Home       Trees       Indices       Help   
WinAppDbg - Programming Reference
Package winappdbg :: Package win32 :: Module kernel32
[hide private]
[frames] | no frames]

Module kernel32

source code

Wrapper for kernel32.dll in ctypes.

Classes [hide private]
  SYSTEM_INFO
  LPVS_FIXEDFILEINFO
  OSVERSIONINFOW
  OSVERSIONINFOA
  POSVERSIONINFOEXA
  POSVERSIONINFOEXW
  PVS_FIXEDFILEINFO
  LPSYSTEM_INFO
  POSVERSIONINFOA
  POSVERSIONINFOW
  LPOSVERSIONINFOA
  LPOSVERSIONINFOW
  LPOSVERSIONINFOEXW
  LPOSVERSIONINFOEXA
  OSVERSIONINFOEXW
  OSVERSIONINFOEXA
  FLOATING_SAVE_AREA
  PCONTEXT
  CONTEXT
  LDT_ENTRY
  LPCONTEXT
  PFLOATING_SAVE_AREA
  PLDT_ENTRY
  LPFLOATING_SAVE_AREA
  Context
Register context dictionary for the i386 architecture.
  LPLDT_ENTRY
  Handle
Encapsulates Win32 handles to avoid leaking them.
  UserModeHandle
Base class for non-kernel handles.
  ProcessHandle
Win32 process handle.
  ThreadHandle
Win32 thread handle.
  FileHandle
Win32 file handle.
  FileMappingHandle
File mapping handle.
  SnapshotHandle
Toolhelp32 snapshot handle.
  ProcessInformation
Process information object returned by CreateProcess.
  MemoryBasicInformation
Memory information object returned by VirtualQueryEx.
  ProcThreadAttributeList
Extended process and thread attribute support.
  _OVERLAPPED_STRUCT
  _OVERLAPPED_UNION
  OVERLAPPED
  LPOVERLAPPED
  SECURITY_ATTRIBUTES
  LPSECURITY_ATTRIBUTES
  PPROC_THREAD_ATTRIBUTE_LIST
  LPPROC_THREAD_ATTRIBUTE_LIST
  VS_FIXEDFILEINFO
  THREADNAME_INFO
  MEMORY_BASIC_INFORMATION32
  MEMORY_BASIC_INFORMATION64
  MEMORY_BASIC_INFORMATION
  PMEMORY_BASIC_INFORMATION
  FILETIME
  LPFILETIME
  SYSTEMTIME
  LPSYSTEMTIME
  BY_HANDLE_FILE_INFORMATION
  LPBY_HANDLE_FILE_INFORMATION
  FILE_INFO_BY_HANDLE_CLASS
  PROCESS_INFORMATION
  LPPROCESS_INFORMATION
  STARTUPINFO
  LPSTARTUPINFO
  STARTUPINFOEX
  LPSTARTUPINFOEX
  STARTUPINFOW
  LPSTARTUPINFOW
  STARTUPINFOEXW
  LPSTARTUPINFOEXW
  JIT_DEBUG_INFO
  JIT_DEBUG_INFO32
  JIT_DEBUG_INFO64
  LPJIT_DEBUG_INFO
  LPJIT_DEBUG_INFO32
  LPJIT_DEBUG_INFO64
  EXCEPTION_RECORD32
  PEXCEPTION_RECORD32
  EXCEPTION_RECORD64
  PEXCEPTION_RECORD64
  EXCEPTION_RECORD
  PEXCEPTION_RECORD
  EXCEPTION_DEBUG_INFO
  CREATE_THREAD_DEBUG_INFO
  CREATE_PROCESS_DEBUG_INFO
  EXIT_THREAD_DEBUG_INFO
  EXIT_PROCESS_DEBUG_INFO
  LOAD_DLL_DEBUG_INFO
  UNLOAD_DLL_DEBUG_INFO
  OUTPUT_DEBUG_STRING_INFO
  RIP_INFO
  _DEBUG_EVENT_UNION_
  DEBUG_EVENT
  LPDEBUG_EVENT
  _CHAR_INFO_CHAR
  CHAR_INFO
  PCHAR_INFO
  COORD
  PCOORD
  SMALL_RECT
  PSMALL_RECT
  CONSOLE_SCREEN_BUFFER_INFO
  PCONSOLE_SCREEN_BUFFER_INFO
  THREADENTRY32
  LPTHREADENTRY32
  PROCESSENTRY32
  LPPROCESSENTRY32
  MODULEENTRY32
  LPMODULEENTRY32
  HEAPENTRY32
  LPHEAPENTRY32
  HEAPLIST32
  LPHEAPLIST32
  PHANDLER_ROUTINE
Functions [hide private]
 
VerQueryValueW(pBlock, lpSubBlock) source code
 
VerQueryValueA(pBlock, lpSubBlock) source code
 
GetSystemInfo() source code
 
GetCurrentThread() source code
 
VerifyVersionInfoA(lpVersionInfo, dwTypeMask, dwlConditionMask) source code
 
VerifyVersionInfo(lpVersionInfo, dwTypeMask, dwlConditionMask) source code
 
VerifyVersionInfoW(lpVersionInfo, dwTypeMask, dwlConditionMask) source code
 
GetSystemMetrics(nIndex) source code
 
GetNativeSystemInfo() source code
 
GetFileVersionInfoW(lptstrFilename) source code
 
GetLargePageMinimum() source code
 
IsWow64Process(hProcess) source code
 
VerSetConditionMask(dwlConditionMask, dwTypeBitMask, dwConditionMask) source code
 
GetCurrentProcess() source code
 
GetVersion() source code
 
GetVersionExW() source code
 
GetVersionExA() source code
 
GetFileVersionInfoA(lptstrFilename) source code
 
GetProductInfo(dwOSMajorVersion, dwOSMinorVersion, dwSpMajorVersion, dwSpMinorVersion) source code
 
RaiseIfLastError(result, func=None, arguments=())
Error checking for Win32 API calls with no error-specific return value.		 source code
 
GetThreadContext(hThread, ContextFlags=None, raw=False) source code
 
SetThreadContext(hThread, lpContext) source code
 
GetThreadSelectorEntry(hThread, dwSelector) source code
 
GetLastError() source code
 
SetLastError(dwErrCode) source code
 
GetErrorMode() source code
 
SetErrorMode(uMode) source code
 
GetThreadErrorMode() source code
 
SetThreadErrorMode(dwNewMode) source code
 
CloseHandle(hHandle) source code
 
DuplicateHandle(hSourceHandle, hSourceProcessHandle=None, hTargetProcessHandle=None, dwDesiredAccess=2031616, bInheritHandle=False, dwOptions=2) source code
 
