diff --git a/packagesNtApiDotNet.1.1.33/lib/net461/NtApiDotNet.xml b/packagesNtApiDotNet.1.1.33/lib/net461/NtApiDotNet.xml deleted file mode 100644 index 1f8091c..0000000 --- a/packagesNtApiDotNet.1.1.33/lib/net461/NtApiDotNet.xml +++ /dev/null @@ -1,51865 +0,0 @@ - - - - NtApiDotNet - - - - - Result of an access check with specific access types. - - The access rights type, must be derived from an Enum. - - - - The NT status code from the access check. - - - - - The granted access mask from the check. - - - - - The granted access mapped to generic access mask. - - - - - The required privileges for this access. - - - - - The specific granted access mask from the check. - - - - - The specific granted access mapped to generic access mask. - - - - - Object type associated with the access. - - - - - The level of the object type if used. - - - - - Optional name for the object type. - - - - - When a result from an Audit Access Check indicates whether the - an audit needs to be generated on close. - - - - - Whether the access check was a success. - - - - - Get access check result as a specific access. - - The specific access results. - - - - Get access check result as a specific access. - - The specific access. - - - - Result of an access check. - - - - - Result of an access check with generic Enum access types. - - - - - Structure for an NT access mask. - - - - - The access mask's access bits. - - - - - Constructor. - - Access bits to use - - - - Implicit conversion from Int32. - - The access enumeration. - - - - Implicit conversion from UInt32. - - The access enumeration. - - - - Implicit conversion from enumerations. - - The access enumeration. - - - - Convert access mask to a generic access object. - - The generic access mask - - - - Convert access mask to a mandatory label policy - - The mandatory label policy - - - - Convert to a specific access right. - - The specific access right. - The converted value. - - - - Convert to a specific access right. - - The type of enumeration to convert to. - The converted value. - - - - Get whether this access mask is empty (i.e. it's 0) - - - - - Get whether this access mask has no access rights, i.e. not empty. - - - - - Get whether this access mask has generic access rights. - - - - - Get whether this access mask hash type specific access rights. - - - - - Get whether the current access mask is granted specific permissions. - - The access mask to check - True one or more access granted. - - - - Get whether the current access mask is granted all specific permissions. - - The access mask to check - True access all is granted. - - - - Bitwise AND operator. - - Access mask 1 - Access mask 2 - The new access mask. - - - - Bitwise OR operator. - - Access mask 1 - Access mask 2 - The new access mask. - - - - Bitwise AND operator. - - Access mask 1 - Access mask 2 - The new access mask. - - - - Bitwise OR operator. - - Access mask 1 - Access mask 2 - The new access mask. - - - - Equality operator. - - Access mask 1 - Access mask 2 - True if equal. - - - - Inequality operator. - - Access mask 1 - Access mask 2 - True if equal. - - - - Bitwise NOT operator. - - Access mask 1 - The new access mask. - - - - Overridden GetHashCode. - - The hash code. - - - - Overridden Equals. - - The object to compare against. - True if equal. - - - - Get an empty access mask. - - - - - Overridden ToString method. - - The access mask. - - - - ToString method. - - Format code for the access mask. - The formatting string. - - - - ToString method. - - Format code for the access mask. - The format provider. - The formatting string. - - - - Flags representing what generic access the entry maps to. - - - - - Not mapped to any access. - - - - - Mapped to read. - - - - - Mapped to write. - - - - - Mapped to execute. - - - - - Mapped to All. - - - - - A structure to hold an access mask to enum mapping. - - - - - The access mask. - - - - - The value of the access mask entry enumeration. - - - - - The generic access this maps to. - - - - - The optional SDK name. - - - - - Overridden ToString method. - - The string form of the entry. - - - - Class to represent an Access Control Entry (ACE) - - - - - Check if the ACE is an allowed ACE. - - - - - Check if the ACE is a denied ACE. - - - - - Check if the ACE is an Object ACE - - - - - Check if the ACE is a callback ACE - - - - - Check if ACE is a conditional ACE - - - - - Check if ACE is a resource attribute ACE. - - - - - Check if ACE is a mandatory label ACE. - - - - - Check if ACE is a compound ACE. - - - - - Check if ACE is an audit ACE. - - - - - Check if ACE is an access filter ACE. - - - - - Check if ACE is a process trust label ACE. - - - - - Check if ACE is a critical ACE. - - - - - Check if ACE is inherit only. - - - - - Check if ACE is inherited by objects. - - - - - Check if ACE is inherited by objects. - - - - - Get ACE type - - - - - Get ACE flags - - - - - Get ACE access mask - - - - - Get ACE Security Identifier - - - - - The type of compound ACE. When serialized always set to Impersonate. - - - - - Get the client SID in a compound ACE. - - - - - Get optional Object Type - - - - - Get optional Inherited Object Type - - - - - Optional application data. - - - - - Get conditional check if a conditional ace. - - - - - Get or set resource attribute. - - - - - Constructor - - ACE type - ACE flags - ACE access mask - ACE sid - - - - Convert ACE to a string - - The ACE as a string - - - - Convert ACE to a string - - An enumeration type to format the access mask - True to try and resolve SID to a name - The ACE as a string - - - - Clone this ACE. - - The cloned ACE. - - - - Get whether the current access mask is granted specific permissions. - - The access mask to check - True one or more access granted. - - - - Get whether the current access mask is granted all specific permissions. - - The access mask to check - True access all is granted. - - - - Get the common name of the object type. - - Specify the domain for the object type. - If true then expand the list of properties. - The common name of the object type, or the GUID as a string. - This function could be quite slow to query the first time. - - - - Get the common name of the object type. - - If true then expand the list of properties. - The common name of the object type, or the GUID as a string. - This will query the local domain, it could be quite slow to query the first time. - - - - Get the common name of the object type. - - The common name of the object type, or the GUID as a string. - This will query the local domain, it could be quite slow to query the first time. - - - - Get the common name of the inherited object type. - - Specify the domain for the object type. - The common name of the object type, or the GUID as a string. - This function could be quite slow to query the first time. - - - - Get the common name of the inherited object type. - - The common name of the object type, or the GUID as a string. - This will query the local domain, it could be quite slow to query the first time. - - - - Convert the ACE to a byte array. - - The ACE as a byte array. - - - - Compare ACE to another object. - - The other object. - True if the other object equals this ACE - - - - Get hash code. - - The hash code - - - - Equality operator - - Left ACE - Right ACE - True if the ACEs are equal - - - - Not Equal operator - - Left ACE - Right ACE - True if the ACEs are not equal - - - - Class to represent an Access Control List (ACL) - - - - - Constructor - - Pointer to a raw ACL in memory - True if the ACL was defaulted - - - - Constructor - - Buffer containing an ACL in memory - True if the ACL was defaulted - - - - Constructor for a NULL ACL - - True if the ACL was defaulted - - - - Constructor for an empty ACL - - - - - Constructor - - List of ACEs to add to ACL - True if the ACL was defaulted - - - - Constructor - - List of ACEs to add to ACL - - - - Constructor. - - An SDDL string to create the DACL from. - The SDDL string should be of the form D:(...) or S:(...), if you specify - both a DACL and a SACL then only the DACL will be used. - - - - Convert the ACL to a byte array - - The ACL as a byte array - - - - Convert the ACL to a safe buffer - - The safe buffer - - - - Add an ace to the ACL - - The ACE to add - - - - Add an access allowed ace to the ACL - - The ACE access mask - The ACE flags - The ACE SID - - - - Add an access allowed ace to the ACL - - The ACE access mask - The ACE SID - - - - Add an access allowed ace to the ACL - - The ACE access mask - The ACE flags - The ACE SID - - - - Add an access allowed ace to the ACL - - The ACE access mask - The ACE SID - - - - Add an access denied ace to the ACL - - The ACE access mask - The ACE flags - The ACE SID - - - - Add an access denied ace to the ACL - - The ACE access mask - The ACE SID - - - - Add an access denied ace to the ACL - - The ACE access mask - The ACE flags - The ACE SID - - - - Add an access denied ace to the ACL - - The ACE access mask - The ACE SID - - - - Add an audit ace to the ACL - - The ACE access mask - The ACE flags - The ACE SID - - - - Add an audit ace to the ACL - - The ACE access mask - The ACE flags - The ACE SID - - - - Add an audit success ace to the ACL - - The ACE access mask - The ACE SID - - - - Add an audit success ace to the ACL - - The ACE access mask - The ACE SID - - - - Add an audit fail ace to the ACL - - The ACE access mask - The ACE SID - - - - Add an audit fail ace to the ACL - - The ACE access mask - The ACE SID - - - - Gets an indication if this ACL is canonical. - - Canonical means that deny ACEs are before allow ACEs. - True to canonicalize a DACL, otherwise a SACL. - True if the ACL is canonical. - - - - Gets an indication if this DACL is canonical. - - Canonical basically means that deny ACEs are before allow ACEs. - True if the ACL is canonical. - - - - Canonicalize the ACL. - - True to canonicalize a DACL, otherwise a SACL. - - - - Canonicalize the ACL (for use on DACLs only). - - The canonical ACL. - - - - Find the first ACE with a specified type. - - The type to find. - True to include inherit only ACEs. - The found ace. Returns null if not found. - - - - Find the first ACE with a specified type. Includes InheritOnly ACEs. - - The type to find. - The found ace. Returns null if not found. - - - - Find the all ACE with a specified type. - - The type to find. - True to include inherit only ACEs. - The found aces. - - - - Find the all ACE with a specified type. Includes InheritOnly ACEs. - - The type to find. - The found aces. - - - - Find the last ACE with a specified type. - - The type to find. - The found ace. Returns null if not found. - - - - Clone the ACL. Also clones all ACEs. - - The cloned ACL. - - - - Get or set whether the ACL was defaulted - - - - - Get or set whether the ACL is NULL (no security) - - - - - Get or set the protected flag. - - - - - Get or set the auto-inherited flag. - - - - - Get or set the auto-inherited required flag. - - - - - Get or set the ACL revision - - - - - Indicates the ACL has at least one conditional ACE. - - - - - Indicates the ACL has at least one object ACE. - - - - - Base class to represent an ALPC message. - - - - - Constructor. - - The port message header. - - - - Constructor. - - - - - Update the header length fields. - - The length of the valid data. - The maximum data length supported by the packet. - - - - Method to handle when ToSafeBuffer is called. - - The message buffer being created. - - - - Method to handle when FromSafeBuffer is called. - - The message buffer to initialize from.. - The ALPC port associated with this message. - - - - Get or set the header. - - - - - The process ID of the sender. - - - - - The thread ID of the sender. - - - - - Get total length of the message. - - - - - Get the allocated data length for the message. - - - - - Get data length of the message. - - - - - Get the message ID. - - - - - Get the callback ID. - - - - - Get the message type. - - - - - Get additional flags on message type. - - - - - Indicates that the message requires a reply (otherwise things can leak). - - - - - Indicates that the message requires a reply (obsolete). - - - - - Get direct status for the message. - - The direct status for the message. Returns STATUS_PENDING if the message is yet to be processed. - - - - Get the maximum size of a message minus the header size. - - - - - Create a safe buffer for this message. - - The safe buffer. - - - - Method to query information for a message. - - The information class. - The port which has processed the message. - The buffer to return data in. - Return length from the query. - The NT status code for the query. - - - - Query a fixed structure from the object. - - The type of structure to return. - The information class to query. - The port which has processed the message. - A default value for the query. - True to throw on error. - The result of the query. - Thrown on error. - - - - Query a fixed structure from the object. - - The type of structure to return. - The port which has processed the message. - The information class to query. - A default value for the query. - The result of the query. - Thrown on error. - - - - Query a fixed structure from the object. - - The type of structure to return. - The port which has processed the message. - The information class to query. - The result of the query. - Thrown on error. - - - - An ALPC message which holds a raw set of bytes. - - - - - Constructor. - - Data to initialize the message with. - Maximum length of the message buffer. - Specify a text encoding for the DataString property. - - - - Constructor. - - Data to initialize the message with. - Maximum length of the message buffer. - - - - Constructor. - - Data to initialize the message with. - - - - Constructor. - - Data to initialize the message with. - Specify a text encoding for the DataString property. - - - - Constructor. - - Total allocated length of the message buffer. - - - - Constructor. - - Total allocated length of the message buffer. - Specify a text encoding for the DataString property. - - - - Get or set the message data. - - When you set the data it'll update the DataLength and TotalLength fields. - - - - Get or set the message data as an encoding string. - - When you set the data it'll update the DataLength and TotalLength fields. - - - - Get or set the text encoding in this raw message. - - - - - Method to handle when FromSafeBuffer is called. - - The message buffer to initialize from.. - The ALPC port associated with this message. - - - - Method to handle when ToSafeBuffer is called. - - The message buffer being created. - - - - An ALPC message which holds a specific type with optional trailing data. - - The type representing the data. - - - - Constructor for a receive buffer. - - - - - Constructor for a receive buffer. - - Length of message. This will be rounded up to at least accomodate the header. - - - - Constructor for a send/receive buffer. - - The initial value to set. - Trailing data. - - - - Constructor for a send/receive buffer. - - The initial value to set. - - - - Get or set the type in the buffer. - - - - - Get or set any trailing data after the value. - - - - - Method to handle when FromSafeBuffer is called. - - The message buffer to initialize from.. - The ALPC port associated with this message. - - - - Method to handle when ToSafeBuffer is called. - - The message buffer being created. - - - - Class to represent a set of sending attributes. - - - - - Constructor. - - - - - Constructor. - - List of attributes to send. - - - - Add an attribute object. - - The attribute to add. - - - - Remove an attribute object. - - The attribute flag to remove. - - - - Remove an attribute object. - - The attribute to remove. - - - - Add a list of handles to the send attributes. - - The list of objects. - This method doesn't maintain a reference to the objects. You need to keep them alive elsewhere. - - - - Add a list of handles to the send attributes. - - The list of handles. - - - - Add a list of handles to the send attributes. - - The handle to add. - This method doesn't maintain a reference to the objects. You need to keep them alive elsewhere. - - - - Add a list of handles to the send attributes. - - The handle to add. - - - - Get the allocated attributes. - - - - - Class to represent a set of received attributes. - - - - - Constructor. Allocated space for all known attributes. - - - - - Constructor. - - - - - Get the allocated attributes. - - - - - Get the list of valid attributes. - - - - - Get a list of the valid attributes. - - - - - Get list of passed handles. - - - - - Get the mapped data view. If no view sent this property is invalid. - - - - - Get the security context. If no security context this property is invalid. - - - - - Dispose method. - - - - - Get a typed attribute. - - The type of attribute to get. - The attribute. Returns a default initialized object if not valid. - - - - Get an attribute. - - The attribute flag to get. - The attribute. Returns null if not found. - - - - Convert this set of attributes to a buffer to send. - - The send attributes. - - - - Convert this set of attributes to one which can be used to free on continuation required. - - The attributes to - The send attributes. - - - - Checks if an attribute flag is valid. - - The attribute to test. - True if the attribute is value. - - - - Base class to represent a message attribute. - - - - - The flag for this attribute. - - - - - Constructor. - - The single attribute flag which this represents. - - - - Class representing a security message attribute. - - - - - Constructor. - - - - - Security attribute flags. - - - - - Security quality of service. - - - - - Context handle. - - - - - Create an attribute which with create a handle automatically. - - The security quality of service. - The security message attribute. - - - - Class representing a security message attribute. - - - - - Constructor. - - - - - Token ID of token. - - - - - Authentication ID of token. - - - - - Modified ID of token - - - - - Class representing a security message attribute. - - - - - Constructor. - - - - - Port context. - - - - - Message context. - - - - - Sequence number. - - - - - Message ID. - - - - - Callback ID. - - - - - Class representing a data view message attribute. - - - - - Constructor. - - - - - View flags. - - - - - Handle to section. - - - - - View base. - - - - - View size. - - - - - Handle attribute entry. - - - - - Handle flags. - - - - - The NT object. - - - - - The object type for the handle. - - - - - Desired access for the handle. - - - - - Constructor. - - Handle attribute to initialize from. - - - - Constructor. - - Handle attribute to initialize from. - - - - Constructor. - - Information structure to initialize from. - - - - Constructor. - - - - - Constructor. - - The object to construct the entry from. Will take a copy of the handle. - - - - Class representing a handle message attribute. - - - - - Constructor. - - - - - Constructor. - - List of handle entries. - - - - Constructor. - - The handle entry. - - - - Constructor. - - List of objects to create the handle entries. - This constructor takes copies of the objects. - - - - Constructor. - - A single object to send. - This constructor takes copies of the object. - - - - List of handles in this attribute. - - - - - Class representing a direct message attribute. - - - - - Constructor. - - The event object. - - - - The event object. - - - - - Class representing a work on behalf of message attribute. - - - - - Constructor. - - - - - Thread ID. - - - - - Thread creation time (low). - - - - - Safe buffer to store an allocated set of ALPC atributes. - - - - - Get a pointer to an allocated attribute. Returns NULL if not available. - - The attribute to get. - The pointer to the attribute buffer, IntPtr.Zero if not found. - - - - Get an attribute as a structured type. - - The attribute type. - The attribute. - A buffer which represents the structured type. - Thrown if attribute doesn't exist. - - - - Create a new buffer with allocations for a specified set of attributes. - - The attributes to allocate. - The allocated buffed. - - - - Dispose the safe buffer. - - True if disposing - - - - Detaches the current buffer and allocates a new one. - - The detached buffer. - The original buffer will become invalid after this call. - - - - Get the NULL buffer. - - - - - Class to represent an ALPC port section. - - - - - Handle to the port section. - - - - - Size of the port section. - - - - - The actual section size. - - - - - Create a new section view attribute. - - Specify the flags for the data view attribute. - The section view size. - True to throw on error. - The section view attribute. - - - - Create a new section view attribute. - - True to throw on error. - The section view attribute. - - - - Create a new section view attribute. - - Specify the flags for the data view attribute. - The section view size. - The section view attribute. - - - - Create a new section view attribute. - - The section view attribute. - - - - Dispose of the port section. - - - - - Supported windows verion - - - - - This should always be at the end. - - - - - Attribute to indicate the required version for a function. - Applied if the function needs a version greater than 7. - - - - - The supported version. - - - - - Constructor - - The supported version - - - - Attribute used for managed structures to indicate the start of data. - This is used in situations where the data immediately trail - - - - - Constructor - - The field name which indicates the first address of data. - - - - The field name which indicates the first address of data. - - - - - When allocating this structure always include the field in the total length calculation. - - - - - Class to represent an API set entry. - - - - - Flags for the entry. - - - - - The name of the API set. - - - - - The default host module. - - - - - Hash version of the name. - - - - - List of hosts. - - - - - Get host module for an import module. - - - - - - - Represents a single API set host. - - - - - The imported module this API set host applies to. - - - - - The module which implements this API set. - - - - - Is the host the default host. - - - - - Flags for API set namespace. - - - - - None. - - - - - The API set is sealed. - - - - - The API set is an extension. - - - - - Class to represent an API set namespace. - - - - - Flags for the namespace. - - - - - List of API set entries. - - - - - Get API set namespace from current process. - - - - - Gets an API set based on its name. - - The API set name. - The API set entry. Returns null if not found. - - - - Flags for a boundary descriptor - - - - - None - - - - - Automatically add the AppContainer package SID to the boundary - - - - - Class which represents a private namespace boundary descriptor - - - - - Constructor - - The name of the boundary - Additional flags for the boundary - - - - Constructor - - The name of the boundary - - - - Add a SID to the boundary descriptor. - - This SID is used in an access check when creating or deleting private namespaces. - The SID to add. - - - - Add an integrity level to the boundary descriptor. - - This integrity level is used in an access check when creating or deleting private namespaces. - The integrity level to add. - - - - Add a list of SIDs to the boundary descriptor. - - The SIDs to add. This can include normal and integrity level SIDs - - - - Add a list of SIDs to the boundary descriptor. - - The first SID to add - Additional SIDs - - - - The handle to the boundary descriptor. - - - - - Create a boundary descriptor from a string representation. - - A boundary descriptor string of the form [SID[:SID...]@]NAME where SID is an SDDL format SID. - The new boundary descriptor. - - - - Finalizer - - - - - Dispose - - - - - Some simple utilities to create structure buffers. - - - - - Create a buffer based on a passed type. - - The type to use in the structure buffer. - The value to initialize the buffer with. - Additional byte data after the structure. - Indicates if additional_size includes the structure size or not. - The new structure buffer. - - - - Create a buffer based on a passed type. - - The type to use in the structure buffer. - The value to initialize the buffer with. - The new structure buffer. - - - - Create a buffer based on a passed type. - - The type to use in the structure buffer. - The value to initialize the buffer with. - The new structure buffer. - - - - Create a buffer based on a passed type. - - The type to use in the structure buffer. - The value to initialize the buffer with. - Additional byte data after the structure. - Indicates if additional_size includes the structure size or not. - The new structure buffer. - - - - Create a buffer based on a byte array. - - The byte array for the buffer. - The safe buffer. - - - - Create an buffer from an array. - - The array element type, must be a value type. - The array of elements. - The allocated array buffer. - - - - Read a NUL terminated string for the byte offset. - - The buffer to read from. - The byte offset to read from. - The string read from the buffer without the NUL terminator - - - - Read a NUL terminated byte string for the byte offset. - - The buffer to read from. - The byte offset to read from. - Text encoding for the string. - The string read from the buffer without the NUL terminator - - - - Read a NUL terminated ANSI string for the byte offset. - - The buffer to read from. - The byte offset to read from. - The string read from the buffer without the NUL terminator - - - - Read a char array with length. - - The buffer to read from. - The number of characters to read. - The byte offset to read from. - The chars read from the buffer - - - - Read a Unicode string string with length. - - The buffer to read from. - The number of characters to read. - The byte offset to read from. - The string read from the buffer. - - - - Write char array. - - The buffer to write to. - The byte offset to write to. - The chars to write. - - - - Write unicode string. - - The buffer to write to. - The byte offset to write to. - The string value to write. - - - - Read bytes from buffer. - - The buffer to read from. - The byte offset to read from. - The number of bytes to read. - The byte array. - - - - Write bytes to a buffer. - - The buffer to write to. - The byte offset to write to. - The data to write. - - - - Get a structure buffer at a specific offset. - - The type of structure. - The buffer to map. - The offset into the buffer. - The structure buffer. - The returned buffer is not owned, therefore you need to maintain the original buffer while operating on this buffer. - - - - Creates a view of an existing safe buffer. - - The buffer to create a view on. - The offset from the start of the buffer. - The length of the view. - The buffer view. - Note that the returned buffer doesn't own the memory, therefore the original buffer - must be maintained for the lifetime of this buffer. - - - - Creates a view of an existing safe buffer. - - The buffer to create a view on. - The offset from the start of the buffer. - The length of the view. - True to make the view writable, false for read-only. - The buffer view. - Note that the returned buffer doesn't own the memory, therefore the original buffer - must be maintained for the lifetime of this buffer. - - - - Zero an entire buffer. - - The buffer to zero. - - - - Fill an entire buffer with a specific byte value. - - The buffer to full. - The fill value. - - - - Compare two buffers for equality. - - The left buffer. - The offset into the left buffer. - The right buffer. - The offset into the right buffer. - The length to compare. - True if the buffers are equal. - - - - Compare a buffer and a byte array for equality. - - The buffer. - The offset into the left buffer. - The compare byte array. - True if the buffers are equal. - - - - Find a byte array in a buffer. Returns all instances of the compare array. - - The buffer to find the data in. - Start offset in the buffer. - The comparison byte array. - A list of offsets into the buffer where the compare was found. - - - - Find a byte array in a buffer. Returns all instances of the compare array. - - The buffer to find the data in. - The comparison byte array. - A list of offsets into the buffer where the compare was found. - - - - Class to represent a Security Atttribute. - - - - - The name of the attribute. - - - - - The type of values. - - - - - The attribute flags. - - - - - The list of values. - - - - - The count of values. - - - - - Convert the attribute to a builder to modify it. - - The builder object. - - - - Convert the security attribute to an SDDL string. - - The security attribute as an SDDL string. - - - - Converts the attribute to a Resource Attribute ACE. - - The resource attribute ACE. - - - - Class to create a new user process using the native APIs. - - - - - Path to the executable to start. - - - - - Path to the executable to start which is passed in the process configuration. - - - - - Command line - - - - - Prepared environment block. - - - - - Title of the main window. - - - - - Path to DLLs. - - - - - Current directory for new process - - - - - Desktop information value - - - - - Shell information value - - - - - Runtime data. - - - - - Prohibited image characteristics for new process - - - - - Additional file access for opened executable file. - - - - - Process create flags. - - - - - Thread create flags. - - - - - Initialization flags - - - - - Parent process. - - - - - Restrict new child processes - - - - - Override restrict child process - - - - - Extra process/thread attributes - - - - - Added protected process protection level. - - The type of protected process. - The signer level. - - - - Return on error instead of throwing an exception. - - - - - Whether to terminate the process on dispose. - - - - - Specify a security descriptor for the process. - - - - - Specify a security descriptor for the initial thread. - - - - - Specify the primary token for the new process. - - - - - Access for process handle. - - - - - Access for thread handle. - - - - - Constructor - - - - - For the current process - - The new forked process result - - - - For the current process - - Process create flags. - Thread create flags. - The new forked process result - - - - For the current process - - Process create flags. - Thread create flags. - True to throw on error. - The new forked process result - - - - Start the new process based on the ImagePath parameter. - - The result of the process creation - - - - Start the new process - - The image path to the file to execute - The result of the process creation - - - - Result from a native create process call. - - - - - Handle to the process - - - - - Handle to the initial thread - - - - - Handle to the image file - - - - - Handle to the image section - - - - - Handle to the IFEO key (if it exists) - - - - - Image information - - - - - Client ID of process and thread - - - - - Process ID - - - - - Thread ID - - - - - Create status - - - - - True if create succeeded - - - - - Result of the create information - - - - - Creation state - - - - - Terminate the process - - Exit code for termination - - - - Resume initial thread - - The suspend count - - - - Set to true to terminate process on disposal - - - - - Finalizer - - - - - Dispose - - - - - The base class for a debug event. - - - - - Process ID for the event. - - - - - Thread ID for the event. - - - - - The event code. - - - - - Constructor. - - The current debug event. - The debug port associated with this event. - - - - Continue the debugged process. - - The continue status code. - True to throw on error. - The NT status code. - - - - Continue the debugged process. - - The continue status code. - - - - Continue the debugged process with a success code. - - - - - Dispose the event. - - - - - Debug event for the Create Process event. - - - - - Subsystem key for the process. - - - - - Handle to the process file (if available). - - - - - Base of image file. - - - - - Debug info file offset. - - - - - Debug info file size. - - - - - Subsystem key for the thread. - - - - - Start address of the thread. - - - - - Handle to the process (if available). - - - - - Handle to the thread (if available). - - - - - Dispose the event. - - - - - Debug event for the Create Thread event. - - - - - Subsystem key for the thread. - - - - - Start address of the thread. - - - - - Handle to the thread (if available). - - - - - Dispose the event. - - - - - Debug event for the Exit Thread event. - - - - - Exit status code. - - - - - Debug event for the Exit Process event. - - - - - Exit status code. - - - - - Debug event for load DLL event. - - - - - DLL file handle. - - - - - Base of loaded DLL. - - - - - Debug info offset. - - - - - Debug info size. - - - - - Address of name. - - - - - Dispose the event. - - - - - Debug event for unload DLL event. - - - - - Base of loaded DLL. - - - - - Debug event for exception event. - - - - - Indicates if this is a first chance exception. - - - - - Exception code. - - - - - Exception flags. - - - - - Pointer to next exception in the chain. - - - - - Address of exception. - - - - - Additional parameters for exception. - - - - - Debug event when we don't handle the state. - - - - - The raw debug event. - - - - - Represents a list where the elements can be trivially disposed in one go. - - An IDisposable implementing type - - - - Constructor - - - - - Constructor - - The initial capacity of the list - - - - Constructor - - A collection to initialize the list - - - - Add a resource to the list and return a reference to it. - - The type of resource to add. - The resource object. - The added resource. - - - - Add a resource to the list and return a reference to it. - - The type of resource to add. - The added resource. - - - - Convert this list to an array then clear it to the disposal no longer happens. - - The elements as an array. - After doing this the current list will be cleared. - - - - Detach a detachable reference and add it to the list. - - The type of resource to detach. - The detached resource. - - - - Dispose method - - - - - Implementation of disposable list which just accepts IDisposable objects. - - - - - Constructor - - - - - Constructor - - The initial capacity of the list - - - - Constructor - - A collection to initialize the list - - - - Adds a delegate which will be called when the list is disposed. - - The delegate to call on dispose. - This can be used to add more complex disposable. - - - - Disposable list of safe handles - - - - - Constructor - - - - - Constructor - - The initial capacity of the list - - - - Constructor - - A collection to initialize the list - - - - Move the handle list to a new disposable list. - - The list of handles which have been moved. - After doing this the current list will be cleared. - - - - Flags for an EA entry - - - - - No flags. - - - - - Processor must handle this EA. - - - - - A single EA entry. - - - - - Name of the entry - - - - - Data associated with the entry - - - - - Flags - - - - - Constructor - - The name of the entry - Data associated with the entry - Flags for entry. - - - - Constructor - - The name of the entry - Data associated with the entry - Flags for entry. - - - - Constructor - - The name of the entry - Data associated with the entry - Flags for entry. - - - - Get the EA buffer data as a string. - - The data as a string. - - - - Get the EA buffer data as an Int32. - - The data as an Int32. - - - - Convert entry to a string - - The entry as a string - - - - Class to create an Extended Attributes buffer for NtCreateFile - - - - - Constructor - - - - - Constructor - - List of entries to add. - - - - Constructor from a binary EA buffer - - The EA buffer to parse - - - - Constructor - - Existing buffer to copy. - - - - Add a new EA entry from an old entry. The data will be cloned. - - The entry to add. - - - - Add a new EA entry - - The name of the entry - The associated data, will be cloned - The entry flags. - - - - Add a new EA entry - - The name of the entry - The associated data - The entry flags. - - - - Add a new EA entry - - The name of the entry - The associated data - The entry flags. - - - - Get an entry by name. - - The name of the entry. - The found entry. - Thrown if no entry by that name. - - - - Remove an entry from the buffer. - - The entry to remove. - - - - Remove an entry from the buffer by name. - - The name of the entry. - Thrown if no entry by that name. - - - - Convert to a byte array - - The byte array - - - - Get the list of entries. - - - - - Get number of entries. - - - - - Get whether the buffer contains a specific entry. - - The name of the entry. - True if the buffer contains an entry with the name. - - - - Index to get an entry by name. - - The name of the entry. - The found entry. - Thrown if no entry by that name. - - - - Clear all entries. - - - - - Access rights generic mapping. - - - - - Mapping for Generic Read - - - - - Mapping for Generic Write - - - - - Mapping for Generic Execute - - - - - Mapping for Generic All - - - - - Map a generic access mask to a specific one. - - The generic mask to map. - The mapped mask. - - - - Get whether this generic mapping gives read access. - - The mask to check against. - True if we have read access. - - - - Get whether this generic mapping gives write access. - - The mask to check against. - True if we have write access. - - - - Get whether this generic mapping gives execute access. - - The mask to check against. - True if we have execute access. - - - - Get whether this generic mapping gives all access. - - The mask to check against. - True if we have all access. - - - - Try and unmap access mask to generic rights. - - The mask to unmap. - The unmapped mask. Any access which can be generic mapped is left in the mask as specific rights. - - - - Get the allowed access mask for a specified mandatory access policy. - - The mandatory access policy. - The allowed access mask for the policy. - In general NoWriteUp will always be set on the policy. - - - - Convert generic mapping to a string. - - The generic mapping as a string. - - - - Interface to abstract the kernel transaction manager support. - - - - - Get handle for the transaction. - - - - - Commit the transaction - - - - - Rollback the transaction - - - - - Enable the transaction for anything in the current thread context. - - The transaction context. This should be disposed to disable the transaction. - - - - Class to represent a mount point. - - - - - Symbolic link name. - - - - - Unique ID. - - - - - Device name. - - - - - Class to access mount point manager utilities. - - - - - Query the list of mount points. - - True to throw on error. - The list of mount points. - - - - Query the list of mount points. - - The list of mount points. - - - - Class to represent the USN journal data. - - - - - Flags for the USN journal change reason. - - - - - Class to represent a USN journal record. - - - - - Reference number of the file. - - - - - Reference number of the parent. - - - - - USN value. - - - - - Timestamp of entry. - - - - - Reason code. - - - - - Source info flags. - - - - - Security ID. - - - - - File attributes. - - - - - Filename. - - - - - Full path, if known. - - - - - Full Win32Path if known. - - - - - Flags for USN journal source information. - - - - - Class for methods relating to USN journal. - - - - - Read USN journal information. - - The handle to the volume to query. - True to throw on error. - The USN journal information. - - - - Read USN journal information. - - The handle to the volume to query. - The USN journal information. - - - - Read USN journal entries from the volume. - - The volume to read. - The start USN to read. - Last USN to read, exclusive. - Mask for what records to read. - The list of USN journal entries. - - - - Read all USN journal entries from the volume. - - The volume to read. - The list of USN journal entries. - - - - Read USN journal entries from the volume, unprivileged. - - The volume to read. - The start USN to read. - Last USN to read, exclusive. - Mask for what records to read. - The list of USN journal entries. - - - - Read USN journal entries from the volume, unprivileged. - - The volume to read. - The list of USN journal entries. - - - - An enumeration to reference a known SID. - - - - - NULL SID - - - - - Everyone SID - - - - - Local user SID - - - - - CREATOR OWNER SID - - - - - CREATOR GROUP SID - - - - - CREATOR OWNER SERVER SID - - - - - CREATOR OWNER SERVER SID - - - - - Service SID - - - - - ANONYMOUS LOGON SID - - - - - Authenticated Users SID - - - - - RESTRICTED SID - - - - - LOCAL SYSTEM SID - - - - - LOCAL SERVICE SID - - - - - NETWORK SERVICE SID - - - - - APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES SID - - - - - APPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES - - - - - NT SERVICE\TrustedInstaller - - - - - BUILTIN\Users - - - - - BUILTIN\Administrators - - - - - APPLICATION PACKAGE AUTHORITY\Your Internet connection - - - - - APPLICATION PACKAGE AUTHORITY\Your Internet connection, including incoming connections from the Internet - - - - - APPLICATION PACKAGE AUTHORITY\Your home or work networks - - - - - APPLICATION PACKAGE AUTHORITY\Your pictures library - - - - - APPLICATION PACKAGE AUTHORITY\Your videos library - - - - - APPLICATION PACKAGE AUTHORITY\Your music library - - - - - APPLICATION PACKAGE AUTHORITY\Your documents library - - - - - APPLICATION PACKAGE AUTHORITY\Your Windows credentials - - - - - APPLICATION PACKAGE AUTHORITY\Software and hardware certificates or a smart card - - - - - APPLICATION PACKAGE AUTHORITY\Removable storage - - - - - APPLICATION PACKAGE AUTHORITY\Your Appointments - - - - - APPLICATION PACKAGE AUTHORITY\Your Contacts - - - - - APPLICATION PACKAGE AUTHORITY\Internet Explorer - - - - - Constrained Impersonation Capability - - - - - OWNER RIGHTS - - - - - NT AUTHORITY\SELF - - - - - NT AUTHORITY\WRITE RESTRICTED - - - - - BUILTIN\BUILTIN - - - - - NT AUTHORITY\INTERACTIVE - - - - - NT AUTHORITY\DIALUP - - - - - NT AUTHORITY\NETWORK - - - - - NT AUTHORITY\BATCH - - - - - NT AUTHORITY\PROXY - - - - - Static methods to get some known SIDs. - - - - - NULL SID - - - - - Everyone SID - - - - - Local user SID - - - - - CREATOR OWNER SID - - - - - CREATOR GROUP SID - - - - - CREATOR OWNER SERVER SID - - - - - CREATOR OWNER SERVER SID - - - - - Service SID - - - - - ANONYMOUS LOGON SID - - - - - Authenticated Users SID - - - - - RESTRICTED SID - - - - - NT AUTHORITY\WRITE RESTRICTED - - - - - BUILTIN\BUILTIN - - - - - NT AUTHORITY\INTERACTIVE - - - - - NT AUTHORITY\DIALUP - - - - - NT AUTHORITY\NETWORK - - - - - NT AUTHORITY\BATCH - - - - - NT AUTHORITY\PROXY - - - - - LOCAL SYSTEM SID - - - - - LOCAL SERVICE SID - - - - - NETWORK SERVICE SID - - - - - APPLICATION PACKAGE AUTHORITY\ALL APPLICATION PACKAGES SID - - - - - APPLICATION PACKAGE AUTHORITY\ALL RESTRICTED APPLICATION PACKAGES - - - - - NT SERVICE\TrustedInstaller - - - - - BUILTIN\Users - - - - - BUILTIN\Administrators - - - - - APPLICATION PACKAGE AUTHORITY\Your Internet connection - - - - - APPLICATION PACKAGE AUTHORITY\Your Internet connection, including incoming connections from the Internet - - - - - APPLICATION PACKAGE AUTHORITY\Your home or work networks - - - - - APPLICATION PACKAGE AUTHORITY\Your pictures library - - - - - APPLICATION PACKAGE AUTHORITY\Your videos library - - - - - APPLICATION PACKAGE AUTHORITY\Your music library - - - - - APPLICATION PACKAGE AUTHORITY\Your documents library - - - - - APPLICATION PACKAGE AUTHORITY\Your Windows credentials - - - - - APPLICATION PACKAGE AUTHORITY\Software and hardware certificates or a smart card - - - - - APPLICATION PACKAGE AUTHORITY\Removable storage - - - - - APPLICATION PACKAGE AUTHORITY\Your Appointments - - - - - APPLICATION PACKAGE AUTHORITY\Your Contacts - - - - - APPLICATION PACKAGE AUTHORITY\Internet Explorer - - - - - Constrained Impersonation Capability - - - - - Get a known SID based on a specific enumeration. - - The enumerated sid value. - - - - - Class to represent an Access Control Entry for a Mandatory Label. - - - - - Constructor. - - Flags for the ACE. - The mandatory label policy. - The integrity level. - - - - Constructor from a raw integrity level. - - Flags for the ACE. - The mandatory label policy. - The integrity level sid. - - - - The policy for the mandatory label. - - - - - Get or set the integrity level - - - - - Convert ACE to a string. - - - - - - Class which represents a mapped file. - - - - - Native path to file. - - - - - Name of the file. - - - - - List of mapped sections. - - - - - Mapped base address of file. - - - - - Mapped size of file. - - - - - True if the mapped file is an image section. - - - - - Specified the signing level if an image (only on RS3+). - - - - - Class to represent memory information. - - - - - Base address of memory region. - - - - - Allocation base for memory region. - - - - - Initial allocation protection. - - - - - Region size. - - - - - Memory state. - - - - - Current memory protection. - - - - - Memory type. - - - - - The mapped image path, if an image. - - - - - The mapped image path name, if an image. - - - - - The region type. - - - - - Is this a software enclave. - - - - - Interface for a marshalled NDR conformant structure. - - This interface is primarily for internal use only. - - - - Gets the number of conformant dimensions, should be at least one. - - The number of conformant dimensions. - - - - Interface for a marshalled non-encapsulated NDR union. - - This interface is primarily for internal use only. - - - - Marshal the union to a stream. - - The selector for union arm. - The marshal stream. - - - - Interface for a marshalled NDR structure. - - This interface is primarily for internal use only. - - - - Marshal the stucture to a stream. - - The marshal stream. - - - - Unmarshal the structure from a stream. - - The unmarshal stream. - - - - Get the structure's alignment. - - - - - - Structure to represent a context handle. - - - - - Context handle attributes. - - - - - Context handle UUID. - - - - - Constructor. - - Context handle attributes. - Context handle UUID. - - - - Overidden ToString method. - - The handle as string. - - - - NDR integer representation. - - - - - NDR character representation. - - - - - NDR floating point representation. - - - - - Definition of the NDR data representation for an NDR stream. - - - - - The integer representation of the NDR data. - - - - - The character representation of the NDR data. - - - - - The floating representation of the NDR data. - - - - - A class which represents an embedded pointer. - - The underlying type. - - - - Operator to convert from a value to an embedded pointer. - - The value to point to. - - - - Operator to convert from an embedded pointer to a value. - - The embedded pointer. - - - - Overridden ToString method. - - The string form of the value. - - - - Get the value from the embedded pointer. - - The value of the pointer. - - - - Structure to represent an empty value. - - - - - Class to represent a 16 bit enumerated type. - - - - - Value of the structure. - - - - - Constructor. - - - - - - Constructor. - - The value to construct from. - - - - Constructor. - - The value to construct from. - - - - Constructor. - - The value to construct from. - - - - Constructor. - - The value to construct from. - - - - Constructor. - - The value to construct from. - - - - Constructor. - - The value to construct from. - - - - Constructor. - - The value to construct from. - - - - Equality operator. - - The left value. - The right value. - True if the values are equal. - - - - Inequality operator. - - The left value. - The right value. - True if the values are not-equal. - - - - Overridden ToString. - - The value as a string. - - - - ToString method. - - The formatting string. - The value as a string. - - - - IFormattable ToString. - - The formatting string. - Formatting provider. - The value as a string. - - - - Equals operator. - - The other enum16. - True if the values are equal. - - - - Compare - - - - - - - Overridden GetHashCode. - - The hash code of the enumeration. - - - - Structure which represents an NDR FC_INT3264 - - - - - Value of the structure. - - - - - Constructor. - - The value to construct from. - - - - Constructor. - - The value to construct from. - - - - Convert to a native IntPtr. - - The value to convert from. - - - - Overridden ToString. - - The value as a string. - - - - ToString method. - - The formatting string. - The value as a string. - - - - IFormattable ToString. - - The formatting string. - Formatting provider. - The value as a string. - - - - Structure which represents an NDR FC_UINT3264 - - - - - Value of the structure. - - - - - Constructor. - - The value to construct from. - - - - Constructor. - - The value to construct from. - - - - Constructor. - - The value to construct from. - - - - Convert to a native IntPtr. - - The value to convert from. - - - - Overridden ToString. - - The value as a string. - - - - ToString method. - - The formatting string. - The value as a string. - - - - IFormattable ToString. - - The formatting string. - Formatting provider. - The value as a string. - - - - Class to represent an NDR interface pointer. - - - - - The marshaled interface data. - - - - - Constructor. - - The marshaled interface data. - - - - A buffer to marshal NDR data to. - - This class is primarily for internal use only. - - - - Represents an NDR pickled type. - - - - - Constructor from a type 1 serialized buffer. - - The type 1 serialized encoded buffer. - - - - Convert the pickled type to a type 1 serialized encoded buffer. - - The type 1 serialized encoded buffer. - - - - Type for a synchronous NDR pipe. - - The base type of pipe blocks. - - - - The list of blocks for the pipe. - - - - - Constructor. - - The list of blocks to return. - - - - Constructor. - - A single block to return. - - - - Convert the pipe blocks to a flat array. - - The flat array. - - - - A buffer to unmarshal NDR data from. - - This class is primarily for internal use only. - - - - Place holder for unsupported types. - - - - - Class to represent a single COM proxy definition. - - - - - The name of the proxy interface. - - - - - The IID of the proxy interface. - - - - - The base IID of the proxy interface. - - - - - The number of dispatch methods on the interface. - - - - - List of parsed procedures for the interface. - - - - - Creates a proxy definition from a list of procedures. - - The name of the proxy interface. - The IID of the proxy interface. - The base IID of the proxy interface. - The total dispatch count for the proxy interface. - The list of parsed procedures for the proxy interface. - - - - - Expression element. - - - - - Overridden ToString method. - - The expression as a string. - - - - The expression type. - - - - - Is this operator element valid. - - - - - Operator expression element. - - - - - NDR format type of element. - - - - - NDR format type of element. - - - - - Offset, used for OP_EXPRESSION. - - - - - Parsed arguments. - - - - - Overridden ToString method. - - The expression as a string. - - - - Variable expression element. - - - - - Offset of the variable. - - - - - NDR format type of element. - - - - - Overridden ToString method. - - The expression as a string. - - - - Expression element. - - - - - NDR format type of element. - - - - - Offset of the variable. - - - - - The value of the constant. - - - - - Overridden ToString method. - - The expression as a string. - - - - An interface which can be implemented to handle formatting parsed NDR data. - - - - - Format a complex type using the current formatter. - - The complex type to format. - The formatted complex type. - - - - Format a procedure using the current formatter. - - The procedure to format. - The formatted procedure. - - - - Format a COM proxy using the current formatter. - - The COM proxy to format. - The formatted COM proxy. - - - - Format an RPC server interface using the current formatter. - - The RPC server. - The formatted RPC server interface. - - - - An base class which describes a text formatter for NDR data. - - - - This formatter generates data that the CPP compiler can (hopefully) understand, - at least it will serve as a good skeleton to support spinning up new projects easily. - - - - - Flags for the NDR formatter. - - - - - No flags. - - - - - Don't emit comments. - - - - - Default NDR formatter constructor. - - - - - Create the default formatter. - - Specify a dictionary of IIDs to names. - Function to demangle COM interface names during formatting. - Formatter flags. - The default formatter. - - - - Create the default formatter. - - Specify a dictionary of IIDs to names. - Function to demangle COM interface names during formatting. - The default formatter. - - - - Create the default formatter. - - Specify a dictionary of IIDs to names. - Formatter flags. - The default formatter. - - - - Create the default formatter. - - Specify a dictionary of IIDs to names. - The default formatter. - - - - Create the default formatter. - - Formatter flags. - The default formatter. - - - - Create the default formatter. - - The default formatter. - - - - NDR formatter constructor for CPP style output. - - - - - Create the CPP formatter. - - Specify a dictionary of IIDs to names. - Function to demangle COM interface names during formatting. - Formatter flags. - The CPP formatter. - - - - Create the CPP formatter. - - Specify a dictionary of IIDs to names. - Function to demangle COM interface names during formatting. - The CPPformatter. - - - - Create the CPP formatter. - - Specify a dictionary of IIDs to names. - Formatter flags. - The CPP formatter. - - - - Create the CPP formatter. - - Specify a dictionary of IIDs to names. - The CPP formatter. - - - - Create the default formatter. - - Formatter flags. - The CPP formatter. - - - - Create the default formatter. - - The CPP formatter. - - - - Flags for the parser. - - - - - No flags. - - - - - Ignore processing any complex user marshal types. - - - - - Resolve structure names, required private symbols. - - - - - Class to parse NDR data into a structured format. - - - - - Constructor. - - Memory reader to parse from. - Process to read from. - Specify a symbol resolver to use for looking up symbols. - Flags which affect the parsing operation. - - - - Constructor. - - Process to parse from. - Specify a symbol resolver to use for looking up symbols. - - - - Constructor. - - Process to parse from. - Specify a symbol resolver to use for looking up symbols. - Flags which affect the parsing operation. - - - - Constructor. - - Specify a symbol resolver to use for looking up symbols. - - - - Constructor. - - Process to parse from. - - - - Constructor. - - - - - Read COM proxy information from a ProxyFileInfo structure. - - The address of the ProxyFileInfo structure. - The list of parsed proxy definitions. - - - - Read COM proxy information from an array of pointers to ProxyFileInfo structures. - - The address of an array of pointers to ProxyFileInfo structures. The last pointer should be NULL. - The list of parsed proxy definitions. - - - - Read COM proxy information from a file. - - The path to the DLL containing the proxy. - Optional CLSID for the proxy class. - List of IIDs to parse. - The list of parsed proxy definitions. - - - - Read COM proxy information from a file. - - The path to the DLL containing the proxy. - Optional CLSID for the proxy class. - The list of parsed proxy definitions. - - - - Read COM proxy information from a file. - - The path to the DLL containing the proxy. - The list of parsed proxy definitions. - - - - Parse NDR content from an RPC_SERVER_INTERFACE structure in memory. - - Pointer to the RPC_SERVER_INTERFACE. - The parsed NDR content. - - - - Parse NDR content from an RPC_SERVER_INTERFACE structure in memory. - - Pointer to the RPC_SERVER_INTERFACE. - Base address of the library which contains the interface. - The parsed NDR content. - - - - Parse NDR content from an RPC_SERVER_INTERFACE structure in memory. Deprecated. - - Pointer to the RPC_SERVER_INTERFACE. - The parsed NDR content. - - - - Parse NDR content from an RPC_SERVER_INTERFACE structure in memory. - - The path to a DLL containing the RPC_SERVER_INTERFACE. - Offset to the RPC_SERVER_INTERFACE from the base of the DLL. - The parsed NDR content. - - - - Parse NDR procedures from an MIDL_SERVER_INFO structure in memory. - - Pointer to the MIDL_SERVER_INFO. - Number of dispatch functions to parse. - The start offset to parse from. This is used for COM where the first few proxy stubs are not implemented. - List of names for the valid procedures. Should either be null or a list equal in size to dispatch_count - start_offset. - The parsed NDR content. - - - - Parse NDR procedures from an MIDL_SERVER_INFO structure in memory. - - Pointer to the MIDL_SERVER_INFO. - Number of dispatch functions to parse. - The start offset to parse from. This is used for COM where the first few proxy stubs are not implemented. - The parsed NDR content. - - - - List of parsed types from the NDR. - - - - - List of parsed complex types from the NDR. - - - - - Parse NDR complex type information from a pickling structure. Used to extract explicit Encode/Decode method information. - - The process to read from. - Pointer to the MIDL_TYPE_PICKLING_INFO structure. - The pointer to the MIDL_STUB_DESC structure. - Pointers to the the format string to the start of the types. - Specify additional parser flags. - The list of complex types. - This function is used to extract type information for calls to NdrMesTypeDecode2. MIDL_TYPE_PICKLING_INFO is the second parameter, - MIDL_STUB_DESC is the third, the Type Offsets is the fourth parameter. - - - - Parse NDR complex type information from a pickling structure. Used to extract explicit Encode/Decode method information. - - The process to read from. - Pointer to the MIDL_TYPE_PICKLING_INFO structure. - The pointer to the MIDL_STUBLESS_PROXY_INFO structure. - Pointer to the type pickling offset table. - Index into type_pickling_offset_table array. - Specify additional parser flags. - The list of complex types. - This function is used to extract type information for calls to NdrMesTypeDecode3. MIDL_TYPE_PICKLING_INFO is the second parameter, - MIDL_STUBLESS_PROXY_INFO is the third, the type pickling offset table is the fourth and the type index is the fifth. - - - - Parse NDR complex type information from a pickling structure. Used to extract explicit Encode/Decode method information. - - The process to read from. - Pointer to the MIDL_TYPE_PICKLING_INFO structure. - The pointer to the MIDL_STUB_DESC structure. - Offsets into the format string to the start of the types. - Specify additional parser flags. - The list of complex types. - This function is used to extract type information for calls to NdrMesTypeDecode2. MIDL_TYPE_PICKLING_INFO is the second parameter, - MIDL_STUB_DESC is the third (minus the offset). - - - - Parse NDR complex type information from a pickling structure. Used to extract explicit Encode/Decode method information. - - The process to read from. - Pointer to the MIDL_TYPE_PICKLING_INFO structure. - The pointer to the MIDL_STUB_DESC structure. - Offsets into the format string to the start of the types. - The list of complex types. - This function is used to extract type information for calls to NdrMesTypeDecode2. MIDL_TYPE_PICKLING_INFO is the second parameter, - MIDL_STUB_DESC is the third (minus the offset). - - - - Parse NDR complex type information from a pickling structure. Used to extract explicit Encode/Decode method information. - - Pointer to the MIDL_TYPE_PICKLING_INFO structure. - The pointer to the MIDL_STUB_DESC structure. - Offsets into the format string to the start of the types. - The list of complex types. - This function is used to extract type information for calls to NdrMesTypeDecode2. MIDL_TYPE_PICKLING_INFO is the second parameter, - MIDL_STUB_DESC is the third (minus the offset). - - - - Exception thrown when NDR parsing fails. - - - - - Constructor. - - Exception message. - - - - Constructor. - - Exception message. - Inner exception to wrap. - - - - Class respresenting an RPC protocol sequence. - - - - - The protocol sequence for the endpoint. - - - - - The endpoint name. - - - - - A parsed NDR RPC_SERVER_INTERFACE structure. - - - - - The RPC interface GUID. - - - - - The RPC interface version. - - - - - The RPC transfer syntax GUID. - - - - - The RPC transfer syntax version. - - - - - List of parsed procedures. - - - - - List of protocol sequences. - - - - - Overridden ToString method. - - The string form of this class. - - - - NDR format character. - - - - - Class to build text strings for an NDR formatter. - - - - - Push an indent string on to the indent stack. - - The string to indent any new lines. - The current builder instance. - - - - Push an indent on to the indent stack. - - The character to indent with. - The number of indent characters. - The current builder instance. - - - - Pop the current indent off the indent stack. - - The current builder instance. - - - - Append a string to the builder. - - The string to append. - The current builder instance. - - - - Append a formatted string to the builder. - - The string format. - The array of arguments to the formatter. - The current builder instance. - - - - Append a new line to the builder. - - The current builder instance. - - - - Append a string to the builder with a new line. - - The string to append. - The current builder instance. - - - - Append a formatted string to the builder with a new line. - - The string format. - The array of arguments to the formatter. - The current builder instance. - - - - Overridden ToString method, returns the current state of the builder. - - The current stated of the builder. - - - - Utilities for NDR marshaling. - - - - - Specify NDR marshaler trace level. - - Specify the NDR marshaler trace level. - Verbose marshal stack details. - - - - Datalink address type. - - - - - Access rights for a firewall object. - - - - - Represents a firewall address and mask. - - - - - The IP address. - - - - - The mask. - - - - - Mask prefix length. - - - - - Overridden ToString method. - - The value and mask as a string. - - - - Address family when IP protocol is not specified. - - - - - IPv4 - - - - - IPv6 - - - - - Ethernet - - - - - None - - - - - Class to represent a firewall ALE endpoint. - - - - - The ID of the endpoint. - - - - - The local endpoint. - - - - - The remote endpoint. - - - - - The protocol type. - - - - - The LUID for the token associated with the endpoint. - - - - - The IPsec security association identifier. - - - - - The IPsec security association identifier to expire. - - - - - The IPsec status of the endpoint. - - - - - Flags. - - - - - Associated application. - - - - - Filename of AppId. - - - - - Enumeration for ALE layer types. - - - - - Class to represent a firewall callout object. - - - - - Flags for the callout. - - - - - Provider key. - - - - - Provider data. - - - - - Applicable layer key. - - - - - Callout ID. - - - - - Flags for a firewall callout. - - - - - Guids for pre-defined callouts. - - - - - Flags for classify output. - - - - - Class to represet the result of a classify operations. - - - - - Action type of the classify result. - - - - - Internal context. - - - - - ID of the filter. - - - - - Associated rights. - - - - - Classify flags. - - - - - Base class to implement common condition building operations. - - - - - Specify list of firewall filter conditions. - - - - - Add a condition. - - The match type for the condition. - The field key for the condition. - The value for the condition. - - - - Add a condition range. - - The field key for the condition. - The low value for the range. - The high value from the range. - - - - Add an executable filename condition. - - The match type for the condition. - The path to the file to use. - - - - Add an App ID condition. - - The match type for the condition. - The path to the file already converted to absolute format. - - - - Add a user ID security descriptor condition. - - The match type for the condition. - The security descriptor. - - - - Add a remote user ID security descriptor condition. - - The match type for the condition. - The security descriptor. - - - - Add a remote machine ID security descriptor condition. - - The match type for the condition. - The security descriptor. - - - - Add a IP protocol type condition. - - The match type for the condition. - The protocol type for the condition. - - - - Add a conditions flag condition. - - The match type for the condition. - The flags for the condition. - - - - Add IP address. - - The match type for the condition. - True to specify remote, false for local. - The low IP address. - - - - Add IP address range. - - True to specify remote, false for local. - The low IP address. - The high IP address. - - - - Add port range. - - True to specify remote, false for local. - The low port. - The high port. - - - - Add port. - - The match type for the condition. - True to specify remote, false for local. - The port. - - - - Add an IP endpoint. - - The match type for the condition. - True to specify remote, false for local. - The IP endpoint. - - - - Add token information. - - The match type. - The token. - - - - Add remote token information. - - The match type. - The token. - - - - Add remote machine token information. - - The match type. - The token. - - - - Add a package SID condition. - - The match type. - The package SID. - - - - Add a condition which excludes app containers. - - - - - Add a condition which includes app containers. - - - - - Adds details from a process, such as the process' App ID and package SID and token information. - - The match type. - The process. - - - - Adds details from a process, such as the process' App ID and package SID and token information. - - The match type. - The PID of the process. - - - - Add the RPC UUID. - - Match type. - The RPC UUID. - - - - Add a network event type. - - Match type. - Network event type. - - - - Constructor. - - - - - Firewall condition flags. - - - - - Guids for pre-defined firewall conditions. - - - - - Direction of stream for firewall. - - - - - Outbound flow. - - - - - Inbound flow. - - - - - Place holder for an empty value. - - - - - Overridden ToString method. - - The value as a string. - - - - Class to represent the firewall engine. - - - - - Open an instance of the engine. - - The server name for the firewall service. - RPC authentication service. Use default or WinNT. - Optional authentication credentials. - Optional session information. - True to throw on error. - The opened firewall engine. - - - - Open an instance of the engine. - - The server name for the firewall service. - RPC authentication service. Use default or WinNT. - Optional authentication credentials. - Optional session information. - The opened firewall engine. - - - - Open an instance of the engine. - - True to throw on error. - The opened firewall engine. - - - - Open an instance of the engine. - - The opened firewall engine. - - - - Open a dynamic instance of the engine. - - True to throw on error. - The opened firewall engine. - - - - Open a dynamic instance of the engine. - - The opened firewall engine. - - - - Get an engine option. - - The option to get. - True to throw on error. - The engine option's value. - - - - Get an engine option. - - The option to get. - The engine option's value. - - - - Get the current network event keywords setting. - - True to throw on error. - The network event keywords. - - - - Get the current network event keywords setting. - - The network event keywords. - - - - Get collect net events option. - - True to throw on error. - True if net events are being collected. - - - - Get collect net events option. - - True if net events are being collected. - - - - Set an engine option. - - The option to set. - The value to set. - True to throw on error. - The NT status code. - - - - Set an engine option. - - The option to set. - The value to set. - - - - Set network event keywords. - - The keywords to set. - True to throw on error. - The NT status code. - - - - Set network event keywords. - - The keywords to set. - - - - Set the collection net events engine option. - - True to enable collection. - True to throw on error. - The NT status code. - - - - Set the collection net events engine option. - - True to enable collection. - - - - Get a layer by its key. - - The key of the layer. - True to throw on error. - The firewall layer. - - - - Get a layer by its key. - - The key of the layer. - The firewall layer. - - - - Get a layer by its ID. - - The ID of the layer. - True to throw on error. - The firewall layer. - - - - Get a layer by its ID. - - The ID of the layer. - The firewall layer. - - - - Get a layer by its well-known key name. - - The well-known key name of the layer. - True to throw on error. - The firewall layer. - - - - Get a layer by its well-known key name. - - The well-known key name of the layer. - The firewall layer. - - - - Get a layer by an ALE layer type. - - The ALE layer type. - True to throw on error. - The firewall layer. - - - - Get a layer by an ALE layer type. - - The ALE layer type. - The firewall layer. - - - - Enumerate all layers. - - True to throw on error. - The list of layers. - - - - Enumerate all layers. - - The list of layers. - - - - Get a sub-layer by its key. - - The key of the sub-layer. - True to throw on error. - The firewall sub-layer. - - - - Get a sub-layer by its key. - - The key of the sub-layer. - The firewall sub-layer. - - - - Get a sub-layer by its well-known key name. - - The well-known key name of the sub-layer. - True to throw on error. - The firewall sub-layer. - - - - Get a sub-layer by its well-known key name. - - The well-known key name of the sub-layer. - The firewall sub-layer. - - - - Enumerate all sub-layers. - - True to throw on error. - The list of sub-layers. - - - - Enumerate all sub-layers. - - The list of sub-layers. - - - - Get a callout by its key. - - The key of the callout. - True to throw on error. - The firewall callout. - - - - Get a callout by its key. - - The key of the callout. - The firewall callout. - - - - Enumerate all callouts - - True to throw on error. - The list of callouts. - - - - Enumerate all callouts. - - The list of callouts. - - - - Get a filter by its key. - - The key of the filter. - True to throw on error. - The firewall filter. - - - - Get a filter by its key. - - The key of the filter. - The firewall filter. - - - - Get a filter by its id. - - The ID of the filter. - True to throw on error. - The firewall filter. - - - - Get a filter by its id. - - The ID of the filter. - The firewall filter. - - - - Enumerate filters - - Specify a template for enumerating the filters. - True to throw on error. - The list of filters. - - - - Enumerate filters - - Specify a template for enumerating the filters. - The list of filters. - - - - Enumerate all filters - - True to throw on error. - The list of filters. - - - - Enumerate all filters. - - The list of filters. - - - - Add a filter. - - The builder used to create the filter. - Optional security descriptor. - True to throw on error. - The added filter ID. - - - - Add a filter. - - The builder used to create the filter. - Optional security descriptor. - The added filter ID. - - - - Add a filter. - - The builder used to create the filter. - The added filter ID. - - - - Delete a filter. - - The filter key. - True to throw on error. - The NT status. - - - - Delete a filter. - - The filter key. - - - - Delete a filter. - - The filter ID. - True to throw on error. - The NT status. - - - - Delete a filter. - - The filter ID. - - - - Get a provider by its key. - - The key of the provider. - True to throw on error. - The firewall provider. - - - - Get a provider by its key. - - The key of the provider. - The firewall provider. - - - - Enumerate all providers. - - True to throw on error. - The list of providers. - - - - Enumerate all providers. - - The list of providers. - - - - Get the security descriptor for the IKE SA database. - - What parts of the security descriptor to retrieve - True to throw on error. - The security descriptor - - - - Get the security descriptor for the IKE SA database. - - What parts of the security descriptor to retrieve - The security descriptor - - - - Get the security descriptor for the IKE SA database. - - The security descriptor - - - - Enumerate all IKE security associatations. - - True to throw on error. - The list of IKE security associatations. - - - - Enumerate all IKE security associatations. - - The list of IKE security associatations. - - - - Get an IKE security association by its ID and lookup context. - - The ID of the security association. - Optional lookup context. - True to throw on error. - The IKE security association. - - - - Get an IKE security association by its ID and lookup context. - - The ID of the security association. - Optional lookup context. - The IKE security association. - - - - Classify a layer. - - The ID of the layer. - A list of incoming values. - True to throw on error. - The classify result. - - - - Classify a layer. - - The ID of the layer. - A list of incoming values. - The classify result. - - - - Enumerate IPSEC key managers. - - True to throw on error. - The list of registered key managers. - - - - Enumerate IPSEC key managers. - - The list of registered key managers. - - - - Get key manager component security descriptor. - - The security information to query. - True to throw on error. - The security descriptor. - - - - Get key manager component security descriptor. - - The security information to query. - The security descriptor. - - - - Open token from its modified ID. - - The token's modified ID. - The desired token access. - True to throw on error. - The opened token. - - - - Open token from its modified ID. - - The token's modified ID. - The desired token access. - The opened token. - - - - Enumerate all ALE endpoints. - - True to throw on error. - The list of ALE endpoints. - - - - Enumerate all ALE endpoints. - - The list of ALE endpoints. - - - - Get an ALE endpoint by its ID. - - The ID of the ALE endpoint. - True to throw on error. - The ALE endpoint. - - - - Get an ALE endpoint by its ID. - - The ID of the ALE endpoint. - The ALE endpoint. - - - - Get the ALE endpoint security. - - The security information to query for. - True to throw on error. - The security descriptor. - - - - Get the ALE endpoint security. - - The security information to query for. - The security descriptor. - - - - Enumerate all sessions. - - True to throw on error. - The list of sessions. - - - - Enumerate all sessions. - - The list of sessions. - - - - Enumerate all network events. - - Template to filter down enumeration. - True to throw on error. - The list of network events. - - - - Enumerate all network events. - - True to throw on error. - The list of network events. - - - - Enumerate all network events. - - Template to filter down enumeration. - The list of network events. - - - - Subscribe to read network event.s - - True to throw on error. - Optional template to filter enumeration. - The network event listener. - - - - Subscribe to read network event.s - - Optional template to filter enumeration. - The network event listener. - - - - Subscribe to read network event.s - - True to throw on error. - The network event listener. - - - - Begin a firewall transaction. - - Flags for the transaction. - True to throw on error. - The firewall transaction. - Disposing the transaction will cause it to abort. You should call Commit to use it. - - - - Enumerate all IPsec SA contexts. - - True to throw on error. - The list of SA contexts. - - - - Enumerate all IPsec SA contexts. - - The list of SA contexts. - - - - Get an IPsec SA context by its ID. - - The ID of the IPsec SA context. - True to throw on error. - The IPsec SA context. - - - - Get an IPsec SA context by its ID. - - The ID of the IPsec SA context. - The IPsec SA context. - - - - Begin a firewall transaction. - - Flags for the transaction. - The firewall transaction. - Disposing the transaction will cause it to abort. You should call Commit to use it. - - - - Begin a read/write firewall transaction. - - The firewall transaction. - Disposing the transaction will cause it to abort. You should call Commit to use it. - - - - Dispose the engine. - - - - - Get the security descriptor specifying which parts to retrieve - - What parts of the security descriptor to retrieve - The security descriptor - - - - Get the security descriptor specifying which parts to retrieve - - What parts of the security descriptor to retrieve - True to throw on error. - The security descriptor - - - - Engine option to query or set. - - - - - Represents a firewall field schema. - - - - - The field's key. - - - - - The name of the key if known. - - - - - The type of the field. - - - - - The data type of the field. - - - - - Field type. - - - - - A class to represent a firewall filter. - - - - - The filter action type. - - - - - The layer the filter applies to. - - - - - The name of the layer if known. - - - - - The sub-layer the filter applies to. - - - - - The name of the sub-layer if known. - - - - - The flags for the filter. - - - - - List of firewall conditions. - - - - - Original weight of the filter. - - - - - Provider key. - - - - - Provider data. - - - - - Filter identifier. - - - - - Effective weight of the filter. - - - - - Type of filter. - - - - - Key for the callout. - - - - - Name of the callout key if known. - - - - - Is the filter a callout. - - - - - Has the filter got an AppID condition. - - - - - Has the filter got an AppContainer package ID condition. - - - - - Has the filter got a condition to check for a user ID. - - - - - Has the filter got a condition to check for a remote user ID. - - - - - Get a layer for this filter. - - True to throw on error. - The firewall layer. - - - - Get a layer for this filter. - - The firewall layer. - - - - Get a sub-layer for this filter. - - True to throw on error. - The firewall sub-layer. - - - - Get a sub-layer for this filter. - - The firewall sub-layer. - - - - Check if filter has any condition of a specific type. - - The condition type to check. - True if the filter has a condition of the specified type. - - - - Get the filter condition for a GUID. - - The condition type to get. - The filter condition. - - - - Delete the filter. - - True to throw on error. - The NT status. - - - - Delete the filter. - - - - - Convert the filter into a builder so that it can be modified. - - The created builder. - - - - Access rights for a firewall filter. - - - - - A builder to create a new firewall filter. - - - - - The name of the filter. - - - - - The description of the filter. - - - - - The filter key. If empty will be automatically assigned. - - - - - The layer key. - - - - - The sub-layer key. - - - - - Flags for the filter. - - - - - Specify the initial weight. - - You need to specify an EMPTY, UINT64 or UINT8 value. - - - - Specify the action for this filter. - - - - - Specify the filter type GUID when not using a callout. - - - - - Specify callout key GUID when using a callout. - - - - - Specify provider key GUID. - - - - - Constructor. - - - - - Firewall filter condition. - - - - - The match type. - - - - - The key of the field. - - - - - The field key name. - - - - - The value for the condition - - - - - Constructor. - - The condition match type. - The field key. - The value. - - - - Overridden ToString method. - - The condition as a string. - - - - Options for enumerating a filter. - - - - - Specify the key for the layer to search for. - - - - - Specify the provider key. - - - - - Specify the flags for the enumeration. - - - - - Specify the action type. - - - - - Constructor. - - The layer key. - - - - Constructor. - - The ALE layer type.. - - - - Constructor. - - - - - Class to represent a firewall layer object. - - - - - Layer flags. - - - - - Default sub-layer key. - - - - - The layer ID. - - - - - List of fields. - - - - - Is builtin layer. - - - - - Is a user-mode layer. - - - - - Enumerate filters for this layer. - - True to throw on error. - The list of sorted filters. - - - - Enumerate filters for this layer. - - The list of sorted filters. - - - - Flags for a firewall layer. - - - - - Guids for pre-defined firewall layers. - - - - - Firewall filter match type. - - - - - Direction type for a network event. - - - - - Inbound - - - - - Outbound. - - - - - Forwarding - - - - - Loopback. - - - - - Base class for a firewall network event. - - - - - Type of network event. - - - - - Flags for values set. - - - - - Timestamp of the event. - - - - - Type of protocol. - - - - - Local endpoint. - - - - - Remote endpoint. - - - - - IPv6 Scope ID. - - - - - Connection AppID. - - - - - Connection user ID. - - - - - Address family. - - - - - Package SID. - - - - - Class to represent a network event capability allow. - - - - - AppContainer network capability. - - - - - Filter ID. - - - - - Indicates whether the packet originated from (or was heading to) the loopback adapter. - - - - - Class to represent a network event capability drop. - - - - - AppContainer network capability. - - - - - Filter ID. - - - - - Indicates whether the packet originated from (or was heading to) the loopback adapter. - - - - - Class to represent a firewall classification allow. - - - - - Filter ID. - - - - - Layer ID. - - - - - Reason for reauthorizing - - - - - The original profile the connection was received on. - - - - - The profile the error occurred on. - - - - - Indicates the direction of the packet transmission. - - - - - Indicates whether the packet originated from (or was heading to) the loopback adapter. - - - - - Class to represent a firewall classification drop. - - - - - Filter ID. - - - - - Layer ID. - - - - - Reason for reauthorizing - - - - - The original profile the connection was received on. - - - - - The profile the error occurred on. - - - - - Indicates the direction of the packet transmission. - - - - - Indicates whether the packet originated from (or was heading to) the loopback adapter. - - - - - GUID identifier of a vSwitch. - - - - - Transient source port of a packet within the vSwitch. - - - - - Transient destination port of a packet within the vSwitch. - - - - - Template for network event enumeration. - - - - - Start time for events. - - - - - End time for event.s - - - - - Constructor. - - - - - Flags for a network event. - - - - - Class to represent an IKEEXT extended mode failure event. - - - - - Windows error code for the failure - - - - - Point of failure - - - - - Flags for the failure event - - - - - IKE or Authip. - - - - - Extended mode mode state - - - - - Initiator or Responder - - - - - Authentication method - - - - - Hash (SHA thumbprint) of the end certificate corresponding to failures - that happen during building or validating certificate chains. - - - - - LUID for the MM SA - - - - - Quick mode filter ID - - - - - Name of local security principal that was authenticated, if available. - If not available, an empty string will be stored. - - - - - Name of remote security principal that was authenticated, if available. - If not available, an empty string will be stored. - - - - - Array of group SIDs corresponding to the local security principal that - was authenticated, if available. - - - - - Array of group SIDs corresponding to the remote security principal that - was authenticated, if available. - - - - - Class to represent an IKEEXT main mode failure event. - - - - - Windows error code for the failure - - - - - Point of failure - - - - - Flags for the failure event - - - - - IKE or Authip. - - - - - Main mode state - - - - - Initiator or Responder - - - - - Authentication method - - - - - Hash (SHA thumbprint) of the end certificate corresponding to failures - that happen during building or validating certificate chains. - - - - - LUID for the MM SA - - - - - Main mode filter ID - - - - - Name of local security principal that was authenticated, if available. - If not available, an empty string will be stored. - - - - - Name of remote security principal that was authenticated, if available. - If not available, an empty string will be stored. - - - - - Array of group SIDs corresponding to the local security principal that - was authenticated, if available. - - - - - Array of group SIDs corresponding to the remote security principal that - was authenticated, if available. - - - - - Class to represent an IKEEXT quick mode failure event. - - - - - Windows error code for the failure - - - - - Point of failure - - - - - IKE or Authip. - - - - - Main mode state - - - - - Initiator or Responder - - - - - Tunnel or transport mode. - - - - - Main mode filter ID - - - - - Local subnet address and mask. - - - - - Remote subnet address and mask. - - - - - Class to represent an IPsec kernel drop event. - - - - - Failure error code. - - - - - Connection direction. - - - - - Security parameter index. - - - - - Filter ID. - - - - - Layer ID. - - - - - Flags for network events to capture. - - - - - Class to listen for network events. - - - - - Read the next network event. - - Timeout in milliseconds. - Returns null if not event available, otherwise the next event. - - - - Read the next network event. Waiting indefinetely for the event. - - Returns null if not event available, otherwise the next event. - - - - Dispose the listener. - - - - - Type of network event. - - - - - AppContainer capability type. - - - - - Abstract class to represent a firewall object. - - - - - The object's key. - - - - - The object's name. - - - - - The object's description. - - - - - The object's key name. - - - - - The object's security descriptor. - - - - - Get the security descriptor specifying which parts to retrieve - - What parts of the security descriptor to retrieve - The security descriptor - The firewall engine object must still be open. - - - - Get the security descriptor specifying which parts to retrieve - - What parts of the security descriptor to retrieve - True to throw on error. - The security descriptor - The firewall engine object must still be open. - - - - Profile ID for the firewall. - - - - - Class to represent a firewall provider. - - - - - Name of the service which implements the provider. - - - - - Flags for the provider. - - - - - Provider data. - - - - - Flags for a firewall provider. - - - - - A firewall value range. - - - - - The low value. - - - - - The high value. - - - - - Overridden ToString method. - - The range as a string. - - - - Right action flags. - - - - - Class to represent a firewall session. - - - - - The session key. - - - - - Name of the session. - - - - - Description of the session. - - - - - Session flags. - - - - - Transaction wait timeout in ms. - - - - - The process ID of the session owner. - - - - - The user SID of the owner. - - - - - The name of the owner. - - - - - Is session kernel mode. - - - - - Constructor. Used when opening a session. - - The name of the session. - The description of the sesion. - Session flags. - Transaction timeout in ms. - - - - Constructor. Used when opening a session. - - Session flags. - - - - Class to represent a firewall sublayer. - - - - - Sub-layer flags. - - - - - The provider key. - - - - - Provider data. - - - - - Weight of the sub-layer. - - - - - Flags for a sub-layer. - - - - - Guids for pre-defined firewall sub-layers. - - - - - Token information for a condition. - - - - - The list of SIDs. - - - - - The list of restricted SIDs. - - - - - Capabilities. - - This is only used for local filtering. It's not used by WFP. - - - - Appcontainer SID. - - This is only used for local filtering. It's not used by WFP. - - - - User SID. - - This is only used for local filtering. It's not used by WFP. - - - - Constructor from a token. - - The token to constructo from. - - - - Constructor. - - The list of SIDs. - The list of restricted SIDs. - - - - Class to scope a firewall transaction. - - - - - Abort the transaction. - - True to throw on error. - The NT status code. - - - - Abort the transaction. - - - - - Commit the transaction. - - True to throw on error. - The NT status code. - - - - Commit the transaction. - - - - - Dispose the transaction. Will ca - - - - - Flags when creating a transaction. - - - - - No flags, creates a read/write transaction. - - - - - Read-only transaction. - - - - - Static class for firewall utility functions. - - - - - Name for fake NT type. - - - - - Name for fake filter NT type. - - - - - Get the NT type for the firewall. - - - - - Get the NT type for the firewall. - - - - - Get the generic mapping for a firewall object. - - The firewall object generic mapping. - - - - Get the generic mapping for a firewall filter object. - - The firewall filter object generic mapping. - - - - Get App ID from a filename. - - The filename to convert. - True to throw on error. - The App ID. - - - - Get App ID from a filename. - - The filename to convert. - The App ID. - - - - Get a list of known layer names. - - The list of known layer names. - - - - Get a list of known layer guids. - - The list of known layer guids. - - - - Get a known layer GUID from its name. - - The name of the layer. - The known layer GUID. - - - - Get a known callout GUID from its name. - - The name of the callout. - The known callout GUID. - - - - Get a list of known sub-layer names. - - The list of known sub-layer names. - - - - Get a list of known callout names. - - The list of known callout names. - - - - Get a list of known sub-layer guids. - - The list of known sub-layer guids. - - - - Get a known sub-layer GUID from its name. - - The name of the sub-layer. - The known sub-layer GUID. - - - - Get a layer GUID for an ALE layer enumeration. - - The ALE layer enumeration. - The ALE layer GUID. - - - - Firewall value. - - - - - Type of the value. - - - - - The raw value. - - - - - The context specific value, might be the same as the original. - - - - - Get a value which represents Empty. - - - - - Create a value from a security descriptor. - - The security descriptor. - The firewall value. - - - - Create a value from a SID. - - The SID. - The firewall value. - - - - Create a value. - - The value. - The firewall value. - - - - Create a value. - - The value. - The firewall value. - - - - Create a value. - - The value. - The firewall value. - - - - Create a value. - - The value. - The firewall value. - - - - Create a value. - - The value. - The firewall value. - - - - Create a value. - - The value. - The firewall value. - - - - Create a value. - - The value. - The firewall value. - - - - Create a value. - - The value. - The firewall value. - - - - Create a value. - - The value. - The firewall value. - - - - Create a value. - - The value. - The firewall value. - - - - Create a value. - - The value. - The firewall value. - - - - Create a value. - - The value. - The firewall value. - - - - Create a value. - - The value. - The firewall value. - - - - Create a value. - - The IPv4 address. - The IPv4 mask. - The firewall value. - - - - Create a value. - - The IPv6 address. - The prefix length. - The firewall value. - - - - Create a value. - - The value. - The firewall value. - - - - Create a value. - - The value. - The firewall value. - - - - Create a value. - - The value. - The firewall value. - - - - Create a range value. - - The low value. - The high value. - The firewall value. - - - - Create a value. - - The value. - The firewall value. - - - - Create a value. - - The value. - The firewall value. - - - - Create a value. - - The value. - The firewall value. - - - - Create a value. - - The value. - The firewall value. - - - - Overridden ToString method. - - The value as a string. - - - - Class to represent a certificate credential. - - - - - Certificate subject name. - - - - - Certificatehash. - - - - - Flags. - - - - - Certificate. - - - - - Overridden ToString method. - - The pair as a string. - - - - Class to represent an IKE credential. - - - - - Authentication method type. - - - - - Impersonation type. - - - - - Overridden ToString method. - - The pair as a string. - - - - Structure to represent a pair of credentials. - - - - - Local credentials. - - - - - Peer credentials. - - - - - Overridden ToString method. - - The pair as a string. - - - - IKEEXT EM failure flags. - - - - - Flag indicating that multiple IKE EM failure events have been reported that - should be correlated using the mmId field. - - - - - Flag indicating that the IKE EM failure event is a benign/expected failure - - - - - IKE extended mode states - - - - - Initial state. No EM packets have been sent to the peer yet. - - - - - State corresponding to the first EM roundtrip - - - - - State corresponding to the second EM roundtrip - - - - - State corresponding to the final EM roundtrip - - - - - State corresponding to the final EM roundtrip - - - - - EM has been completed - - - - - IKEEXT MM failure flags. - - - - - Flag indicating that the IKE MM failure event is a benign/expected failure. - - - - - Flag indicating that multiple IKE MM failure events have been reported that - should be correlated using the mmId field. - - - - - IKE