C# (CSharp) NtApiDotNet NtType.GetTypeByIndex 예제들

예제 #1

 internal NtHandle(int process_id, ProcessHandleTableEntryInfo entry, bool allow_query)
 {
     ProcessId     = process_id;
     NtType        = NtType.GetTypeByIndex(entry.ObjectTypeIndex);
     Attributes    = entry.HandleAttributes;
     Handle        = entry.HandleValue.ToInt32();
     GrantedAccess = entry.GrantedAccess;
     _allow_query  = allow_query;
 }

예제 #2

파일: NtHandle.cs 프로젝트: yilu1021/sandbox-attacksurface-analysis-tools

 internal NtHandle(int process_id, ProcessHandleTableEntryInfo entry, bool allow_query, bool force_file_query, string process_image_path)
 {
     ProcessId         = process_id;
     NtType            = NtType.GetTypeByIndex(entry.ObjectTypeIndex);
     Attributes        = entry.HandleAttributes;
     Handle            = entry.HandleValue.ToInt32();
     GrantedAccess     = entry.GrantedAccess;
     _allow_query      = allow_query;
     _force_file_query = force_file_query;
     ProcessImagePath  = process_image_path;
 }

예제 #3

파일: NtSystemInfo.cs 프로젝트: zenhumany/sandbox-attacksurface-analysis-tools

        internal NtHandle(SystemHandleTableInfoEntry entry, bool allow_query)
        {
            ProcessId = entry.UniqueProcessId;
            NtType info = NtType.GetTypeByIndex(entry.ObjectTypeIndex);

            if (info != null)
            {
                NtType = info;
            }

            Attributes    = (AttributeFlags)entry.HandleAttributes;
            Handle        = entry.HandleValue;
            Object        = entry.Object.ToUInt64();
            GrantedAccess = (GenericAccessRights)entry.GrantedAccess;
            _allow_query  = allow_query;
        }

예제 #4

파일: NtHandle.cs 프로젝트: mediabuff/sandbox-attacksurface-analysis-tools

        internal NtHandle(SystemHandleTableInfoEntryEx entry, bool allow_query, bool force_file_query)
        {
            ProcessId = entry.UniqueProcessId.ToInt32();
            NtType info = NtType.GetTypeByIndex(entry.ObjectTypeIndex);

            if (info != null)
            {
                NtType = info;
            }

            Attributes        = (AttributeFlags)entry.HandleAttributes;
            Handle            = entry.HandleValue.ToInt32();
            Object            = entry.Object.ToUInt64();
            GrantedAccess     = entry.GrantedAccess;
            _allow_query      = allow_query;
            _force_file_query = force_file_query;
        }

예제 #5

파일: NtSystemInfo.cs 프로젝트: vysecurity/sandbox-attacksurface-analysis-tools

        internal NtHandle(SystemHandleTableInfoEntry entry, bool allow_query)
        {
            ProcessId = entry.UniqueProcessId;
            NtType info = NtType.GetTypeByIndex(entry.ObjectTypeIndex);

            if (info != null)
            {
                ObjectType = info.Name;
            }
            else
            {
                ObjectType = String.Format("Unknown {0}", entry.ObjectTypeIndex);
            }
            Attributes    = (AttributeFlags)entry.HandleAttributes;
            Handle        = entry.HandleValue;
            Object        = (ulong)entry.Object.ToInt64();
            GrantedAccess = entry.GrantedAccess;
            _allow_query  = allow_query;
        }