Interface NtDll

    • Field Detail

      • INSTANCE

        static final NtDll INSTANCE
    • Method Detail

      • ZwQueryKey

        int ZwQueryKey​(WinNT.HANDLE KeyHandle,
                       int KeyInformationClass,
                       Structure KeyInformation,
                       int Length,
                       IntByReference ResultLength)
        The ZwQueryKey routine provides information about the class of a registry key, and the number and sizes of its subkeys.
        Parameters:
        KeyHandle - Handle to the registry key to obtain information about. This handle is created by a successful call to ZwCreateKey or ZwOpenKey.
        KeyInformationClass - Specifies a KEY_INFORMATION_CLASS value that determines the type of information returned in the KeyInformation buffer.
        KeyInformation - Pointer to a caller-allocated buffer that receives the requested information.
        Length - Specifies the size, in bytes, of the KeyInformation buffer.
        ResultLength - Pointer to a variable that receives the size, in bytes, of the requested key information. If ZwQueryKey returns STATUS_SUCCESS, the variable contains the amount of data returned. If ZwQueryKey returns STATUS_BUFFER_OVERFLOW or STATUS_BUFFER_TOO_SMALL, you can use the value of the variable to determine the required buffer size.
        Returns:
        ZwQueryKey returns STATUS_SUCCESS on success, or the appropriate error code on failure.
      • NtSetSecurityObject

        int NtSetSecurityObject​(WinNT.HANDLE handle,
                                int SecurityInformation,
                                Pointer pSecurityDescriptor)
        The NtSetSecurityObject routine sets an object's security state.
        Parameters:
        handle - [in] Handle for the object whose security state is to be set. This handle must have the access specified in the Meaning column of the table shown in the description of the SecurityInformation parameter.
        SecurityInformation - [in] SECURITY_INFORMATION value specifying the information to be set. Can be a combination of one or more of the following: DACL_SECURITY_INFORMATION Indicates the discretionary access control list (DACL) of the object is to be set. Requires WRITE_DAC access. GROUP_SECURITY_INFORMATION Indicates the primary group identifier of the object is to be set. Requires WRITE_OWNER access. OWNER_SECURITY_INFORMATION Indicates the owner identifier of the object is to be set. Requires WRITE_OWNER access. SACL_SECURITY_INFORMATION Indicates the system ACL (SACL) of the object is to be set. Requires ACCESS_SYSTEM_SECURITY access.
        pSecurityDescriptor - [in] Pointer to the security descriptor to be set for the object.
        Returns:
        NtSetSecurityObject returns STATUS_SUCCESS or an appropriate error status.
      • NtQuerySecurityObject

        int NtQuerySecurityObject​(WinNT.HANDLE handle,
                                  int SecurityInformation,
                                  Pointer SecurityDescriptor,
                                  int Length,
                                  IntByReference LengthNeeded)
        The NtQuerySecurityObject routine retrieves a copy of an object's security descriptor.
        Parameters:
        handle - [in] Handle for the object whose security descriptor is to be queried. This handle must have the access specified in the Meaning column of the table shown in the description of the SecurityInformation parameter.
        SecurityInformation - [in] Pointer to a SECURITY_INFORMATION value specifying the information to be queried. Can be a combination of one or more of the following: DACL_SECURITY_INFORMATION Indicates the discretionary access control list (DACL) of the object is to be set. Requires WRITE_DAC access. GROUP_SECURITY_INFORMATION Indicates the primary group identifier of the object is to be set. Requires WRITE_OWNER access. OWNER_SECURITY_INFORMATION Indicates the owner identifier of the object is to be set. Requires WRITE_OWNER access. SACL_SECURITY_INFORMATION Indicates the system ACL (SACL) of the object is to be set. Requires ACCESS_SYSTEM_SECURITY access.
        SecurityDescriptor - [out] Pointer to the security descriptor to be set for the object.
        Length - [in] Size, in bytes, of the buffer pointed to by SecurityDescriptor.
        LengthNeeded - [in] Pointer to a caller-allocated variable that receives the number of bytes required to store the copied security descriptor.
        Returns:
        NtQuerySecurityObject returns STATUS_SUCCESS or an appropriate error status.
      • RtlNtStatusToDosError

        int RtlNtStatusToDosError​(int Status)
        Converts the specified NTSTATUS code to its equivalent system error code.
        Parameters:
        Status - [in] The NTSTATUS code to be converted.
        Returns:
        The function returns the corresponding system error code. ERROR_MR_MID_NOT_FOUND is returned when the specified NTSTATUS code does not have a corresponding system error code.