main mode states - - - - - Initial state. No MM packets have been sent to the peer yet. - - - - - First roundtrip packet has been sent to the peer. - - - - - Second roundtrip packet has been sent to the peer, for SSPI auth. - - - - - Second roundtrip packet has been sent to the peer. - - - - - Final roundtrip packet has been sent to the peer. - - - - - MM has been completed. - - - - - IKE quick mode states - - - - - Initial state. No QM packets have been sent to the peer yet. - - - - - State corresponding to the first QM roundtrip - - - - - State corresponding to the final QM roundtrip - - - - - QM has been completed. - - - - - IKE main mode or quick mode SA role - - - - - SA is initiator - - - - - SA is responder - - - - - Class to represent an IKE name credential. - - - - - The credential principal name. - - - - - Overridden ToString method. - - The pair as a string. - - - - Class to represent an IKE pre-shared key credential. - - - - - The pre-shared key. - - - - - Key flags. - - - - - Class to represent an IKE security association. - - - - - ID for the security association. - - - - - Key module type. - - - - - The local address of the association. - - - - - The remote address of the association. - - - - - Initiator cookie. - - - - - Responder cookie. - - - - - IKE policy key, - - - - - Virtual interface tunnel ID. - - - - - Correlation key. - - - - - List of credentials. - - - - - Cipher algorithm for the security association. - - - - - Length of the key. - - - - - Number of rounds. - - - - - Integrity algorithm for the security association. - - - - - Maximum lifetime in seconds. - - - - - Diffie-Hellman group. - - - - - Quick mode limit. - - - - - IPsec auth config. - - - - - IPsec authentication type. - - - - - IPsec Cipher Configuration. - - - - - IPSec Cipher Type. - - - - - Type used for indicating where an IPsec failure occured. - - - - - No information available. - - - - - IPsec failure happened on local machine. - - - - - IPsec failure happened on remote machine. - - - - - Class to represent a IPsec identity - - - - - Main-mode target name. - - - - - Extended mode target name. - - - - - List of tokens. - - - - - Explicit credentials handle. - - - - - Logon ID. - - - - - Class to prepresent a key manager. - - - - - The manager's key. - - - - - The manager's name. - - - - - The manager's description. - - - - - The manager's flags. - - - - - The manager's dictation timeout hint. - - - - - Flags for IPsec key manager. - - - - - IPsec perfect forward secrecy group. - - - - - Class to represent the details of an IPsec security association. - - - - - Directory of SA. - - - - - Local endpoint. - - - - - Remote endpoint. - - - - - Traffic type. - - - - - Traffic type ID. - - - - - IP protocol type. - - - - - Interface LUID. - - - - - Real interface profile ID. - - - - - The SA bundle. - - - - - Local IPv4 UDP encapsulation port. - - - - - Remote IPv4 UDP encapsulation port. - - - - - Transport filter. - - - - - Virtual interface tunnel ID. - - - - - Traffic selector ID. - - - - - Overridden ToString method. - - The overridden ToString method. - - - - Class to represent a security association bundle. - - - - - Flags for the SA. - - - - - SA lifetime in seconds. - - - - - SA lifetime in KiB. - - - - - SA lifetime in packets. - - - - - Idle timeout. - - - - - ND allow clear timeout. - - - - - Identity for IPsec SA. - - - - - NAP context. - - - - - Quick-mode SA ID. - - - - - Key module key. - - - - - Key module state blob. - - - - - List of security association parameters. - - - - - Peer V4 private address. - - - - - Main-mode SA ID. - - - - - PFS group. - - - - - SA lookup context. - - - - - QM filter ID. - - - - - IPsec SA bundle flags. - - - - - Negotiation discovery is enabled in secure ring. - - - - - Negotiation discovery in enabled in the untrusted perimeter zone. - - - - - Peer is in untrusted perimeter zone ring and a network address translation (NAT) is in the way. Used with negotiation discovery. - - - - - Indicates that this is an SA for connections that require guaranteed encryption. - - - - - Indicates that this is an SA to an NLB server. - - - - - Indicates that this SA should bypass machine LUID verification. - - - - - Indicates that this SA should bypass impersonation LUID verification. - - - - - Indicates that this SA should bypass explicit credential handle matching. - - - - - Allows an SA formed with a peer name to carry traffic that does not have an associated peer target. - - - - - Clears the DontFragment bit on the outer IP header of an IPsec-tunneled packet. This flag is applicable only to tunnel mode SAs. - - - - - Default encapsulation ports (4500 and 4000) can be used when matching this SA with packets on outbound connections that do not have an associated IPsec-NAT-shim context. - - - - - Peer has negotiation discovery enabled, and is on a perimeter network. - - - - - Suppresses the duplicate SA deletion logic. THis logic is performed by the kernel when an outbound SA is added, to prevent unnecessary duplicate SAs. - - - - - Indicates that the peer computer supports negotiating a separate SA for connections that require guaranteed encryption. - - - - - Class to represent an IPsec security association context. - - - - - ID of the context. - - - - - Inbound security association. - - - - - Outbound security association. - - - - - Base security association class. - - - - - Index of the security parameter (SPI). - - - - - Transform type. - - - - - IPsec SA authentication information. - - - - - Type of authentication. - - - - - Authentication configuration. - - - - - Module ID for the crypto. - - - - - Authentication key. - - - - - IPsec SA authentication information. - - - - - Type of cipher. - - - - - Cipher configuration. - - - - - Module ID for the crypto. - - - - - Cipher key. - - - - - IPsec SA authentication information. - - - - - Type of authentication. - - - - - Authentication configuration. - - - - - Modify ID for the crypto. - - - - - Authentication key. - - - - - Type of cipher. - - - - - Cipher configuration. - - - - - Module ID for the crypto. - - - - - Cipher key. - - - - - Class to represent an IPsec token. - - - - - Type of token. - - - - - Token principal. - - - - - Token mode. - - - - - Handle to the token. - - - - - Get the token from the IKEEXT service. - - True to throw on error. - The token. - - - - Get the token from the IKEEXT service. - - The token. - - - - IPsec traffic type. - - - - - Network interface type. - - See https://www.iana.org/assignments/ianaiftype-mib - - - - Network layer address type. - - - - - Type of network tunnel. - - - - - Endpoint implementation for a HyperV socket. - - - - - Address family. - - - - - Protocol type for HyperV sockets. - - - - - Default constructor. - - - - - Constructor. - - - - - Get or set the service ID. - - - - - Get or set the VM ID. - - - - - Address family. - - - - - Serialize the socket address. - - The serialized address. - - - - Create a endpoint from a socket address. - - The socket address. - The created endpoint. - - - - Overridden ToString method. - - The endpoint as a string. - - - - Overridden equals method. - - The object to compare. - True if the objects are equal. - - - - Get endpoint hash code. - - The hashcode. - - - - GUIDs for HyperV Sockets. - - - - - Allows accepting connections from all partitions. - - - - - Broadcast. Send to all sockets. - - - - - Allows accepting connections form all child partitions. - - - - - Connect or bind to the loopback address. - - - - - Connect to the parent container. - - - - - Connect to the silo host container. - - - - - VSOCK template GUID. - - - - - Create an address for a VSOCK port. - - The VSOCK port. - The address. - - - - Checks if an address is a VSOCK address. - - The address to check. - True if a VSOCK address. - - - - Get the port for a VSOCK address. - - The address to query. - The VSOCK port. - Throw if not a valid VSOCK address. - - - - Convert an address to a string. - - The address to convert. - The converted address. If not symbolic name found will return the GUID as a string. - - - - Class to represent current socket security configuration. - - - - - Access token for the peer application. - - - - - Access token for the peer machine. - - - - - Socket security flags. - - - - - Security association ID for main mode. - - - - - Security association ID for quick mode. - - - - - Negotiation windows error. - - - - - Security association lookup context. Can be used to bypass security - checks for querying the security association information from the - firewall. - - - - - Dispose method. - - - - - Socket security IPsec flags. - - - - - Flags for querying socket security fields. - - - - - Flags for querying socket security information. - - - - - Socket security query flags. - - - - - Socket security setting flags. - - - - - Settings for socket security - - - - - The security flags. - - - - - The IPsec flags. - - - - - AuthIP MM policy key. - - - - - AuthIP QM policy key. - - - - - User credentials. - - - - - Authentication ID of a user, needs kernel mode to set. - - - - - Utilities for socket security. - - - - - Impersonate the socket's peer. - - The socket to impersonate. - Optional peer address. Only needed for datagram sockets. - True to throw on error. - The impersonation context. - - - - Impersonate the socket's peer. - - The socket to impersonate. - Optional peer address. Only needed for datagram sockets. - The impersonation context. - - - - Impersonate the socket's peer. - - The TCP client to impersonate. - True to throw on error. - The impersonation context. - - - - Impersonate the socket's peer. - - The TCP client to impersonate. - The impersonation context. - - - - Query the socket security information. - - The socket to query. - Optional peer address. Only needed for datagram sockets. - Optional desired access for peer tokens. If set to None then no tokens will be returned. - True to throw on error. - The socket security information. - - - - Query the socket security information. - - The socket to query. - Optional peer address. Only needed for datagram sockets. - Optional desired access for peer tokens. If set to None then no tokens will be returned. - The socket security information. - - - - Query the socket security information. - - The TCP client to query. - Optional desired access for peer tokens. If set to None then no tokens will be returned. - True to throw on error. - The socket security information. - - - - Query the socket security information. - - The TCP client to query. - Optional desired access for peer tokens. If set to None then no tokens will be returned. - The socket security information. - - - - Set the socket security information. - - The socket to set. - The security settings. - True to throw on error. - The NT status code. - - - - Set the socket security information. - - The socket to set. - The security settings. - - - - Set the socket security information. - - The TCP listener to set. - The security settings. - True to throw on error. - The NT status code. - - - - Set the socket security information. - - The TCP listener to set. - The security settings. - - - - Set the socket security information. - - The TCP client to set. - The security settings. - True to throw on error. - The NT status code. - - - - Set the socket security information. - - The TCP client to set. - The security settings. - - - - Set target peer for socket. - - The socket to set. - The target name. - Optional peer address. Only needed for datagram sockets. - True to throw on error. - The NT status code. - - - - Set target peer for socket. - - The socket to set. - The target name. - Optional peer address. Only needed for datagram sockets. - - - - Set target peer for socket. - - The socket to set. - The target name. - True to throw on error. - The NT status code. - - - - Set target peer for socket. - - The socket to set. - The target name. - - - - Set target peer for socket. - - The socket to set. - The target name. - True to throw on error. - The NT status code. - - - - Set target peer for socket. - - The socket to set. - The target name. - - - - Delete target peer for socket. - - The socket to set. - Peer address. - True to throw on error. - The NT status code. - - - - Security protocol for a socket. - - - - - Endpoint implementation for a AF_UNIX socket. - - - - - Default constructor. - - - - - Constructor. - - The path to the unix socket. - - - - Get or set the path. - - - - - Address family. - - - - - Serialize the socket address. - - The serialized address. - - - - Create a endpoint from a socket address. - - The socket address. - The created endpoint. - - - - Overridden ToString method. - - The endpoint as a string. - - - - Overridden equals method. - - The object to compare. - True if the objects are equal. - - - - Get endpoint hash code. - - The hashcode. - - - - A class to represent a TLS record. - - - - - TLS record type. - - - - - Version of protocol. - - - - - The record data. - - - - - Parse a TLS record from a binary reader. - - The reader to read from. - The parsed TLS record. - - - - Parse a TLS record from a byte array. - - The byte array. - The parsed TLS record. - - - - Type for a TLS record. - - - - - Change cipher spec. - - - - - Alert. - - - - - Handshake. - - - - - Application data. - - - - - Class to represent an ALPC port. - - - - - Disconnect this port. - - Disconection flags. - True to throw on error. - The NT status code. - - - - Disconnect this port. - - Disconection flags. - - - - Disconnect this port. - - - - - Cancel a message based on a context attribute. - - Cancellation flags. - The context attributes. - True to throw on error. - The NT status code. - - - - Cancel a message based on a context attribute. - - Cancellation flags. - The context attributes. - - - - Cancel a message based on a context attribute. - - The context attributes. - - - - Send and receive messages on an ALPC port. - - Send/Receive flags. - The message to send. Optional. - The attributes to send with the message. Optional. - The message to receive. Optional. - The attributes to receive with the message. Optional. - Time out for the send/receive. - True to throw on error. - The NT status code. - The attribute parameters will be repopulated with the attribute results. - - - - Send and receive messages on an ALPC port. - - Send/Receive flags. - The message to send. Optional. - The attributes to send with the message. Optional. - The message to receive. Optional. - The attributes to receive with the message. Optional. - Time out for the send/receive. - True if completed successfully, false if timed out. - Thrown on error. - - - - Send a message on an ALPC port. - - Send flags. - The message to send. Optional. - The attributes to send with the message. Optional. - Time out for the send/receive. - True to throw on error. - The NT status code. - The attribute parameters will be repopulated with the attribute results. - - - - Send a message on an ALPC port. - - Send flags. - The message to send. Optional. - The attributes to send with the message. Optional. - Time out for the send/receive. - The attribute parameters will be repopulated with the attribute results. - True if completed successfully, false if timed out. - Thrown on error. - - - - Send a message on an ALPC port. - - Send flags. - The message to send. Optional. - The attribute parameters will be repopulated with the attribute results. - - - - Receive a message on an ALPC port. - - Receive flags. - The maximum length to receive. - The attributes to receive with the message. Optional. - Time out for the send/receive. - True to throw on error. - The received message. - The attribute parameters will be repopulated with the attribute results. - - - - Receive a message on an ALPC port. - - Receive flags. - The maximum length to receive. - The attributes to receive with the message. Optional. - Time out for the send/receive. - The received message. - The attribute parameters will be repopulated with the attribute results. - - - - Receive a message on an ALPC port. - - Receive flags. - The maximum length to receive. - The attributes to receive with the message. Optional. - The received message. - The attribute parameters will be repopulated with the attribute results. - - - - Receive a message on an ALPC port. - - Receive flags. - The maximum length to receive. - The received message. - The attribute parameters will be repopulated with the attribute results. - - - - Receive a message on an ALPC port. - - Receive flags. - The attributes to receive with the message. Optional. - Time out for the send/receive. - True to throw on error. - The received message. - The attribute parameters will be repopulated with the attribute results. - The type of structure to receive. - - - - Receive a message on an ALPC port. - - Receive flags. - The attributes to receive with the message. Optional. - Time out for the send/receive. - The attribute parameters will be repopulated with the attribute results. - The type of structure to receive. - - - - Receive a message on an ALPC port. - - Receive flags. - The attributes to receive with the message. Optional. - The attribute parameters will be repopulated with the attribute results. - The type of structure to receive. - - - - Receive a message on an ALPC port. - - Receive flags. - The type of structure to receive. - - - - Impersonate client of port for a message. - - The message send by the client. - Impersonation flags. - Required impersonation level. Need to set RequiredImpersonationLevel flag as well. - True to throw on error. - Thread impersonation context. - - - - Impersonate client of port for a message. - - The message send by the client. - Impersonation flags. - Required impersonation level. Need to set RequiredImpersonationLevel flag as well. - Thread impersonation context. - - - - Impersonate client of port for a message. - - The message send by the client. - Thread impersonation context. - - - - Impersonate client container of port for a message. - - The message send by the client. - Impersonation flags. - True to throw on error. - Thread impersonation context. - - - - Impersonate client container of port for a message. - - The message send by the client. - Impersonation flags. - Thread impersonation context. - - - - Impersonate client container of port for a message. - - The message send by the client. - Thread impersonation context. - - - - Open the process of the message sender. - - The sent message. - Optional flags. Currently none defined. - The desired access for the process. - Optional object attributes. - True to throw on error. - The opened process object. - - - - Open the process of the message sender. - - The sent message. - Optional flags. Currently none defined. - The desired access for the process. - Optional object attributes. - The opened process object. - - - - Open the process of the message sender. - - The sent message. - The desired access for the process. - The opened process object. - - - - Open the process of the message sender with maximum privileges. - - The sent message. - The opened process object. - - - - Open the thread of the message sender. - - The sent message. - Optional flags. Currently none defined. - The desired access for the thread. - Optional object attributes. - True to throw on error. - The opened thread object. - - - - Open the thread of the message sender. - - The sent message. - Optional flags. Currently none defined. - The desired access for the thread. - Optional object attributes. - The opened thread object. - - - - Open the thread of the message sender. - - The sent message. - The desired access for the thread. - The opened thread object. - - - - Open the thread of the message sender with maximum privileges. - - The sent message. - The opened thread object. - - - - Associate an IO completion port with this ALPC port. - - The IO completion object. - Optional completion key. - True to throw on error. - The NT status code. - - - - Associate an IO completion port with this ALPC port. - - The IO completion object. - Optional completion key. - The NT status code. - - - - Check if the current SID matches the connected SID. - - The SID to compare. - True to throw on error. - True if the connected SID matches the specified SID. - - - - Check if the current SID matches the connected SID. - - The SID to compare. - True if the connected SID matches the specified SID. - - - - Create a new port section. - - Flags for the port section. - Optional backing section. - Size of the section to create. - True to throw on error. - The created port section. - - - - Create a new port section. - - Flags for the port section. - Optional backing section. - Size of the section to create. - The created port section. - - - - Create a new port section. - - Flags for the port section. - Size of the section to create. - The created port section. - - - - Create a new port section. - - Size of the section to create. - The created port section. - - - - Get a handle entry for a message. - - The handle index to get. - The associated message. - True to throw on error. - The ALPC handle entry. - - - - Get a handle entry for a message. - - The handle index to get. - The associated message. - The ALPC handle entry. - - - - Create a security context. - - Flags for the creation. - Security quality of service. - True to throw on error. - The created security context. - - - - Create a security context. - - Flags for the creation. - Security quality of service. - The created security context. - - - - Create a security context. - - Security quality of service. - The created security context. - - - - Create a security context. - - The created security context. - - - - Set port attribute flags. - - The flags to set. - True to throw on error. - The NT status code. - - - - Method to query information for this object type. - - The information class. - The buffer to return data in. - Return length from the query. - The NT status code for the query. - - - - Method to set information for this object type. - - The information class. - The buffer to set data from. - The NT status code for the set. - - - - Port flags. - - - - - Port sequence number. - - - - - Port context. - - - - - Class to represent an ALPC client port. - - - - - Connect to an ALPC port. - - The path to the port. - Object attributes for the handle. Optional. - Attributes for the port. Optional. - Send flags for the initial connection message. - Required SID for the server. - Initial connection message. - Outbound message attributes. - Inbound message atributes. - Connect timeout. - True to throw on error. - The connected ALPC port. - - - - Connect to an ALPC port. - - The path to the port. - Object attributes for the handle. Optional. - Attributes for the port. Optional. - Send flags for the initial connection message. - Required SID for the server. - Initial connection message. - Outbound message attributes. - Inbound message atributes. - Connect timeout. - The connected ALPC port. - Thrown on error. - - - - Connect to an ALPC port. - - The name of the port to connect to. - Attributes for the port. - The connected ALPC port object. - - - - Connect to an ALPC port. - - Object attribute for the port name. - Object attributes for the handle. Optional. - Attributes for the port. Optional. - Send flags for the initial connection message. - Required security descriptor for the server. - Initial connection message. - Outbound message attributes. - Inbound message atributes. - Connect timeout. - True to throw on error. - The connected ALPC port. - Only available on Windows 8+. - - - - Connect to an ALPC port. - - Object attribute for the port name. - Object attributes for the handle. Optional. - Attributes for the port. Optional. - Send flags for the initial connection message. - Required security descriptor for the server. - Initial connection message. - Outbound message attributes. - Inbound message atributes. - Connect timeout. - The connected ALPC port. - Thrown on error. - - - - Connect to an ALPC port. - - Object attribute for the port name. - Attributes for the port. - The connected ALPC port object. - - - - Get the server process information. - - True to throw on error. - The process information. - - - - Get the server process information. - - The process information. - - - - Get the server process ID. - - - - - Get the server session ID. - - - - - Class to represent an ALPC server port. - - - - - Create an ALPC port. - - The object attributes for the port. - The attributes for the port. - True to throw on error. - The created object. - - - - Create an ALPC port. - - The object attributes for the port. - The attributes for the port. - The created object. - Thrown on error. - - - - Create an ALPC port. - - The name of the port to create. - The attributes for the port. - The created object. - Thrown on error. - - - - Accept a new connection on a port. - - The message send flags. - Object attributes. Optional. - The attributes for the port. - Port context. Optional. - Connect request message. - Connect request attributes. - True to accept the connection. - True to throw on error. - The accepted port. - - - - Accept a new connection on a port. - - The message send flags. - Object attributes. Optional. - The attributes for the port. - Port context. Optional. - Connect request message. - Connect request attributes. - True to accept the connection. - The accepted port. - - - - Accept a new connection on a port. - - The message send flags. - Connect request message. - Connect request attributes. - True to accept the connection. - The accepted port. - - - - Access rights for ALPC - - - - - ALPC Port Information Class - - - - - If set then object duplication won't complete. Used by RPC to ensure - multi-handle attributes don't fail when receiving. - - - - - Use in a reply to release the view. - - - - - Automatically release the view once it's passed to the receiver. - - - - - Make the data view secure. - - - - - When used all structures passed to kernel need to be 64 bit versions. - - - - - Static utilities for ALPC. - - - - - Wait for the result to complete. This could be waiting on an event - or the file handle. - - Wait timeout. Will cancel the operation if it times out. - Returns true if the wait completed successfully. - If true is returned then status and information can be read out. - - - - Wait for the result to complete asynchronously. This could be waiting on an event - or the file handle. - - Cancellation token. - Returns true if the wait completed successfully. - If true is returned then status and information can be read out. - - - - Return the status information field. - - Thrown if not complete. - - - - Return the status information field. (32 bit) - - Thrown if not complete. - - - - Get completion status code. - - Thrown if not complete. - - - - Returns true if the call is pending. - - - - - Dispose object. - - - - - Reset the file result so it can be reused. - - - - - Cancel the pending IO operation. - - - - - Cancel the pending IO operation. - - True to throw on error. - The NT status code. - - - - Class to handle NT atoms - - - - - Add a global atom name - - The name to add - Flags for the add. - True to throw on error. - A reference to the atom - - - - Add a global atom name - - The name to add - Flags for the add. - A reference to the atom - - - - Add a global atom name - - The name to add - True to throw on error. - A reference to the atom - - - - Add a global atom name - - The name to add - A reference to the atom - - - - Find a global atom by name. - - The name of the atom. - True to throw on error. - The found atom. - - - - Find a global atom by name. - - The name of the atom. - The found atom. - - - - Query if a global atom exists. - - The atom to check. - True if the atom exists. - - - - Query if the atom exists. - - The atom to check. - Specify true to check for a global atom, otherwise gets a user atom. - True if the atom exists. - - - - Open a global atom by number. - - The atom to open. - True to check atom exists. - True to open a global atom, otherwise a user atom. - True to throw on error. - The atom object. - - - - Open a global atom by number. - - The atom to open. - True to check atom exists. - True to throw on error. - The atom object. - - - - Open a global atom by number. - - The atom to open. - True to check atom exists. - The atom object. - - - - Open a global atom by number. - - The atom to open. - The atom object. - - - - Enumerate all atoms. - - An enumeration of all atoms on the system. - - - - Enumerate all global atoms. - - An enumeration of all atoms on the system. - - - - Delete a global atom. - - True to throw on error. - The NT status code. - - - - Delete a global atom. - - - - - Get the name of the atom. - - True to throw on error. - The name of the atom. - - - - The atom value - - - - - Get the name of the atom. - - The name of the atom - - - - If true indicates this is a global atom, otherwise it's a user atom. - - - - - Class representing a NT Debug object - - - - - Create a debug object - - The debug object name (can be null) - The root directory for relative names - Debug object flags. - The debug object - - - - Create a debug object - - Desired access for the debug object - Object attributes for debug object - Debug object flags. - The debug object - - - - Create a debug object - - Desired access for the debug object - Object attributes for debug object - Debug object flags. - True to throw an exception on error. - The NT status code and object result. - - - - Create a debug object - - The debug object - - - - Open a named debug object - - The debug object name - The root directory for relative names - Desired access for the debug object - The debug object - - - - Open a named debug object - - The object attributes to open. - Desired access for the debug object - The debug object - - - - Open a named debug object - - The object attributes to open. - Desired access for the debug object - True to throw an exception on error. - The NT status code and object result. - - - - Open the current thread's debug object. - - True to throw on error. - The opened debug object. Returns null if no object exists. - - - - Open the current thread's debug object. Returns null if no object exists. - - - - - Attach to an active process. - - The process to debug. - True to throw on error. - The NT status code. - - - - Attach to an active process. - - The process ID to debug. - True to throw on error. - The NT status code. - - - - Attach to an active process. - - The process to debug. - - - - Attach to an active process. - - The process ID to debug. - - - - Detach a process from this debug object. - - The process to remove. - True to throw on error. - The NT status code. - - - - Detach a process from this debug object. - - The process to remove. - - - - Detach a process from this debug object. - - The process ID to remove. - True to throw on error. - The NT status code. - - - - Detach a process from this debug object. - - The process ID to remove. - - - - Set kill process on close flag. - - The flag state. - True to throw on error. - The NT status code. - - - - Set kill process on close flag. - - The flag state. - - - - Continue the debugged process. - - The client ID for the process and thread IDs. - The continue status code. - True to throw on error. - The NT status code. - - - - Continue the debugged process. - - The process ID to continue. - The thread ID to continue. - The continue status code. - True to throw on error. - The NT status code. - - - - Continue the debugged process. - - The client ID for the process and thread IDs. - The continue status code. - - - - Continue the debugged process. - - The process ID to continue. - The thread ID to continue. - The continue status code. - - - - Continue the debugged process with a success code. - - The process ID to continue. - The thread ID to continue. - - - - Wait for a debug event. - - True to set the thread as alertable. - Wait timeout. - True to throw on error. - The debug event. - - - - Wait for a debug event. - - True to set the thread as alertable. - Wait timeout. - The debug event. - - - - Wait for a debug event. - - Wait timeout. - The debug event. - - - - Wait for a debug event. - - Wait timeout in milliseconds. - The debug event. - - - - Wait for a debug event. - - The debug event. - - - - Class which represents a desktop object. - - - - - Open a desktop by name. - - The object attributes for opening. - Flags for opening the desktop. - Desired access. - True to throw on error. - The instance of the desktop. - Thrown on error. - - - - Open a desktop by name. - - The object attributes for opening. - Flags for opening the desktop. - Desired access. - The instance of the desktop. - Thrown on error. - - - - Open a desktop by name. - - The name of the desktop. - Optional root object - An instance of NtDesktop. - Thrown on error. - - - - Open a desktop by name. - - The name of the desktop. - An instance of NtDesktop. - - - - Create a new desktop. - - The object attributes for opening. - Flags for opening the desktop. - Desired access. - True to throw on error. - Device name. - Device mode. - Heap size. - An instance of NtDesktop. - - - - Create a new desktop. - - The object attributes for opening. - Flags for opening the desktop. - Desired access. - Device name. - Device mode. - Heap size. - An instance of NtDesktop. - - - - Create a new desktop. - - The name of the desktop. - Optional root object - An instance of NtDesktop. - - - - Create a new desktop. - - The name of the desktop. - An instance of NtDesktop. - - - - Get the desktop for a thread. - - The thread ID of the thread. - True to throw on error. - The desktop result. - - - - Get the desktop for a thread. - - The thread ID of the thread. - The desktop result. - - - - Get desktop for current thread. - - - - - Get list of top level Windows for this Desktop. - - - - - Close the Desktop. This is different from normal Close as it destroys the Desktop. - - True to throw on error. - The NT status. - - - - NT Directory Object class - - - - - Open a directory object - - The object attributes to use for the open call. - Access rights for directory object - True to throw an exception on error. - The NT status code and object result. - Thrown on error and throw_on_error is true. - - - - Open a directory object - - The object attributes to use for the open call. - Access rights for directory object - The directory object - Throw on error - - - - Open a directory object by name - - The directory object to open - Optional root directory to parse from - Access rights for directory object - The directory object - Throw on error - - - - Open a directory object by name - - The directory object to open - Optional root directory to parse from - Access rights for directory object - True to throw an exception on error. - The directory object - Throw on error - - - - Open a directory object by full name - - The directory object to open - The directory object - Throw on error - - - - Create a directory object with a shadow - - The object attributes to create the directory with - The desired access to the directory - The shadow directory - Flags for creation. - True to throw an exception on error. - The NT status code and object result. - Thrown on error and throw_on_error is true. - - - - Create a directory object with a shadow - - The object attributes to create the directory with - The desired access to the directory - The shadow directory - True to throw an exception on error. - The NT status code and object result. - Thrown on error and throw_on_error is true. - - - - Create a directory object with a shadow - - The object attributes to create the directory with - The desired access to the directory - The shadow directory - Flags for creation. - The directory object - Thrown on error - - - - Create a directory object with a shadow - - The object attributes to create the directory with - The desired access to the directory - The shadow directory - The directory object - Thrown on error - - - - Create a directory object - - The directory object to create, if null will create a unnamed directory object - The desired access to the directory - Root directory from where to start the creation operation - The directory object - Thrown on error - - - - Create a directory object with a shadow - - The directory object to create, if null will create a unnamed directory object - The desired access to the directory - Root directory from where to start the creation operation - The shadow directory - The directory object - Thrown on error - - - - Create a directory object - - The directory object to create, if null will create a unnamed directory object - The directory object - Thrown on error - - - - Open a session directory. - - The session ID to open - Sub directory to open. - Desired access to open directory. - The directory object - Thrown on error - - - - Open the current session directory. - - The directory object - Thrown on error - - - - Open the current session directory. - - The directory object - Thrown on error - - - - Open basenamedobjects for a session. - - The session ID to open - The directory object - Thrown on error - - - - Open basenamedobjects for current session. - - The directory object - Thrown on error - - - - Get the based named object's directory for a session. - - The session ID - The based named object's directory. - - - - Get the based named object's directory for the current session. - - The based named object's directory. - - - - Get the a session's Windows object directory. - - The session id to use. - The path to the windows object directory. - - - - Get the current session's Windows object directory. - - The path to the windows object directory. - - - - Get the a session's Window Stations object directory. - - The session id to use. - The path to the window stations object directory. - - - - Get the current session's Window Stations object directory. - - The path to the window stations object directory. - - - - Open dos devices directory for a token. - - The directory object - Thrown on error - - - - Open dos devices directory for current effective token. - - The directory object - Thrown on error - - - - Create a private namespace directory. - - Object attributes for the directory - Boundary descriptor for the namespace - Desired access for the directory - True to throw an exception on error. - The directory object - Thrown on error - - - - Create a private namespace directory. - - Object attributes for the directory - Boundary descriptor for the namespace - Desired access for the directory - The directory object - Thrown on error - - - - Create a private namespace directory. - - Boundary descriptor for the namespace - The directory object - Thrown on error - - - - Open a private namespace directory. - - Object attributes for the directory - Boundary descriptor for the namespace - Desired access for the directory - True to throw an exception on error. - The directory object - Thrown on error - - - - Open a private namespace directory. - - Object attributes for the directory - Boundary descriptor for the namespace - Desired access for the directory - The directory object - Thrown on error - - - - Open a private namespace directory. - - Boundary descriptor for the namespace - The directory object - Thrown on error - - - - Returns whether a directory exists for this path. - - The path to the entry. - The root directory. - True if the directory exists for the specified path. - - - - Get the type of a directory entry by path. - - The path to the directory entry - The root object to look up if path is relative - The type name, or null if it can't be found. - - - - Query the directory for a list of entries. - - The list of entries. - Thrown on error - - - - Visit all accessible directories under this one. - - A function to be called on every accessible directory. Return true to continue enumeration. - Specify the desired access for the directory - True to recurse into sub directories. - Specify max recursive depth. -1 to not set a limit. - True if all children were visited. - - - - Visit all accessible directories under this one. - - A function to be called on every accessible directory. Return true to continue enumeration. - - - - Visit all accessible directories under this one. - - A function to be called on every accessible directory. Return true to continue enumeration. - True to recurse into sub directories. - - - - Visit all accessible directories under this one. - - A function to be called on every accessible directory. Return true to continue enumeration. - Specify the desired access for the directory - True to recurse into sub directories. - - - - Deletes a private namespace. If not a private namespace this does nothing. - - - - - Deletes a private namespace. If not a private namespace this does nothing. - - True to throw on error. - The NT status code. - - - - Get a directory entry based on a name. - - The name of the entry. - The typename to verify against, can be null. - True if look up is case sensitive. - The directory entry, or null if it can't be found. - - - - Get a directory entry based on a name. - - The name of the entry. - The directory entry, or null if it can't be found. - - - - Check whether a directory is exists relative to the current directory. - - Relative path to directory - True if the directory exists. - - - - Set the session ID for this directory to the current session. - - True to throw on error. - The NT status code. - Thrown on error. - Needs SeTcbPrivilege. - - - - Set the session object for this directory to the current session. - - True to throw on error. - The NT status code. - Thrown on error. - Needs SeTcbPrivilege. - - - - Returns whether this object is a container. - - - - - Directory access rights. - - - - - Base class to implement an enclave. - - - - - The base address of the enclave. - - - - - The type of enclave. - - - - - Dispose of the enclave. - - - - - Close the enclave. - - - - - Call a method in the enclave. - - The routine address to call. - The parameter to pass to the routine. - True to wait for a free thread. - True to throw on error. - The return value from the call. - - - - Call a method in the enclave. - - The routine address to call. - The parameter to pass to the routine. - True to wait for a free thread. - The return value from the call. - - - - Type of enclave. - - - - - Class to represent a VBS enclave. - - - - - Create a VBS enclave. - - The process to create the enclave in. - Size of the enclave. - Flags for the enclave. - Owner ID. Must be 32 bytes. - True to throw on error. - The created enclave. - - - - Create a VBS enclave. - - The process to create the enclave in. - Size of the enclave. - Flags for the enclave. - Owner ID. Must be 32 bytes. - The created enclave. - - - - Get a procedure address in the loaded enclave. - - The name of the procedure. - True to throw on error. - The address of the procedure. - - - - Get a procedure address in the loaded enclave. - - The name of the procedure. - The address of the procedure. - - - - Terminate the enclave. - - Flags for the terminate. - True to throw on error. - The NT status code. - - - - Terminate the enclave. - - Flags for the terminate. - The NT status code. - - - - Load a module into the enclave. - - The name of the module - Flags or path. - True to throw on error. - The NT status. - - - - Load a module into the enclave. - - The name of the module - Flags or path. - The NT status. - - - - Initialize the enclave. - - The number of threads to create. - True to throw on error. - The number of created threads. - - - - Initialize the enclave. - - The number of threads to create. - The number of created threads. - - - - Dispose of the enclave. - - - - - Class to represent a kernel transaction enlistment. - - - - - Create a new enlistment object. - - The object attributes - Desired access for the handle - Resource manager to handle the enlistment. - The transaction to enlist. - Optional create options. - Notification mask. - Enlistment key returned during notification. - True to throw an exception on error. - The created enlistment and NT status code. - - - - Create a new enlistment object. - - The object attributes - Desired access for the handle - Resource manager to handle the enlistment. - The transaction to enlist. - Optional create options. - Notification mask. - Enlistment key returned during notification. - The created enlistment. - - - - Open a existing new enlistment object. - - The object attributes - Desired access for the handle - Resource manager handling the enlistment. - ID of the enlistment to open. - True to throw an exception on error. - The opened enlistment and NT status code. - - - - Open a existing new enlistment object. - - The object attributes - Desired access for the handle - Resource manager handling the enlistment. - ID of the enlistment to open. - The opened enlistment. - - - - Get a default mask for creating an enlistment object. - - The creation option to get default mask for. - A default working mask. - - - - Commit complete enlistment. - - Optional virtual clock value. - True to throw on error. - The NT status code. - - - - Commit enlistment. - - Optional virtual clock value. - True to throw on error. - The NT status code. - - - - Preprepare complete enlistment. - - Optional virtual clock value. - True to throw on error. - The NT status code. - - - - Preprepare enlistment. - - Optional virtual clock value. - True to throw on error. - The NT status code. - - - - Prepare complete enlistment. - - Optional virtual clock value. - True to throw on error. - The NT status code. - - - - Prepare enlistment. - - Optional virtual clock value. - True to throw on error. - The NT status code. - - - - Rollback complete enlistment. - - Optional virtual clock value. - True to throw on error. - The NT status code. - - - - Rollback enlistment. - - Optional virtual clock value. - True to throw on error. - The NT status code. - - - - Read only enlistment. - - Optional virtual clock value. - True to throw on error. - The NT status code. - - - - Recover enlistment. - - Optional virtual clock value. - True to throw on error. - The NT status code. - - - - Single phase reject enlistment. - - Optional virtual clock value. - True to throw on error. - The NT status code. - - - - Commit complete enlistment. - - Optional virtual clock value. - - - - Commit enlistment. - - Optional virtual clock value. - - - - Preprepare complete enlistment. - - Optional virtual clock value. - - - - Preprepare enlistment. - - Optional virtual clock value. - - - - Prepare complete enlistment. - - Optional virtual clock value. - - - - Prepare enlistment. - - Optional virtual clock value. - - - - Rollback complete enlistment. - - Optional virtual clock value. - - - - Rollback enlistment. - - Optional virtual clock value. - - - - Read only enlistment. - - Optional virtual clock value. - - - - Recover enlistment. - - Optional virtual clock value. - - - - Single phase reject enlistment. - - Optional virtual clock value. - - - - Method to query information for this object type. - - The information class. - The buffer to return data in. - Return length from the query. - The NT status code for the query. - - - - Method to set information for this object type. - - The information class. - The buffer to set data from. - The NT status code for the set. - - - - Query the information class as an object. - - The information class. - True to throw on error. - The information class as an object. - - - - Get enlistment ID. - - - - - Get associated transaction ID. - - - - - Get resource manager ID. - - - - - Get CRM enlistment ID. - - - - - Get CRM transaction manager ID. - - - - - Get CRM resource manager ID. - - - - - Get or set recovery information. - - - - - Class to represent an NT trace GUID. - - - - - Class representing a NT Event object - - - - - Create an event object - - The path to the event - The root object for relative path names - The type of the event - The initial state of the event - True to throw on error. - The event object - - - - Create an event object - - The path to the event - The root object for relative path names - The type of the event - The initial state of the event - The event object - - - - Create an event object - - The event object attributes - The type of the event - The initial state of the event - The desired access for the event - The event object - - - - Create an event object - - The event object attributes - The type of the event - The initial state of the event - The desired access for the event - True to throw an exception on error. - The NT status code and object result. - - - - Create an event object - - The path to the event - The type of the event - The initial state of the event - The event object - - - - Open an event object - - The path to the event - The root object for relative path names - The desired access for the event - The event object - - - - Open an event object - - The event object attributes - The desired access for the event - The event object. - - - - Open an event object - - The event object attributes - The desired access for the event - True to throw an exception on error. - The NT status code and object result. - - - - Open an event object - - The path to the event - The root object for relative path names - The event object - - - - Open an event object - - The path to the event - The event object - - - - Set the event state - - True to throw an exception on error. - The previous state of the event and NT status. - - - - Set the event state - - The previous state of the event - - - - Clear the event state - - True to throw an exception on error. - The NT status code. - - - - Clear the event state - - - - - Pulse the event state. - - True to throw an exception on error. - The previous state of the event and NT status. - - - - Pulse the event state. - - The previous state of the event - - - - Method to query information for this object type. - - The information class. - The buffer to return data in. - Return length from the query. - The NT status code for the query. - - - - Query the information class as an object. - - The information class. - True to throw on error. - The information class as an object. - - - - Get event type. - - - - - Get current event state. - - - - - Type of Event object. - - - - - Manual reset event. - - - - - Automatic reset event. - - - - - Exception class representing an NT status error. - - - - - Constructor - - Status result - - - - Returns the contained NT status code - - - - - Returns a string form of the NT status code. - - - - - Class representing a NT File object - - - - - Create a new file - - The object attributes - Desired access for the file - Attributes for the file - Share access for the file - Open options for file - Disposition when opening the file - Extended Attributes buffer - Optional allocation size. - True to throw an exception on error. - The NT status code and object result. - - - - Create a new file - - The object attributes - Desired access for the file - Attributes for the file - Share access for the file - Open options for file - Disposition when opening the file - Extended Attributes buffer - Optional allocation size. - The created/opened file object. - - - - Create a new file - - The object attributes - Desired access for the file - Attributes for the file - Share access for the file - Open options for file - Disposition when opening the file - Extended Attributes buffer - True to throw an exception on error. - The NT status code and object result. - - - - Create a new file - - The object attributes - Desired access for the file - Attributes for the file - Share access for the file - Open options for file - Disposition when opening the file - Extended Attributes buffer - The created/opened file object. - - - - Create a new file - - The path to the file - A root object to parse relative filenames - Desired access for the file - Attributes for the file - Share access for the file - Open options for file - Disposition when opening the file - Extended Attributes buffer - True to throw an exception on error. - The created/opened file object. - - - - Create a new file - - The path to the file - A root object to parse relative filenames - Desired access for the file - Attributes for the file - Share access for the file - Open options for file - Disposition when opening the file - Extended Attributes buffer - The created/opened file object. - - - - Create a new file - - The path to the file - Desired access for the file - Share access for the file - Open options for file - Disposition when opening the file - Extended Attributes buffer - The created/opened file object. - - - - Create a new named pipe file - - The object attributes - Desired access for the file - Share access for the file - Open options for file - Disposition when opening the file - Pipe completion mode - Default timeout - Input quota - Maximum number of instances (-1 for infinite) - Output quota - Type of pipe to create - Pipe read mode - True to throw an exception on error. - The NT status code and object result. - Thrown on error. - - - - Create a new named pipe file - - The object attributes - Desired access for the file - Share access for the file - Open options for file - Disposition when opening the file - Pipe completion mode - Default timeout - Input quota - Maximum number of instances (-1 for infinite) - Output quota - Type of pipe to create - Pipe read mode - The file instance for the pipe. - Thrown on error. - - - - Create a new named pipe file - - The path to the pipe file - A root object to parse relative filenames - Desired access for the file - Share access for the file - Open options for file - Disposition when opening the file - Pipe completion mode - Default timeout - Input quota - Maximum number of instances (-1 for infinite) - Output quota - Type of pipe to create - Pipe read mode - True to throw an exception on error. - The file instance for the pipe. - Thrown on error. - - - - Create a new named pipe file - - The path to the pipe file - A root object to parse relative filenames - Desired access for the file - Share access for the file - Open options for file - Disposition when opening the file - Pipe completion mode - Default timeout - Input quota - Maximum number of instances (-1 for infinite) - Output quota - Type of pipe to create - Pipe read mode - The file instance for the pipe. - Thrown on error. - - - - Create an anonymous named pipe pair. - - True to throw on error. - The named pipe pair. - - - - Create an anonymous named pipe pair. - - The named pipe pair. - - - - Create a new named mailslot file - - The object attributes - Desired access for the file - Open options for file - Mailslot quota - Maximum message size (0 for any size) - Read Timeout. - True to throw on error. - The file instance for the mailslot. - Thrown on error. - - - - Create a new named mailslot file - - The object attributes - Desired access for the file - Open options for file - Mailslot quota - Maximum message size (0 for any size) - Read timeout in MS (<0 is infinite) - True to throw on error. - The file instance for the mailslot. - Thrown on error. - - - - Create a new named mailslot file - - The object attributes - Desired access for the file - Open options for file - Mailslot quota - Maximum message size (0 for any size) - Read timeout in MS ( <0 is infinite) - The file instance for the mailslot. - Thrown on error. - - - - Create a new named mailslot file - - The path to the mailslot file - A root object to parse relative filenames - Desired access for the file - Open options for file - Mailslot quota - Maximum message size (0 for any size) - Timeout in MS ( <0 is infinite) - The file instance for the mailslot. - Thrown on error. - - - - Open a file - - The object attributes - The desired access for the file handle - The file share access - File open options - True to throw an exception on error. - The NT status code and object result. - - - - Open a file - - The object attributesf - The desired access for the file handle - The file share access - File open options - The opened file - Thrown on error. - - - - Open a file - - The path to the file - The root directory if path is relative. - The desired access for the file handle - The file share access - File open options - True to throw an exception on error. - The opened file - Thrown on error. - - - - Open a file - - The path to the file - The root directory if path is relative. - The desired access for the file handle - The file share access - File open options - The opened file - Thrown on error. - - - - Open a file - - The path to the file - The root directory if path is relative. - The desired access for the file handle - The opened file - Thrown on error. - - - - Get the object ID of a file as a string - - The path to the file - The object ID as a string - Thrown on error. - - - - Open a file by its object ID - - A handle to the volume on which the file resides. - The object ID as a binary string - The desired access for the file - File share access - Open options. - True to throw on error - The opened file object - - - - Open a file by its object ID - - A handle to the volume on which the file resides. - The object ID as a binary string - The desired access for the file - File share access - Open options. - The opened file object - Thrown on error. - - - - Open a file by its ID - - A handle to the volume on which the file resides. - The file's ID. Can be a file reference number or an Object ID. - The desired access for the file - File share access - Open options. - True to throw on error - The opened file object - - - - Open a file by its ID - - A handle to the volume on which the file resides. - The file's ID. Can be a file reference number or an Object ID. - The desired access for the file - File share access - Open options. - The opened file object - - - - Open a file by its object ID - - A handle to the volume on which the file resides. - The file ID. - The desired access for the file - File share access - Open options. - True to throw on error - The opened file object - - - - Open a file by its file ID - - A handle to the volume on which the file resides. - The file ID. - The desired access for the file - File share access - Open options. - The opened file object - Thrown on error. - - - - Open a file by its file ID - - The path to the volume which contains the file. - The file ID. - The desired access for the file - File share access - Open options. - True to throw on error - The opened file object - - - - Open a file by its file ID - - The path to the volume which contains the file. - The file ID. - The desired access for the file - File share access - Open options. - The opened file object - - - - Delete a file - - The object attributes for the file. - True to throw an exception on error - The status result of the delete - - - - Delete a file - - The object attributes for the file. - - - - Delete a file - - The path to the file. - - - - Rename file. - - The file to rename. - The target NT path. - Thrown on error. - - - - Create a hardlink to another file. - - The file to hardlink to. - The desintation hardlink path. - Thrown on error. - - - - Create a mount point. - - The path to the mount point to create. - The substitute name to reparse to. - The print name to display (can be null). - - - - Create a symlink. - - The path to the mount point to create. - True to create a directory symlink, false for a file. - The substitute name to reparse to. - The print name to display. - Additional flags for the symlink. - - - - Get the reparse point buffer for the file. - - The path to the reparse point. - The reparse point buffer. - - - - Delete the reparse point buffer. - - The path to the reparse point. - The original reparse buffer. - - - - Query attributes of a file. - - The object attributes. - True to throw on error. - The file attributes. - - - - Query attributes of a file. - - The object attributes. - The file attributes. - - - - Query attributes of a file. - - The path to the file. - The root directory to parse from. - True to throw on error. - The file attributes. - - - - Query attributes of a file. - - The path to the file. - The root directory to parse from. - The file attributes. - - - - Query attributes of a file. - - The path to the file. - The file attributes. - - - - Send a Device IO Control code to the file driver - - The control code - Input buffer can be null - Output buffer can be null - Cancellation token to cancel the async operation. - True to throw on error. - Thrown on error. - The length of output bytes returned. - - - - Send a Device IO Control code to the file driver. - - The control code - Input buffer can be null - Maximum output buffer size - Cancellation token to cancel the async operation. - True to throw on error. - The output buffer returned by the kernel. - - - - Send a Device IO Control code to the file driver - - The control code - Input buffer can be null - Output buffer can be null - Cancellation token to cancel the async operation. - Thrown on error. - The length of output bytes returned. - - - - Send a Device IO Control code to the file driver. - - The control code - Input buffer can be null - Maximum output buffer size - Cancellation token to cancel the async operation. - The output buffer returned by the kernel. - - - - Send a File System Control code to the file driver - - The control code - Input buffer can be null - Output buffer can be null - Cancellation token to cancel the async operation. - True to throw on error. - Thrown on error. - The length of output bytes returned. - - - - Send a File System Control code to the file driver. - - The control code - Input buffer can be null - Maximum output buffer size - Cancellation token to cancel the async operation. - True to throw on error. - The output buffer returned by the kernel. - - - - Send a File System Control code to the file driver - - The control code - Input buffer can be null - Output buffer can be null - Cancellation token to cancel the async operation. - Thrown on error. - The length of output bytes returned. - - - - Send a File System Control code to the file driver. - - The control code - Input buffer can be null - Maximum output buffer size - Cancellation token to cancel the async operation. - The output buffer returned by the kernel. - - - - Send a Device IO Control code to the file driver - - The control code - Input buffer can be null - Output buffer can be null - Thrown on error. - The length of output bytes returned. - - - - Send a Device IO Control code to the file driver. - - The control code - Input buffer can be null - Maximum output buffer size - The output buffer returned by the kernel. - - - - Send a File System Control code to the file driver - - The control code - Input buffer can be null - Output buffer can be null - Thrown on error. - The length of output bytes returned. - - - - Send a File System Control code to the file driver. - - The control code - Input buffer can be null - Maximum output buffer size - The output buffer returned by the kernel. - - - - Send a Device IO Control code to the file driver - - The control code - Input buffer can be null - Output buffer can be null - True to throw on error. - Thrown on error. - The length of output bytes returned. - - - - Send a Device IO Control code to the file driver. - - The control code - Input buffer can be null - Maximum output buffer size - True to throw on error. - The output buffer returned by the kernel. - - - - Send a File System Control code to the file driver - - The control code - Input buffer can be null - Output buffer can be null - True to throw on error. - Thrown on error. - The length of output bytes returned. - - - - Send a File System Control code to the file driver. - - The control code - Input buffer can be null - Maximum output buffer size - True to throw on error. - The output buffer returned by the kernel. - - - - Send a Device IO Control code to the file driver - - The control code - Input buffer can be null - Output buffer can be null - True to throw an exception on error. - Thrown on error. - The length of output bytes returned. - - - - Send a Device IO Control code to the file driver - - The control code - Input buffer can be null - Output buffer can be null - Thrown on error. - The length of output bytes returned. - - - - Send a Device IO Control code to the file driver. - - The control code - Input buffer can be null - Maximum output buffer size - True to throw an exception on error. - The output buffer returned by the kernel. - - - - Send a Device IO Control code to the file driver. - - The control code - Input buffer can be null - Maximum output buffer size - The output buffer returned by the kernel. - - - - Send an File System Control code to the file driver - - The control code - Input buffer can be null - Output buffer can be null - True to throw an exception on error. - The length of output bytes returned. - Thrown on error. - - - - Send a File System Control code to the file driver. - - The control code - Input buffer can be null - Maximum output buffer size - True to throw an exception on error. - The output buffer returned by the kernel. - - - - Send an File System Control code to the file driver - - The control code - Input buffer can be null - Output buffer can be null - The length of output bytes returned. - Thrown on error. - - - - Send a File System Control code to the file driver. - - The control code - Input buffer can be null - Maximum output buffer size - The output buffer returned by the kernel. - - - - Re-open an existing file for different access. - - The desired access for the file handle - The file share access - File open options - Flags for the object attributes. - True to throw an exception on error. - The NT status code and object result. - Thrown on error. - - - - Re-open an existing file for different access. - - The desired access for the file handle - The file share access - File open options - True to throw an exception on error. - The NT status code and object result. - Thrown on error. - - - - Re-open an exsiting file for different access. - - The desired access for the file handle - The file share access - File open options - The opened file - Thrown on error. - - - - Specify file disposition. - - True to set delete on close, false to clear delete on close. - True to throw on error. - The NT status code. - Thrown on error. - You can't prevent deletion if file opened with DeleteOnClose flag. - - - - Specify file disposition. - - True to set delete on close, false to clear delete on close. - Thrown on error. - You can't prevent deletion if file opened with DeleteOnClose flag. - - - - Delete the file. Must have been opened with DELETE access. - - True to throw on error. - The NT status code. - Thrown on error. - - - - Delete the file. Must have been opened with DELETE access. - - Thrown on error. - - - - Set disposition on the file (extended Windows version). - - True to throw on error. - Flags for SetDispositionEx call. - The NT status code. - Thrown on error. - - - - Set disposition on the file (extended Windows version). - - Flags for SetDispositionEx call. - Thrown on error. - - - - Delete the file (extended Windows version). Must have been opened with DELETE access. - - True to throw on error. - Flags for DeleteEx call. - The NT status code. - Thrown on error. - - - - Delete the file (extended Windows version). Must have been opened with DELETE access. - - Flags for DeleteEx call. - Thrown on error. - - - - Create a new hardlink to this file. - - The target NT path. - The root directory if linkname is relative - Thrown on error. - - - - Create a new hardlink to this file. - - The target absolute NT path. - Thrown on error. - - - - Create a new hardlink to this file. - - The target NT path. - The root directory if linkname is relative - If TRUE, replaces the target file if it exists. If FALSE, fails if the target file already exists. - True to throw on error. - The NT status code. - Thrown on error. - - - - Create a new hardlink to this file. - - The target NT path. - The root directory if linkname is relative - If TRUE, replaces the target file if it exists. If FALSE, fails if the target file already exists. - Thrown on error. - - - - Create a new hardlink to this file. - - The target NT path. - The root directory if linkname is relative - The flags associated to FileLinkInformationEx. - True to throw on error. - The NT status code. - Thrown on error. - - - - Create a new hardlink to this file. - - The target NT path. - The root directory if linkname is relative - The flags associated to FileLinkInformationEx. - Thrown on error. - - - - Rename file. - - The target NT path. - The root directory if new_name is relative - If TRUE, replaces the target file if it exists. If FALSE, fails if the target file already exists. - True to throw on error. - The NT status code. - Thrown on error. - - - - Rename file. - - The target NT path. - The root directory if new_name is relative - If TRUE, replaces the target file if it exists. If FALSE, fails if the target file already exists. - Thrown on error. - - - - Rename file. - - The target NT path. - The root directory if new_name is relative - Thrown on error. - - - - Rename this file with an absolute path. - - The target absolute NT path. - If TRUE, replace the target file if it exists. If FALSE, fails if the target file already exists. - Thrown on error. - - - - Rename this file with an absolute path. - - The target absolute NT path. - Thrown on error. - - - - Rename (extended Windows version) this file with an absolute path. - - The target absolute NT path. - The root directory if new_name is relative - The flags associated to FileRenameInformationEx. - True to throw on error. - The NT status code. - Thrown on error. - - - - Rename (extended Windows version) this file with an absolute path. - - The target absolute NT path. - The root directory if new_name is relative - The flags associated to FileRenameInformationEx. - Thrown on error. - - - - Rename (extended Windows version) this file with an absolute path. - - The target absolute NT path. - The flags associated to FileRenameInformationEx. - Thrown on error. - - - - Set an arbitrary reparse point. - - The reparse point data. - - - - Set an arbitrary reparse point. - - The reparse point data. - True to throw on error. - The NT status code. - - - - Set an arbitrary reparse point as a raw byte array. - - The reparse point data as a byte array. - - - - Set an arbitrary reparse point as a raw byte array. - - The reparse point data as a byte array. - True to throw on error. - The NT status code. - - - - Set an arbitrary reparse point. - - The reparse point data. - Flags for the reparse buffer. - Existing tag to check against. If no check required use 0. - Existing Guid to check against. If no check requested use empty GUID. - True to throw on error. - The NT status code. - - - - Set an arbitrary reparse point. - - The reparse point data. - Flags for the reparse buffer. - Existing tag to check against. If no check required use 0. - Existing Guid to check against. If no check requested use empty GUID. - - - - Set an arbitrary reparse point. - - The reparse point data. - Existing tag to check against. If no check required use 0. - - - - Set an arbitrary reparse point. - - The reparse point data.> - - - - Set a mount point on the current file object. - - The substitute name to reparse to. - The print name to display (can be null). - - - - Set a symlink on the current file object. - - The substitute name to reparse to. - The print name to display. - Additional flags for the symlink. - - - - Set a mount point on the current file object. - - The substitute name to reparse to. - The print name to display (can be null). - True to throw on error. - The NT status code. - - - - Set a symlink on the current file object. - - The substitute name to reparse to. - The print name to display. - Additional flags for the symlink. - True to throw on error. - The NT status code. - - - - Get the reparse point buffer for the file. - - True to throw on error. - The reparse point buffer. - - - - Get the reparse point buffer for the file. - - The reparse point buffer. - - - - Get the reparse point buffer for the file as a raw buffer. - - True to throw on error. - The reparse point buffer. - - - - Get the reparse point buffer for the file as a raw buffer. - - The reparse point buffer. - - - - Delete the reparse point buffer - - The reparse tag. - The NT status code. - True to throw on error. - - - - Delete the reparse point buffer - - The reparse tag. - - - - Delete the reparse point buffer - - The original reparse buffer. - True to throw on error. - - - - Delete the reparse point buffer - - The original reparse buffer. - - - - Get list of accessible files underneath a directory. - - Share access for file open - Options for open call. - The desired access for each file. - A file name mask (such as *.txt). Can be null. - Indicate what entries to return. - The list of files which can be access. - - - - Get list of accessible files underneath a directory. - - Share access for file open - Options for open call. - The desired access for each file. - The list of files which can be access. - - - - Query a directory for files. - - The list of directory entries. - - - - Query a directory for files. - - A file name mask (such as *.txt). Can be null. - Indicate what entries to return. - Specify what additional data to include in the directory entries. - The list of directory entries. You might need to cast the directories to the appropriate types if using include flags. - - - - Query a directory for files. - - A file name mask (such as *.txt). Can be null. - Indicate what entries to return. - The list of directory entries. - - - - Query a directory for files with file ID. - - A file name mask (such as *.txt). Can be null. - Indicate what entries to return. - Return placeholder parent and current directory entries. - The list of directory entries. - - - - Read data from a file with a length and position. - - The buffer to read to. - The position in the file to read. The position is optional. - True to throw on error. - The length of bytes read into the buffer. - - - - Read data from a file with a length and position. - - The buffer to read to. - The position in the file to read. The position is optional. - The length of bytes read into the buffer. - - - - Read data from a file with a length and position. - - The length of the read - The position in the file to read. The position is optional. - True to throw on error. - The read bytes, this can be smaller than length. - - - - Read data from a file with a length and position. - - The length of the read - The position in the file to read - The read bytes, this can be smaller than length. - - - - Read data from a file with a length. - - The length of the read - The read bytes, this can be smaller than length. - - - - Read data from a file with a length over a scatter set of pages. - - List of pages to read into. These pages must be Page Size aligned. - The length of the read - The position in the file to read. - True to throw on error. - The length of bytes read. - - - - Read data from a file with a length over a scatter set of pages. - - List of pages to read into. These pages must be Page Size aligned. - The length of the read - The position in the file to read. - The length of bytes read. - - - - Read data from a file with a length and position asynchronously. - - The buffer to read to. - The position in the file to read. The position is optional. - Cancellation token to cancel async operation. - True to throw on error. - The length of bytes read into the buffer. - - - - Read data from a file with a length and position asynchronously. - - The buffer to read to. - The position in the file to read. The position is optional. - Cancellation token to cancel async operation. - The length of bytes read into the buffer. - - - - Read data from a file with a length and position asynchronously. - - The length of the read - The position in the file to read. The position is optional. - Cancellation token to cancel async operation. - True to throw on error. - The length of bytes read into the buffer. - - - - Read data from a file with a length and position asynchronously.. - - The length of the read - The position in the file to read - Cancellation token to cancel async operation. - The read bytes, this can be smaller than length. - - - - Read data from a file with a length and position asynchronously.. - - The length of the read - The position in the file to read - The read bytes, this can be smaller than length. - - - - Read data from a file with a length and position asynchronously. - - List of pages to read into. These pages must be Page Size aligned. - The length of the read - The position in the file to read. - Cancellation token to cancel async operation. - True to throw on error. - The length of bytes read into the buffer. - - - - Read data from a file with a length and position asynchronously. - - List of pages to read into. These pages must be Page Size aligned. - The length of the read - The position in the file to read. - True to throw on error. - The length of bytes read into the buffer. - - - - Read data from a file with a length and position asynchronously. - - List of pages to read into. These pages must be Page Size aligned. - The length of the read - The position in the file to read. - Cancellation token to cancel async operation. - The length of bytes read into the buffer. - - - - Read data from a file with a length and position asynchronously. - - List of pages to read into. These pages must be Page Size aligned. - The length of the read - The position in the file to read. - The length of bytes read into the buffer. - - - - Write data to a file at a specific position asynchronously. - - The data to write as a buffer. - The position to write to. - Cancellation token to cancel async operation. - True to throw on error. - The number of bytes written - - - - Write data to a file at a specific position asynchronously. - - The data to write as a buffer. - The position to write to. - Cancellation token to cancel async operation. - The number of bytes written - - - - Write data to a file at a specific position asynchronously. - - The data to write. - The position to write to. - Cancellation token to cancel async operation. - The number of bytes written - - - - Write data to a file at a specific position asynchronously. - - The data to write - The position to write to - The number of bytes written - - - - Write data to a file at a specific position asynchronously. - - The data to write. - The position to write to. - Cancellation token to cancel async operation. - True to throw on error. - The number of bytes written - - - - Write data to a file at a specific position. - - The data to write - The position to write to. Optional - True to throw on error. - The number of bytes written. - - - - Write data to a file at a specific position. - - The data to write - The position to write to. Optional - The number of bytes written. - - - - Write data to a file at a specific position. - - The data to write - The position to write to. Optional - True to throw on error. - The number of bytes written. - - - - Write data to a file at a specific position. - - The data to write - The position to write to - The number of bytes written - - - - Write data to a file - - The data to write - The number of bytes written - - - - Write data to a file at a specific position gathered from a list of pages. - - List of pages to write. These pages must be page size aligned. - The length of the write. - The position to write to. - True to throw on error. - The number of bytes written. - - - - Write data to a file at a specific position gathered from a list of pages. - - List of pages to write. These pages must be page size aligned. - The length of the write. - The position to write to. - The number of bytes written. - - - - Write data to a file at a specific position asynchronously from a list of pages. - - List of pages to write. These pages must be page size aligned. - The length of the write. - The position to write to. - Cancellation token to cancel async operation. - True to throw on error. - The number of bytes written - - - - Write data to a file at a specific position asynchronously from a list of pages. - - List of pages to write. These pages must be page size aligned. - The length of the write. - The position to write to. - True to throw on error. - The number of bytes written - - - - Write data to a file at a specific position asynchronously from a list of pages. - - List of pages to write. These pages must be page size aligned. - The length of the write. - The position to write to. - Cancellation token to cancel async operation. - The number of bytes written - - - - Write data to a file at a specific position asynchronously from a list of pages. - - List of pages to write. These pages must be page size aligned. - The length of the write. - The position to write to. - The number of bytes written - - - - Lock part of a file. - - The offset into the file to lock - The number of bytes to lock - True to fail immediately if the lock can't be taken - True to do an exclusive lock - True to throw on error. - The NT status code. - - - - Lock part of a file. - - The offset into the file to lock - The number of bytes to lock - True to fail immediately if the lock can't be taken - True to do an exclusive lock - - - - Shared lock part of a file. - - The offset into the file to lock - The number of bytes to lock - - - - Lock part of a file asynchronously. - - The offset into the file to lock - The number of bytes to lock - True to fail immediately if the lock can't be taken - True to do an exclusive lock - Cancellation token to cancel async operation. - True to throw on error. - The NT status code. - - - - Lock part of a file asynchronously. - - The offset into the file to lock - The number of bytes to lock - True to fail immediately if the lock can't be taken - True to do an exclusive lock - Cancellation token to cancel async operation. - - - - Lock part of a file asynchronously. - - The offset into the file to lock - The number of bytes to lock - True to fail immediately if the lock can't be taken - True to do an exclusive lock - - - - Shared lock part of a file asynchronously. - - The offset into the file to lock - The number of bytes to lock - - - - Unlock part of a file previously locked with Lock - - The offset into the file to unlock - The number of bytes to unlock - Thrown on error. - - - - Unlock part of a file previously locked with Lock - - The offset into the file to unlock - The number of bytes to unlock - True to throw on error. - The NT status code. - - - - Convert this NtFile to a FileStream for reading/writing. - - The stream must be closed separately from the NtFile. - The file stream. - Thrown on error. - - - - Get the Win32 path name for the file. - - The flags to determine what path information to get. - The path. - Throw on error. - - - - Get the Win32 path name for the file. - - The flags to determine what path information to get. - True to throw on error. - The path. - - - - Oplock the file with a specific level. - - The level of oplock to set. - True to throw on error. - The oplock response level. - - - - Oplock the file with a specific level. - - The level of oplock to set. - The oplock response level. - - - - Oplock the file with a specific level. - - The level of oplock to set. - Cancellation token to cancel async operation. - True to throw on error. - The oplock response level. - - - - Oplock the file with a specific level. - - The level of oplock to set. - True to throw on error. - The oplock response level. - - - - Oplock the file with a specific level. - - The level of oplock to set. - Cancellation token to cancel async operation. - The oplock response level. - - - - Oplock the file with a specific level. - - The level of oplock to set. - The oplock response level. - - - - Acknowledge an oplock break. - - The acknowledgment level. - True to throw on error. - The NT status code. - Oplock break acknowledgement returns STATUS_PENDING. - - - - Acknowledge an oplock break. - - The acknowledgment level. - - - - Oplock the file with a specific level. - - The oplock cache level. - Specify additional flags for the request. - True to throw on error. - The result of the oplock request. - - - - Oplock the file with a specific level. - - The oplock cache level. - True to throw on error. - The result of the oplock request. - - - - Oplock the file with a specific level and flags. - - The oplock level. - Cancellation token to cancel async operation. - Specify additional flags for the request. - True to throw on error. - The request of the oplock request. - - - - Oplock the file with a specific level and flags. - - The oplock level. - Cancellation token to cancel async operation. - True to throw on error. - The request of the oplock request. - - - - Oplock the file with a specific lease level and flags. - - The oplock lease level. - Specify additional flags for the request. - The result of the oplock request. - - - - Oplock the file with a specific lease level and flags. - - The oplock lease level. - The result of the oplock request. - - - - Oplock the file with a specific level and flags. - - The oplock level. - Specify additional flags for the request. - Cancellation token to cancel async operation. - The request of the oplock request. - - - - Oplock the file with a specific level and flags. - - The oplock level. - Cancellation token to cancel async operation. - The request of the oplock request. - - - - Oplock the file with a specific level and flags. - - The oplock level. - True to throw on error. - The request of the oplock request. - - - - Oplock the file with a specific level and flags. - - The oplock level. - The response of the oplock request. - - - - Oplock the file with a specific level and flags. - - The oplock level. - Specify additional flags for the request. - The response of the oplock request. - - - - Acknowledge a lease oplock started with RequestOplockLease. - - True to complete acknowledgement on close. - True to throw on error. - The NT status code. - This breaks to None. If you want to request the new oplock level then request a new oplock. - - - - Acknowledge a lease oplock started with RequestOplockLease. - - True to complete acknowledgement on close. - - - - Acknowledge a lease oplock started with RequestOplockLease. - - - - - Oplock the file exclusively (no other users can access the file). - - True to throw on error. - The oplock response level. - - - - Oplock the file exclusively (no other users can access the file). - - The oplock response level. - - - - Oplock the file exclusively (no other users can access the file). - - Cancellation token to cancel async operation. - The oplock response level. - - - - Oplock the file exclusively (no other users can access the file). - - The oplock response level. - - - - Wait for an oplock break to complete. - - True to throw on error. - The NT status code. - - - - Wait for an oplock break to complete. - - The NT status code. - - - - Wait for an oplock break to complete. - - True to throw on error. - The NT status code. - - - - Wait for an oplock break to complete. - - The NT status code. - - - - Dispose. - - True is disposing. - - - - Try and cancel any pending asynchronous IO. - - - - - Get the extended attributes of a file. - - True to throw on error. - The extended attributes, empty if no extended attributes. - - - - Get the extended attributes of a file. - - The extended attributes, empty if no extended attributes. - - - - Set the extended attributes for a file. - - The EA buffer to set. - True to throw on error. - This will add entries if they no longer exist, - remove entries if the data is empty or update existing entires. - - - - Set the extended attributes for a file. - - The EA buffer to set. - This will add entries if they no longer exist, - remove entries if the data is empty or update existing entires. - - - - Set the extended attributes for a file. - - The name of the entry - The associated data - The entry flags. - - - - Set the extended attributes for a file. - - The name of the entry - The associated data - The entry flags. - - - - Set the extended attributes for a file. - - The name of the entry - The associated data - The entry flags. - - - - Remove an extended attributes entry for a file. - - The name of the entry - - - - Assign completion port to file. - - The completion port. - A key to associate with this completion. - - - - Check if a specific set of file directory access rights is granted - - The file directory access rights to check - True if all access rights are granted - - - - Get the cached signing level for a file. - - The cached signing level. - - - - Get the cached signing level for a file. - - The cached signing level. - - - - Get the cached singing level from the raw EA buffer. - - The cached signing level data. - Throw on error. - - - - Set the cached signing level for a file. - - Flags to set for the cache. - The signing level to cache - - - - Set the cached signing level for a file. - - Flags to set for the cache. - The signing level to cache - Optional directory path to look for catalog files. - - - - Set the cached signing level for a file. - - Flags to set for the cache. - The signing level to cache - Files for signature. - Optional directory path to look for catalog files. - - - - Set the cached signing level for a file. - - Flags to set for the cache. - The signing level to cache - Files for signature. - Optional directory path to look for catalog files. - True to throw on error. - - - - Set the end of file. - - The offset to the end of file. - - - - Set the valid data length of the file without zeroing. Needs SeManageVolumePrivilege. - - The length to set. - - - - Get list of hard link entries for a file. - - The list of entries. - - - - Get a list of stream entries for the current file. - - The list of streams. - - - - Visit all accessible streams under this file. - - A function to be called on every accessible stream. Return true to continue enumeration. - Specify the desired access for the streams. - The share access to open the streams with. - Additional options to open the s with. - True if all accessible streams were visited, false if not. - - - - Get list of process ids using this file. - - The list of process ids. - - - - Visit all accessible files under this directory. - - A function to be called on every accessible file. Return true to continue enumeration. - Specify the desired access for the files. - True to recurse into sub keys. - The share access to open the files with. - Specify max recursive depth. -1 to not set a limit. - Additional options to open the files with. - A file name mask (such as *.txt). Can be null. - Indicate what entries to return. - True if all accessible files were visited, false if not. - - - - Visit all accessible files under this directory. - - A function to be called on every accessible file. Return true to continue enumeration. - Specify the desired access for the files. - True to recurse into sub keys. - The share access to open the files with. - Specify max recursive depth. -1 to not set a limit. - Additional options to open the files with. - True if all accessible files were visited, false if not. - - - - Visit all accessible files under this directory. - - A function to be called on every accessible file. Return true to continue enumeration. - - - - Visit all accessible files under this directory. - - A function to be called on every accessible file. Return true to continue enumeration. - Specify the desired access for the files. - The share access to open the files with. - - - - Query whether a file is trusted for dynamic code. - - Returns true if the file is trusted. - - - - Set a file is trusted for dynamic code. - - - - - Set a file is trusted for dynamic code. - - True to throw on error. - The NT status code. - - - - Find files in a directory by the owner SID. - - The owner SID. - A list of files in the directory. - For this method to work you need Quota enabled on the volume. - - - - Get full change notifications. Will pick ex version if available and revert to old format if not. - - The filter of events to watch for. - True to watch all sub directories. - True to throw on error. - Wait timeout. - The list of changes. - - - - Get full change notifications. Will pick ex version if available and revert to old format if not. - - The filter of events to watch for. - True to watch all sub directories. - Wait timeout. - The list of changes. - - - - Get full change notifications asynchronously. Will pick ex version if available and revert to old format if not. - - The filter of events to watch for. - True to watch all sub directories. - True to throw on error. - Cancellation token. - The list of changes. - - - - Get full change notifications asynchronously. Will pick ex version if available and revert to old format if not. - - The filter of events to watch for. - True to watch all sub directories. - Cancellation token. - The list