LocalFree(hMem) source code
 
GetStdHandle(nStdHandle) source code
 
GetConsoleCP() source code
 
GetConsoleOutputCP() source code
 
SetConsoleCP(wCodePageID) source code
 
SetConsoleOutputCP(wCodePageID) source code
 
SetConsoleActiveScreenBuffer(hConsoleOutput=None) source code
 
GetConsoleScreenBufferInfo(hConsoleOutput=None) source code
 
SetConsoleWindowInfo(hConsoleOutput, bAbsolute, lpConsoleWindow) source code
 
SetConsoleTextAttribute(hConsoleOutput=None, wAttributes=0) source code
 
AllocConsole() source code
 
AttachConsole(dwProcessId=4294967295) source code
 
FreeConsole() source code
 
GetDllDirectoryA() source code
 
GetDllDirectoryW() source code
 
SetDllDirectoryA(lpPathName=None) source code
 
SetDllDirectoryW(lpPathName) source code
 
LoadLibraryA(pszLibrary) source code
 
LoadLibraryW(pszLibrary) source code
 
LoadLibraryExA(pszLibrary, dwFlags=0) source code
 
LoadLibraryExW(pszLibrary, dwFlags=0) source code
 
GetModuleHandleA(lpModuleName) source code
 
GetModuleHandleW(lpModuleName) source code
 
GetProcAddressA(hModule, lpProcName) source code
 
GetProcAddressW(*argv, **argd) source code
 
FreeLibrary(hModule) source code
 
RtlPcToFileHeader(PcValue) source code
 
GetHandleInformation(hObject) source code
 
SetHandleInformation(hObject, dwMask, dwFlags) source code
 
QueryFullProcessImageNameA(hProcess, dwFlags=0) source code
 
QueryFullProcessImageNameW(hProcess, dwFlags=0) source code
 
GetLogicalDriveStringsA() source code
 
GetLogicalDriveStringsW() source code
 
QueryDosDeviceA(lpDeviceName=None) source code
 
QueryDosDeviceW(lpDeviceName) source code
 
MapViewOfFile(hFileMappingObject, dwDesiredAccess=983103, dwFileOffsetHigh=0, dwFileOffsetLow=0, dwNumberOfBytesToMap=0) source code
 
UnmapViewOfFile(lpBaseAddress) source code
 
OpenFileMappingA(dwDesiredAccess, bInheritHandle, lpName) source code
 
OpenFileMappingW(dwDesiredAccess, bInheritHandle, lpName) source code
 
CreateFileMappingA(hFile, lpAttributes=None, flProtect=64, dwMaximumSizeHigh=0, dwMaximumSizeLow=0, lpName=None) source code
 
CreateFileMappingW(hFile, lpAttributes=None, flProtect=64, dwMaximumSizeHigh=0, dwMaximumSizeLow=0, lpName=None) source code
 
CreateFileA(lpFileName, dwDesiredAccess=268435456, dwShareMode=0, lpSecurityAttributes=None, dwCreationDisposition=4, dwFlagsAndAttributes=128, hTemplateFile=None) source code
 
CreateFileW(lpFileName, dwDesiredAccess=268435456, dwShareMode=0, lpSecurityAttributes=None, dwCreationDisposition=4, dwFlagsAndAttributes=128, hTemplateFile=None) source code
 
FlushFileBuffers(hFile) source code
 
FlushViewOfFile(lpBaseAddress, dwNumberOfBytesToFlush=0) source code
 
SearchPathA(lpPath, lpFileName, lpExtension) source code
 
SearchPathW(lpPath, lpFileName, lpExtension) source code
 
SetSearchPathMode(Flags) source code
 
DeviceIoControl(hDevice, dwIoControlCode, lpInBuffer, nInBufferSize, lpOutBuffer, nOutBufferSize, lpOverlapped) source code
 
GetFileInformationByHandle(hFile) source code
 
GetFileInformationByHandleEx(hFile, FileInformationClass, lpFileInformation, dwBufferSize) source code
 
GetFinalPathNameByHandleA(hFile, dwFlags=0) source code
 
GetFinalPathNameByHandleW(hFile, dwFlags=0) source code
 
GetFullPathNameA(lpFileName) source code
 
GetFullPathNameW(lpFileName) source code
 
GetTempPathA() source code
 
GetTempPathW() source code
 
GetTempFileNameA(lpPathName=None, lpPrefixString='TMP', uUnique=0) source code
 
GetTempFileNameW(lpPathName=None, lpPrefixString=u'TMP', uUnique=0) source code
 
GetCurrentDirectoryA() source code
 
GetCurrentDirectoryW() source code
 
SetConsoleCtrlHandler(HandlerRoutine=None, Add=True) source code
 
GenerateConsoleCtrlEvent(dwCtrlEvent, dwProcessGroupId) source code
 
WaitForSingleObject(hHandle, dwMilliseconds=-1) source code
 
WaitForSingleObjectEx(hHandle, dwMilliseconds=-1, bAlertable=True) source code
 
WaitForMultipleObjects(handles, bWaitAll=False, dwMilliseconds=-1) source code
 
WaitForMultipleObjectsEx(handles, bWaitAll=False, dwMilliseconds=-1, bAlertable=True) source code
 
CreateMutexA(lpMutexAttributes=None, bInitialOwner=True, lpName=None) source code
 
CreateMutexW(lpMutexAttributes=None, bInitialOwner=True, lpName=None) source code
 
OpenMutexA(dwDesiredAccess=2031617, bInitialOwner=True, lpName=None) source code
 
OpenMutexW(dwDesiredAccess=2031617, bInitialOwner=True, lpName=None) source code
 
CreateEventA(lpMutexAttributes=None, bManualReset=False, bInitialState=False, lpName=None) source code
 
CreateEventW(lpMutexAttributes=None, bManualReset=False, bInitialState=False, lpName=None) source code
 
OpenEventA(dwDesiredAccess=2031619, bInheritHandle=False, lpName=None) source code
 
OpenEventW(dwDesiredAccess=2031619, bInheritHandle=False, lpName=None) source code
 
ReleaseMutex(hMutex) source code
 
SetEvent(hEvent) source code
 
ResetEvent(hEvent) source code
 
PulseEvent(hEvent) source code
 
WaitForDebugEvent(dwMilliseconds=-1) source code
 
ContinueDebugEvent(dwProcessId, dwThreadId, dwContinueStatus=2147549185) source code
 
FlushInstructionCache(hProcess, lpBaseAddress=None, dwSize=0) source code
 
DebugActiveProcess(dwProcessId) source code
 
DebugActiveProcessStop(dwProcessId) source code
 
CheckRemoteDebuggerPresent(hProcess) source code
 
DebugSetProcessKillOnExit(KillOnExit) source code
 
DebugBreakProcess(hProcess) source code
 
OutputDebugStringA(lpOutputString) source code
 
OutputDebugStringW(lpOutputString) source code
 
ReadProcessMemory(hProcess, lpBaseAddress, nSize) source code
 
WriteProcessMemory(hProcess, lpBaseAddress, lpBuffer) source code
 
VirtualAllocEx(hProcess, lpAddress=0, dwSize=4096, flAllocationType=12288, flProtect=64) source code
 
