typedef struct ObjectProtectionInfo_t {
	BOOLEAN bInherit;
	BOOLEAN bProtectHandle;
} OBJECT_PROTECTION_INFO, *POBJECT_PROTECTION_INFO;

typedef enum _OBJECT_INFO_CLASS {
	ObjectBasicInfo,
	ObjectNameInfo,
	ObjectTypeInfo,
	ObjectAllTypesInfo,
	ObjectProtectionInfo
} OBJECT_INFO_CLASS;


NTSYSAPI
NTSTATUS
NTAPI
NtQueryObject(
	IN HANDLE hObject,
	IN OBJECT_INFO_CLASS ObjectInfoClass,
	OUT PVOID Buffer,
	IN ULONG BufferSize,
	OUT PULONG BytesReturned
);

NTSYSAPI
NTSTATUS
NTAPI
ZwQueryObject(
	IN HANDLE hObject,
	IN OBJECT_INFO_CLASS ObjectInfoClass,
	OUT PVOID Buffer,
	IN ULONG BufferSize,
	OUT PULONG BytesReturned
);

NTSYSAPI
NTSTATUS
NTAPI
NtSetInformationObject(
	IN HANDLE hObject,
	IN OBJECT_INFO_CLASS ObjectInfoClass,
	IN PVOID Buffer,
	IN ULONG BufferSize
);

NTSYSAPI
NTSTATUS
NTAPI
ZwSetInformationObject(
	IN HANDLE hObject,
	IN OBJECT_INFO_CLASS ObjectInfoClass,
	IN PVOID Buffer,
	IN ULONG BufferSize
);

NTSYSAPI
NTSTATUS
NTAPI
NtCreateEvent(
	OUT PHANDLE hEvent,
	IN ACCESS_MASK AccessMask,
	IN POBJECT_ATTRIBUTES ObjectAttributes,
	IN EVENT_TYPE EventType,
	IN BOOLEAN bInitialState
);

NTSYSAPI
NTSTATUS
NTAPI
ZwCreateEvent(
	OUT PHANDLE hEvent,
	IN ACCESS_MASK AccessMask,
	IN POBJECT_ATTRIBUTES ObjectAttributes,
	IN EVENT_TYPE EventType,
	IN BOOLEAN bInitialState
);

NTSYSAPI
NTSTATUS
NTAPI
NtOpenEvent(
	OUT PHANDLE hEvent,
	IN ACCESS_MASK DesiredAccess,
	IN POBJECT_ATTRIBUTES ObjectAttributes
);

NTSYSAPI
NTSTATUS
NTAPI
ZwOpenEvent(
	OUT PHANDLE hEvent,
	IN ACCESS_MASK DesiredAccess,
	IN POBJECT_ATTRIBUTES ObjectAttributes
);

NTSYSAPI
NTSTATUS
NTAPI
NtClearEvent(
	IN HANDLE hEvent
);

NTSYSAPI
NTSTATUS
NTAPI
ZwClearEvent(
	IN HANDLE hEvent
);

NTSYSAPI
NTSTATUS
NTAPI
NtPulseEvent(
	IN HANDLE hEvent,
	OUT OPTIONAL PULONG PreviousState
);

NTSYSAPI
NTSTATUS
NTAPI
ZwPulseEvent(
	IN HANDLE hEvent,
	OUT OPTIONAL PULONG PreviousState
);

NTSYSAPI
NTSTATUS
NTAPI
NtSetEvent(
	IN HANDLE hEvent,
	OUT OPTIONAL PULONG PreviousState
);

NTSYSAPI
NTSTATUS
NTAPI
ZwSetEvent(
	IN HANDLE hEvent,
	OUT OPTIONAL PULONG PreviousState
);

NTSYSAPI
NTSTATUS
NTAPI
NtResetEvent(
	IN HANDLE hEvent,
	OUT OPTIONAL PULONG PreviousState
);

NTSYSAPI
NTSTATUS
NTAPI
ZwResetEvent(
	IN HANDLE hEvent,
	OUT OPTIONAL PULONG PreviousState
);

typedef enum _EVENT_INFO_CLASS {
	EventBasicInfo
} EVENT_INFO_CLASS;

typedef struct EventInfo_t {
	EVENT_TYPE EventType;
	LONG EventState;
} EVENT_INFO, *PEVENT_INFO;