of changes. - - - - Get full change notifications asynchronously. Will pick ex version if available and revert to old format if not. - - The filter of events to watch for. - True to watch all sub directories. - The list of changes. - - - - Get change notifications. - - The filter of events to watch for. - True to watch all sub directories. - True to throw on error. - Wait timeout. - The list of changes. - - - - Get change notifications. - - The filter of events to watch for. - True to watch all sub directories. - True to throw on error. - The list of changes. - - - - Get change notifications. - - The filter of events to watch for. - True to watch all sub directories. - Wait timeout. - The list of changes. - - - - Get change notifications. - - The filter of events to watch for. - True to watch all sub directories. - The list of changes. - - - - Get change notifications. - - The filter of events to watch for. - True to watch all sub directories. - True to throw on error. - Cancellation token. - The list of changes. - - - - Get change notifications. - - The filter of events to watch for. - True to watch all sub directories. - True to throw on error. - The list of changes. - - - - Get change notifications. - - The filter of events to watch for. - True to watch all sub directories. - Cancellation token. - The list of changes. - - - - Get change notifications. - - The filter of events to watch for. - True to watch all sub directories. - The list of changes. - - - - Get extended change notifications. - - The filter of events to watch for. - True to watch all sub directories. - Timeout to wait. - True to throw on error. - The list of changes. - - - - Get extended change notifications. - - The filter of events to watch for. - True to watch all sub directories. - True to throw on error. - The list of changes. - - - - Get change notifications. - - The filter of events to watch for. - True to watch all sub directories. - Timeout to wait. - The list of changes. - - - - Get change notifications. - - The filter of events to watch for. - True to watch all sub directories. - The list of changes. - - - - Get change notifications. - - The filter of events to watch for. - True to watch all sub directories. - True to throw on error. - Cancellation token. - The list of changes. - - - - Get change notifications. - - The filter of events to watch for. - True to watch all sub directories. - True to throw on error. - The list of changes. - - - - Get change notifications. - - The filter of events to watch for. - True to watch all sub directories. - Cancellation token. - The list of changes. - - - - Get change notifications. - - The filter of events to watch for. - True to watch all sub directories. - The list of changes. - - - - Get the file attributes. - - True to throw on error. - The file attributes. - - - - Set the file attributes. - - The file attributes to set. - True to throw on error. - The NT status code. - - - - Get the creation time. - - True to throw on error. - The creation time. - - - - Get the last write time. - - True to throw on error. - The last write time. - - - - Get the change time time. - - True to throw on error. - The change time. - - - - Get the last access time. - - True to throw on error. - The last access time time. - - - - Set the file's creation time. - - The time to set. - True to throw on error. - The NT status code. - - - - Set the file's last access time. - - The time to set. - True to throw on error. - The NT status code. - - - - Set the file's last write time. - - The time to set. - True to throw on error. - The NT status code. - - - - Set the file's change time. - - The time to set. - True to throw on error. - The NT status code. - - - - Set the file position. - - The file position to set. - True to throw on error. - The NT status code. - - - - Get file information. - - - - - - - Query all reparse points from a volume. - - The list of reparse points. - You'll need to open the reparse database, which is typically \$Extend\$Reparse:$R:$INDEX_ALLOCATION on the volume. - - - - Query all object ids from a volume. - - The list of object ids. - You need to open the object ID database, which is typically \$Extend\$ObjId:$O:$INDEX_ALLOCATION on the volume. - - - - Get the Object ID buffer for a file. - - True to throw on error. - The object ID buffer. - - - - Get the Object ID create for a file. - - The object ID buffer. - - - - Get the Object ID buffer for a file. - - True to throw on error. - The object ID buffer. - - - - Get or create the Object ID for a file. - - The object ID buffer. - - - - Set Object ID and extended information. - - The Object ID buffer. - Only set the extended information. - True to throw on error. - The NT status code. - - - - Set Object ID and extended information. - - The Object ID buffer. - Only set the extended information. - The NT status code. - - - - Set Object ID and extended information. - - The Object ID GUID. - Extended info buffer, needs to be 48 bytes in size. - The NT status code. - - - - Set only Object ID extended information. - > - Extended info buffer, needs to be 48 bytes in size. - The NT status code. - - - - Delete the Object ID for a file. - - True to throw on error. - The NT status code. - - - - Delete the Object ID for a file. - - - - - Make the file sparse. - - True to make the file sparse. - True to throw on error. - The NT status code. - - - - Query if the driver is in the device stack for the device. - - The driver path. Can be a plain name of full object manager path, e.g. \Device\Blah. - True to throw on error. - True indicating driver in path. - - - - Query if the driver is in the device stack for the device. - - The driver path. - True indicating driver in path. - - - - Get filesystem and volume information. - - - - - Query a fixed buffer for a volume. - - The type to query. - The volume information class. - The returned type. - - - - Query a fixed buffer for a volume. - - The type to query. - The volume information class. - True to throw on error. - The returned type. - - - - Query a buffer for a volume. - - The type to query. - The volume information class. - True to throw on error. - The returned type. - - - - Query a buffer for a volume. - - The volume information class. - Initialization buffer. - True to throw on error. - The returned type. - - - - Query a buffer for a volume. - - The volume information class. - Initialization buffer. - The returned type. - - - - Query a buffer for a volume. - - The type to query. - The volume information class. - The returned type. - - - - Query a buffer for a volume. - - The volume information class. - The buffer for the query. Can be initialized. - True to throw on error. - The NT status code. - - - - Query a buffer for a volume. - - The volume information class. - The buffer for the query. Can be initialized. - - - - Set a buffer on a volume. - - The volume information class. - The buffer for the set. - True to throw on error. - The NT status code. - - - - Set a buffer on a volume. - - The volume information class. - The buffer for the set. - - - - Set a fixed value on a volume. - - The volume information class. - The fixed value to set. - True to throw on error. - The NT status code. - - - - Set a fixed value on a volume. - - The volume information class. - The fixed value to set. - - - - Query the quota entries for a volume. - - Return quote entries for the specified SIDs. - The list of quota entries. - - - - Query all quota entries for a volume. - - The list of quota entries. - - - - Set quota entries. - - The quota entries to set. - True to throw on error. - The NT status code. - - - - Set quota entries. - - The quota entries to set. - - - - Set quota entry. - - The quota entry to set. - - - - Set quota entry. - - The SID for the quota. - The quota limit to set. - The quota threshold to set. - - - - Get the file's full path. - - True to throw on error. - The file name. - - - - Get the file's normalized path. - - True to throw on error. - The file name. - - - - Method to query information for this object type. - - The information class. - The buffer to return data in. - Return length from the query. - The NT status code for the query. - - - - Method to set information for this object type. - - The information class. - The buffer to set data from. - The NT status code for the set. - - - - Query the information class as an object. - - The information class. - True to throw on error. - The information class as an object. - - - - Get object ID for current file - - The object ID as a string - Thrown on error. - - - - Get object ID for current file as a number. - - The object ID as a number. - Thrown on error. - - - - Get or set the attributes of a file. - - The file attributes - Thrown on error. - - - - Get or set the creation time. - - - - - Get or set the last access time. - - - - - Get or set the last write time. - - - - - Get or set the change time. - - - - - Get file information, which is times, attributes and sizes. - - - - - Get or set the file as sparse. - - - - - Get whether this file represents a directory. - - - - - Get whether this file repsents a reparse point. - - - - - The result of opening the file, whether it was created, overwritten etc. - - - - - Get or set the current file position. - - - - - Get or sets the file's length - - - - - Get the file's allocation size. - - - - - Get the number of links. - - - - - Get whether delete is pending. - - - - - Get the Win32 path name for the file. - - The path, string.Empty on error. - - - - Get the low-level device type of the file. - - The file device type. - - - - Get the low-level device characteristics of the file. - - The file device characteristics. - - - - Get filesystem and volume information. - - - - - Get or set the file's compression format. - - - - - Gets whether the file is on a remote file system. - - - - - Get or set whether this file/directory is case sensitive. - - - - - Get or set whether this file/directory is case sensitive. - - - - - Get the file mode. - - - - - Get file access information. - - - - - Get the filename with the volume path. - - - - - Get the normalized filename with the volume path. - - - - - Get the associated short filename - - - - - Get the associated short filename - - - - - Get the normalized name. - - - - - Get or set the storage reserve ID. - - - - - Returns whether this object is a container. - - - - - Get or set the read only status of the file. - - - - - Is the file compressed. - - - - - Get remote protocol information. - - - - - Get the granted access as directory rights. - - - - - Get the file system control flags. - - - - - Get persist volume flags. - - - - - Return the status information field. (32 bit) - - - - - Class representing file information. - - - - - Time of creation. - - - - - Time of last access. - - - - - Time of last write. - - - - - Time of change. - - - - - Length of the file. - - - - - Length of the file, alias of EndOfFile. - - - - - Allocation size. - - - - - File attributes. - - - - - Has the file got a set of attributes set. - - The attributes to check. - True if it has the attributes. - - - - Is the file a directory. - - - - - Is the file a reparse point. - - - - - Class to represent a directory entry. - - - - - Index of the file. - - - - - File name. - - - - - Class to represent a directory entry with file IDs. - - - - - Length of any EA buffer. - - - - - The file reference number if known. - - - - - Class to represent a directory entry with short names. - - - - - Length of any EA buffer. - - - - - The short name of the file. - - - - - Class to represent a directory entry with short names and file ids. - - - - - Length of any EA buffer. - - - - - The short name of the file. - - - - - The file reference number if known. - - - - - Class to represent a file quota entry. - - - - - Class to represet a file object ID. - - - - - Full path to the file with the reparse point. - - - - - Win32 path to the file with the reparse point. - - - - - Reference number for the file. - - - - - The file's attributes. - - - - - The file's object ID. - - - - - The file's extended info. - - - - - File's birth volume ID. - - - - - File's birth object ID. - - - - - File's domain ID. - - - - - Class to represent a file reparse point. - - - - - Full path to the file with the reparse point. - - - - - Win32 path to the file with the reparse point. - - - - - Reference number for the file. - - - - - The file's attributes. - - - - - The reparse point buffer. - - - - - The reparse point tag. - - - - - Utility functions for files - - - - - Convert a DOS filename to an absolute NT filename - - The filename, can be relative - True to throw on error. - The NT filename - - - - Convert a DOS filename to an absolute NT filename - - The filename, can be relative - The NT filename - - - - Convert a DOS filename to an absolute NT filename - - List of paths to combine before converting. - The NT filename - - - - Convert a DOS filename to an NT filename and get as an ObjectAttributes structure - - The DOS filename. - The object attribute flags. - An optional security quality of service. - An optional security descriptor. - True to throw on error. - The object attributes - - - - Convert a DOS filename to an NT filename and get as an ObjectAttributes structure - - The DOS filename. - The object attribute flags. - An optional security quality of service. - An optional security descriptor. - The object attributes - - - - Convert a DOS filename to an NT filename and get as an ObjectAttributes structure - - The filename - The object attributes - - - - Convert a DOS filename to a UNICODE_STRING structure - - The DOS filename - The UNICODE_STRING - - - - Get type of DOS path - - The DOS filename - The type of DOS path - - - - Map directory access rights to file access rights. - - The directory access rights to map. - The mapped access rights. - - - - Convert a file ID long to a string. - - The file ID to convert - The string format of the file id. - - - - Convert a string to a file ID. - - The file ID as a string (must be 4 characters). - The file ID as a long. - - - - Get if a reparse tag is a Microsoft defined one. - - The reparse tag. - True if it's a Microsoft reparse tag. - - - - Get if a reparse tag is a name surrogate. - - The reparse tag. - True if it's a surrogate reparse tag. - - - - Get if a reparse tag is a directory which can have children. - - The reparse tag. - True if it's a directory reparse tag which can have children. - - - - Convert a directory access rights mask to a normal file access mask. - - The access to convert. - The converted access rights. - - - - Convert a file access rights mask to a directory file access mask. - - The access to convert. - The converted access rights. - - - - Enable or disable Wow64 FS redirection. - - True to enable FS redirection. - True to throw on error. - The old enable state. - - - - Enable or disable Wow64 FS redirection. - - True to enable FS redirection. - The old enable state. - - - - Split an allocated address into a list of pages. This can be used to pass to - ReadScatter or WriteGather file APIs. - - The base address to split. The address should be page aligned. - The length of bytes to split into pages. This will be rounded up to the next page boundary. - The list of pages. - - - - Split an allocated address into a list of pages. This can be used to pass to - ReadScatter or WriteGather file APIs. - - The allocated buffer to split. The address should be page aligned. - The buffer will be split up based on its length. Note that the length will be rounded up. - The list of pages. - - - - Attempt to convert an NT device filename to a DOS filename. - - The filename to convert. - The converted string. Returns a path prefixed with GLOBALROOT if it doesn't understand the format. - - - - Build a path for an open by ID file. - - The path to the volume. - The ID. - The bytes for the ID path. - - - - Build a path for a file ID volume. - - The path to the volume. - The file reference number. - The bytes for the file ID path. - - - - Build a path for an object ID volume. - - The path to the volume. - The file object ID. - The bytes for the file ID path. - - - - Generate a DOS filename from a full filename. - - The full filename. - True to allow extended characters. - Number of iterations of the algorithm to test. - True throw on error. - The DOS filename. - - - - Generate a DOS filename from a full filename. - - The full filename. - True to allow extended characters. - Number of iterations of the algorithm to test. - The DOS filename. - - - - Generate a DOS filename from a full filename. - - The full filename. - True to allow extended characters. - The DOS filename. - - - - Is the filename a legal 8dot3 name. - - The filename to check. - True if it's a legal 8dot3 name. - - - - Class representing a NT FilterConnectionPort object. Note this is just a dummy object for typing purposes. - - - - - A generic wrapper for any object, used if we don't know the type ahead of time. - - - - - Convert the generic object to the best typed object. - - The typed object. Can be NtGeneric if no better type is known. - - - - Convert the generic object to the best typed object. - - True to throw on error. - The typed object. Can be NtGeneric if no better type is known. - - - - Returns whether this object is a container. - - - - - Class to represent a system handle - - - - - The ID of the process holding the handle - - - - - Get the image path for the process which contains this handle. - - - - - Get name of the process which contains this handle. - - - - - The object type index - - - - - The object type name - - - - - The object type - - - - - The handle attribute flags. - - - - - The handle value - - - - - The address of the object. - - - - - The granted access mask - - - - - The granted access mask as a string. - - - - - The granted access mask as a string. - - - - - Whether the handle is inheritable. - - - - - Whether the handle is protected from close. - - - - - Whether the handle has write access. - - - - - Whether the handle has read access. - - - - - Whether the handle has execute access. - - - - - Whether the handle has full access. - - - - - The name of the object (needs to have set query access in constructor) - - - - - The security of the object (needs to have set query access in constructor) - - - - - Indicates if the handle was valid. - - This can cause the handle's values to be queried which can take time. - - - - Overridden ToString. - - The handle as a string. - - - - Get handle into the current process - - True to throw on error. - The handle to the object - - - - Get handle into the current process - - The handle to the object - - - - Close the handle in the original process. - - True throw on error. - The NT status code. - This is not recommended. - - - - Close the handle in the original process. - - This is not recommended. - - - - Class to call NT heap APIs. - - - - - Allocate a buffer from the heap. - - Heap flags. - Size of the allocation. - True to throw on error. - The allocated memory address. - - - - Allocate a buffer from the heap. - - Heap flags. - Size of the allocation. - The allocated memory address. - - - - Free a buffer from the heap. - - Heap flags. - Address of the allocation. - True to throw on error. - - - - Free a buffer from the heap. - - Heap flags. - Address of the allocation. - - - - Get the current process heap. - - - - - Class representing an NT IO Completion Port object - - - - - Create an IO Completion Port object - - The object attributes - The desired access for the event - Number of concurrent threads to process I/O packets. 0 for CPU count. - True to throw an exception on error. - The NT status code and object result. - Thrown on error. - - - - Create an IO Completion Port object - - The object attributes - The desired access for the event - Number of concurrent threads to process I/O packets. 0 for CPU count. - The IO Completion Port object. - Thrown on error. - - - - Create an IO Completion Port object - - The path to the IO Completion Port - The root object for relative path names - The desired access for the event - Number of concurrent threads to process I/O packets. 0 for CPU count. - The IO Completion Port object. - Thrown on error. - - - - Create an unnamed IO Completion Port object. - - The IO Completion Port object. - Thrown on error. - - - - Open an IO Completion Port object - - The object attributes - The desired access for the event - The IO Completion Port object. - Thrown on error. - - - - Open an IO Completion Port object - - The object attributes - The desired access for the event - True to throw an exception on error. - The NT status code and object result. - Thrown on error. - - - - Open an IO Completion Port object - - The path to the IO Completion Port - The root object for relative path names - The desired access for the event - The IO Completion Port object. - Thrown on error. - - - - Open an IO Completion Port object - - The path to the IO Completion Port - The IO Completion Port object. - Thrown on error. - - - - Remove a queued status from the queue. - - An optional timeout. - True to throw on error. - The completion result. - Thrown on error or timeout. - - - - Remove a queued status from the queue. - - An optional timeout. - The completion result. - Thrown on error or timeout. - - - - Remove multiple queued status from the queue. - - Maximum number of status to remove. - An optional timeout. - Indicate whether the wait is alertable. - True to throw on error. - Array of completion results. Length can be <= max_count. - - - - Remove multiple queued status from the queue. - - Maximum number of status to remove. - An optional timeout. - Indicate whether the wait is alertable. - Array of completion results. Length can be <= max_count. If timeout then returns an empty array. - - - - Remove multiple queued status from the queue. - - Maximum number of status to remove. - Array of completion results. Length can be <= max_count - - - - Remove a queued status from the queue. Wait for an infinite time for the result. - - The completion result. - - - - Add a queued status to the queue. - - The optional key context. - The optional APC context. - Status code - The information context. - - - - Method to query information for this object type. - - The information class. - The buffer to return data in. - Return length from the query. - The NT status code for the query. - - - - Get current depth of IO Completion Port - - - - - Memory control method. - - - - - Buffered. - - - - - IN Direct. - - - - - OUT Direct. - - - - - Neither. - - - - - Access control flags. - - - - - Any access. - - - - - Read access. - - - - - Write access. - - - - - Represents a NT file IO control code. - - - - - Type of device - - - - - Function number - - - - - Buffering method - - - - - Access of file handle - - - - - Is the function number custom, i.e. has the top bit set. - - - - - Get a known name associated with this IO control code. - - - - - Constructor - - Type of device - Function number - Buffering method - Access of file handle - - - - Constructor - - Raw IO control code to convert. - - - - Static method to create an NtIoControlCode - - The conde as an integer. - The io control code. - - - - Convert the io control code to an Int32 - - The int32 version of the code - - - - Overriden hash code. - - The hash code. - - - - Overridden equals. - - The object to compare against. - True if equal. - - - - Overridden ToString method. - - The IO control code as a string. - - - - Format IO control code with an format specifier. - - The format specified. For example use X to format as a hexadecimal number. - The formatted string. - - - - Format the underlying IO control code with an format specifier. - - The format specified. For example use X to format as a hexadecimal number. - Format provider. - The formatted string. - - - - Class representing a NT Job object - - - - - Create a job object - - The object attributes - Desired access for job. - True to throw an exception on error. - The NT status code and object result. - - - - Create a job object - - The object attributes - Desired access for job. - The Job object. - - - - Create a job object - - The path to the job object (can be null) - The root object when path is relative - Desired access for job. - The Job object - - - - Create a job object - - The path to the job object (can be null) - The root object when path is relative - The Job object - - - - Create an unnamed job object - - The Job object - - - - Open a job object - - The object attributes - Desired access for job. - True to throw an exception on error. - The NT status code and object result. - - - - Open a job object - - The object attributes - Desired access for job. - The Job object - - - - Open a job object - - The path to the job object - The root object when path is relative - Desired access for the job object - The Job object - - - - Open a job object - - The path to the job object - The root object when path is relative - The Job object - - - - Create and initialize a Silo, - - Flags for root directory. - Desired access for the job. - Object attributes. - True to throw on error. - The Job object. - - - - Create and initialize a Silo, - - Flags for root directory. - Desired access for the job. - Object attributes. - The Job object. - - - - Create and initialize a Silo, - - Flags for root directory. - True to throw on error. - The Job object. - - - - Create an initialize a Silo, - - Flags for root directory. - The Job object. - - - - Create and initialize a Server Silo, - - Flags for root directory. - True to throw on error. - Path to the system root. - Event to signal when silo deleted. - True if a downlevel container. - Desired access for the job. - Object attributes. - The Job object. - - - - Create and initialize a Server Silo, - - Flags for root directory. - Path to the system root. - Event to signal when silo deleted. - True if a downlevel container. - Desired access for the job. - Object attributes. - The Job object. - - - - Create and initialize a Server Silo, - - Flags for root directory. - True to throw on error. - Path to the system root. - Event to signal when silo deleted. - True if a downlevel container. - The Job object. - - - - Create and initialize a Server Silo, - - Flags for root directory. - Path to the system root. - Event to signal when silo deleted. - True if a downlevel container. - The Job object. - - - - Convert Job object into a Silo - - True to throw on error. - The NT status code. - - - - Convert Job object into a Silo - - - - - Initialize a Silo, - - Flags for root directory. - True to throw on error. - The NT status code. - - - - Initialize a Silo, - - Flags for root directory. - - - - Initialize a Silo to a Server Silo. - - Event to signal when silo deleted. - True if a downlevel container. - True to throw on error. - The NT status code. - You must have set a system root and added a \Device directory (which shadows the real directory) to the silo object directory. - - - - Initialize a Silo to a Server Silo. - - Event to signal when silo deleted. - True if a downlevel container. - The NT status code. - - - - Create the silo's root object directory. - - The flags for the creation. - True to throw on error. - The NT status code. - - - - Create the silo's root object directory. - - The flags for the creation. - The NT status code. - - - - Assign a process to this job object. - - The process to assign. - - - - Assign a process to this job object. - - True to throw on error. - The process to assign. - The NT status code. - - - - Assign a process to this job object using current Job on Windows 1709+. - - - - - Assign a process to this job object using current Job on Windows 1709+. - - - - - Associate a completion port with the job. - - The completion port. - The key associated with the port. - - - - Terminate this job object. - - The termination status. - True to throw on error. - The NT status code. - - - - Terminate this job object. - - The termination status. - - - - Set the limit flags for the job. - - The limit flags. - True to throw on error. - The NT status code. - - - - Set the limit flags for the job. - - The limit flags. - - - - Set the Silo system root directory. - - The absolute path to the system root directory. - True to throw on error. - The system_root path must start with a capital drive letter and not end with a backslash. - The NT status code. - - - - Set the Silo system root directory. - - The absolute path to the system root directory. - The system_root path must start with a capital drive letter and not end with a backslash. - - - - Set the active process limit. - - The number of active processes in the job. - True to throw on error. - The NT status code. - - - - Set the active process limit. - - The number of active processes in the job. - - - - Set minimum and maximum working set size. - - The minimum working set size. - The maximum working set size. - True to throw on error. - The NT status code. - - - - Set minimum and maximum working set size. - - The minimum working set size. - The maximum working set size. - - - - Set the process memory limit. - - The memory limit for a process. - True to throw on error. - The NT status code. - - - - Set the process memory limit. - - The memory limit for a process. - The NT status code. - - - - Set the job memory limit. - - The memory limit for a job. - True to throw on error. - The NT status code. - - - - Set the job memory limit. - - The memory limit for a job. - The NT status code. - - - - Set the time limit for a process. - - The time limit for a process, in 100ns ticks. Set to 0 to clear the timeout. - True to throw on error. - The NT status code. - - - - Set the time limit for a process. - - The time limit for a process, in 100ns ticks. Set to 0 to clear the timeout. - - - - Set the time limit for a process. - - The time limit for a process. - True to throw on error. - The NT status code. - - - - Set the time limit for a process. - - The time limit for a process. - - - - Set the time limit for a job. - - The time limit for a job, in 100ns ticks. Set to 0 to clear timeout. - True to throw on error. - The NT status code. - - - - Set the time limit for a job. - - The time limit for a job, in 100ns ticks. Set to 0 to clear timeout. - - - - Set the time limit for a job. - - The time limit for a job. - True to throw on error. - The NT status code. - - - - Set the time limit for a job. - - The time limit for a job. - - - - Get list of process IDs in Job. - - True to throw on error. - The list of process IDs. - - - - Get list of process IDs in Job. - - The list of process IDs. - - - - Set UI Restriction Flags. - - The UI Restriction Flags. - True to throw on error. - The NT status code. - - - - Set UI Restriction Flags. - - The UI Restriction Flags. - The NT status code. - - - - Query Silo Root directory. - - True to throw on error. - The silo root directory. - - - - Get Silo basic information. - - True to throw on error. - The Silo Basic Information. - - - - Get Silo basic information. - - True to throw on error. - The Server Silo Basic Information. - - - - Get Silo user shared data. - - True to throw on error. - The Silo User Shared Data. - - - - Get whether this job object can be impersonated. - - True to throw on error. - True if the job object can be impersonated. - - - - Enable thread impersonation on this job object. - - True to throw on error. - The NT status code. - - - - Method to query information for this object type. - - The information class. - The buffer to return data in. - Return length from the query. - The NT status code for the query. - - - - Method to set information for this object type. - - The information class. - The buffer to set data from. - The NT status code for the set. - - - - Get or set completion filter for job object. - - - - - The count of completions for the job. - - - - - Get or set the Maximum Bandwith NetRate limitation. - - - - - Get or set the DSCP Tag NetRate limitation. - - - - - Get or set the active process limit. - - - - - Get or set the active process limit. - - - - - Get or set the minimum working set size. - - - - - Get or set the maximum working set size. - - - - - Get or set the process time limit. - - - - - Get or set the process time limit. - - - - - Get or set the process memory limit. - - - - - Get or set the process memory limit. - - - - - Get used peak job memory used. - - - - - Get used peak job memory used. - - - - - Get or set the job limit flags. - - - - - Get or set the job UI Restriction flags. - - - - - Get or set whether job breakaway is allowed. - - - - - Get or set whether silenty job breakaway is allowed. - - - - - ID of container. - - - - - ID of container telemetry. - - - - - Job ID. - - - - - Get the Silo's Root Directory. - - - - - Get Silo basic information. - - - - - Get Silo basic information. - - - - - Get Silo user shared data. - - - - - Get or set the thread impersonation status. - - - - - Get whether this Job object is a silo. - - - - - Class to represent an NT Key object - - - - - Load a new hive - - The destination path - The path to the hive - Load flags - The opened root key - Thrown on error. - - - - Load a new hive - - Object attributes for the key name - Object attributes for the path to the hive file - Load flags - Desired access for the root key - The opened root key - Thrown on error. - - - - Load a new hive - - Object attributes for the key name - Object attributes for the path to the hive file - Load flags - Desired access for the root key - Key that this hive will be trusted for. - Event handle for key load. - True to throw an exception on error. - The NT status code and object result. - - - - Load a new hive and do not open the root key. - - Object attributes for the key name - Object attributes for the path to the hive file - Load flags - Key that this hive will be trusted for. - Event handle for key load. - True to throw an exception on error. - The NT status code. - - - - Load a new hive - - Object attributes for the key name - Object attributes for the path to the hive file - Load flags - Desired access for the root key - Key that this hive will be trusted for. - Event handle for key load. - The opened key. - - - - Load a new hive and do not open the root key. - - Object attributes for the key name - Object attributes for the path to the hive file - Load flags - Key that this hive will be trusted for. - Event handle for key load. - - - - Load a new hive - - Object attributes for the key name - Object attributes for the path to the hive file - Load flags - Desired access for the root key - True to throw an exception on error. - The NT status code and object result. - - - - Load a new hive - - Object attributes for the key name - Object attributes for the path to the hive file - Load flags - Desired access for the root key - Token to open the hive files under. - Key that this hive will be trusted for. - Event handle for key load. - True to throw an exception on error. - The NT status code and object result. - - - - Load a new hive and do not open the root key. - - Object attributes for the key name - Object attributes for the path to the hive file - Load flags - Token to open the hive files under. - Key that this hive will be trusted for. - Event handle for key load. - True to throw an exception on error. - The NT status code. - - - - Load a new hive - - Object attributes for the key name - Object attributes for the path to the hive file - Load flags - Desired access for the root key - Token to open the hive files under. - Key that this hive will be trusted for. - Event handle for key load. - The loaded key. - - - - Load a new hive and do not open the root key. - - Object attributes for the key name - Object attributes for the path to the hive file - Load flags - Token to open the hive files under. - Key that this hive will be trusted for. - Event handle for key load. - - - - Unload an existing hive. - - Object attributes for the key name - Unload flags - True to throw an exception on error. - The NT status code. - - - - Unload an existing hive. - - Path to key to unload. - Unload flags - Thrown on error. - - - - Unload an existing hive. - - Path to key to unload. - Thrown on error. - - - - Create a new Key - - Object attributes for the key name - Desired access for the root key - Create options - Optional transaction object. - True to throw an exception on error. - The NT status code and object result. - - - - Create a new Key - - Object attributes for the key name - Desired access for the root key - Create options - True to throw an exception on error. - The NT status code and object result. - - - - Create a new Key - - Object attributes for the key name - Desired access for the root key - Create options - The opened key - Thrown on error. - - - - Create a new Key - - Object attributes for the key name - Desired access for the root key - Create options - Optional transaction object. - The NT status code and object result. - - - - Create a new Key - - Path to the key to create - Root key if key_name is relative - Desired access for the root key - Create options - The opened key - Thrown on error. - - - - Try and open a Key - - Object attributes for the key name - Desired access for the root key - Open options. - Optional transaction object. - True to throw an exception on error. - The NT status code and object result. - - - - Try and open a Key - - Object attributes for the key name - Desired access for the root key - Open options. - True to throw an exception on error. - The NT status code and object result. - - - - Try and open a Key - - Path to the key to open - Root key if key_name is relative - Desired access for the root key - Open options. - Optional transaction object. - True to throw an exception on error. - The NT status code and object result. - - - - Try and open a Key - - Path to the key to open - Root key if key_name is relative - Desired access for the root key - Open options. - True to throw an exception on error. - The NT status code and object result. - - - - Open a Key - - Object attributes for the key name - Desired access for the root key - Open options. - The opened key - Thrown on error. - - - - Open a Key - - Object attributes for the key name - Desired access for the root key - Open options. - Optional transaction object. - The opened key - Thrown on error. - - - - Open a Key - - Path to the key to open - Root key if key_name is relative - Desired access for the root key - The opened key - Thrown on error. - - - - Query a license value. While technically not directly a registry key - it has many of the same properties such as using the same registry - value types. - - The name of the license value. - True to throw an exception on error - The license value key - - - - Query a license value. While technically not directly a registry key - it has many of the same properties such as using the same registry - value types. - - The name of the license value. - The license value key - - - - Create a registry key symbolic link - - Root key if path is relative - Path to the key to create - Target resistry path - The created symbolic link key - Thrown on error. - - - - Open the machine key - - The opened key with the maximum access allowed. - Thrown on error. - - - - Open the machine key - - The opened key with the maximum access allowed. - True to throw on error. - Thrown on error. - - - - Open the user key - - The opened key - Thrown on error. - - - - Open the user key - - The opened key with the maximum access allowed. - True to throw on error. - Thrown on error. - - - - Open a specific user key - - The SID of the user to open - The opened key - Thrown on error. - - - - Open the user key - - The SID of the user to open - True to throw on error. - The opened key with the maximum access allowed. - Thrown on error. - - - - Open the current user key - - The opened key - Thrown on error. - - - - Open the current user key - - True to throw on error. - The opened key with the maximum access allowed. - Thrown on error. - - - - Open the root key - - The opened key - Thrown on error. - - - - Open the root key - - The opened key with the maximum access allowed. - True to throw on error. - Thrown on error. - - - - Create a new Key - - Path to the key to create - The opened key - Thrown on error. - - - - Create a new Key - - Path to the key to create - Desired access for the root key - Create options - The opened key - Thrown on error. - - - - Delete the key - - True to throw on error. - - - - Delete the key - - - - - Set a resistry value - - The name of the value - The type of the value - The raw value data - True to throw on error. - Thrown on error. - The NT status code. - - - - Set a resistry value - - The name of the value - The type of the value - The raw value data - Thrown on error. - - - - Set a string resistry value - - The name of the value - The type of the value - The value data - True to throw on error. - Thrown on error. - The NT status code. - - - - Set a string resistry value as REG_SZ. - - The name of the value - The value data - True to throw on error. - Thrown on error. - The NT status code. - - - - Set a string resistry value - - The name of the value - The type of the value - The value data - Thrown on error. - - - - Set a string resistry value as REG_SZ. - - The name of the value - The value data - Thrown on error. - - - - Set a list of strings as a resistry value. - - The name of the value - The list of strings to set. - True to throw on error. - Thrown on error. - The NT status code. - - - - Set a list of strings as a resistry value. - - The name of the value - The list of strings to set. - Thrown on error. - - - - Set a DWORD resistry value - - The name of the value - The value data - True to throw on error. - Thrown on error. - The NT status code. - - - - Set a DWORD resistry value - - The name of the value - The value data - True to set the value of big endian. - True to throw on error. - Thrown on error. - The NT status code. - - - - Set a QWORD resistry value - - The name of the value - The value data - True to throw on error. - Thrown on error. - The NT status code. - - - - Set a DWORD resistry value - - The name of the value - The value data - Thrown on error. - - - - Set a DWORD resistry value - - The name of the value - The value data - True to set the value of big endian. - Thrown on error. - - - - Set a QWORD resistry value - - The name of the value - The value data - Thrown on error. - - - - Delete a registry value - - The name of the value - True to throw on error. - Thrown on error. - The NT status code. - - - - Delete a registry value - - The name of the value - Thrown on error. - - - - Query a value by name - - The name of the value - True to throw on error - The value information - - - - Query a value by name - - The name of the value - The value information - Thrown on error. - - - - Query all values for this key - - A list of values - Thrown on error. - - - - Query all subkey entries. - - The list of subkey entries - Thrown on error. - - - - Query all subkey names - - The list of subkey names - Thrown on error. - - - - Return a list of subkeys which can be accessed. - - The required access rights for the subkeys - True to open link keys rather than following the link. - True to open keys with backup flag set. - The disposable list of subkeys. - - - - Return a list of subkeys which can be accessed. - - The required access rights for the subkeys - The disposable list of subkeys. - Thrown on error. - - - - Set a symbolic link target for this key (must have been created with - appropriate create flags) - - The symbolic link target. - True to throw on error. - The NT status code. - Thrown on error. - - - - Set a symbolic link target for this key (must have been created with - appropriate create flags) - - The symbolic link target. - - - - Get the symbolic link target for this key. - - True to throw on error. - The symbolic link target. - Thrown on error. - - - - Get the symbolic link target for this key. - - The symbolic link target. - Thrown on error. - - - - Open a key - - The path to the key to open - The opened key - Thrown on error. - - - - Open a key - - The path to the key to open - Access rights for the key - The opened key - Thrown on error. - - - - Open a key - - The path to the key to open - Access rights for the key - True to throw on error. - The opened key - Thrown on error. - - - - Open a key - - The path to the key to open - Access rights for the key - Key open options. - True to throw on error. - The opened key - Thrown on error. - - - - Reopen the key with different access rights. - - The access rights to reopen with. - Open options. - True to throw on error. - The opened key. - - - - Reopen the key with different access rights. - - The access rights to reopen with. - The object attributes to open with. - Open options. - True to throw on error. - The opened key. - - - - Reopen the key with different access rights. - - The access rights to reopen with. - Open options. - The opened key. - - - - Convert object to a .NET RegistryKey object - - The registry key object - - - - Rename key. - - The new name for the key. - True to throw on error. - The NT status code. - Thrown on error. - - - - Rename key. - - The new name for the key. - Thrown on error. - - - - Save the opened key into a file. - - The file to save to. - Save key flags - True to throw on error. - The NT status code. - Thrown on error. - - - - Save the opened key into a file. - - The file to save to. - Save key flags - - - - Save the opened key into a file. - - The file path to save to. - Save key flags - True to throw on error. - The NT status code. - Thrown on error. - - - - Save the opened key into a file. - - The file path to save to. - Save key flags - - - - Save the opened key into a file. - - The file path to save to. - - - - Restore key from a file. - - The file to restore from - Restore key flags - True to throw on error. - The NT status code. - Thrown on error. - - - - Restore key from a file. - - The file to restore from - Restore key flags - - - - Restore key from a file. - - The file path to restore from - Restore key flags - True to throw on error. - The NT status code. - Thrown on error. - - - - Restore key from a file. - - The file path to restore from - Restore key flags - - - - Restore key from a file. - - The file path to restore from - - - - Try and lock the registry key to prevent further modification. - - Note that this almost certainly never works from usermode, there's an explicit - check to prevent it in the kernel. - - - - Wait for a change on the registry key. - - Specify what changes will be notified. - True to watch the entire tree. - The status from the change notification. - Thrown on error. - - - - Wait for a change on thie registry key asynchronously. - - Specify what changes will be notified. - True to watch the entire tree. - The status from the change notification. - Thrown on error. - - - - Visit all accessible keys under this one. - - A function to be called on every accessible key. Return true to continue enumeration. - Specify the desired access for the keys. - True to recurse into sub keys. - Specify max recursive depth. -1 to not set a limit. - Open the key using backup privileges. - - - - Visit all accessible directories under this one. - - A function to be called on every accessible directory. Return true to continue enumeration. - - - - Visit all accessible directories under this one. - - A function to be called on every accessible directory. Return true to continue enumeration. - True to recurse into sub directories. - - - - Visit all accessible directories under this one. - - A function to be called on every accessible directory. Return true to continue enumeration. - Specify the desired access for the directory - True to recurse into sub directories. - Open the key using backup privileges. - - - - Method to query information for this object type. - - The information class. - The buffer to return data in. - Return length from the query. - The NT status code for the query. - - - - Method to set information for this object type. - - The information class. - The buffer to set data from. - The NT status code for the set. - - - - Get key last write time - - The last write time - Thrown on error. - - - - Get key subkey count - - The subkey count - Thrown on error. - - - - Get key value count - - The key value count - Thrown on error. - - - - Get the key title index - - The key title index - Thrown on error. - - - - Get the key class name - - The key class name - Thrown on error. - - - - Get the maximum key value name length - - The maximum key value name length - Thrown on error. - - - - Get the maximum key value data length - - The maximum key value data length - Thrown on error. - - - - Get the maximum subkey name length - - The maximum subkey name length - Thrown on error. - - - - Get the maximum class name length - - The maximum class name length - Thrown on error. - - - - Get the key path as a Win32 style one. If not possible returns - the original path. - - - - - The disposition when the key was created. - - - - - Indicates the handle is a special pre-defined one by the kernel. - - - - - Get or set virtualization flags. - - - - - Get or set key control flags. - - - - - Get or set wow64 flags. - - - - - Get key flags. - - - - - Indicates if this key is from a trusted hive. - - - - - Indicates if this key is a symbolic link. - - - - - Indicates if this key is volatile. - - - - - Get the name from NtQueryKey. - - - - - Returns whether this object is a container. - - - - - A key entry. - - - - - The name of the key. - - - - - The last write time. - - - - - The key's title index. - - - - - Class to represent a loaded hive from the Hive List. - - - - - Path to the root key. - - - - - Path to the hive file. - - - - - Utilities for registry keys. - - - - - Convert a Win32 style keyname such as HKEY_LOCAL_MACHINE\Path into a native key path. - - The win32 style keyname to convert. - The converted keyname. - Thrown if invalid name. - - - - Attempt to convert an NT style registry key name to Win32 form. - If it's not possible to convert the function will return the - original form. - - The NT path to convert. - The converted path, or original if it can't be converted. - - - - Query list of loaded hives from the Registry. - - Convert the file path to a DOS path. - The list of loaded hives. - - - - Query list of loaded hives from the Registry. - - The list of loaded hives. - - - - Class representing a single Key value - - - - - Name of the value - - - - - Type of the value - - - - - Raw data for the value - - - - - Title index for the value - - - - - Get the value as an object. - - - - - Convert the value to a string - - The value as a string - - - - Convert value to an object - - The value as an object - - - - LDR static methods. - - - - - Get address of a procedure in a mapped image. - - The handle to the mapped image. - The name of the procedure to find. - True to throw on error. - The procedure address. - - - - Get address of a procedure in a mapped image. - - The handle to the mapped image. - The name of the procedure to find. - The procedure address. - - - - Class to access NT locale information - - - - - Get mapped NLS section - - The type of section - The codepage number - True to throw on error. - The mapped section if it exists. - - - - Get mapped NLS section - - The type of section - The codepage number - The mapped section if it exists. - - - - Get default locale ID - - True if the locale should be the thread's, otherwise the systems - True to throw on error. - The locale ID - - - - Get default locale ID - - True if the locale should be the thread's, otherwise the systems - The locale ID - - - - Set default locale - - True if the locale should be the thread's, otherwise the systems - True to throw on error. - The locale ID - The NT status code. - - - - Set default locale - - True if the locale should be the thread's, otherwise the systems - The locale ID - - - - Class representing a NT File Mailslot client object - - - - - Set the mailslot read timeout. - - The timeout to set. - True to throw on error. - The NT Status code. - - - - Peek on the current status of the Mailslot. - - True to throw on error. - The peek status. - - - - Peek on the current status of the Mailslot. - - The peek status. - - - - Get or set the Read Timeout. - - - - - Get maximum message size. - - - - - Get mailslot quota. - - - - - Get next message size. - - - - - Get messages available. - - - - - Class representing a mapped section - - - - - The process which the section is mapped into - - - - - The valid length of the mapped section from the current position. - - This doesn't take into account the possibility of fragmented commits. - - - - Get full path for mapped section. - - - - - Query the memory protection setting for this mapping. - - - - - Get image signing level. - - - - - Get the base address of the mapped section. - - - - - Release the internal handle - - - - - - Checks if this mapped view represents the same file. - - The address to check. - True to throw on error. - True if the mapped view represents the same file. - - - - Checks if this mapped view represents the same file. - - The address to check. - True if the mapped view represents the same file. - - - - Detaches the current buffer and allocates a new one. - - Specify a new length for the detached buffer. Must be <= Length. - The detached buffer. - The original buffer will become invalid after this call. - - - - Class representing a NT Mutant object - - - - - Create a new mutant - - The path to the mutant - The root object if path is relative - True to set current thread as initial owner - The opened mutant - Thrown on error - - - - Create a new mutant - - Object attributes - True to set current thread as initial owner - Desired access for mutant - The opened mutant - Thrown on error - - - - Create a new mutant - - Object attributes - True to set current thread as initial owner - Desired access for mutant - True to throw an exception on error. - The NT status code and object result. - - - - Open a mutant - - The path to the mutant - The root object if path is relative - Desired access for mutant - The opened mutant - Thrown on error - - - - Open a mutant - - The path to the mutant - The root object if path is relative - The opened mutant - Thrown on error - - - - Open a mutant - - Object attributes - Desired access for mutant - The opened mutant - Thrown on error - - - - Open a mutant - - Object attributes - Desired access for mutant - True to throw an exception on error. - The NT status code and object result. - - - - Release the mutant - - True to throw on error. - The previous release count - - - - Release the mutant - - The previous release count - - - - Method to query information for this object type. - - The information class. - The buffer to return data in. - Return length from the query. - The NT status code for the query. - - - - Get the owner of the mutant. - - - - - Get current count. - - - - - Get wether mutant owned by current thread. - - - - - Get whether mutant is abandoned. - - - - - Pipe attribute type. - - - - - The pipe attributes. - - - - - The pipe connect attributes. - - - - - The pipe handle attributes. - - - - - Class to add additional methods to a file for a named pipe. This is a base class for server and client types. - - - - - Get a named attribute from the pipe. - - The attribute type to query. - The name of the attribute. - True to throw on error. - The attribute value as a byte array. - Thrown on error. - - - - Set a named attribute for a pipe. - - The attribute type to set. - The name of the attribute. - The value to set. - True to throw on error. - The status code for the attribute. - Thrown on error. - - - - Set a named attribute for a pipe. - - The attribute type to set. - The name of the attribute. - The value to set. - Thrown on error. - - - - Set a named attribute for a pipe. - - The attribute type to set. - The name of the attribute. - The value to set. - True to throw on error. - The status code for the attribute. - Thrown on error. - - - - Set a named attribute for a pipe. - - The attribute type to set. - The name of the attribute. - The value to set. - Thrown on error. - - - - Set a named attribute for a pipe. - - The attribute type to set. - The name of the attribute. - The value to set. - True to throw on error. - The status code for the attribute. - Thrown on error. - - - - Set a named attribute for a pipe. - - The attribute type to set. - The name of the attribute. - The value to set. - Thrown on error. - - - - Get a named attribute from the pipe. - - The attribute type to query. - The name of the attribute. - The attribute value as a byte array. - Thrown on error. - - - - Get a named attribute from the pipe as an integer. - - The attribute type to query. - The name of the attribute. - True to throw on error. - The attribute value as an integer. - Thrown on error. - - - - Get a named attribute from the pipe as an integer. - - The attribute type to query. - The name of the attribute. - The attribute value as an integer. - Thrown on error. - - - - Get a named attribute from the pipe as an integer. - - The attribute type to query. - The name of the attribute. - True to throw on error. - The attribute value as an integer. - Thrown on error. - - - - Get a named attribute from the pipe as an integer. - - The attribute type to query. - The name of the attribute. - The attribute value as an integer. - Thrown on error. - - - - Send and receive a message in one call. - - The input buffer to send. - The maximum output size. - True to throw on error. - The received buffer. - - - - Send and receive a message in one call. - - The input buffer to send. - The maximum output size. - The received buffer. - - - - Send and receive a message in one call. - - The input buffer to send. - The maximum output size. - True to throw on error. - The received buffer. - - - - Send and receive a message in one call. - - The input buffer to send. - The maximum output size. - The received buffer. - - - - Set pipe information flags. - - The read mode to set. - The completion mode. - True to throw on error. - The NT status code. - - - - Set pipe information flags. - - The read mode to set. - The completion mode. - - - - Query the information class as an object. - - The information class. - True to throw on error. - The information class as an object. - - - - Pipe completion mode. - - - - - Pipe read mode. - - - - - Pipe type. - - - - - Pipe configuration. - - - - - Maximum instances of the pipe, -1 is unlimited. - - - - - Current pipe instances. - - - - - Inbound quota. - - - - - Available bytes to read. - - - - - Outbound quota. - - - - - Available outbound quota. - - - - - Connect state of the named pipe. - - - - - Type of pipe endpoint. - - - - - Class to add additional methods to a file for a named pipe server. - - - - - Listen for a new connection to this named pipe server. - - - - - Listen for a new connection to this named pipe server asynchronously. - - An optional cancellation token. - The async task to complete. - - - - Listen for a new connection to this named pipe server asynchronously. - - The async task to complete. - - - - Disconnect this named pipe server. - - - - - Disconnect this named pipe server asynchronously. - - An optional cancellation token. - The async task to complete. - - - - Disconnect this named pipe server asynchronously. - - The async task to complete. - - - - Impersonate the client of the named pipe. - - The impersonation context. Dispose to revert to self. - - - - Get client process ID. - - - - - Get client session ID. If this is 0 then the client is local, otherwise it's set by the SMB server. - - - - - Get client computer name. - - - - - Get the default named pipe ACL for the current caller. - - The default named pipe ACL. - - - - Class to add additional methods to a file for a named pipe client. - - - - - Disables impersonation on a named pipe. - - - - - Get server process ID. - - - - - Get client session ID. - - - - - A pair of named pipes. - - - - - Read pipe for the pair. - - - - - Write pipe for the pair. - - - - - Base class for all NtObject types we handle - - - - - Get the basic information for the object. - - The basic information - - - - Base constructor - - Handle to the object - - - - Duplicate the internal handle to a new handle. - - Attribute flags for new handle - The source handle to duplicate - The source process to duplicate from - The desination process for the handle - Duplicate handle options - The access rights for the new handle - True to throw an exception on error. - The NT status code and object result. - - - - Duplicate the internal handle to a new handle. - - The source handle to duplicate - The desination process for the handle - Duplicate handle options - The access rights for the new handle - The duplicated handle. - - - - Duplicate a handle from the current process to a new handle with the same access rights. - - The source handle to duplicate - The desination process for the handle - The duplicated handle. - - - - Duplicate a handle from and to the current process to a new handle with the same access rights. - - The source handle to duplicate - The duplicated handle. - - - - Duplicate a handle from and to the current process to a new handle with the same access rights. - - The source handle to duplicate - True to throw on error. - The duplicated handle. - - - - Duplicate a handle from and to the current process to a new handle with new access rights. - - The source handle to duplicate - The access for the new handle. - The duplicated handle. - - - - Indicates whether a specific type of kernel object can be opened. - - The kernel typename to check. - True if this type of object can be opened. - - - - Open an NT object with a specified type. - - The type to open. If null the method will try and lookup the appropriate type. - Object attributes for object. - Generic access rights to the object. - True to throw on error. - The opened object. - Thrown if an error occurred opening the object. - - - - Open an NT object with a specified type. - - The name of the type to open (e.g. Event). If null the method will try and lookup the appropriate type. - The path to the object to open. - A root directory to open from. - Generic access rights to the object. - Attributes to open the object. - Security quality of service. - True to throw on error. - The opened object. - Thrown if an error occurred opening the object. - - - - Open an NT object with a specified type. - - The name of the type to open (e.g. Event). If null the method will try and lookup the appropriate type. - The path to the object to open. - A root directory to open from. - Generic access rights to the object. - Attributes to open the object. - Security quality of service. - The opened object. - Thrown if an error occurred opening the object. - - - - Open an NT object with a specified type. - - The name of the type to open (e.g. Event). If null the method will try and lookup the appropriate type. - The path to the object to open. - A root directory to open from. - Generic access rights to the object. - The opened object. - Thrown if an error occurred opening the object. - Thrown if type of resource couldn't be found. - - - - Close a handle in another process. - - The source handle to close. - The source process containing the handle to close. - True to throw an exception on error. - The NT status code. - - - - Close a handle in another process. - - The source handle to close. - The source process containing the handle to close. - - - - Close a handle in another process by PID. - - The source handle to close. - The source process ID containing the handle to close. - True to throw an exception on error. - The NT status code. - - - - Close a handle in another process by PID. - - The source handle to close. - The source process ID containing the handle to close. - - - - Close a handle. - - The handle to close. - The NT status code. - - - - Close a handle. - - The handle to close. - The NT status code. - - - - Duplicate a handle to a new handle, potentially in a different process. - - Attribute flags for new handle - The source handle to duplicate - The source process to duplicate from - The desination process for the handle - Duplicate handle options - The access rights for the new handle - True to throw an exception on error. - The NT status code and object result. - - - - Duplicate a handle to a new handle, potentially in a different process. - - Attribute flags for new handle - The source handle to duplicate - The source process to duplicate from - The desination process for the handle - Duplicate handle options - The access rights for the new handle - The NT status code and object result. - - - - Duplicate object. - - Access rights to duplicate with. - Attribute flags. - Duplicate options - True to throw an exception on error. - The duplicated object. - - - - Duplicate object. - - Access rights to duplicate with. - Attribute flags. - Duplicate options - The duplicated object. - - - - Duplicate object with specific access rights. - - Access rights to duplicate with. - The duplicated object. - - - - Duplicate object with same access rights. - - The duplicated object. - - - - Duplicate the object handle as a WaitHandle. - - The wait handle. - - - - Check if access is granted to a set of rights - - The access rights to check - True if all the access rights are granted - - - - Get security descriptor as a byte array - - What parts of the security descriptor to retrieve - The security descriptor - - - - Get security descriptor as a byte array - - What parts of the security descriptor to retrieve - True to throw on error. - The NT status result and security descriptor. - - - - Get security descriptor as a byte array - - Returns an array of bytes for the security descriptor - - - - Set the object's security descriptor - - The security descriptor to set. - What parts of the security descriptor to set - True to throw on error. - The NT status result. - - - - Set the object's security descriptor - - The security descriptor to set. - What parts of the security descriptor to set - - - - Set the object's security descriptor - - The security descriptor to set. - What parts of the security descriptor to set - - - - Set the object's security descriptor - - The security descriptor to set. - What parts of the security descriptor to set - True to throw on error. - The NT status code. - - - - Get the security descriptor specifying which parts to retrieve - - What parts of the security descriptor to retrieve - The security descriptor - - - - Get the security descriptor specifying which parts to retrieve - - What parts of the security descriptor to retrieve - True to throw on error. - The security descriptor - - - - Get the security descriptor as an SDDL string - - The security descriptor as an SDDL string - - - - Make the object a temporary object - - True to throw on error. - The NT status code. - - - - Make the object a temporary object - - - - - Make the object a permanent object - - True to throw on error. - The NT status code. - - - - Make the object a permanent object - - - - - Wait on the object to become signaled - - True to make the wait alertable - The time out - The success status of the wait, such as STATUS_SUCCESS or STATUS_TIMEOUT - Thrown on error - - - - Wait on the object to become signaled - - The time out - The success status of the wait, such as STATUS_SUCCESS or STATUS_TIMEOUT - Thrown on error - - - - Wait on the object to become signaled - - True to make the wait alertable - The time out in seconds - The success status of the wait, such as STATUS_SUCCESS or STATUS_TIMEOUT - Thrown on error - - - - Wait on the object to become signaled - - The time out in seconds - The success status of the wait, such as STATUS_SUCCESS or STATUS_TIMEOUT - Thrown on error - - - - Wait on the object to become signaled for an infinite time. - - The success status of the wait, such as STATUS_SUCCESS or STATUS_TIMEOUT - Thrown on error - - - - Wait on the object to become signaled. - - Timeout in seconds. - Cancellation token for wait. - A task to wait on. If result is true then event was signaled. - - - - Wait on the object to become signaled. - - Timeout in seconds. - A task to wait on. If result is true then event was signaled. - - - - Wait on the object to become signaled. - Will wait an infinite time. - - A task to wait on. - - - - Convert an enumerable access rights to a string - - True to try and convert to generic rights where possible. - The string format of the access rights - - - - Convert an enumerable access rights to a string - - The string format of the access rights - - - - Check if this object is exactly the same as another using NtCompareObject. - - The object to compare against. - True if this is the same object. - Thrown on error. - This is only supported on Windows 10 and above. For one which works on everything use SameObject. - - - - Check if this object is exactly the same as another. - - The object to compare against. - True if this is the same object. - Thrown on error. - This function can be slow to run and unreliable. Use CompareObject is Windows 10 or above. - - - - Convert to a string - - The string form of the object - - - - Get full path to the object - - - - - Get the granted access as an unsigned integer - - - - - Get the security descriptor, with Dacl, Owner, Group and Label - - - - - Get the security descriptor as an SDDL string - - The security descriptor as an SDDL string - - - - The low-level handle to the object. - - - - - Get the NT type name for this object. - - The NT type name. - - - - Get the NtType for this object. - - The NtType for the type name - - - - Get the name of the object - - - - - Indicates if the handle can be used for synchronization. - - - - - Get object creation time. - - - - - Get the attribute flags for the object. - - - - - Get number of handles for this object. - - - - - Get reference count for this object. - - - - - Get or set whether the handle is inheritable. - - - - - Get or set whether the handle is protected from closing. - - - - - Get the object's address is kernel memory. - - As getting the address is expensive you need to pass the object to NtSystemInfo::ResolveObjectAddress to intialize. - - - - Returns whether this object is a container. - - - - - Returns whether this object is closed. - - - - - Virtual Dispose method. - - True if disposing, false if finalizing - - - - Finalizer - - - - - Dispose - - - - - Close handle - - - - - Generic access rights. - - - - - Options for duplicating objects. - - - - - Close the original handle. - - - - - Duplicate with the same access. - - - - - Duplicate with the same handle attributes. - - - - - Prevent duplicating handle above the existing access. - - - - - Information class for NtQueryObject - - - - - - Structure to return Object Name - - - - - Structure to return Object basic information - - - - - Type of kernel pool used for object allocation - - - - - Native structure used for getting type information. - - - - - Static utility methods. - - - - - Convert the safe handle to an array of bytes. - - The data contained in the allocaiton. - - - - Convert an NtStatus to an exception if the status is an error - - The NtStatus - The original NtStatus if not an error - Thrown if status is an error. - - - - Convert an NtStatus to an exception if the status is an error and throw_on_error is true. - - The NtStatus - True to throw an exception onerror. - The original NtStatus if not thrown - Thrown if status is an error and throw_on_error is true. - - - - Checks if the NtStatus value is a success - - The NtStatus value - True if a success - - - - Checks if the NtStatus value is an error. - - The NtStatus value - True if an error. - - - - Get the severity of the NTSTATUS. - - The NtStatus value - The severity. - - - - Get the facility of the NTSTATUS. - - The NtStatus value - The facility. - - - - Get the status code of the NTSTATUS. - - The NtStatus value. - The static code. - - - - Is an NTSTATUS a customer code. - - The NtStatus value - True if is a customer code. - - - - Is an NTSTATUS reserved. - - The NtStatus value - True if reserved. - - - - Build a status from it's component parts. - - The severity of the status code. - Is this a customer code? - Is this a reserved code? - The facility. - The status code. - - - - - Convert an NTSTATUS to a message description. - - The status to convert. - The message description, or an empty string if not found. - - - - Convert an integer to an NtStatus code. - - The integer status. - The converted code. - - - - Convert an enumerable access rights to a string - - The granted access mask. - Generic mapping for object type. - Enum type to convert to string. - True to try and convert to generic rights where possible. - The string format of the access rights - - - - Convert an IEnumerable to a Disposable List. - - - - - - - - Run a function on an NtResult and dispose the result afterwards. - - The underlying result type. - The result of the function. - The result. - The function to call. - The default value to return if an error occurred. - The result of func. - If result is not a success then the function is not called. - - - - Run a function on an NtResult and dispose the result afterwards. - - The underlying result type. - The result of the function. - The result. - The function to call. - The result of func. - If result is not a success then the function is not called. - - - - Run an action on an NtResult and dispose the result afterwards. - - The underlying result type. - The result. - The action to call. - If result is not a success then the action is not called. - - - - Run a function on an NtResult and dispose the result afterwards. - - The underlying result type. - The result of the function. - The result. - The function to call. - The result of func. - - - - Run an action on an NtResult and dispose the result afterwards. - - The underlying result type. - The result. - The action to call. - - - - Convert a handle to a known object type. - - The handle. - The object type. - - - - Convert a handle to a known object type. - - The handle. - True to own the handle. - The object type. - - - - Convert a handle to a known object type. - - The handle. - True to own the handle. - The object type. - - - - Map a DOS error to an NT status code. - - The DOS error. - The NT status code. - - - - Map a status to a DOS error code. Takes into account NTWIN32 - status codes. - - The status code. - The mapped DOS error. - - - - Get the last NT status code in this thread set for Win32 last error. - - The last NT status code. - - - - Create an NT result object. If status is successful then call function otherwise use default value. - - The result type. - The associated status code. - Throw an exception on error. - Function to call to create an instance of the result - The created result. - - - - Create a successful NT result object. - - The result type. - The result value. - The created result. - - - - Create an NT result object. If status is successful then call function otherwise use default value. - - The result type. - The associated status code. - Throw an exception on error. - Function to call to create an instance of the result - Function to call on error. - The created result. - - - - Create an NT result object. If status is successful then call function otherwise use default value. - - The result type. - The associated status code. - Throw an exception on error. - Function to call to create an instance of the result - The created result. - - - - A derived class to add some useful functions such as Duplicate - - The derived type to use as return values - An enum which represents the access mask values for the type - - - - Reopen object with different access rights. - - The desired access. - Additional attributes for open. - True to throw on error. - The reopened object. - - - - Reopen object with different access rights. - - The desired access. - True to throw on error. - The reopened object. - - - - Reopen object with different access rights. - - The desired access. - The reopened object. - - - - Duplicate object. - - Access rights to duplicate with. - Attribute flags. - Duplicate options - True to throw an exception on error. - The duplicated object. - - - - Duplicate object. - - Access rights to duplicate with. - Attribute flags. - Duplicate options - True to throw an exception on error. - The duplicated object. - - - - Duplicate object. - - Access rights to duplicate with. - Attribute flags. - Duplicate options - The duplicated object. - - - - Duplicate the object with specific access rights - - The access rights for the new handle - The duplicated object - - - - Duplicate the object with specific access rights - - The access rights for the new handle - True to throw an exception on error. - The duplicated object - - - - Duplicate the object with same access rights - - The duplicated object - - - - Duplicate the object with same access rights - - True to throw on error. - The duplicated object - - - - Get granted access for handle. - - Granted access - - - - Get generic granted access for handle. - - Generic Granted access - - - - Get the maximum permission access for this object based on a token - and it's security descriptor. - - The token to check against. - Returns 0 if can't read the security descriptor. - - - - Get the maximum permission access for this object based on the current token - and its security descriptor. - - Returns 0 if can't read the security descriptor. - - - - Check if a specific set of access rights is granted - - The access rights to check - True if all access rights are granted - - - - Create a new instance from a kernel handle - - The kernel handle - The new typed instance - - - - Create a new instance from a kernel handle - - The kernel handle - True to own the handle. - The new typed instance - - - - Create a new instance from a kernel handle. - - The kernel handle - The call doesn't own the handle. The returned object can't be used to close the handle. - The new typed instance - - - - Duplicate an instance from a process - - The process (with DupHandle access) - The handle value to duplicate - The access rights to duplicate with - The options for duplication. - The attribute flags for the new object. - True to throw an exception on error. - The NT status code and object result. - - - - Duplicate an instance from a process - - The process (with DupHandle access) - The handle value to duplicate - The access rights to duplicate with - The options for duplication. - The attribute flags for the new object. - The NT status code and object result. - - - - Duplicate an instance from a process - - The process (with DupHandle access) - The handle value to duplicate - The access rights to duplicate with - The options for duplication. - True to throw an exception on error. - The NT status code and object result. - - - - Duplicate an instance from a process - - The process ID - The handle value to duplicate - The access rights to duplicate with - The options for duplication. - True to throw an exception on error. - The NT status code and object result. - - - - Duplicate an instance from a process with a specified access rights. - - The process (with DupHandle access) - The handle value to duplicate - The access rights to duplicate. - The duplicated handle - - - - Duplicate an instance from a process - - The process ID - The handle value to duplicate - The access rights to duplicate with - The duplicated handle - - - - Duplicate an instance from a process with same access rights. - - The process (with DupHandle access) - The handle value to duplicate - The duplicated object. - - - - Duplicate an instance from a process with same access rights - - The process ID - The handle value to duplicate - The duplicated handle - - - - Duplicate an instance from current process to an other process - - The destination process (with DupHandle access) - The access rights to duplicate with - The options for duplication. - True to throw an exception on error. - The NT status code and object result. - - - - Duplicate an instance from current process to an other process - - The destination process (with DupHandle access) - The handle value to duplicate - The access rights to duplicate with - The options for duplication. - True to throw an exception on error. - The NT status code and object result. - - - - Duplicate an instance from current process to an other process - - The destination process ID - The handle value to duplicate - The access rights to duplicate with - The options for duplication. - True to throw an exception on error. - The NT status code and object result. - - - - Duplicate an instance from current process to an other process with a specified access rights. - - The destination process (with DupHandle access) - The handle value to duplicate - The access rights to duplicate. - The duplicated handle - - - - Duplicate an instance from current process to an other process - - The destination process ID - The handle value to duplicate - The access rights to duplicate with - The duplicated handle - - - - Duplicate an instance from current process to an other process with same access rights. - - The destination process (with DupHandle access) - The handle value to duplicate - The duplicated object. - - - - Duplicate an instance from current process to an other process with same access rights. - - The destination process (with DupHandle access) - The duplicated object. - - - - Duplicate an instance from current process to an other process with same access rights - - The destination process ID - The handle value to duplicate - The duplicated handle - - - - Duplicate an instance from current process to an other process with same access rights - - The destination process ID - The duplicated handle - - - - Duplicate an instance from a process to an other process - - The source process (with DupHandle access) - The handle value to duplicate - The destination process (with DupHandle access) - The access rights to duplicate with - The options for duplication. - True to throw an exception on error. - The NT status code and object result. - - - - Duplicate an instance from a process to an other process - - The source process ID - The handle value to duplicate - The destination process ID - The access rights to duplicate with - The options for duplication. - True to throw an exception on error. - The NT status code and object result. - - - - Duplicate an instance from a process to an other process with a specified access rights. - - The source process (with DupHandle access) - The handle value to duplicate - The destination process (with DupHandle access) - The access rights to duplicate. - The duplicated handle - - - - Duplicate an instance from a process to an other process - - The source process ID - The handle value to duplicate - The destination process ID - The access rights to duplicate with - The duplicated handle - - - - Duplicate an instance from a process to an other process with same access rights. - - The source process (with DupHandle access) - The handle value to duplicate - The destination process (with DupHandle access) - The duplicated object. - - - - Duplicate an instance from a process to an other process with same access rights - - The source process ID - The handle value to duplicate - The destination process ID - The duplicated handle - - - - Interface to generically query an object. - - - - - Interface to generically set an object. - - - - - A derived class to add some useful functions such as Duplicate as well as generic Query and Set information methods. - - The derived type to use as return values - An enum which represents the access mask values for the type - An enum which represents the information class for query. - An enum which represents the information class for set. - - - - Query a fixed structure from the object. - - The type of structure to return. - The information class to query. - A default value for the query. - True to throw on error. - The result of the query. - Thrown on error. - - - - Query a fixed structure from the object. - - The type of structure to return. - The information class to query. - A default value for the query. - The result of the query. - Thrown on error. - - - - Query a fixed structure from the object. - - The type of structure to return. - The information class to query. - The result of the query. - Thrown on error. - - - - Query an enumerated value from the object. - - The type of enum to return. - The base type for the enumeration. - The information class to query. - The result of the query. - Thrown on error. - - - - Query an enumerated value from the object. - - The type of enum to return. - The information class to query. - The result of the query. - Thrown on error. - - - - Query the information class as an object. - - The information class. - True to throw on error. - The information class as an object. - - - - Query the information class as an object. - - The information class. - The information class as an object. - If the information class doesn't have an explicit object type a raw byte query will be made. - - - - Query a variable buffer from the object. - - The type of structure to return. - The information class to query. - A default value for the query. - True to throw on error. - The result of the query. - Thrown on error. - - - - Query a variable buffer from the object. - - The information class to query. - A buffer to initialize the initial query. Can be null. - True to throw on error. - The result of the query. - Thrown on error. - - - - Query a variable buffer from the object. - - The information class to query. - A buffer to initialize the initial query. Can be null. - The result of the query. - Thrown on error. - - - - Query a variable buffer from the object. - - The information class to query. - The result of the query. - Thrown on error. - - - - Query a variable buffer from the object and return as bytes. - - The information class to query. - A buffer to initialize the initial query. Can be null. - True to throw on error. - The result of the query. - Thrown on error. - - - - Query a variable buffer from the object and return as bytes. - - The information class to query. - A buffer to initialize the initial query. Can be null. - The result of the query. - Thrown on error. - - - - Query a variable buffer from the object and return as bytes. - - The information class to query. - The result of the query. - Thrown on error. - - - - Query a variable buffer from the object. - - The type of structure to return. - The information class to query. - A default value for the query. - The result of the query. - Thrown on error. - - - - Query a variable buffer from the object. - - The type of structure to return. - The information class to query. - The result of the query. - Thrown on error. - - - - Set a value to the object. - - The type of structure to set. - The information class to set. - The value to set. If you specify a SafeBuffer then it'll be passed directly. - True to throw on error. - The NT status code of the set. - Thrown on error. - - - - Set a value to the object. - - The type of structure to set. - The information class to set. - The value to set. - The NT status code of the set. - Thrown on error. - - - - Set a value to the object from a buffer. - - The information class to set. - The value to set. - True to throw on error. - The NT status code of the set. - Thrown on error. - - - - Set a value to the object from a buffer.. - - The information class to set. - The value to set. - The NT status code of the set. - Thrown on error. - - - - Set a raw value to the object. - - The information class to set. - The raw value to set. - True to throw on error. - The NT status code of the set. - Thrown on error. - - - - Set a raw value to the object. - - The information class to set. - The raw value to set. - The NT status code of the set. - Thrown on error. - - - - Method to query information for this object type. - - The information class. - The buffer to return data in. - Return length from the query. - The NT status code for the query. - - - - Method to set information for this object type. - - The information class. - The buffer to set data from. - The NT status code for the set. - - - - Overriddable method to determine the maximum brute force length for query. - - Information class to key on if needs to return different sizes. - The maximum bytes to brute force. Returning 0 will disable brute force. - - - - Overridable method to determine if the return length shouldn't be trusted for this info class when querying a variable buffer. - - Information class to key on. - True to trust the return length when querying a variable buffer. - - - - Class representing a NT Partition object - - - - - Create a partition object - - The object attributes - Optional parent parition. - Desired access for the partition. - The preferred node, -1 for any node. - True to throw an exception on error. - The NT status code and object result. - - - - Create a partition object - - The object attributes - Optional parent parition. - Desired access for the partition. - The preferred node, -1 for any node. - The NT status code and object result. - - - - Open a partition object - - The object attributes - Desired access for the partition. - True to throw an exception on error. - The NT status code and object result. - - - - Open a partition object - - The object attributes - Desired access for the partition. - The NT status code and object result. - - - - Class representing a NT Process object. - - - - - Gets all accessible processes on the system. - - The access desired for each process. - The list of accessible processes. - - - - Gets all accessible processes on the system. - - The access desired for each process. - True to get processes from system information rather than NtGetNextProcess - The list of accessible processes. - - - - Gets all accessible processes on the system in a particular session. - - The session ID. - The access desired for each process. - The list of accessible processes. - - - - Gets all accessible processes on the system in the current session session. - - The access desired for each process. - The list of accessible processes. - - - - Get first accessible process (used in combination with GetNextProcess) - - The access required for the process. - The accessible process, or null if one couldn't be opened. - - - - Open a process - - The process ID to open - Optional thread ID to verify the correct process is opened. - The desired access for the handle - True to throw an exception on error. - The NT status code and object result. - - - - Open a process - - The process ID to open - The desired access for the handle - True to throw an exception on error. - The NT status code and object result. - - - - Open a process - - The process ID to open - The desired access for the handle - The opened process - - - - Open a process - - The process ID to open - Optional thread ID to verify the correct process is opened. - The desired access for the handle - The opened process. - - - - Create a new process - - Optional object attributes. - Desired access for the new process. - The parent process - Creation flags - Handle to the executable image section - Debug port for the new process. - Access token for the new process. - True to throw on error. - The created process - - - - Create a new process - - Desired access for the new process. - Optional object attributes. - The parent process - Creation flags - Handle to the executable image section - Debug port for the new process. - Access token for the new process. - The created process - - - - Create a new process - - The parent process - Creation flags - Handle to the executable image section - Access token for the new process. - The created process - - - - Create a new process - - The parent process - Creation flags - Handle to the executable image section - The created process - - - - Create a new process - - Handle to the executable image section - Access token for the new process. - The created process - - - - Create a new process - - Handle to the executable image section - The created process - - - - Create a new process - - Optional object attributes. - Desired access for the new process. - The parent process - Creation flags - Handle to the executable image section - Debug port for the new process. - Access token for the new process. - True to throw on error. - The created process - This uses NtCreateProcessEx rather than NtCreateUserProcess - - - - Create a new process - - Desired access for the new process. - Optional object attributes. - The parent process - Creation flags - Handle to the executable image section - Debug port for the new process. - Access token for the new process. - The created process - - - - Create a new user process. - - The process configuration. - True to throw on error. - The result of the process creation - - - - Create a new user process. - - The process configuration. - The result of the process creation - - - - Fork a