《Undocumented Windows 2000 Secrets》翻译 --- 附录B(表B-1)

2020年09月14日 阅读数:56
这篇文章主要向大家介绍《Undocumented Windows 2000 Secrets》翻译 --- 附录B(表B-1),主要内容包括基础应用、实用技巧、原理机制等方面,希望对大家有所帮助。

附录  B app

内核API函数(Kernel API Functions ide

 

附录B包含在第二章讨论的系统模块:win32k.sysntdll.dllntoskrnl.exe导出的函数列表。N/A表示不支持(Not Available)。函数

 

B-1.    Windows 2000 Native APIui

 

函数名称 spa

INT 2eh orm

Ntdll.Nt* xml

Ntdll.Zw* ip

Ntoskrnl.Nt* ci

Ntoskrnl.Zw* it

1

NtAcceptConnectPort

0x0000

 

 

N/A

N/A

2

NtAccessCheck

0x0001

 

 

N/A

N/A

3

NtAccessCheckAndAuditAlarm

0x0002

 

 

N/A

 

4

NtAccessCheckByType

0x0003

 

 

N/A

N/A

5

NtAccessCheckByTypeAndAuditAlarm

0x0004

 

 

N/A

N/A

6

NtAccessCheckByTypeResultList

0x0005

 

 

N/A

N/A

7

NtAccessCheckByTypeResultListAndAuditAlarm 

0x0006

 

 

N/A

N/A

8

NtAccessCheckByTypeResultListAndAuditAlarmByHandle 

0x0007

 

 

N/A

N/A

9

NtAddAtom

0x0008

 

 

 

N/A

10

NtAdjustGroupsToken

0x0009

 

 

N/A

N/A

11

NtAdjustPrivilegesToken 

0x000A

 

 

 

 

12

NtAlertResumeThread

0x000B

 

 

N/A

N/A

13

NtAlertThread

0x000C

 

 

N/A

 

14

NtAllocateLocallyUniqueld

0x000D

 

 

 

N/A

15

NtAllocateUserPhysicalPages

0x000E

 

 

N/A

N/A

16

NtAllocateUuids

0x000F

 

 

 

N/A

17

NtAllocateVirtualMemory

0x0010

 

 

 

 

18

NtAreMappedFilesTheSame

0x0011

 

 

N/A

N/A

19

NtAssignProcessToJobObject

0x0012

 

 

N/A

N/A

20

NtBuildNumber

N/A

N/A

N/A

 

N/A

21

NtCallbackReturn

0x0013

 

 

N/A

N/A

22

NtCancelDeviceWakeupRequest

0x0016

 

 

N/A

N/A

23

NtCancelloFile

0x0014

 

 

N/A

 

24

NtCancelTimer

0x0015

 

 

N/A

 

25

NtClearEvent

0x0017

 

 

N/A

 

26

NtClose

0x0018

 

 

 

 

27

NtCloseObjectAuditAlarm

0x0019

 

 

N/A

 

28

NtCompleteConnectPort

0x001A

 

 

N/A

N/A

29

NtConnectPort

0x001B

 

 

 

 

30

NtContinue

0x001C

 

 

N/A

N/A

31

NtCreateChannel

0x00F1

 

 

N/A

N/A

32

NtCreateDirectoryObject

0x001D

 

 

N/A

 

33

NtCreateEvent

0x001E

 

 

 

 

34

NtCreateEventPair

0x001F

 

 

N/A

N/A

35

NtCreateFile

0x0020

 

 

 

 

36

NtCreateloCompletion

0x0021

 

 

N/A

N/A

37

NtCreateJobObject

0x0022

 

 

N/A

N/A

38

NtCreateKey

0x0023

 

 

N/A

 

39

NtCreateMailslotFile

0x0024

 

 

N/A

N/A

40

NtCreateMutant

0x0025

 

 

N/A

N/A

41

NtCreateNamedPipeFile

0x0026

 

 