NTSYSAPI
NTSTATUS
NTAPI
NtQueryEvent(
	IN HANDLE hEvent,
	IN EVENT_INFO_CLASS InfoClass,
	OUT PVOID EventInfoBuffer,
	IN ULONG EventInfoBufferSize,
	OUT PULONG BytesCopied
);

NTSTATUS
NTAPI
ZwQueryEvent(
	IN HANDLE hEvent,
	IN EVENT_INFO_CLASS InfoClass,
	OUT PVOID EventInfoBuffer,
	IN ULONG EventInfoBufferSize,
	OUT PULONG BytesCopied
);

NTSYSAPI
NTSTATUS
NTAPI
NtCreateEventPair(
	OUT PHANDLE hEventPair,
	IN ACCESS_MASK AccessMask,
	IN POBJECT_ATTRIBUTES ObjectAttributes
);

NTSYSAPI
NTSTATUS
NTAPI
ZwCreateEventPair(
	OUT PHANDLE hEventPair,
	IN ACCESS_MASK AccessMask,
	IN POBJECT_ATTRIBUTES ObjectAttributes
);

NTSYSAPI
NTSTATUS
NTAPI
NtOpenEventPair(
	OUT PHANDLE hEventPair,
	IN ACCESS_MASK AccessMask,
	IN POBJECT_ATTRIBUTES ObjectAttributes
);

NTSYSAPI
NTSTATUS
NTAPI
ZwOpenEventPair(
	OUT PHANDLE hEventPair,
	IN ACCESS_MASK AccessMask,
	IN POBJECT_ATTRIBUTES ObjectAttributes
);

NTSYSAPI
NTSTATUS
NTAPI
NtSetLowWaitHighEventPair(
	IN HANDLE hEventPair
);

NTSYSAPI
NTSTATUS
NTAPI
ZwSetLowWaitHighEventPair(
	IN HANDLE hEventPair
);

NTSYSAPI
NTSTATUS
NTAPI
NtSetHighWaitLowEventPair(
	IN HANDLE hEventPair
);

NTSYSAPI
NTSTATUS
NTAPI
ZwSetHighWaitLowEventPair(
	IN HANDLE hEventPair
);

NTSYSAPI
NTSTATUS
NTAPI
NtSetHighEventPair(
	IN HANDLE hEventPair
);

NTSYSAPI
NTSTATUS
NTAPI
ZwSetHighEventPair(
	IN HANDLE hEventPair
);

NTSYSAPI
NTSTATUS
NTAPI
NtSetLowEventPair(
	IN HANDLE hEventPair
);

NTSYSAPI
NTSTATUS
NTAPI
ZwSetLowEventPair(
	IN HANDLE hEventPair
);

NTSYSAPI
NTSTATUS
NTAPI
NtWaitHighEventPair(
	IN HANDLE hEventPair
);

NTSYSAPI
NTSTATUS
NTAPI
ZwWaitHighEventPair(
	IN HANDLE hEventPair
);

NTSYSAPI
NTSTATUS
NTAPI
NtWaitLowEventPair(
	IN HANDLE hEventPair
);

NTSYSAPI
NTSTATUS
NTAPI
ZwWaitLowEventPair(
	IN HANDLE hEventPair
);

NTSYSAPI
NTSTATUS
NTAPI
NtCreateMutant(
	OUT PHANDLE hMutex,
	IN ACCESS_MASK AccessMask,
	IN POBJECT_ATTRIBUTES ObjectAttributes,
	IN BOOLEAN bOwnMutant
);

NTSTATUS
NTAPI
ZwCreateMutant(
	OUT PHANDLE hMutex,
	IN ACCESS_MASK AccessMask,
	IN POBJECT_ATTRIBUTES ObjectAttributes,
	IN BOOLEAN bOwnMutant
);

NTSYSAPI
NTSTATUS
NTAPI
NtOpenMutant(
	OUT PHANDLE hMutex,
	IN ACCESS_MASK DesiredAccess,
	IN POBJECT_ATTRIBUTES ObjectAttributes
);

NTSTATUS
NTAPI
ZwOpenMutant(
	OUT PHANDLE hMutex,
	IN ACCESS_MASK DesiredAccess,
	IN POBJECT_ATTRIBUTES ObjectAttributes
);

typedef enum _MUTANT_INFO_CLASS {
	MutantBasicInfo
} MUTANT_INFO_CLASS;

typedef struct MutantInfo_t {
	LONG MutantState;
	BOOLEAN bOwnedByCallingThread;
	BOOLEAN bAbandoned;
	USHORT Unused;
} MUTANT_INFO, *PMUTANT_INFO;