process. - - The process configuration. - True to throw on error. - The new forked process result - This uses NtCreateUserProcess. - - - - Fork a process. - - The process configuration. - The new forked process result - This uses NtCreateUserProcess. - - - - Open an actual handle to the current process rather than the pseudo one used for Current - - The process object - - - - Test whether a process can access another protected process. - - The current process. - The target process. - True if the process can be accessed. - - - - Reopen object with different access rights. - - The desired access. - Additional attributes for open. - True to throw on error. - The reopened object. - - - - Get next accessible process (used in combination with GetFirstProcess) - - The access required for the process. - The accessible process, or null if one couldn't be opened. - - - - Get previous accessible process (used in combination with GetFirstProcess) - - The access required for the process. - The accessible process, or null if one couldn't be opened. - - - - Get previous accessible process (used in combination with GetFirstProcess) - - The accessible process, or null if one couldn't be opened. - - - - Get first accessible thread for process. - - The desired access for the thread. - The first thread object, or null if not accessible threads. - - - - Get first accessible thread for process. - - The first thread object, or null if not accessible threads. - - - - Get accessible threads for a process. - - The desired access for the threads - The list of threads - - - - Get accessible threads for a process. - - The list of threads - - - - Read a partial PEB from the process. - - The read PEB structure. - - - - Create a new process - - Creation flags - Handle to the executable image section - The created process - This uses NtCreateProcessEx rather than NtCreateUserProcess - - - - Create a new process - - Optional object attributes. - Desired access for the new process. - Creation flags - Handle to the executable image section - Debug port for the new process. - Access token for the new process. - True to throw on error. - The created process - This uses NtCreateProcessEx rather than NtCreateUserProcess - - - - Create a new process - - Optional object attributes. - Desired access for the new process. - Creation flags - Handle to the executable image section - Debug port for the new process. - Access token for the new process. - The created process - This uses NtCreateProcessEx rather than NtCreateUserProcess - - - - Terminate the process - - The exit code for the termination - - - - Terminate the process - - The exit code for the termination - - - - Terminate the process - - The exit code for the termination - True to throw on error. - The NT status code. - - - - Get process image file path - - True to return the native image path, false for a Win32 style path - True to throw on error. - The process image file path - - - - Get process image file path - - True to return the native image path, false for a Win32 style path - The process image file path - - - - Get a mitigation policy raw value - - The policy to get - True to throw on error. - The raw policy value - - - - Get a mitigation policy raw value - - The policy to get - The raw policy value - - - - Get a mitigation policy as an enumeration. - - The policy to get. - True to throw on error. - The mitigation policy value - - - - Get a mitigation policy as an enumeration. - - The policy to get. - The mitigation policy value - - - - Get a mitigation policy raw value - - The policy to get - True to throw on error. - The raw policy value - - - - Get a mitigation policy raw value - - The policy to get - The raw policy value - - - - Set a mitigation policy raw value - - The policy to set - The value to set - True to throw on error. - The NT status code. - - - - Set a mitigation policy raw value - - The policy to set - The value to set - - - - Set a mitigation policy value from an enum. - - The policy to set - The value to set - True to throw on error. - The NT status code. - - - - Set a mitigation policy value from an enum. - - The policy to set - The value to set - - - - Set a mitigation policy raw value - - The policy to set - The value to set - True to throw on error. - The NT status code. - - - - Set a mitigation policy raw value - - The policy to set - The value to set - - - - Disable dynamic code policy on another process. - - - - - Suspend the entire process. - - True to throw on error. - The NT status code. - - - - Resume the entire process. - - True to throw on error. - The NT status code. - - - - Suspend the entire process. - - - - - Resume the entire process. - - - - - Open the process' token - - The process token. - - - - Open the process' token - - True to throw on error. - The process token. - - - - Open the process' token - - Desired access for token. - True to throw on error. - The process token. - - - - Set process access token. Process must be have not been started. - - The token to set. - True to throw on error. - The NT status code. - - - - Set process access token. Process must be have not been started. - - The token to set. - - - - Read memory from a process. - - The base address in the process. - The length to read. - If true ensure we read all bytes, otherwise throw on exception. - The array of bytes read from the location. - If a read is short then returns fewer bytes than requested. - Thrown on error. - - - - Read memory from a process. - - The base address in the process. - The length to read. - The array of bytes read from the location. - If a read is short then returns fewer bytes than requested. - Thrown on error. - - - - Write memory to a process. - - The base address in the process. - The data to write. - The number of bytes written to the location - Thrown on error. - - - - Read structured memory from a process. - - The base address in the process. - The read structure. - Thrown on error. - Type of structure to read. - - - - Write structured memory to a process. - - The base address in the process. - The data to write. - Thrown on error. - Type of structure to write. - - - - Read structured memory array from a process. - - The base address in the process. - The number of elements in the array to read. - The read structure. - Thrown on error. - Type of structure to read. - - - - Write structured memory array to a process. - - The base address in the process. - The data array to write. - Thrown on error. - Type of structure to write. - - - - Query memory information for a process. - - The base address. - The queries memory information. - Thrown on error. - - - - Query all memory information regions in process memory. - - The list of memory regions. - Specify memory types to filter on. - Set of flags which indicate the memory states to return. - Thrown on error. - - - - Query all memory information regions in process memory. - - The list of memory regions. - True to include free regions of memory. - Specify memory types to filter on. - Thrown on error. - - - - Query all memory information regions in process memory. - - The list of memory regions. - True to include free regions of memory. - Thrown on error. - - - - Query all memory information regions in process memory excluding free regions. - - The list of memory regions. - Thrown on error. - - - - Query a list of mapped images in a process. - - The list of mapped images - Thrown on error. - - - - Query a list of mapped files in a process. - - The list of mapped images - Thrown on error. - - - - Query a list of all mapped files and images in a process. - - The list of mapped images - Thrown on error. - - - - Allocate virtual memory in a process. - - Optional base address, if 0 will automatically select a base. - The region size to allocate. - The type of allocation. - The allocation protection. - True to throw on error. - The address of the allocated region. - Thrown on error. - - - - Allocate virtual memory in a process. - - Optional base address, if 0 will automatically select a base. - The region size to allocate. - The type of allocation. - The allocation protection. - The address of the allocated region. - Thrown on error. - - - - Allocate read/write virtual memory in a process. - - The region size to allocate. - The address of the allocated region. - Thrown on error. - - - - Free virtual emmory in a process. - - Base address of region to free - The size of the region. - The type to free. - Thrown on error. - - - - Free virtual emmory in a process. - - Base address of region to free - The size of the region. - The type to free. - True to throw on error. - Thrown on error. - - - - Change protection on a region of memory. - - The base address - The size of the memory region. - The new protection type. - The old protection for the region. - Thrown on error. - - - - Change protection on a region of memory. - - The base address - The size of the memory region. - The new protection type. - True to throw on error. - The old protection for the region. - Thrown on error. - - - - Flush instruction cache. - - The address to flush. - The number of bytes to flush/ - True to throw on error. - The NT status code. - - - - Flush instruction cache. - - The address to flush. - The number of bytes to flush/ - - - - Query working set information for an address in a process. - - The base address to query. - True to throw on error - The working set information. - Thrown on error. - - - - Query working set information for an address in a process. - - The base address to query. - The working set information. - Thrown on error. - - - - Set the process device map. - - The device map directory to set. - Note that due to a bug in the Wow64 layer this won't work in a 32 bit process on a 64 bit system. - - - - Set the process device map. - - The device map directory to set. - True to throw on error. - Note that due to a bug in the Wow64 layer this won't work in a 32 bit process on a 64 bit system. - - - - Set the process device map. - - The device map directory to set. - Note that due to a bug in the Wow64 layer this won't work in a 32 bit process on a 64 bit system. - - - - Set the process device map. - - The device map directory to set. - True to throw on error. - Note that due to a bug in the Wow64 layer this won't work in a 32 bit process on a 64 bit system. - - - - Open a process' debug object. - - True to throw on error. - The process' debug object. - - - - Open a process' debug object. - - The process' debug object. - - - - Queries whether process is backed by a specific file. - - File object opened with Synchronize and Execute access to test against. - True if the process is created from the image file. - - - - Open parent process by ID. - - The desired process access rights. - True to throw on error. - The opened process. - Thrown on error. - - - - Open parent process by ID. - - The desired process access rights. - The opened process. - Thrown on error. - - - - Open parent process by ID. - - The opened process. - Thrown on error. - - - - Open owner process by ID. - - The desired process access rights. - True to throw on error. - The opened process. - Thrown on error. - - - - Open owner process by ID. - - The desired process access rights. - The opened process. - Thrown on error. - - - - Open owner process by ID. - - The opened process. - Thrown on error. - - - - Get if process is in a job. - - A specific job to check - True if in specific job. - - - - Get if process is in a job. - - True if in a job. - - - - Get process handle table. - - The list of process handles. - - - - Get handles for process. - - Specify to all name/details to be queried from the handle. - Force file query for name/details for non-filesystem handles. - True to throw on error. - The list of handles. - This queries the handles from the process which does not contain the Object's addres in kernel memory. - - - - Get handles for process. - - Specify to all name/details to be queried from the handle. - True to throw on error. - The list of handles. - This queries the handles from the process which does not contain the Object's addres in kernel memory. - - - - Get handles for process. - - Specify to all name/details to be queried from the handle. - The list of handles. - This queries the handles from the process which does not contain the Object's addres in kernel memory. - - - - Get handles for process. - - The list of handles. - This queries the handles from the process which does not contain the Object's addres in kernel memory. - - - - Get the process handle table and try and get them as objects. - - True to only return named objects - A list of typenames to filter on (if empty then return all) - The list of handles as objects. - This function will drop handles it can't duplicate. - - - - Get the process handle table and try and get them as objects. - - The list of handles as objects. - This function will drop handles it can't duplicate. - - - - Open image section for process. - - True to throw on error. - The opened image section. - Should only work on the pseudo process handle. - - - - Open image section for process. - - The opened image section. - Should only work on the pseudo process handle. - - - - Unmap a section. - - The base address to unmap. - Flags for unmapping memory. - True to throw on error. - The NT status code. - - - - Unmap a section. - - The base address to unmap. - True to throw on error. - The NT status code. - - - - Unmap a section. - - The base address to unmap. - Flags for unmapping memory. - - - - Unmap a section. - - The base address to unmap. - - - - Get the user SID for the process. - - True to throw on error. - The user SID. - - - - Get the user SID for the process. - - The user SID. - - - - Get the integrity level for the process. - - True to throw on error. - The integerity level. - - - - Set process fault flags. - - The flags to set. - True to throw on error. - The NT status code for the operation. - - - - Set process fault flags. - - The flags to set. - The NT status code for the operation. - - - - Set the process exception port. - - The exception port to set. - Additional state flags. - True to throw on error. - The NT status code. - - - - Set the process exception port. - - The exception port to set. - True to throw on error. - The NT status code. - - - - Set the process exception port. - - The exception port to set. - The NT status code. - - - - Get the user process parameters. - - The user process parameters. - - - - Fork the process. - - Extra flags for fork. - True to throw on error. - The new forked process result. - This uses NtCreateProcessEx. - - - - Fork the process. - - Extra flags for fork. - The new forked process result. - This uses NtCreateProcessEx. - - - - Fork the process. - - The new forked process result. - This uses NtCreateProcessEx. - - - - Get the accessible job objects this process is in. - - This tries to find accessible Job handles. There's no guarantee that all Job objects will be found for the process. - The list of job objects. - - - - Set thread intelligence logging flags. - - The flags to set. - True to throw on error. - The NT status code. - - - - Set thread intelligence logging flags. - - The flags to set. - - - - Get the process security domain. - - True to throw on error. - The security domain. - - - - Get the process security domain. - - The security domain. - - - - Combine two process' security domains. - - The process to combine with. Needs QueryLimitedInformation. - True to throw on error. - The NT status code. - The current process need SetLimitedInformation access. - - - - Combine two process' security domains. - - The process to combine with. Needs QueryLimitedInformation. - The current process need SetLimitedInformation access. - - - - Get the session ID for the process. - - True to throw on error. - The session ID. - - - - Test whether the current process can access another protected process. - - The target process. - True if the process can be accessed. - - - - Get the environment from the process. - - List of environment variables. - - - - Get an environment variable by name. - - The name of the variable. - The value of the environment variable. Returns null if it doesn't exist. - Only returns the first variable with a case insensitive name. - - - - Revoke file handles for an AppContainer process. - - The device path for the files to revoke. - True to throw on error. - The NT status code. - - - - Revoke file handles for an AppContainer process. - - The device path for the files to revoke. - - - - Get the process command line. - - True to throw on error. - The process command line. - - - - Get the IO counters for the process. - - True to throw on error. - The IO counters. - - - - Create a VBS enclave. - - Size of the enclave. - Flags for the enclave. - Owner ID. Must be 32 bytes. - True to throw on error. - The created enclave. - - - - Create a VBS enclave. - - Size of the enclave. - Flags for the enclave. - Owner ID. Must be 32 bytes. - The created enclave. - - - - Get priority boost disable value. - - True to throw on error. - True if priority base - - - - Set priority boost disable value. - - True to disable priority boost. - True to throw on error. - The NT status code. - - - - Method to query information for this object type. - - The information class. - The buffer to return data in. - Return length from the query. - The NT status code for the query. - - - - Method to set information for this object type. - - The information class. - The buffer to set data from. - The NT status code for the set. - - - - Query the information class as an object. - - The information class. - True to throw on error. - The information class as an object. - - - - Get the process' session ID - - - - - Get the process' ID - - - - - Get the process' parent process ID - - - - - Get the memory address of the PEB - - - - - Get the memory address of the PEB for a 32 bit process. - - If the process is 64 bit, or the OS is 32 bit this returns the same value as PebAddress. - - - - Get the base address of the process from the PEB. - - - - - Read flags from PEB. - - - - - Get the process' exit status. - - - - - Get the process' exit status as an NtStatus code. - - - - - Get the process' command line - - - - - Get the command line as parsed arguments. - - - - - Get process DEP status - - - - - Get whether process has a debug port. - - - - - - Get handle count. - - - - - Get break on termination flag. - - - - - Get or set debug flags. - - - - - Get or set execute flags. - - - - - Get IO priority. - - - - - Get secure cookie. - - - - - Get the process user. - - - - - Get the integrity level of the process. - - - - - Get process mitigations - - - - - Get extended process flags. - - - - - Get process window title (from Process Parameters). - - - - - Get process window flags (from Process Parameters). - - - - - Get the process subsystem type. - - - - - Get if the process is Wow64 - - - - - Get whether the process is 64bit. - - - - - Get whether LUID device maps are enabled. - - - - - Return whether this process is sandboxed. - - - - - Get or set the hard error mode. - - - - - Does the process has a child process restriction? - - - - - Gets whether the process is currently deleting. - - - - - Gets whether the process is secure. - - - - - Gets whether the process is protected. - - - - - Gets whether the process is a subsystem process. - - - - - Gets whether the process is frozen. - - - - - Get process protection information. - - - - - Query process section image information. - - - - - Get full image path name in native format - - - - - Get the Win32 image path. - - - - - Get owner process ID - - - - - Query the process token's full package name. - - - - - Get or set whether resource virtualization is enabled. - - - - - Get the security domain of the process. - - - - - Get the creation time of the process. - - - - - Get the exit time of the process. - - - - - Get the time spent in the kernel. - - - - - Get the time spent in user mode. - - - - - Get the time spent in the kernel in seconds. - - - - - Get the time spent in user mode. - - - - - Get the process IO counters. - - - - - Get or set priority boost disabled. - - - - - Get the current process. - - This only uses the pseudo handle, for the process. If you need a proper handle use OpenCurrent. - - - - Get the current PEB address. - - - - - Configuration for a new NT Process. - - - - - Path to the executable to start. - - - - - Path to the executable to start which is passed in the process configuration. - - This doesn't have to match ImagePath. - - - - Command line - - - - - Prepared environment block. - - - - - Title of the main window. - - - - - Path to DLLs. - - - - - Current directory for new process - - - - - Desktop information value - - - - - Shell information value - - - - - Runtime data. - - - - - Prohibited image characteristics for new process - - - - - Additional file access for opened executable file. - - - - - Process create flags. - - - - - Thread create flags. - - - - - Initialization flags - - - - - Parent process. - - - - - Specify child process mitigations. - - - - - Whether to terminate the process on dispose. - - - - - Specify a security descriptor for the process. - - - - - Specify a security descriptor for the initial thread. - - - - - Specify the primary token for the new process. - - - - - Access for process handle. - - - - - Access for thread handle. - - - - - Set protection level. - - - - - Set to create a trustlet. - - - - - Set to specify the configuration for the trustlet if Secure is set. - - - - - Capture additional information when NtProcess.Create returns. - - - - - Specify callback to update process parameters. - - - - - Redirection DLL path. Only supported from 1903. - - - - - Inheritable handles. - - - - - Debug object. - - - - - Toggle inherit handles process create flag. - - - - - Add an extra process/thread attribute. - - The process attribute to add. - The caller is responsible for disposing the attribute, this class does not hold a reference. - - - - Set protected process protection level. - - The type of protected process. - The signer level. - - - - Constructor - - - - - Result from creating a user process. - - - - - Handle to the process - - - - - Handle to the initial thread - - - - - Handle to the image file - - - - - Handle to the image section - - - - - Handle to the IFEO key (if it exists) - - - - - Image information - - - - - Client ID of process and thread - - - - - Process ID - - - - - Thread ID - - - - - Create status. - - - - - True if create succeeded. - - - - - DLL characterists if CreateState is FailMachineMismatch. - - - - - Creation state - - - - - Output flags if CreateStatus is Success. - - - - - Native user process parameters pointer if CreateStatus is Success. - - - - - Wow64 user process parameters pointer if CreateStatus is Success. - - - - - Current parameter flags if CreateStatus is Success. - - - - - PEB pointer if CreateStatus is Success. - - - - - Wow64 PEB pointer if CreateStatus is Success. - - - - - Manifest pointer if CreateStatus is Success. - - - - - Manifest size if CreateStatus is Success. - - - - - Set to true to terminate process on disposal - - - - - Terminate the process - - Exit code for termination - - - - Resume initial thread - - The suspend count - - - - Explicit conversion operator to an NtThread object. - - The win32 process - - - - Explicit conversion operator to an NtProcess object. - - The win32 process - - - - Dispose - - - - - Entry for a process environment block. - - - - - Name of the environment variable. - - - - - Value of the environment variable. - - - - - Constructor. - - Name of the environment variable. - Value of the environment variable. - - - - Class representing various process mitigations - - - - - Partial definition of the PEB - - - - - Partial definition of the PEB - - - - - Class which represents the configuration for a trustlet. - - - - - The ID of the trustlet. - - - - - The mailbox key. Must be 2 longs. - - - - - The collaboration ID. Must be 2 longs. - - - - - The VM ID. Must be 2 longs. - - - - - The TK sessio ID. Must be 4 longs. - - - - - Overridden ToString method. - - The object as a string. - - - - Create a trustlet configuration from an image file. - - The path to the image file. Should be a native path. - True to throw on error. - The trustlet configuration. - - - - Create a trustlet configuration from an image file. - - The path to the image file. Should be a win32 path. - The trustlet configuration. - - - - Constructor - - - - - Constructor - - The ID of the trustlet. - - - - Class to represent a registry transaction object - - - - - Create a transaction - - The object attributes - Desired access for the handle - True to throw an exception on error. - The NT status code and object result. - - - - Create a transaction - - The object attributes - Desired access for the handle - The opened transaction - - - - Create a transaction - - The path of the transaction - The root if path is relative - The opened transaction - - - - Create a transaction - - The path of the transaction - The opened transaction - - - - Create a transaction - - The opened transaction - - - - Open a transaction object. - - The path to the object - The root if path is relative - The desired access for the object - The opened object - - - - Open a transaction object. - - The object attributes for the object - The desired access for the object - True to throw an exception on error. - The NT status code and object result. - - - - Open a transaction object. - - The object attributes for the object - The desired access for the object - The opened object - - - - Open a transaction object. - - The path to the object - The opened object - - - - Commit the transaction - - - - - Rollback the transaction - - - - - Enable the transaction for anything in the current thread context. - - The transaction context. This should be disposed to disable the transaction. - - - - Class to represent a transaction resource manager. - - - - - Create a new resource manager object. - - The object attributes - Desired access for the handle - Creation options flags. - Optional transaction manager to assign the resource manager to. - Resource manager GUID. - Optional description. - True to throw an exception on error. - The NT status code and object result. - - - - Create a new resource manager object. - - The object attributes - Desired access for the handle - Creation options flags. - Optional transaction manager to assign the resource manager to. - Resource manager GUID. - Optional description. - The object result. - Thrown on error. - - - - Create a new resource manager object. - - The path to the resource manager. - The root if path is relative. - Desired access for the handle - Creation options flags. - Optional transaction manager to assign the resource manager to. - Resource manager GUID. - Optional description. - True to throw an exception on error. - The NT status code and object result. - - - - Create a new resource manager object. - - The path to the resource manager. - The root if path is relative. - Desired access for the handle - Creation options flags. - Optional transaction manager to assign the resource manager to. - Resource manager GUID. - Optional description. - The object result. - Thrown on error. - - - - Create a new volatile resource manager object. - - The path to the resource manager. - The root if path is relative. - Desired access for the handle - Optional transaction manager to assign the resource manager to. - Resource manager GUID. - The object result. - Thrown on error. - - - - Create a new volatile resource manager object. - - The path to the resource manager. - The root if path is relative. - Desired access for the handle - Optional transaction manager to assign the resource manager to. - The object result. - Thrown on error. - - - - Create a new volatile resource manager object. - - The path to the resource manager. - The root if path is relative. - Optional transaction manager to assign the resource manager to. - The object result. - Thrown on error. - - - - Create a new volatile resource manager object. - - The path to the resource manager. - Optional transaction manager to assign the resource manager to. - The object result. - Thrown on error. - - - - Create a new volatile resource manager object. - - Optional transaction manager to assign the resource manager to. - The object result. - Thrown on error. - - - - Opens an existing resource manager object. - - The object attributes - Desired access for the handle - Transaction manager which contains the resource manager. - Resource manager GUID. - True to throw an exception on error. - The NT status code and object result. - - - - Opens an existing resource manager object. - - The object attributes - Desired access for the handle - Transaction manager which contains the resource manager. - Resource manager GUID. - The object result. - Thrown on error. - - - - Recover the the transaction manager. - - True to throw on error. - The NT status code. - - - - Recover the the transaction manager. - - - - - Set an IO completion port on the resource manager. - - The IO completion port. - Associated completion key. - True to throw on error. - The NT status code. - - - - Set an IO completion port on the resource manager. - - The IO completion port. - Associated completion key. - - - - Get a notification synchronously. - - Optional timeout for getting the notification. - True to throw on error. - The transaction notification. - - - - Get a notification synchronously. - - Optional timeout for getting the notification. - The transaction notification. - - - - Get a notification synchronously waiting indefinetly. - - The transaction notification. - - - - Register protocol information. - - The ID of the protocol to register. - An opaque protocol buffer. - Optional create options. - True to throw on error. - The NT status code. - - - - Register protocol information. - - The ID of the protocol to register. - An opaque protocol buffer. - Optional create options. - - - - Complete propagation request. - - The cookie to identify the request. - An optional buffer to pass with the request. - True to throw on error. - The NT status code. - - - - Complete propagation request. - - The cookie to identify the request. - An optional buffer to pass with the request. - - - - Fail propagation request. - - The cookie to identify the request. - Optional NT status code for the failure. - True to throw on error. - The NT status code. - - - - Get a list of all accessible enlistment objects owned by this resource manager. - - The object attributes - The access for the enlistment objects. - The list of all accessible enlistment objects. - - - - Get a list of all accessible enlistment objects owned by this resource manager. - - The access for the enlistment objects. - The list of all accessible enlistment objects. - - - - Get a list of all accessible resource manager objects owned by this transaction manager. - - The list of all accessible resource manager objects. - - - - Create an enlistment in this resource manager. - - Desired access for the handle - The transaction to enlist. - Optional create options. - Notification mask. - Enlistment key returned during notification. - True to throw an exception on error. - The created enlistment and NT status code. - - - - Create an enlistment in this resource manager. - - Desired access for the handle - The transaction to enlist. - Optional create options. - Notification mask. - Enlistment key returned during notification. - The created enlistment. - - - - Create an enlistment in this resource manager. - - The transaction to enlist. - Notification mask. - Enlistment key returned during notification. - The created enlistment. - - - - Create an enlistment in this resource manager. - - The transaction to enlist. - Enlistment key returned during notification. - The created enlistment. - - - - Method to query information for this object type. - - The information class. - The buffer to return data in. - Return length from the query. - The NT status code for the query. - - - - Method to set information for this object type. - - The information class. - The buffer to set data from. - The NT status code for the set. - - - - Query the information class as an object. - - The information class. - True to throw on error. - The information class as an object. - - - - Get the resource manager ID. - - - - - Get the description for the resource manager. - - - - - A structure to return the result of an NT system call with status. - This allows a function to return both a status code and a result - without having to resort to out parameters. - - The result type. - - - - The NT status code. - - - - - The result of the NT call. - - - - - Get the result object or throw an exception if status code is an error. - - The result NT result. - Thrown if status code is an error. - - - - Get the result object or a default value if an error occurred. - - The default value to return. - The result or the default if an error occurred. - - - - Get the result object or a default value if an error occurred. - - The result or the default if an error occurred. - - - - Is the result successful. - - - - - Map result to a different type. - - The different type to map to. - A function to map the result. - The mapped result. - - - - Map result to a different type. - - The different type to map to. - A function to map the result. - The mapped result. - - - - Cast result to a different type. - - The different type to cast to. - The mapped result. - - - - Forward the result and check for an exception. - - True to throw on error. - The forwarded result. - - - - Dispose result. - - - - - Create a result from an error. - - The error status code. - True to throw on error. - The result. - - - - Create a result. - - - Create a new result. - - - - Conversion operator from T to object. - - The result to convert. - - - - Compression format for RtlDecompressBuffer. - - - - - Class to represent a NT Section object - - - - - Create an Image section object - - The object attributes for the image section. - The file to create the image section from - The opened section - Thrown on error. - - - - Create an Image section object - - The object name to use for the image section. - Root directory for the object. - The file to create the image section from - The opened section - Thrown on error. - - - - Create an Image section object - - The object name to use for the image section. - The file to create the image section from - The opened section - Thrown on error. - - - - Create an Image section object - - The file to create the image section from - The opened section - Thrown on error. - - - - Create a data section from a file. - - The file to create from. - The created section object. - - - - Create a section object - - The object attributes - The desired access - Optional size of the section - The section protection - The section attributes. The lower 5 bits can be used to specify the NUMA node. - Optional backing file - True to throw an exception on error. - The NT status code and object result. - - - - Create a section object - - The object attributes - The desired access - Optional size of the section - The section protection - The section attributes - Optional backing file - The opened section - Thrown on error. - - - - Create a section object - - The path to the section - The root if path is relative - The desired access - Optional size of the section - The section protection - The section attributes. The lower 5 bits can be used to specify the NUMA node. - Optional backing file - The opened section - Thrown on error. - - - - Create a section object - - Size of the section - The opened section - Thrown on error. - - - - Create a section object - - The object attributes - The desired access - Optional size of the section - The section protection - The section attributes - Optional backing file - Extended parameters for section create. - True to throw an exception on error. - The NT status code and object result. - - - - Create a section object - - The object attributes - The desired access - Optional size of the section - The section protection - The section attributes - Optional backing file - Extended parameters for section create. - The NT status code and object result. - - - - Open a section object - - The object attributes for the section - The desired access for the sections - True to throw an exception on error. - The NT status code and object result. - - - - Open a section object - - The object attributes for the section - The desired access for the sections - The opened section - - - - Open a section object - - The path to the section - Root object if the path is relative - The desired access for the sections - The opened section - - - - Unmap a section in a specified process. - - The process to unmap the section. - The base address to unmap. - Flags for unmapping memory. - True to throw on error. - The NT status code. - - - - Unmap a section in a specified process. - - The process to unmap the section. - The base address to unmap. - True to throw on error. - The NT status code. - - - - Unmap a section in the current process. - - The base address to unmap. - True to throw on error. - The NT status code. - - - - Unmap a section in a specified process. - - The process to unmap the section. - The base address to unmap. - Flags for unmapping memory. - - - - Unmap a section in a specified process. - - The process to unmap the section. - The base address to unmap. - - - - Unmap a section in the current process. - - The base address to unmap. - - - - Map section Read/Write into a specific process - - The process to map into - The mapped section - - - - Map section Read Only into a specific process - - The process to map into - The mapped section - - - - Map section Read/Write into a specific process - - The process to map into - True to throw on error. - The mapped section - - - - Map section Read Only into a specific process - - The process to map into - True to throw on error. - The mapped section - - - - Map section Read Only into a current process - - The mapped section - - - - Map section Read Only into a current process - - True to throw on error. - The mapped section - - - - Map section Read/Write into a current process - - The mapped section - - - - Map section Read/Write into a current process - - True to throw on error. - The mapped section - - - - Map section into a specific process - - The process to map into - The protection of the mapping - The mapped section - - - - Map section into a specific process - - The process to map into - The protection of the mapping - True to throw on error. - The mapped section - - - - Map section into a specific process - - The process to map into - The protection of the mapping - Optional base address - Number of zero bits. - Size of pages to commit. - Offset into the section. - Optional view size - Allocation type. - Section inheritance type. - True to throw on error. - The mapped section - - - - Map section into a specific process - - The process to map into - The protection of the mapping - Optional base address - Number of zero bits. - Size of pages to commit. - Offset into the section. - Optional view size - Allocation type. - Section inheritance type. - The mapped section - - - - Map section into a specific process - - The process to map into - The protection of the mapping - Optional base address - Optional view size - The mapped section - - - - Map section into a specific process - - The process to map into - The protection of the mapping - Optional base address - Optional view size - True to throw on error. - The mapped section - - - - Map section into the current process - - The protection of the mapping - The mapped section - - - - Extend the section to a new size. - - The new size to extend to. - True to throw on error. - The new size. - Thrown on error. - - - - Extend the section to a new size. - - The new size to extend to. - The new size. - Thrown on error. - - - - Method to query information for this object type. - - The information class. - The buffer to return data in. - Return length from the query. - The NT status code for the query. - - - - Get the size of the section - - - - - Get the attributes of the section - - - - - Get section image information. - - - - - Get original section base address. - - - - - Get relocation address. - - - - - Static class to access NT security manager routines. - - - - - Looks up the account name of a SID. - - The system name to lookup the SID on. - The SID to lookup - True to throw on error. - The name. - - - - Looks up the account name of a SID. - - The SID to lookup - True to throw on error. - The name. - - - - Looks up the account name of a SID. - - The SID to lookup - The SID name. - Thrown if lookup fails. - - - - Looks up the account name of a SID. - - The SID to lookup - True to throw on error. - The name. - - - - Looks up the account name of a SID. - - The SID to lookup - The name, or null if the lookup failed - - - - Looks up a capability SID to see if it's already known. - - The capability SID to lookup - The name of the capability, null if not found. - - - - Lookup a SID from a username. - - The system name to lookup the SID on. - The username, can be in the form domain\account. - True to throw on error. - The Security Identifier - Thrown if account cannot be found. - - - - Lookup a SID from a username. - - The system name to lookup the SID on. - The username, can be in the form domain\account. - The Security Identifier - Thrown if account cannot be found. - - - - Lookup a SID from a username. - - The username, can be in the form domain\account. - The Security Identifier - Thrown if account cannot be found. - - - - Lookup the name of a process trust SID. - - The trust sid to lookup. - The name of the trust sid. null if not found. - Thrown if trust_sid is not a trust sid. - - - - Try and lookup the moniker associated with a package sid. - - The package sid. - Returns the moniker name. If not found returns null. - Thrown if SID is not a package sid. - - - - Lookup a device capability SID name if known. - - The SID to lookup. - Returns the device capability name. If not found returns null. - Thrown if SID is not a package sid. - - - - Convert a package SID to a capability. - - The package SID to convert. - The package SID as a capability. - - - - Convert a security descriptor to SDDL string - - The security descriptor - Indicates what parts of the security descriptor to include - The SDDL string - Thrown if cannot convert to a SDDL string. - - - - Convert a security descriptor to SDDL string - - The security descriptor - Indicates what parts of the security descriptor to include - True to throw on errror. - The SDDL string - Thrown if cannot convert to a SDDL string. - - - - Convert an SDDL string to a binary security descriptor - - The SDDL string - True to throw on error. - The binary security descriptor - Thrown if cannot convert from a SDDL string. - - - - Convert an SDDL string to a binary security descriptor - - The SDDL string - The binary security descriptor - Thrown if cannot convert from a SDDL string. - - - - Convert an SDDL string to a binary security descriptor - - The SDDL string - True to throw on error. - The binary security descriptor - Thrown if cannot convert from a SDDL string. - - - - Convert an SDDL string to a binary security descriptor - - The SDDL string - The binary security descriptor - Thrown if cannot convert from a SDDL string. - - - - Convert an SDDL SID string to a Sid - - The SDDL SID string - True to throw on error. - The converted Sid - Thrown if cannot convert from a SDDL string. - - - - Convert an SDDL SID string to a Sid - - The SDDL SID string - The converted Sid - Thrown if cannot convert from a SDDL string. - - - - Do an access check between a security descriptor and a token to determine the allowed access. - This function returns a list of results rather than a single entry. It should only be used - with object types. - - The security descriptor - The access token. - The set of access rights to check against - An optional principal SID used to replace the SELF SID in a security descriptor. - The type specific generic mapping (get from corresponding NtType entry). - List of object types to check against. - True to throw on error. - The list of access check results. - Thrown if an error occurred in the access check. - - - - Do an access check between a security descriptor and a token to determine the allowed access. - This function returns a list of results rather than a single entry. It should only be used - with object types. - - The security descriptor - The access token. - The set of access rights to check against - An optional principal SID used to replace the SELF SID in a security descriptor. - The type specific generic mapping (get from corresponding NtType entry). - List of object types to check against. - The list of access check results. - Thrown if an error occurred in the access check. - - - - Do an access check between a security descriptor and a token to determine the allowed access. - - The security descriptor - The access token. - The set of access rights to check against - An optional principal SID used to replace the SELF SID in a security descriptor. - The type specific generic mapping (get from corresponding NtType entry). - List of object types to check against. - True to throw on error. - The result of the access check. - Thrown if an error occurred in the access check. - - - - Do an access check between a security descriptor and a token to determine the allowed access. - - The security descriptor - The access token. - The set of access rights to check against - An optional principal SID used to replace the SELF SID in a security descriptor. - The type specific generic mapping (get from corresponding NtType entry). - List of object types to check against. - The result of the access check. - Thrown if an error occurred in the access check. - - - - Do an access check between a security descriptor and a token to determine the allowed access. - - The security descriptor - The access token. - The set of access rights to check against - An optional principal SID used to replace the SELF SID in a security descriptor. - The type specific generic mapping (get from corresponding NtType entry). - List of object types to check against. - True to throw on error. - The result of the access check. - Thrown if an error occurred in the access check. - - - - Do an access check between a security descriptor and a token to determine the allowed access. - - The security descriptor - The access token. - The set of access rights to check against - An optional principal SID used to replace the SELF SID in a security descriptor. - The type specific generic mapping (get from corresponding NtType entry). - List of object types to check against. - The result of the access check. - Thrown if an error occurred in the access check. - - - - Do an access check between a security descriptor and a token to determine the allowed access. - - The security descriptor - The access token. - The set of access rights to check against - An optional principal SID used to replace the SELF SID in a security descriptor. - The type specific generic mapping (get from corresponding NtType entry). - True to throw on error. - The result of the access check. - Thrown if an error occurred in the access check. - - - - Do an access check between a security descriptor and a token to determine the allowed access. - - The security descriptor - The access token. - The set of access rights to check against - An optional principal SID used to replace the SELF SID in a security descriptor. - The type specific generic mapping (get from corresponding NtType entry). - True to throw on error. - The result of the access check. - Thrown if an error occurred in the access check. - - - - Do an access check between a security descriptor and a token to determine the allowed access. - - The security descriptor - The access token. - The set of access rights to check against - An optional principal SID used to replace the SELF SID in a security descriptor. - The type specific generic mapping (get from corresponding NtType entry). - The result of the access check. - Thrown if an error occurred in the access check. - - - - Do an access check between a security descriptor and a token to determine the allowed access. - - The security descriptor - The access token. - The set of access rights to check against - An optional principal SID used to replace the SELF SID in a security descriptor. - The type specific generic mapping (get from corresponding NtType entry). - The result of the access check. - Thrown if an error occurred in the access check. - - - - Do an access check between a security descriptor and a token to determine the allowed access. - - The security descriptor - The access token. - The set of access rights to check against - An optional principal SID used to replace the SELF SID in a security descriptor. - The type specific generic mapping (get from corresponding NtType entry). - The allowed access mask as a unsigned integer. - Thrown if an error occurred in the access check. - - - - Do an access check between a security descriptor and a token to determine the allowed access. - - The security descriptor - The access token. - The set of access rights to check against - The type specific generic mapping (get from corresponding NtType entry). - The allowed access mask as a unsigned integer. - Thrown if an error occurred in the access check. - - - - Do an access check between a security descriptor and a token to determine the maximum allowed access. - - The security descriptor - The access token. - The type specific generic mapping (get from corresponding NtType entry). - The maximum allowed access mask as a unsigned integer. - Thrown if an error occurred in the access check. - - - - Do an access check between a security descriptor and a token to determine the maximum allowed access. - - The security descriptor - The access token. - An optional principal SID used to replace the SELF SID in a security descriptor. - The type specific generic mapping (get from corresponding NtType entry). - The maximum allowed access mask as a unsigned integer. - Thrown if an error occurred in the access check. - - - - Do an access check between a security descriptor and a token to determine the allowed access. - - The security descriptor - The access token. - The set of access rights to check against - The type used to determine generic access mapping.. - The allowed access mask as a unsigned integer. - Thrown if an error occurred in the access check. - - - - Do an access check between a security descriptor and a token to determine the maximum allowed access. - - The security descriptor - The access token. - The type used to determine generic access mapping.. - The allowed access mask as a unsigned integer. - Thrown if an error occurred in the access check. - - - - Get a security descriptor from a named object. - - The path to the resource (such as \BaseNamedObejct\ABC) - The type of resource, can be null to get the method to try and discover the correct type. - The named resource security descriptor. Returns null if can't open the resource. - - - - Do an access check between a security descriptor and a token to determine the allowed access and - audit the result. - - The name of the subsystem to audit. - The handle ID to audit. Used when issuing a close audit. - The object type name. - The name of the object. - Indicates if this is an object creation operation. - Type of audit. - Flags for the audit operation. - The security descriptor - The access token. - The set of access rights to check against - An optional principal SID used to replace the SELF SID in a security descriptor. - The type specific generic mapping (get from corresponding NtType entry). - List of object types to check against. - True to throw on error. - The result of the access check. - Thrown if an error occurred in the access check. - - - - Do an access check between a security descriptor and a token to determine the allowed access and - audit the result. - - The name of the subsystem to audit. - The handle ID to audit. Used when issuing a close audit. - The object type name. - The name of the object. - Indicates if this is an object creation operation. - Type of audit. - Flags for the audit operation. - The security descriptor - The access token. - The set of access rights to check against - An optional principal SID used to replace the SELF SID in a security descriptor. - The type specific generic mapping (get from corresponding NtType entry). - List of object types to check against. - The result of the access check. - Thrown if an error occurred in the access check. - - - - Do an access check between a security descriptor and a token to determine the allowed access - and audit. This function returns a list of results rather than a single entry. It should only - be used with object types. - - The name of the subsystem to audit. - The handle ID to audit. Used when issuing a close audit. - The object type name. - The name of the object. - Indicates if this is an object creation operation. - Type of audit. - Flags for the audit operation. - The security descriptor - The access token. - The set of access rights to check against - An optional principal SID used to replace the SELF SID in a security descriptor. - The type specific generic mapping (get from corresponding NtType entry). - List of object types to check against. - True to throw on error. - The result of the access check. - Thrown if an error occurred in the access check. - - - - Do an access check between a security descriptor and a token to determine the allowed access - and audit. This function returns a list of results rather than a single entry. It should only - be used with object types. - - The name of the subsystem to audit. - The handle ID to audit. Used when issuing a close audit. - The object type name. - The name of the object. - Indicates if this is an object creation operation. - Type of audit. - Flags for the audit operation. - The security descriptor - The access token. - The set of access rights to check against - An optional principal SID used to replace the SELF SID in a security descriptor. - The type specific generic mapping (get from corresponding NtType entry). - List of object types to check against. - The result of the access check. - Thrown if an error occurred in the access check. - - - - Get a SID for a specific mandatory integrity level. - - The mandatory integrity level. - The integrity SID - - - - Get a SID for a specific mandatory integrity level. - - The mandatory integrity level. - The integrity SID - - - - Checks if a SID is an integrity level SID - - The SID to check - True if an integrity SID - - - - Get the integrity level from an integrity SID - - The integrity SID - The token integrity level. - - - - Gets the SID for a service name. - - The service name. - The service SID. - Thrown on error. - - - - Checks if a SID is a service SID. - - The sid to check. - True if a service sid. - - - - Checks if a SID is a logon session SID. - - The sid to check. - True if a logon session sid. - - - - Checks if a SID is a process trust SID. - - The sid to check. - True if a process trust sid. - - - - Checks if a SID is a domain SID. - - The SID to check. - True if a domain SID. - - - - Checks if a SID is a domain SID and is a member of the local machine domain. - - The SID to check. - True if a domain SID. - - - - Checks if a SID is a capability SID. - - The sid to check. - True if a capability sid. - - - - Checks if a SID is a capbility group SID. - - The sid to check. - True if a capability group sid. - - - - Get a capability sid by name. - - The name of the capability. - True to throw on error. - The capability SID. - - - - Get a capability sid by name. - - The name of the capability. - The capability SID. - - - - Get a capability group sid by name. - - The name of the capability. - True to throw on error. - The capability SID. - - - - Get a capability group sid by name. - - The name of the capability. - The capability SID. - - - - Get the type of package sid. - - The sid to get type. - The package sid type, Unknown if invalid. - - - - Checks if a SID is a valid package SID. - - The sid to check. - True if a capability sid. - - - - Get the parent package SID for a child package SID. - - The child package SID. - The parent package SID. - Thrown if sid not a child package SID. - - - - Checks if a SID is a Scoped Policy ID SID. - - The SID to check. - True if a Scoped Policy ID SID. - - - - Converts conditional ACE data to an SDDL string - - The conditional application data. - True to throw on error. - The conditional ACE string. - - - - Converts conditional ACE data to an SDDL string - - The conditional application data. - The conditional ACE string. - - - - Converts a condition in SDDL format to an ACE application data. - - The condition in SDDL format. - The condition in ACE application data format. - - - - Evaluate a condition ACE expression. - - The Token to check against. - The conditional expression in SDDL format. - Specify resource attributes to add to the check. - True to throw on error. - True if the conditional expression was a success. - - - - Evaluate a condition ACE expression. - - The Token to check against. - The conditional expression in SDDL format. - True to throw on error. - True if the conditional expression was a success. - - - - Evaluate a condition ACE expression. - - The Token to check against. - The conditional expression in SDDL format. - Specify resource attributes to add to the check. - True if the conditional expression was a success. - - - - Evaluate a condition ACE expression. - - The Token to check against. - The conditional expression in SDDL format. - True if the conditional expression was a success. - - - - Evaluate a condition ACE expression. - - The Token to check against. - The conditional expression in binary format. - Specify resource attributes to add to the check. - True to throw on error. - True if the conditional expression was a success. - - - - Evaluate a condition ACE expression. - - The Token to check against. - The conditional expression in binary format. - True to throw on error. - True if the conditional expression was a success. - - - - Evaluate a condition ACE expression. - - The Token to check against. - The conditional expression in binary format. - Specify resource attributes to add to the check. - True if the conditional expression was a success. - - - - Evaluate a condition ACE expression. - - The Token to check against. - The conditional expression in binary format. - True if the conditional expression was a success. - - - - Get the cached signing level for a file. - - The handle to the file to query. - The cached signing level. - - - - Get the cached signing level for a file. - - The handle to the file to query. - True to throw on error. - The cached signing level. - - - - Get the cached singing level from the raw EA buffer. - - The EA buffer to read the cached signing level from. - The cached signing level. - Throw on error. - - - - Set the cached signing level for a file. - - The handle to the file to set the cache on. - Flags to set for the cache. - The signing level to cache - A list of source file for the cache. - Optional directory path to look for catalog files. - - - - Set the cached signing level for a file. - - The handle to the file to set the cache on. - Flags to set for the cache. - The signing level to cache - A list of source file for the cache. - Optional directory path to look for catalog files. - True to throw on error. - - - - Compare two signing levels. - - The current level. - The signing level to compare against. - True if the current level is above or equal to the signing level. - - - - Get readable name for a SID, if known. This covers sources of names such as LSASS lookup, capability names and package names. - - The SID to lookup. - True to bypass the internal cache and get the current name. - The name for the SID. Returns the SDDL form if no other name is known. - - - - Get readable name for a SID, if known. This covers sources of names such as LSASS lookup, capability names and package names. - - The SID to lookup. - The name for the SID. Returns the SDDL form if no other name is known. - This function will cache name lookups, this means the name might not reflect what's currently in LSASS if it's been changed. - - - - Add a SID name to the local name cache. - - The SID to add. - The SID's domain name. - The name of the account. - The name user value. - - - - Remove a SID name from the local cache. - - The SID to remove. - - - - Clear the SID name cache. - - - - - Get a logon session SID from an ID. - - The logon session ID. - The new logon session SID. - - - - Get a new logon session SID. - - The new logon session SID. - - - - Get session id from logon session SID. - - The logon session SID. - The logon session ID. - - - - Get security descriptor as a byte array - - Handle to the object to query. - What parts of the security descriptor to retrieve - True to throw on error. - The NT status result and security descriptor as a buffer. - - - - Set the object's security descriptor - - Handle to the object to set. - The security descriptor to set. - What parts of the security descriptor to set - True to throw on error. - The NT status result. - - - - Do a privilege check on a token. - - A handle to a token object. - The list of privileges to check. - True to require all necessary privileges. - True to throw on error. - The privilege check result. - - - - Get the access mask for querying a specific security information class. - - The information class. - The access mask for the information. - - - - Get the access mask for setting a specific security information class. - - The information class. - The access mask for the information. - - - - Get whether an ACE type is an allowed ACE type. - - The ACE type. - True if an allowed ACE type. - - - - Get whether an ACE type is a denied ACE type. - - The ACE type. - True if a denied ACE type. - - - - Get whether an ACE type is an object ACE type. - - The ACE type. - True if an object ACE type. - - - - Get whether an ACE type is an audit ACE type. - - The ACE type. - True if an audit ACE type. - - - - Get whether an ACE type is used int the SACL. - - The ACE type. - True if a system ACE type. - - - - Get whether an ACE type is a callback type. - - The ACE type. - True if a callback type. - - - - Convert an access rights type to a string. - - The access mask to convert - The enumeration type for the string conversion - Set to true to use SDK style names. - The string version of the access - - - - Convert an access rights type to a string. - - The access mask to convert - The enumeration type for the string conversion - The string version of the access - - - - Convert an access rights type to a string. - - The access mask to convert - The string version of the access - - - - Convert an access rights type to a string. - - The access mask to convert - Set to true to use SDK style names. - The string version of the access - - - - Convert an enumerable access rights to a string - - The access mask. - Enum type to convert to string. - Generic mapping for object type. - True to try and convert to generic rights where possible. - The string format of the access rights. Will return Full Access if not a generic access and has all rights and None if no access. - - - - Convert an enumerable access rights to a string - - The access mask. - Enum type to convert to string. - Generic mapping for object type. - True to try and convert to generic rights where possible. - Set to true to use SDK style names. - The string format of the access rights. Will return Full Access if not a generic access and has all rights and None if no access. - - - - Convert an ACE type to an SDK type string. - - The ACE type. - The ACE type as an SDK type string. - - - - Convert the ACE flags to an SDK type string. - - The ACE type as an SDK type string. - - - - Convert the security descriptor control flags to an SDK type string. - - The security descriptor control as an SDK type string. - - - - Get a Process Trust Level SID. - - The Trust Type. - The Trust Level. - The Process Trust Level SID. - - - - Generate audit event for an object open. - - The subsystem name. - Handle ID. - The typename of the object. - The name of the object. - The security descriptor set for the object. - The client token used to open the object. - Desired access for the open. - Granted access from the open. - Privileges used to open the object. - True if the object was created. - Specify whether access was granted. - True to throw on error. - A value indicating whether an event need to be generated on close. - - - - Generate audit event for an object open. - - The subsystem name. - Handle ID. - The typename of the object. - The name of the object. - The security descriptor set for the object. - The client token used to open the object. - Desired access for the open. - Granted access from the open. - Privileges used to open the object. - True if the object was created. - Specify whether access was granted. - A value indicating whether an event need to be generated on close. - - - - Generate audit event for an object close. - - The subsystem name. - Handle ID. - True indicates to generate on close. - True to throw on error. - The NT status code. - - - - Generate audit event for an object close. - - The subsystem name. - Handle ID. - True indicates to generate on close. - The NT status code. - - - - Generate audit event for an object deleted. - - The subsystem name. - Handle ID. - True indicates to generate on close. - True to throw on error. - The NT status code. - - - - Generate audit event for an object deleted. - - The subsystem name. - Handle ID. - True indicates to generate on close. - - - - Generate audit event for a privileges used with an object. - - The subsystem name. - Handle ID. - The client token used. - Desired access for the object. - Privileges used to open the object. - Specify whether access was granted. - True to throw on error. - The NT status code. - - - - Generate audit event for a privileges used with an object. - - The subsystem name. - Handle ID. - The client token used. - Desired access for the object. - Privileges used to open the object. - Specify whether access was granted. - - - - Generate audit event for a privileges used by a client. - - The subsystem name. - The client token used. - The name of the service. - Privileges used in the operation. - Specify whether access was granted. - True to throw on error. - The NT status code. - - - - Generate audit event for a privileges used by a client. - - The subsystem name. - The client token used. - The name of the service. - Privileges used in the operation. - Specify whether access was granted. - - - - Perform a capability check for a token. - - Specify the token handle. If null will use the effective token. - The name of the capability to check. - True to throw on error. - True if the token has the capability. - - - - Perform a capability check for a token. - - Specify the token handle. If null will use the effective token. - The name of the capability to check. - True if the token has the capability. - - - - Get GenericMapping for standard access rights. - - - - - Security information class for security descriptors. - - - - - ACE Flags. Note that the value isn't completely the same as - the real flags. - - - - - Class to represent a NT Semaphore object. - - - - - Create a semaphore object. - - The object attributes for the object - The desired access for the object - Initial count for semaphore - Maximum count for semaphore - True to throw an exception on error. - The NT status code and object result. - - - - Create a semaphore object. - - The object attributes for the object - The desired access for the object - Initial count for semaphore - Maximum count for semaphore - The opened object - - - - Create a semaphore object. - - The path to the object - The root if path is relative - Initial count for semaphore - /// Maximum count for semaphore - The opened object - - - - Open a semaphore object. - - The object attributes for the object - The desired access for the object - True to throw an exception on error. - The NT status code and object result. - - - - Open a semaphore object. - - The object attributes for the object - The desired access for the object - The opened object - - - - Open a semaphore object. - - The path to the object - The root if path is relative - The desired access for the object - The opened object - - - - Release the semaphore - - The release count - The previous count - - - - Release the semaphore - - The release count - True to throw an exception on error. - The previous count - - - - Method to query information for this object type. - - The information class. - The buffer to return data in. - Return length from the query. - The NT status code for the query. - - - - Query the information class as an object. - - The information class. - True to throw on error. - The information class as an object. - - - - Current count of the semaphore. - - - - - Maximum count of the semaphore. - - - - - Semaphore access rights. - - - - - Class to represent a Session object - - - - - Open a session object. - - The object attributes - Desired access for the object - True to throw on error. - The open result. - - - - Open a session object. - - The object attributes - Desired access for the object - The open result. - - - - Open a session object. - - Name of the object - Optional root directory for lookup - Desired access for the object - The open result. - - - - NT status values - - - - - Class representing a NT SymbolicLink object - - - - - Create a symbolic link object. - - The path to the object - The root if path is relative - The desired access for the object - The target path - The opened object - - - - Create a symbolic link object. - - The object attributes for the object - The desired access for the object - The target path - True to throw an exception on error. - The NT status code and object result. - - - - Create a symbolic link object. - - The object attributes for the object - The desired access for the object - The target path - The opened object - - - - Create a symbolic link object. - - The path to the object - The root if path is relative - The target path - The opened object - - - - Create a symbolic link object. - - The path to the object - The target path - The opened object - - - - Open a symbolic link object. - - The path to the object - The root if path is relative - The desired access for the object - The opened object - - - - Open a symbolic link object. - - The path to the object - The root if path is relative - The desired access for the object - True to throw on error. - The opened object - - - - Open a symbolic link object. - - The object attributes for the object - The desired access for the object - True to throw an exception on error. - The NT status code and object result. - - - - Open a symbolic link object. - - The object attributes for the object - The desired access for the object - The opened object - - - - Open a symbolic link object. - - The path to the object - The root if path is relative - The opened object - - - - Open a symbolic link object. - - The path to the object - The opened object - - - - Resolve a symlink name to a final target. - - The name of the symlink to resolve. - True to throw on error. - The final target. - This function will return the last name which returns STATUS_OBJECT_TYPE_MISMATCH. Anything else is an error. - - - - Resolve a symlink name to a final target. - - The name of the symlink to resolve. - The final target. - This function will return the last name which returns STATUS_OBJECT_TYPE_MISMATCH. Anything else is an error. - - - - Get the symbolic link target. - - - - - Method to set information for this object type. - - The information class. - The buffer to set data from. - The NT status code for the set. - - - - Set access mask filter. - - The access mask to set. - True to throw on error. - The NT status code. - Needs SeTcbPrivilege. - - - - Set access mask filter. - - The access mask to set. - Needs SeTcbPrivilege. - - - - Set as a global link. - - True to throw on error. - The NT status code. - Needs SeTcbPrivilege. - - - - Set as a global link. - - Needs SeTcbPrivilege. - - - - Get the symbolic link target path. - - True to throw on error. - The target path. - - - - Class to access some NT system information - - - - - Get a list of handles - - A process ID to filter on. If -1 will get all handles - True to allow the handles returned to query for certain properties - True to force all file names to be queried. Otherwise limits to only DISK files. - The list of handles - The purpose of force_file_name to disable querying a file handle for its path unless it's on a FS volume. - This is because some non-file types can be in a locked state which causes the filename lookup to hang. - - - - Get a list of handles - - A process ID to filter on. If -1 will get all handles - True to allow the handles returned to query for certain properties - The list of handles - - - - Get a list of all handles - - The list of handles - - - - Get a list of threads for a specific process. - - The process ID to list. - True to throw on error. - The list of thread information. - - - - Get a list of threads for a specific process. - - The process ID to list. - The list of thread information. - - - - Get a list of all threads. - - The list of thread information. - - - - Get a list of all threads. - - The list of thread information. - - - - Get a list of threads for a specific process. - - The process ID to list. - True to throw on error. - The list of thread information. - - - - Get a list of threads for a specific process. - - The process ID to list. - The list of thread information. - - - - Get a list of all threads. - - The list of thread information. - - - - Get a list of all threads. - - The list of thread information. - - - - Get all process information for the system. - - The list of process information. - - - - Get all process information for the system. - - True to throw on error. - The list of process information. - - - - Get all process information for the system. - - The list of process information. - - - - Get all process information for the system. - - True to throw on error. - The list of process information. - - - - Get all process information for the system. - - The list of process information. - - - - Get all process information for the system. - - True to throw on error. - The list of process information. - - - - Get list of page filenames. - - The list of page file names. - - - - Create a kernel dump for current system. - - The path to the output file. - Flags - Page flags - - - - Query all system environment value names. - - A list of names of environment values - - - - Query all system environment value names and values. - - A list of names of environment values - - - - Query a single system environment value. - - The name of the value. - The associated vendor guid - True to throw on error. - The system environment value. - - - - Query a single system environment value. - - The name of the value. - The associated vendor guid - The system environment value. - - - - Set a system environment variable. - - The name of the variable. - The vendor GUID - The value to set - Attributes of the value - - - - Set a system environment variable. - - The name of the variable. - The vendor GUID - The value to set - Attributes of the value - - - - Set a system environment variable. - - The name of the variable. - The vendor GUID - The value to set - Attributes of the value - - - - Set a system environment variable. - - The name of the variable. - The vendor GUID - The value to set - Attributes of the value - - - - Allocate a LUID. - - The allocated LUID. - - - - Allocate a LUID. - - The allocated LUID. - - - - Get the addresses of a list of objects from the handle table and initialize the Address property. - - The list of objects to initialize. - - - - Get the address of an object in kernel memory from the handle table and initialize the Address property. - - The object. - - - - Get the address of an object in kernel memory from the handle table and initialize the Address property. - - The object. - Any remaining objects. - - - - Query whether a file is trusted for dynamic code. - - The handle to a file to query. - Pointer to a memory buffer containing the image. - The size of the in-memory buffer. - True if the file is trusted. - - - - Query whether a file is trusted for dynamic code. - - Pointer to a memory buffer containing the image. - The status code from the operation. Returns STATUS_SUCCESS is valid. - - - - Query whether a file is trusted for dynamic code. - - The handle to a file to query. - The status code from the operation. Returns STATUS_SUCCESS is valid. - - - - Set a file is trusted for dynamic code. - - The handle to a file to set. - The status code from the operation. - - - - Get list of root silos. - - The list of root silos. - - - - Set the ELAM certificate information. - - The signed file containing an ELAM certificate resource. - The NT status code. - - - - Query code integrity certificate information. - - The image file. - The type of check to make. - The NT status code. - - - - Query the image path from a process ID. - - The ID of the process. - True to throw on error. - The image path. - This method can be called without any permissions on the process. - - - - Query the image path from a process ID. - - The ID of the process. - The image path. - This method can be called without any permissions on the process. - - - - Get flags for isolated user mode. - - True to throw on error. - The ISO flags. - - - - Query a fixed structure from the object. - - The type of structure to return. - The information class to query. - A default value for the query. - True to throw on error. - The result of the query. - Thrown on error. - - - - Query a fixed structure from the object. - - The type of structure to return. - The information class to query. - A default value for the query. - The result of the query. - Thrown on error. - - - - Query a fixed structure from the object. - - The type of structure to return. - The information class to query. - The result of the query. - Thrown on error. - - - - Query a variable buffer from the object. - - The type of structure to return. - The information class to query. - A default value for the query. - True to throw on error. - The result of the query. - Thrown on error. - - - - Query a variable buffer from the object. - - The information class to query. - A buffer to initialize the initial query. Can be null. - True to throw on error. - The result of the query. - Thrown on error. - - - - Query a variable buffer from the object. - - The information class to query. - A buffer to initialize the initial query. Can be null. - The result of the query. - Thrown on error. - - - - Query a variable buffer from the object. - - The information class to query. - The result of the query. - Thrown on error. - - - - Query a variable buffer from the object and return as bytes. - - The information class to query. - A buffer to initialize the initial query. Can be null. - True to throw on error. - The result of the query. - Thrown on error. - - - - Query a variable buffer from the object and return as bytes. - - The information class to query. - A buffer to initialize the initial query. Can be null. - The result of the query. - Thrown on error. - - - - Query a variable buffer from the object and return as bytes. - - The information class to query. - The result of the query. - Thrown on error. - - - - Query a variable buffer from the object. - - The type of structure to return. - The information class to query. - A default value for the query. - The result of the query. - Thrown on error. - - - - Query a variable buffer from the object. - - The type of structure to return. - The information class to query. - The result of the query. - Thrown on error. - - - - Set a value to the object. - - The type of structure to set. - The information class to set. - The value to set. If you specify a SafeBuffer then it'll be passed directly. - True to throw on error. - The NT status code of the set. - Thrown on error. - - - - Set a value to the object. - - The type of structure to set. - The information class to set. - The value to set. - The NT status code of the set. - Thrown on error. - - - - Set a value to the object from a buffer. - - The information class to set. - The value to set. - True to throw on error. - The NT status code of the set. - Thrown on error. - - - - Set a value to the object from a buffer.. - - The information class to set. - The value to set. - The NT status code of the set. - Thrown on error. - - - - Set a raw value to the object. - - The information class to set. - The raw value to set. - True to throw on error. - The NT status code of the set. - Thrown on error. - - - - Set a raw value to the object. - - The information class to set. - The raw value to set. - The NT status code of the set. - Thrown on error. - - - - Draw text on the background. - - The text to draw. - True to throw on error. - The NT status code. - - - - Draw text on the background. - - The text to draw. - - - - Display a string. - - The text to display. - True to throw on error. - The NT status code. - - - - Display a string. - - The text to display. - - - - Load a driver. - - The name of the driver service. - True to throw on error. - The NT status code. - - - - Unload a driver. - - The name of the driver service. - True to throw on error. - The NT status code. - - - - Get kernel modules. - - True to throw on error. - The list of kernel modules. - - - - Get kernel modules. - - The list of kernel modules. - - - - Get whether the kernel debugger is enabled. - - - - - Get whether the kernel debugger is not present. - - - - - Get current code integrity option settings. - - - - - Get code integrity policy. - - - - - Get code integrity unlock information. - - - - - Get all code integrity policies. - - - - - Get whether secure boot is enabled. - - - - - Get whether system supports secure boot. - - - - - Extract the secure boot policy. - - - - - Get system timer resolution. - - - - - Get system page size. - - - - - Get number of physical pages. - - - - - Get lowest page number. - - - - - Get highest page number. - - - - - Get allocation granularity. - - - - - Get minimum user mode address. - - - - - Get maximum user mode address. - - - - - Get active processor affinity mask. - - - - - Get number of processors. - - - - - Get system device information. - - - - - Get the system processor information. - - - - - Get the system emulation processor information. - - - - - Get the Isolated User Mode flags. - - - - - Get the NT product type. - - - - - - Get OS version info, - - - - - Get whether this is a multi-session SKU. - - True if multi-session. - - - - Get whether this there are multiple users in a session. - - True if multi-session. - - - - Query the system elevation flags. - - - - - Class to represent a NT Thread object - - - - - Create a new thread in a process. - - The object attributes for the thread object. - Desired access for the handle. - Process to create the thread in. - Address of the start routine. - Argument to pass to the thread. - Creation flags. - Zero bits for the stack address. - Size of the committed stack. - Maximum reserved stack size. - Optional attribute list. - True to throw on error - The created thread object. - This creates a native thread, not a Win32 thread. This might cause unexpected things to fail as they're not initialized. - - - - Create a new thread in a process. - - The object attributes for the thread object. - Desired access for the handle. - Process to create the thread in. - Address of the start routine. - Argument to pass to the thread. - Creation flags. - Zero bits for the stack address. - Size of the committed stack. - Maximum reserved stack size. - Optional attribute list. - The created thread object. - This creates a native thread, not a Win32 thread. This might cause unexpected things to fail as they're not initialized. - - - - Create a new thread in a process. - - Process to create the thread in. - Address of the start routine. - Argument to pass to the thread. - Creation flags. - Size of the committed stack. - True to throw on error - The created thread object. - This creates a native thread, not a Win32 thread. This might cause unexpected things to fail as they're not initialized. - - - - Create a new thread in a process. - - Process to create the thread in. - Address of the start routine. - Argument to pass to the thread. - Creation flags. - Size of the committed stack. - The created thread object. - This creates a native thread, not a Win32 thread. This might cause unexpected things to fail as they're not initialized. - - - - Open a thread - - The process ID containing the thread. - The thread ID to open - The desired access for the handle - True to throw an exception on error. - The NT status code and object result. - - - - Open a thread - - The thread ID to open - The desired access for the handle - True to throw an exception on error. - The NT status code and object result. - - - - Open a thread - - The process ID containing the thread. - The thread ID to open - The desired access for the handle - The NT status code and object result. - - - - Open a thread - - The thread ID to open - The desired access for the handle - The opened object - - - - Gets all accessible threads on the system. - - The desired access for each thread. - Get the thread list from system information. - The list of accessible threads. - - - - Gets all accessible threads on the system. - - The desired access for each thread. - The list of accessible threads. - - - - Get first thread for process. - - The process handle to get the threads. - The desired access for the thread. - The first thread, or null if no more available. - - - - Sleep the current thread - - Set if the thread should be alertable - The delay, negative values indicate relative times. - True to throw on error. - STATUS_ALERTED if the thread was alerted, other success or error code. - - - - Sleep the current thread - - Set if the thread should be alertable - The delay, negative values indicate relative times. - True if the thread was alerted before the delay expired. - - - - Sleep the current thread - - Set if the thread should be alertable - The delay, negative values indicate relative times. - True if the thread was alerted before the delay expired. - - - - Sleep the current thread for a specified number of milliseconds. - - The delay in milliseconds. - True if the thread was alerted before the delay expired. - - - - Open an actual handle to the current thread rather than the pseudo one used for Current - - The thread object - - - - Set the work on behalf ticket. - - The ticket to set. - True to throw on error. - The status code from the set. - - - - Set the work on behalf ticket. - - The ticket to set. - - - - Set the work on behalf ticket. - - The ticket to set. - True to throw on error. - The status code from the set. - - - - Set the work on behalf ticket. - - The ticket to set. - - - - Set the work on behalf ticket. - - The thread ID. - True to throw on error. - The NT status. - - - - Set the work on behalf ticket. - - The thread ID. - - - - Test alert status for the current thread. - - True to throw on error. - The NT status code. - - - - Test alert status for the current thread. - - - - - Attach a silo container to the current thread. - - The silo to attach. - True to throw on error. - The thread impersonation context. - - - - Attach a silo container to the current thread. - - The silo to attach. - The thread impersonation context. - - - - Detach container from the current thread. - - True to throw on error. - The NT status code. - - - - Detach container from the current thread. - - - - - Get XOR key for the work-on-behalf ticket. - - True to throw on error. - The XOR key. - - - - Get the current thread. - - This only uses the pseudo handle, for the thread. You can't use it in different threads. If you need to do that use OpenCurrent. - - - - - Get or set the work on behalf ticket for the current thread. - - - - - Get the work on behalf ticket xor key. - - - - - Reopen object with different access rights. - - The desired access. - Additional attributes for open. - True to throw on error. - The reopened object. - - - - Resume the thread. - - True to throw on error. - The suspend count - - - - Resume the thread. - - The suspend count - - - - Suspend the thread. - - True to throw on error. - The suspend count - - - - Suspend the thread - - The suspend count - - - - Terminate the thread - - True to throw on error. - The thread status exit code - The NT status code. - - - - Terminate the thread - - The thread status exit code - - - - Wake the thread from an alertable state. - - True to throw on error. - The NT status code. - - - - Wake the thread from an alertable state. - - - - - Wake the thread from an alertable state and resume the thread. - - True to throw on error. - The previous suspend count for the thread. - - - - Wake the thread from an alertable state and resume the thread. - - The previous suspend count for the thread. - - - - Hide the thread from debug events. - - True to throw on error. - The NT status code. - - - - Hide the thread from debug events. - - - - - The set the thread's impersonation token - - The impersonation token to set - True to throw on error. - The NT status code. - - - - The set the thread's impersonation token - - The impersonation token to set - - - - Impersonate the anonymous token - - True to throw on error. - The impersonation context. Dispose to revert to self - - - - Impersonate the anonymous token - - The impersonation context. Dispose to revert to self - - - - Impersonate a token - - True to throw on error. - The token to impersonate. - The impersonation context. Dispose to revert to self - - - - Impersonate a token - - The token to impersonate. - The impersonation context. Dispose to revert to self - - - - Impersonate another thread. - - The thread to impersonate. - The impersonation security quality of service. - True to throw on error. - The imperonsation context. Dispose to revert to self. - - - - Impersonate another thread's security context. - - The thread to impersonate. - The impersonation level for the token. - True to throw on error. - The imperonsation context. Dispose to revert to self. - - - - Impersonate another thread's security context. - - The thread to impersonate. - The impersonation level for the token. - The imperonsation context. Dispose to revert to self. - - - - Impersonate another thread's security context at impersonation level. - - The thread to impersonate. - True to throw on error. - The imperonsation context. Dispose to revert to self. - - - - Impersonate another thread's security context at impersonation level. - - The thread to impersonate. - The imperonsation context. Dispose to revert to self. - - - - Open the thread's token - - The token, null if no token available - - - - Queue a special user APC to the thread. - - The APC callback pointer. - Context parameter. - System argument 1. - System argument 2. - True to throw on error. - The NT status code. - - - - Queue a special user APC to the thread. - - The APC callback pointer. - Context parameter. - System argument 1. - System argument 2. - The NT status code. - - - - Queue a special user APC to the thread. - - The APC callback pointer. - Context parameter. - System argument 1. - System argument 2. - True to throw on error. - The NT status code. - - - - Queue a special user APC to the thread. - - The APC callback pointer. - Context parameter. - System argument 1. - System argument 2. - The NT status code. - - - - Queue a user APC to the thread. - - The APC callback pointer. - Context parameter. - System argument 1. - System argument 2. - True to throw on error. - The NT status code. - - - - Queue a user APC to the thread. - - The APC callback pointer. - Context parameter. - System argument 1. - System argument 2. - - - - Queue a user APC to the thread. - - The APC callback delegate. - Context parameter. - System argument 1. - System argument 2. - True to throw on error. - The NT status code. - This is only for APCs in the current process. You also must ensure the delegate is - valid at all times as this method doesn't take a reference to the delegate to prevent it being - garbage collected. - - - - Queue a user APC to the thread. - - The APC callback delegate. - Context parameter. - System argument 1. - System argument 2. - This is only for APCs in the current process. You also must ensure the delegate is - valid at all times as this method doesn't take a reference to the delegate to prevent it being - garbage collected. - - - - Get next thread for process relative to current