VirtualQueryEx(hProcess, lpAddress) source code
 
VirtualProtectEx(hProcess, lpAddress, dwSize, flNewProtect=64) source code
 
VirtualFreeEx(hProcess, lpAddress, dwSize=0, dwFreeType=32768) source code
 
CreateRemoteThread(hProcess, lpThreadAttributes, dwStackSize, lpStartAddress, lpParameter, dwCreationFlags) source code
 
CreateProcessA(lpApplicationName, lpCommandLine=None, lpProcessAttributes=None, lpThreadAttributes=None, bInheritHandles=False, dwCreationFlags=0, lpEnvironment=None, lpCurrentDirectory=None, lpStartupInfo=None) source code
 
CreateProcessW(lpApplicationName, lpCommandLine=None, lpProcessAttributes=None, lpThreadAttributes=None, bInheritHandles=False, dwCreationFlags=0, lpEnvironment=None, lpCurrentDirectory=None, lpStartupInfo=None) source code
 
InitializeProcThreadAttributeList(dwAttributeCount) source code
 
UpdateProcThreadAttribute(lpAttributeList, Attribute, Value, cbSize=None) source code
 
DeleteProcThreadAttributeList(lpAttributeList) source code
 
OpenProcess(dwDesiredAccess, bInheritHandle, dwProcessId) source code
 
OpenThread(dwDesiredAccess, bInheritHandle, dwThreadId) source code
 
SuspendThread(hThread) source code
 
ResumeThread(hThread) source code
 
TerminateThread(hThread, dwExitCode=0) source code
 
TerminateProcess(hProcess, dwExitCode=0) source code
 
GetCurrentProcessId() source code
 
GetCurrentThreadId() source code
 
GetProcessId(hProcess) source code
 
GetThreadId(hThread) source code
 
GetProcessIdOfThread(hThread) source code
 
GetExitCodeProcess(hProcess) source code
 
GetExitCodeThread(hThread) source code
 
GetProcessVersion(ProcessId) source code
 
GetPriorityClass(hProcess) source code
 
SetPriorityClass(hProcess, dwPriorityClass=32) source code
 
GetProcessPriorityBoost(hProcess) source code
 
SetProcessPriorityBoost(hProcess, DisablePriorityBoost) source code
 
GetProcessAffinityMask(hProcess) source code
 
SetProcessAffinityMask(hProcess, dwProcessAffinityMask) source code
 
CreateToolhelp32Snapshot(dwFlags=15, th32ProcessID=0) source code
 
Process32First(hSnapshot) source code
 
Process32Next(hSnapshot, pe=None) source code
 
Thread32First(hSnapshot) source code
 
Thread32Next(hSnapshot, te=None) source code
 
Module32First(hSnapshot) source code
 
Module32Next(hSnapshot, me=None) source code
 
Heap32First(th32ProcessID, th32HeapID) source code
 
Heap32Next(he) source code
 
Heap32ListFirst(hSnapshot) source code
 
Heap32ListNext(hSnapshot, hl=None) source code
 
Toolhelp32ReadProcessMemory(th32ProcessID, lpBaseAddress, cbRead) source code
 
GetProcessDEPPolicy(hProcess) source code
 
GetCurrentProcessorNumber() source code
 
FlushProcessWriteBuffers() source code
 
GetGuiResources(hProcess, uiFlags=0) source code
 
GetProcessHandleCount(hProcess) source code
 
GetProcessTimes(hProcess=None) source code
 
FileTimeToSystemTime(lpFileTime) source code
 
GetSystemTimeAsFileTime() source code
 
GlobalAddAtomA(lpString) source code
 
GlobalAddAtomW(lpString) source code
 
GlobalFindAtomA(lpString) source code
 
GlobalFindAtomW(lpString) source code
 
GlobalGetAtomNameA(nAtom) source code
 
GlobalGetAtomNameW(nAtom) source code
 
GlobalDeleteAtom(nAtom) source code
 
Wow64SuspendThread(hThread) source code
 
Wow64EnableWow64FsRedirection(Wow64FsEnableRedirection)
This function may not work reliably when there are nested calls.		 source code
 