N/A

N/A

42

NtCreatePagingFile

0x0027

 

 

N/A

N/A

43

NtCreatePort

0x0028

 

 

N/A

N/A

44

NtCreateProcess

0x0029

 

 

N/A

N/A

45

NtCreateProfile

0x002A

 

 

N/A

N/A

46

NtCreateSection

0x002B

 

 

 

 

47

NtCreateSemaphore

0x002C

 

 

N/A

N/A

48

NtCreateSymbolicLinkObject

0x002D

 

 

N/A

 

49

NtCreateThread

0x002E

 

 

N/A

N/A

50

NtCreateTimer

0x002F

 

 

N/A

 

51

NtCreateToken

0x0030

 

 

N/A

N/A

52

NtCreateWaitablePort

0x0031

 

 

N/A

N/A

53

NtCurrentTeb

N/A

 

N/A

N/A

N/A

54

NtDelayExecution

0x0032

 

 

N/A

N/A

55

NtDeleteAtom

0x0033

 

 

 

N/A

56

NtDeleteFile

0x0034

 

 

 

 

57

NtDeleteKey

0x0035

 

 

N/A

 

58

NtDeleteObjectAuditAlarm

0x0036

 

 

N/A

N/A

59

NtDeleteValueKey

0x0037

 

 

N/A

 

60

NtDeviceloControlFile

0x0038

 

 

 

 

61

NtDisplayString

0x0039

 

 

N/A

 

62

NtDuplicateObject

0x003A

 

 

 

 

63

NtDuplicateToken

0x003B

 

 

 

 

64

NtEnumerateKey

0x003C

 

 

N/A

 

65

NtEnumerateValueKey

0x003D

 

 

N/A

 

66

NtExtendSection

0x003E

 

 

N/A

N/A

67

NtFilterToken

0x003F

 

 

N/A

N/A

68

NtFindAtom

0x0040

 

 

 

N/A

69

NtFlushBuffersFile

0x0041

 

 

N/A

N/A

70

NtFlushlnstructionCache

0x0042

 

 

N/A

 

71

NtFlushKey

0x0043

 

 

N/A

 

72

NtFlushVirtualMemory

0x0044

 

 

N/A

 

73

NtFlushWriteBuffer

0x0045

 

 

N/A

N/A

74

NtFreeUserPhysicalPages

0x0046

 

 

N/A

N/A

75

NtFreeVirtualMemory

0x0047

 

 

 

 

76

NtFsControlFile

0x0048

 

 

 

 

77

NtGetContextThread

0x0049

 

 

N/A

N/A

78

NtGetDevicePowerState

0x004A

 

 

N/A

N/A

79

NtGetPlugPlayEvent

0x004B

 

 

N/A

N/A

80

NtGetTickCount

0x004C

 

 

N/A

N/A

81

NtGetWriteWatch

0x004D

 

 

N/A

N/A

82

NtGlobalFlag

N/A

N/A

N/A

 

N/A

83

NtlmpersonateAnonymousToken

0x004E

 

 

N/A

N/A

84

NtlmpersonateClientOfPort

0x004F

 

 

N/A

N/A

85

NtlmpersonateThread

0x0050

 

 

N/A

N/A

86

NtlnitializeRegistry

0x0051

 

 

N/A

N/A

87

NtlnitiatePowerAction

0x0052

 

 

N/A

 

88

NtlsSystemResumeAutomatic

0x0053

 

 

N/A

N/A

89

NtListenChannel

0x00F2

 

 

N/A

N/A

90

NtListenPort

0x0054

 

 

N/A

N/A

91

NtLoadDriver

0x0055

 

 

N/A

 

92

NtLoadKey

0x0056

 

 

N/A

 

93

NtLoadKey2

0x0057

 

 

N/A

N/A

94

NtLockFile

0x0058

 

 

 

N/A

95

NtLockVirtualMemory

0x0059

 

 

N/A

N/A

96

NtMakeTemporaryObject

0x005A

 