thread. - - The process handle to get the threads. - The desired access for the thread. - The next thread, or null if no more available. - - - - Get the thread context. - - Flags for context parts to get. - True to throw on error. - An instance of an IContext object. Needs to be cast to correct type to access. - - - - Get the thread context. - - Flags for context parts to get. - An instance of an IContext object. Needs to be cast to correct type to access. - - - - Set the thread's context. - - The thread context to set. - True to throw on error. - The NT status code. - - - - Set the thread's context. - - The thread context to set. - - - - Get current waiting server information. - - True to throw on error. - The thread ALPC server information. - - - - Get current waiting server information. - - The thread ALPC server information. - - - - Get the process ID associated with the thread. - - True to throw on error. - The process ID. - - - - Get the thread ID. - - True to throw on error. - The thread ID. - - - - Cancel all synchronous IO for this thread. - - True to throw on error. - The NT status. - - - - Get a partial TEB for the thread. - - The partial TEB. - - - - Get the work on behalf ticket for a thread. - - True to throw on error. - The work on behalf ticket. - - - - Get the work on behalf ticket for a thread. - - The work on behalf ticket. - - - - Get the effective container ID for the thread. - - True to throw on error. - The effective container ID. - - - - Get priority boost disable value. - - True to throw on error. - True if priority base - - - - Set priority boost disable value. - - True to disable priority boost. - True to throw on error. - The NT status code. - - - - Method to query information for this object type. - - The information class. - The buffer to return data in. - Return length from the query. - The NT status code for the query. - - - - Method to set information for this object type. - - The information class. - The buffer to set data from. - The NT status code for the set. - - - - Query the information class as an object. - - The information class. - True to throw on error. - The information class as an object. - - - - Get thread ID - - - - - Get process ID - - - - - Get name of process. - - - - - Get or set the thread's current priority - - - - - Get or set the thread's base priority - - - - - Get or set the thread's affinity mask. - - - - - Get the thread's TEB base address. - - - - - Get or set whether thread is allowed to create dynamic code. - - Set can only be done on the current thread. - - - - Get whether thread is impersonating another token. - - Note that this tries to open the thread's token and return true if it could open. A return of false - might just indicate that the caller doesn't have permission to open the token, not that it's not impersonating. - - - - Get name of the thread. - - - - - Get or set a thread's description. - - - - - Get the Win32 start address for the thread. - - - - - Get the current Instruction Pointer for the thread. - - - - - Get last system call on the thread. - - - - - Get the thread's suspend count. - - - - - Get whether the thread has pending IO. - - - - - Get the creation time of the thread. - - - - - Get the exit time of the thread (0 if not exited) - - - - - Get the time spent in the kernel. - - - - - Get the time spent in user mode. - - - - - Get thread information. - - - - - Get thread exit status. - - - - - Get thread exit status. - - - - - Get the effective container ID. - - Should be called on the current thread psuedo handle. - - - - Get or set priority boost disabled. - - - - - Delegate for APC callbacks. - - Context parameter. - System argument 1. - System argument 2. - - - - Class to represent an NT Timer object - - - - - Create a timer object - - The path to the event - The root object for relative path names - The type of the timer. - The timer object - - - - Create a timer object - - The timer object attributes - The type of the event - The desired access for the timer - The timer object - - - - Create a timer object - - The timer object attributes - The type of the timer - The desired access for the timer - True to throw an exception on error. - The NT status code and object result. - - - - Create a timer object - - The path to the timer - The type of the timer - The timer object - - - - Create a timer object - - The type of the timer - The timer object - - - - Create a timer object - - The timer object - - - - Open a timer object - - The path to the timer - The root object for relative path names - The desired access for the timer - The timer object - - - - Open a timer object - - The path to the timer - The root object for relative path names - The desired access for the timer - True to throw on error. - The timer object - - - - Open a timer object - - The timer object attributes - The desired access for the timer - The timer object. - - - - Open a timer object - - The event object attributes - The desired access for the timer - True to throw an exception on error. - The NT status code and object result. - - - - Open a timer object - - The path to the timer - The root object for relative path names - The timer object - - - - Open a timer object - - The path to the timer - The timer object - - - - Method to query information for this object type. - - The information class. - The buffer to return data in. - Return length from the query. - The NT status code for the query. - - - - Method to set information for this object type. - - The information class. - The buffer to set data from. - The NT status code for the set. - - - - Set timer state. - - The due time for the timer. - Optional APC routine. - Optional APC context pointer. - True to resume. - Period time. - True throw on error. - The NT result and previous state. - - - - Set timer state. - - The due time for the timer. - Optional APC routine. - Optional APC context pointer. - True to resume. - Period time. - The previous state. - - - - Set timer state. - - The due time for the timer. - The previous state. - - - - Set timer state in milliseconds. - - The due time for the timer in milliseconds. - The previous state. - - - - Cancel the timer. - - True to throw on error. - The previous state. - - - - Cancel the timer. - - The previous state. - - - - Query the information class as an object. - - The information class. - True to throw on error. - The information class as an object. - - - - Remaining time for the timer. - - - - - Signal state of the timer. - - - - - Delegate for Timer APC callbacks. - - Context parameter. - Low value of timer. - High value of timer. - - - - Enumeration for querying group list using QueryGroups. - - - - - The default group list. - - - - - The restrict group list. - - - - - The capability group list. - - - - - The device group list. - - - - - The restricted device list. - - - - - Specify type of security attributes to query. - - - - - Local security attributes. - - - - - User security attributes. - - - - - Restricted user security attributes. - - - - - Device security attributes. - - - - - Restricted device security attributes. - - - - - Singleton device security attributes. - - - - - Data from the TSA://ProcUnique security attribute. - - - - - The index entry for the process. - - - - - The value for the entry. - - - - - Class representing a Token object - - - - - Duplicate token as specific type. - - The token type - The impersonation level us type is Impersonation - Open with the desired access. - The object attributes for the token. - The security descriptor for the token. - If true then throw an exception on error. - The new token - Thrown on error - - - - Duplicate token as specific type. - - The token type - The impersonation level us type is Impersonation - Open with the desired access. - The object attributes for the token. - The security descriptor for the token. - The new token - Thrown on error - - - - Duplicate token as specific type. - - The token type - The impersonation level us type is Impersonation - Open with the desired access. - If true then throw an exception on error. - The new token - Thrown on error - - - - Duplicate token as specific type - - The token type - The impersonation level us type is Impersonation - Open with the desired access. - The new token - Thrown on error - - - - Duplicate the token as the same token type. - - The new token. - Thrown on error - - - - Duplicate the token as the same token type. - - True to throw on error. - The new token. - Thrown on error - - - - Duplicate token as an impersonation token with a specific level - - The token impersonation level - The new token - Thrown on error - - - - Set a privilege state - - The name of the privilege (e.g. SeDebugPrivilege) - True to enable the privilege, false to disable - True to throw on error. - True if successfully changed the state of the privilege - - - - Set a privilege state - - The name of the privilege (e.g. SeDebugPrivilege) - True to enable the privilege, false to disable - True if successfully changed the state of the privilege - - - - Set a privilege state - - The luid of the privilege - The privilege attributes to set. - True to throw on error. - True if successfully changed the state of the privilege - - - - Set a privilege state - - The luid of the privilege - The privilege attributes to set. - True if successfully changed the state of the privilege - - - - Set a privilege state - - The value of the privilege - The privilege attributes to set. - True to throw on error. - True if successfully changed the state of the privilege - - - - Set a privilege state - - The value of the privilege - The privilege attributes to set. - True if successfully changed the state of the privilege - - - - Remove a privilege. - - The value of the privilege to remove. - True if successfully removed the privilege. - - - - Remove a privilege. - - The LUID of the privilege to remove. - True if successfully removed the privilege. - - - - Create a LowBox token from the current token. - - The package SID - The created LowBox token. - Thrown on error. - - - - Create a LowBox token from the current token. - - The package SID - List of handles to capture with the token - The created LowBox token. - Thrown on error. - - - - Create a LowBox token from the current token. - - The package SID - List of handles to capture with the token - List of capability sids to add. - Desired token access. - The created LowBox token. - Thrown on error. - - - - Filter a token to remove groups/privileges and add restricted SIDs - - Filter token flags - List of SIDs to disable - List of privileges to delete - List of restricted SIDs to add - The new token. - - - - Filter a token to remove groups/privileges and add restricted SIDs - - Filter token flags - List of SIDs to disable - List of privileges to delete - List of restricted SIDs to add - The new token. - - - - Filter a token to remove privileges and groups. - - Filter token flags - The new filtered token. - - - - Set the state of a group - - The group SID to set - The attributes to set - - - - Set the state of a group - - The group SID to set - The attributes to set - True to throw on error. - The NT status code. - - - - Set the state of a group - - The groups to set - The attributes to set - True to throw on error. - The NT status code. - - - - Set the state of a group - - The groups to set - The attributes to set - - - - Reset all groups to their default state. - - True to throw on error. - The NT status code. - - - - Reset all groups to their default state. - - - - - Set the session ID of a token - - The session ID - - - - Set a token's default DACL - - The DACL to set. - - - - Set the origin logon session ID. - - The origin logon session ID. - - - - Set virtualization enabled - - True to enable virtualization - True to throw on error. - - - - Set virtualization enabled - - True to enable virtualization - - - - Set UI Access flag. - - True to enable UI Access. - - - - Get the linked token - - True to throw on error. - The linked token - - - - Get the linked token - - The linked token - - - - Set the linked token. - - The token to set. - Requires SeCreateTokenPrivilege. - - - - Impersonate the token. - - An impersonation context, dispose to revert to process token - Thrown on error. - - - - Impersonate the token. - - Impersonation level for token. - An impersonation context, dispose to revert to process token - Thrown on error. - - - - Run a function under impersonation. - - The return type. - The callback to run. - The return value from the callback. - Thrown on error. - - - - Run an action under impersonation. - - The callback to run. - Thrown on error. - - - - Run a function under impersonation. - - The return type. - The callback to run. - Impersonation level for token. - The return value from the callback. - Thrown on error. - - - - Run an action under impersonation. - - The callback to run. - Impersonation level for token. - Thrown on error. - - - - Get a security attribute by name. - - Specify the type of security attributes to query. - The name of the security attribute, such as WIN://PKG - The expected type of the security attribute. If None return ignore type check. - The security attribute or null if not found. - - - - Get a security attribute by name. - - The name of the security attribute, such as WIN://PKG - The expected type of the security attribute. If None return ignore type check. - The security attribute or null if not found. - - - - Get a security attribute by name. - - The name of the security attribute, such as WIN://PKG - The security attribute or null if not found. - - - - Get token's security attributes - - Specify the type of security attributes to query. - Throw on error. - The security attributes. - - - - Get token's security attributes. - - Throw on error. - The security attributes. - - - - Get token's security attributes - - Specify the type of security attributes to query. - The security attributes. - - - - Get token's security attributes - - The security attributes. - - - - Set security attributes on the token. - - The list of attributes. - The operation to perform on the attribute. - Throw on error. - The array of attributes aand operations must be the same size. You need SeTcbPrivilege to call this API. - The NT Status code. - - - - Set security attributes on the token. - - The list of attributes. - The operation to perform on the attribute. - The array of attributes aand operations must be the same size. You need SeTcbPrivilege to call this API. - - - - Add security attributes to the token. - - The list of attributes. - Throw on error. - You need SeTcbPrivilege to call this API. - The NT Status code. - - - - Add security attributes to the token. - - The list of attributes. - You need SeTcbPrivilege to call this API. - - - - Replace security attributes in the token. - - The list of attributes. - Throw on error. - You need SeTcbPrivilege to call this API. - The NT Status code. - - - - Replace security attributes in the token. - - The list of attributes. - You need SeTcbPrivilege to call this API. - - - - Replace all security attributes in the token. - - The list of attributes. - Throw on error. - You need SeTcbPrivilege to call this API. - The NT Status code. - - - - Replace security attributes in the token. - - The list of attributes. - You need SeTcbPrivilege to call this API. - - - - Remove security attributes by name. - - The attribute names to remove. - Throw on error. - The NT Status code. - - - - Remove security attributes by name. - - The attribute names to remove. - - - - Set the token's integrity level. - - The level to set. - - - - Set the token's integrity level. - - The level to set. - - - - Get the state of a privilege. - - The privilege to get the state of. - The privilege, or null if it can't be found - Thrown if can't query privileges - - - - Get the state of a privilege. - - The privilege to get the state of. - The privilege, or null if it can't be found - True to throw on error - Thrown if can't query privileges - - - - Compare two tokens. - - The other token to compare. - True if tokens are equal. - - - - Get the App Policy for this token. - - The type of app policy. - The policy value. - - - - Disable No Child process policy on the token. - - Needs SeTcbPrivilege. - - - - Query a list of groups from the token. - - The type of groups to query. - True to throw on error. - The list of groups. - - - - Query a list of groups from the token. - - The type of groups to query. - The list of groups. - - - - Get the user from the token. - - True to throw on error. - The user group information. - - - - Do a privilege check on a token. - - The list of privileges to check. - True to require all necessary privileges. - True to throw on error. - The privilege check result. - - - - Do a privilege check on a token. - - The list of privileges to check. - True to require all necessary privileges. - The privilege check result. - - - - Do a privilege check on a token. - - The list of privileges to check. - True to require all necessary privileges. - True to throw on error. - The privilege check result. - - - - Do a privilege check on a token. - - The list of privileges to check. - True to require all necessary privileges. - The privilege check result. - - - - Do a privilege check for a single privilege. - - The privilege to check. - True if the privilege is enabled. - - - - Do a privilege check for a single privilege. - - The privilege to check. - True if the privilege is enabled. - - - - Get token privileges. - - True to throw on error. - The list of privileges. - - - - Perform a capability check for a token. - - The name of the capability to check. - True to throw on error. - True if the token has the capability. - - - - Perform a capability check for a token. - - The name of the capability to check. - True if the token has the capability. - - - - Method to query information for this object type. - - The information class. - The buffer to return data in. - Return length from the query. - The NT status code for the query. - - - - Method to set information for this object type. - - The information class. - The buffer to set data from. - The NT status code for the set. - - - - Query the information class as an object. - - The information class. - True to throw on error. - The information class as an object. - - - - Get the logon SID for the token. - - True to throw on error. - The logon SID. - - - - Get token user - - - - - Get token groups - - - - - Get list of enabled groups. - - - - - Get list of deny only groups. - - - - - Get count of groups in this token. - - - - - Get the authentication ID for the token - - - - - Get the token's type - - - - - Get the token's expiration time. - - - - - Get the Token's Id - - - - - Get the Token's modified Id. - - - - - Get/set the token's owner. - - - - - Get/set the token's primary group - - - - - Get/set the token's default DACL - - - - - Get the token's source - - - - - Get token's restricted sids - - - - - Get count of restricted sids - - - - - Get token's impersonation level - - - - - Get/set token's session ID - - - - - Get whether token has sandbox inert flag set. - - - - - Get/set token's origin - - - - - Get token's elevation type - - - - - Get whether token is elevated - - - - - Get whether token has restrictions - - - - - Get/set token UI access flag - - - - - Get or set whether virtualization is allowed - - - - - Get/set whether virtualization is enabled - - - - - Get whether token is restricted - - - - - Get whether token is write restricted. - - - - - Get whether token is filtered. - - - - - Get whether token is not low. - - - - - Token access flags. - - - - - Get whether token can be used for new child processes. - - - - - Get token capabilities. - - - - - Get or set the token mandatory policy - - - - - Get token logon sid - - - - - Get token's integrity level sid - - - - - Get token's App Container number. - - - - - Get or set token's integrity level. - - - - - Get token's security attributes - - - - - Get token's device claims. - - - - - Get token's user claims. - - - - - Get token's restricted user claims. - - Unsupported, at least on Windows 10. - - - - Get token's restricted user claims. - - Unsupported, at least on Windows 10. - - - - Get whether a token is an AppContainer token - - - - - Get whether the token is configured for low privilege. - - - - - Get token's AppContainer sid - - - - - Get token's AppContainer package name (if available). - Returns an empty string if not an AppContainer. - - - - - Get token's device groups - - - - - Get token's restricted device groups. - - - - - Get list of privileges for token - - The list of privileges - Thrown if can't query privileges - - - - Get full path to token - - - - - Get the token's trust level. Will be null if no trust level present. - - - - - Returns true if this is a pseudo token. - - - - - Get whether this token is a sandboxed token. - - - - - Query the token's full package name. - - - - - Query the token's appid. - - - - - Get the list of policies for this App. - - - - - Get the list of policies for this App in a table. - - - - - Get the BaseNamedObjects isolation prefix if enabled. - - - - - Get the token's package identity. - - - - - Get or set the token audit policy. - - Needs SeSecurityPrivilege to query and SeTcbPrivilege to set. - - - - Get or set if token is in a private namespace. - - - - - Get if the token is restricted. - - - - - Get the TSA://ProcUnique attribute. - - - - - Enable debug privilege for the current process token. - - True if set the debug privilege - - - - Enable a privilege of the effective token. - - The privilege to enable. - True if set the privilege. - - - - Open the process token of another process - - The process to open the token for - The desired access for the token - Attribute flags for the handle. - If true then throw an exception on error. - The opened token - Thrown if cannot open token - - - - Open the process token of another process - - The process to open the token for - The desired access for the token - Attribute flags for the handle. - The opened token - Thrown if cannot open token - - - - Open the process token of another process - - The process to open the token for - The desired access for the token - If true then throw an exception on error. - The opened token - Thrown if cannot open token - - - - Open the process token of another process - - The process to open the token for - The desired access for the token - The opened token - Thrown if cannot open token - - - - Open the process token of another process - - The process to open the token for - True to duplicate the token before returning - The opened token - Thrown if cannot open token - - - - Open the process token of another process - - The process to open the token for - True to duplicate the token before returning - The desired access for the token - The opened token - Thrown if cannot open token - - - - Open the process token of another process - - The process to open the token for - True to duplicate the token before returning - The desired access for the token - True to throw on error. - The opened token - Thrown if cannot open token - - - - Open the process token of another process - - The process to open the token for - The opened token - Thrown if cannot open token - - - - Open the process token of the current process - - The opened token - Thrown if cannot open token - - - - Open the process token of the current process - - True to duplicate the token before returning - The opened token - Thrown if cannot open token - - - - Open the process token of the current process - - True to duplicate the token before returning - The desired access for the token - The opened token - Thrown if cannot open token - - - - Open the process token of another process - - The id of the process to open the token for - True to duplicate the token before returning - The opened token - Thrown if cannot open token - - - - Open the process token of another process - - The id of the process to open the token for - True to duplicate the token before returning - The desired access for the token - The opened token - Thrown if cannot open token - - - - Open the process token of another process - - The id of the process to open the token for - True to duplicate the token before returning - The desired access for the token - True to throw on error. - The opened token - Thrown if cannot open token - - - - Open the process token of another process - - The id of the process to open the token for - The opened token - Thrown if cannot open token - - - - Open the thread token - - The thread to open the token for - Open the token as the current identify rather than the impersonated one - The desired access for the token - If true then throw an exception on error. - The opened token result - Thrown if cannot open token - - - - Open the thread token - - The thread to open the token for - Open the token as the current identify rather than the impersonated one - True to duplicate the token before returning. - The desired access for the token - True to throw on error. - The opened token, if no token return null - Thrown if cannot open token - - - - Open the thread token - - The thread to open the token for - Open the token as the current identify rather than the impersonated one - True to duplicate the token before returning - The desired access for the token - The opened token, if no token return null - Thrown if cannot open token - - - - Open the thread token - - The ID of the thread to open the token for - Open the token as the current identify rather than the impersonated one - True to duplicate the token before returning - The desired access for the token - The opened token, if no token return null - Thrown if cannot open token - - - - Open the thread token - - The thread to open the token for - Open the token as the current identify rather than the impersonated one - True to duplicate the token before returning - The opened token, if no token return null - Thrown if cannot open token - - - - Open the thread token - - The thread to open the token for - The opened token, if no token return null - Thrown if cannot open token - - - - Open the current thread token - - True to duplicate the token before returning - The opened token, if no token return null - Thrown if cannot open token - - - - Open the current thread token - - The opened token, if no token return null - Thrown if cannot open token - - - - Open the effective token, thread if available or process - - The thread to open the token for - True to duplicate the token before returning - Desired access for token. - Open token as self. - True to throw on error. - The opened token - Thrown if cannot open token - - - - Open the effective token, thread if available or process - - The thread to open the token for - True to duplicate the token before returning - Desired access for token. - Open token as self. - The opened token - Thrown if cannot open token - - - - Open the effective token, thread if available or process - - The thread to open the token for - True to duplicate the token before returning - True to throw on error. - The opened token - Thrown if cannot open token - - - - Open the effective token, thread if available or process - - The thread to open the token for - True to duplicate the token before returning - The opened token - Thrown if cannot open token - - - - Open the current effective token, thread if available or process - - The opened token - Thrown if cannot open token - - - - Open the current effective token, thread if available or process - - True to throw on error. - The opened token - Thrown if cannot open token - - - - Create a token. Needs SeCreateTokenPrivilege. - - The desired access for the token. - Object attributes, used to pass SecurityDescriptor or SQOS for impersonation token. - The type of token. - The authentication ID for the token. - The expiration time for the token. - The user for the token. - The groups for the token. - The privileges for the token. - The owner of the token. - The primary group for the token. - The default dacl for the token. - The source for the token. - Optional device attributes. - Optional device groups. - Optional mandatory policy. - Optional user attributes. - True to throw on error. - The token object. - - - - Create a token. Needs SeCreateTokenPrivilege. - - The desired access for the token. - Object attributes, used to pass SecurityDescriptor or SQOS for impersonation token. - The type of token. - The authentication ID for the token. - The expiration time for the token. - The user for the token. - The groups for the token. - The privileges for the token. - The owner of the token. - The primary group for the token. - The default dacl for the token. - The source for the token. - Optional device attributes. - Optional device groups. - Optional mandatory policy. - Optional user attributes. - The token object. - - - - Create a token. Needs SeCreateTokenPrivilege. - - The desired access for the token. - Object attributes, used to pass SecurityDescriptor or SQOS for impersonation token. - The type of token. - The authentication ID for the token. - The expiration time for the token. - The user for the token. - The groups for the token. - The privileges for the token. - The owner of the token. - The primary group for the token. - The default dacl for the token. - The source for the token. - True to throw on error. - The token object. - - - - Create a token. Needs SeCreateTokenPrivilege. - - The desired access for the token. - Object attributes, used to pass SecurityDescriptor or SQOS for impersonation token. - The type of token. - The authentication ID for the token. - The expiration time for the token. - The user for the token. - The groups for the token. - The privileges for the token. - The owner of the token. - The primary group for the token. - The default dacl for the token. - The source for the token. - The token object. - - - - Create a token. Needs SeCreateTokenPrivilege. - - The user for the token. - The groups for the token. - The privileges for the token. - The token object. - - - - Create a token. Needs SeCreateTokenPrivilege. - - The user for the token. - The token object. - - - - Impersonate another process' token - - The impersonation level - Process ID of the other process - An impersonation context, dispose to revert to process token - - - - Get the current user. - - True to throw on error. - The current user. - - - - Do a single privilege check on the effective token. - - The privilege to check. - True to throw on error. - True if the privilege is enabled. - - - - Do a single privilege check on the effective token. - - The privilege to check. - True if the privilege is enabled. - - - - Get the current user. - - - - - Get authentication ID for LOCAL SYSTEM - - - - - Get authentication ID for LOCAL SERVICE - - - - - Get authentication ID for NETWORK SERVICE - - - - - Get authentication ID for ANONYMOUS - - - - - Get a pseudo handle to the primary token. - - Only useful for querying information. - - - - Get a pseudo handle to the impersonation token. - - Only useful for querying information. - - - - Get a pseudo handle to the effective token. - - Only useful for querying information. - - - - Static methods to interact with the ETW subsystem. - - - - - Issue a trace control request. - - The trace control function code. - The optional input buffer. - The optional output buffer. - True to throw on error. - The output length. - - - - Issue a trace control request. - - The trace control function code. - The optional input buffer. - The optional output buffer. - The output length. - - - - Access rights for Trace - - - - - The security trace provider GUID. - - - - - The default security GUID. - - - - - Class to represent a kernel transaction. - - - - - Create a transaction - - The object attributes - Desired access for the handle - True to throw an exception on error. - Transaction creation options. - Optional description of the transaction. - Isolation flags. - Isolation level. - Optional transaction timeout. - Optional transaction manager. - Optional UOW. - The NT status code and object result. - - - - Create a transaction - - The object attributes - Desired access for the handle - Transaction creation options. - Optional description of the transaction. - Isolation flags. - Isolation level. - Optional transaction timeout. - Optional transaction manager. - Optional UOW. - The NT status code and object result. - - - - Create a transaction - - The object attributes - Desired access for the handle - True to throw an exception on error. - The NT status code and object result. - - - - Create a transaction - - The object attributes - Desired access for the handle - The opened transaction - - - - Create a transaction - - The path of the transaction - The root if path is relative - Desired access for the handle - Transaction creation options. - Optional description of the transaction. - Isolation flags. - Isolation level. - Optional transaction timeout. - Optional transaction manager. - Optional UOW. - True to throw an exception on error. - The opened transaction - - - - Create a transaction - - The path of the transaction - The root if path is relative - Desired access for the handle - Transaction creation options. - Optional description of the transaction. - Isolation flags. - Isolation level. - Optional transaction timeout. - Optional transaction manager. - Optional UOW. - The opened transaction - - - - Create a transaction - - The path of the transaction - The root if path is relative - Desired access for the handle - True to throw an exception on error. - The opened transaction - - - - Create a transaction - - The path of the transaction - The root if path is relative - Desired access for the handle - The opened transaction - - - - Create a transaction - - The path of the transaction - The root if path is relative - The opened transaction - - - - Create a transaction - - The path of the transaction - The opened transaction - - - - Create a transaction - - The opened transaction - - - - Open a transaction object. - - The object attributes for the object - The desired access for the object - Optional transaction manager. - UOW Guid. - True to throw an exception on error. - The NT status code and object result. - - - - Open a transaction object. - - The object attributes for the object - The desired access for the object - Optional transaction manager. - UOW Guid. - The object result. - - - - Open a transaction object. - - The desired access for the object - Optional transaction manager. - UOW Guid. - The object result. - - - - Open a transaction object. - - Optional transaction manager. - UOW Guid. - The object result. - - - - Open a transaction object. - - UOW Guid. - The object result. - - - - Get a list of all accessible transaction objects. - - The object attributes for the object - Optional transaction manager. - The access for the transaction objects. - The list of all accessible transaction objects. - - - - Get a list of all accessible transaction objects. - - The access for the transaction objects. - The list of all accessible transaction objects. - - - - Get a list of all accessible transaction objects. - - The list of all accessible transaction objects. - - - - Get the current thread's transaction. - - - - - Commit the transaction - - Wait for transaction to commit. - True to throw an exception on error. - The NT status code. - - - - Commit the transaction - - Wait for transaction to commit. - - - - Commit the transaction - - - - - Rollback the transaction - - Wait for transaction to rollback. - True to throw an exception on error. - The NT status code. - - - - Rollback the transaction - - Wait for transaction to rollback. - - - - Rollback the transaction - - - - - Enable the transaction for anything in the current thread context. - - The transaction context. This should be disposed to disable the transaction. - - - - Method to query information for this object type. - - The information class. - The buffer to return data in. - Return length from the query. - The NT status code for the query. - - - - Method to set information for this object type. - - The information class. - The buffer to set data from. - The NT status code for the set. - - - - Query the information class as an object. - - The information class. - True to throw on error. - The information class as an object. - - - - Get the ID of the transaction. - - - - - Get the Unit of Work ID of the transaction. Same as transaction ID. - - - - - Get the state of the transaction. - - - - - Get the outcome of the transaction. - - - - - Get or set the transaction description. - - - - - Get or set the transaction isolation level. - - - - - Get or set the transaction isolation flags. - - - - - Get or set transaction timeout. - - - - - Query list of enlistments for this transaction. - - - - - Query the superior enlistment for this transaction. - - - - - Class to represent a kernel transaction manager. - - - - - Create a new transaction manager object. - - The object attributes - Desired access for the handle - True to throw an exception on error. - The CLFS log file to create if not volatile. - Creation options flags. - Commit strength, set to 0. - The NT status code and object result. - - - - Create a new transaction manager object. - - The object attributes - Desired access for the handle - The CLFS log file to create if not volatile. - Creation options flags. - Commit strength, set to 0. - The object result. - - - - Create a new transaction manager object. - - The path to the transaction manager. - The root if path is relative. - Desired access for the handle - The CLFS log file to create if not volatile. - Creation options flags. - True to throw an exception on error. - The object result. - - - - Create a new transaction manager object. - - The path to the transaction manager. - The root if path is relative. - Desired access for the handle - The CLFS log file to create if not volatile. - Creation options flags. - The object result. - - - - Create a new volatile transaction manager object. - - The path to the transaction manager. - The root if path is relative. - Desired access for the handle - The object result. - - - - Create a new volatile transaction manager object. - - The path to the transaction manager. - The root if path is relative. - The object result. - - - - Create a new volatile transaction manager object. - - The path to the transaction manager. - The object result. - - - - Create a new volatile transaction manager object. - - The object result. - - - - Open a existing transaction manager object. - - The object attributes - Desired access for the handle - The CLFS log file to create if not volatile. - Identity of the transaction manager. - Open options flags. - True to throw an exception on error. - The NT status code and object result. - - - - Open a existing transaction manager object. - - The object attributes - Desired access for the handle - Identity of the transaction manager. - The CLFS log file to create if not volatile. - Open options flags. - The object result. - - - - Open an existing transaction manager object. - - The path to the transaction manager. - The root if path is relative. - Desired access for the handle - Identity of the transaction manager. - The CLFS log file to create if not volatile. - Open options flags. - True to throw an exception on error. - The object result. - - - - Open an existing transaction manager object. - - The path to the transaction manager. - The root if path is relative. - Desired access for the handle - Identity of the transaction manager. - The CLFS log file to create if not volatile. - Open options flags. - The object result. - - - - Open an existing transaction manager object. - - The path to the transaction manager. - The root if path is relative. - Desired access for the handle - The object result. - - - - Open an existing transaction manager object. - - The path to the transaction manager. - The root if path is relative. - The object result. - - - - Open an existing transaction manager object. - - The path to the transaction manager. - The object result. - - - - Rename transaction manager object. The new identity can be queried with the Identity property on the object. - - The path to the transaction log file. - The existing transaction manager identity. - True to throw an exception on error. - The NT status code - - - - Get a list of all accessible transaction manager objects. - - Object attributes for opened handle. - The access for the transaction manager objects. - Open options. - The list of all accessible transaction manager objects. - - - - Get a list of all accessible transaction manager objects. - - The access for the transaction manager objects. - The list of all accessible transaction manager objects. - - - - Get a list of all accessible transaction manager objects. - - The list of all accessible transaction manager objects. - - - - Get the Transaction Manager identity. - - - - - Get the Transaction Manager virtual clock. - - - - - Get the Transaction Manager log identity. - - - - - Get the Transaction Manager log path. - - - - - Get Transaction Manager last recovered Log Sequence Number. - - - - - Get whether the transaction manager is volatile. - - - - - Rename transaction manager object. The new identity can be queried with the Identity property on the object. - - True to throw an exception on error. - The NT status code - - - - Rename transaction manager object. The new identity can be queried with the Identity property on the object. - - - - - Recover the transaction manager. - - True to throw an exception on error. - The NT status code - - - - Recover the transaction manager. - - - - - Rollforward the transaction manager. - - Optional virtual block value to rollforward to. - True to throw an exception on error. - The NT status code - - - - Rollforward the transaction manager. - - True to throw an exception on error. - The NT status code - - - - Rollforward the transaction manager. - - Optional virtual block value to rollforward to. - - - - Rollforward the transaction manager. - - - - - Create a resource manager for this transaction manager. - - The resource manager GUID to assign. - Creation options. - True to throw on error. - The resource manager and NT status. - - - - Create a resource manager for this transaction manager. - - The resource manager GUID to assign. - Creation options. - The resource manager . - - - - Create a resource manager for this transaction manager. - - The resource manager GUID to assign. - The resource manager. - - - - Create a volatile resource manager for this transaction manager with a auto-generated GUID. - - The resource manager. - - - - Method to query information for this object type. - - The information class. - The buffer to return data in. - Return length from the query. - The NT status code for the query. - - - - Method to set information for this object type. - - The information class. - The buffer to set data from. - The NT status code for the set. - - - - Query the information class as an object. - - The information class. - True to throw on error. - The information class as an object. - - - - Get a list of all accessible transaction objects owned by this transaction manager. - - The access for the transaction objects. - The list of all accessible transaction objects. - - - - Get a list of all accessible transaction objects owned by this transaction manager. - - The list of all accessible transaction objects. - - - - Get a list of all accessible resource manager objects owned by this transaction manager. - - Object attributes for opened handle. - The access for the resource manager objects. - The list of all accessible resource manager objects. - - - - Get a list of all accessible resource manager objects owned by this transaction manager. - - The access for the resource manager objects. - The list of all accessible resource manager objects. - - - - Get a list of all accessible resource manager objects owned by this transaction manager. - - The list of all accessible resource manager objects. - - - - General utilities for the kernel transaction manager. - - - - - Enumerate transaction objects of a specific type from a root handle. - - The root handle to enumearate from. - The type of object to query. - The list of enumerated transaction object GUIDs. - - - - Enumerate all transaction objects of a specific type. - - The type of object to query. - The list of enumerated transaction object GUIDs. - - - - Freeze all transactions. Needs SeRestorePrivilege. - - The freeze wait timeout. - The thaw wait timeout. - Throw exception on error. - The NT status code. - - - - Freeze all transactions. Needs SeRestorePrivilege. - - The freeze wait timeout. - The thaw wait timeout. - - - - Thaw transactions. Needs SeRestorePrivilege. - - Throw exception on error. - The NT status code. - - - - Thaw transactions. Needs SeRestorePrivilege. - - The NT status code. - - - - Class representing an NT object type - - - - - The name of the type - - - - - The mapping from generic to specific object rights - - - - - The valid access mask - - - - - True if the object needs security even if unnamed - - - - - Total number of objects (when originally retrieved) - - - - - Total number of handles (when originally retrieved) - - - - - Total paged pool usage (when originally retrieved) - - - - - Total non-paged pool usage (when originally retrieved) - - - - - Total name pool usage (when originally retrieved) - - - - - Total handle table usage (when originally retrieved) - - - - - Maximum number of objects (when originally retrieved) - - - - - Maximum number of handles (when originally retrieved) - - - - - Maximum paged pool usage (when originally retrieved) - - - - - Maximum non-paged pool usage (when originally retrieved) - - - - - Maximum name pool usage (when originally retrieved) - - - - - Maximum handle table usage (when originally retrieved) - - - - - The attributes flags which are invalid - - - - - Indicates whether handle count is mainted - - - - - Indicates the type list maintained - - - - - Indicates the type of pool used in allocations - - - - - Current paged pool usage - - - - - Current non-pages pool usage - - - - - Type Index - - - - - Generic Read Access rights - - - - - Generic Read Access rights - - - - - Generic Read Access rights - - - - - Generic Read Access rights - - - - - Get the maximum access mask for the type's default mandatory access policy. - - - - - Get implemented object type for this NT type. - - - - - Get the access rights enumerated type for this NT type. - - - - - Get the access rights enumerated type for this NT type if it's a container. - - There's only one known type at the moment which uses this, File. - - - - Can this type of open be opened by name - - - - - Get the valid access rights for this Type. - - - - - Get the valid read access rights for this Type. - - - - - Get the valid write access rights for this Type. - - - - - Get the valid execute access rights for this Type. - - - - - Get the valid all access rights for this Type. - - - - - Get the valid mandatory access rights for this Type. - - - - - Get defined query information classes for a type. - - - - - Get defined set information classes for a type. - - - - - Open this NT type by name (if CanOpen is true) - - The object attributes to open. - Desired access when opening. - True to throw an exception on error. - The NT status code and object result. - - - - Open this NT type by name (if CanOpen is true) - - The name of the object to open. - The root object for opening, if name is relative - Desired access when opening. - The created object. - Thrown on error - - - - Open this NT type by name (if CanOpen is true) - - The name of the object to open. - The root object for opening, if name is relative - The created object. - Thrown on error - - - - Open this NT type by name (if CanOpen is true) - - The name of the object to open. - The created object. - Thrown on error - - - - Get object from an existing handle. - - The existing handle. - The new object. - - - - Get object from an existing handle. - - The existing handle. - True to own the handle. - The new object. - - - - Get object from an existing handle. - - The existing handle. - The call doesn't own the handle. The returned object can't be used to close the handle. - The new object. - - - - Convert an enumerable access rights to a string - - True to use the container access type. - The granted access mask. - True to try and convert to generic rights where possible. - Set to true to use SDK style names. - The string format of the access rights - - - - Convert an enumerable access rights to a string - - True to use the container access type. - The granted access mask. - True to try and convert to generic rights where possible. - The string format of the access rights - - - - Convert an enumerable access rights to a string - - The granted access mask. - True to try and convert to generic rights where possible. - The string format of the access rights - - - - Convert an enumerable access rights to a string - - The granted access mask. - The string format of the access rights - - - - Checks if an access mask represents a read permission on this type - - The access mask to check - True if it has read permissions - - - - Checks if an access mask represents a write permission on this type - - The access mask to check - True if it has write permissions - - - - Checks if an access mask represents a execute permission on this type - - The access mask to check - True if it has execute permissions - - - - Checks if an access mask represents a full permission on this type - - The access mask to check - True if it has full permissions - - - - Map generic access rights to specific access rights for this type - - The access mask to map - The mapped access mask - - - - Unmap specific access rights to generic access rights for this type - - The access mask to unmap - The unmapped access mask - - - - Checks if an access mask is valid for access of this object type. - - The access mask to check - True if it valid access - - - - Get the maximum access mask for the type's default mandatory access policy. - - The allowed access mask for the type with the default policy. - - - - Overridden ToString method. - - Returns the type as a string. - - - - Create an NtType object by name. - - The name of the NT type. - This will always return a cached type. - Invalid NT type name. - - - - Get a type object by index - - The index - The object type, null if not found - - - - Get a type object by index - - The index, must be >= 0. - True to get a cached type, false to return a live types. - The object type, null if not found - - - - Get a type object by name - - The name of the type - True to create a fake type if needed. - True to get a cached type, false to return a live types. - The object type, null if not found - - - - Get a type object by name - - The name of the type - True to create a fake type if needed. - The object type, null if not found - - - - Get a type object by name - - The name of the type - The object type, null if not found - - - - Get a type object by a kernel handle. - - The kernel handle. - True to create a fake type if needed. - The object type, null if not found - - - - Get an NT type based on the implemented .NET type. - - A type derived from NtObject - True to get a cached type, false to return a live types. - The NtType represented by this .NET type. Note if a type is represented with multiple - names only return the first one we find. - Thrown if there exists no .NET type which maps to this type. - - - - Get an NT type based on the implemented .NET type. - - A type derived from NtObject - The NtType represented by this .NET type. Note if a type is represented with multiple - names only return the first one we find. - Thrown if there exists no .NET type which maps to this type. - - - - Get a fake type object. This can be used in access checking for operations which need an NtType object - but there's no real NT object. - - The name of the fake type. Informational only. - The GENERIC_MAPPING for security checking. - The access rights enumeration type. - The access rights enumeration type of the object is a container. - The mandatory label policy. - The fake NT type object. - - - - Get a fake type object. This can be used in access checking for operations which need an NtType object - but there's no real NT object. - - The name of the fake type. Informational only. - The GENERIC_MAPPING for security checking. - The access rights enumeration type. - The access rights enumeration type of the object is a container. - The fake NT type object. - - - - Get a fake type object. This can be used in access checking for operations which need an NtType object - but there's no real NT object. - - The name of the fake type. Informational only. - The GENERIC_MAPPING for security checking. - The access rights enumeration type. - The fake NT type object. - - - - Get a fake type object. This can be used in access checking for operations which need an NtType object - but there's no real NT object. - - The name of the fake type. Informational only. - The GENERIC_READ for security checking. - The GENERIC_WRITE for security checking. - The GENERIC_EXECUTE for security checking. - The GENERIC_ALL for security checking. - The access rights enumeration type. - The access rights enumeration type of the object is a container. - The fake NT type object. - - - - Get a fake type object. This can be used in access checking for operations which need an NtType object - but there's no real NT object. - - The name of the fake type. Informational only. - The GENERIC_READ for security checking. - The GENERIC_WRITE for security checking. - The GENERIC_EXECUTE for security checking. - The GENERIC_ALL for security checking. - The access rights enumeration type. - The fake NT type object. - - - - Get a list of all types. - - The list of types. - - - - Get a list of all types. - - True to get the cached list of types, false to return a live list of all types. - True to include fake types such as WNF or Service - The list of types. - - - - Get a list of all types. - - True to get the cached list of types, false to return a live list of all types. - The list of types. - - - - Get the NT type from a path. - - The object manager path. - Optional root object. - The NT type. Returns null if not available or unknown. - - - - Converted user process parameters. - - - - - Static class to access virtual memory functions of NT. - - - - - Query section name, - - The process to query from. - The base address to query. - True to throw on error - The result of the query. - - - - Query section name, - - The process to query from. - The base address to query. - The result of the query. - - - - Query memory information for a process. - - The process to query. - The base address. - True to throw on error. - The memory information for the region. - Thrown on error. - - - - Query memory information for a process. - - The process to query. - The base address. - The memory information for the region. - Thrown on error. - - - - Query all memory information regions in process memory. - - The list of memory regions. - Thrown on error. - - - - Query a list of mapped files in a process. - - The process to query. - The list of mapped images - Thrown on error. - - - - Read memory from a process. - - The process to read from. - The base address in the process. - The length to read. - The array of bytes read from the location. - If a read is short then returns fewer bytes than requested. - Thrown on error. - - - - Write memory to a process. - - The process to write to. - The base address in the process. - The data to write. - The number of bytes written to the location - Thrown on error. - - - - Read structured memory from a process. - - The process to read from. - The base address in the process. - The read structure. - Thrown on error. - Type of structure to read. - - - - Write structured memory to a process. - - The process to write to. - The base address in the process. - The data to write. - Thrown on error. - Type of structure to write. - - - - Read structured memory array from a process. - - The process to read from. - The base address in the process. - The number of elements in the array to read. - The read structure. - Thrown on error. - Type of structure to read. - - - - Write structured memory array to a process. - - The process to write to. - The base address in the process. - The data array to write. - Thrown on error. - Type of structure to write. - - - - Allocate virtual memory in a process. - - The process to allocate in. - Optional base address, if 0 will automatically select a base. - The region size to allocate. - The type of allocation. - The allocation protection. - True to throw on error. - The address of the allocated region. - Thrown on error. - - - - Allocate virtual memory in a process. - - The process to allocate in. - Optional base address, if 0 will automatically select a base. - The region size to allocate. - The type of allocation. - The allocation protection. - The address of the allocated region. - Thrown on error. - - - - Free virtual emmory in a process. - - The process to free in. - Base address of region to free - The size of the region. - The type to free. - Thrown on error. - - - - Free virtual emmory in a process. - - The process to free in. - Base address of region to free - The size of the region. - The type to free. - True to throw on error. - Thrown on error. - - - - Change protection on a region of memory. - - The process to change memory protection - The base address - The size of the memory region. - The new protection type. - The old protection for the region. - Thrown on error. - - - - Change protection on a region of memory. - - The process to change memory protection - The base address - The size of the memory region. - The new protection type. - True to throw on error. - The old protection for the region. - Thrown on error. - - - - Query working set information for an address in a process. - - The process to query. - The base address to query. - True to throw on error - The working set information. - Thrown on error. - - - - Query working set information for an address in a process. - - The process to query. - The base address to query. - The working set information. - Thrown on error. - - - - Query image information for an address in a process. - - The process to query. - The base address to query. - True to throw on error - The image information. - Thrown on error. - - - - Query image information for an address in a process. - - The process to query. - The base address to query. - The image information. - Thrown on error. - - - - Determine if two addresses are the same mapped file. - - The first address. - The second address. - True to throw on error. - True if the mapped memory is the same file. - - - - Determine if two addresses are the same mapped file. - - The first address. - The second address. - True if the mapped memory is the same file. - - - - Flush instruction cache. - - The process to flush the cache in. - The address to flush. - The number of bytes to flush/ - True to throw on error. - The NT status code. - - - - Flush instruction cache. - - The process to flush the cache in. - The address to flush. - The number of bytes to flush/ - - - - Native Wait methods. - - - - - Wait on a single object to become signaled - - The object to wait on - Whether the thread should be alertable - The timeout to wait for - The success status of the wait, such as STATUS_SUCCESS or STATUS_TIMEOUT - - - - Wait on multiple objects to become signaled - - The objects to wait on - Whether the thread should be alerable - True to wait for all objects to be signaled - The timeout to wait for - The success status of the wait, such as STATUS_WAIT_OBJECT_0 or STATUS_TIMEOUT - - - - Signal an object then wait for another to become signaled. - - The object to signal - The object to wait on. - Whether the thread should be alertable - The timeout to wait for - The success status of the wait, such as STATUS_SUCCESS or STATUS_TIMEOUT - - - - A .NET wait handle to use for interop. - - - - - Create a .NET wait handle from an object. - - The object to create the wait handle on - - - - Wait asynchronously for the handle to be signaled. - - Timeout in milliseconds. - Cancellation token for wait. - A task to wait on. If result is true then event was signaled. - - - - Wait asynchronously for the handle to be signaled. - - Timeout in milliseconds. - A task to wait on. If result is true then event was signaled. - - - - Wait asynchronously for the handle to be signaled. - Will wait an infinite time. - - A task to wait on. - - - - Class to represent an NT timeout - - - - - Get a timeout which will wait indefinitely. - - - - - Get a relative timeout in seconds. - - The number of seconds to wait. - An instance of the timeout class. - - - - Get a relative timeout in milliseconds. - - The number of milliseconds to wait. - An instance of the timeout class. - - - - Get an absolute time out from system start. - - The absolute time to wait until. - An instance of the timeout class. - - - - Get a relative time out from the current time. - - The relative time to wait in units of 100ns. - An instance of the timeout class. - - - - Create an absolute wait timeout from a datetime. - - The time for the timeout to complete. - An instance of the timeout class. - - - - The timeout as a long. - - - - - Overridden ToString method. - - The timeout as a string. - - - - Well-known IO Control codes. - - - - - Convert a control code to a known name. - - The control code. - The known name, or an empty string. - - - - Get a list of known control codes. - - The list of known control codes. - - - - Get a list of known control codes. - - The control code. - Thrown if can't find name. - - - - Structure to represent a Window. - - - - - The Window Handle. - - - - - Get Process ID for the Window. - - - - - Get the Thread ID for the Window. - - - - - Get the real owner Process ID of the Window. - - - - - Get the class name for the Window. - - - - - Send a message to the Window, Unicode. - - The message to send. - The WPARAM. - The LPARAM. - The send result. - - - - Send a message to the Window, ANSI. - - The message to send. - The WPARAM. - The LPARAM. - The send result. - - - - Post a message to the Window, Unicode. - - The message to send. - The WPARAM. - The LPARAM. - True to throw on error. - The send result. - - - - Post a message to the Window, Unicode. - - The message to send. - The WPARAM. - The LPARAM. - The send result. - - - - Send a message to the Window, ANSI. - - The message to send. - The WPARAM. - The LPARAM. - True to throw on error. - The send result. - - - - Send a message to the Window, ANSI. - - The message to send. - The WPARAM. - The LPARAM. - The send result. - - - - Constructor. - - Window handle. - - - - Constructor. - - Window handle. - - - - Get the NULL window handle. - - - - - Get the desktop window. - - - - - Get the broadcast window. - - - - - Get all Top Level windows. - - - - - Enumerate window handles. - - Desktop containing the Windows. Optional. - The parent Window. Optional. - True to enumerate child Windows. - Hide immersive Windows. - The thread ID that owns the Window. - True to throw on error. - The enumerated Window Handles. - - - - Enumerate window handles. - - Desktop containing the Windows. Optional. - The parent Window. Optional. - True to enumerate child Windows. - Hide immersive Windows. - The thread ID that owns the Window. - The enumerated Window Handles. - - - - Class which represents a window station object. - - - - - Open a window station by name. - - The object attributes for opening. - Desired access. - True to throw on error. - The instance of the window station - Thrown on error. - - - - Open a window station by name. - - The object attributes for opening. - Desired access. - The instance of the window station - Thrown on error. - - - - Open a window station by name. - - The name of the window station - Optional root object - The instance of the window station - Thrown on error. - - - - Open a window station by name. - - - The instance of the window station - Thrown on error. - - - - Create a Window Station by name. - - Object attributes for the Window Station. - Desired access for the Window Station. - Path to Keyboard DLL e.g. kbusa.dll. - Locale ID, e.g. 0x4090409. - Language ID e.g. 0x409. - True to throw on error. - The Window Station. - - - - Create a Window Station by name. - - Object attributes for the Window Station. - Desired access for the Window Station. - Path to Keyboard DLL e.g. kbusa.dll. - Locale ID, e.g. 0x4090409. - Language ID e.g. 0x409. - The Window Station. - - - - Create a Window Station by name. - - The name of the Window Station. - The Window Station. - - - - Get a list of desktops for this Window Station. - - - - - Enumerate name of Window Stations in current session. - - - - - Get a list of accessible Window Station objects. - - The desired access for the Window Stations. - The list of desktops. - - - - Get a list of accessible Window Station objects. - - The list of desktops. - - - - Get a list of accessible desktop objects. - - The desired access for the desktops. - The list of desktops. - - - - Get a list of accessible desktop objects. - - The list of desktops. - - - - Close the Window Stations. This is different from normal Close as it destroys the Window Station. - - True to throw on error. - The NT status. - - - - Set the Window Station for the Process. - - True to throw on error. - The NT status. - - - - Open the current process Window Station. - - True to throw on error. - The instance of the window station - The returned object is no owned by the caller. - Thrown on error. - - - - Open the current process Window Station. - - - - - Get the Window Station directory for a session. - - The session ID. - The path to the Window Station directory. - - - - Get the Window Station directory for the current session. - - The path to the Window Station directory. - - - - NT WNF object. - - - - - Get the generic mapping for a - - - - - Fake NT type name for WNF. - - - - - Create a new WNF state name. - - The lifetime of the name. - The scope of the data. - Whether to persist data. - Optional type ID. - Maximum state size. - Mandatory security descriptor. - True to throw on error. - The created object. - - - - Kernel derived key which is used to mask the state name. - - - - - Create a new WNF state name. - - The lifetime of the name. - The scope of the data. - Whether to persist data. - Optional type ID. - Maximum state size. - Mandatory security descriptor. - The created object. - - - - Open a state name. Doesn't check if it exists. - - The statename to open. - True to check state name exists. - True to throw on error. - The created object. - - - - Open a state name. Doesn't check if it exists. - - The statename to open. - True to check state name exists. - The created object. - - - - Open a state name. Doesn't check if it exists. - - The statename to open. - The created object. - - - - Open a state name. Doesn't check if it exists. - - The name to open. - True to check state name exists. - The created object. - - - - Open a state name. Doesn't check if it exists. - - The name to open. - The created object. - - - - Get registered notifications. - - The list of registered notifications. - - - - Get the state name for this WNF entry. - - - - - The state name decoded. - - - - - Get the associated lifetime for the state name. - - - - - Version of the WNF state name. - - - - - Data scope of WNF state name. - - - - - Is WNF state name persistent. - - - - - Unique identifier of WNF state name, - - - - - Get if the state has subscribers. - - - - - Get the security descriptor for this object, if known. - - - - - Get a name for the WNF notification. - - - - - Query state data for the WNF object. - - Optional Type ID. - Optional explicit scope. - True to throw on error. - The state data. - - - - Query state data for the WNF object. - - Optional Type ID. - Optional explicit scope. - The state data. - - - - Query state data for the WNF object. - - The state data. - - - - Update state data for the WNF object. - - The data to set. - Optional Type ID. - Optional explicit scope. - Optional matching changestamp. - True to throw on error. - The status from the update. - - - - Update state data for the WNF object. - - The data to set. - - - - Delete the state data for the WNF object. - - Optional explicit scope. - True to throw on error. - The NT status code. - - - - Delete the state data for the WNF object. - - Optional explicit scope. - - - - Delete the state data for the WNF object. - - - - - Overridden ToString method. - - The string representation. - - - - Get dictionary of well known WNF state names. - - This was dumped from perf_nt_c.dll 10.0.18362.1 using https://github.com/ionescu007/wnfun. - - - - Get the state name to name mappings. - - - - - Get the name to state name mappings. - - - - - Get the name of a state name if known. - - The state name. - The name of the state name, or null if unknown. - - - - Flags for OBJECT_ATTRIBUTES - - - - - None - - - - - Handle is protected from closing. - - - - - The handle created can be inherited - - - - - Audit handle close. - - - - - The object created is marked as permanent - - - - - The object must be created exclusively - - - - - The object name lookup should be done case insensitive - - - - - Open the object if it already exists - - - - - Open the object as a link - - - - - Create as a kernel handle (not used in user-mode) - - - - - Force an access check to occur (not used in user-mode) - - - - - Ignore impersonated device map when looking up object - - - - - Fail if a reparse is encountered - - - - - A class which represents OBJECT_ATTRIBUTES - - - - - Constructor. Sets flags to None - - - - - Constructor - - The name of the object - Attribute flags - - - - Constructor - - The name of the object - Attribute flags - A root object to lookup a relative path - - - - Constructor - - Attribute flags - - - - Constructor - - The name of the object - - - - Constructor - - An object ID. - The object attribute flags. - An optional root handle, can be SafeKernelObjectHandle.Null. Will duplicate the handle. - An optional security quality of service. - An optional security descriptor. - - - - Constructor - - The object name, can be null. - The object attribute flags. - An optional root handle, can be SafeKernelObjectHandle.Null. Will duplicate the handle. - An optional security quality of service. - An optional security descriptor. - - - - Constructor - - The object name, can be null. - The object attribute flags. - An optional root handle, Will duplicate the handle. - An optional security quality of service. - An optional security descriptor. - - - - Create an Object Attributes structure with a raw name. Useful for Object ID handling. - - The name of the object in raw bytes. - The object attribute flags. - An optional root handle, Will duplicate the handle. - An optional security quality of service. - An optional security descriptor. - The created object attributes. - - - - Dispose - - - - - Object type entry for an access check. - - - - - The object level. - - - - - The object type GUID. - - - - - The name of the object. - - - - - Constructor. - - - - - Constructor. - - The object type GUID. - The object level. - The name of the object type entry. - - - - Constructor. - - The object type GUID. - The object level. - - - - Constructor. - - The object type GUID. - - - - Overridden ToString method. - - The object formatted. - - - - This class allows a function to specify an optional Guid - - - - - Optional Guid - - - - - Constructor - - The GUID to initialize - - - - Constructor - - - - - Implicit conversion - - The value - - - - This class allows a function to specify an optional uint16. - - - - - Optional value - - - - - Constructor - - The value - - - - Constructor - - - - - Implicit conversion - - The value - - - - This class allows a function to specify an optional int32. - - - - - Optional value - - - - - Constructor - - The value - - - - Constructor - - - - - Implicit conversion - - The value - - - - This class allows a function to specify an optional int64. - - - - - Optional value - - - - - Constructor - - The value - - - - Constructor - - - - - Implicit conversion - - The value - - - - This class allows a function to specify an optional length as a SizeT - - - - - Optional length - - - - - Constructor - - The length value - - - - Constructor - - The length value - - - - Constructor - - The length value - - - - Implicit conversion - - The length value - - - - This class allows a function to specify an optional pointer. - - - - - Optional length - - - - - Constructor - - The value - - - - Constructor - - - - - Implicit conversion - - The value - - - - Optional value. - - - - - Optional value. - - - - - Constructor - - The value - - - - Constructor - - - - - Implicit conversion - - The value. - - - - Optional value. - - - - - Optional value. - - - - - Constructor - - The value - - - - Constructor - - - - - Implicit conversion - - The value. - - - - Optional value. - - - - - Optional value. - - - - - Constructor - - The value - - - - Constructor - - - - - Implicit conversion - - The value. - - - - Optional value. - - - - - Optional value. - - - - - Constructor - - The value - - - - Constructor - - - - - Implicit conversion - - The value. - - - - The result of a privilege check. - - - - - The list of privileges from the result. - - - - - The list of enabled privileges. - - - - - True indicates all privileges were held. - - - - - A single process module. - - - - - The module section. - - - - - Mapped base. - - - - - Image base. - - - - - Image size. - - - - - Flags. - - - - - Load order index. - - - - - Init order index. - - - - - Load count. - - - - - Full path name. - - - - - File name. - - - - - Reparse Tag value. - - - - - Base class for a reparse buffer. - - - - - The reparse tag in the buffer. - - - - - Function to initialize this class by parsing the reparse buffer data (not including header). - - The length of the data to read. - The stream to read from. - - - - Get reparse buffer data as a byte array (not including header). - - The reparse buffer data. - - - - Constructor. - - The reparse tag to assign. - - - - Get a reparse buffer from a byte array. - - The byte array to parse - The reparse buffer. - - - - Get a reparse buffer from a byte array. - - The byte array to parse - True to return an opaque buffer if - the tag isn't known, otherwise try and parse as a generic buffer - The reparse buffer. - - - - Convert reparse buffer to a byte array in REPARSE_DATA_BUFFER format. - - The reparse buffer as a byte array. - - - - Convert reparse buffer to a byte array in the REPARSE_DATA_BUFFER_EX format. - - Flags for the buffer. - Existing GUID to match against. - Existing tag to matcha against. - The reparse buffer as a byte array. - - - - Get if a reparse tag is a Microsoft defined one. - - - - - Get if a reparse tag is a name surrogate. - - True if it's a surrogate reparse tag. - - - - Get if a reparse tag is a directory. - - - - - Generic GUID reparse buffer. - - - - - Constructor. - - The reparse tag. - The reparse GUID - Additional reparse data. - - - - Constructor. - - The reparse tag. - The reparse GUID - Additional reparse data. - - - - The reparse GUID. - - - - - Additional reparse data. - - - - - Get reparse buffer data as a byte array (not including header). - - The reparse buffer data. - - - - Function to initialize this class by parsing the reparse buffer data (not including header). - - The length of the data to read. - The stream to read from. - - - - Reparse buffer with an opaque data blob. - - - - - Constructor. - - The reparse tag. - The opaque data blob. - - - - The opaque data blob. - - - - - Get reparse buffer data as a byte array (not including header). - - The reparse buffer data. - - - - Function to initialize this class by parsing the reparse buffer data (not including header). - - The length of the data to read. - The stream to read from. - - - - Reparse buffer for an NTFS mount point. - - - - - Constructor. - - Substitution name to reparse to when accessing mount point. - Printable name for the mount point. - - - - Substitution name to reparse to when accessing mount point. - - - - - Printable name for the mount point. - - - - - Function to initialize this class by parsing the reparse buffer data (not including header). - - The length of the data to read. - The stream to read from. - - - - Get reparse buffer data as a byte array (not including header). - - The reparse buffer data. - - - - Symlink flags. - - - - - None. - - - - - Substitution name is relative to the symlink. - - - - - Reparse buffer for an NTFS symlink. - - - - - Constructor. - - Substitution name to reparse to when accessing symlink. - Printable name for the symlink. - Symlink flags. - - - - Constructor. - - Substitution name to reparse to when accessing symlink. - Printable name for the symlink. - Symlink flags. - Create a global symlink rather than a normal symlink. - - - - Substitution name to reparse to when accessing symlink. - - - - - Printable name for the symlink. - - - - - Symlink flags. - - - - - Function to initialize this class by parsing the reparse buffer data (not including header). - - The length of the data to read. - The stream to read from. - - - - Get reparse buffer data as a byte array (not including header). - - The reparse buffer data. - - - - Application type for execution alias. - - - - - Desktop bridge application. - - - - - UWP type 1 - - - - - UWP type 2 - - - - - UWP type 3 - - - - - Reparse buffer for an execution alias. - - - - - The execution alias version. - - - - - The name of the application package. - - - - - The entry point in the package. - - - - - The target executable. - - - - - Application type for the alias. - - - - - Flags, obsolete. - - - - - Constructor. - - The execution alias version. - The name of the application package. - The entry point in the package. - The target executable. - Apptype for the alias. - - - - Get reparse buffer data as a byte array (not including header). - - The reparse buffer data. - - - - Function to initialize this class by parsing the reparse buffer data (not including header). - - The length of the data to read. - The stream to read from. - - - - Safe buffer for an ALPC data view. - - - - - Flags for the data view. - - - - - Get the port section handle. - - - - - Convert the section view to a message attribute. - - The message attribute. - - - - Release the data view handle. - - True if successfully released. - - - - Safe buffer to contain an ALPC port message. - - - - - Constructor. - - The port message header. - The total length of allocated memory excluding the header. - - - - Constructor. Creates a receive buffer with a set length. - - The total length of allocated memory excluding the header. - - - - Get a NULL safe buffer. - - - - - Detaches the current buffer and allocates a new one. - - The detached buffer. - The original buffer will become invalid after this call. - - - - Safe handle for a port section. - - - - - Release handle. - - True if handle released successfully. - - - - Safe handle for an ALPC security context. - - - - - Attribute flags. - - - - - Security quality of service. - - - - - Get the security context as a message attribute. - - The message attribute. - - - - Get whether handle is invalid. - - - - - Release handle. - - True if handle released successfully. - - - - Revoke the security context attribute. - - True to throw on error. - The NT status code. - - - - Revoke the security context attribute. - - - - - Safe buffer to contain a list of structures. - - - - - The count of elements of the array. - - - - - Constructor. - - Array of elements. - Additional data to place after the array. - - - - Constructor. - - Array of elements. - - - - Get a reference to the additional data. - - - - - Get a NULL safe array buffer. - - - - - Dispose buffer. - - True if disposing. - - - - Safe buffer which acts as a base class for all other SafeBuffer types in the library. - - - - - Constructor - - Size of the buffer. - An existing pointer to a buffer. - Specify whether safe handle owns the buffer. - Inidicates if the underlying buffer is writable. - - - - Constructor - - Size of the buffer. - An existing pointer to a buffer. - Specify whether safe handle owns the buffer. - - - - Length of the allocation. - - - - - Length of the allocation as a long. - - - - - Get the length as an IntPtr - - - - - Convert the safe handle to an array of bytes. - - The data contained in the allocaiton. - - - - Read a NUL terminated string for the byte offset. - - The byte offset to read from. - The string read from the buffer without the NUL terminator - - - - Read a NUL terminated string - - The string read from the buffer without the NUL terminator - - - - Read a NUL terminated ANSI string for the byte offset. - - The byte offset to read from. - Text encoding for the string. - The string read from the buffer without the NUL terminator - - - - Read a NUL terminated ANSI string - - Text encoding for the string. - The string read from the buffer without the NUL terminator - - - - Read a NUL terminated ANSI string for the byte offset. - - The byte offset to read from. - The string read from the buffer without the NUL terminator - - - - Read a NUL terminated ANSI string - - The string read from the buffer without the NUL terminator - - - - Read a unicode string from the buffer. - - The offset into the buffer to read. - The number of characters to read. - The read unicode string. - - - - Read a unicode string from the buffer. - - The number of characters to read. - The read unicode string. - - - - Write a unicode string to the buffer. - - The offset into the buffer to write. - The value to write. - - - - Write a unicode string to the buffer. - - The value to write. - - - - Read an array of bytes from the buffer. - - The offset into the buffer. - The number of bytes to read. - The read bytes. - - - - Read an array of bytes from the buffer. - - The number of bytes to read. - The read bytes. - - - - Write an array of bytes to the buffer. - - The offset into the buffer. - The bytes to write. - - - - Write an array of bytes to the buffer. - - The bytes to write. - - - - Read array from the buffer. - - The type to read. - The offset into the buffer. - The number of elements to read. - The read array. - - - - Read an array of complex structures which can contain references. Doing this from a buffer is a dangerous operation. - - The buffer type. - The offset into the buffer. - The number of elements. - The array structures. - This doesn't bounds check the buffer size for the array or embedded structures so could easily crash the application. - - - - Zero an entire buffer. - - - - - Fill an entire buffer with a specific byte value. - - The fill value. - - - - Get a structured buffer object at a specified offset. - - The type of structure. - The offset into the buffer. - The structured buffer object. - - - - Get the buffer as a memory stream - - - - - - Create a view accessor over the full buffer. - - The view accessor. - - - - Create a view accessor. - - Offset into the buffer - Size of view. - The view accessor. - - - - Create a view accessor. - - Offset into the buffer - Size of view. - True to make the view writable. False for read-only - The view accessor. - - - - A safe handle to an allocated global buffer. - - - - - Constructor - - Size of the buffer to allocate. - - - - Constructor - - The length of data to allocate. - The total length to reflect in the Length property. - - - - Constructor - - Size of the buffer. - An existing pointer to an existing HGLOBAL allocated buffer. - Specify whether safe handle owns the buffer. - - - - Constructor - - Initialization data for the buffer. - - - - Get a buffer which represents NULL. - - - - - Resize the SafeBuffer. - - - - - - Overridden ReleaseHandle method. - - True if successfully released the memory. - - - - Detaches the current buffer and allocates a new one. - - The detached buffer. - The original buffer will become invalid after this call. - - - - Detaches the current buffer and allocates a new one. - - Specify a new length for the detached buffer. Must be <= Length. - The detached buffer. - The original buffer will become invalid after this call. - - - - Non-generic buffer to hold an IO_STATUS_BLOCK. - - - - - Constructor. - - - - - Get a buffer which represents NULL. - - - - - Safe handle which represents a kernel handle. - - - - - Constructor. - - An existing kernel handle. - True to own the kernel handle. - - - - Overridden ReleaseHandle method. - - True if successfully released the handle. - - - - Overridden IsInvalid method. - - - - - Get a handle which represents NULL. - - - - - Get or set whether the handle is inheritable. - - - - - Get or set whether the handle is protected from closing. - - - - - Get the NT type name for this handle. - - The NT type name. - - - - Overridden ToString method. - - The handle as a string. - - - - Class which is allocated from the process heap. - - - - - Constructor - - Size of the buffer to allocate. - - - - Constructor - - Initialization data for the buffer. - - - - Constructor - - The length of data to allocate. - The total length to reflect in the Length property. - - - - Constructor - - Size of the buffer. - An existing pointer to an existing HGLOBAL allocated buffer. - Specify whether safe handle owns the buffer. - - - - Get a buffer which represents NULL. - - - - - Overridden ReleaseHandle method. - - True if successfully released the memory. - - - - Detaches the current buffer and allocates a new one. - - The detached buffer. - The original buffer will become invalid after this call. - - - - Detaches the current buffer and allocates a new one. - - Specify a new length for the detached buffer. Must be <= Length. - The detached buffer. - The original buffer will become invalid after this call. - - - - Safe SID buffer. - - This is used to return values from the RTL apis which need to be freed using RtlFreeSid - - - - Safe handle for an in/out structure buffer. - - The type of structure as the base of the memory allocation. - - - - Constructor - - Structure value to initialize the buffer. - - - - Constructor, initializes buffer with a default structure. - - - - - Constructor - - Size of the buffer. - An existing pointer to an existing HGLOBAL allocated buffer. - Specify whether safe handle owns the buffer. - - - - Constructor - - Additional data to add to structure buffer. - If true additional_size is added to structure size, otherwise reflects the total size. - An existing pointer to an existing HGLOBAL allocated buffer. - Specify whether safe handle owns the buffer. - - - - Constructor, initializes buffer with a default structure. - - Additional data to add to structure buffer. - If true additional_size is added to structure size, otherwise reflects the total size. - - - - Constructor - - Structure value to initialize the buffer. - Additional data to add to structure buffer. - If true additional_size is added to structure size, otherwise reflects the total size. - - - - Get a buffer which represents NULL. - - - - - Overridden ReleaseHandle method. - - True if successfully released the memory. - - - - Get or set the result structure in the memory buffer. - - - - - Get a reference to the additional data. - - - - - Detaches the current buffer and allocates a new one. - - The detached buffer. - The original buffer will become invalid after this call. - - - - Detaches the current buffer and allocates a new one. - - Specify a new length for the detached buffer. Must be <= Length. - The detached buffer. - The original buffer will become invalid after this call. - - - - Safe buffer for a list of Token groups. - - - - - Constructor. - - The list of SID and attributes. - The list of allocated SIDs. - - - - NULL safe buffer. - - - - - Create a buffer from a list of groups. - - The group list. - The safe buffer. - - - - Dispose. - - True if disposing. - - - - Safe buffer for token privileges. - - - - - Constructor. - - List of privileges. - - - - NULL safe buffer. - - - - - Security descriptor control flags. - - - - - Security descriptor. - - - - - Discretionary access control list (can be null) - - - - - System access control list (can be null) - - - - - Owner (can be null) - - - - - Group (can be null) - - - - - Get or set Control flags. This is computed based on the current state of the SD. - - - - - Revision value - - - - - The resource manager control flags. - - - - - Get or set an associated NT type for this security descriptor. - - - - - Get or set mandatory label. Returns a medium label if it doesn't exist. - - - - - Get the process trust label. - - - - - Get list of access filters. - - - - - Get list of resource attributes. - - - - - Get the scoped policy ID. - - - - - Get or set the integrity level - - - - - Get or set the server security flag. - - - - - Get or set the DACL untrusted flag. - - - - - Get whether the DACL is present. - - - - - Get count of ACEs in DACL. - - - - - Get whether the SACL is present. - - - - - Get count of ACEs in DACL. - - - - - Indicates if the security descriptor was constructed from a self relative format. - - - - - Indicates if the SD's DACL is canonical. - - - - - Indicates if the SD's SACL is canonical. - - - - - Indicates if the SD's DACL is defaulted. - - - - - Indicates if the SD's SACL is defaulted. - - - - - Indicates if the SD's DACL is auto-inherited. - - - - - Indicates if the SD's SACL is auto-inherited. - - - - - Indicates if the SD came from a container. - - - - - Indicates the SD has audit ACEs present. - - - - - Indicates the SD has a mandatory label ACE present. - - - - - Indicates the SD has a NULL DACL. - - - - - Indicates the SD has a NULL SACL. - - - - - Get the access rights enum type for this SD based on the NT Type property. - - - - - Get the mandatory label. Returns null if it doesn't exist. - - True to include InheritOnly ACEs in the search. - The valid mandatory ACE for this security descriptor. Or null if it doesn't exist. - - - - Get the mandatory label. Returns null if it doesn't exist. - - The valid mandatory ACE for this security descriptor. Or null if it doesn't exist. - - - - Convert security descriptor to a byte array - - The binary security descriptor - - - - Convert security descriptor to SDDL string - - The parts of the security descriptor to return - True to throw on error. - The SDDL string - - - - Convert security descriptor to SDDL string - - The parts of the security descriptor to return - The SDDL string - - - - Convert security descriptor to SDDL string - - True to throw on error. - The SDDL string - - - - Convert security descriptor to SDDL string - - The SDDL string - - - - Converts the security to a base64 string. - - True to insert line breaks in the base64. - The relative SD as a base64 string. - - - - Converts the security to a base64 string. - - The relative SD as a base64 string. - - - - Convert security descriptor to a safe buffer. - - True to return an absolute security descriptor, false for self-relative. - True to throw on error. - A safe buffer for the security descriptor. - - - - Convert security descriptor to a safe buffer. - - True to return an absolute security descriptor, false for self-relative. - A safe buffer for the security descriptor. - - - - Convert security descriptor to a safe buffer. - - A safe buffer for the security descriptor. - This returns a self-relative security descriptor. - - - - Add an ACE to the DACL, creating the DACL if needed. - - The ACE to add to the DACL. - - - - Add an ACE to the SACL, creating the SACL if needed. - - The ACE to add to the SACL. - - - - Add an access allowed ACE to the DACL - - The access mask - The ACE flags - The SID in SDDL form - - - - Add an access allowed ACE to the DACL - - The access mask - The SID in SDDL form - - - - Add an access allowed ACE to the DACL - - The access mask - The ACE flags - The SID - - - - Add an access allowed ACE to the DACL - - The access mask - The SID - - - - Add an access denied ACE to the DACL - - The access mask - The ACE flags - The SID in SDDL form - - - - Add an access denied ACE to the DACL - - The access mask - The SID in SDDL form - - - - Add an access denied ACE to the DACL - - The access mask - The SID - - - - Add an access denied ACE to the DACL - - The access mask - The ACE flags - The SID - - - - Add an audit success ACE to the SACL - - The access mask - The SID in SDDL form - - - - Add an audit success ACE to the SACL - - The access mask - The SID - - - - Add an access denied ACE to the DACL - - The access mask - The SID in SDDL form - - - - Add an audit fail ACE to the SACL - - The access mask - The SID - - - - Add mandatory integrity label to SACL - - The integrity level - - - - Add mandatory integrity label to SACL - - The integrity level - The mandatory label policy - - - - Add mandatory integrity label to SACL - - The integrity level - The ACE flags. - The mandatory label policy - - - - Add mandatory integrity label to SACL - - The integrity label SID - The ACE flags. - The mandatory label policy - - - - Removes the mandatory label if it exists. - - - - - Map all generic access in this security descriptor to the default type specified by NtType. - - - - - Map all generic access in this security descriptor to a specific type. - - The type to get the generic mapping from. - - - - Map all generic access in this security descriptor to a specific type. - - The generic mapping. - - - - Unmap all generic access in this security descriptor to the default type specified by NtType. - - - - - Unmap all generic access in this security descriptor to a specific type. - - The type to get the generic mapping from. - - - - Unap all generic access in this security descriptor to a specific type. - - The generic mapping. - - - - Modifies a security descriptor from a new descriptor. - - The security descriptor to update with. - The parts of the security descriptor to update. - Auto inherit flags. - Optional token for the security descriptor. - Generic mapping. - True to throw on error. - The NT status code. - - - - Modifies a security descriptor from a new descriptor. - - The security descriptor to update with. - The parts of the security descriptor to update. - Auto inherit flags. - Optional token for the security descriptor. - Generic mapping. - - - - Converts the SD to an Auto-Inherit security descriptor. - - The parent security descriptor. - Optional object type GUID. - True if a directory. - Generic mapping for the object. - True to throw on error. - The NT status code. - - - - Converts the SD to an Auto-Inherit security descriptor. - - The parent security descriptor. - Optional object type GUID. - True if a directory. - Generic mapping for the object. - - - - Canonicalize the DACL if it exists. - - - - - Canonicalize the SACL if it exists. - - - - - Standardize security descriptor according to Active Directory rules. - - - - - Clone the security descriptor. - - The cloned security descriptor. - - - - Overridden ToString method. - - The security descriptor as an SDDL string. - - - - Constructor. - - Native pointer to security descriptor. - - - - Constructor. - - The process containing the security descriptor. - Native pointer to security descriptor. - - - - Constructor - - - - - Constructor. - - The NT type for the security descriptor. - - - - Constructor - - Binary form of security descriptor - Optional NT type for security descriptor. - - - - Constructor - - Binary form of security descriptor - - - - Constructor from a token default DACL and ownership values. - - The token to use for its default DACL. - - - - Constructor - - Base object for security descriptor - Token for determining user rights - True if a directory security descriptor - - - - Constructor from an SDDL string - - The SDDL string - Thrown if invalid SDDL - - - - Constructor from an SDDL string - - The SDDL string - Optional NT type for security descriptor. - Thrown if invalid SDDL - - - - Parse a security descriptor. - - Native pointer to security descriptor. - The NT type for the security descriptor. - True to throw on error. - The parsed Security Descriptor. - - - - Parse a security descriptor. - - Native pointer to security descriptor. - True to throw on error. - The parsed Security Descriptor. - - - - Parse a security descriptor. - - Safe buffer to security descriptor. - The NT type for the security descriptor. - True if the security descriptor is from a container. - True to throw on error. - The parsed Security Descriptor. - - - - Parse a security descriptor. - - Safe buffer to security descriptor. - The NT type for the security descriptor. - True to throw on error. - The parsed Security Descriptor. - - - - Parse a security descriptor. - - Safe buffer to security descriptor. - True to throw on error. - The parsed Security Descriptor. - - - - Parse a security descriptor. - - Binary form of security descriptor - The NT type for the security descriptor. - True to throw on error. - The parsed Security Descriptor. - - - - Parse a security descriptor. - - Binary form of security descriptor - True to throw on error. - The parsed Security Descriptor. - - - - Parse a security descriptor. - - The SDDL form of the security descriptor. - The NT type for the security descriptor. - True if the security descriptor is from a container. - True to throw on error. - The parsed Security Descriptor. - - - - Parse a security descriptor. - - The SDDL form of the security descriptor. - True to throw on error. - The parsed Security Descriptor. - - - - Parse a security descriptor from a base64 string - - The base64 string. - The NT type for the security descriptor. - True to throw on error. - The parsed Security Descriptor. - - - - Parse a security descriptor from a base64 string - - The base64 string. - True to throw on error. - The parsed Security Descriptor. - - - - Parse a security descriptor from a base64 string - - The base64 string. - The parsed Security Descriptor. - - - - Create a new security descriptor from a parent. - - The parent security descriptor. Can be null. - The creator security descriptor. - Optional list of object type GUIDs. - True if the objec to assign is a directory. - Auto inherit flags. - Optional token for the security descriptor. - Generic mapping. - True to throw on error. - The new security descriptor. - - - - Create a new security descriptor from a parent. - - The parent security descriptor. Can be null. - The creator security descriptor. - Optional list of object type GUIDs. - True if the objec to assign is a directory. - Auto inherit flags. - Optional token for the security descriptor. - Generic mapping. - The new security descriptor. - - - - Create a new security descriptor from a parent. - - The parent security descriptor. Can be null. - The creator security descriptor. - True if the objec to assign is a directory. - Auto inherit flags. - Optional token for the security descriptor. - Generic mapping. - True to throw on error. - The new security descriptor. - - - - Create a new security descriptor from a parent. - - The parent security descriptor. Can be null. - The creator security descriptor. - True if the objec to assign is a directory. - Auto inherit flags. - Optional token for the security descriptor. - Generic mapping. - The new security descriptor. - - - - Create a new security descriptor from a parent. - - The parent security descriptor. Can be null. - The creator security descriptor. - True if the objec to assign is a directory. - Auto inherit flags. - Optional token for the security descriptor. - Generic mapping. - True to throw on error. - The new security descriptor. - - - - Create a new security descriptor from a parent. - - The parent security descriptor. Can be null. - The creator security descriptor. - True if the objec to assign is a directory. - Auto inherit flags. - Optional token for the security descriptor. - Generic mapping. - The new security descriptor. - - - - A security descriptor SID which maintains defaulted state. - - - - - The SID. - - - - - Indicates whether the SID was defaulted or not. - - - - - Constructor from existing SID. - - The SID. - Whether the SID was defaulted or not. - - - - Convert to a string. - - The string form of the SID - - - - Clone the security descriptor SID. - - The cloned SID. - - - - The type of the security attribute name. - - - - - Class to represent an attribute name operand. - - - - - The type of attribute. - - - - - The name of the attribute. - - - - - Constructor. - - The type of the attribute. - The name of the attribute. - - - - Overridden ToString method. - - The object as a string. - - - - Class to represent a composite conditional operand. - - - - - List of operands. - - - - - Constructor. - - - - - Overridden ToString method. - - The object as a string. - - - - Class to represent a conditional expression. - - - - - Serialize the expression to a byte array. - - The expression as a byte array. - - - - Overridden ToString method. - - The object as a string. - - - - Parse a binary conditional expression. - - The data to parse. - True to throw on error. - The parsed conditional expression. - - - - Parse a binary conditional expression. - - The data to parse. - The parsed conditional expression. - - - - Parse an SDDL conditional expression. - - The SDDL expression to parse. - True to throw on error. - The parsed conditional expression. - - - - Parse an SDDL conditional expression. - - The SDDL expression to parse. - The parsed conditional expression. - - - - Get list of the conditional operands. - - - - - Size of conditional integer operand. - - - - - Sign of conditional integer operand. - - - - - Base of conditional integer operand. - - - - - Class to represent a conditional integer operand. - - - - - Size of the integer. - - - - - Value of the integer. - - - - - Sign of the integer. - - - - - Base of the integer. - - - - - Constructor. - - - - - Overridden ToString method. - - The object as a string. - - - - Class to represent an octet string conditional operand. - - - - - The value of the operand. - - - - - Constructor. - - The value of the operand. - - - - Overridden ToString method. - - The object as a string. - - - - Abstract class to represent a conditional expression operand. - - - - - Conditional operator type. - - - - - Class to represent a conditional operator operand. - - - - - The type of operator. - - - - - Constructor. - - The type of operator. - - - - Overridden ToString method. - - The object as a string. - - - - Class to represent a SID conditional operand. - - - - - The SID value. - - - - - Constructor. - - The SID value. - - - - Overridden ToString method. - - The object as a string. - - - - Class to represent a string conditional operand. - - - - - The string value. - - - - - Constructor. - - The string value. - - - - Overridden ToString method. - - The object as a string. - - - - Interface for an NT object to query and set a security descriptor. - - - - - Get the name of the object. - - - - - Get the NtType for this object. - - The NtType for the object. - - - - Get the object's security descriptor. - - - - - Get whether the object is a container. - - - - - Check if access is granted to a set of rights - - The access rights to check - True if all the access rights are granted - - - - Set the object's security descriptor - - The security descriptor to set. - What parts of the security descriptor to set - - - - Set the object's security descriptor - - The security descriptor to set. - What parts of the security descriptor to set - True to throw on error. - The NT status code. - - - - Get the security descriptor specifying which parts to retrieve - - What parts of the security descriptor to retrieve - The security descriptor - - - - Get the security descriptor specifying which parts to retrieve - - What parts of the security descriptor to retrieve - True to throw on error. - The security descriptor - - - - Class representing a Central Access Policy. - - - - - The CAP SID. - - - - - CAP Flags. - - - - - Name of the CAP. - - - - - Description of the CAP. - - - - - Change ID. Normally a date time when changed. - - - - - The list of rules associated with this policy. - - - - - Parse the policy from the registry. - - The base key for the registry policy. - True to throw on error. - The list of Central Access Policies. - - - - Parse the policy from the registry. - - True to throw on error. - The list of Central Access Policies. - - - - Parse the policy from the registry. - - The list of Central Access Policies. - - - - Parse the policy from the Local Security Authority. - - True to throw on error. - The list of Central Access Policies. - - - - Parse the policy from the Local Security Authority. - - The list of Central Access Policies. - - - - Class representing a Central Access Rule. - - - - - CAP Rule Flags. - - - - - Name of the CAP Rule. - - - - - Description of the CAP Rule. - - - - - Change ID. Normally a date time when changed. - - - - - Conditional Expression to determine who to applie the rule to. - - - - - The CAP Rule security descriptor. - - - - - The CAP Rule staged security descriptor. - - - - - Class to represent a Security Identifier. - - - - - Maximum size of a SID buffer. - - - - - The SIDs authority. - - - - - List of the SIDs sub authorities. - - - - - Get the account name of the SID or the SDDL form if no corresponding name. - - - - - Constructor for authority and sub authorities. - - The identifier authority. - The sub authorities. - - - - Constructor for authority and sub authorities. - - The identifier authority. - The sub authorities. - - - - Constructor from an unmanged buffer. - - A pointer to a buffer containing a valid SID. - Thrown if the buffer is not valid. - - - - Constructor from an unmanged buffer. - - A safe buffer containing a valid SID. - Thrown if the buffer is not valid. - - - - Constructor from a safe SID handle. - - A safe SID handle containing a valid SID. - Thrown if the buffer is not valid. - - - - Constructor from an manged buffer. - - A buffer containing a valid SID. - Thrown if the buffer is not valid. - - - - Constructor from existing Sid. - - The existing Sid. - - - - Constructor from an SDDL string. - - The SID in SDDL format. - - new Sid("S-1-0-0"); - new Sid("WD"); - - - - - - Constructor from a SID name. - - The SID name. - - - - Construct a SID from a binary reader. - - The binary reader. - - - - Convert the SID to a safe buffer. - - The safe buffer containing the SID. - - - - Convert to a managed byte array. - - The managed byte array. - - - - Compares two sids to see if their prefixes are the same. The sids must have the same number of subauthorities. - - The sid to compare against - True if the sids share a prefix. - - - - Compare two Sids. - - The other Sid to compare. - True if the Sids are equal. - - - - Equality operator. - - Sid 1 - Sid 2 - True if the Sids are equal. - - - - Inequality operator. - - Sid 1 - Sid 2 - True if the Sids are not equal. - - - - Get hash code. - - The hash code. - - - - Convert to an SDDL format string. - - The SDDL format string (e.g. S-1-1-0) - - - - Does this SID dominate another. - - The other SID. - True to throw on error. - True if the sid dominates. - - - - Does this SID dominate another. - - The other SID. - True if the sid dominates. - - - - Does this SID dominate another for trust. - - The other SID. - True to throw on error. - True if the sid dominates. - - - - Does this SID dominate another for trust. - - The other SID. - True if the sid dominates. - - - - Checks if the SID starts with the specified SID. - - The specified SID to check against. - True if the current SID starts with the specified SID. - - - - Create a SID relative to this one. - - The list of RIDs. - The relative SID. - - - - Create a SID sibling to this SID. - - The RIDs to replace the final RID with. - The sibling SID. - This replaces the final RID with one or more addditional RIDs. - - - - Get the SID name for this SID. - - True to bypass the SID name cache. - The SID name. - - - - Get the SID name for this SID. - - The SID name. - - - - Convert an SDDL SID string to a Sid - - The SDDL SID string - True to throw on error. - The converted Sid - Thrown if cannot convert from a SDDL string. - - - - Convert an SDDL SID string to a Sid - - The SDDL SID string - The converted Sid - Thrown if cannot convert from a SDDL string. - - - - Parse a byte array. - - The byte array to parse. - True to throw on error. - The parsed SID. - - - - Parse a byte array. - - The pointer to parse. - True to throw on error. - The parsed SID. - - - - Predefined security authorities - - - - - Represents an identifier authority for a SID. - - - - - Get a reference to the identifier authority. This can be used to modify the value - - - - - Constructor. - - - - - Construct from an existing authority array. - - The authority, must be 6 bytes in length. - Thrown if authority is not the correct length. - - - - Constructor from a simple predefined authority. - - The predefined authority. - - - - Construct from an Int64. - - The authority as an Int64. - - - - Compares authority to another. - - The other authority to compare against. - True if authority is equal. - - - - Get hash code. - - The authority hash code. - - - - Determines if this is a specific security authority. - - The security authority. - True if the security authority. - - - - Convert authority to a 64 bit integer. - - The authority as a 64 bit integer. - - - - Overridden ToString method. - - The security authority as a string. - - - - Source for a SID name. - - - - - SDDL string. - - - - - LSASS lookup. - - - - - Named capability. - - - - - Package name SID. - - - - - From a process trust level. - - - - - Well known SID. - - - - - Scoped policy SID. - - - - - Manually added name. - - - - - Represents a name for a SID. - - - - - The qualified name of the SID. Either the combination of - Domain and Name or the SDDL SID. - - - - - The domain name, if present. - - - - - The user name. - - - - - The source of name. - - - - - The use of the name. - - - - - The SDDL format of the SID. - - - - - Used for caching. Indicates the lookup name was denied rather than not available. - - - - - Disposable class to scope an impersonation context. - - - - - Revert impersonation back to the current user. - - - - - Class to represent the state of a token privilege - - - - - Privilege attributes - - - - - Privilege LUID - - - - - Get the token privilege value enum. - - - - - Get the name of the privilege - - The privilege name - - - - Get the display name/description of the privilege - - The display name - - - - Get whether privilege is enabled - - - - - Get whether privilege is enabled - - - - - Constructor - - The privilege LUID - The privilege attributes - - - - Constructor - - The privilege value - The privilege attributes - - - - Constructor - - The privilege name. - The privilege attributes - - - - Constructor - - The privilege name. - - - - Conver to a string - - The privilege name. - - - - Standard UNICODE_STRING class - - - - - Standard UNICODE_STRING class based on a SecureString class. - - - - - Structure to use when passing in a unicode string as a sub-structure with a seure string. - - - - - Standard ANSI_STRING class - - - - - This class is used when the UNICODE_STRING is an output parameter. - The allocatation of the buffer is handled elsewhere. - - - - - Convert unicode string to an array. - - The unicode string data as an array. - - - - This class is used when the UNICODE_STRING is an output parameter. - The allocatation of the buffer is handled elsewhere. - - - - - Structure to use when passing in a unicode string as a sub-structure. - - - - - This class is used when the UNICODE_STRING needs to be preallocated - and then returned back from a caller. - - - - - Implements a UnicodeString which contains raw bytes. - - - - - Constructor. - - The bytes for the name. - - - - Get a null safe buffer. - - - - - Class to represent a user group - - - - - The SID of the user group - - - - - The attributes of the user group - - - - - Get whether the user group is enabled - - - - - Get whether the user group is mandatory - - - - - Get whether the user group is used for deny only - - - - - Get the resolved name of the SID. - - - - - Constructor - - The SID - The attributes - - - - Constructor from a SID. - - The SID - - - - Constructor from a SID or account name. - - The SID or account name. - - - - Convert to a string - - The account name if available or the SDDL SID - - - - Basic utilities for ASN1 support. - - - - - Format an array of ASN.1 DER to a string. - - The ASN.1 data in DER format. - Initial identation depth. - The formatted DER data. - - - - Format an file containing of ASN.1 DER to a string. - - The path to the file containing ASN.1 data in DER format. - Initial identation depth. - The formatted DER data. - - - - Class to do basic ASN1 DER generation. - - - - - Constructor. - - The stream to write the DER data to. - - - - Constructor. - - - - - Write an object ID. - - The object ID to write. - - - - Write raw bytes to the stream. - - The bytes to write. - - - - Write an octet-string to the stream. - - The octet string. - - - - Write a NULL value. - - - - - Write a 32-bit integer. - - The integer value. - - - - Write a 64-bit integer. - - The integer value. - - - - Write an arbitrary integer. - - The integer value. - - - - Write a sequence based on the contents of another DER builder. - - The builder for the contents. - - - - Write a sequence based on the contents of another DER builder. - - The build function for the contents. - - - - Write a sequence based on the contents of another DER builder. - - Write a sequence of fixed values. - The build function for the contents. - - - - Create a sequence builder. - - The created builder. - You should call Close or dispose on the created builder to write the tag. - - - - Write an application specific tag with contents from the builder. - - The ID of the application specific tag. - The builder for the contents. - - - - Write an application specific tag with contents from the builder. - - The ID of the application specific tag. - The build function for the contents. - - - - Create an application specific builder. - - The ID of the application specific tag. - The created builder. - You should call Close or dispose on the created builder to write the tag. - - - - Write a context specific tag with specified contents. - - The ID of the context specific tag. - The contents of the context specific value. - - - - Write a context specific tag with contents from the builder. - - The ID of the context specific tag. - The builder for the contents. - - - - Write an application specific tag with contents from the builder. - - The ID of the context specific tag. - The build function for the contents. - - - - Create a context specific builder. - - The ID of the context specific tag. - The created builder. - You should call Close or dispose on the created builder to write the tag. - - - - Write a general encoded string. - - The string - The encoding to covert to. - - - - Write a general encoded string using ASCII encoding. - - The string - - - - Write a UTF8 string. - - The UTF8 string - - - - Write an IA5 string. - - The IA5 string - - - - Write a generalized time. - - The time to write. - - - - Convert builder to a byte array. - - The DER encoded data. - - - - A DER builder for a sub-structure.. - - You should call Close or dispose the builder to write the sub-structure. - - - - Close the builder and write its contents to the parent builder. - - - - - Static class for DER builder utility functions. - - - - - A basic ASN.1 DER parser to process Kerberos and SPNEGO Tokens. - - - - - Class containing known OID values. - - - - - Class to implement a scoped file lock. - - - - - Lock part of a file. - - The file to lock. - The offset into the file to lock - The number of bytes to lock - True to fail immediately if the lock can't be taken - True to do an exclusive lock - True to throw on error. - The NT status code. - - - - Lock part of a file. - - The file to lock. - The offset into the file to lock - The number of bytes to lock - True to fail immediately if the lock can't be taken - True to do an exclusive lock - The NT status code. - - - - Unlock the file. - - - - - IMemoryReader implementation for a process. - - - - - Class to compress and decompress buffers using RtlCompressionBuffer. - - - - - Decompress a buffer. - - The compression format used. - The compressed buffer. - The expected uncompressed length. - True to throw on error. - The uncompressed buffer. - - - - Decompress a buffer. - - The compression format used. - The compressed buffer. - The expected uncompressed length. - The uncompressed buffer. - - - - IMemoryReader implementation for a process. - - - - - Class which calls a delegate on dispose. - - - - - Constructor. - - The delegate to call on dispose. - - - - Dispose and call the action. - - - - - A container which can detach an innner reference. - - - - - - Get the contained value. - - - - - Detach the object so the original isn't disposed. - - Detached object. - - - - Miscellaneous utilities. - - - - - Convert a disposable object to a detachable object. - - The disposable object type. - The disposable object. - The disposable container. - - - - Utilities for reflection. - - - - - Get the SDK name for a type, if available. - - The type to get the name for. - The SDK name. Returns the name of the type if not available. - - - - Get the SDK name for an enum, if available. - - The enum to get the name for. - The SDK name. If the enum is a flags enum then will return the names joined with commas. - - - - Get the SDK name an object. - - The object to get the name from. If this isn't an Enum or Type then the Type of the object is used. - The SDK name. - - - - Class to create a view. This never owns the handle. - - - - - Detaches the current handle and allocates a new one. - - The detached buffer. - The original buffer will become invalid after this call. - - - - A buffer which contains an array of GUID pointers. - - - - - The count of GUIDs. - - - - - Constructor. - - The list of GUIDs. - - - - Get NULL safe buffer. - - - - - Basic implementation of ARC4. - - - - - Encrypt, or decrypt an ARC4 stream. - - The data to encrypt/decrypt. - Offset into the data to decrypt. - Length of data to decrypt. - The key to decrypt. - The resulting bytes. - - - - Encrypt, or decrypt an ARC4 stream. - - The data to encrypt/decrypt. - The key to decrypt. - The resulting bytes. - - - - Basic implementation of MD4. - - - This could have called out to the CNG APIs or dug into the - internals of the existing .NET crypto APIs but as MD4 is so - simple and it doesn't need to be secure (seriously don't use - this). This uses the reference implementation from RFC1320. - - - - - Calculate the MD4 hash of an input. - - The input bytes. - The MD4 hash. - - - - Calculate the MD4 hash of a string. - - The input string. - Encoding for the string. - The MD4 hash. - - - - Calculate the MD4 hash of a unicode string. - - The input string. - The MD4 hash. - - - - Class to perform the n-fold operation for Kerberos key derivation. - - - - - Perform an n-fold operation. - - The input data as a string. - The output length in bytes. - The computed n-folded byte array. - - - - Perform an n-fold operation. - - The input data. - The output length in bytes. - The computed n-folded byte array. - - - - A tree of Object Types. - - - - - Constructor. - - Entries to setup in the tree. - - - - Contructor. - - The object type GUID. - The name of the root object. - - - - Contructor. - - The object type GUID. - - - - Contructor. - - The object type GUID as a string. - - - - List of child nodes in the tree. - - - - - The parent of this tree. - - - - - The Object Type GUID. - - - - - Optional access mask for use in access checking. - - - - - Optional label for this tree entry. - - - - - Indicates the number of total entries this tree contains. - - - - - Add a new object type to the tree. - - The object type. - The name of the node. - The added tree object. - - - - Add a new object type to the tree. - - The object type. - The added tree object. - - - - Add an existing node to the tree. - - The node to add. - - - - Add an existing list of nodes to the tree. - - The nodes to add. - - - - Removes all object types from the tree. - - The object type. - The removed tree object. - - - - Removes all object types from the tree. - - The object type. - The removed tree object. - - - - Remove the current tree entry from the parent. - - - - - Convert the tree to an array. - - The array of ObjectTypeEntry objects. - - - - Clone the object type tree. - - The cloned tree. - - - - Set the access mask of this tree node and all children. - - The mask to set. - - - - Remove access mask from this tree node and children and propgate that up the tree. - - The mask to remove. - - - - Find an object type tree entry based on a GUID. - - The object type GUID. - The first entry found, null if doesn't exist. - - - - Split the tree up to reduce the maximum number of entries. - - This will try and keep whole branches together if at all possible, - but might split them up. This could result in incorrect access checking. - The maximum number of entries per tree. - One or more split trees. - - - - Overridden ToString method. - - The object formatted. - - - - Encoding object which converts 1 to 1 with bytes. - - - - - Default instance of the encoding. - - - - - Get the encoding name. - - - - - Get byte count for characters. - - The character array. - Index into the array. - Number of characters in the array to use. - The number of bytes this character array requires. - - - - Get bytes for characters. - - The character array. - Index into the array. - Number of characters in the array to use. - The index into the byte array. - The byte array to copy into. - The number of bytes generated. - - - - Get the character count for bytes. - - The byte array. - Index into the array. - Number of bytes in the array to use. - The number of characters this byte array requires. - - - - Get byte count for characters. - - The character array. - Index into the array. - Number of bytes in the array to use. - The index into the byte array. - The byte array to copy into. - The number of characters generated. - - - - Get maximum bytes for a number of characters. - - - - - - - Get maximum characters for a number of bytes. - - - - - - - Indicates if the encoding is a single byte. - - - - - A single extract string instance. - - - - - The string value. - - - - - The offset in the buffer. - - - - - True if the string was 16-bit Unicode. - - - - - Source of the string. Empty if was from a byte array. - - - - - Overridden ToString method. - - The value of the extracted string. - - - - Specify types of strings to extract. - - - - - Extract ASCII strings. - - - - - Extract Unicode strings. - - - - - Class to build a hex dump from a stream of bytes. - - - - - Append an array of bytes to the hex dump. - - The byte array. - The length of the bytes to append from the array. - The start offset in the bytes to append. - - - - Append an array of bytes to the hex dump. - - The byte array. - - - - Append a file or part of a file. - - The path to the file. - The length of the file to append. If 0 will append all remaining data. - The start offset in the file to append. - - - - Append a file or part of a file. - - The path to the file. - - - - Complete the hex dump string. - - - - - Finish builder and convert to a string. - - The hex dump. - - - - Constructor. - - Print a header. - Print the address. - Print the ASCII text. - Hide repeating lines. - Offset for address printing. - - - - Constructor. - - The safe buffer to print. - The length to display. - The offset into the buffer to display. - Print a header. - Print the address. - Print the ASCII text. - Hide repeating lines. - - - - Constructor. - - The safe buffer to print. - Print a header. - Print the address. - Print the ASCII text. - Hide repeating lines. - - - - Constructor. - - The stream to print. - Print a header. - Print the address. - Print the ASCII text. - Hide repeating lines. - Offset for address printing. - - - - Constructor. - - - - - Parse a hex dump into a byte array. - - The hex string. Can contain non-hex characters. - The parsed string as a byte array. - This won't necessarily parse correctly an arbitary hex dump, but it will if you just use the hex of the bytes. - - - - Parse a hex string into a byte array. - - The hex string. Can contain non-hex characters. - The parsed string as a byte array. - True if the parse was successful. - This won't necessarily parse correctly an arbitary hex dump, but it will if you just use the hex of the bytes. - - - - Utility class to extract strings from a byte value. - - - - - Extracts strings from a binary buffer. - - The data to search. - The length of the data to search. - The minimum string length. - The offset into the data to search. - The type of strings to search for. - The list of extracted strings. - - - - Extracts strings from a binary buffer. - - The data to search. - The minimum string length. - The type of strings to search for. - The list of extracted strings. - - - - Extracts strings from a stream. - - The stream to extract strings from. - The minimum string length. - The type of strings to search for. - The list of extracted strings. - - - - Extracts strings from a file. - - The file to search. - The minimum string length. - The type of strings to search for. - The list of extracted strings. - - - - Extracts strings from a safe buffer. - - Safe buffer to extract the value from. - The minimum string length. - The type of strings to search for. - The list of extracted strings. - - - - Extracts strings from a safe buffer. - - Safe buffer to extract the value from. - The minimum string length. - The type of strings to search for. - The length of the data to search. - The offset into the data to search. - The list of extracted strings. - - - - Class to call NT functions for manipulating strings. - - - - - Upper case a character according to the internal NTDLL string routines. - - The character to upper case. - The upper case character. - - - - Upper case a string according to the internal NTDLL string routines. - - The string to upper case. - True to throw on error. - The upper case string. - - - - Upper case a string according to the internal NTDLL string routines. - - The string to upper case. - The upper case string. - - - - Lower case a character according to the internal NTDLL string routines. - - The character to lower case. - The lower case character. - - - - Lower case a string according to the internal NTDLL string routines. - - The string to lower case. - True to throw on error. - The lower case string. - - - - Lower case a string according to the internal NTDLL string routines. - - The string to lower case. - The lower case string. - - - - Builder for a claim security attribute. - - - - - Name of the security attribute. - - - - - Attribute flags. - - - - - The value type. - - - - - The current list of values. - - - - - Convert build to a claim attribute. - - - - - - Create a claim security attribute builder. - - The name of the security attribute. - The attribute flags. - The value for the attribute. - The builder instance. - - - - Create a claim security attribute builder. - - The name of the security attribute. - The attribute flags. - The value for the attribute. - The builder instance. - - - - Create a claim security attribute builder. - - The name of the security attribute. - The attribute flags. - The value for the attribute. - The builder instance. - - - - Create a claim security attribute builder. - - The name of the security attribute. - The attribute flags. - The value for the attribute. - The builder instance. - - - - Create a claim security attribute builder. - - The name of the security attribute. - The attribute flags. - The value for the attribute. - The builder instance. - - - - Create a claim security attribute builder. - - The name of the security attribute. - The attribute flags. - The value for the attribute. - The builder instance. - - - - Create a claim security attribute builder. - - The name of the security attribute. - The attribute flags. - The value for the attribute. - The builder instance. - - - - Create a claim security attribute builder. - - An existing attribute to clone. - The builder instance. - - - - A class which represents an AppContainer profile. - - - - - Create a new AppContainerProfile. - - The name of the AppContainer. - A display name. - An optional description. - An optional list of capability SIDs. - True to throw on error. - The created AppContainer profile. - If the profile already exists then it'll be opened instead. - - - - Create a new AppContainerProfile. - - The name of the AppContainer. - A display name. - An optional description. - An optional list of capability SIDs. - The created AppContainer profile. - If the profile already exists then it'll be opened instead. - - - - Create a temporary AppContainer profile. - - List of capabilities for the AppContainer profile. - The created AppContainer profile. - The profile will be marked to DeleteOnClose. In order to not leak the profile you - should wait till the process has exited and dispose this profile. - - - - Create a temporary AppContainer profile. - - The created AppContainer profile. - The profile will be marked to DeleteOnClose. In order to not leak the profile you - should wait till the process has exited and dispose this profile. - - - - Opens an AppContainerProfile. - - The name of the AppContainer. - True to throw no error. - The opened AppContainer profile. - This method doesn't check the profile exists. - - - - Opens an AppContainerProfile. - - The name of the AppContainer. - The opened AppContainer profile. - This method doesn't check the profile exists. - - - - Opens an AppContainerProfile and checks it exists. - - The name of the AppContainer. - True to throw no error. - The opened AppContainer profile. - This checks for the existence of the profile and also populates the additional information. - - - - Opens an AppContainerProfile and checks it exists. - - The name of the AppContainer. - The opened AppContainer profile. - This checks for the existence of the profile and also populates the additional information. - - - - Delete an existing profile. - - The AppContainer name. - True to throw on error. - The HRESULT from the delete operation. - - - - Delete an existing profile. - - The AppContainer name. - - - - Enumerate all AppContainer profiles. - - True to throw on error. - The list of appcontainer profiles. - - - - Enumerate all AppContainer profiles. - - The list of appcontainer profiles. - - - - Delete an existing profile. - - True to throw on error. - The HRESULT from the delete operation. - - - - Delete an existing profile. - - - - - Dispose of the AppContainer profile. If DeleteOnClose is set then the profile will be deleted. - - - - - Close an AppContainer profile. If DeleteOnClose is set then the profile will be deleted. - - - - - Open the AppContainer key. - - The desired access for the key. - True to throw on error. - The opened key. - - - - The AppContainer name. - - - - - The package SID - - - - - Path to the AppContainer profile directory. - - - - - Path to the AppContainer key. - - - - - Set to true to delete the profile when closed. - - - - - Get list of capabilities assigned to this AppContainer profile. - - - - - The display name for the AppContainer profile. - - - - - The description for the AppContainer profile. - - - - - Utilities for AppModel applications. - - - - - Activate an application from its Application Model ID. - - The app model ID. - Arguments for the activation. - True to throw on error. - The PID of the process. - - - - Activate an application from its Application Model ID. - - The app model ID. - Arguments for the activation. - The PID of the process. - - - - Get the list of package SIDs with a loopback exception. - - True to throw on error. - The list of package SIDs with a loopback exception. - - - - Get the list of package SIDs with a loopback exception. - - The list of package SIDs with a loopback exception. - - - - Add a loopback exception to the list. - - The package SID to add. - True to throw on error. - The NT status code. - - - - Add a loopback exception to the list. - - The package SID to add. - - - - Remove a loopback exception from the list. - - The package SID to remove. - True to throw on error. - The NT status code. - - - - Remove a loopback exception to the list. - - The package SID to remove. - - - - State of the console session. - - - - - User logged on to WinStation - - - - - WinStation connected to client - - - - - In the process of connecting to client - - - - - Shadowing another WinStation - - - - - WinStation logged on without client - - - - - Waiting for client to connect - - - - - WinStation is listening for connection - - - - - WinStation is being reset - - - - - WinStation is down due to error - - - - - WinStation in initialization - - - - - Class to represent a console session. - - - - - The session ID. - - - - - The Session Name. - - - - - The Username if any user authenticated. - - - - - The Domain Name for the User. - - - - - The Console Session State. - - - - - The hostname for the client. - - - - - The Farm name for Virtual Machine Farm. - - - - - Get the FQ User Name. - - - - - Type information for an array. - - - - - Get array element type. - - - - - Get number of array elements. - - - - - Type information for a base type. - - - - - Symbol information for a data value. - - - - - Address of the symbol. - - - - - Enumerated type value. - - - - - Name of the value. - - - - - The value as an int64. - - - - - Symbol information for an enumerated type. - - - - - Get the values for the enumerated type. - - - - - Class for a function parameter. - - - - - Name of the parameter. - - - - - Type of the parameter. - - - - - Type information for a function. - - - - - Type for the return type. - - - - - List of function parameters. - - - - - Interface for symbol type resolver. - - - - - Query types in a module. - - The base address of the module. - The list of types. - - - - Query names of types in a module. - - The base address of the module. - The list of type names. - - - - Get a type by name. - - The base address of the module containing the type. - The name of the type. - - - - - Query types by name - - The base address of the module containing the type. - A mask string for the type name. e.g. mod!ABC* - The list of types. - - - - Get the address of a symbol. - - The name of the symbol, should include the module name, e.g. modulename!MySymbol. - The symbol type. - - - - Get the address of a symbol. - - The address of the symbol. - The symbol type. - - - - Type information for a pointer value. - - - - - Get the type this pointer references. - - - - - Indicates this pointer is a reference. - - - - - The name of the symbol. - - - - - Class to represent a symbol information. - - - - - The name of the symbol. - - - - - Size of the symbol. - - - - - Get the loaded module for the symbol. - - - - - Type of the symbol. - - - - - Internal type index. - - - - - Overridden ToString method. - - Returns the symbol name. - - - - Enumeration for symbol type information. - - - - - None. - - - - - UDT. - - - - - Enumerated type. - - - - - A base type. - - - - - A function type. - - - - - A pointer type. - - - - - Undefined. - - - - - Flags for the symbol resolver. - - - - - No flags. - - - - - Trace symbol file loading - - - - - Disable resolving export symbols if no PDB can be found. - - - - - Enable a symbol server fallback. If the copy of dbghelp doesn't have a symsrv.dll - then download from a public symbol URL to a local cache directory during symbol - resolving. - - - - - Symbol information for a type. - - - - - Represents a member of a UDT. - - - - - The type of the member. - - - - - The name of the member. - - - - - The offset into the UDT. - - - - - The size of the member. - - - - - Represents a bit field member of a UDT. - - - - - If a bit field then this is the bit start position. - - - - - If a bit field this is the bit length. - - - - - Symbol information for an enumerated type. - - - - - The members of the UDT. - - - - - Indicates the UDT is a union. - - - - - Class to capture Win32 debug output. - - - - - Create an instance of the Win32 debug console. - - The session ID for the console. Set to 0 to capture global output. - True to throw on error. - The Win32 debug console. - - - - Create an instance of the Win32 debug console. - - The session ID for the console. Set to 0 to capture global output. - The Win32 debug console. - - - - Create an instance of the Win32 debug console for current session. - - True to throw on error. - The Win32 debug console. - - - - Create an instance of the Win32 debug console for current session. - - The Win32 debug console. - - - - Create an instance of the Win32 debug console for the global session. - - True to throw on error. - The Win32 debug console. - - - - Create an instance of the Win32 debug console for the global session. - - The Win32 debug console. - - - - Read a debug string from for the console asynchronously. - - The timeout in milliseconds. - Cancellation token. - The Win32 debug string. If timed out then Output property is null. - - - - Read a debug string from for the console asynchronously. - - The timeout in milliseconds. - The Win32 debug string. If timed out then Output property is null. - - - - Read a debug string from for the console asynchronously. - - The Win32 debug string. If timed out then Output property is null. - - - - Read a debug string from for the console. - - The timeout in milliseconds. - The Win32 debug string. If timed out then Output property is null. - - - - Read a debug string from for the console. - - The Win32 debug string. If timed out then Output property is null. - - - - Attach the debug console to another session. - - The session ID. - True to throw on error. - The NT status code. - - - - Attach the debug console to another session. - - The session ID. - - - - Dispose debug console. - - - - - Structure for a debug string event. - - - - - The process ID. - - - - - The output string. - - - - - Class to hold known bus type GUIDs. - - - - - Class to represent a device interface. - - - - - The name of the interface class. - - - - - The device interface GUID. - - - - - The list of device interface instances. - - - - - The list of all device interface properties. - - The device interface properties. - - - - Class containing well known device interface class GUIDs. - - - - - Convert interface class GUID to a string. - - - The name of the interface class GUID. - - - - Get the list of known interface GUIDs. - - The list of known interface guids. - - - - Class to represent a device interface instance. - - - - - The instance path to the device. - - - - - The raw device path. - - - - - The device interface class GUID. - - - - - The device instance ID for the device node. - - - - - Overridden ToString method. - - The Win32Path. - - - - The list of all device interface instance properties. - - The device interface instance properties. - - - - Device property types. - - - - - Class representing a device node. - - - - - The name of the device instance. - - - - - The device setup class GUID. - - - - - The device instance ID. - - - - - Get the device PDO name. - - - - - Get the device INF name. - - - - - Get the device INF path. - - - - - Get the device stack. - - - - - The the device stack as a list of driver paths. - - - - - Indicates if this is a per-session device. If null then not defined. - - - - - Indicates if this instance is present. - - - - - Indicates the name of the SCM service for the driver. - - - - - Get path to the driver. - - - - - Get driver start type. - - - - - Get the parent device node. - - The parent device node. Returns null if reached the root. - - - - List of upper filters. - - - - - List of lower filters. - - - - - Container ID. - - - - - Type of bus for the device. - - - - - Get if the device is a user-mode device. - - - - - The list of all device properties. - - The device properties. - - - - Get the setup class for this instance. - - Returns the setup class. - Thrown if invalid setup GUID. - - - - Get list of parent nodes. - - The list of parent nodes. - - - - Overridden ToString method. - - - - - - Optional security descriptor for device node. - - - - - Indicates the device node has a security descriptor. - - - - - Device property. - - - - - The name of the property, if known. - - - - - The FMTID Guid. - - - - - The PID. - - - - - The device property type. - - - - - Property data. - - - - - Format the data according to type. - - The formatted data. - - - - ToString method. - - The property as a string. - - - - Class to represent a device setup class. - - - - - The friendly name of the device. - - - - - The name of the device class. - - - - - The device class installer Guid. - - - - - The security descriptor for the device (if available). - - - - - Indicates the device setup class has a security descriptor. - - - - - The device type. - - - - - The device characteristics. - - - - - List of upper filters. - - - - - List of lower filters. - - - - - The list of all device setup properties. - - The device setup properties. - - - - Get device instances. - - Return all devices. - The list of devices instances. - - - - Get device instances. - - The list of devices instances. - - - - Enumerated type for device stack type. - - - - - Unknown type. - - - - - Entry is for the function driver. - - - - - Entry is for the bus driver. - - - - - Entry is for an upper filter. - - - - - Entry is for the lower filter. - - - - - Entry is for a filter. - - - - - Class to represent an entry on the stack. - - - - - Name of the driver. - - - - - Path to the driver. - - - - - Stack entry type. - - - - - Overridden ToString method. - - The name of the driver in the stack. - - - - Class to represent a node in a device tree. - - - - - List of child nodes. - - - - - Indicates if the node has any children. - - - - - Get the parent device node. - - The parent device node. Returns null if reached the root. - - - - Utilities for interacting with Device, Configuration and Setup APIs. - - - - - Get a list of device interfaces from an Interface GUID. - - The interface class GUID for the device. - Optional device ID. - True to get all devices, otherwise just present devices. - List of device interfaces. - - - - Get a list of present device interfaces from an Inteface GUID. - - The interface class GUID for the device. - List of device interfaces. - - - - Enumerate installer class GUIDs. - - The list of installer class GUIDs. - - - - Enumerate interface class GUIDs. - - The list of interface class GUIDs. - - - - Query the security descriptor for a device. - - The installer device class. - True to throw on error. - The security descriptor. - - - - Query the security descriptor for a device. - - The installer device class. - The security descriptor. - - - - Get list of registered device setup classes. - - The list of device setup classes. - - - - Get a device setup class by GUID. - - The class GUID. - The device setup class. - - - - Get list of registered device interfaces. - - True to return all devices. - The list of device interfaces. - - - - Get list of registered device interfaces. - - The list of device interfaces. - - - - Get a device interface class by GUID. - - The class GUID. - True to return all devices. - The device interface class. - - - - Get a device interface class by GUID. - - The class GUID. - The device interface class. - - - - Get list of device nodes. - - Return all devices including ones which aren't present. - The list of device nodes. - - - - Get list of present device nodes. - - The list of device entries. - - - - Get list of device entries. - - Specify the Device Setup Class GUID. - Only return present devices. - The list of device entries. - - - - Get list of present device entries. - - Specify the Device Setup Class GUID. - The list of device entries. - - - - Get the device node from a device ID. - - The instance ID to lookup.. - The device node. - - - - Get device tree. - - The device tree's root node. - - - - Get the node from a device instance ID. - - The instance ID to start from. - The root device node. - - - - Get all device interface instances. - - - - - Get all device interface instances for a given interface class GUID. - - - - - Get an interface instance from the interface instance path. - - The path to the interface symbolic link. e.g. \??\SOME$VALUE. - - - - Interface to indicate the device object has properties. - - - - - The list of all device properties. - - The device properties. - - - - Access rights for Active Directory Services. - - - - - Class to represent a binding to a directory service. - - - - - Crack one or more names on the domain controller. - - Flags for the cracking. - Format of the names. - Desired format of the names. - The list of names to crack. - True to throw on error. - The cracked names. - - - - Crack one or more names on the domain controller. - - Flags for the cracking. - Format of the names. - Desired format of the names. - The list of names to crack. - The cracked names. - - - - Crack a name on the domain controller. - - Flags for the cracking. - Format of the name. - Desired format of the name. - The name to crack. - True to throw on error. - The cracked name. - - - - Crack a name on the domain controller. - - Flags for the cracking. - Format of the name. - Desired format of the name. - The name to crack. - The cracked name. - - - - Get naming contexts for domain. - - True to throw on error. - The naming contexts. - - - - Get naming contexts for domain. - - The naming contexts. - - - - Bind to a directory service. - - The name of the domain controller. Can be null. - The DNS domain name. - True to throw on error. - The directory service binding. - - - - Bind to a directory service. - - The name of the domain controller. Can be null. - The DNS domain name. - The directory service binding. - - - - Bind to the current directory service. - - The directory service binding. - - - - Dispose the binding. - - - - - Class to represent an directory service extended right queries from the current domain. - - - - - The common name of the extended right. - - - - - The distinguished name for the extended right. - - - - - The domain name searched for this extended right. - - - - - The rights GUID for this extended right. - - - - - The list of applies to GUIDs. - - - - - The valid accesses for this extended right. - - - - - Get list of properties if a property set. - - - - - True if this a property set extended right. - - - - - True if this is a validated write extended right. - - - - - True if this is a control extended right. - - - - - Overridden ToString method. - - The name of the extended right. - - - - Convert the extended right to an object type tree. - - The tree of object types. - - - - Convert the extended right to an object type tree. - - The extended right to convert. - The tree of object types. - - - - Flags and settings from the dSHeuristics attribute. - - - - - The fSupFirstLastANR flag. - - - - - The fSupLastFirstANR flag. - - - - - The fDoListObject flag. - - - - - The fLDAPBlockAnonOps flag. - - - - - The fAllowAnonNSPI flag. - - - - - The fDontStandardizeSDs flag. - - - - - The raw value for the dsHeuristics attribute. - - - - - The domain where the value was read. - - - - - Directory services name error. - - - - - Directory services name flags. - - - - - Directory services name format. - - - - - Structure to represent a directory service name. - - - - - Status of the name. - - - - - Domain of the name. - - - - - Name of the name. - - - - - Native methods for directory services. - - - - - Object type level for a directory object. - - - - - Object type. - - - - - Property set type. - - - - - Property type. - - - - - Class to represent an a class which is referenced from another. For example auxiliary or superior classes. - - - - - The name of the class. - - - - - Whether the class is a system class. - - - - - Get the full schema class for this reference. - - The schema class. - - - - Class to represent a directory service schema attribute. - - - - - The attributes syntax. - - - - - The OM syntax. - - - - - The OM object class. - - - - - The name of the attribute syntax type if known. - - - - - The GUID of the containing property set, if it exists. - - - - - Indicates if the attribute is in a property set. - - - - - Class to represent a directory service schema class. - - - - - The subclass schema name. - - - - - List of attributes the class can contain. - - - - - The default security descriptor. - - - - - The default security descriptor in SDDL format. - - - - - The list of auxiliary classes for this class. - - - - - The category of schema class. - - - - - The list of possible superior classes for this class. - - - - - Possible inferiors of the class. - - - - - Structure to represent an attribute for a class. - - - - - The name of the attribute. - - - - - True if the attribute is required. - - - - - True if the attribute can only be modified by system. - - - - - Get the hash code for the attribute. - - The hash code. - - - - Check attributes for equality. - - The other attribute to check. - True if equal. - - - - Overridden ToString method. - - The name of the attribute. - - - - Represents the type of schema class. - - - - - Legacy class. - - - - - Structure class (can be created). - - - - - Abstract class. - - - - - Auxiliary class. - - - - - Base class for a schema class or attribute object. - - - - - The GUID of the schema class. - - - - - The name of the schema class. - - - - - The LDAP display name. - - - - - The object class for the schema class. - - - - - The distinguished name for the schema class. - - - - - The domain name searched for this schema class. - - - - - The admin description for the object. - - - - - Indicates if this schema object is system only. - - - - - Overridden ToString method. - - The name of the schema class. - - - - Convert the schema class to an object type tree. - - The tree of object types. - - - - Convert the extended right to an object type tree. - - The schema class to convert. - The tree of object types. - - - - Class to represent a security principal in the directory. - - - - - Distinguished name of the group. - - - - - The SID of the object. - - - - - Overridden Equals. - - The other object to test. - True if equal. - - - - Overridden GetHashCode. - - The hash code. - - - - User flags. - - - - - Class implementing various utilities for directory services. - - - - - Name for the fake Directory Service NT type. - - - - - Get the generic mapping for directory services. - - The directory services generic mapping. - - - - Get a fake NtType for Directory Services. - - The fake Directory Services NtType - - - - Get the default property set. - - - - - Get the schema class for a GUID. - - Specify the domain to get the schema class for. - The GUID for the schema class. - The schema class, or null if not found. - - - - Get the schema class for a GUID. - - The GUID for the schema class. - The schema class, or null if not found. - - - - Get the schema class for a LDAP name. - - Specify the domain to get the schema class for. - The LDAP name for the schema class. - The schema class, or null if not found. - - - - Get the schema class for a LDAP name. - - The LDAP name for the schema class. - The schema class, or null if not found. - - - - Get the inferior schema class for a LDAP name. - - Specify the domain to get the schema class for. - The LDAP name for the parent schema class. - The schema classes. - - - - Get the inferior schema class for a LDAP name. - - The LDAP name for the schema class. - The schema classes. - - - - Get the auxiliary schema classes for a LDAP name. - - Specify the domain to get the schema class for. - The LDAP name for the parent schema class. - The schema classes. - - - - Get the auxiliary schema classes for a LDAP name. - - The LDAP name for the schema class. - The schema classes. - - - - Get all schema classes. - - Specify the domain to get the schema classes for. - The list of schema classes. - - - - Get all schema classes. - - The list of schema classes. - - - - Get all schema classes in a hierarchy. - - Specify the domain to get the schema classes for. - Specify to include auxiliary classes in the list. - The name of the base schema class. - The list of schema classes. - - - - Get all schema classes in a hierarchy. - - Specify to include auxiliary classes in the list. - The name of the base schema class. - The list of schema classes. - - - - Get the common name of an schema object class. - - Specify the domain to get the schema class for. - The GUID for the schema class. - The common name of the schema class, or null if not found. - - - - Get the common name of an schema object class. - - The GUID for the schema class. - The common name of the schema class, or null if not found. - - - - Get the schema attribute for a GUID. - - Specify the domain to get the schema attribute for. - The GUID for the schema attribute. - The schema attribute, or null if not found. - - - - Get the schema attribute for a GUID. - - The GUID for the schema attribute. - The schema attribute, or null if not found. - - - - Get the schema attribute for a LDAP name. - - Specify the domain to get the schema attribute for. - The LDAP name for the schema attribute. - The schema attribute, or null if not found. - - - - Get the schema attribute for a LDAP name. - - The LDAP name for the schema attribute. - The schema attribute, or null if not found. - - - - Get all schema attributes. - - Specify the domain to get the schema attributes for. - The list of schema attributes. - - - - Get all schema attributes. - - The list of schema attributes. - - - - Get the common name of a schema attribute. - - Specify the domain to get the schema attribute for. - The GUID for the schema attribute. - The common name of the schema attribute, or null if not found. - - - - Get the common name of a schema attribute. - - The GUID for the schema attribute. - The common name of the schema attribute, or null if not found. - - - - Get the extended right name by GUID. - - Specify the domain for the extended right. - The GUID for the extended right. - If true and the right is a property set, expand the name. - The name of the extended right, or null if not found. - - - - Get the extended right name by GUID. - - The GUID for the extended right. - If true and the right is a property set, expand the name. - The name of the extended right, or null if not found. - - - - Get an extended right by GUID. - - Specify the domain to get the extended right for. - The GUID for the extended right. - The extended right, or null if not found. - - - - Get an extended right by GUID. - - The GUID for the extended right. - The extended right, or null if not found. - - - - Get an extended right by common name. - - Specify the domain to get the extended right for. - The common name for the extended right. - The extended right, or null if not found. - - - - Get an extended right by common name. - - The common name for the extended right. - The extended right, or null if not found. - - - - Get a list of all extended rights in the current domain. - - Specify the domain to get the extended rights from. - The list of extended rights. - - - - Get a list of all extended rights in the current domain. - - The list of extended rights. - - - - Get a list of extended rights applied to a schema class. - - Specify the domain to get the extended rights from. - The schema class identifier. - The list of extended rights applies to the schema class. - - - - Get a list of extended rights applied to a schema class in the current domain. - - The schema class identifier. - The list of extended rights applies to the schema class. - - - - Create an object type entry for an access check. - - The object type level. - The object type GUID. - An optional name. - The object type entry. - - - - Get the object SID from a directory object. - - The directory entry. - The object SID. Returns null if no object SID exists. - - - - Get the object SID from a directory object. - - The domain name for the object. - The distinguished name of the object. - The object SID. Returns null if no object SID exists. - - - - Get the object SID from a directory object. - - The distinguished name of the object. - The object SID. Returns null if no object SID exists. - - - - Get a directory object. - - The domain name for the object. - The distinguished name of the object. - The object entry. - - - - Get a directory object. - - The distinguished name of the object. - The object entry. - - - - Standardize security descriptor to the rules of Active Directory. - - The security descriptor. - The standardized security descriptor. - - - - Get the value for the dsHeuristics attribute. - - The domain to read the dsHeuristics from. - The dsHeuristics value. - - - - Get the value for the dsHeuristics attribute. - - The dsHeuristics value. - - - - Get the value for an object's sDRightsEffective attribute. - - The domain for the object. - The distinguished name of the object. - The sDRightsEffective value. - - - - Get the value for an object's sDRightsEffective attribute. - - The distinguished name of the object. - The sDRightsEffective value. - - - - Try and find the an object from its SID. - - Specify the domain to search. - The SID to find. - The distinguished name of the object, null if not found. - - - - Try and find the token groups for an object. - - Domain name for the lookup. - The distinguished name to find. - True to return all groups including BUILTIN on the server. False for just universal and global groups. - The list of member SIDs. - - - - Try and find the token groups for an object using the SID. - - Sid to use for the object. - True to return all groups including BUILTIN on the server. False for just universal and global groups. - The list of member SIDs. - - - - Try and find the membership of groups for a name. - - Domain name for the lookup. - The distinguished name to find as member. - The list of groups. - - - - Call to pre-cache the schema for a domain, could take a long time to load. - - The domain to cache. - True if the schema was cached successfully. - - - - Call to pre-cache the schema for the current domain, could take a long time to load. - - True if the schema was cached successfully. - - - - Interface to convert a directory object to a tree for access checking. - - - - - The name of the object. - - - - - The ID of the object. - - - - - Convert the schema class to an object type tree. - - The tree of object types. - - - - DLL characteristic flags. - - - - - Reserved - - - - - Reserved - - - - - Reserved - - - - - Reserved - - - - - Reserved - - - - - Image can handle a high entropy 64-bit virtual address space. - - - - - DLL can be relocated at load time. - - - - - Code Integrity checks are enforced. - - - - - Image is NX compatible. - - - - - Isolation aware, but do not isolate the image. - - - - - Does not use structured exception (SE) handling. No SE handler may be called in this image. - - - - - Do not bind the image. - - - - - Image must execute in an AppContainer. - - - - - A WDM driver. - - - - - Image supports Control Flow Guard. - - - - - Terminal Server aware. - - - - - CodeView debug data for an executable. - - - - - The magic identifier. - - - - - The unique identifier. - - - - - Age of debug information. - - - - - Path to PDB file. - - - - - Identifier path to use when looking up symbol file. - - - - - Get just the name of the PDB file. - - - - - Get the symbol server path. - - The symbol URL, either a local path or a remote URL. - The symbol server path. - - - - Single DLL export entry. - - - - - The name of the export. If an ordinal this is #ORD. - - - - - The ordinal number. - - - - - Address of the exported entry. Can be 0 if a forwarded function. - - - - - Name of the forwarder, if used. - - - - - Get the module this was exported from. - - - - - Overridden ToString method. - - The name of the export. - - - - Single DLL import. - - - - - The name of the DLL importing from. - - - - - List of DLL imported functions. - - - - - List of names imported. - - - - - Could of functions - - - - - True of the imports are delay loaded. - - - - - The path to the executable this import came from. - - - - - Overridden ToString method. - - The DLL name and count. - - - - Single DLL import function. - - - - - The name of the DLL importing from. - - - - - The name of the imported function. If an ordinal this is #ORD. - - - - - Address of the imported function. Can be 0 if not a bound DLL. - - - - - Ordinal of import, if imported by ordinal. -1 if not. - - - - - Overridden ToString method. - - The name of the imported function. - - - - Simple class for an event trace. - - - - - Write an empty event. - - - - - Dispose method. - - - - - Level for trace event. - - - - - Critical level. - - - - - Error level. - - - - - Warning level. - - - - - Information level. - - - - - Verbose level. - - - - - Descriptor for an enabled trace provider. - - - - - Pointer to descriptor data. - - - - - Size of descriptor data. - - - - - Type of descriptor data. - - - - - An Event Trace Log. - - - - - Enable a provider. - - The GUID of the provider. - The level for the events. - Any keywords to match. - All keywords to match. - The timeout. - List of optional descriptors. - True to throw on error. - The resulting status code. - - - - Get allocated session GUID. - - - - - Get name of the session. - - - - - Finalizer. - - - - - Dispose the event trace log. - - - - - Source of an event trace provider. - - - - - Unknown source. - - - - - From WMI. - - - - - From NtTraceControl. - - - - - From the security key. - - - - - Class to represent an Event Trace Provider. - - - - - The ID of the provider. - - - - - The name of the provider. - - - - - Whether the provider is defined as an XML file or a MOF. - - - - - The provider security descriptor (only available as admin). - - - - - Indicates the source of the provider. - - - - - Class to access event tracing methods. - - - - - Query security of an event. - - The event GUID to query. - True to throw on error. - The event security descriptor. - - - - Query security of an event. - - The event GUID to query. - The event security descriptor. - - - - Query the default security for events. - - True to throw on error. - The default security descriptor. - - - - Query the default security for events. - - The default security descriptor. - - - - Modify trace security. - - The event trace GUID. - The operation to perform. - The SID to set. - The access mask to set. - True to allow, false to deny. - True to throw on error. - The NT status code. - - - - Modify trace security. - - The event trace GUID. - The operation to perform. - The SID to set. - The access mask to set. - True to allow, false to deny. - - - - Adds DACL ACE for an event trace. - - The event trace GUID. - The SID to set. - The access mask to set. - True to allow, false to deny. - True to throw on error. - The NT status code. - - - - Adds DACL ACE for an event trace. - - The event trace GUID. - The SID to set. - The access mask to set. - True to allow, false to deny. - - - - Clears DACL and adds ACE for an event trace. - - The event trace GUID. - The SID to set. - The access mask to set. - True to allow, false to deny. - True to throw on error. - The NT status code. - - - - lears DACL and adds ACE for an event trace. - - The event trace GUID. - The SID to set. - The access mask to set. - True to allow, false to deny. - - - - Remove security for an event trace. - - The event trace GUID. - True to throw on error. - The NT status code. - - - - Remove security for an event trace. - - The event trace GUID. - - - - Register an event trace with a specific GUID. - - The event trace GUID. - True to throw on error. - The event trace. - - - - Start an event trace log. - - The path to the log file. - Session GUID. - The name of the logging session. - True to throw on error. - The event trace log. - - - - Start an event trace log. - - The path to the log file. - Session GUID. - The name of the logging session. - The event trace log. - - - - Register an event trace with a specific GUID. - - The event trace GUID. - The event trace. - - - - Get the list of registered trace GUIDs. - - The list of trace GUIDs. - - - - Get the list of registered trace providers. - - Specify true to return a list of cached providers. - The list of trace providers. - - - - Get the list of registered trace providers. - - The list of trace providers. - Returns a cached list of providers, if you want to check the current list use GetProviders(bool). - - - - Get the name of a provider. - - The ID of the provider. - The name of the provider. Returns null if the provider had no name or doesn't exist. - - - - Contains information about a manifest file. - - - - - True if parsing the XML manifest failed. - - - - - Full path to the manifest location. - - - - - The name of the manifest. - - - - - True if the manifest indicates UI access. - - - - - The execution level from the manifest. - - - - - True if the manifest indicates auto elevation. - - - - - The manifest XML. - - - - - True if the manifest indicates long path awareness. - - - - - Get the manifests from a file. - - The file to extract the manifests from. - The list of manifests. - - - - Overridden ToString method. - - The manifest as a string. - - - - A class to represent filter communication port. - - - - - Open a filter communications port. - - The port name, e.g. \FilterName - Make the handle synchronous. - Optional context data. - True to throw on error. - The filter communications port. - - - - Open a filter communications port. - - The port name, e.g. \FilterName - Make the handle synchronous. - Optional context data. - The filter communications port. - - - - Open a filter communications port. - - The port name, e.g. \FilterName - The filter communications port. - - - - Get message from port. - - The maximum message size to receive. - True to throw on error. - The returned message. - - - - Get message from port. - - The maximum message size to receive. - The returned message. - - - - Reply to message. - - The NT status code. - The message ID from GetMessage. - The data to send. - True to throw on error. - The NT status code. - - - - Reply to message. - - The NT status code. - The message ID from GetMessage. - The data to send. - - - - Send a message to the filter. - - The input buffer. - The output buffer. - True to throw on error. - The bytes in the output buffer. - - - - Send a message to the filter. - - The input buffer. - The output buffer. - The bytes in the output buffer. - - - - Send a message to the filter. - - The input buffer. - The maximum size of the output buffer. - true to throw on error. - The output buffer. - - - - Send a message to the filter. - - The input buffer. - The maximum size of the output buffer. - The output buffer. - - - - Class to represent a filter communications port message. - - - - - The message ID. - - - - - The returned data. - - - - - The length of the reply to send. - - - - - Class to represent a filter drive. - - - - - True if a mini-filter, false if a legacy-filter. - - - - - Flags, if any. - - - - - The frame ID. - - - - - Number of instances if a mini-filter. - - - - - Name of the filter driver. - - - - - Altitude of the filter driver. - - - - - Class to represent a mini-filter instance. - - - - - The name of the instance. - - - - - The altitude of the instance. - - - - - The volume name. - - - - - The filter name. - - - - - Filter filesystem type. - - - - - an UNKNOWN file system type - - - - - Microsoft's RAW file system (\FileSystem\RAW) - - - - - Microsoft's NTFS file system (\FileSystem\Ntfs) - - - - - Microsoft's FAT file system (\FileSystem\Fastfat) - - - - - Microsoft's CDFS file system (\FileSystem\Cdfs) - - - - - Microsoft's UDFS file system (\FileSystem\Udfs) - - - - - Microsoft's LanMan Redirector (\FileSystem\MRxSmb) - - - - - Microsoft's WebDav redirector (\FileSystem\MRxDav) - - - - - Microsoft's Terminal Server redirector (\Driver\rdpdr) - - - - - Microsoft's NFS file system (\FileSystem\NfsRdr) - - - - - Microsoft's NetWare redirector (\FileSystem\nwrdr) - - - - - Novell's NetWare redirector - - - - - The BsUDF CD-ROM driver (\FileSystem\BsUDF) - - - - - Microsoft's Mup redirector (\FileSystem\Mup) - - - - - Microsoft's WinFS redirector (\FileSystem\RsFxDrv) - - - - - Roxio's UDF writeable file system (\FileSystem\cdudf_xp) - - - - - Roxio's UDF readable file system (\FileSystem\UdfReadr_xp) - - - - - Roxio's DVD file system (\FileSystem\DVDVRRdr_xp) - - - - - Tacit FileSystem (\Device\TCFSPSE) - - - - - Microsoft's File system recognizer (\FileSystem\Fs_rec) - - - - - Nero's InCD file system (\FileSystem\InCDfs) - - - - - Nero's InCD FAT file system (\FileSystem\InCDFat) - - - - - Microsoft's EXFat FILE SYSTEM (\FileSystem\exfat) - - - - - PolyServ's file system (\FileSystem\psfs) - - - - - IBM General Parallel File System (\FileSystem\gpfs) - - - - - Microsoft's Named Pipe file system(\FileSystem\npfs) - - - - - Microsoft's Mailslot file system (\FileSystem\msfs) - - - - - Microsoft's Cluster Shared Volume file system (\FileSystem\csvfs) - - - - - Microsoft's ReFS file system (\FileSystem\Refs or \FileSystem\Refsv1) - - - - - OpenAFS file system (\Device\AFSRedirector) - - - - - Composite Image file system (\FileSystem\cimfs) - - - - - Methods for accessing Filter Manager information. - - - - - Enumerate the list of filter drivers. - - The list of filter drivers. - - - - Enumerate the list of filter driver instances. - - The name of the filter driver. - The list of filter driver instances. - - - - Enumerate the list of filter driver instances for all filter drivers. - - The list of filter driver instances. - - - - Enumerate the list of filter drivers attached to a volume. - - The name of volume, e.g. C:\ - The list of filter volume instances. - - - - Enumerate the list of filter drivers attached for all volumes. - - The list of filter volume instances. - - - - Enumerate the list of filter volumes. - - The list of filter volumes - - - - Attach a filter to a volume. - - The filter name. - The volume name. - Optional altitude of the filter. - Optional instance name. - True to throw on error. - The created instance name. - - - - Attach a filter to a volume. - - The filter name. - The volume name. - Optional altitude of the filter. - Optional instance name. - The created instance name. - - - - Attach a filter to a volume. - - The filter name. - The volume name. - Optional altitude of the filter. - The created instance name. - - - - Attach a filter to a volume. - - The filter name. - The volume name. - The created instance name. - - - - Attach a filter to a volume. - - The filter name. - The volume name. - Optional instance name. - True to throw on error. - The NT status code. - - - - Attach a filter to a volume. - - The filter name. - The volume name. - Optional instance name. - The NT status code. - - - - Attach a filter to a volume. - - The filter name. - The volume name. - The NT status code. - - - - Class to represent a filter volume. - - - - - Is the filter detached from the volume. - - - - - Filter frame ID. - - - - - Filesystem type. - - - - - Filter volume name. - - - - - Class which represents a section from a loaded PE file. - - - - - The name of the section. - - - - - Buffer to the data. - - - - - Relative Virtual address of the data from the library base. - - - - - Image section characteristics. - - - - - Get the data as an array. - - The data as an array. If can't read the section returns an empty array. - - - - Characteristic flags for image section. - - - - - None. - - - - - Section is code. - - - - - Section is initialized data. - - - - - Section is uninitialized data. - - - - - Section is shared. - - - - - Section is executable. - - - - - Section is readable. - - - - - Section is writable. - - - - - Class to represent a resource in an image. - - - - - The name of the resource. - - - - - The type of the resource. - - - - - The size of the resource. - - - - - Get the resource as a byte array. - - The resource as a byte array. - - - - Image resource type. - - - - - The name of the resource as a string. - - - - - The well known type, is available (otherwise set to UNKNOWN) - - - - - Overridden ToString method. - - The name of the type. - - - - Known image resource types. - - - - - Interface for a symbol resolver. - - - - - Get list of loaded modules. - - The list of loaded modules - Note this will cache the results so subsequent calls won't necessarily see new modules. - - - - Get list of loaded modules and optionally refresh the list. - - True to refresh the current cached list of modules. - The list of loaded modules - - - - Get module at an address. - - The address for the module. - The module, or null if not found. - Note this will cache the results so subsequent calls won't necessarily see new modules. - - - - Get module at an address. - - The address for the module. - True to refresh the current cached list of modules. - The module, or null if not found. - - - - Get a string representation of a relative address to a module. - - The address to get the string for, - The string form of the address, e.g. modulename+0x100 - Note this will cache the results so subsequent calls won't necessarily see new modules. - - - - Get a string representation of a relative address to a module. - - The address to get the string for, - True to refresh the current cached list of modules. - The string form of the address, e.g. modulename+0x100 - - - - Get the address of a symbol. - - The name of the symbol, should include the module name, e.g. modulename!MySymbol. - The address of the symbol - - - - Get the symbol name for an address. - - The address of the symbol. - The symbol name. - - - - Get the symbol name for an address, with no fallback. - - The address of the symbol. - If true then generate a fake symbol. - The symbol name. If |generate_fake_symbol| is true and the symbol doesn't exist one is generated based on module name. - - - - Get the symbol name for an address, with no fallback. - - The address of the symbol. - If true then generate a fake symbol. - If true then return only the name of the symbols (such as C++ symbol name) rather than full symbol. - The symbol name. If |generate_fake_symbol| is true and the symbol doesn't exist one is generated based on module name. - - - - Reload the list of modules for this symbol resolver. - - - - - Load a specific module into the symbol resolver. - - The path to the module. - The base address of the loaded module. - - - - Flags for loading a library. - - - - - None. - - - - - Don't resolve DLL references - - - - - Load library as a data file. - - - - - Load with an altered search path. - - - - - Ignore code authz level. - - - - - Load library as an image resource. - - - - - Load library as a data file exclusively. - - - - - Add the DLL's directory temporarily to the search list. - - - - - Search application directory for the DLL. - - - - - Search the user's directories for the DLL. - - - - - Search system32 for the DLL. - - - - - Search the default directories for the DLL. - - - - - Logon type - - - - - This is used to specify an undefined logon type - - - - - Interactively logged on (locally or remotely) - - - - - Accessing system via network - - - - - Started via a batch queue - - - - - Service started by service controller - - - - - Proxy logon - - - - - Unlock workstation - - - - - Network logon with cleartext credentials - - - - - Clone caller, new default credentials - - - - - Remove interactive. - - - - - Cached Interactive. - - - - - Cached Remote Interactive. - - - - - Cached unlock. - - - - - Specify what account rights to get. - - - - - Get all account rights. - - - - - Get all privilege account rights. - - - - - Get logon account rights. - - - - - Utilities for user logon. - - - - - Logon a user with a username and password. - - The username. - The user's domain. - The user's password. - The type of logon token. - The logged on token. - - - - Logon a user with a username and password. - - The username. - The user's domain. - The user's password. - The type of logon token. - The Logon provider. - The logged on token. - - - - Logon a user with a username and password. - - The username. - The user's domain. - The user's password. - The type of logon token. - The Logon provider. - True to throw on error. - The logged on token. - - - - Logon a user with a username and password. - - The username. - The user's domain. - The user's password. - The type of logon token. - The Logon provider. - Additional groups to add. Needs SeTcbPrivilege. - The logged on token. - - - - Logon a user with a username and password. - - The username. - The user's domain. - The user's password. - The type of logon token. - The Logon provider. - Additional groups to add. Needs SeTcbPrivilege. - True to throw on error. - The logged on token. - - - - Logon a user with a username and password. - - The username. - The user's domain. - The user's password. - The type of logon token. - Additional groups to add. Needs SeTcbPrivilege. - The logged on token. - - - - Logon user using Kerberos Ticket. - - The type of logon token. - The service ticket. - Optional TGT. - True to throw on error. - The logged on token. - - - - Logon user using Kerberos Ticket. - - The type of logon token. - The service ticket. - Optional TGT. - The logged on token. - - - - Logon user using Kerberos Ticket. - - The type of logon token. - The service ticket. - Optional TGT. - True to throw on error. - The logged on token. - - - - Logon user using Kerberos Ticket. - - The type of logon token. - The service ticket. - Optional TGT. - The logged on token. - - - - Logon user using S4U - - The username. - The user's realm. - The type of logon token. - The name of the auth package to user. - True to throw on error. - The logged on token. - - - - Logon user using S4U - - The username. - The user's realm. - The type of logon token. - The name of the auth package to user. - The logged on token. - - - - Logon user using S4U - - The username. - The user's realm. - The type of logon token. - The logged on token. - - - - Logon user using S4U - - The username. - The user's realm. - The type of logon token. - The logged on token. - - - - Get a logon session. - - The logon session ID. - True to thrown on error. - The logon session. - - - - Get a logon session. - - The logon session ID. - The logon session. - - - - Get the logon session LUIDs - - True throw on error. - The list of logon sessions. Only returns ones you can access. - - - - Get the logon session LUIDs - - The list of logon sessions. Only returns ones you can access. - - - - Get the logon sessions. - - True throw on error. - The list of logon sessions. Only returns ones you can access. - - - - Get the logon sessions. - - The list of logon sessions. - - - - Get account rights assigned to a SID. - - The SID to query. - True to throw on error. - The list of account rights. - - - - Get account rights assigned to a SID. - - The SID to query. - The list of account rights. - - - - Get SIDs associated with an account right. - - The name of the account right, such as SeImpersonatePrivilege. - True to throw on error. - The list of SIDs assigned to the account right. - - - - Get SIDs associated with an account right. - - The name of the account right, such as SeImpersonatePrivilege. - The list of SIDs assigned to the account right. - - - - Get SIDs associated with an account right. - - The account right privilege to query. - True to throw on error. - The list of SIDs assigned to the account right. - - - - Get SIDs associated with an account right. - - The account right privilege to query. - The list of SIDs assigned to the account right. - - - - Get SIDs associated with an account right. - - The logon account right to query. - True to throw on error. - The list of SIDs assigned to the account right. - - - - Get SIDs associated with an account right. - - The logon account right to query. - The list of SIDs assigned to the account right. - - - - Get account rights. - - Specify the type of account rights to get. - Account rights. - - - - Get all account rights. - - All account rights. - - - - Add account rights to the user. - - The user SID to add. - The list of account rights. - True to throw on error. - The NT status code. - - - - Add account rights to the user. - - The user SID to add. - The list of account rights. - The NT status code. - - - - Add account rights as privileges. - - The user SID to add. - The list of account privileges. - True to throw on error. - The NT status code. - - - - Add account rights as privileges. - - The user SID to add. - The list of account privileges. - - - - Add account rights as privileges. - - The user SID to add. - The list of account logon types. - True to throw on error. - The NT status code. - - - - Add account rights as privileges. - - The user SID to add. - The list of account logon types. - - - - Remove account rights from a user. - - The user SID to remove. - The list of account rights. - True to throw on error. - The NT status code. - - - - Remove account rights from a user. - - The user SID to remove. - The list of account rights. - - - - Remove account rights from a user. - - The user SID to remove. - The list of privileges. - True to throw on error. - The NT status code. - - - - Remove account rights from a user. - - The user SID to remove. - The list of account privileges. - - - - Remove account rights from a user. - - The user SID to remove. - The list of account rights. - True to throw on error. - The NT status code. - - - - Remove account rights from a user. - - The user SID to remove. - The list of account rights. - - - - Win32 memory utils. - - - - - Write memory to a process. - - The process to write to. - The base address in the process. - The data to write. - The number of bytes written to the location - Thrown on error. - - - - Write memory to a process. - - The process to write to. - The base address in the process. - The data to write. - The number of bytes written to the location - Thrown on error. - - - - Class to represent a TCP listener with process ID. - - - - Gets the local endpoint of a Transmission Control Protocol (TCP) connection. - An instance that contains the IP address and port on the local computer. - - - Gets the remote endpoint of a Transmission Control Protocol (TCP) connection. - An instance that contains the IP address and port on the remote computer. - - - Gets the state of this Transmission Control Protocol (TCP) connection. - One of the enumeration values. - - - - Get local address. - - - - - Get local port. - - - - - Get remote address. - - - - - Get remote port. - - - - - Gets the process ID of the listener on the local system. - - - - - Gets the time the socket was created. - - - - - Gets the owner of the module. This could be an executable path or a service name. - - - - - Class to represent a UDP listener with process ID. - - - - Gets the local endpoint of a Transmission Control Protocol (TCP) connection. - An instance that contains the IP address and port on the local computer. - - - - Get local address. - - - - - Get local port. - - - - - Gets the process ID of the listener on the local system. - - - - - Gets the time the socket was created. - - - - - Gets the owner of the module. This could be an executable path or a service name. - - - - - Gets if the UDP socket is bound to a specific port. - - - - - Utilities for Win32 network APIs. - - - - - Get a list of TCP listeners with process IDs. - - The address family to query. - True to throw on error. - The list of TCP listeners. - The built-in System.Net.NetworkInformation.SystemIPGlobalProperties.GetActiveTcpListeners doesn't expose the PID member so we have to reimplement it. - - - - Get a list of TCP listeners with process IDs. - - The address family to query. - The list of TCP listeners. - The built-in System.Net.NetworkInformation.SystemIPGlobalProperties.GetActiveTcpListeners doesn't expose the PID member so we have to reimplement it. - - - - Get a list of TCP listeners with process IDs. Returns both IPv4 and IPv6 listeners. - - The list of TCP listeners. - The built-in System.Net.NetworkInformation.SystemIPGlobalProperties.GetActiveTcpListeners doesn't expose the PID member so we have to reimplement it. - - - - Get a TCP listener for a TCP port. - - The address family of the IP address. - The TCP port. - The listener information, or null if not found. - - - - Get a list of UDP listeners with process IDs. - - The address family to query. - True to throw on error. - The list of UDP listeners. - - - - Get a list of UDP listeners with process IDs. - - The address family to query. - The list of UDP listeners. - - - - Get a list of UDP listeners with process IDs. Returns both IPv4 and IPv6 listeners. - - The list of UDP listeners. - - - - APPX Package Architecture. - - - - - X86 - - - - - ARM - - - - - X64 - - - - - Neutral - - - - - ARM64 - - - - - APPX Package Origin. - - - - - Unknown origin. - - - - - Unsigned. - - - - - Inbox. - - - - - Store. - - - - - Developer unsigned. - - - - - Developer signed. - - - - - Line-of-business. - - - - - Class which represents an AppContainer package identity. - - - - - Process architecture. - - - - - Package version. - - - - - Package family name. - - - - - Publisher (not always available). - - - - - Resource ID. - - - - - Published ID. - - - - - Full package name. - - - - - Package origin. - - - - - Package family name. - - - - - Package install path. - - - - - The list of application model IDs. - - - - - Get the GetStagedPackageOrigin method as a delegate. It's supposed to be exposed by kernel32, - but actually doesn't