Wow64DisableWow64FsRedirection() source code
 
Wow64RevertWow64FsRedirection(OldValue) source code
Variables [hide private]
  __revision__ = '$Id: kernel32.py 1299 2013-12-20 09:30:55Z qva...
  SM_CXVIRTUALSCREEN = 78
  SM_CXSCREEN = 0
  VER_LESS = 4
  VOS_DOS_WINDOWS16 = 65537
  SM_STARTER = 88
  SM_IMMENABLED = 82
  VER_SUITE_BLADE = 1024
  PROCESSOR_MOTOROLA_821 = 821
  OS_NT = 'Windows NT'
  OS_W7 = 'Windows 7'
  VER_GREATER = 2
  PROCESSOR_PPC_620 = 620
  SM_CXHSCROLL = 21
  PROCESSOR_ARCHITECTURE_ALPHA = 2
  OS_WINDOWS_2008_64 = 'Windows 2008 (64 bits)'
  VFT_DRV = 3
  VOS__PM32 = 3
  VFT2_DRV_KEYBOARD = 2
  NTDDI_WIN7SP1 = 100729088
  VOS_NT = 262144
  VFT2_DRV_NETWORK = 6
  SM_CYFRAME = 33
  PROCESSOR_INTEL_IA64 = 2200
  SM_CARETBLINKINGENABLED = 8194
  SM_CXMINIMIZED = 57
  NTDDI_WIN2K = 83886080
  OS_WINDOWS_XP = 'Windows XP'
  VS_FF_INFOINFERRED = 16
  PROCESSOR_ALPHA_21064 = 21064
  SM_CXFULLSCREEN = 16
  SM_YVIRTUALSCREEN = 77
  VOS_OS216 = 131072
  VFT2_FONT_TRUETYPE = 3
  ARCH_HITACHI = 'shx'
  VOS_DOS = 65536
  PROCESSOR_ARCHITECTURE_UNKNOWN = 65535
  SM_CYCAPTION = 4
  ARCH_ALPHA64 = 'alpha64'
  NTDDI_WIN8 = 100794368
  NTDDI_WIN7 = 100728832
  OSVERSION_MASK = 4294901760
  SM_CXFOCUSBORDER = 83
  OS_WINDOWS_2008_R2_64 = 'Windows 2008 R2 (64 bits)'
  SM_MEDIACENTER = 87
  SUBVERSION_MASK = 255
  SM_CMOUSEBUTTONS = 43
  SM_CYSMICON = 50
  OS_W2K3R2_64 = 'Windows 2003 R2 (64 bits)'
  OS_SEVEN = 'Windows 7'
  SM_CXDLGFRAME = 7
  OS_W2K3_64 = 'Windows 2003 (64 bits)'
  SM_ARRANGE = 56
  ARCH_ARM64 = 'arm64'
  VS_FF_PRERELEASE = 2
  VFT2_DRV_DISPLAY = 4
  SM_DBCSENABLED = 42
  SM_SWAPBUTTON = 23
  SM_TABLETPC = 86
  VER_SUITE_BACKOFFICE = 4
  VFT2_DRV_INSTALLABLE = 8
  VER_SUITE_WH_SERVER = 32768
  PROCESSOR_ARCHITECTURE_ALPHA64 = 7
  OS_WINDOWS_2003_R2 = 'Windows 2003 R2'
  VFT2_DRV_SOUND = 9
  SM_RESERVED4 = 27
  SM_RESERVED1 = 24
  SM_RESERVED3 = 26
  SM_RESERVED2 = 25
  OS_WINDOWS_2008_R2 = 'Windows 2008 R2'
  VS_FF_DEBUG = 1
  VFT_UNKNOWN = 0
  SM_CXICONSPACING = 38
  VER_SUITE_DATACENTER = 128
  arch = 'amd64'
  PROCESSOR_INTEL_486 = 486
  ARCH_UNKNOWN = 'unknown'
  VFT2_FONT_VECTOR = 2
  SM_CYSMCAPTION = 51
  SM_SAMEDISPLAYFORMAT = 81
  ARCH_SHX = 'shx'
  OS_WINDOWS_XP_64 = 'Windows XP (64 bits)'
  VFT2_DRV_LANGUAGE = 3
  SM_CYMINIMIZED = 58
  PROCESSOR_ARM820 = 2080
  OS_WINDOWS_NT = 'Windows NT'
  VS_FF_SPECIALBUILD = 32
  SM_REMOTESESSION = 4096
  ARCH_POWERPC = 'ppc'
  VOS_DOS_WINDOWS32 = 65540
  SM_CXMAXIMIZED = 61
  PROCESSOR_SHx_SH3 = 103
  PROCESSOR_SHx_SH4 = 104
  VER_LESS_EQUAL = 5
  WINVER = 1537
  VFT2_UNKNOWN = 0
  OS_WINDOWS_2003_64 = 'Windows 2003 (64 bits)'
  SM_MOUSEPRESENT = 19
  OS_XP = 'Windows XP'
  ARCH_MIPS = 'mips'
  PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 = 10
  SM_CYCURSOR = 14
  VER_SUITE_SINGLEUSERTS = 256
  SM_CYKANJIWINDOW = 18
  SM_CXVSCROLL = 2
  VER_OR = 7
  SM_CYVIRTUALSCREEN = 79
  PROCESSOR_ARM_7TDMI = 70001
  SM_SLOWMACHINE = 73
  SM_CYMINTRACK = 35
  OS_W2K8 = 'Windows 2008'
  SM_SHUTTINGDOWN = 8192
  VOS_OS232_PM32 = 196611
  OS_W2K3 = 'Windows 2003'
  SM_CYMAXTRACK = 60
  PROCESSOR_ARCHITECTURE_IA64 = 6
  PROCESSOR_ARM720 = 1824
  VOS_UNKNOWN = 0
  OS_VISTA_64 = 'Windows Vista (64 bits)'
  OS_WINDOWS_VISTA_64 = 'Windows Vista (64 bits)'
  SM_CYFOCUSBORDER = 84
  VFT2_DRV_SYSTEM = 7
  NTDDI_WINXPSP1 = 83951872
  NTDDI_WINXPSP3 = 83952384
  NTDDI_WINXPSP2 = 83952128
  PROCESSOR_HITACHI_SH3 = 10003
  PROCESSOR_OPTIL = 18767
  PROCESSOR_AMD_X8664 = 8664
  SM_CXMENUSIZE = 54
  VFT_STATIC_LIB = 7
  VER_MINORVERSION = 1
  bits = 32
  PROCESSOR_MIPS_R4000 = 4000
  VER_SUITE_SMALLBUSINESS_RESTRICTED = 32
  SM_CYSIZEFRAME = 33
  SM_CYDOUBLECLK = 37
  PROCESSOR_ARCHITECTURE_SHX = 4
  wow64 = True
  VER_PLATFORMID = 8
  VER_NT_WORKSTATION = 1
  SM_CYVSCROLL = 20
  VER_AND = 6
  SM_CXEDGE = 45
  VFT_APP = 1
  NTDDI_WS03SP2 = 84017664
  NTDDI_WS03SP1 = 84017408