 

N/A

 

97

NtMapUserPhysicalPages

0x005B

 

 

N/A

N/A

98

NtMapUserPhysicalPagesScatter

0x005C

 

 

N/A

N/A

99

NtMapViewOf Section

0x005D

 

 

 

 

100

NtNotifyChangeDirectoryFile

0x005E

 

 

 

N/A

101

NtNotifyChangeKey

0x005F

 

 

N/A

 

102

NtNotifyChangeMultipleKeys

0x0060

 

 

N/A

N/A

103

NtOpenChannel

0x00F3

 

 

N/A

N/A

104

NtOpenDirectoryObject

0x0061

 

 

N/A

 

105

NtOpenEvent

0x0062

 

 

N/A

 

106

NtOpenEventPair

0x0063

 

 

N/A

N/A

107

NtOpenFile

0x0064

 

 

 

 

108

NtOpenloCompletion

0x0065

 

 

N/A

N/A

109

NtOpenJobObject

0x0066

 

 

N/A

N/A

110

NtOpenKey

0x0067

 

 

N/A

 

111

NtOpenMutant

0x0068

 

 

N/A

N/A

112

NtOpenObjectAuditAlarm

0x0069

 

 

N/A

N/A

113

NtOpenProcess

0x006A

 

 

 

 

114

NtOpenProcessToken

0x006B

 

 

 

 

115

NtOpenSection

0x006C

 

 

N/A

 

116

NtOpenSemaphore

0x006D

 

 

N/A

N/A

117

NtOpenSymbolicLinkObject

0x006E

 

 

N/A

 

118

NtOpenThread

0x006F

 

 

N/A

 

119

NtOpenThreadToken

0x0070

 

 

N/A

 

120

NtOpenTimer

0x0071

 

 

N/A

 

121

NtPlugPlayControl

0x0072

 

 

N/A

N/A

122

NtPowerlnformation

0x0073

 

 

N/A

 

123

NtPrivilegeCheck

0x0074

 

 

N/A

N/A

124

NtPrivilegedServiceAuditAlarm

0x0075

 

 

N/A

N/A

125

NtPrivilegeObjectAuditAlarm

0x0076

 

 

N/A

N/A

126

NtProtectVirtualMemory

0x0077

 

 

N/A

N/A

127

NtPulseEvent

0x0078

 

 

N/A

 

128

NtQueryAttributesFile

0x007A

 

 

N/A

N/A

129

NtQueryDefaultLocale

0x007B

 

 

N/A

 

130

NtQueryDefaultUILanguage

0x007C

 

 

N/A

 

131

NtQueryDirectoryFile

0x007D

 

 

 

 

132

NtQueryDirectoryObject

0x007E

 

 

N/A

 

133

NtQueryEaFile

0x007F

 

 

 

 

134

NtQueryEvent

0x0080

 

 

N/A

N/A

135

NtQueryFullAttributesFile

0x0081

 

 

N/A

N/A

136

NtQuerylnformationAtom

0x0079

 

 

 

N/A

137

NtQuerylnformationFile

0x0082

 

 

 

 

138

NtQuerylnformationJobObject

0x0083

 

 

N/A

N/A

139

NtQuerylnformationPort

0x0085

 

 

N/A

N/A

140

NtQuerylnformationProcess

0x0086

 

 

 

 

141

NtQuerylnformationThread

0x0087

 

 

N/A

N/A

142

NtQuerylnformationToken

0x0088

 

 

 

 

143

NtQuerylnstallUILanguage

0x0089

 

 

N/A

 

144

NtQuerylntervalProfile

0x008A

 

 

N/A

N/A

145

NtQueryIoCompletion

0x0084

 

 

N/A

N/A

146

NtQueryKey

0x008B

 

 

N/A

 

147

NtQueryMultipleValueKey

0x008C

 

 

N/A

N/A

148

NtQueryMutant

0x008D

 

 

N/A

N/A

149

NtQueryObject

0x008E

 

