首页  编辑  

一些未公开WinNT API(NTDLL.DLL)

Tags: /超级猛料/API.Windows应用程序接口/未公开的API/   Date Created:

NTSTATUS (__stdcall *NtUnmapViewOfSection)( IN HANDLE  ProcessHandle,  IN PVOID BaseAddress);

NTSTATUS (__stdcall *NtOpenSection)( OUT PHANDLE  SectionHandle,IN ACCESS_MASK DesiredAccess,IN POBJECT_ATTRIBUTES  ObjectAttributes);

NTSTATUS (__stdcall *NtMapViewOfSection)(  IN HANDLE  SectionHandle,IN HANDLE ProcessHandle,IN OUT PVOID  *BaseAddress,IN ULONG  ZeroBits,IN ULONG  CommitSize,IN OUT PLARGE_INTEGER  SectionOffset,IN OUT PULONG  ViewSize,IN SECTION_INHERIT  InheritDisposition,IN ULONG  AllocationType,IN ULONG  Protect);

VOID (__stdcall *RtlInitUnicodeString)( IN OUT PUNICODE_STRING DestinationString,IN PCWSTR SourceString);

ULONG (__stdcall *RtlNtStatusToDosError) ( IN NTSTATUS Status );

And here's what my attempt at converting:

   TNTUnmapViewOfSection=function( ProcessHandle:integer;BaseAddress:PVOID):NTSTATUS; stdcall;

   TNTOpenSection=  function( SectionHandle:PHANDLE; DesiredAccess:ACCESS_MASK;ObjectAttributes:

POBJECT_ATTRIBUTES):NTSTATUS; stdcall;

   TNTMapViewOfSection=  function(SectionHandle:THandle;ProcessHandle:Integer;                                    var BaseAddress:PVOID;  ZeroBits:ULONG;CommitSize:ULONG;var SectionOffset:Large_Integer;var ViewSize:PULONG;InheritDisposition:SECTION_INHERIT;AllocationType: ULONG;  Protect:ULONG):NTSTATUS; stdcall;

   TRtlInitUnicodeString= procedure( var DestinationString:PUNICODE_STRING;SourceString:PWideChar); stdcall;

   TRtlNtStatusToDosError=function(var Status:NTSTATUS):ULong; stdcall;