  OS_WINDOWS_2003_R2_64 = 'Windows 2003 R2 (64 bits)'
  ARCH_ARM = 'arm'
  SM_REMOTECONTROL = 8193
  SM_CYFIXEDFRAME = 8
  SM_CXMENUCHECK = 71
  SM_NETWORK = 63
  PROCESSOR_ARCHITECTURE_ARM = 5
  VFT2_DRV_MOUSE = 5
  VS_FF_PRIVATEBUILD = 8
  SM_CYSCREEN = 1
  VFT_DLL = 2
  ARCH_IA32 = 'i386'
  SM_CYBORDER = 6
  NTDDI_VERSION = 100729088
  SM_CXSIZE = 30
  OS_W7_64 = 'Windows 7 (64 bits)'
  ARCH_SPARC = 'sparc'
  VER_NT_DOMAIN_CONTROLLER = 2
  ARCH_AARCH32 = 'arm'
  ARCH_T32 = 'thumb'
  ARCH_ALPHA = 'alpha'
  OS_VISTA = 'Windows Vista'
  VER_PLATFORM_WIN32_WINDOWS = 1
  SM_CLEANBOOT = 67
  VOS__PM16 = 2
  VOS__WINDOWS16 = 1
  PROCESSOR_PPC_604 = 604
  PROCESSOR_HITACHI_SH4 = 10005
  PROCESSOR_PPC_601 = 601
  PROCESSOR_PPC_603 = 603
  VFT_FONT = 4
  GetVersionEx = GuessStringType(GetVersionExA, GetVersionExW)
  SM_MIDEASTENABLED = 74
  SM_CXCURSOR = 13
  SM_DEBUG = 22
  SM_CYSMSIZE = 53
  ARCH_X86 = 'i386'
  ARCH_MSIL = 'msil'
  SM_CXBORDER = 5
  SM_CYICONSPACING = 39
  NTDDI_WIN2KSP2 = 83886592
  NTDDI_WIN2KSP3 = 83886848
  NTDDI_WIN2KSP1 = 83886336
  ARCH_X64 = 'amd64'
  NTDDI_WIN2KSP4 = 83887104
  SM_MOUSEWHEELPRESENT = 75
  VER_GREATER_EQUAL = 3
  VER_PLATFORM_WIN32s = 0
  SM_CYICON = 12
  SM_CYDRAG = 69
  SM_CYMINSPACING = 48
  SM_CXMINSPACING = 47
  OS_W2K3R2 = 'Windows 2003 R2'
  SM_SERVERR2 = 89
  SM_CXHTHUMB = 10
  ARCH_AARCH64 = 'arm64'
  VER_SERVICEPACKMAJOR = 32
  SM_CYMENUSIZE = 55
  SM_CXDOUBLECLK = 36
  VFT_RESERVED = 6
  SM_CMETRICS = 93
  ARCH_ITANIUM = 'ia64'
  PROCESSOR_STRONGARM = 2577
  PROCESSOR_ARM920 = 2336
  VER_EQUAL = 1
  VFT_VXD = 5
  VER_SUITE_EMBEDDEDNT = 64
  SM_CXICON = 11
  SM_CMONITORS = 80
  OS_WINDOWS_2008 = 'Windows 2008'
  SM_CXPADDEDBORDER = 92
  OS_WINDOWS_2003 = 'Windows 2003'
  OS_WINDOWS_2000 = 'Windows 2000'
  VS_FF_PATCHED = 4
  SM_MENUDROPALIGNMENT = 40
  SM_CYMIN = 29
  VER_SUITE_ENTERPRISE = 2
  VOS_OS216_PM16 = 131074
  NTDDI_VISTA = 100663296
  SM_CXSIZEFRAME = 32
  NTDDI_LONGHORN = 100663296
  ARCH_THUMB = 'thumb'
  OS_WINDOWS_SEVEN = 'Windows 7'
  SM_CYHSCROLL = 3
  OS_UNKNOWN = 'Unknown'
  SM_CXMAXTRACK = 59
  SM_CXMINTRACK = 34
  SM_CYMENUCHECK = 72
  SM_MOUSEHORIZONTALWHEELPRESENT = 91
  PROCESSOR_INTEL_PENTIUM = 586
  SM_CXDRAG = 68
  VER_SUITE_PERSONAL = 512
  SM_PENWINDOWS = 41
  VER_BUILDNUMBER = 4
  OS_WINDOWS_SEVEN_64 = 'Windows 7 (64 bits)'
  VER_MAJORVERSION = 2
  VER_PLATFORM_WIN32_NT = 2
  SM_SHOWSOUNDS = 70
  SM_CYMAXIMIZED = 62
  VER_NT_SERVER = 3
  SM_CYMENU = 15
  SM_SECURE = 44
  VFT2_DRV_VERSIONED_PRINTER = 12
  PROCESSOR_ARCHITECTURE_MIPS = 1
  ARCH_ARM8 = 'arm64'
  SM_CYVTHUMB = 9
  SM_CXMIN = 28
  ARCH_ARM7 = 'arm'
  NTDDI_WINXP = 83951616
  VFT2_DRV_COMM = 10
  ARCH_PPC = 'ppc'
  VER_SUITE_STORAGE_SERVER = 8192
  OS_W2K8R2_64 = 'Windows 2008 R2 (64 bits)'
  PROCESSOR_ARCHITECTURE_SPARC = 20
  OS_XP_64 = 'Windows XP (64 bits)'
  VFT2_FONT_RASTER = 1
  PROCESSOR_INTEL_386 = 386
  VOS__WINDOWS32 = 4
  OS_W2K8_64 = 'Windows 2008 (64 bits)'
  VER_PRODUCT_TYPE = 128
  os = 'Windows 7 (64 bits)'
  VerQueryValue = GuessStringType(VerQueryValueA, VerQueryValueW)
  GetFileVersionInfo = GuessStringType(GetFileVersionInfoA, GetF...
  PROCESSOR_HITACHI_SH3E = 10004
  PROCESSOR_ARCHITECTURE_PPC = 3
  SM_CXSMICON = 49
  VOS_OS232 = 196608
  SM_CXFIXEDFRAME = 7
  SM_CYEDGE = 46
  VER_SUITE_COMPUTE_SERVER = 16384
  NTDDI_VISTASP1 = 100663552
  PROCESSOR_ARCHITECTURE_MSIL = 8
  OS_WINDOWS_VISTA = 'Windows Vista'
  VER_SERVICEPACKMINOR = 16
  VFT2_DRV_PRINTER = 1
  NTDDI_WINNT4 = 67108864
  ARCH_IA64 = 'ia64'
  SM_CYFULLSCREEN = 17
  PROCESSOR_ARCHITECTURE_AMD64 = 9
  OS_W2K8R2 = 'Windows 2008 R2'
  SM_CYDLGFRAME = 8
  VOS_NT_WINDOWS32 = 262148
  SM_CYSIZE = 31
  PROCESSOR_ARCHITECTURE_INTEL = 0
  OS_SEVEN_64 = 'Windows 7 (64 bits)'
  NTDDI_WS03 = 84017152
  NTDDI_WS08 = 100663552
  VER_SUITENAME = 64
  VER_SUITE_TERMINAL = 16
  SM_XVIRTUALSCREEN = 76
  SM_CXSMSIZE = 52
  OS_W2K = 'Windows 2000'