 

N/A

 

150

NtQueryOpenSubKeys

0x008F

 

 

N/A

N/A

151

NtQueryPerformanceCounter

0x0090

 

 

N/A

N/A

152

NtQueryQuotalnformationFile

0x0091

 

 

 

N/A

153

NtQuerySection

0x0092

 

 

N/A

 

154

NtQuerySecurityObject

0x0093

 

 

 

 

156

NtQuerySemaphore

0x0094

 

 

N/A

N/A

157

NtQuerySymbolicLinkObject

0x0095

 

 

N/A

 

158

NtQuerySystemEnvironment Value

0x0096

 

 

N/A

N/A

159

NtQuerySystemlnformation

0x0097

 

 

 

 

160

NtQuerySystemTime

0x0098

 

 

N/A

N/A

161

NtQuery Timer

0x0099

 

 

N/A

N/A

162

NtQueryTimerResolution

0x009A

 

 

N/A

N/A

163

NtQueryValueKey

0x009B

 

 

N/A

 

164

NtQuery VirtualMemory

0x009C

 

 

N/A

N/A

165

NtQuery VolumelnformationFile

0x009D

 

 

 

 

166

NtQueueApcThread

0x009E

 

 

N/A

N/A

167

NtRaiseException

0x009F

 

 

N/A

N/A

168

NtRaiseHardError

0x00A0

 

 

N/A

N/A

169

NtReadFile

0x00Al

 

 

 

 

170

NtReadFileScatter

0x00A2

 

 

N/A

N/A

171

NtReadRequestData

0x00A3

 

 

N/A

N/A

172

NtReadVirtualMemory

0x00A4

 

 

N/A

N/A

173

NtRegisterThreadTerminatePort

0x00A5

 

 

N/A

N/A

174

NtReleaseMutant

0x00A6

 

 

N/A

N/A

175

NtReleaseSemaphore

0x00A7

 

 

N/A

N/A

176

NtRemoveloCompletion

0x00A8

 

 

N/A

N/A

177

NtReplaceKey

0x00A9

 

 

N/A

 

178

NtReplyPort

0x00AA

 

 

N/A

N/A

179

NtReplyWaitReceivePort

0x00AB

 

 

N/A

N/A

180

NtReplyWaitReceivePortEx

0x00AC

 

 

N/A

N/A

181

NtReplyWaitReplyPort

0x00AD

 

 

N/A

N/A

182

NtReplyWaitSendChannel

0x00F4

 

 

N/A

N/A

183

NtRequestDeviceWakeup

0x00AE

 

 

N/A

N/A

184

NtRequestPort

0x00AF

 

 

 

N/A

185

NtRequestWaitReplyPort

0x00B0

 

 

 

 

186

NtRequestWakeupLatency

0x00Bl

 

 

N/A

N/A

187

NtResetEvent

0x00B2

 

 

N/A

 

188

NtResetWriteWatch

0x00B3

 

 

N/A

N/A

189

NtRestoreKey

0x00B4

 

 

N/A

 

190

NtResumeThread

0x00B5

 

 

N/A

N/A

191

NtSaveKey

0x00B6

 

 

N/A

 

192

NtSaveMergedKeys

0x00B7

 

 

N/A

N/A

193

NtSecureConnectPort

0x00B8

 

 

N/A

N/A

194

NtSendWaitReplyChannel

0x00F5

 

 

N/A

N/A

195

NtSetContextChannel

0x00F6

 

 

N/A

N/A

196

NtSetContextThread

0x00BA

 

 

N/A

N/A

197

NtSetDefaultHardErrorPort

0x00BB

 

 

N/A

N/A

198

NtSetDefaultLocale

0x00BC

 

 

N/A

 

199

NtSetDefaultUILanguage

0x00BD

 

 

N/A

 

200

NtSetEaFile

0x00BE

 

 

 

 

201

NtSetEvent

0x00BF

 

 

 

 