seem to be. - - - - - - Create from a package full name. - - The package full name. - Query for full information (needs to be installed for the current user). - True to throw on error. - The package identity. - - - - Create from a package full name. - - The package full name. - Query for full information (needs to be installed for the current user). - The package identity. - - - - Create from a token. - - The AppContainer token. - Query for full information (needs to be installed for the current user). - True to throw on error. - The package identity. - - - - Create from a token. - - The AppContainer token. - Query for full information (needs to be installed for the current user). - The package identity. - - - - Class to represent a printer object. - - - - - Dispose the printer object. - - - - - Open a printer or server. - - The name of the printer or server. If this is null or empty then it's the local server. - The desired access on the printer. - True to throw on error. - The opened printer. - - - - Open a printer. - - The name of the printer. - The desired access on the printer. - The opened printer. - - - - Open a printer. - - The name of the printer. - The opened printer. - - - - Get security descriptor for the printer. - - True to throw on error. - The printer's security descriptor. - - - - Get security descriptor for the printer. - - The printer's security descriptor. - - - - Access rights for a print spooler object. - - - - - Utils for print spooler. - - - - - Name for the fake printer NT type. - - - - - Name for the fake print server NT type. - - - - - Name for the fake print server NT type. - - - - - Get the generic mapping for printer objects. - - The printer objects generic mapping. - - - - Get the generic mapping for job objects. - - The job objects generic mapping. - - - - Get the generic mapping for server objects. - - The server objects generic mapping. - - - - Get the appropriate NT type for the printer path. - - The printer path, e.g. \\server\printer. - The NT type. - - - - Class representing an RPC ALPC server. - - - - - The PID of the process which contains the ALPC server. - - - - - The name of the process which contains the ALPC server. - - - - - List of known endpoints potentially accessible via this RPC server. - - - - - The number of endpoints. - - - - - The name of the ALPC server. - - - - - The security descriptor of the ALPC server. - - - - - Get RPC ALPC servers for a specific process. - - The ID of the process. - The list of RPC ALPC servers. - If the process is suspended or frozen this call can hang. - - - - Get a list of all RPC ALPC servers. - - This works by discovering any server ALPC ports owned by the process and querying for interfaces. - This will ignore any frozen processes (primarily UWP) as they can't respond to the endpoint enumeration. - The list of RPC ALPC servers. - - - - Get the RPC ALPC server for an ALPC port object path. - - The object manager path to the ALPC port. - The ALPC RPC server. - Needs an API which is only available from Windows 10 19H1. - - - - Overridden ToString method. - - Formatted string. - - - - Generic RPC client. - - - - - Constructor. - - The interface ID. - Version of the interface. - - - - Constructor. - - The RPC server to bind to. - - - - Send and receive an RPC message. - - The procedure number. - Marshal NDR buffer for the call. - Unmarshal NDR buffer for the result. - - - - Class to represent an RPC endpoint. - - - - - The interface ID of the endpoint. - - - - - The interface version. - - - - - The object UUID. - - - - - Optional annotation. - - - - - RPC binding string. - - - - - Endpoint protocol sequence. - - - - - Endpoint network address. - - - - - Endpoint name. - - - - - Endpoint network options. - - - - - The endpoint path. - - - - - Indicates this endpoint is registered with the endpoint mapper. - - - - - Overridden ToString method. - - String form of the object. - - - - Get information about the server process. - - - - - - Static class to access information from the RPC mapper. - - - - - Query all endpoints registered on the local system. - - List of endpoints. - - - - Query all endpoints registered based on a binding string. - - The binding string for the server to search on. If null or empty will search localhost. - List of endpoints. - - - - Query for endpoints registered on the local system for an RPC endpoint. - - The binding string for the server to search on. If null or empty will search localhost. - Interface UUID to lookup. - Interface version lookup. - The list of registered RPC endpoints. - - - - Query for endpoints registered on the local system for an RPC endpoint. - - Interface UUID to lookup. - Interface version lookup. - The list of registered RPC endpoints. - - - - Query for endpoints registered on the local system for an RPC endpoint ignoring the version. - - The binding string for the server to search on. If null or empty will search localhost. - Interface UUID to lookup. - The list of registered RPC endpoints. - - - - Query for endpoints registered on the local system for an RPC endpoint ignoring the version. - - Interface UUID to lookup. - The list of registered RPC endpoints. - - - - Query for endpoints registered on the local system for an RPC endpoint. - - The server interface. - The list of registered RPC endpoints. - - - - Query for endpoints registered on the local system for an RPC endpoint via ALPC. - - Interface UUID to lookup. - Interface version lookup. - The list of registered RPC endpoints. - - - - Query for endpoints registered on the local system for an RPC endpoint via ALPC. - - The server interface. - The list of registered RPC endpoints. - - - - Query for endpoints for a RPC binding. - - The ALPC port to query. Can be a full path as long as it contains \RPC Control\ somewhere. - True to throw on error. - The list of endpoints on the RPC binding. - - - - Query for endpoints for a RPC binding. - - The ALPC port to query. Can be a full path as long as it contains \RPC Control\ somewhere. - The list of endpoints on the RPC binding. - - - - Query for endpoints for a RPC binding. - - The RPC binding to query, e.g. ncalrpc:[PORT] - True to throw on error. - The list of endpoints on the RPC binding. - - - - Query for endpoints for a RPC binding. - - The RPC binding to query, e.g. ncalrpc:[PORT] - The list of endpoints on the RPC binding. - - - - Resolve the local binding string for this service from the local Endpoint Mapper and return the endpoint. - - The protocol sequence to lookup. - Interface UUID to lookup. - Interface version lookup. - The mapped endpoint. - This only will return a valid value if the service is running and registered with the Endpoint Mapper. It can also hang. - - - - Resolve the local binding string for this service from the local Endpoint Mapper and return the endpoint. - - The protocol sequence to lookup. - The network address for the lookup. - Interface UUID to lookup. - Interface version lookup. - The mapped endpoint. - This only will return a valid value if the service is running and registered with the Endpoint Mapper. It can also hang. - - - - Resolve the local binding string for this service from the local Endpoint Mapper and return the endpoint. - - The string binding to map. - Interface UUID to lookup. - Interface version lookup. - The mapped endpoint. - This only will return a valid value if the service is running and registered with the Endpoint Mapper. It can also hang. - - - - Resolve the local binding string for this service from the local Endpoint Mapper and return the ALPC port path. - - Interface UUID to lookup. - Interface version lookup. - The mapped endpoint. - This only will return a valid value if the service is running and registered with the Endpoint Mapper. It can also hang. - - - - Resolve the local binding string for this service from the local Endpoint Mapper and return the ALPC port path. - - The server interface. - The mapped endpoint. - This only will return a valid value if the service is running and registered with the Endpoint Mapper. It can also hang. - - - - Finds ALPC endpoints which allows for the server binding. This brute forces all ALPC ports to try and find - something which will accept the bind. - - This could hang if the ALPC port is owned by a suspended process. - Interface UUID to lookup. - Interface version lookup. - A list of RPC endpoints which can bind the interface. - Throws on error. - - - - Finds an ALPC endpoint which allows for the server binding. This brute forces all ALPC ports to try and find - something which will accept the bind. - - This could hang if the ALPC port is owned by a suspended process. - Interface UUID to lookup. - Interface version lookup. - The first RPC endpoints which can bind the interface. Throws exception if nothing found. - Throws on error. - - - - Resolve the binding string for this service from the Endpoint Mapper. - - The binding string to map. - Interface UUID to lookup. - Interface version lookup. - This only will return a valid value if the service is running and registered with the Endpoint Mapper. It can also hang. - The RPC binding string. Empty string if it doesn't exist or the lookup failed. - - - - Resolve the binding string for this service from the the Endpoint Mapper. - - The protocol sequence to lookup. - The network address to lookup the endpoint. - Interface UUID to lookup. - Interface version lookup. - This only will return a valid value if the service is running and registered with the Endpoint Mapper. It can also hang. - The RPC binding string. Empty string if it doesn't exist or the lookup failed. - - - - Resolve the binding string for this service from the local Endpoint Mapper. - - The protocol sequence to lookup. - Interface UUID to lookup. - Interface version lookup. - This only will return a valid value if the service is running and registered with the Endpoint Mapper. It can also hang. - The RPC binding string. Empty string if it doesn't exist or the lookup failed. - - - - A class to represent an RPC server. - - - - - Resolve the current running endpoint for this server. - - - - - - Format the RPC server as text. - - The formatted RPC server. - - - - Format the RPC server as text. - - True to remove comments from the output. - The formatted RPC server. - - - - Format the RPC server as text. - - True to remove comments from the output. - Formating using C++ pseduo syntax. - The formatted RPC server. - - - - Serialize the RPC server to a stream. - - The stream to hold the serialized server. - Only use the output of this method with the Deserialize method. No guarantees of compatibility is made between - versions of the library or the specific format used. - - - - Serialize the RPC server to a byte array. - - The serialized data. - Only use the output of this method with the Deserialize method. No guarantees of compatibility is made between - versions of the library or the specific format used. - - - - The RPC server interface UUID. - - - - - The RPC server interface version. - - - - - The RPC transfer syntax GUID. - - - - - The RPC transfer syntax version. - - - - - The number of RPC procedures. - - - - - The list of RPC procedures. - - - - - The NDR RPC server. - - - - - List of parsed complext types. - - - - - Path to the PE file this server came from (if known) - - - - - Name of the the PE file this server came from (if known) - - - - - Offset into the PE file this server was parsed from. - - - - - Name of the service this server would run in (if known). - - - - - Display name of the service this server would run in (if known). - - - - - True if the service is currently running. - - - - - List of endpoints for this service if running. - - - - - Count of endpoints for this service if running. - - - - - This parsed interface represents a client. - - - - - Parse all RPC servers from a PE file. - - The PE file to parse. - Path to a DBGHELP DLL to resolve symbols. - Symbol path for DBGHELP - This only works for PE files with the same bitness as the current process. - A list of parsed RPC server. - - - - Parse all RPC servers from a PE file. - - The PE file to parse. - Path to a DBGHELP DLL to resolve symbols. - Symbol path for DBGHELP - True to parse client RPC interfaces. - This only works for PE files with the same bitness as the current process. - A list of parsed RPC server. - - - - Parse all RPC servers from a PE file. - - The PE file to parse. - Path to a DBGHELP DLL to resolve symbols. - Symbol path for DBGHELP - True to parse client RPC interfaces. - Ignore symbol resolving. - This only works for PE files with the same bitness as the current process. - A list of parsed RPC server. - - - - Parse all RPC servers from a PE file. - - The PE file to parse. - Path to a DBGHELP DLL to resolve symbols. - Symbol path for DBGHELP - Flags for the RPC parser. - This only works for PE files with the same bitness as the current process. - A list of parsed RPC server. - - - - Deserialize an RPC server instance from a stream. - - The stream to deserialize from. - The RPC server instance. - The data used by this method should only use the output from serialize. No guarantees of compatibility is made between - versions of the library or the specific format used. - - - - Deserialize an RPC server instance from a byte array. - - The byte array to deserialize from. - The RPC server instance. - The data used by this method should only use the output from serialize. No guarantees of compatibility is made between - versions of the library or the specific format used. - - - - Get the default RPC server security descriptor. - - The default security descriptor. - - - - Flags for the RPC server parser. - - - - - None. - - - - - Parse client entries. - - - - - Ignore symbols when parsing. - - - - - Try and resolve structure names. Needs private symbols. - - - - - Enable a symbol server fallback. If the copy of dbghelp doesn't have a symsrv.dll - then download from a public symbol URL to a local cache directory during symbol - resolving. - - - - - Base class for a RPC client. - - - - - Constructor. - - The interface ID. - Version of the interface. - - - - Constructor. - - The interface ID as a string. - Major version of the interface. - Minor version of the interface. - - - - Send and receive an RPC message. - - The procedure number. - The NDR data representation. - Marshal NDR buffer for the call. - List of handles marshaled into the buffer. - Unmarshal NDR buffer for the result. - - - - Method to call to check if the transport supports synchronous pipes. - - - - - Method to call to check if the transport supports asynchronous pipes. - - - - - Get whether the client is connected or not. - - - - - Get the endpoint that we connected to. - - - - - Get the protocol sequence that we connected to. - - - - - Get or set the current Object UUID used for calls. - - - - - The RPC interface ID. - - - - - The RPC interface version. - - - - - Get the client transport object. - - - - - Connect the client to a RPC endpoint. - - The endpoint for RPC server. - The transport security for the connection. - - - - Connect the client to a RPC endpoint. - - The endpoint for RPC server. - The security quality of service for the connection. - - - - Connect the client to a RPC endpoint. - - The protocol sequence for the transport. - The endpoint for the protocol sequence. - The network address for the protocol sequence. - The security quality of service for the connection. - - - - Connect the client to a RPC endpoint. - - The protocol sequence for the transport. - The endpoint for the protocol sequence. - The network address for the protocol sequence. - The transport security for the connection. - - - - Connect the client to a RPC endpoint. - - The protocol sequence for the transport. - The endpoint for the protocol sequence. - The security quality of service for the connection. - - - - Connect the client to a RPC endpoint. - - The protocol sequence for the transport. - The endpoint for the protocol sequence. - The transport security for the connection. - - - - Connect the client to an ALPC RPC port. - - The path to the ALPC RPC port. - The security quality of service for the port. - - - - Connect the client to a RPC endpoint. - - The binding string for the RPC server. - The transport security for the connection. - - - - Connect the client to an ALPC RPC port. - - The path to the ALPC RPC port. If an empty string the endpoint will be looked up in the endpoint mapper. - - - - Connect the client to an ALPC RPC port. - - The ALPC endpoint will be looked up in the endpoint mapper. - - - - Dispose of the client. - - - - - Disconnect the client. - - - - - Builder to create an RPC client from an RpcServer class. - - - - - Build a source file for the RPC client. - - The RPC server to base the client on. - Additional builder arguments. - The code generation options, can be null. - The code dom provider, such as CSharpDomProvider - The source code file. - - - - Build a C# source file for the RPC client. - - The RPC server to base the client on. - Additional builder arguments. - The C# source code file. - - - - Build a C# source file for the RPC client. - - The RPC server to base the client on. - The C# source code file. - - - - Build a source file for RPC complex types. - - The RPC complex types to build the encoders from. - Name of the decoder class. Can be null or empty to use default. - Name of the encoder class. Can be null or empty to use default. - Name of the generated namespace. Null or empty specified no namespace. - The code generation options, can be null. - The code dom provider, such as CSharpDomProvider - True to wrap complex decoders in a unique pointer. - The source code file. - - - - Build a source file for RPC complex types. - - The RPC complex types to build the encoders from. - Name of the decoder class. Can be null or empty to use default. - Name of the encoder class. Can be null or empty to use default. - Name of the generated namespace. Null or empty specified no namespace. - The code generation options, can be null. - The code dom provider, such as CSharpDomProvider - The source code file. - - - - Build a source file for RPC complex types. - - The RPC complex types to build the encoders from. - Name of the decoder class. Can be null or empty to use default. - Name of the encoder class. Can be null or empty to use default. - Name of the generated namespace. Null or empty specified no namespace. - True to wrap complex decoders in a unique pointer. - The source code file. - - - - Build a source file for RPC complex types. - - The RPC complex types to build the encoders from. - Name of the decoder class. Can be null or empty to use default. - Name of the encoder class. Can be null or empty to use default. - Name of the generated namespace. Null or empty specified no namespace. - The source code file. - - - - Build a source file for RPC complex types. - - The RPC complex types to build the encoders from. - The C# source code file. - - - - Compile an in-memory assembly for the RPC client. - - The RPC server to base the client on. - Additional builder arguments. - True to ignore cached assemblies. - Code DOM provider to compile the assembly. - The compiled assembly. - This method will cache the results of the compilation against the RpcServer. - - - - Compile an in-memory assembly for the RPC client. - - The RPC server to base the client on. - Additional builder arguments. - True to ignore cached assemblies. - The compiled assembly. - This method will cache the results of the compilation against the RpcServer. - - - - Compile an in-memory assembly for the RPC client. - - The RPC server to base the client on. - Additional builder arguments. - The compiled assembly. - This method will cache the results of the compilation against the RpcServer. - - - - Compile an in-memory assembly for the RPC client. - - The RPC server to base the client on. - True to ignore cached assemblies. - The compiled assembly. - This method will cache the results of the compilation against the RpcServer. - - - - Compile an in-memory assembly for the RPC client. - - The RPC server to base the client on. - The compiled assembly. - This method will cache the results of the compilation against the RpcServer. - - - - Create an instance of an RPC client. - - The RPC server to base the client on. - True to ignore cached assemblies. - Additional builder arguments. - Code DOM provider to compile the assembly. - The created RPC client. - This method will cache the results of the compilation against the RpcServer. - - - - Create an instance of an RPC client. - - The RPC server to base the client on. - True to ignore cached assemblies. - Additional builder arguments. - The created RPC client. - This method will cache the results of the compilation against the RpcServer. - - - - Create an instance of an RPC client. - - The RPC server to base the client on. - Additional builder arguments. - The created RPC client. - This method will cache the results of the compilation against the RpcServer. - - - - Create an instance of an RPC client. - - The RPC server to base the client on. - The created RPC client. - This method will cache the results of the compilation against the RpcServer. - - - - Flags for the RPC client builder. - - - - - None. - - - - - Generate public properties on the client to create defined complex types. - - If not specified then constructors will be defined on the types themselves. - - - - Insert breakpoints into the start of every generated method. Also enables debugging. - - - - - Disable calculated correlation information. This will prevent automatic updating of array and - string lengths based on other parameters or fields. This might result in unexpected behavior or - call failures. This won't disable correlations for union types or constant correlations. - - - - - Don't emit any namespace, normally not specifying a namespace will auto-generate one. - - - - - Output FC_CHAR as if the original compiler had specified unsigned char types. Basically converts - System.SByte to System.Byte where needed which makes the methods easier to use. - - - - - Return ref/out parameters via a structure rather than requiring ref/out parameters in client - methods. - - - - - When using StructureReturn hide the original out/ref methods. - - - - - Generate encode/decode methods for complex types. - - - - - Exclude any text in the source code which can change between generations. - - - - - Wrap complex type decoders with a unique pointer. - - - - - Marshal pipe parameters using arrays. - - - - - Arguments for the RPC client builder. - - - - - Builder flags. - - - - - The namespace for the client class. - - - - - The class name of the client. - - - - - The class name of the complex type encoding class. - - - - - The class name of the complex type decoder class. - - - - - Enable debugging on built code. - - - - - GetHashCode implementation. - - The hash code. - - - - Equals implementation. - - The object to compare against. - True if the object is equal. - - - - Response data from an RPC client call. - - - - - The marshaled NDR data from the response. - - - - - Any object handles returned in the response. (only for ALPC). - - - - - Indicates the NDR data representation for the response. - - - - - Class to represent details about a server process. - - - - - The server process ID. - - - - - The server session ID. - - - - - The name of the process. - - - - - Get the process image path. - - - - - Overridden ToString method. - - - - - - Some addition internal utilities for RPC code. - - - - - Specify RPC trace level. - - Specify the RPC trace level. - This dumps NDR data. Verbose dumps the binary data. - - - - Specify RPC transport trace level. - - Specify the RPC transport trace level. - Verbose dumps the transport binary data. - - - - Helper to dereference a type. - - The type to dereference. - The value to dereference. - The dereferenced result. - - - - Helper to dereference a type. - - The type to dereference. - The value to dereference. - The dereferenced result. - - - - Helper to check for NULL. - - The type to check. - The object to check. - The name of the value to check. - The checked value. - - - - Helper to check for NULL. - - The type to check. - The object to check. - The name of the value to check. - The checked value. - - - - Helper to check for NULL. - - The type to check. - The object to check. - The name of the value to check. - The checked value. - - - - Helper to dereference a type. - - The type to dereference. - The value to dereference. - The dereferenced result. - - - - Helper to perform a plus unary operation. - - The value to apply the operator to. - The result. - - - - Helper to perform a minus unary operation. - - The value to apply the operator to. - The result. - - - - Helper to perform a complement unary operation. - - The value to apply the operator to. - The result. - - - - Perform a ternary operation. - - The condition to evaluate as != 0. - The result if true. - The result if false. - The result. - - - - Perform ADD. - - The left operand. - The right operand. - The result. - - - - Perform SUB. - - The left operand. - The right operand. - The result. - - - - Perform MUL. - - The left operand. - The right operand. - The result. - - - - Perform DIV. - - The left operand. - The right operand. - The result. - - - - Perform MOD. - - The left operand. - The right operand. - The result. - - - - Perform Bitwise AND. - - The left operand. - The right operand. - The result. - - - - Perform Bitwise OR. - - The left operand. - The right operand. - The result. - - - - Perform bitwise XOR. Needed as Code DOM doesn't support XOR. - - The left operand. - The right operand. - The result. - - - - Perform bitwise LEFTSHIFT. - - The left operand. - The right operand. - The result. - - - - Perform bitwise RIGHTSHIFT. - - The left operand. - The right operand. - The result. - - - - Perform logical AND. - - The left operand. - The right operand. - The result. - - - - Perform logical OR. - - The left operand. - The right operand. - The result. - - - - Perform EQUAL. - - The left operand. - The right operand. - The result. - - - - Perform NOTEQUAL. - - The left operand. - The right operand. - The result. - - - - Perform GREATER. - - The left operand. - The right operand. - The result. - - - - Perform GREATEREQUAL. - - The left operand. - The right operand. - The result. - - - - Perform LESS. - - The left operand. - The right operand. - The result. - - - - Perform LESSEQUAL. - - The left operand. - The right operand. - Returns left LESSEQUAL right. - - - - Convert value to a boolean. - - The value - True if value != 0. - - - - Convert value to a boolean. - - The value - True if value != 0. - - - - Convert value to a boolean. - - The value - True if value != 0. - - - - Convert value to a boolean. - - The value - True if value != 0. - - - - Convert value to a boolean. - - The value - True if value != 0. - - - - Convert value to a boolean. - - The value - True if value != 0. - - - - Convert value to a boolean. - - The value - True if value != 0. - - - - Convert value to a boolean. - - The value - True if value != 0. - - - - Convert value to a boolean. - - The value - True if value != 0. - - - - Convert value to a boolean. - - The nullable value - True if value has a value set. - - - - Convert value to a boolean. - - The nullable value - True if value has a value set. - - - - Compose a string binding from its parts. - - The object UUID. - The protocol sequence. - The network address. - The endpoint. - The options. - The composed binding string. - - - - Interface to implement an RPC client transport. - - - - - Bind the RPC transport to a specified interface. - - The interface ID to bind to. - The interface version to bind to. - The transfer syntax to use. - The transfer syntax version to use. - - - - Send and receive an RPC message. - - The procedure number. - The object UUID for the call. - NDR data representation. - Marshal NDR buffer for the call. - List of handles marshaled into the buffer. - Client response from the send. - - - - Add and authenticate a new security context. - - The transport security for the context. - The created security context. - - - - Disconnect the transport. - - - - - Get whether the client is connected or not. - - - - - Get the endpoint the client is connected to. - - - - - Get the transport protocol sequence. - - - - - Get whether the client has been authenticated. - - - - - Get the transport's authentication type. - - - - - Get the transport's authentication level. - - - - - Get information about the local server process, if known. - - - - - Get the current Call ID. - - - - - Indicates if this connection supported multiple security context. - - - - - Get the list of negotiated security context. - - - - - Get or set the current security context. - - - - - Get whether the transport supports synchronous pipes. - - - - - RPC client transport over ALPC. - - - - - Constructor. - - The path to connect. The format depends on the transport. - The security quality of service for the connection. - - - - Constructor. - - The path to connect. The format depends on the transport. - The security quality of service for the connection. - Timeout for connection. - - - - Bind the RPC transport to an interface. - - The interface ID to bind to. - The interface version to bind to. - The transfer syntax to use. - The transfer syntax version to use. - - - - Send and receive an RPC message. - - The procedure number. - The object UUID for the call. - NDR data representation. - Marshal NDR buffer for the call. - List of handles marshaled into the buffer. - Client response from the send. - - - - Dispose of the client. - - - - - Disconnect the client. - - - - - Add and authenticate a new security context. - - The transport security for the context. - The created security context. - - - - Get whether the client is connected or not. - - - - - Get the ALPC port path that we connected to. - - - - - Get the current Call ID. - - - - - Get the transport protocol sequence. - - - - - Get information about the local server process, if known. - - - - - Get whether the client has been authenticated. - - - - - Get the transports authentication type. - - - - - Get the transports authentication level. - - - - - Indicates if this connection supported multiple security context. - - - - - Get the list of negotiated security context. - - - - - Get or set the current security context. - - - - - Get whether the transport supports synchronous pipes. - - - - - Flags to specify RPC authentication capabilities. - - - - - None. - - - - - Enable mutual authentication. - - - - - Enable a NULL session authentication. - - - - - Enable delegation of credentials if supported. - - - - - Authentication level for RPC transport. - - - - - Default. - - - - - None. - - - - - Connect only. - - - - - Call only. - - - - - Packet only. - - - - - Packet integrity. - - - - - Packer privacy and integrity. - - - - - RPC authentication type. - - - - - Default. Uses WinNT. - - - - - No authentication. - - - - - DCE private. - - - - - DCE public. - - - - - DEC public. - - - - - SPNEGO authentication. - - - - - WinNT authentication, i.e. NTLM. - - - - - Secure channel. - - - - - Kerberos. - - - - - DPA. - - - - - MSN. - - - - - Digest. - - - - - Kernel. - - - - - SPNEGO extender. - - - - - PKU2U - - - - - LiveSSP - - - - - LiveXP SSP. - - - - - CloudAP. - - - - - Netlogon. - - - - - MS Online. - - - - - Message Queue. - - - - - Interface to implement an RPC client transport factory. - - - - - Connect a new RPC client transport. - - The RPC endpoint. - The transport security for the connection. - The connected transport. - - - - Factory for RPC client transports. - - - - - Add a new transport factory. - - The protocol sequence to add. - The transport factory. - - - - Connect a client transport from an endpoint. - - The RPC endpoint. - The security quality of service for the connection. - The connected client transport. - Thrown if protocol sequence unsupported. - Other exceptions depending on the connection. - - - - Connect a client transport from an endpoint. - - The RPC endpoint. - The transport security for the connection. - The connected client transport. - Thrown if protocol sequence unsupported. - Other exceptions depending on the connection. - - - - Base class for a DCE/RPC connected client transport. This implements the common functions - of the DCE/RPC specs for connected network based RPC transports. - - - - - Constructor. - - The initial maximum receive fragment length. - The initial maximum send fragment length. - The transport security for the connection. - The data representation. - - - - Read the next fragment from the transport. - - The maximum receive fragment length. - The read fragment. - - - - Write the fragment to the transport. - - The fragment to write. - True if successfully wrote the fragment. - - - - Get whether the client is connected or not. - - - - - Get the endpoint the client is connected to. - - - - - Get the transport protocol sequence. - - - - - Get information about the server process, if known. - - - - - Get whether the client has been authenticated. - - - - - Get the transports authentication type. - - - - - Get the transports authentication level. - - - - - Get the transport authentication context. - - - - - Indicates if this connection supported multiple security context. - - - - - Get the list of negotiated security context. - - - - - Get or set the current security context. - - - - - Get the current Call ID. - - - - - Get maximum receive fragment. - - - - - Get maximum send fragment. - - - - - Get association group ID. - - - - - Get whether the transport supports synchronous pipes. - - - - - Bind the RPC transport to a specified interface. - - The interface ID to bind to. - The interface version to bind to. - The transfer syntax to use. - The transfer syntax version to use. - - - - Add and authenticate a new security context. - - The transport security for the context. - The created security context. - - - - Send and receive an RPC message. - - The procedure number. - The object UUID for the call. - NDR data representation. - Marshal NDR buffer for the call. - List of handles marshaled into the buffer. - Client response from the send. - - - - Disconnect the transport. - - - - - Enable or disable bind time feature negotiation. You need to enable this to - use multiple security context. - - Should be set before connecting an RPC client. - - - - Dispose the transport. - - - - - Extended error information. - - - - - Computer name. - - - - - Process ID. - - - - - Timestamp. - - - - - Generating component. - - - - - Status code. - - - - - Detection location. - - - - - Flags. - - - - - Extra parameters. - - - - - Exception for RPC fault conditions. - - - - - Constructor. - - The RPC status code. - - - - Get extended error information. - - - - - RPC client transport over HyperV sockets. - - - - - Constructor. - - The HyperV socket endpoint to connect to. - The transport security for the connection. - - - - Get the transport protocol sequence. - - - - - RPC client transport over named pipes. - - - - - Constructor. - - The NT pipe path to connect. e.g. \??\pipe\ABC. - The transport security for the connection. - - - - Dispose of the client. - - - - - Disconnect the client. - - - - - Read the next fragment from the transport. - - The maximum receive fragment length. - The read fragment. - - - - Write the fragment to the transport. - - The fragment to write. - True if successfully wrote the fragment. - - - - Get whether the client is connected or not. - - - - - Get the named pipe port path that we connected to. - - - - - Get the transport protocol sequence. - - - - - Get information about the local server process, if known. - - - - - Class to implement a RPC client transport based on a stream. - - - - - Constructor. - - The stream to use to communicate with the transport. - The initial maximum receive fragment length. - The initial maximum send fragment length. - The transport security for the connection. - The data representation. - - - - Read the next fragment from the transport. - - The maximum receive fragment length. - The read fragment. - - - - Write the fragment to the transport. - - The fragment to write. - True if successfully wrote the fragment. - - - - Class to implement RPC over a stream based socket. - - - - - Constructor. - - The socket to use to communicate. - The initial maximum receive fragment length. - The initial maximum send fragment length. - The transport security for the connection. - The data representation. - - - - Disconnect the client. - - - - - Dispose of the client. - - - - - Get whether the client is connected or not. - - - - - Get the named pipe port path that we connected to. - - - - - RPC client transport over TCP/IP; - - - - - Get the server process information. - - The server process information. - - - - Constructor. - - The hostname to connect to. - The TCP port to connect to. - The transport security for the connection. - - - - Get the transport protocol sequence. - - - - - Get information about the local server process, if known. - - - - - Exception generated by the RPC transport. - - - - - Constructor. - - - - - Constructor. - - Exception message. - - - - Constructor. - - Exception message. - Inner exception. - - - - Class to represent the RPC transport security. - - - - - Security quality of service. - - - - - Authentication level. - - - - - Authentication type. - - - - - Authentication credentials. - - - - - The SPN for the authentication. - - - - - Authentication capabilities. - - - - - Constructor. - - Factory to create a non-standard authentication context. - You can use this version to create a mechanism to pass existing tokens such as pass-the-hash or sending arbitrary Kerberos tickets. - - - - Constructor. - - Security quality of service. - - - - Query the service principal name for the server. - - The binding string for the server. - The authentication service to query. - True to throw on error. - The service principal name. - - - - Query the service principal name for the server. - - The binding string for the server. - The authentication service to query. - The service principal name. - - - - Class to represent an RPC transport security context. - - - - - The ID of the security context. - - - - - The RPC transport security settings. - - - - - The authentication context. - - - - - The negotiated authentication type. - - - - - The authentication level. - - - - - Dummy class to mark the old name as obsolete. - - - - - Detaches the current buffer and allocates a new one. - - The detached buffer. - The original buffer will become invalid after this call. - - - - Safe handle for a loaded library. - - - - - Constructor - - The handle to the library - True if the handle is owned by this object. - - - - Release handle. - - True if handle released. - - - - Get the address of an exported function, throw if the function doesn't exist. - - The name of the exported function. - True to throw on error. - Pointer to the exported function. - Thrown if the name doesn't exist. - - - - Get the address of an exported function from an ordinal. - - The ordinal of the exported function. - True to throw on error. - Pointer to the exported function. - Thrown if the ordinal doesn't exist. - - - - Get the address of an exported function. - - The name of the exported function. - Pointer to the exported function, or IntPtr.Zero if it can't be found. - - - - Get the address of an exported function from an ordinal. - - The ordinal of the exported function. - Pointer to the exported function, or IntPtr.Zero if it can't be found. - - - - Get a delegate which points to an unmanaged function. - - The delegate type. - The name of the function to lookup. - True to throw on error. - The delegate. - - - - Get a delegate which points to an unmanaged function. - - The delegate type. The name of the delegate is used to lookup the name of the function. - True to throw on error. - The delegate. - - - - Get a delegate which points to an unmanaged function. - - The delegate type. - The name of the function to lookup. - The delegate. - - - - Get a delegate which points to an unmanaged function. - - The delegate type. The name of the delegate is used to lookup the name of the function. - The delegate. - - - - Pin the library into memory. This prevents FreeLibrary unloading the library until - the process exits. - - - - - Parse a library's delayed import information. - - A dictionary containing the location of import information keyed against the IAT address. - - - - Get the image sections from a loaded library. - - The list of image sections. - - - - Load the resource's bytes from the module. - - The name of the resource. - The type of the resource. - True to throw on error. - The bytes for the resource. - - - - Load the resource's bytes from the module. - - The name of the resource. - The type name of the resource. - True to throw on error. - The bytes for the resource. - - - - Load the resource's bytes from the module. - - The name of the resource. - The well known type of the resource. - True to throw on error. - The bytes for the resource. - - - - Load the resource's bytes from the module. - - The name of the resource. - The type of the resource. - The bytes for the resource. - - - - Load the resource's bytes from the module. - - The name of the resource. - The type name of the resource. - The bytes for the resource. - - - - Load the resource's bytes from the module. - - The name of the resource. - The well known type of the resource. - The bytes for the resource. - - - - Load the resource's bytes from the module. - - The name of the resource. - The type of the resource. - True to throw on error. - The bytes for the resource. - - - - Load the resource's bytes from the module. - - The name of the resource. - The type name of the resource. - True to throw on error. - The bytes for the resource. - - - - Load the resource's bytes from the module. - - The name of the resource. - The well known type of the resource. - True to throw on error. - The bytes for the resource. - - - - Load the resource's bytes from the module. - - The name of the resource. - The type of the resource. - The bytes for the resource. - - - - Load the resource's bytes from the module. - - The name of the resource. - The type name of the resource. - The bytes for the resource. - - - - Load the resource's bytes from the module. - - The name of the resource. - The well known type of the resource. - The bytes for the resource. - - - - Get list of resource types from the loaded library. - - The list of resource types. - - - - Get list of resource types from the loaded library. - - The type for the resources. - True to load the resource data. - The list of resource types. - - - - Get list of resource types from the loaded library. - - The type for the resources. - The list of resource types. - This always loads resource data into memory. - - - - Get list of resource types from the loaded library. - - The typename for the resources. - True to load the resource data. - The list of resource types. - - - - Get list of resource types from the loaded library. - - The typename for the resources. - The list of resource types. - This always loads resource data into memory. - - - - Get list of resource types from the loaded library. - - The well known type for the resources. - True to load the resource data. - The list of resource types. - - - - Get list of resource types from the loaded library. - - The well known type for the resources. - The list of resource types. - This always loads resource data into memory. - - - - Get list of resource types from the loaded library. - - True to load the resource data. - The list of resource types. - - - - Get list of resource types from the loaded library. - - The list of resource types. - This always loads resource data into memory. - - - - Load a string for the library's string resource table. - - The ID of the string. - True to throw on error. - The loaded string. - - - - Load a string for the library's string resource table. - - The ID of the string. - The loaded string. - - - - Increases the reference count and returns a new instance. - - - - - - Get path to loaded module. - - - - - Get the module name. - - - - - Whether this library is mapped as an image. - - - - - Whether this library is mapped as a datafile. - - - - - Get current mapped image base. - - - - - Get original image base address. - - - - - Get image entry point RVA. - - - - - Get image entry point address as mapped. - - - - - Get whether the image is 64 bit or not. - - - - - Get the image's DLL characteristics flags. - - - - - Get exports from the DLL. - - - - - Get imports from the DLL. - - - - - Return resolved API set imports for the DLL. - - - - - Get CodeView Debug Data from DLL. - - - - - Get image signing level. - - - - - Get embedded enclave configuration. - - - - - Load a library into memory. - - The path to the library. - Additonal flags to pass to LoadLibraryEx - True to throw on error. - Handle to the loaded library. - - - - Load a library into memory. - - The path to the library. - Additonal flags to pass to LoadLibraryEx - Handle to the loaded library. - - - - Load a library into memory. - - The path to the library. - Handle to the loaded library. - - - - Get the handle to an existing loading library by name. - - The name of the module. - The handle to the loaded library. - Thrown if the module can't be found. - This will take a reference on the library, you should dispose the handle after use. - - - - Get the handle to an existing loading library by name. - - The name of the module. - The handle to the loaded library. Returns Null if not found. - This will take a reference on the library, you should dispose the handle after use. - - - - Get the handle to an existing loading library by an address in the module. - - An address inside the module. - The handle to the loaded library, null if the address isn't inside a valid module. - This will take a reference on the library, you should dispose the handle after use. - - - - Pin the library into memory. This prevents FreeLibrary unloading the library until - the process exits. - - The name of the module to pin. - - - - Pin the library into memory. This prevents FreeLibrary unloading the library until - the process exits. - - The address of the module to pin. - - - - NULL load library handle. - - - - - Represents an impersonation safe win32 exception, which resolves the win32 message when Message is called. - - - - - Constructor. - - - - - Constructor. - - Win32 error. - - - - The message for the exception. - - - - - Access rights for system audit policy. - - - - - System Audit Category. - - - - - System Audit Category. - - - - - The user for the per-user category. - - - - - System Audit Category base class. - - - - - The ID of the category. - - - - - The name of the category. - - - - - List of sub categories. - - - - - Convert to string. - - The name of the category. - - - - Set audit policy on all sub categories. - - The flags to set. - True to throw on error. - The audit policy flags. - - - - Set audit policy on all sub categories. - - The flags to set. - The audit policy flags. - - - - Type of global SACL to query or set. - - - - - File type. - - - - - Key type. - - - - - Policy audit event type. - - - - - Audit policy flags. - - - - - Set unchanged. - - - - - Audit on success. - - - - - Audit on failure. - - - - - Audit nothing. - - - - - Per user policy flags. - - - - - Set unchanged. - - - - - Audit on success included. - - - - - Audit on success excluded. - - - - - Audit on failure included. - - - - - Audit on failure excluded. - - - - - Audit nothing. - - - - - Utilities for security auditing policy. - - - - - Name for the fake Audit NT type. - - - - - Get the generic mapping for directory services. - - The directory services generic mapping. - - - - Get a fake NtType for System Audit Policy. - - The fake Directory Services NtType - - - - Query the Auditing Security Descriptor. - - The security information to query. - True to throw on error. - The security descriptor. - - - - Query the Auditing Security Descriptor. - - The security information to query. - The security descriptor. - - - - Query the Auditing Security Descriptor. - - The security descriptor. - - - - Set the Auditing Security Descriptor. - - The security information to set. - The security descriptor to set. - True to throw on error. - The NT status code. - - - - Set the Auditing Security Descriptor. - - The security information to set. - The security descriptor to set. - The NT status code. - - - - Query the global SACL. - - The global SACL type. - True to throw on error. - The global SACL in a Security Descriptor. - - - - Query the global SACL. - - The global SACL type. - The global SACL in a Security Descriptor. - - - - Set the global SACL. - - The global SACL type. - The SACL to set in an Security Descriptor. - True to throw on error. - The NT status code. - - - - Set the global SACL. - - The global SACL type. - The SACL to set in an Security Descriptor. - The NT status code. - - - - Get list of Audit Policy categories. - - True to throw on error. - The list of categories. - - - - Get list of Audit Policy categories. - - The list of categories. - - - - Get a single category. - - The category type. - The audit category. - - - - Get a single category. - - The category GUID. - The audit category. - - - - Get all per-user categories for denied users. - - True to throw on error. - The list of per-user categories. - - - - Get all per-user categories for denied users. - - The list of per-user categories. - - - - Get list of per-user Audit Policy categories. - - The user SID to query. - True to throw on error. - The list of categories. - - - - Get list of per-user Audit Policy categories. - - The user SID to query. - The list of categories. - - - - Get a single per-user category. - - The user SID to query. - The category type. - The audit category. - - - - Get a single per-user category. - - The user SID to query. - The category GUID. - The audit category. - - - - Class representing an Audit Sub Category. - - - - - The category. - - - - - Class representing an Audit Sub Category. - - - - - The category. - - - - - The user for the per-user category. - - - - - Class representing an Audit Sub Category. Base class. - - Enum type for the Policy flags. - - - - The ID of the sub category. - - - - - The name of the sub category. - - - - - The Current Audit Policy - - - - - Convert to string. - - The name of the subcategory. - - - - Query audit policy. - - True to throw on error. - The audit policy flags. - - - - Set audit policy. - - The flags to set. - True to throw on error. - The audit policy flags. - - - - Set audit policy. - - The flags to set. - The audit policy flags. - - - - Authentication token constructed from ASN1. - - - - - Format the Authentication Token. - - The Formatted Token. - - - - Try and parse data into an ASN1 authentication token. - - The data to parse. - The ASN1 authentication token. - True if this is a token from a client. - The token count number. - True if parsed successfully. - - - - Base class for authentication credentials. - - - - - Security data representation. - - - - - Native representation. - - - - - Network representation. - - - - - Credital flags. - - - - - Inbound credentials. - - - - - Outbound credentials. - - - - - Both credentials direction. - - - - - Default. - - - - - Auto logon restricted. Don't use automatic credentials. - - - - - Only process policy. - - - - - Initialize context request flags. - - - - - Initialize context return flags. - - - - - Access context request flags. - - - - - Accept context return flags. - - - - - Security package capability flags. - - - - - Supports integrity on messages - - - - - Supports privacy (confidentiality) - - - - - Only security token needed - - - - - Datagram RPC support - - - - - Connection oriented RPC support - - - - - Full 3-leg required for re-auth. - - - - - Server side functionality not available - - - - - Supports extended error msgs - - - - - Supports impersonation - - - - - Accepts Win32 names - - - - - Supports stream semantics - - - - - Can be used by the negotiate package - - - - - GSS Compatibility Available - - - - - Supports common LsaLogonUser - - - - - Token Buffers are in ASCII - - - - - Package can fragment to fit - - - - - Package can perform mutual authentication - - - - - Package can delegate - - - - - Supports integrity readonly checksum buffers. - - - - - Package supports restricted callers - - - - - This package extends SPNEGO, there is at most one - - - - - This package is negotiated under the NegoExtender - - - - - This package receives all calls from appcontainer apps - - - - - this package receives calls from appcontainer apps - if the following checks succeed - 1. Caller has domain auth capability or - 2. Target is a proxy server or - 3. The caller has supplied creds - - - - - This package is running with Credential Guard enabled - - - - - this package supports reliable detection of loopback - 1.) The client and server see the same sequence of tokens - 2.) The server enforces a unique exchange for each - non-anonymous authentication. (Replay detection) - - - - - Impersonation context for a server authentication. - - - - - Base class which represents an authentication key. - - - - - An authentication package entry. - - - - - Authentication package name for MSV1.0 - - - - - Authentication package name for Kerberos. - - - - - Authentication package name for Negotiate. - - - - - Authentication package name for NTLM. - - - - - Authentication package name for Digest. - - - - - Authentication package name for SChannel. - - - - - Authentication package name for CredSSP. - - - - - Capabilities of the package. - - - - - Version of the package. - - - - - RPC DCE ID. - - - - - Max token size. - - - - - Name of the package. - - - - - Comment for the package. - - - - - Get authentication packages. - - The list of authentication packages. - - - - Get authentication package names. - - The list of authentication package names. - - - - Get an authentication package by name. - - The name of the package. - The authentication package. - - - - Base class to represent an authentication token. - - - - - Decrypt the Authentication Token using a keyset. - - The set of keys to decrypt the - The decrypted token, or the same token if nothing could be decrypted. - - - - Convert the authentication token to a byte array. - - The byte array. - - - - Get the length of the token in bytes. - - - - - Format the authentication token. - - The token as a formatted string. - - - - Constructor. - - The authentication token data. - - - - Parse a structured authentication token. - - The authentication context. - The token to parse. - The parsed authentication token. If can't parse any other format returns - a raw AuthenticationToken. - - - - Parse a structured authentication token. - - The package name to parse as. - True if the token is from a client. - The token to parse. - The parsed authentication token. If can't parse any other format returns - a raw AuthenticationToken. - - - - Class to represent a client authentication context. - - - - - The current authentication token. - - - - - Whether the authentication is done. - - - - - Current request attribute flags. - - - - - Current return attribute flags. - - - - - Current data representation. - - - - - Current target name. - - - - - Current channel binding. - - - - - Current status flags. - - - - - Expiry of the authentication. - - - - - Get the Session Key for this context. - - - - - Get the maximum signature size of this context. - - - - - Get the size of the security trailer for this context. - - - - - Size of any header when using a stream protocol such as Schannel. - - - - - Size of any trailer when using a stream protocol such as Schannel. - - - - - Number of buffers needed when using a stream protocol such as Schannel. - - - - - Maximum message size when using a stream protocol such as Schannel. - - - - - Preferred block size when using a stream protocol such as Schannel. - - - - - Get the local certificate. Only used for Schannel related authentication. - - - - - Get the remote certificate. Only used for Schannel related authentication. - - - - - Get the last token status for the client context. - - - - - Get the name of the authentication package. - - - - - Get connection information for the schannel connection. - - - - - Get whether the authentication context is for loopback. - - - - - Get or set whether the context owns the credentials object or not. If true - then the credentials are disposed with the context. - - - - - Constructor. - - Credential handle. - Request attribute flags. - Target SPN (optional). - Data representation. - Optional channel binding token. - Specify to default initialize the context. Must call Continue with an auth token to initialize. - - - - Constructor. - - Credential handle. - Request attribute flags. - Target SPN (optional). - Data representation. - Optional channel binding token. - - - - Constructor. - - Credential handle. - Request attribute flags. - Target SPN (optional). - Data representation. - - - - Constructor. - - Credential handle. - Request attribute flags. - Data representation. - - - - Constructor. - - Credential handle. - - - - Continue the authentication with the server token. - - The server token to continue authentication. - - - - Continue the authentication.. - - The server token to continue authentication. - Additional input buffers for the continue, does not need to include the token. - - - - Continue the authentication. - - The server token to continue authentication. - Additional input buffers for the continue, does not need to include the token. - Additional output buffers, does not need to include the token. - - - - Continue the authentication without any token. - - Input buffers for the continue. Does not contain a token. - Specify additional output buffers, does not need to include the token. - True to throw on error. - This sends the input buffers directly to the initialize call, it does not contain any token. - - - - Continue the authentication without any token. - - Input buffers for the continue. Does not contain a token. - Specify additional output buffers, does not need to include the token. - This sends the input buffers directly to the initialize call, it does not contain any token. - - - - Continue the authentication. Will not pass any buffers to the initialize call. - - - - - Make a signature for this context. - - The message buffers to sign. - The sequence number. - The signature blob. - - - - Make a signature for this context. - - The message to sign. - The sequence number. - The signature blob. - - - - Verify a signature for this context. - - The message to verify. - The signature blob for the message. - The sequence number. - True if the signature is valid, otherwise false. - - - - Verify a signature for this context. - - The messages to verify. - The signature blob for the message. - The sequence number. - True if the signature is valid, otherwise false. - - - - Encrypt a message for this context. - - The message to encrypt. - Quality of protection flags. - The encrypted message. - The sequence number. - - - - Encrypt a message for this context. - - The messages to encrypt. - Quality of protection flags. - The signature for the messages. - The messages are encrypted in place. You can add buffers with the ReadOnly flag to prevent them being encrypted. - The sequence number. - - - - Encrypt a message for this context with no specific signature. - - The messages to encrypt. - Quality of protection flags. - The sequence number. - The messages are encrypted in place. You can add buffers with the ReadOnly flag to prevent them being encrypted. - If you need to return a signature then it must be specified in a buffer. - - - - Decrypt a message for this context. - - The message to decrypt. - The sequence number. - The decrypted message. - - - - Decrypt a message for this context. - - The messages to decrypt. - The sequence number. - The signature for the messages. - The messages are decrypted in place. You can add buffers with the ReadOnly flag to prevent them being decrypted. - - - - Decrypt a message for this context. - - The messages to decrypt. - The sequence number. - The messages are decrypted in place. You can add buffers with the ReadOnly flag to prevent them being decrypted. - If you need to specify a signature you need to add a buffer. - - - - Query the context's package info. - - The authentication package info, - - - - Export and delete the current security context. - - The exported security context. - The security context will not longer be usable afterwards. - - - - Dispose the client context. - - - - - Finalizer. - - - - - Class to represent a credential handle. - - - - - Name of the authentication package used. - - - - - Expiry of the credentials. - - - - - Constructor. - - User principal. - The package name. - Optional authentication ID for the user. - Credential user flags. - Optional authentication data. - - - - Create a new credential handle. - - User principal. - The package name. - Optional authentication ID for the user. - Credential user flags. - Optional credentials. - The credential handle. - - - - Create a new credential handle. - - The package name. - Optional authentication ID for the user. - Credential user flags. - Optional credentials. - The credential handle. - - - - Create a new credential handle. - - The package name. - Credential user flags. - Optional credentials. - The credential handle. - - - - Create a new credential handle. - - The package name. - Credential user flags. - The credential handle. - - - - Dispose. - - - - - Finalizer. - - - - - Credentials for the CredSSP package. - - This is only needed if you must have both schannel and user credentials. Otherwise use UserCredentials or SchannelCredentials. - - - - Constructor. - - The credentials for the Schannel connection. - The credentials for the user. - - - - Constructor. - - The credentials for the user. - - - - Authentication token for a digest token. - - - - - The digest token as a string. - - - - - Format the authentication token. - - - - - - An encrypted message. - - - - - The encrypted message. - - - - - The signature for the message. - - - - - Constructor. - - The encrypted message. - The signature for the message. - - - - Class to represent an exported security context. - - - - - The name of the package for this security context. - - - - - The serialized context. - - - - - The context's token. - - - - - Dispose the exported context. - - - - - A class which represents an GSS-API Token. - - - - - Interface for authentication contexts. - - - - - The current authentication token. - - - - - Whether the authentication is done. - - - - - Expiry of the authentication. - - - - - Session key for the context. - - - - - Make a signature for this context. - - The message to sign. - The sequence number. - The signature blob. - - - - Verify a signature for this context. - - The message to verify. - The signature blob for the message. - The sequence number. - True if the signature is valid, otherwise false. - - - - Make a signature for this context. - - The message buffers to sign. - The sequence number. - The signature blob. - - - - Verify a signature for this context. - - The messages to verify. - The signature blob for the message. - The sequence number. - True if the signature is valid, otherwise false. - - - - Encrypt a message for this context. - - The message to encrypt. - Quality of protection flags. - The encrypted message. - The sequence number. - - - - Encrypt a message for this context. - - The messages to encrypt. - Quality of protection flags. - The signature for the messages. - The messages are encrypted in place. You can add buffers with the ReadOnly flag to prevent them being encrypted. - The sequence number. - - - - Encrypt a message for this context with no specific signature. - - The messages to encrypt. - Quality of protection flags. - The sequence number. - The messages are encrypted in place. You can add buffers with the ReadOnly flag to prevent them being encrypted. - If you need to return a signature then it must be specified in a buffer. - - - - Decrypt a message for this context. - - The message to decrypt. - The sequence number. - The decrypted message. - - - - Decrypt a message for this context. - - The messages to decrypt. - The signature for the messages. - The sequence number. - The messages are decrypted in place. You can add buffers with the ReadOnly flag to prevent them being decrypted. - - - - Decrypt a message for this context. - - The messages to decrypt. - The sequence number. - The messages are decrypted in place. You can add buffers with the ReadOnly flag to prevent them being decrypted. - If you need to specify a signature you need to add a buffer. - - - - Export and delete the current security context. - - The exported security context. - The security context will not longer be usable afterwards. - - - - Query the context's package info. - - The authentication package info, - - - - Get the name of the authentication package. - - - - - Continue the authentication with the token. - - The token to continue authentication. - - - - Continue the authentication.. - - The token to continue authentication. - Additional input buffers for the continue, does not need to include the token. - - - - Continue the authentication. - - The token to continue authentication. - Additional input buffers for the continue, does not need to include the token. - Specify additional output buffers, does not need to include the token. - - - - Continue the authentication. - - Additional input buffers for the continue. Does not contain a token. - Specify additional output buffers, does not need to include the token. - This sends the input buffers directly to the initialize call, it does not contain any token. - - - - Continue the authentication. Will not pass any buffers to the accept call. - - - - - Get the maximum signature size of this context. - - - - - Get the size of the security trailer for this context. - - - - - Interface for a client authentication context. - - - - - Get the last token status for the client context. - - - - - Placeholder interface for a server authentication context. - - - - - Utilities for building Kerberos structures. - - - - - Class to represent a Kerberos AP Reply. - - - - - Encrypted mutual authentication data. - - - - - Format the Authentication Token. - - The Formatted Token. - - - - Decrypt the Authentication Token using a keyset. - - The set of keys to decrypt the - The decrypted token, or the same token if nothing could be decrypted. - - - - Try and parse data into an ASN1 authentication token. - - The data to parse. - The Negotiate authentication token. - Parsed DER Values. - - - - Encrypted part for AP-REP messages. - - - - - Client uS. - - - - - Client time. - - - - - Subkey. - - - - - Sequence number. - - - - - Options for AP Request - - - - - None. - - - - - Use Session Key. - - - - - Mutual authentication required. - - - - - Class to represent a Kerberos AP Request. - - - - - AP Request Options. - - - - - The Kerberos Ticket. - - - - - Authenticator data. - - - - - Format the Authentication Token. - - The Formatted Token. - - - - Decrypt the Authentication Token using a keyset. - - The set of keys to decrypt the - The decrypted token, or the same token if nothing could be decrypted. - - - - Try and parse data into an ASN1 authentication token. - - The data to parse. - The Negotiate authentication token. - Parsed DER Values. - - - - A single kerberos key. - - - - - The Key encryption type. - - - - - The key. - - - - - The key name type. - - - - - The Realm for the key. - - - - - The name components for the key. - - - - - Principal name as a string. - - - - - Timestamp when key was created. - - - - - Key Version Number (KVNO). - - - - - Constructor. - - The Key encryption type. - The key. - The key name type. - The Realm for the key. - The name components for the key. - Timestamp when key was created. - Key Version Number (KVNO). - - - - Constructor. - - The Key encryption type. - The key. - The key name type. - The Realm for the key. - The name components for the key. - Timestamp when key was created. - Key Version Number (KVNO). - - - - Constructor. - - The Key encryption type. - The key. - The key name type. - Principal for key, in form TYPE/name@realm. - Timestamp when key was created. - Key Version Number (KVNO). - - - - Constructor. - - The Key encryption type. - The key as a hex string. - The key name type. - Principal for key, in form TYPE/name@realm. - Timestamp when key was created. - Key Version Number (KVNO). - - - - Derive a key from a password. - - Not all encryption types are supported. - The key encryption to use. - The password to derice from. - Iterations for the password derivation. - The key name type. - Principal for key, in form TYPE/name@realm. - Salt for the key. - Key Version Number (KVNO). - - - - - Authentication Token for Kerberos. - - - - - Protocol version. - - - - - Message type. - - - - - Parse bytes into a kerberos token. - - The kerberos token in bytes. - The Kerberos token. - - - - Try and parse data into an Kerberos authentication token. - - The data to parse. - The Kerberos authentication token. - True if this is a token from a client. - The token count number. - True if parsed successfully. - - - - Class to represent an unencrypted kerberos authenticator. - - - - - Authenticator version. - - - - - Client realm. - - - - - Client name. - - - - - Checksum value. - - - - - Client uS. - - - - - Client time. - - - - - Subkey. - - - - - Sequence number. - - - - - Authorization data. - - - - - Type of Authorization Data. - - - - - Class representing Kerberos authentication data. - - - - - Type of authentication data. - - - - - Data bytes. - - - - - Flags for the AD-AUTH-DATA-AP-OPTIONS authorization data. - - - - - Class to represent the AD-AUTH-DATA-AP-OPTIONS authorization data. - - - - - Flags for the AD-AUTH-DATA-AP-OPTIONS authorization data. - - - - - Class to represent AD_ETYPE_NEGOTIATION type. - - - - - List of supported encryption types. - - - - - Class to represent a KERB_LOCAL authorization data value. - - - - - The security context identifier for the KERB_LOCAL value. - - - - - Class to represent AD_WIN2K_PAC type. - - - - - List of PAC entries. - - - - - Source of a set of claims. - - - - - From Active Directory. - - - - - From a certificate. - - - - - A single claim set. - - - - - The source of the claims array. - - - - - The list of claim attributes. - - - - - Class representing a Claims Set in the PAC. - - - - - List of claims arrays. - - - - - Class to represent PAC Client Info. - - - - - Client ID. - - - - - Name of client. - - - - - Class to represent PAC Device Info. - - - - - Sid of the Device. - - - - - Primary group SID. - - - - - List of account groups. - - - - - List of extra SIDs. - - - - - List of domain groups. - - - - - Type for the PAC Entry. - - - - - Single PAC Entry. - - - - - Type of PAC entry. - - - - - The PAC data. - - - - - User account control flags. - - - - - User flags for kerberos authentication. - - - - - Class to represent PAC Logon Information. - - - - - Logon time. - - - - - Logoff time. - - - - - Kick off time. - - - - - Time password last set. - - - - - Time password can change. - - - - - Time password must change. - - - - - Effective name. - - - - - Full name. - - - - - Logon script path. - - - - - Profile path. - - - - - Home directory path. - - - - - Home directory drive. - - - - - Logon count. - - - - - Bad password count. - - - - - User SID. - - - - - Primary group SID. - - - - - Group list. - - - - - User flags. - - - - - User session key. - - - - - Logon server name. - - - - - Logon domain name. - - - - - Logon domain sid. - - - - - Extra SIDs. - - - - - User account control flags. - - - - - Resource domain group SID. - - - - - Resource groups. - - - - - Class to represent a PAC signature. - - - - - Signature type. - - - - - Signature. - - - - - Read-only Domain Controller Identifier. - - - - - Flags for the UPN_DNS_INFO. - - - - - No flags. - - - - - The user has no UPN. - - - - - Class to represent UPN_DNS_INFO. - - - - - Flags. - - - - - The User Principal Name. - - - - - The DNS Domain Name. - - - - - Flags for KerberosAuthorizationDataRestrictionEntry - - - - - Full UAC token. - - - - - Limited UAC token. - - - - - Class to represent the KERB_AD_RESTRICTION_ENTRY AD type. - - - - - Flags. - - - - - Token IL. - - - - - Machine ID. - - - - - Class to represent the AD-AUTH-DATA-TARGET-NAME authorization data. - - - - - The target name. - - - - - Class to represent a Kerberos Checksum. - - - - - Type of kerberos checksum. - - - - - The checksum value. - - - - - Flags for GSSAPI Checksum. - - - - - A kerberos checksum in GSS API Format. - - - - - Channel binding hash. - - - - - Flags for checksum. - - - - - Delegation option identifier. - - - - - KRB_CRED structure when in delegation. - - - - - Additional extension data. - - - - - Kerberos Checksum Type. - - - - - Class representing a KRB-CRED structure. - - - - - List of tickets in this credential. - - - - - Encrypted part contains sesssion keys etc. - - - - - Format the Authentication Token. - - The Formatted Token. - - - - Decrypt the Authentication Token using a keyset. - - The set of keys to decrypt the - The decrypted token, or the same token if nothing could be decrypted. - - - - Try and parse data into an ASN1 authentication token. - - The data to parse. - The Negotiate authentication token. - Parsed DER Values. - - - - Class to represent Kerberos Encrypted Data. - - - - - Encryption type for the CipherText. - - - - - Key version number. - - - - - Cipher Text. - - - - - Kerberos Encryption Type. - - - - - Class to represent a Kerberos Error. - - - - - Client time. - - - - - Client micro-seconds. - - - - - Server time. - - - - - Server micro-seconds. - - - - - Error code. - - - - - Client realm. - - - - - Client name. - - - - - Server realm. - - - - - Server name, - - - - - Error text. - - - - - Error data. - - - - - Format the Authentication Token. - - The Formatted Token. - - - - Create a new KRB-ERROR authentication token. - - Optional client time. - Server time. - Error code. - Optional client realm. - Optional client name. - Server realm - Server name. - Optional error text. - Optional error data. - The KRB-ERROR authentication token. - - - - Try and parse data into an ASN1 authentication token. - - The data to parse. - The Negotiate authentication token. - Parsed DER Values. - - - - Kerberos Error Type. - - - - - Class to represent a cached external ticket. - - - - - Service name. - - - - - Target name. - - - - - Client name. - - - - - Domain name. - - - - - Target domain name. - - - - - Alt target domain name. - - - - - Session key for ticket. - - - - - Ticket flags. - - - - - Additional reserved flags. - - - - - Key expiration time. - - - - - Ticket start time. - - - - - Ticket end time. - - - - - Ticket renew time. - - - - - Time skew. - - - - - Ticket. - - - - - Type of Kerberos Host Address. - - - - - Class representing a Kerberos Host Address. - - - - - Type of host address. - - - - - Address bytes. - - - - - ToString Method. - - The formatted string. - - - - A set of Kerberos Keys. - - - - - Get keys which match the encryption type. - - The encryption type. - The list of keys which match the encryption type. - - - - Add a key to the key set. - - The key to add. - True if the key was added, false if the key already existed. - - - - Remove a key from the key set. - - The key to remove. - True if the key was removed. - - - - Find a key based on various parameters. - - The encryption type. - The name type. - The principal. - The key version. - - - - - Read keys from a MIT KeyTab file. - - The file stream. - The key set. - Throw if invalid file. - - - - Read keys from a MIT KeyTab file. - - The file path. - The key set. - Throw if invalid file. - - - - Constructor. - - - - - Constructor. - - The single kerberos key. - - - - Constructor. - - A list of kerberos keys. - - - - Key usage for kernel encryption. - - - - - Kerberos Message Type. - - - - - Kerberos Name Type. - - - - - Kerberos Pre-Authentication Data Types. - - - - - A Kerberos Principal Name. - - - - - The name type. - - - - - The names for the principal. - - - - - Full name. - - - - - ToString method. - - String of the object. - - - - Get principal name with a realm. - - The realm for the principal. - The principal. - - - - Constructor. - - The type of the principal name. - The list of names for the principal. - - - - Class to represent a User to User TGT Reply. - - - - - The Kerberos Ticket. - - - - - Format the Authentication Token. - - The Formatted Token. - - - - Decrypt the Authentication Token using a keyset. - - The set of keys to decrypt the - The decrypted token, or the same token if nothing could be decrypted. - - - - Create a new TGT-REP authentication token. - - The TGT ticket to embed in the token. - The - - - - Create a new TGT-REP authentication token. - - The TGT ticket to embed in the token. - The - - - - Try and parse data into an ASN1 authentication token. - - The data to parse. - The Negotiate authentication token. - Parsed DER Values. - - - - Class to represent a User to User TGT Request. - - - - - Realm. - - - - - Server name. - - - - - Format the Authentication Token. - - The Formatted Token. - - - - Create a new TGT-REQ authentication token. - - Optional realm string. - Optional server name. - The new TGT-REQ authentication token. - - - - Create a new TGT-REQ authentication token without the GSS-API wrapper. - - Optional realm string. - Optional server name. - The new TGT-REQ authentication token. - - - - Try and parse data into an ASN1 authentication token. - - The data to parse. - The Negotiate authentication token. - Parsed DER Values. - - - - Class to represent a Kerberos ticket. - - - - - Version number for the ticket. - - - - - Realm. - - - - - Server name. - - - - - Encrypted data for the ticket. - - - - - Get the principal for the ticket. - - - - - Indicates that the ticket has been decrypted. - - - - - Decrypt the kerberos ticket. - - The Kerberos key set containing the keys. - The key usage for the decryption. - The decrypted kerberos ticket. - - - - Format the ticket to a string. - - The ticket as a string. - - - - Convert the ticket to an array. - - The ticket as an array. - - - - Class to query the Kerberos Ticket Cache from LSASS. - - - - - Get a Kerberos Ticket. - - The target service for the Ticket. - True to only query for cached tickets. - True to throw on error. - The Kerberos Ticket. - - - - Get a Kerberos Ticket. - - The target service for the Ticket. - True to only query for cached tickets. - The Kerberos Ticket. - - - - Get a Kerberos Ticket. - - The target service for the Ticket. - The Kerberos Ticket. - - - - Query Kerberos Ticket cache. - - The Logon Session ID to query. - True to throw on error. - The list of cached tickets. - - - - Query Kerberos Ticket cache. - - The Logon Session ID to query. - The list of cached tickets. - - - - Query Kerberos Ticket cache for the current logon session. - - The list of cached tickets. - - - - Flags for a Kerberos Ticket. - - - - - Class to represent a Decrypted Kerberos ticket. - - - - - Ticket flags. - - - - - Client Realm. - - - - - Client name. - - - - - Authentication time, - - - - - Start time. - - - - - End time. - - - - - Renew till time. - - - - - The kerberos session key. - - - - - The ticket transited type information. - - - - - List of host addresses for ticket. - - - - - List of authorization data. - - - - - The supported transited encoding types. - - - - - None. - - - - - X.500 Compress. - - - - - Class to represent a Kerberos Transiting Encoding. - - - - - Transited encoding type. - - - - - Transited encoding data. - - - - - Utilities for Kerberos authentication. - - - - - Read keys from a MIT KeyTab file. - - The file stream. - The list of keys. - Throw if invalid file. - - - - Read keys from a MIT KeyTab file. - - The file path. - The list of keys. - Throw if invalid file. - - - - Write keys to a MIT KeyTab file. - - The file stream. - List of key entries. - - - - Write keys to a MIT KeyTab file. - - The file path. - List of key entries. - - - - Generate an MIT KeyTab file. - - List of key entries. - The keytab file as bytes. - - - - Class to represent a Local Logon Session. - - - - - Logon/Authentication ID for session. - - - - - Username. - - - - - Logon domain. - - - - - Get the FQ User Name. - - - - - Authentication package. - - - - - Logon type. - - - - - Session ID. - - - - - User SID. - - - - - Logon Time. - - - - - Logon Server. - - - - - DNS Domain Name. - - - - - User Principal Name. - - - - - User Flags. - - - - - Last successful logon. - - - - - Last failed logon. - - - - - Count of failed logon attempts. - - - - - Logon script path. - - - - - Profile path. - - - - - Home directory. - - - - - Home directory drive. - - - - - Logoff time. - - - - - Kickoff Time. - - - - - Time password last set. - - - - - Password can change. - - - - - Password must change. - - - - - Get a logon session. - - The logon session ID. - True to thrown on error. - The logon session. - - - - Get the logon session LUIDs - - True throw on error. - The list of logon sessions. Only returns ones you can access. - - - - Get the logon sessions. - - True throw on error. - The list of logon sessions. Only returns ones you can access. - - - - Class to represent an LSA logon handle. - - - - - Connect to the LSA untrusted. - - True to throw on error. - The LSA logon handle. - - - - Connect to the LSA untrusted. - - The LSA logon handle. - - - - Connect to LSA and register as a logon process. - - The arbitrary name of the process. - True to throw on error. - The LSA logon handle. - - - - Connect to LSA and register as a logon process. - - The arbitrary name of the process. - The LSA logon handle. - - - - Logon a user. - - The type of logon. - The authentication package to use. - The name of the origin. - The token source context. - The authentication credentials buffer. - Additional local groups. - True to throw on error. - The LSA logon result. - - - - Logon a user. - - The type of logon. - The authentication package to use. - The name of the origin. - The token source context. - The authentication credentials buffer. - Additional local groups. - The LSA logon result. - - - - Dispose of the LSA logon handle. - - - - - Result from an LsaLogonUser call. - - - - - The user's token. - - - - - The user's profile information. Format depends on the authentication package. - - - - - The authentication ID of the logon session. - - - - - Paged pool quota. - - - - - Non paged pool quota. - - - - - Minimum working set size. - - - - - Maximum working set size. - - - - - Page file limit. - - - - - Process time limit. - - - - - Dispose the LSA logon result. - - - - - SPNEGO Authentication Token. - - - - - The negotiated authentication token. - - - - - Optional message integrity code. - - - - - Decrypt the Authentication Token using a keyset. - - The set of keys to decrypt the - The decrypted token, or the same token if nothing could be decrypted. - - - - Format the authentication token. - - The token as a formatted string. - - - - Parse bytes into a negotiate token. - - The negotiate token in bytes. - The Negotiate token. - - - - Try and parse data into an Negotiate authentication token. - - The data to parse. - The Negotiate authentication token. - True if this is a token from a client. - The token count number. - True if parsed successfully. - - - - Flags for negotiation context. - - - - - Class to represent the negTokenInit message in SPNEGO. - - - - - List of supported negotiation mechanisms. - - - - - Context flags. - - - - - State of the Negotiate state. - - - - - Negotiate completed. - - - - - Negotiate incomplete. - - - - - Negotiate rejected. - - - - - Request Message Integrity Code. - - - - - Class to represent the negTokenResp message in SPNEGO. - - - - - Supported mechanism for the token, optional. - - - - - Current state of the negotiation. - - - - - Class to represent an NTLM AUTHENTICATE token for NTLMv1. - - - - - Domain name. - - - - - Workstation name. - - - - - Username. - - - - - NTLM version. - - - - - Encrypted session key. - - - - - LM Challenge Response. - - - - - LM Challenge Response. - - - - - Message integrity code. - - - - - Message integrity code offset into the token data. - - - - - Format the authentication token. - - The formatted token. - - - - Class to represent an NTLM AUTHENTICATE token for NTLMv2. - - - - - NT Proof Response. - - - - - Challenge version. - - - - - Maximum challenge version. - - - - - Reserved field. - - - - - Reserved field. - - - - - Timestamp. - - - - - Client challenge. - - - - - Reserved field. - - - - - NTLM Target Information. - - - - - Flags for NTLM negotiation. - - - - - NTLM message type. - - - - - Base class to represent an NTLM authentication token. - - - - - Type of NTLM message. - - - - - NTLM negotitation flags. - - - - - Try and parse data into an NTLM authentication token. - - The data to parse. - The NTLM authentication token. - True if this is a token from a client. - The token count number. - True if parsed successfully. - - - - Try and parse data into an NTLM authentication token. - - The data to parse. - The NTLM authentication token. - - - - The type of the AV_PAIR. - - - - - MS AV Flags. - - - - - An NTLM AV_PAIR. - - - - - The type of the AV Pair value. - - - - - An NTLM AV_PAIR with a string value. - - - - - The string value. - - - - - ToString method. - - Pair as a string. - - - - An NTLM AV_PAIR with a timestamp value; - - - - - The timestamp value. - - - - - ToString method. - - Pair as a string. - - - - An NTLM AV_PAIR with a bytes value. - - - - - The value. - - - - - ToString method. - - Pair as a string. - - - - An NTLM AV_PAIR with a flags value. - - - - - The value. - - - - - ToString method. - - Pair as a string. - - - - An NTLM AV_PAIR with a flags value. - - - - - The the Z4 data. - - - - - Custom data blob. - - - - - Machine ID. - - - - - ToString method. - - Pair as a string. - - - - Class to represent an NTLM CHALLENGE token. - - - - - Target name. - - - - - Server challenge. - - - - - Reserved. - - - - - NTLM version. - - - - - NTLM Target Information. - - - - - Format the authentication token. - - The formatted token. - - - - Class to represent an NTLM NEGOTIATE token. - - - - - Domain name. - - - - - Workstation name. - - - - - NTLM version. - - - - - Format the authentication token. - - The formatted token. - - - - Algorithm identifiers for the crypto APIs and Schannel. - - - - - Authentication token for Schannel and CredSSP. - - This is a simple parser for the TLS record format. - - - - List of TLS records. - - - - - Format the authentication token. - - The token as a formatted string. - - - - Try and parse data into an SChannel authentication token. - - The data to parse. - The SChannel authentication token. - True if this is a token from a client. - The token count number. - True if parsed successfully. - - - - Negotiated connection information for Schannel. - - - - - The protocol used by Schannel. - - - - - The negotitated cipher algorithm. - - - - - The negotiated cipher strength in bits. - - - - - The negotiated hash algorithm. - - - - - The negotiated hash string. - - - - - The negotiated key exchange algorithm. - - - - - The negotiated key exchange strength. - - - - - Credentials for the Schannel package. - - - - - Lifespan of a session in milliseconds. - - - - - Specify flags for credentials. - - - - - Specify the supported protocols. - - - - - Set the minimum cipher strength. - - - - - Set the maximum cipher strength. - - - - - Add a certificate the the credentials. This should contain a private key. - - The certificate to add. - - - - Add an algorithm type to the credentials. - - The algorithm type. - - - - Dispose the credentials. - - - - - Flags for the Schannel credentials. - - - - - Protocol type for Schannel. - - - - - Flags for message encryption. - - - - - None. - - - - - Wrap out of bound data. - - - - - Wrap but don't encrypt. - - - - - Class to represent a server authentication context. - - - - - The current authentication token. - - - - - Whether the authentication is done. - - - - - Current request attributes. - - - - - Current data representation. - - - - - Current channel bindings. - - - - - Current return attributes. - - - - - Current status flags. - - - - - Expiry of the authentication. - - - - - Get the client name supplied by the Client. - - - - - Get the Session Key for this context. - - - - - Get the maximum signature size of this context. - - - - - Get the size of the security trailer for this context. - - - - - Size of any header when using a stream protocol such as Schannel. - - - - - Size of any trailer when using a stream protocol such as Schannel. - - - - - Number of buffers needed when using a stream protocol such as Schannel. - - - - - Maximum message size when using a stream protocol such as Schannel. - - - - - Preferred block size when using a stream protocol such as Schannel. - - - - - Get the name of the authentication package. - - - - - Get connection information for the schannel connection. - - - - - Get the local certificate. Only used for Schannel related authentication. - - - - - Get the remote certificate. Only used for Schannel related authentication. - - - - - Get whether the authentication context is for loopback. - - - - - Get or set whether the context owns the credentials object or not. If true - then the credentials are disposed with the context. - - - - - Get an access token for the authenticated user. - - The user's access token. - - - - Impersonate the security context. - - The disposable context to revert the impersonation. - - - - Continue the authentication with the client token. - - The client token to continue authentication. - - - - Continue the authentication.. - - The client token to continue authentication. - Specify additional input buffers, does not need to include the token. - - - - Continue the authentication. - - The client token to continue authentication. - Specify additional input buffers, does not need to include the token. - Specify additional output buffers, does not need to include the token. - - - - Continue the authentication. - - Additional input buffers for the continue. Does not contain a token. - Specify additional output buffers, does not need to include the token. - True to throw on error. - This sends the input buffers directly to the initialize call, it does not contain any token. - - - - Continue the authentication. - - Additional input buffers for the continue. Does not contain a token. - Specify additional output buffers, does not need to include the token. - This sends the input buffers directly to the initialize call, it does not contain any token. - - - - Continue the authentication. Will not pass any buffers to the accept call. - - - - - Make a signature for this context. - - The message buffers to sign. - The sequence number. - The signature blob. - - - - Make a signature for this context. - - The message to sign. - The sequence number. - The signature blob. - - - - Verify a signature for this context. - - The message to verify. - The signature blob for the message. - The sequence number. - True if the signature is valid, otherwise false. - - - - Verify a signature for this context. - - The messages to verify. - The signature blob for the message. - The sequence number. - True if the signature is valid, otherwise false. - - - - Encrypt a message for this context. - - The message to encrypt. - Quality of protection flags. - The encrypted message. - The sequence number. - - - - Encrypt a message for this context. - - The messages to encrypt. - Quality of protection flags. - The signature for the messages. - The messages are encrypted in place. You can add buffers with the ReadOnly flag to prevent them being encrypted. - The sequence number. - - - - Encrypt a message for this context with no specific signature. - - The messages to encrypt. - Quality of protection flags. - The sequence number. - The messages are encrypted in place. You can add buffers with the ReadOnly flag to prevent them being encrypted. - If you need to return a signature then it must be specified in a buffer. - - - - Decrypt a message for this context. - - The messages to decrypt. - The sequence number. - The signature for the messages. - The messages are decrypted in place. You can add buffers with the ReadOnly flag to prevent them being decrypted. - - - - Decrypt a message for this context. - - The messages to decrypt. - The sequence number. - The messages are decrypted in place. You can add buffers with the ReadOnly flag to prevent them being decrypted. - If you need to specify a signature you need to add a buffer. - - - - Decrypt a message for this context. - - The message to decrypt. - The sequence number. - The decrypted message. - - - - Query