  SM_CXFRAME = 32
  VFT2_DRV_RESERVED = 11
  VER_SUITE_SMALLBUSINESS = 1
  SPVERSION_MASK = 65280
  ContextArchMask = 268369920
  CONTEXT_EXCEPTION_ACTIVE
  WOW64_CONTEXT_CONTROL
  WOW64_MAXIMUM_SUPPORTED_EXTENSION
  WOW64_CONTEXT_EXTENDED_REGISTERS
  Wow64ResumeThread
  CONTEXT_EXCEPTION_REPORTING
  WOW64_CONTEXT_FULL
  ARCH_AMD64 = 'amd64'
  PXMM_SAVE_AREA32
  PWOW64_FLOATING_SAVE_AREA
  WOW64_CS32
  WOW64_CONTEXT_ALL
  CONTEXT_EXCEPTION_REQUEST
  Wow64GetThreadSelectorEntry
  WOW64_CONTEXT_FLOATING_POINT
  WOW64_CONTEXT_DEBUG_REGISTERS
  WOW64_CONTEXT_INTEGER
  PWOW64_CONTEXT
  WOW64_CONTEXT
  Wow64SetThreadContext
  WOW64_SIZE_OF_80387_REGISTERS
  CONTEXT_AMD64
  WOW64_CONTEXT_i386
  Wow64GetThreadContext
  INITIAL_MXCSR
  PWOW64_LDT_ENTRY
  WOW64_CONTEXT_i486
  XMM_SAVE_AREA32
  CONTEXT_MMX_REGISTERS
  LPXMM_SAVE_AREA32
  LEGACY_SAVE_AREA_LENGTH
  WOW64_LDT_ENTRY
  INITIAL_FPCSR
  CONTEXT_SERVICE_ACTIVE
  WOW64_CONTEXT_SEGMENTS
  WOW64_FLOATING_SAVE_AREA
  ERROR_SEM_TIMEOUT = 121
  ERROR_BUFFER_OVERFLOW = 111
  CONTEXT_CONTROL = 65537
  CONTEXT_DEBUG_REGISTERS = 65552
  ERROR_ACCESS_DENIED = 5
  ERROR_UNHANDLED_EXCEPTION = 574
  TRUE = 1
  ERROR_ENVVAR_NOT_FOUND = 203
  ERROR_ALREADY_EXISTS = 183
  ERROR_DIFFERENT_SERVICE_ACCOUNT = 1079
  WIN32_VERBOSE_MODE = False
  ARCH_I386 = 'i386'
  ERROR_FAILED_SERVICE_CONTROLLER_CONNECT = 1063
  ERROR_NONE_MAPPED = 1332
  ERROR_NOT_SUPPORTED = 50
  ERROR_INVALID_HANDLE = 6
  ERROR_INVALID_FUNCTION = 1
  ERROR_DBG_REPLY_LATER = 689
  ERROR_MORE_DATA = 234
  ERROR_INVALID_PARAMETER = 87
  ANYSIZE_ARRAY = 1
  ERROR_EXCEPTION_IN_SERVICE = 1064
  ERROR_FILE_EXISTS = 80
  ERROR_INVALID_DRIVE = 15
  ERROR_BAD_THREADID_ADDR = 159
  _LDT_ENTRY_HIGHWORD_
  ERROR_FILE_NOT_FOUND = 2
  ERROR_DBG_CONTROL_BREAK = 696
  ERROR_SERVICE_NEVER_STARTED = 1077
  ERROR_WOW_ASSERTION = 670
  ERROR_NOT_ENOUGH_MEMORY = 8
  ERROR_INVALID_NAME = 123
  ERROR_SERVICE_NOT_IN_EXE = 1083
  ERROR_INSUFFICIENT_BUFFER = 122
  MAX_MODULE_NAME32 = 255
  ERROR_HANDLE_DISK_FULL = 39
  ERROR_BAD_LENGTH = 24
  ERROR_DBG_CONTINUE = 767
  INVALID_HANDLE_VALUE = 4294967295
  ERROR_NOT_SAFEBOOT_SERVICE = 1084
  ERROR_CIRCULAR_DEPENDENCY = 1059
  CONTEXT_FULL = 65543
  ERROR_DBG_PRINTEXCEPTION_C = 694
  ERROR_SERVICE_MARKED_FOR_DELETE = 1072
  ERROR_ALREADY_RUNNING_LKG = 1074
  WinDllHook
  ERROR_DBG_TERMINATE_THREAD = 691
  ERROR_DBG_CONTROL_C = 693
  ERROR_SERVICE_NOT_ACTIVE = 1062
  ERROR_DEBUGGER_INACTIVE = 1284
  windll = WinDllHook()
  ERROR_PROC_NOT_FOUND = 127
  ERROR_PATH_NOT_FOUND = 3
  EXCEPTION_WRITE_FAULT = 1
  ERROR_NO_RECOVERY_PROGRAM = 1082
  ERROR_ASSERTION_FAILURE = 668
  ERROR_DUPLICATE_SERVICE_NAME = 1078
  ERROR_SERVICE_LOGON_FAILED = 1069
  CONTEXT_SEGMENTS = 65540
  CONTEXT_i486 = 65536
  _LDT_ENTRY_BYTES_
  ERROR_DATABASE_DOES_NOT_EXIST = 1065
  ERROR_BAD_PATHNAME = 161
  ERROR_INVALID_SERVICE_LOCK = 1071
  ERROR_PROCESS_ABORTED = 1067
  _LDT_ENTRY_BITS_
  ERROR_BAD_ARGUMENTS = 160
  ERROR_THREAD_NOT_IN_PROCESS = 566
  ERROR_SERVICE_CANNOT_ACCEPT_CTRL = 1061
  ERROR_BOOT_ALREADY_ACCEPTED = 1076
  WinCallHook
  CONTEXT_i386 = 65536
  ERROR_SERVICE_DEPENDENCY_FAIL = 1068
  ERROR_DIR_NOT_EMPTY = 145
  ERROR_SERVICE_DOES_NOT_EXIST = 1060
  WinFuncHook
  MAX_PATH = 260
  ERROR_INVALID_ADDRESS = 487
  ERROR_ELEVATION_REQUIRED = 740
  CONTEXT_INTEGER = 65538
  ERROR_FILENAME_EXCED_RANGE = 206
  ERROR_NO_MORE_FILES = 18
  ERROR_SERVICE_SPECIFIC_ERROR = 1066
  ERROR_DBG_COMMAND_EXCEPTION = 697
  ERROR_HANDLE_EOF = 38
  CONTEXT_EXTENDED_REGISTERS = 65568
  NULL = None
hash(x)
  ERROR_SERVICE_DEPENDENCY_DELETED = 1075
  CONTEXT_FLOATING_POINT = 65544
  ERROR_CANNOT_DETECT_PROCESS_ABORT = 1081
  ERROR_DBG_RIPEXCEPTION = 695
  CONTEXT_ALL = 65599
  ERROR_DBG_TERMINATE_PROCESS = 692
  ERROR_NOACCESS = 998
  ERROR_CALL_NOT_IMPLEMENTED = 120
  MAXIMUM_SUPPORTED_EXTENSION = 512
  ERROR_SUCCESS = 0
  ERROR_DBG_EXCEPTION_NOT_HANDLED = 688