202

NtSetHighEventPair

0x00C0

 

 

N/A

N/A

203

NtSetHighWaitLowEventPair

0x00Cl

 

 

N/A

N/A

204

NtSetlnformationFile

0x00C2

 

 

 

 

205

NtSetlnformationJobObject

0x00C3

 

 

N/A

N/A

206

NtSetlnformationKey

0x00C4

 

 

N/A

N/A

207

NtSetlnformationObject

0x00C5

 

 

N/A

 

208

NtSetlnformationProcess

0x00C6

 

 

 

 

209

NtSetlnformationThread

0x00c7

 

 

 

 

210

NtSetlnformationToken

0x00C8

 

 

N/A

N/A

211

NtSetlntervalProfile

0x00C9

 

 

N/A

N/A

212

NtSetloCompletion

0x00B9

 

 

N/A

N/A

213

NtSetLdtEntries

0x00CA

 

 

N/A

N/A

214

NtSetLowEventPair

0x00CB

 

 

N/A

N/A

215

NtSetLowWaitHighEventPair

0x00CC

 

 

N/A

N/A

216

NtSetQuotalnformationFile

0x00CD

 

 

 

N/A

217

NtSetSecurityObject

0x00CE

 

 

 

 

218

NtSetSystemEnvironment Value

0x00CF

 

 

N/A

N/A

219

NtSetSystemlnformation

0x00D0

 

 

N/A

 

220

NtSetSystemPowerState

0x00Dl

 

 

N/A

N/A

221

NtSetSystemTime

0x00D2

 

 

N/A

 

222

NtSetThreadExecutionState

0x00D3

 

 

N/A

N/A

223

NtSetTimer

0x00D4

 

 

N/A

 

224

NtSetTimerResolution

0x00D5

 

 

N/A

N/A

225

NtSetUuidSeed

0x00D6

 

 

N/A

N/A

226

NtSetValueKey

0x00D7

 

 

N/A

 

227

NtSetVolumelnformationFile

0x00D8

 

 

 

 

228

NtShutdownSystem

0x00D9

 

 

N/A

N/A

229

NtSignalAndWaitForSingleObject

0x00DA

 

 

N/A

N/A

230

NtStartProfile

0x00DB

 

 

N/A

N/A

231

NtStopProfile

0x00DC

 

 

N/A

N/A

232

NtSuspendThread

0x00DD

 

 

N/A

N/A

233

NtSystemDebugControl

0x00DE

 

 

N/A

N/A

234

NtTerminateJobObject

0x00DF

 

 

N/A

N/A

235

NtTerminateProcess

0x00E0

 

 

N/A

 

236

NtTerminateThread

0x00El

 

 

N/A

N/A

237

NtTestAlert

0x00E2

 

 

N/A

N/A

238

NtUnloadDriver

0x00E3

 

 

N/A

 

239

NtUnloadKey

0x00E4

 

 

N/A

 

240

NtUnlockFile

0x00E5

 

 

 

N/A

241

NtUnlockVirtualMemory

0x00E6

 

 

N/A

N/A

242

NtUnmapViewOfSection

0x00E7

 

 

N/A

 

243

NtVdmControl

0x00E8

 

 

 

N/A

244

NtWaitForMultipleObjects

0x00E9

 

 

N/A

 

245

NtWaitForSingleObject

0x00EA

 

 

 

 

246

NtWaitHighEventPair

0x00EB

 

 

N/A

N/A

247

NtWaitLowEventPair

0x00EC

 

 

N/A

N/A

248

NtWriteFile

0x00ED

 

 

 

 

249

NtWriteFileGather

0x00EE

 

 

N/A

N/A

250

NtWriteRequestData

0x00EF

 

 

N/A

N/A

251

NtWriteVirtualMemory

0x00F0

 

 

N/A

N/A

252

NtYieldExecution

0x00F7

 

 

N/A

 

 

 

 

 

 

上一篇: 一道物理题
下一篇: 试验