the context's package info. - - The authentication package info, - - - - Export and delete the current security context. - - The exported security context. - The security context will not longer be usable afterwards. - - - - Constructor. - - Credential handle. - Request attribute flags. - Optional channel binding token. - Data representation. - - - - Constructor. - - Credential handle. - Request attribute flags. - Data representation. - - - - Constructor. - - Credential handle. - - - - Dispose the client context. - - - - - Finalizer. - - - - - Class to represent a service principal name. - - - - - SPN service class. - - - - - SPN service name. - - - - - SPN instance name. - - - - - SPN instance port. - - - - - SPN referrer. - - - - - Constructor. - - The service class name. - The name of the instance. - - - - Parse an SPN string to a class. - - The SPN string. - The parsed class. - Thrown in invalid SPN. - - - - Try and parse an SPN string to a class. - - The SPN string. - The result class. - True if the SPN was parsed successfully. - Thrown in invalid SPN. - - - - Convert SPN to a string. - - The SPN string. - - - - Class to hold user credentials. - - - - - The user name. - - - - - The domain. - - - - - The password as a secure string. - - - - - Constructor. - - Username. - Domain name. - Password. - - - - Set the password as in plain text. - - The password in plain text. - - - - Constructor. - - Username. - Domain name. - Password. - - - - Constructor. - - Username. - Domain name. - - - - Constructor. - - Username. - - - - Constructor. - - - - - Dispose method. - - - - - Class to represent a single authenticode certificate entry. - - - - - The list of certificates in the entry. - - - - - Whethe the entry contains page hashes. - - - - - Utilities for authenticode. - - - - - Get certificates from a PE file. - - The PE file. - True the throw on error. - The list of authenticode certificate entries. - - - - Get certificates from a PE file. - - The path to the PE file. - True the throw on error. - The list of authenticode certificate entries. - - - - Get certificates from a PE file. - - The path to the PE file, native path format. - The list of authenticode certificate entries. - - - - Gets wether the PE file has page hash entries. - - The path to the PE file, native path format. - True if the file contains page hashes. - - - - Query ELAM information from a driver's resource section. - - The path to the file. - True to throw on error. - The ELAM information if present. - - - - Query ELAM information from a driver's resource section. - - The path to the file. - The ELAM information if present. - - - - Get the VSM enclave configuration. - - The path to the file. - True to throw on error. - The VSM enclave configuration. - - - - Get the VSM enclave configuration. - - The path to the file. - The VSM enclave configuration. - - - - ELAM information. - - - - - The hash of the certificate. - - - - - The hash algorithm. - - - - - List of optional EKUs. - - - - - Overridden ToString method. - - The ELAM information as a string. - - - - Class to represent a VSM enclave configuration. - - - - - Minimum required configuration size. - - - - - Policy flags. - - - - - List of enclave imports. - - - - - Family ID. - - - - - Image ID. - - - - - Image version. - - - - - Security version. - - - - - Size of the enclave. - - - - - Number of threads for the enclave. - - - - - Enclave flags. - - - - - Is the enclave debuggable. - - - - - Is this a primary image. - - - - - Path to the image file. - - - - - Name of the image file. - - - - - ToString method. - - The object as a string. - - - - Class to represent an enclave import. - - - - - Match type for the import. - - - - - Minimum security version. - - - - - Unique or author ID. - - - - - Family ID. - - - - - Image ID. - - - - - Import name. - - - - - ToString method. - - The name of the import. - - - - Image policy entry. - - - - - Type of entry. - - - - - Policy ID. - - - - - Value of entry. - - - - - Image policy ID. - - - - - Class to represnt image policy metadata. - - - - - Version of the metadata. - - - - - The ID of the trustlet. - - - - - The optional policies for the trustlet. - - - - - Overridden ToString method. - - The object as a string. - - - - Extract image policy metadata from an image file. - - The path to the image file. Should be a win32 path. - True to throw on error. - The image policy metadata. - - - - Extract image policy metadata from an image file. - - The path to the image file. Should be a win32 path. - The image policy metadata. - - - - Access check result from AuthZ. - - - - - The Win32 error code from the access check. - - - - - Class to represent an AuthZ client context. - - - - - Get AuthZ user - - - - - Get AuthZ context groups. - - - - - Get AuthZ context restricted SIDs. - - - - - Get AuthZ context device groups. - - - - - Get AuthZ context capability SIDs. - - - - - Get AuthZ context's security attributes - - - - - Get AuthZ context's device claims. - - - - - Get AuthZ context's user claims. - - - - - Get list of privileges for the AuthZ context. - - The list of privileges - Thrown if can't query privileges - - - - Get AppContainer SID. - - - - - Indicates if this context is connected to a remote access server. - - - - - Set AppContainer Information to Context. - - The package SID. - List of capabilities. - True to throw on error - The NT status code. - - - - Set AppContainer Information to Context. - - The package SID. - List of capabilities. - - - - Modify groups in the context. - - The type of group to modify. - The list of groups to modify. - The list of operations. Should be same size of group list. - True to throw on error. - The NT status code. - - - - Modify groups in the context. - - The type of group to modify. - The list of groups to modify. - The list of operations. Should be same size of group list. - - - - Modify groups in the context. - - The type of group to modify. - The list of SIDs to modify. - The attributes for the SIDs. - The operation for the SIDs. - - - - Modify groups in the context. - - The type of group to modify. - The list of SIDs to modify. - The operation for the SIDs. - - - - Add a SID to the context. - - The SID to add. - - - - Add a Device SID to the context. - - The SID to add. - - - - Add a Device SID to the context. - - The SID to add. - - - - Add a list of SIDs to the context. - - The list of SIDS. - - - - Get list of groups for the AuthZ context. - - The group type. - True to throw on error. - The list of groups. - - - - Get list of groups for the AuthZ context. - - The group type. - The list of groups. - - - - Get the user from the AuthZ context. - - True to throw on error. - The user group information. - - - - Get the AppContainer SID from the AuthZ context. - - True to throw on error. - The AppContainer SID. - - - - Get AuthZ context's security attributes - - Specify the type of security attributes to query. - Throw on error. - The security attributes. - - - - Get token privileges. - - True to throw on error. - The list of privileges. - - - - Perform an Access Check. - - The security descriptor for the check. - Optional list of security descriptors to merge. - The desired access. - Optional Principal SID. - Optional list of object types. - NT Type for access checking. - True to throw on error. - The list of access check results. - The list of object types is restricted to 256 entries for remote access checks. - - - - Perform an Access Check. - - The security descriptor for the check. - Optional list of security descriptors to merge. - The desired access. - Optional Principal SID. - Optional list of object types. - NT Type for access checking. - The list of access check results. - The list of object types is restricted to 256 entries for remote access checks. - - - - Dispose client context. - - - - - Clone the current context. - - True to throw on error. - The new client context. - - - - Clone the current context. - - The new client context. - - - - Flags to initialize a client context from a SID. - - - - - None. - - - - - Skip gathering token groups. - - - - - Require S4U logon. - - - - - Computer token privileges. - - - - - Specify the type of SIDs. - - - - - Normal Group SIDs. - - - - - Restricted SIDs. - - - - - Device Group SIDs. - - - - - Capability SIDs. - - - - - Delegate to handle a callback ACE. - - The ACE to handle. - True if the ACE should be processed. - - - - Class to represent a AuthZ Resource Manager. - - - - - The name of the resource manager if any. - - - - - Indicates if this resource manager is connected to a remote access server. - - - - - Dispose the resource manager. - - - - - Create a client context from a Token. - - The token to create the context from. - True to throw on error. - The created client context. - - - - Create a client context from a Token. - - The token to create the context from. - The created client context. - - - - Create a client context from a Token. - - The sid to create the context from. - Flags for intialization. - True to throw on error. - The created client context. - - - - Create a client context from a Token. - - The sid to create the context from. - Flags for intialization. - The created client context. - - - - Create a new AuthZ resource manager. - - The name of the resource manager, optional. - Optional flags for the resource manager. - Optional callback to handle callback ACEs. - True to throw on error. - The created AuthZ resource manager. - - - - Create a new AuthZ resource manager. - - The name of the resource manager, optional. - Optional flags for the resource manager. - Optional callback to handle callback ACEs. - The created AuthZ resource manager. - - - - Create a new AuthZ resource manager. Will not enable auditing. - - The created AuthZ resource manager. - - - - Create a remote AuthZ resource manager from a raw binding string. - - The RPC string binding for the server. - The SPN for the server. - True to throw on error. - The created AuthZ resource manager. - - - - Create a remote AuthZ resource manager from a raw binding string. - - The RPC string binding for the server. - The SPN for the server. - The created AuthZ resource manager. - - - - Create a remote AuthZ resource manager from a raw binding string. - - The address of the server. - The SPN for the server. - Specify the type of - True to throw on error. - The created AuthZ resource manager. - - - - Create a remote AuthZ resource manager from a raw binding string. - - The network address of the server. - The SPN for the server. - Specify the type of - The created AuthZ resource manager. - - - - Initialization flags for resource manager. - - - - - None - - - - - Disable auditing. - - - - - Initialize using impersonation token. - - - - - Disable central access policies. - - - - - Type of remote service to access. - - - - - Default, no evaluation of CAPs. - - - - - Evaluates CAPs. - - - - - Security Attribute type. - - - - - Token Security Attributes. - - - - - Device Claims. - - - - - User Claims. - - - - - SID operation for an AuthZ client context. - - - - - None. - - - - - Replace all SIDs. - - - - - Add SIDs. - - - - - Delete SIDs. - - - - - Replace SIDs. - - - - - Progress invoke setting for tree security. - - - - - The source of inheritance for a resource. - - - - - The depth between the resource and the parent. - - - - - The name of the ancestor. - - - - - The security descriptor if accessible. - - - - - The original ACE which was inherited. - - - - - The SID of the original ACE. - - - - - Access mask as a formatted string. - - - - - Generic access mask as a formatted string. - - - - - The type of the ACE. - - - - - The object type of the ACE. - - - - - The inherited object type. - - - - - Enumeration for object type. - - - - - Tree security mode. - - - - - Progress function for tree named security info. - - The name of the object. - The operation status. - The current invoke setting. - True if security is set. - The invoke setting. Return original invoke_setting if no change. - - - - Base security buffer storage. - - - - - Type of the security buffer. - - - - - Is the buffer read-only. - - - - - Is the buffer read-only with checksum. - - - - - Convert to buffer back to an array. - - The buffer as an array. - - - - Overridden ToString method. - - The buffer as a string. - - - - Class to represent a security buffer we expect to be allocated by the SSPI. - - - - - Constructor. - - The type of the buffer. - - - - Convert to buffer back to an array. - - The buffer as an array. - - - - Security buffer for a channel binding. - - - - - Constructor. - - The channel bindings token. - - - - Convert to buffer back to an array. - - The buffer as an array. - - - - A security buffer which can be an input and output. - - If you create with the ReadOnly or ReadOnlyWithCheck types then the - array will not be updated. - - - - Constructor. - - The type of buffer. - The data for the input. - - - - Constructor. - - The type of buffer. - The data for the input. - The offset into the array. - Number of bytes in the input. - - - - Convert to buffer back to an array. - - The buffer as an array. - - - - A security buffer which can only be an output. - - - - - Constructor. - - The type of buffer. - The size of the output buffer. - - - - Convert to buffer back to an array. - - The buffer as an array. - - - - A security buffer which takes a raw pointer. The lifetime of the pointer - should be managed manually by the caller. - - - - - Constructor. - - The type of buffer. - The raw pointer. - The size of the raw pointer. - - - - The size of the buffer. - - - - - The pointer for the buffer. The lifetime needs to be manually managed. - - - - - This will free pointer using the SSPI APIs. Used to release automatically allocated - buffers. If you control the value of the Pointer you don't need to release it. - - - - - Convert to buffer back to an array. - - The buffer as an array. - - - - Security buffer type. - - - - - Class to represent a credential manager credential. - - - - - Credential flags. - - - - - Credential type. - - - - - Target name for the credentials. - - - - - Comment for the credentials. - - - - - Time the credentials was last written. - - - - - Credential blob. - - - - - Credential as a string, if available. - - - - - Credential persistence. - - - - - Credential attributes. - - - - - Target alias. - - - - - Username. - - - - - Class to represent a credential attribute. - - - - - Attribute keyword. - - - - - Attribute flags. - - - - - Attribute value. - - - - - Overridden ToString method. - - - - - - Flags for a credential attribute. - - - - - No flags. - - - - - Flags for enumeration credentials. - - - - - None. - - - - - Get all credentials. - - - - - Flags for a credential. - - - - - Class to access credential manager APIs. - - - - - Get credentials for user from credential manager. - - A filter for the target name, for example DOMAIN*. If null or empty returns all credentials. - Flags for the enumeration. - True to throw on error. - The list of credentials. - - - - Get credentials for user from credential manager. - - A filter for the target name, for example DOMAIN*. If null or empty returns all credentials. - Flags for the enumeration. - The list of credentials. - - - - Get credentials for user from credential manager. - - A filter for the target name, for example DOMAIN*. If null or empty returns all credentials. - The list of credentials. - - - - Get all credentials for user from credential manager. - - The list of credentials. - - - - Get a credential by name. - - The name of the credential. - The type of credential. - True to throw on error. - The read credential. - - - - Get a credential by name. - - The name of the credential. - The type of credential. - The read credential. - - - - Backup a user's credentials. - - The user's token. - The key for the data, typically a unicode password. Optional - True if the key is already encoded. - Caller needs SeTrustedCredmanAccessPrivilege enabled. - - - - Specify credential persistence. - - - - - Identifies the type of credentials. - - - - - Information class for a SAM domain object. - - - - - Logon32 provider - - - - - Default. - - - - - Windows NT 3.5. - - - - - Windows NT 4.0. - - - - - Windows NT 5.0. - - - - - Virtual provider. - - - - - Logon UserFlags. - - - - - Indicates the last client token status for the client context. - - - - - Yes it's the last token. - - - - - No it's not the last token. - - - - - It might be, who knows? - - - - - Status code for SSPI interface calls. - - - - - Class to represent an Account Right assigned to a user. - - - - - The name of the account right. - - - - - The display name, if known. - - - - - Get list of SIDS assigned to this access right. - - - - - ToString method. - - The name of the account right. - - - - List of account rights. Not the same as privileges. - - - - - Class to represent an LSA account object. - - - - - Get the account SID. - - - - - Get or set system access flags. - - - - - Get account privileges. - - - - - Get system access flags. - - True to throw on error. - The system access flags. - - - - Set system access flags. - - The flags to set. - True to throw on error. - The system access flags. - - - - Enumerate privileges for the account. - - True to throw on error. - The list of token privileges. - - - - Access rights for an LSA account. - - - - - Flags for looking up SIDs by name. - - - - - Flags for looking up SID names. - - - - - Base class for an LSA object. - - - - - Get the NT type for the object. - - - - - Get the object name for the object. - - - - - Get whether the object is a container. - - - - - Get the object's security descriptor. - - - - - Is an access mask granted to the object. - - The access to check. - True if all access is granted. - - - - Get the security descriptor specifying which parts to retrieve - - What parts of the security descriptor to retrieve - True to throw on error. - The security descriptor - - - - Get the security descriptor specifying which parts to retrieve - - What parts of the security descriptor to retrieve - The security descriptor - - - - Set the object's security descriptor - - The security descriptor to set. - What parts of the security descriptor to set - True to throw on error. - The NT status code. - - - - Set the object's security descriptor - - The security descriptor to set. - What parts of the security descriptor to set - - - - Delete the object. - - True to throw on error. - The NT status code. - - - - Delete the object. - - - - - Get the system name for the policy. - - - - - Dispose the policy. - - - - - Class to represent the LSA policy. - - - - - Lookup names for SIDs. - - The list of SIDs to lookup. - True to throw on error. - The list of looked up SID names. - - - - Lookup names for SIDs. - - The list of SIDs to lookup. - The list of looked up SID names. - - - - Lookup name for a SID. - - The SID to lookup. - - - - - Lookup names for SIDs. - - The list of SIDs to lookup. - Lookup options flags. - True to throw on error. - The list of looked up SID names. - - - - Lookup names for SIDs. - - The list of SIDs to lookup. - Lookup options flags. - The list of looked up SID names. - - - - Lookup names from the LSA policy. - - The names to lookup. - Flags for the lookup. - True to throw on error. - The list of SID names. - - - - Lookup names from the LSA policy. - - The names to lookup. - Flags for the lookup. - The list of SID names. - - - - Lookup names from the LSA policy. - - The names to lookup. - The list of SID names. - - - - Lookup names from the LSA policy. - - The name to lookup. - The looked up SID name. - - - - Enumerate accounts with a user right. - - The name of the user right. - True to throw on error. - The list of SIDs with the user right. - - - - Enumerate accounts with a user right. - - The name of the user right. - The list of SIDs with the user right. - - - - Enumerate account rights for a SID. - - The SID to enumerate for. - True to throw on error. - The list of assigned account rights. - - - - Enumerate account rights for a SID. - - The SID to enumerate for. - The list of assigned account rights. - - - - Add account rights to an account. - - The SID of the account. - The list of account rights to add. - True to throw on error. - The NT status code. - - - - Add account rights to an account. - - The SID of the account. - The list of account rights to add. - - - - Remove account rights from an account. - - The SID of the account. - True to remove all rights. - The account rights to add. - True to throw on error. - The NT status code. - - - - Remove account rights from an account. - - The SID of the account. - True to remove all rights. - The account rights to add. - - - - Retrieve LSA privilege data. - - The name of the key. - True to throw on error. - The private data as bytes. - - - - Retrieve LSA privilege data. - - The name of the key. - The private data as bytes. - - - - Store LSA private data. - - The name of the key. - The data to store. If you pass null then the value will be deleted. - True to throw on error. - The NT status code. - - - - Store LSA private data. - - The name of the key. - The data to store. If you pass null then the value will be deleted. - - - - Open an LSA secret object. - - The name of the secret. - The desired access for the secret. - True to throw on error. - The opened secret. - - - - Open an LSA secret object. - - The name of the secret. - The desired access for the secret. - The opened secret. - - - - Open an LSA secret object with maximum access. - - The name of the secret. - The opened secret. - - - - Create an LSA secret object. - - The name of the secret. - The desired access for the secret. - True to throw on error. - The created secret. - - - - Create an LSA secret object. - - The name of the secret. - The desired access for the secret. - The created secret. - - - - Create an LSA secret object with maximum access. - - The name of the secret. - The created secret. - - - - Delete an LSA secret object. - - The name of the secret. - True to throw on error. - The NT status code. - - - - Delete an LSA secret object. - - The name of the secret. - - - - Open an LSA account object. - - The SID of the account. - The desired access for the account. - True to throw on error. - The opened account. - - - - Open an LSA account object. - - The SID of the account. - The desired access for the account. - The opened account. - - - - Open an LSA account object with maximum access. - - The SID of the account. - The opened account. - - - - Create an LSA account object. - - The SID of the account. - The desired access for the account. - True to throw on error. - The created account. - - - - Create an LSA account object. - - The SID of the account. - The desired access for the account. - The created account. - - - - Create an LSA account object with maximum access. - - The SID of the account. - The created account. - - - - Delete an LSA account object. - - The SID of the account. - True to throw on error. - The NT status code. - - - - Delete an LSA account object. - - The SID of the account. - - - - Enumerate account SIDs in policy. - - True to throw on error. - The list of account SIDs. - - - - Enumerate account SIDs in policy. - - The list of account SIDs. - - - - Enumerate and open accessible account objects in policy. - - The desired access for the opened accounts. - True to throw on error. - The list of accessible accounts. - - - - Enumerate and open accessible account objects in policy. - - The desired access for the opened accounts. - - - - Enumerate and open accessible account objects in policy with maximum access. - - - - - Enumerate trusted domain information. - - True to throw on error. - The list of trusted domain information. - - - - Enumerate trusted domain information. - - The list of trusted domain information. - - - - Open trusted domain object. - - The SID of the trusted domain. - The desired access for the object. - True to throw on error. - The trusted domain object. - - - - Open trusted domain object. - - The SID of the trusted domain. - The desired access for the object. - The trusted domain object. - - - - Open trusted domain object. - - The name of the trusted domain. - The desired access for the object. - True to throw on error. - The trusted domain object. - - - - Open trusted domain object. - - The name of the trusted domain. - The desired access for the object. - The trusted domain object. - - - - Enumerate and open accessible trusted domain objects in policy. - - The desired access for the opened trusted domains. - True to throw on error. - The list of accessible trusted domains. - - - - Enumerate and open accessible trusted domain objects in policy. - - The desired access for the opened trusted domains. - The list of accessible trusted domains. - - - - Enumerate and open accessible trusted domain objects in policy. - - The list of accessible trusted domains. - - - - Open an LSA policy. - - The system name for the LSA. - The desired access on the policy. - True to throw on error. - The opened policy. - - - - Open an LSA policy. - - The desired access on the policy. - True to throw on error. - The opened policy. - - - - Open an LSA policy. - - The system name for the LSA. - The desired access on the policy. - The opened policy. - - - - Open an LSA policy. - - The desired access on the policy. - The opened policy. - - - - Open an LSA policy with maximum allowed access. - - The opened policy. - - - - Access rights for the LSA policy. - - - - - Utilities for an LSA policy. - - - - - The name of the fake NT type for a LSA policy. - - - - - The name of the fake NT type for a LSA secret. - - - - - The name of the fake NT type for a LSA account. - - - - - The name of the fake NT type for a LSA trusted domain. - - - - - Generic generic mapping for LSA policy security. - - The generic mapping for the LSA policy. - - - - Generic generic mapping for LSA secret security. - - The generic mapping for the LSA secret. - - - - Generic generic mapping for LSA account security. - - The generic mapping for the LSA account. - - - - Generic generic mapping for LSA trusted domain security. - - The generic mapping for the LSA trusted domain. - - - - Class to represent an LSA secret. - - - - - Query the value of the secret. - - True to throw on error. - The value of the secret. - - - - Query the value of the secret. - - The value of the secret. - - - - Query the current value of the secret. - - True to throw on error. - The current value of the secret. - - - - Query the current value of the secret. - - The current value of the secret. - - - - Query the old value of the secret. - - True to throw on error. - The old value of the secret. - - - - Query the old value of the secret. - - The old value of the secret. - - - - Set the value of the secret. - - The current value to set. - The old value to set. - True to throw on error. - The NT status code. - - - - Set the value of the secret. - - The current value to set. - The old value to set. - - - - Access rights for an LSA secret. - - - - - Class to represent an LSA secret value. - - - - - The current value of the secret. - - - - - The set time for the current value. - - - - - The old value of the secret. - - - - - The set time for the old value. - - - - - Flags for an account's system access. - - - - - Trust attribute flags for a trusted domain. - - - - - Direction of trust for a trusted domain. - - - - - Class to represent an LSA trusted domain. - - - - - Flat name (NETBIOS) of domain. - - - - - Domain SID. - - - - - Name of the domain. - - - - - Domain trust direction. - - - - - Domain trust type. - - - - - Domain trust attributes. - - - - - Access rights for an LSA trusted domain. - - - - - Information for a trusted domain. - - - - - DNS name of domain. - - - - - Flat name (NETBIOS) of domain. - - - - - Domain SID. - - - - - Domain trust direction. - - - - - Domain trust type. - - - - - Domain trust attributes. - - - - - Trust type for a trusted domain. - - - - - Class to represent a SAM alias. - - - - - Get members of the alias. - - True to throw on error. - The list of alias members. - - - - Get members of the alias. - - The list of alias members. - - - - The alias name. - - - - - The SID of the alias. - - - - - Access rights for a SAM alias object. - - - - - Class to represent a SAM domain object. - - - - - The domain name. - - - - - The domain SID. - - - - - Get domain password information - - - - - Lookup names in a domain. - - The list of names to lookup. - True to throw on error. - The list of looked up SID names. - - - - Lookup names in a domain. - - The list of names to lookup. - The list of looked up SID names. - - - - Lookup a name in a domain. - - The name to lookup. - True to throw on error. - The SID name. - - - - Lookup a name in a domain. - - The name to lookup. - The SID name. - - - - Lookup relative IDs in a domain. - - The list of relative IDs to lookup. - True to throw on error. - The list of looked up SID names. - - - - Lookup relative IDs in a domain. - - The list of relative IDs to lookup. - The list of looked up SID names. - - - - Lookup a rid in a domain. - - The relative ID to lookup. - True to throw on error. - The SID name. - - - - Lookup a rid in a domain. - - The relative ID to lookup. - The SID name. - - - - Enumerate users in a domain. - - User account control flags. - True to throw on error. - The list of users. - - - - Enumerate users in a domain. - - User account control flags. - The list of users. - - - - Enumerate users in a domain. - - The list of users. - - - - Enumerate groups in a domain. - - True to throw on error. - The list of groups. - - - - Enumerate groups in a domain. - - The list of groups. - - - - Enumerate aliases in a domain. - - True to throw on error. - The list of aliases. - - - - Enumerate aliases in a domain. - - The list of aliases. - - - - Get alias membership for a set of SIDs. - - The SIDs to check. - True to throw on error. - The alias enumeration. - - - - Get alias membership for a set of SIDs. - - The SIDs to check. - The alias enumeration. - - - - Get alias membership for a SID. - - The SID to check. - The alias enumeration. - - - - Open a user by relative ID. - - The user ID for the user. - The desired access for the user object. - True to throw on error. - The SAM user object. - - - - Open a user by relative ID. - - The user ID for the user. - The desired access for the user object. - The SAM user object. - - - - Open a user by SID. - - The sid for the user. - The desired access for the user object. - True to throw on error. - The SAM user object. - - - - Open a user by SID. - - The sid for the user. - The desired access for the user object. - The SAM user object. - - - - Open a user by name. - - The user name for the user. - The desired access for the user object. - True to throw on error. - The SAM user object. - - - - Open a user by name. - - The user name for the user. - The desired access for the user object. - The SAM user object. - - - - Open a group by relative ID. - - The ID for the group. - The desired access for the group object. - True to throw on error. - The SAM group object. - - - - Open a group by relative ID. - - The ID for the group. - The desired access for the group object. - The SAM group object. - - - - Open a group by SID. - - The sid for the group. - The desired access for the group object. - True to throw on error. - The SAM group object. - - - - Open a group by SID. - - The sid for the group. - The desired access for the group object. - The SAM group object. - - - - Open a group by name. - - The name for the group. - The desired access for the group object. - True to throw on error. - The SAM group object. - - - - Open a group by name. - - The name for the group. - The desired access for the group object. - The SAM group object. - - - - Create a new group object. - - The name of the group. - The desired access for the group object. - True to throw on error. - The SAM group object. - - - - Create a new group object. - - The name of the group. - The desired access for the group object. - The SAM group object. - - - - Create a new group object. - - The name of the group. - The SAM group object. - - - - Create a new user in the SAM. - - The name of the user. - The type of account. - Desired access for new user. - True to throw on error. - The SAM user object. - - - - Create a new user in the SAM. - - The name of the user. - The type of account. - Desired access for new user. - The SAM user object. - - - - Open an alias by relative ID. - - The ID for the alias. - The desired access for the alias object. - True to throw on error. - The SAM alias object. - - - - Open an alias by relative ID. - - The ID for the alias. - The desired access for the alias object. - The SAM alias object. - - - - Open an alias by SID. - - The sid for the alias. - The desired access for the alias object. - True to throw on error. - The SAM alias object. - - - - Open an alias by SID. - - The sid for the alias. - The desired access for the alias object. - The SAM alias object. - - - - Open an alias by name. - - The name for the alias. - The desired access for the alias object. - True to throw on error. - The SAM alias object. - - - - Open an alias by name. - - The name for the alias. - The desired access for the alias object. - The SAM alias object. - - - - Enumerate and open accessible user objects. - - User account control flags. - The desired access for the opened users. - True to throw on error. - The list of accessible users. - - - - Enumerate and open accessible user objects. - - User account control flags. - The desired access for the opened users. - The list of accessible users. - - - - Enumerate and open accessible user objects with maximum access. - - The list of accessible users. - - - - Enumerate and open accessible group objects. - - The desired access for the opened groups. - True to throw on error. - The list of accessible groups. - - - - Enumerate and open accessible group objects. - - The desired access for the opened groups. - The list of accessible groups. - - - - Enumerate and open accessible group objects with maximum access. - - The list of accessible groups. - - - - Enumerate and open accessible alias objects. - - The desired access for the opened aliases. - True to throw on error. - The list of accessible aliases. - - - - Enumerate and open accessible alias objects. - - The desired access for the opened aliases. - The list of accessible aliases. - - - - Enumerate and open accessible alias objects with maximum access. - - The list of accessible aliases. - - - - Convert a RID to a SID for the current object. - - The relative ID. - True to throw on error. - The converted SID. - - - - Convert a RID to a SID for the current object. - - The relative ID. - The converted SID. - - - - Get password information. - - True to throw on error. - - - - - Access rights for a SAM domain object. - - - - - The domain password policy. - - - - - Minimum password length. - - - - - Password history length. - - - - - Password properties flags. - - - - - Maximum password age. - - - - - Minimum password age. - - - - - Flags for password properties. - - - - - Class to represent a SAM group. - - - - - Get members of the group. - - True to throw on error. - The list of group members. - - - - Get members of the group. - - The list of group members. - - - - Query group attribute flags. - - True to throw on error. - The group attribute flags. - - - - Set the group attribute flags. - - The attributes to set. - True to throw on error. - The NT status code. - - - - Delete the group object. - - True to throw on error. - The NT status code. - - - - Delete the group object. - - - - - The group name. - - - - - The SID of the group. - - - - - Get or set the group attribute flags. - - - - - Access rights for the SAM group. - - - - - Membership entry for a group. - - - - - The group relative ID. - - - - - The attributes for the group. - - - - - Base class for a SAM object. - - - - - The name of the server that we've connected to. - - - - - Get the NT type for the object. - - - - - Get the object name for the object. - - - - - Get whether the object is a container. - - - - - Get the object's security descriptor. - - - - - Is an access mask granted to the object. - - The access to check. - True if all access is granted. - - - - Get the security descriptor specifying which parts to retrieve - - What parts of the security descriptor to retrieve - True to throw on error. - The security descriptor - - - - Get the security descriptor specifying which parts to retrieve - - What parts of the security descriptor to retrieve - The security descriptor - - - - Set the object's security descriptor - - The security descriptor to set. - What parts of the security descriptor to set - True to throw on error. - The NT status code. - - - - Set the object's security descriptor - - The security descriptor to set. - What parts of the security descriptor to set - - - - Dispose the policy. - - - - - Represents information for a SAM relative value. - - - - - The name of the domain. - - - - - The RID of the domain. - - - - - Class to represent a connection to a SAM server. - - - - - Enumerate domains in the SAM. - - True to throw on error. - The list of domains. - - - - Enumerate domains in the SAM. - - The list of domains. - - - - Lookup the domain SID for a domain name. - - The name of the domain. - True to throw on error. - The domain SID. - - - - Lookup the domain SID for a domain name. - - The name of the domain. - The domain SID. - - - - Open a SAM domain object. - - The domain SID. - The desired access for the object. - True to throw on error. - The SAM domain object. - - - - Open a SAM domain object. - - The domain SID. - The desired access for the object. - The SAM domain object. - - - - Open a SAM domain object. - - The name of the domain. - The desired access for the object. - True to throw on error. - The SAM domain object. - - - - Open a SAM domain object. - - The name of the domain. - The desired access for the object. - The SAM domain object. - - - - Enumerate and open accessible domain objects. - - The desired access for the opened domains. - True to throw on error. - The list of accessible domains. - - - - Enumerate and open accessible domain objects. - - The desired access for the opened domains. - The list of accessible domains. - - - - Opens the builtin domain on the server. - - The desired access for the object. - True to throw on error. - The SAM domain object. - - - - Opens the builtin domain on the server. - - The desired access for the object. - The SAM domain object. - - - - Opens the user domain on the server. - - The desired access for the object. - True to throw on error. - The SAM domain object. - - - - Opens the user domain on the server. - - The desired access for the object. - The SAM domain object. - - - - Connect to a SAM server. - - The name of the server. Set to null for local connection. - The desired access on the SAM server. - True to throw on error. - The server connection. - - - - Connect to a SAM server. - - The name of the server. Set to null for local connection. - The desired access on the SAM server. - The server connection. - - - - Connect to a SAM server. - - The desired access on the SAM server. - The server connection. - - - - Connect to a SAM server with maximum access. - - The server connection. - - - - Access rights for the SAM server. - - - - - Class to represent a SAM user. - - - - - Get full name for the user. - - True to throw on error. - The full name of the user. - - - - Get home directory for the user. - - True to throw on error. - The home directory of the user. - - - - Get primary group ID for the user. - - True to throw on error. - The primary group ID of the user. - - - - Get user account control flags for the user. - - True to throw on error. - The user account control flags of the user. - - - - Change a user's password. - - The old password. - The new password. - True to throw on error. - The NT status code. - - - - Change a user's password. - - The old password. - The new password. - - - - Set a user's password. - - The password to set. - Whether the password has expired. - True to throw on error. - The NT status code. - - - - Set a user's password. - - The password to set. - Whether the password has expired. - - - - The user name. - - - - - The SID of the user. - - - - - Get full name for the user. - - - - - Get home directory for the user. - - - - - Get user account control flags for the user. - - - - - Is the account disabled? - - - - - Get the primary group SID. - - - - - Access rights for a SAM user object. - - - - - Type of user account to create. - - - - - A user account. - - - - - A workstation trust account. - - - - - A server trust account. - - - - - A temporary duplicate account. - - - - - Inter domain trust account. - - - - - User account control flags. - - - - - Security utilities which call the Win32 APIs. - - - - - Set security using a named object. - - The name of the object. - The type of named object. - The security information to set. - The security descriptor to set. - True to throw on error. - The NT status code. - - - - Set security using a named object. - - The name of the object. - The type of named object. - The security information to set. - The security descriptor to set. - Specify to indicate when to execute progress function. - The security operation to perform on the tree. - Progress function. - - - - Set security using a named object. - - The name of the object. - The type of named object. - The security information to set. - The security descriptor to set. - Specify to indicate when to execute progress function. - The security operation to perform on the tree. - Progress function. - True to throw on error. - The NT status code. - - - - Set security using a named object. - - The name of the object. - The type of named object. - The security information to set. - The security descriptor to set. - The Win32 Error Code. - - - - Set security using an object handle. - - The handle of the object. - The type of object. - The security information to set. - The security descriptor to set. - True to throw on error. - The NT status code. - - - - Set security using an object handle. - - The handle of the object. - The type of object. - The security information to set. - The security descriptor to set. - - - - Set security using an object handle. - - The handle of the object. - The type of object. - The security information to set. - The security descriptor to set. - True to throw on error. - The NT status code. - - - - Set security using an object handle. - - The handle of the object. - The type of object. - The security information to set. - The security descriptor to set. - - - - Reset security using a named object. - - The name of the object. - The type of named object. - The security information to set. - The security descriptor to set. - True to keep explicit ACEs. - Specify to indicate when to execute progress function. - Progress function. - - - - Reset security using a named object. - - The name of the object. - The type of named object. - The security information to set. - The security descriptor to set. - Specify to indicate when to execute progress function. - True to keep explicit ACEs. - Progress function. - True to throw on error. - The NT status code. - - - - Get the source of inherited ACEs. - - The name of the resource. - The type of the resource. - Whether the resource is a container. - Optional list of object types. - The security descriptor for the resource. - True to check the SACL otherwise checks the DACL. - Generic mapping for the resource. - Query security descriptors for sources. - True to throw on error. - The list of inheritance sources. - - - - Get the source of inherited ACEs. - - The name of the resource. - The type of the resource. - Whether the resource is a container. - Optional list of object types. - The security descriptor for the resource. - True to check the SACL otherwise checks the DACL. - Generic mapping for the resource. - Query security descriptors for sources. - The list of inheritance sources. - - - - Get the security descriptor for a named resource. - - The name of the resource. - The type of the resource. - The security information to get. - True to throw on error. - The security descriptor. - - - - Get the security descriptor for a named resource. - - The name of the resource. - The type of the resource. - The security information to get. - The security descriptor. - - - - Get the security descriptor for a resource. - - The handle to the resource. - The type of the resource. - The security information to get. - True to throw on error. - The security descriptor. - - - - Get the security descriptor for a resource. - - The handle to the resource. - The type of the resource. - The security information to get. - The security descriptor. - - - - Get the NT type for a SE Object Type. - - The type of the resource. - The NT type if known, otherwise null. - - - - Lookup a privilege display name. - - The system name to do the lookup on. - The privilege name. - The display name. Empty string on error. - - - - Add a SID to name mapping with LSA. - - The domain name for the SID. The SID must be in the NT authority. - The account name for the SID. Can be null for a domain SID. - The SID to add. - True to throw on error. - The NT status result. - - - - Add a SID to name mapping with LSA. - - The domain name for the SID. - The account name for the SID. Can be null for a domain SID. - The SID to add. - The NT status result. - - - - Remove a SID to name mapping with LSA. - - The domain name for the SID. - The account name for the SID. Can be null for a domain SID. - True to throw on error. - The NT status result. - - - - Remove a SID to name mapping with LSA. - - The domain name for the SID. - The account name for the SID. Can be null for a domain SID. - The NT status result. - - - - Remove a SID to name mapping with LSA. - - The SID to remove. - The NT status result. - - - - Logon a user with a username and password. - - The username. - The user's domain. - The user's password. - The type of logon token. - The Logon provider. - The logged on token. - - - - Logon a user with a username and password. - - The username. - The user's domain. - The user's password. - The type of logon token. - The Logon provider. - True to throw on error. - The logged on token. - - - - Logon a user with a username and password. - - The username. - The user's domain. - The user's password. - The type of logon token. - The Logon provider. - Additional groups to add. Needs SeTcbPrivilege. - The logged on token. - - - - Logon a user with a username and password. - - The username. - The user's domain. - The user's password. - The type of logon token. - The Logon provider. - Additional groups to add. Needs SeTcbPrivilege. - True to throw on error. - The logged on token. - - - - Lookup a SID's internet name. - - The SID to lookup. - True to throw on error. - The name of the sid as an internet account. - This still might return the normal NT4 style account name if the user is not an internet user. - - - - Lookup a SID's internet name. - - The SID to lookup. - The name of the sid as an internet account. - This still might return the normal NT4 style account name if the user is not an internet user. - - - - Retrieve LSA private data. - - The system containing the LSA instance. - The name of the key. - True to throw on error. - The private data as bytes. - - - - Retrieve LSA private data. - - The system containing the LSA instance. - The name of the key. - The private data as bytes. - - - - Retrieve LSA private data. - - The name of the key. - The private data as bytes. - - - - Store LSA private data. - - The system containing the LSA instance. - The name of the key. - The data to store. - True to throw on error. - The NT status code. - - - - Store LSA private data. - - The system containing the LSA instance. - The name of the key. - The data to store. - - - - Store LSA private data. - - The name of the key. - The data to store. - - - - Delete LSA private data. - - The system containing the LSA instance. - The name of the key. - True to throw on error. - The NT status code. - - - - Delete LSA private data. - - The system containing the LSA instance. - The name of the key. - - - - Delete LSA private data. - - The name of the key. - - - - Virtual Key enumeration. - - - - - Left mouse button - - - - - Right mouse button - - - - - Control-break processing - - - - - Middle mouse button (three-button mouse) - - - - - Windows 2000/XP: X1 mouse button - - - - - Windows 2000/XP: X2 mouse button - - - - - BACKSPACE key - - - - - TAB key - - - - - CLEAR key - - - - - ENTER key - - - - - SHIFT key - - - - - CTRL key - - - - - ALT key - - - - - PAUSE key - - - - - CAPS LOCK key - - - - - Input Method Editor (IME) Kana mode - - - - - IME Hangul mode - - - - - IME Junja mode - - - - - IME final mode - - - - - IME Hanja mode - - - - - IME Kanji mode - - - - - ESC key - - - - - IME convert - - - - - IME nonconvert - - - - - IME accept - - - - - IME mode change request - - - - - SPACEBAR - - - - - PAGE UP key - - - - - PAGE DOWN key - - - - - END key - - - - - HOME key - - - - - LEFT ARROW key - - - - - UP ARROW key - - - - - RIGHT ARROW key - - - - - DOWN ARROW key - - - - - SELECT key - - - - - PRINT key - - - - - EXECUTE key - - - - - PRINT SCREEN key - - - - - INS key - - - - - DEL key - - - - - HELP key - - - - - 0 key - - - - - 1 key - - - - - 2 key - - - - - 3 key - - - - - 4 key - - - - - 5 key - - - - - 6 key - - - - - 7 key - - - - - 8 key - - - - - 9 key - - - - - A key - - - - - B key - - - - - C key - - - - - D key - - - - - E key - - - - - F key - - - - - G key - - - - - H key - - - - - I key - - - - - J key - - - - - K key - - - - - L key - - - - - M key - - - - - N key - - - - - O key - - - - - P key - - - - - Q key - - - - - R key - - - - - S key - - - - - T key - - - - - U key - - - - - V key - - - - - W key - - - - - X key - - - - - Y key - - - - - Z key - - - - - Left Windows key (Microsoft Natural keyboard) - - - - - Right Windows key (Natural keyboard) - - - - - Applications key (Natural keyboard) - - - - - Computer Sleep key - - - - - Numeric keypad 0 key - - - - - Numeric keypad 1 key - - - - - Numeric keypad 2 key - - - - - Numeric keypad 3 key - - - - - Numeric keypad 4 key - - - - - Numeric keypad 5 key - - - - - Numeric keypad 6 key - - - - - Numeric keypad 7 key - - - - - Numeric keypad 8 key - - - - - Numeric keypad 9 key - - - - - Multiply key - - - - - Add key - - - - - Separator key - - - - - Subtract key - - - - - Decimal key - - - - - Divide key - - - - - F1 key - - - - - F2 key - - - - - F3 key - - - - - F4 key - - - - - F5 key - - - - - F6 key - - - - - F7 key - - - - - F8 key - - - - - F9 key - - - - - F10 key - - - - - F11 key - - - - - F12 key - - - - - F13 key - - - - - F14 key - - - - - F15 key - - - - - F16 key - - - - - F17 key - - - - - F18 key - - - - - F19 key - - - - - F20 key - - - - - F21 key - - - - - F22 key, (PPC only) Key used to lock device. - - - - - F23 key - - - - - F24 key - - - - - NUM LOCK key - - - - - SCROLL LOCK key - - - - - Left SHIFT key - - - - - Right SHIFT key - - - - - Left CONTROL key - - - - - Right CONTROL key - - - - - Left MENU key - - - - - Right MENU key - - - - - Windows 2000/XP: Browser Back key - - - - - Windows 2000/XP: Browser Forward key - - - - - Windows 2000/XP: Browser Refresh key - - - - - Windows 2000/XP: Browser Stop key - - - - - Windows 2000/XP: Browser Search key - - - - - Windows 2000/XP: Browser Favorites key - - - - - Windows 2000/XP: Browser Start and Home key - - - - - Windows 2000/XP: Volume Mute key - - - - - Windows 2000/XP: Volume Down key - - - - - Windows 2000/XP: Volume Up key - - - - - Windows 2000/XP: Next Track key - - - - - Windows 2000/XP: Previous Track key - - - - - Windows 2000/XP: Stop Media key - - - - - Windows 2000/XP: Play/Pause Media key - - - - - Windows 2000/XP: Start Mail key - - - - - Windows 2000/XP: Select Media key - - - - - Windows 2000/XP: Start Application 1 key - - - - - Windows 2000/XP: Start Application 2 key - - - - - Used for miscellaneous characters; it can vary by keyboard. - - - - - Windows 2000/XP: For any country/region, the '+' key - - - - - Windows 2000/XP: For any country/region, the ',' key - - - - - Windows 2000/XP: For any country/region, the '-' key - - - - - Windows 2000/XP: For any country/region, the '.' key - - - - - Used for miscellaneous characters; it can vary by keyboard. - - - - - Used for miscellaneous characters; it can vary by keyboard. - - - - - Used for miscellaneous characters; it can vary by keyboard. - - - - - Used for miscellaneous characters; it can vary by keyboard. - - - - - Used for miscellaneous characters; it can vary by keyboard. - - - - - Used for miscellaneous characters; it can vary by keyboard. - - - - - Used for miscellaneous characters; it can vary by keyboard. - - - - - Windows 2000/XP: Either the angle bracket key or the backslash key on the RT 102-key keyboard - - - - - Windows 95/98/Me, Windows NT 4.0, Windows 2000/XP: IME PROCESS key - - - - - Windows 2000/XP: Used to pass Unicode characters as if they were keystrokes. - The VK_PACKET key is the low word of a 32-bit Virtual Key value used for non-keyboard input methods. For more information, - see Remark in KEYBDINPUT, SendInput, WM_KEYDOWN, and WM_KEYUP - - - - - Attn key - - - - - CrSel key - - - - - ExSel key - - - - - Erase EOF key - - - - - Play key - - - - - Zoom key - - - - - Reserved - - - - - PA1 key - - - - - Clear key - - - - - Class representing the information about a service. - - - - - The name of the service. - - - - - The security descriptor of the service. - - - - - The list of triggers for the service. - - - - - The service SID setting. - - - - - The service launch protected setting. - - - - - The service required privileges. - - - - - The service type. - - - - - Service start type. - - - - - Error control. - - - - - Binary path name. - - - - - Load order group. - - - - - Tag ID for load order. - - - - - Dependencies. - - - - - Display name. - - - - - Service start name. For user mode services this is the username, for drivers it's the driver name. - - - - - Indicates this service is set to delayed automatic start. - - - - - The user name this service runs under. - - - - - Type of service host when using Win32Share. - - - - - Service main function when using Win32Share. - - - - - Image path for the service. - - - - - Get name of the target image, either the ServiceDll or ImagePath. - - - - - Service DLL if a shared process server. - - - - - The name of the machine this service was found on. - - - - - Indicates if this service process is grouped with others. - - - - - Class to represent custom data for a service trigger. - - - - - The type of data. - - - - - The raw custom data. - - - - - The custom data as a string. - - - - - The custom data as an array of strings (only useful for String type). - - - - - Overidden ToString method. - - The data as a string. - - - - Trigger information for a service. - - - - - The type of service trigger. - - - - - The service trigger action. - - - - - The sub-type GUID. - - - - - The description of the sub type. - - - - - Custom data. - - - - - Overridden ToString method. - - The trigger as a string. - - - - Trigger the service. - - - - - Service trigger type. - - - - - Represents an action that the service control manager can perform. - - - - - The action to be performed. - - - - - The time to wait before performing the specified action, in milliseconds. - - - - The action to be performed. - The time to wait before performing the specified action, in milliseconds. - - - - Utilities for accessing services. - - - - - The name of the fake NT type for a service. - - - - - The name of the fake NT type for the SCM. - - - - - Get the generic mapping for the SCM. - - The SCM generic mapping. - - - - Get the generic mapping for a service. - - The service generic mapping. - - - - Get the security descriptor of the SCM. - - The SCM security descriptor. - - - - Get the security descriptor of the SCM. - - The name of a target computer. Can be null or empty to specify local machine. - Parts of the security descriptor to return. - True to throw on error. - The SCM security descriptor. - - - - Get the security descriptor of the SCM. - - The name of a target computer. Can be null or empty to specify local machine. - Parts of the security descriptor to return. - The SCM security descriptor. - - - - Get the security descriptor of the SCM. - - Parts of the security descriptor to return. - True to throw on error. - The SCM security descriptor. - - - - Get the security descriptor of the SCM. - - Parts of the security descriptor to return. - The SCM security descriptor. - - - - Get the security descriptor for a service. - - The name of the service. - Parts of the security descriptor to return. - True to throw on error. - The name of a target computer. Can be null or empty to specify local machine. - The security descriptor. - - - - Get the security descriptor for a service. - - The name of the service. - Parts of the security descriptor to return. - The name of a target computer. Can be null or empty to specify local machine. - The security descriptor. - - - - Get the security descriptor for a service. - - The name of the service. - Parts of the security descriptor to return. - True to throw on error. - The security descriptor. - - - - Get the security descriptor for a service. - - The name of the service. - Parts of the security descriptor to return. - The security descriptor. - - - - Set the SCM security descriptor. - - The name of a target computer. Can be null or empty to specify local machine. - The security descriptor to set. - The parts of the security descriptor to set. - True to throw on error. - The NT status code. - - - - Set the SCM security descriptor. - - The name of a target computer. Can be null or empty to specify local machine. - The security descriptor to set. - The parts of the security descriptor to set. - - - - Set the SCM security descriptor. - - The security descriptor to set. - The parts of the security descriptor to set. - True to throw on error. - The NT status code. - - - - Set the SCM security descriptor. - - The security descriptor to set. - The parts of the security descriptor to set. - - - - Get the information about a service. - - The name of the service. - The name of a target computer. Can be null or empty to specify local machine. - True to throw on error. - The service information. - - - - Get the information about a service. - - The name of the service. - The name of a target computer. Can be null or empty to specify local machine. - The service information. - - - - Get the information about a service. - - The name of the service. - True to throw on error. - The service information. - - - - Set the security descriptor for a service. - - The name of the service. - The name of a target computer. Can be null or empty to specify local machine. - The security descriptor to set. - The security information to set. - True to throw on error. - The NT status. - - - - Set the security descriptor for a service. - - The name of the service. - The name of a target computer. Can be null or empty to specify local machine. - The security descriptor to set. - The security information to set. - - - - Set the security descriptor for a service. - - The name of the service. - The security descriptor to set. - The security information to set. - True to throw on error. - The NT status. - - - - Set the security descriptor for a service. - - The name of the service. - The security descriptor to set. - The security information to set. - - - - Get the information about a service. - - The name of the service. - The service information. - - - - Get the information about all services. - - The name of a target computer. Can be null or empty to specify local machine. - The types of services to return. - The list of service information. - - - - Get the information about all services. - - The types of services to return. - The list of service information. - - - - Get the PID of a running service. - - The name of the service. - Returns the PID of the running service, or 0 if not running. - Thrown on error. - - - - Get the PIDs of a list of running service. - - The names of the services. - Returns the PID of the running service, or 0 if not running. - Thrown on error. - - - - Get a running service by name. - - The name of the service. - The name of a target computer. Can be null or empty to specify local machine. - True to throw on error. - The running service. - This will return active and non-active services as well as drivers. - - - - Get a running service by name. - - The name of the service. - The name of a target computer. Can be null or empty to specify local machine. - The running service. - This will return active and non-active services as well as drivers. - - - - Get a running service by name. - - The name of the service. - The running service. - True to throw on error. - This will return active and non-active services as well as drivers. - - - - Get a running service by name. - - The name of the service. - The running service. - This will return active and non-active services as well as drivers. - - - - Get a list of all registered services. - - The name of a target computer. Can be null or empty to specify local machine. - Specify state of services to get. - Specify the type filter for services. - A list of registered services. - - - - Get a list of all registered services. - - Specify state of services to get. - Specify the type filter for services. - A list of registered services. - - - - Get flags for all user service types. - - The flags for user service types. - - - - Get flags for all kernel driver types. - - The flags for kernel driver types. - - - - Get a list of all registered services. - - A list of registered services. - - - - Get a list of all active running services with their process IDs. - - A list of all active running services with process IDs. - - - - Get a list of all drivers. - - A list of all drivers. - - - - Get a list of all active running drivers. - - A list of all active running drivers. - - - - Get a list of all services and drivers. - - A list of all services and drivers. - - - - Get a list of all services and drivers. - - A list of all services and drivers. - - - - Get a fake NtType for a service. - - Service returns the service type, SCM returns SCM type. - The fake service NtType. Returns null if not a recognized type. - - - - Create a new service. - - The name of a target computer. Can be null or empty to specify local machine. - The name of the service. - The display name for the service. - The service type. - The service start type. - Error control. - Path to the service executable. - Load group order. - List of service dependencies. - The username for the service. - Password for the username if needed. - True to throw on error. - The registered service information. - - - - Create a new service. - - The name of a target computer. Can be null or empty to specify local machine. - The name of the service. - The display name for the service. - The service type. - The service start type. - Error control. - Path to the service executable. - Load group order. - List of service dependencies. - The username for the service. - Password for the username if needed. - The registered service information. - - - - Create a new service. - - The name of the service. - The display name for the service. - The service type. - The service start type. - Error control. - Path to the service executable. - Load group order. - List of service dependencies. - The username for the service. - Password for the username if needed. - True to throw on error. - The registered service information. - - - - Create a new service. - - The name of the service. - The display name for the service. - The service type. - The service start type. - Error control. - Path to the service executable. - Load group order. - List of service dependencies. - The username for the service. - Password for the username if needed. - The registered service information. - - - - Delete a service. - - The name of a target computer. Can be null or empty to specify local machine. - The name of the service. - True to throw on error. - The NT status. - - - - Delete a service. - - The name of a target computer. Can be null or empty to specify local machine. - The name of the service. - The NT status. - - - - Delete a service. - - The name of the service. - True to throw on error. - The NT status. - - - - Delete a service. - - The name of the service. - - - - Send a control code to a service. - - The name of a target computer. Can be null or empty to specify local machine. - The name of the service. - The control code to send. If >= 128 will be sent as a custom control code. - True to throw on error. - The NT status code. - - - - Send a control code to a service. - - The name of a target computer. Can be null or empty to specify local machine. - The name of the service. - The control code to send. If >= 128 will be sent as a custom control code. - - - - Send a control code to a service. - - The name of a target computer. Can be null or empty to specify local machine. - The name of the service. - The control code to send. If >= 128 will be sent as a custom control code. - - - - Send a control code to a service. - - The name of the service. - The control code to send. If >= 128 will be sent as a custom control code. - - - - Send a control code to a service. - - The name of the service. - The control code to send. If >= 128 will be sent as a custom control code. - - - - Change service configuration. - - The name of a target computer. Can be null or empty to specify local machine. - The name of the service. - The display name for the service. - The service type. - The service start type. - Error control. - Path to the service executable. - Load group order. - The tag ID. - List of service dependencies. - The username for the service. - Password for the username if needed. - True to throw on error. - The NT status code. - - - - Change service configuration. - - The name of a target computer. Can be null or empty to specify local machine. - The name of the service. - The display name for the service. - The service type. - The service start type. - Error control. - Path to the service executable. - The tag ID. - Load group order. - List of service dependencies. - The username for the service. - Password for the username if needed. - - - - Change service configuration. - - The name of the service. - The display name for the service. - The service type. - The service start type. - Error control. - Path to the service executable. - The tag ID. - Load group order. - List of service dependencies. - The username for the service. - Password for the username if needed. - True to throw on error. - The NT status code. - - - - Change service configuration. - - The name of the service. - The display name for the service. - The service type. - The service start type. - Error control. - Path to the service executable. - The tag ID. - Load group order. - List of service dependencies. - The username for the service. - Password for the username if needed. - - - - Start a service by name. - - The name of a target computer. Can be null or empty to specify local machine. - The name of the service. - Optional arguments to pass to the service. - True to throw on error. - The status code for the service. - - - - Start a service by name. - - The name of a target computer. Can be null or empty to specify local machine. - The name of the service. - Optional arguments to pass to the service. - - - - Start a service by name. - - The name of the service. - Optional arguments to pass to the service. - True to throw on error. - The status code for the service. - - - - Start a service by name. - - The name of the service. - Optional arguments to pass to the service. - The status code for the service. - - - - Set a service's SID type. - - The name of a target computer. Can be null or empty to specify local machine. - The name of the service. - The SID type to set. - True to throw on error. - The NT status code. - - - - Set a service's SID type. - - The name of a target computer. Can be null or empty to specify local machine. - The name of the service. - The SID type to set. - - - - Set a service's SID type. - - The name of the service. - The SID type to set. - True to throw on error. - The NT status code. - - - - Set a service's SID type. - - The name of the service. - The SID type to set. - - - - Set a service's delayed auto-start. - - The name of a target computer. Can be null or empty to specify local machine. - The name of the service. - If true, the service is started after other auto-start services are started plus a short delay. Otherwise, the service is started during system boot. - True to throw on error. - The NT status code. - - - - - - - - - - - - - - - Set a service's failure recover actions. - - The name of a target computer. Can be null or empty to specify local machine. - The name of the service. - Actions to be performed on service failure. -
If this value is null, is ignored. -
If this value is empty, the reset period and array of failure actions are deleted. - The time after which to reset the failure count to zero if there are no failures, in seconds. Specify -1 to indicate that this value should never be reset. - The command line of the process for the CreateProcess function to execute in response to the command run service controller action. -
This process runs under the same account as the service. -
If this value is null, the command is unchanged. -
If the value is an empty string (""), the command is deleted and no program is run when the service fails. - The message to be broadcast to server users before rebooting in response to the reboot action service controller action. -
If this value is null, the reboot message is unchanged. -
If the value is an empty string (""), the reboot message is deleted and no message is broadcast. -
This member can specify a localized string using the following format: @[path]dllname,-strID -
The string with identifier strID is loaded from dllname; path is optional. - True to throw on error. - The NT status code. - - - - - - - - - - - - - - - Set a service's required privileges. - - The name of a target computer. Can be null or empty to specify local machine. - The name of the service. - The required privileges. - True to throw on error. - The NT status code. - - - - Set a service's required privileges. - - The name of a target computer. Can be null or empty to specify local machine. - The name of the service. - The required privileges. - - - - Set a service's required privileges. - - The name of the service. - The required privileges. - True to throw on error. - The NT status code. - - - - Set a service's required privileges. - - The name of the service. - The required privileges. - - - - Set a service's launch protected type. - - The name of a target computer. Can be null or empty to specify local machine. - The name of the service. - The protected type. - True to throw on error. - The NT status code. - - - - Set a service's launch protected type. - - The name of a target computer. Can be null or empty to specify local machine. - The name of the service. - The protected type. - - - - Set a service's required privileges. - - The name of the service. - The protected type. - True to throw on error. - The NT status code. - - - - Set a service's SID type. - - The name of the service. - The protected type. - - - - A service trigger for an ETW event. - - - - - The security descriptor for the ETW event. Needs administrator privileges. - - - - - Trigger the service. - - - - - Service trigger for firewall port interface. - - - - - The port for the firewall service trigger. - - - - - The protocol for the firewall service trigger. - - - - - The protocol for the firewall service trigger. - - - - - The protocol for the firewall service trigger. - - - - - Service trigger for a named pipe. - - - - - The path to the named pipe. - - - - - Service trigger for an RPC interface. - - - - - List of interface ID for the RPC server. - - - - - Class to represent a handle to the SCM. - - - - - Active services database. - - - - - Failed services database. - - - - - Open an instance of the SCM. - - The machine name for the SCM. - The database name. Specify SERVICES_ACTIVE_DATABASE or SERVICES_FAILED_DATABASE. - If null then SERVICES_ACTIVE_DATABASE is used. - The desired access for the SCM connection. - True to throw on error. - The SCM instance. - - - - Open an instance of the SCM. - - The machine name for the SCM. - The database name. Specify SERVICES_ACTIVE_DATABASE or SERVICES_FAILED_DATABASE. - If null then SERVICES_ACTIVE_DATABASE is used. - The desired access for the SCM connection. - The SCM instance. - - - - Open an instance of the SCM. - - The machine name for the SCM. - The desired access for the SCM connection. - The SCM instance. - - - - Get the Win32 services for the SCM. - - The state of the services to return. - The types of services to return. - True throw on error. - The list of services. - SCM must have been opened with EnumerateService access. - - - - Get the Win32 services for the SCM. - - The state of the services to return. - The types of services to return. - The list of services. - SCM must have been opened with EnumerateService access. - - - - Dispose the object. - - - - - Get the security descriptor specifying which parts to retrieve - - What parts of the security descriptor to retrieve - True to throw on error. - The security descriptor - - - - Get the security descriptor specifying which parts to retrieve - - What parts of the security descriptor to retrieve - The security descriptor - - - - Set the object's security descriptor - - The security descriptor to set. - What parts of the security descriptor to set - True to throw on error. - - - - Set the object's security descriptor - - The security descriptor to set. - What parts of the security descriptor to set - - - - Service trigger for a WNF event. - - - - - The WNF name. - - - - - Represents a loaded module from the symbol resolver. - - - - - The name of the module. - - - - - The base address of the module. - - - - - The image size of the module. - - - - - Get the path to the loaded PDB file is known. - - - - - True indicates this module only has export symbols. - - - - - Query names of types for this module. - - The list of type names. - - - - Query types in a module. - - The list of types. - - - - Get a type by name. - - The name of the type. - - - - - Query types by name - - A mask string for the type name. e.g. mod!ABC* - The list of types. - - - - Returns the name of the module. - - The name of the module. - - - - Static class for creating symbolic resolvers. - - - - - Create a new instance of a symbol resolver. - - The process in which the symbols should be resolved. - The path to dbghelp.dll, ideally should use the one which comes with Debugging Tools for Windows. - The symbol path. - Flags for the symbol resolver. - A text writer for output when specifying the TraceSymbolLoading flag. - The instance of a symbol resolver. Should be disposed when finished. - - - - Create a new instance of a symbol resolver. - - The process in which the symbols should be resolved. - The path to dbghelp.dll, ideally should use the one which comes with Debugging Tools for Windows. - The symbol path. - The instance of a symbol resolver. Should be disposed when finished. - - - - Create a new instance of a symbol resolver. Uses the system dbghelp library and symbol path - from _NT_SYMBOL_PATH environment variable. - - The process in which the symbols should be resolved. - The instance of a symbol resolver. Should be disposed when finished. - - - - Enumeration for safer level. - - - - - Constrained. - - - - - Fully trusted. - - - - - Normal user. - - - - - Untrusted. - - - - - Class to access tokens through various mechanisms. - - - - - Logon a user using S4U - - The username. - The user's realm. - - The logged on token. - - - - Get the anonymous token. - - The access rights for the opened token. - The anonymous token. - - - - Get the anonymous token. - - The anonymous token. - - - - Logon a user. - - The username. - The user's domain. - The user's password. - The logon token's type. - Optional list of additonal groups to add. - The logged on token. - - - - Logon a user. - - The username. - The user's domain. - The user's password. - The logon token's type. - Optional list of additonal groups to add. - The Logon provider. - The logged on token. - - - - Logon a user. - - The username. - The user's domain. - The user's password. - The logon token's type. - Optional list of additonal groups to add. - The Logon provider. - True to throw on error. - The logged on token. - - - - Open the current clipboard token. - - - - - - - - Get the token from the clipboard. - - The access rights for the opened token. - The clipboard token. - - - - Get the token from the clipboard. - - The clipboard token. - - - - Derive a package sid from a name. - - The name of the package. - True to throw on error. - The derived Sid - - - - Derive a package sid from a name. - - The name of the package. - The derived Sid - - - - Derive a restricted package sid from an existing pacakge sid. - - The base package sid. - The restricted name for the sid. - True to throw on error. - The derived Sid. - - - - Derive a restricted package sid from an existing pacakge sid. - - The base package sid. - The restricted name for the sid. - The derived Sid. - - - - Derive a restricted package sid from an existing package sid. - - The base package name. - The restricted name for the sid. - The derived Sid. - - - - Get the package SID from a name. - - The name of the package, can be either an SDDL SID or a package name. - The derived SID. - - - - Get a safer token. - - The base token. - The safer level to use. - True to make the token inert. - The safer token. - - - - Get session token for a session ID. - - The session ID. - The session token. - - - - Get tokens for all logged on sessions. - - Needs SeTcbPrivilege to work. - The list of session tokens. - - - - Create an AppContainer token using the CreateAppContainerToken API. - - The token to base the new token on. Can be null. - The AppContainer package SID. - List of capabilities. - True to throw on error. - The appcontainer token. - This exported function was only introduced in RS3 - - - - Create an AppContainer token using the CreateAppContainerToken API. - - The token to base the new token on. Can be null. - The AppContainer package SID. - List of capabilities. - The appcontainer token. - This exported function was only introduced in RS3 - - - - Create an AppContainer token using the CreateAppContainerToken API. - - The AppContainer package SID. - List of capabilities. - The appcontainer token. - This exported function was only introduced in RS3 - - - - Win32 Error Codes. - - - - - Flags for DefineDosDevice - - - - - None - - - - - Specify a raw target path - - - - - Remove existing definition - - - - - Only remove exact matches to the target - - - - - Don't broadcast changes to the system - - - - - Disposition values for CreateFile. - - - - - Create a new file. Fail if it exists. - - - - - Always create a new file, overwrite if it exists. - - - - - Open a file, fail if it doesn't exist. - - - - - Open a file, create if it doesn't exist. - - - - - Truncate existing file. - - - - - Flags for GetWin32PathName. - - - - - No flags. - - - - - GUID format. - - - - - NT format. - - - - - No specific format. - - - - - Opened file name. - - - - - Class representing a win32 process. - - - - - Create process with a token. - - The token to create the process with. - The process configuration. - The created win32 process. - - - - Create process with a token. - - The token to create the process with. - The path to the executable. - The process command line. - Process creation flags. - The desktop name. - The created win32 process. - - - - Create process with a token from a user logon. - - The username. - The user's domain. - The user's password. - Logon flags. - The process configuration. - The created win32 process. - - - - Create process with a token from a user logon. - - The user's credentials. - Logon flags. - The process configuration. - True to throw on error. - The created win32 process. - - - - Create process with a token from a user logon. - - The user's credentials. - Logon flags. - The process configuration. - The created win32 process. - - - - Create process with a token from a user logon. - - The username. - The user's domain. - The user's password. - Logon flags. - The process configuration. - The created win32 process. - - - - Create process with a token from a user logon. - - The username. - The user's domain. - The user's password. - Logon flags. - The path to the executable. - The process command line. - Process creation flags. - The desktop name. - The created win32 process. - - - - Create process with a token. - - The token to create the process with. - The process configuration. - The created win32 process. - - - - Create process. - - The process configuration. - The created win32 process. - - - - Create process. - - Optional parent process. - The path to the executable. - The process command line. - Process creation flags. - The desktop name. - The created win32 process. - - - - Dispose the process. - - - - - Resume the entire process. - - - - - Suspend the entire process. - - - - - Terminate the process - - The exit code for the termination - - - - The handle to the process. - - - - - The handle to the initial thread. - - - - - The process ID of the process. - - - - - The thread ID of the initial thread. - - - - - True to terminate process when disposed. - - - - - Get the process' exit status. - - - - - Get the process' exit status as an NtStatus code. - - - - - Explicit conversion operator to an NtThread object. - - The win32 process - - - - Explicit conversion operator to an NtProcess object. - - The win32 process - - - - Specify the CreateProcess API to use with a Token. - - - - - Use CreateProcessAsUser, if that fails use CreateProcessWithToken. - - - - - Use only CreateProcessAsUser. - - - - - User only CreateProcessWithToken. - - - - - Win32 process creation configuration. - - - - - Specify security descriptor of process. - - - - - Specify process handle is inheritable. - - - - - Specify security descriptor of thread. - - - - - Specify thread handle is inheritable. - - - - - Specify to inherit handles. - - - - - Specify parent process. - - - - - Specify path to application executable. - - - - - Specify command line. - - - - - Specify creation flags. - - - - - Specify environment block. - - - - - Specify current directory. - - - - - Specify desktop name. - - - - - Specify window title. - - - - - True to terminate the process when it's disposed. - - - - - Specify the mitigation options. - - - - - Specify the mitigation options 2. - - - - - Specify win32k filter flags. - - - - - Specify win32k filter level. - - - - - Specify PP level. - - - - - Specify list of handles to inherit. - - - - - Specify the appcontainer Sid. - - - - - Specify the appcontainer capabilities. - - - - - Specify LPAC. - - - - - Restrict the process from creating child processes. - - - - - Override child process creation restriction. - - - - - Set child process mitigation flags. - - - - - Specify new process policy when creating a desktop bridge application. - - - - - Specify a token to use for the new process. - - - - - Specify a stdin handle for the new process (you must inherit the handle). - - - - - Specify a stdout handle for the new process (you must inherit the handle). - - - - - Specify a stderror handle for the new process (you must inherit the handle). - - - - - Specify the package name to use. - - - - - Specify handle to pseudo console. - - - - - Specify Base Named Objects isolation prefix. - - - - - Specify the safe open prompt original claim. - - - - - When specifying the debug flags use this debug object instead of the current thread's object. - - - - - When specified do not fallback to using CreateProcessWithToken if CreateProcessWithUser fails. - - - - - Specify additional extended flags. - - - - - Specify list of handles to inherit. - - - - - Specify a service window station and desktop. - - - - - Specify authentication credentials for CreateProcessWithLogon. - - - - - Specify logon flags for the Credentials or when calling CreateProcessWithToken. - - - - - Specify the type of API to call when specifying a token. - - - - - Specify component filter flags. - - - - - Add an object's handle to the list of inherited handles. - - The object to add. - The raw handle value. - Note that this doesn't maintain a reference to the object. It should be kept - alive until the process has been created. - - - - Add an AppContainer capability by name. - - The name of the capability. - - - - Add an AppContainer capability by name. - - The capability SID. - - - - Set AppContainer SID from a package name. - - The package name. - - - - Constructor. - - - - - Flags for create process. - - - - - No flags. - - - - - Debug process. - - - - - Debug only this process. - - - - - Create suspended. - - - - - Detach process. - - - - - Create a new console. - - - - - Normal priority class. - - - - - Idle priority class. - - - - - High priority class. - - - - - Realtime priority class. - - - - - Create a new process group. - - - - - Create from a unicode environment. - - - - - Create a separate WOW VDM. - - - - - Share the WOW VDM. - - - - - Force DOS process. - - - - - Below normal priority class. - - - - - Above normal priority class. - - - - - Inherit parent affinity. - - - - - Inherit caller priority (deprecated) - - - - - Create a protected process. - - - - - Specify extended startup information is present. - - - - - Process mode background begin. - - - - - Process mode background end. - - - - - Create a secure process. - - - - - Breakaway from a job object. - - - - - Preserve code authz level. - - - - - Default error mode. - - - - - No window. - - - - - Profile user. - - - - - Profile kernel. - - - - - Profile server. - - - - - Ignore system default. - - - - - Flags for CreateProcessWithLogon - - - - - No flags. - - - - - With a profile. - - - - - Using network credentials. - - - - - Win32k filter flags. - - - - - No flags. - - - - - Enable filter. - - - - - Audit filter. - - - - - Flags for create thread. - - - - - No flags. - - - - - Create suspended. - - - - - Stack size is a reservation. - - - - - Specify PPL level. - - - - - None - - - - - Safe level as parent. - - - - - Tcb PPL - - - - - Windows PP - - - - - Windows PPL - - - - - Antimalware PPL - - - - - LSA PPL - - - - - Tcb PP - - - - - Code Generation PPL - - - - - Authenticode PP - - - - - App PPL - - - - - Extended process flags. - - - - - No flags. - - - - - Log elevation failure. - - - - - Ignore elevation requirements. - - - - - Force job breakaway (needs TCB privilege). - - - - - Process mitigation option flags. - - - - - Process mitigation option 2 flags. - - - - - Class representing a service instance. - - - - - The name of the service. - - - - - The description of the service. - - - - - Type of service. - - - - - Image path for the service. - - - - - Command line for the service. - - - - - Service DLL if a shared process server. - - - - - Current service status. - - - - - What controls are accepted by the service. - - - - - Whether the service can be stopped. - - - - - The Win32 exit code. - - - - - The service specific exit code, if Win32ExitCode is Win32Error.ERROR_SERVICE_SPECIFIC_ERROR. - - - - - The checkpoint while starting. - - - - - Waiting hint time. - - - - - Service flags. - - - - - Process ID of the running service. - - - - - The security descriptor of the service. - - - - - The list of triggers for the service. - - - - - The service SID type. - - - - - The service launch protected setting. - - - - - The service required privileges. - - - - - Service start type. - - - - - Whether the service is a delayed auto start service. - - - - - Error control. - - - - - Load order group. - - - - - Tag ID for load order. - - - - - Dependencies. - - - - - The user name this service runs under. - - - - - Type of service host when using Win32Share. - - - - - Service main function when using Win32Share. - - - - - Indicates if this service process is grouped with others. - - - - - The name of the machine this service was found on. - - - - - Overridden ToString method. - - The name of the service. - - - - Utilities for Win32 APIs. - - - - - Get a mask dictionary for a type. - - The enumerated type to query for names. - The valid access. - A dictionary mapping a mask value to a name. - - - - Get a mask dictionary for a type. - - The enumerated type to query for names. - The valid access. - Specify to get the SDK name instead of a formatting enumerated name. - A dictionary mapping a mask value to a name. - - - - Display the edit security dialog. - - Parent window handle. - NT object to display the security. - The name of the object to display. - True to force the UI to read only. - - - - Display the edit security dialog. - - Parent window handle. - The name of the object to display. - The security descriptor to display. - The NT type of the object. - - - - Display the edit security dialog. - - Parent window handle. - The name of the object to display. - The security descriptor to display. - An enumerated type for the access mask. - Generic mapping for the access rights. - Valid access mask for the access rights. - - - - Define a new DOS device. - - The dos device flags. - The device name to define. - The target path. - - - - Get Windows INVALID_HANDLE_VALUE. - - - - - Parse a command line into arguments. - - The parsed command line. - The list of arguments. - - - - Get the image path from a command line. - - The command line to parse. - The image path, returns the original command line if can't find a valid image path. - - - - Get Win32 path name for a file. - - The file to get the path from. - Flags for the path to return. - True to throw on error. - The win32 path. - - - - Get Win32 path name for a file. - - The file to get the path from. - Flags for the path to return. - The win32 path. - - - - Format a message. - - The module containing the message. - The ID of the message. - The message. Empty string on error. - - - - Format a message. - - The ID of the message. - The message. Empty string on error. - - - - Open a file with the Win32 CreateFile API. - - The filename to open. - The desired access. - The share mode. - Optional security descriptor. - True to set the handle as inheritable. - Creation disposition. - Flags and attributes. - Optional template file. - True to throw on error. - The opened file handle. - - - - Open a file with the Win32 CreateFile API. - - The filename to open. - The desired access. - The share mode. - Optional security descriptor. - True to set the handle as inheritable. - Creation disposition. - Flags and attributes. - Optional template file. - The opened file handle. - - - - Open a file with the Win32 CreateFile API. - - The filename to open. - The desired access. - The share mode. - Creation disposition. - Flags and attributes. - True to throw on error. - The opened file handle. - - - - Open a file with the Win32 CreateFile API. - - The filename to open. - The desired access. - The share mode. - Creation disposition. - Flags and attributes. - The opened file handle. - - - - Send key down events. - - The key codes to send. - - - - Send key down events. - - The key codes to send. - - - - Send key down then up events. - - The key codes to send. - This will send all keys down first, then all up. - - - - This creates a Window Station using the User32 API. - - The name of the Window Station. - The Window Station. - - - - Create a remote thread. - - The process to create the thread in. - The thread security descriptor. - Whether the handle should be inherited. - The size of the stack. 0 for default. - Start address for the thread. - Parameter to pass to the thread. - The flags for the thread creation. - True to throw on error. - The created thread. - Thrown on error. - - - - Create a remote thread. - - The process to create the thread in. - The thread security descriptor. - Whether the handle should be inherited. - The size of the stack. 0 for default. - Start address for the thread. - Parameter to pass to the thread. - The flags for the thread creation. - The created thread. - Thrown on error. - - - - Create a remote thread. - - The process to create the thread in. - Start address for the thread. - Parameter to pass to the thread. - The flags for the thread creation. - The created thread. - Thrown on error. - - - - Get a list of all console sessions. - - True to throw on error. - The list of console sessions. - - - - Get a list of all console sessions. - - The list of console sessions. - - - - Write debug string to output. - - The debug string to write. - - -