  ERROR_INVALID_FLAG_NUMBER = 186
  RPC_S_SERVER_UNAVAILABLE = 1722
  SIZE_OF_80387_REGISTERS = 80
  ERROR_CANNOT_DETECT_DRIVER_FAILURE = 1080
  INFINITE = -1
  FALSE = 0
  EXCEPTION_EXECUTE_FAULT = 8
  EXCEPTION_READ_FAULT = 0
  ERROR_DBG_EXCEPTION_HANDLED = 766
  ERROR_DISK_FULL = 112
  ERROR_MOD_NOT_FOUND = 126
  ERROR_CONTROL_C_EXIT = 572
  ERROR_PRIVILEGE_NOT_HELD = 1314
  ERROR_PARTIAL_COPY = 299
  ERROR_SERVICE_EXISTS = 1073
  ERROR_NO_MORE_ITEMS = 259
  ERROR_DBG_UNABLE_TO_PROVIDE_HANDLE = 690
  ERROR_SERVICE_START_HANG = 1070
  STILL_ACTIVE = 259
  WAIT_TIMEOUT = 258
  WAIT_FAILED = -1
  WAIT_OBJECT_0 = 0
  EXCEPTION_NONCONTINUABLE = 1
  EXCEPTION_MAXIMUM_PARAMETERS = 15
  MAXIMUM_WAIT_OBJECTS = 64
  MAXIMUM_SUSPEND_COUNT = 127
  FORMAT_MESSAGE_ALLOCATE_BUFFER = 256
  FORMAT_MESSAGE_FROM_SYSTEM = 4096
  GR_GDIOBJECTS = 0
  GR_USEROBJECTS = 1
  PROCESS_NAME_NATIVE = 1
  MAXINTATOM = 49152
  STD_INPUT_HANDLE = 4294967286
  STD_OUTPUT_HANDLE = 4294967285
  STD_ERROR_HANDLE = 4294967284
  ATTACH_PARENT_PROCESS = 4294967295
  DONT_RESOLVE_DLL_REFERENCES = 1
  LOAD_LIBRARY_AS_DATAFILE = 2
  LOAD_WITH_ALTERED_SEARCH_PATH = 8
  LOAD_IGNORE_CODE_AUTHZ_LEVEL = 16
  LOAD_LIBRARY_AS_IMAGE_RESOURCE = 32
  LOAD_LIBRARY_AS_DATAFILE_EXCLUSIVE = 64
  CTRL_C_EVENT = 0
  CTRL_BREAK_EVENT = 1
  CTRL_CLOSE_EVENT = 2
  CTRL_LOGOFF_EVENT = 5
  CTRL_SHUTDOWN_EVENT = 6
  HEAP_NO_SERIALIZE = 1
  HEAP_GENERATE_EXCEPTIONS = 4
  HEAP_ZERO_MEMORY = 8
  HEAP_CREATE_ENABLE_EXECUTE = 262144
  DELETE = 65536
  READ_CONTROL = 131072
  WRITE_DAC = 262144
  WRITE_OWNER = 524288
  SYNCHRONIZE = 1048576
  STANDARD_RIGHTS_REQUIRED = 983040
  STANDARD_RIGHTS_READ = 131072
  STANDARD_RIGHTS_WRITE = 131072
  STANDARD_RIGHTS_EXECUTE = 131072
  STANDARD_RIGHTS_ALL = 2031616
  SPECIFIC_RIGHTS_ALL = 65535
  MUTEX_ALL_ACCESS = 2031617
  MUTEX_MODIFY_STATE = 1
  EVENT_ALL_ACCESS = 2031619
  EVENT_MODIFY_STATE = 2
  SEMAPHORE_ALL_ACCESS = 2031619
  SEMAPHORE_MODIFY_STATE = 2
  TIMER_ALL_ACCESS = 2031619
  TIMER_MODIFY_STATE = 2
  TIMER_QUERY_STATE = 1
  PROCESS_TERMINATE = 1
  PROCESS_CREATE_THREAD = 2
  PROCESS_SET_SESSIONID = 4
  PROCESS_VM_OPERATION = 8
  PROCESS_VM_READ = 16
  PROCESS_VM_WRITE = 32
  PROCESS_DUP_HANDLE = 64
  PROCESS_CREATE_PROCESS = 128
  PROCESS_SET_QUOTA = 256
  PROCESS_SET_INFORMATION = 512
  PROCESS_QUERY_INFORMATION = 1024
  PROCESS_SUSPEND_RESUME = 2048
  PROCESS_QUERY_LIMITED_INFORMATION = 4096
  THREAD_TERMINATE = 1
  THREAD_SUSPEND_RESUME = 2
  THREAD_ALERT = 4
  THREAD_GET_CONTEXT = 8
  THREAD_SET_CONTEXT = 16
  THREAD_SET_INFORMATION = 32
  THREAD_QUERY_INFORMATION = 64
  THREAD_SET_THREAD_TOKEN = 128
  THREAD_IMPERSONATE = 256
  THREAD_DIRECT_IMPERSONATION = 512
  THREAD_SET_LIMITED_INFORMATION = 1024
  THREAD_QUERY_LIMITED_INFORMATION = 2048
  PROCESS_ALL_ACCESS_NT = 2035711
  PROCESS_ALL_ACCESS_VISTA = 2097151
  THREAD_ALL_ACCESS_NT = 2032639
  THREAD_ALL_ACCESS_VISTA = 2097151
  PROCESS_ALL_ACCESS = 2097151
  THREAD_ALL_ACCESS = 2097151
  DEBUG_PROCESS = 1
  DEBUG_ONLY_THIS_PROCESS = 2
  CREATE_SUSPENDED = 4
  DETACHED_PROCESS = 8
  CREATE_NEW_CONSOLE = 16
  NORMAL_PRIORITY_CLASS = 32
  IDLE_PRIORITY_CLASS = 64
  HIGH_PRIORITY_CLASS = 128
  REALTIME_PRIORITY_CLASS = 256
  CREATE_NEW_PROCESS_GROUP = 512
  CREATE_UNICODE_ENVIRONMENT = 1024
  CREATE_SEPARATE_WOW_VDM = 2048
  CREATE_SHARED_WOW_VDM = 4096
  CREATE_FORCEDOS = 8192
  BELOW_NORMAL_PRIORITY_CLASS = 16384
  ABOVE_NORMAL_PRIORITY_CLASS = 32768
  INHERIT_PARENT_AFFINITY = 65536
  STACK_SIZE_PARAM_IS_A_RESERVATION = 65536
  INHERIT_CALLER_PRIORITY = 131072
  CREATE_PROTECTED_PROCESS = 262144
  EXTENDED_STARTUPINFO_PRESENT = 524288
  PROCESS_MODE_BACKGROUND_BEGIN = 1048576
  PROCESS_MODE_BACKGROUND_END = 2097152
  CREATE_BREAKAWAY_FROM_JOB = 16777216
  CREATE_PRESERVE_CODE_AUTHZ_LEVEL = 33554432
  CREATE_DEFAULT_ERROR_MODE = 67108864
  CREATE_NO_WINDOW = 134217728
  PROFILE_USER = 268435456