NTSYSAPI
NTSTATUS
NTAPI
NtQueryMutant(
	IN HANDLE hMutant,
	IN MUTANT_INFO_CLASS InfoClass,
	OUT PVOID MutantInfoBuffer,
	IN ULONG MutantInfoBufferSize,
	OUT PULONG BytesCopied
);

NTSTATUS
NTAPI
ZwQueryMutant(
	IN HANDLE hMutant,
	IN MUTANT_INFO_CLASS InfoClass,
	OUT PVOID MutantInfoBuffer,
	IN ULONG MutantInfoBufferSize,
	OUT PULONG BytesCopied
);

NTSYSAPI
NTSTATUS
NTAPI
NtReleaseMutant(
	IN HANDLE hMutant,
	OUT OPTIONAL PULONG bWasSignalled
);

NTSTATUS
NTAPI
ZwReleaseMutant(
	IN HANDLE hMutant,
	OUT OPTIONAL PULONG bWasSignalled
);


NTSYSAPI
NTSTATUS
NTAPI
NtCreateSemaphore(
	OUT PHANDLE hSemaphore,
	IN ACCESS_MASK AccessMask,
	IN POBJECT_ATTRIBUTES ObjectAttributes,
	IN ULONG InitialCount,
	IN ULONG MaximumCount
);


NTSTATUS
NTAPI
ZwCreateSemaphore(
	OUT PHANDLE hSemaphore,
	IN ACCESS_MASK AccessMask,
	IN POBJECT_ATTRIBUTES ObjectAttributes,
	IN ULONG InitialCount,
	IN ULONG MaximumCount
);

NTSYSAPI
NTSTATUS
NTAPI
NtOpenSemaphore(
	OUT PHANDLE hSemaphore,
	IN ACCESS_MASK DesiredAccess,
	IN POBJECT_ATTRIBUTES ObjectAttributes
);

NTSTATUS
NTAPI
ZwOpenSemaphore(
	OUT PHANDLE hSemaphore,
	IN ACCESS_MASK DesiredAccess,
	IN POBJECT_ATTRIBUTES ObjectAttributes
);

typedef enum _SEMAPHORE_INFO_CLASS {
	SemaphoreBasicInfo
} SEMAPHORE_INFO_CLASS;

typedef struct SemaphoreInfo_t {
	ULONG CurrentCount;
	ULONG MaxCount;
} SEMAPHORE_INFO, *PSEMAPHORE_INFO;



NTSYSAPI
NTSTATUS
NTAPI
NtQuerySemaphore(
	IN HANDLE hSemaphore,
	IN SEMAPHORE_INFO_CLASS SemaphoreInfoClass,
	OUT PVOID Buffer,
	IN ULONG BufferSize,
	OUT PULONG BytesReturned
);

NTSTATUS
NTAPI
ZwQuerySemaphore(
	IN HANDLE hSemaphore,
	IN SEMAPHORE_INFO_CLASS SemaphoreInfoClass,
	OUT PVOID Buffer,
	IN ULONG BufferSize,
	OUT PULONG BytesReturned
);

NTSYSAPI
NTSTATUS
NTAPI
NtReleaseSemaphore(
	IN HANDLE hSemaphore,
	IN ULONG ReleaseCount,
	OUT PULONG PreviousCount
);

NTSTATUS
NTAPI
ZwReleaseSemaphore(
	IN HANDLE hSemaphore,
	IN ULONG ReleaseCount,
	OUT PULONG PreviousCount
);


NTSYSAPI
NTSTATUS
NTAPI
NtWaitForSingleObject(
	IN HANDLE hObject,
	IN BOOLEAN bAlertable,
	IN PLARGE_INTEGER Timeout
);

NTSYSAPI
NTSTATUS
NTAPI
ZwWaitForSingleObject(
	IN HANDLE hObject,
	IN BOOLEAN bAlertable,
	IN PLARGE_INTEGER Timeout
);

NTSYSAPI
NTSTATUS
NTAPI
NtSignalAndWaitForSingleObject(
	IN HANDLE hSignalObject,
	IN HANDLE hWaitObject,
	IN BOOLEAN bAlertable,
	IN PLARGE_INTEGER Timeout
);

NTSYSAPI
NTSTATUS
NTAPI
ZwSignalAndWaitForSingleObject(
	IN HANDLE hSignalObject,
	IN HANDLE hWaitObject,
	IN BOOLEAN bAlertable,
	IN PLARGE_INTEGER Timeout
);