  PROFILE_KERNEL = 536870912
  PROFILE_SERVER = 1073741824
  CREATE_IGNORE_SYSTEM_DEFAULT = 2147483648
  THREAD_BASE_PRIORITY_LOWRT = 15
  THREAD_BASE_PRIORITY_MAX = 2
  THREAD_BASE_PRIORITY_MIN = -2
  THREAD_BASE_PRIORITY_IDLE = -15
  THREAD_PRIORITY_LOWEST = -2
  THREAD_PRIORITY_BELOW_NORMAL = -1
  THREAD_PRIORITY_NORMAL = 0
  THREAD_PRIORITY_HIGHEST = 2
  THREAD_PRIORITY_ABOVE_NORMAL = 1
  THREAD_PRIORITY_ERROR_RETURN = 4294967295
  THREAD_PRIORITY_TIME_CRITICAL = 15
  THREAD_PRIORITY_IDLE = -15
  PAGE_NOACCESS = 1
  PAGE_READONLY = 2
  PAGE_READWRITE = 4
  PAGE_WRITECOPY = 8
  PAGE_EXECUTE = 16
  PAGE_EXECUTE_READ = 32
  PAGE_EXECUTE_READWRITE = 64
  PAGE_EXECUTE_WRITECOPY = 128
  PAGE_GUARD = 256
  PAGE_NOCACHE = 512
  PAGE_WRITECOMBINE = 1024
  MEM_COMMIT = 4096
  MEM_RESERVE = 8192
  MEM_DECOMMIT = 16384
  MEM_RELEASE = 32768
  MEM_FREE = 65536
  MEM_PRIVATE = 131072
  MEM_MAPPED = 262144
  MEM_RESET = 524288
  MEM_TOP_DOWN = 1048576
  MEM_WRITE_WATCH = 2097152
  MEM_PHYSICAL = 4194304
  MEM_LARGE_PAGES = 536870912
  MEM_4MB_PAGES = 2147483648
  SEC_FILE = 8388608
  SEC_IMAGE = 16777216
  SEC_RESERVE = 67108864
  SEC_COMMIT = 134217728
  SEC_NOCACHE = 268435456
  SEC_LARGE_PAGES = 2147483648
  MEM_IMAGE = 16777216
  WRITE_WATCH_FLAG_RESET = 1
  SECTION_QUERY = 1
  SECTION_MAP_WRITE = 2
  SECTION_MAP_READ = 4
  SECTION_MAP_EXECUTE = 8
  SECTION_EXTEND_SIZE = 16
  SECTION_MAP_EXECUTE_EXPLICIT = 32
  SECTION_ALL_ACCESS = 983071
  FILE_MAP_COPY = 1
  FILE_MAP_WRITE = 2
  FILE_MAP_READ = 4
  FILE_MAP_ALL_ACCESS = 983071
  FILE_MAP_EXECUTE = 32
  GENERIC_READ = 2147483648
  GENERIC_WRITE = 1073741824
  GENERIC_EXECUTE = 536870912
  GENERIC_ALL = 268435456
  FILE_SHARE_READ = 1
  FILE_SHARE_WRITE = 2
  FILE_SHARE_DELETE = 4
  CREATE_NEW = 1
  CREATE_ALWAYS = 2
  OPEN_EXISTING = 3
  OPEN_ALWAYS = 4
  TRUNCATE_EXISTING = 5
  FILE_FLAG_WRITE_THROUGH = 2147483648
  FILE_FLAG_NO_BUFFERING = 536870912
  FILE_FLAG_RANDOM_ACCESS = 268435456
  FILE_FLAG_SEQUENTIAL_SCAN = 134217728
  FILE_FLAG_DELETE_ON_CLOSE = 67108864
  FILE_FLAG_OVERLAPPED = 1073741824
  FILE_ATTRIBUTE_READONLY = 1
  FILE_ATTRIBUTE_HIDDEN = 2
  FILE_ATTRIBUTE_SYSTEM = 4
  FILE_ATTRIBUTE_DIRECTORY = 16
  FILE_ATTRIBUTE_ARCHIVE = 32
  FILE_ATTRIBUTE_DEVICE = 64
  FILE_ATTRIBUTE_NORMAL = 128
  FILE_ATTRIBUTE_TEMPORARY = 256
  EXCEPTION_DEBUG_EVENT = 1
  CREATE_THREAD_DEBUG_EVENT = 2
  CREATE_PROCESS_DEBUG_EVENT = 3
  EXIT_THREAD_DEBUG_EVENT = 4
  EXIT_PROCESS_DEBUG_EVENT = 5
  LOAD_DLL_DEBUG_EVENT = 6
  UNLOAD_DLL_DEBUG_EVENT = 7
  OUTPUT_DEBUG_STRING_EVENT = 8
  RIP_EVENT = 9
  DBG_EXCEPTION_HANDLED = 65537
  DBG_CONTINUE = 65538
  DBG_REPLY_LATER = 1073807361
  DBG_UNABLE_TO_PROVIDE_HANDLE = 1073807362
  DBG_TERMINATE_THREAD = 1073807363
  DBG_TERMINATE_PROCESS = 1073807364
  DBG_PRINTEXCEPTION_C = 1073807366
  DBG_RIPEXCEPTION = 1073807367
  DBG_CONTROL_BREAK = 1073807368
  DBG_COMMAND_EXCEPTION = 1073807369
  DBG_EXCEPTION_NOT_HANDLED = 2147549185
  DBG_NO_STATE_CHANGE = 3221291009
  DBG_APP_NOT_IDLE = 3221291010
  STATUS_WAIT_0 = 0
  STATUS_ABANDONED_WAIT_0 = 128
  STATUS_USER_APC = 192
  STATUS_TIMEOUT = 258
  STATUS_PENDING = 259
  STATUS_SEGMENT_NOTIFICATION = 1073741829
  STATUS_GUARD_PAGE_VIOLATION = 2147483649
  STATUS_DATATYPE_MISALIGNMENT = 2147483650
  STATUS_BREAKPOINT = 2147483651
  STATUS_SINGLE_STEP = 2147483652
  STATUS_INVALID_INFO_CLASS = 3221225475
  STATUS_ACCESS_VIOLATION = 3221225477
  STATUS_IN_PAGE_ERROR = 3221225478
  STATUS_INVALID_HANDLE = 3221225480
  STATUS_NO_MEMORY = 3221225495
  STATUS_ILLEGAL_INSTRUCTION = 3221225501
  STATUS_NONCONTINUABLE_EXCEPTION = 3221225509
  STATUS_INVALID_DISPOSITION = 3221225510
  STATUS_ARRAY_BOUNDS_EXCEEDED = 3221225612
  STATUS_FLOAT_DENORMAL_OPERAND = 3221225613
  STATUS_FLOAT_DIVIDE_BY_ZERO = 3221225614
  STATUS_FLOAT_INEXACT_RESULT = 3221225615
  STATUS_FLOAT_INVALID_OPERATION = 3221225616
  STATUS_FLOAT_OVERFLOW = 3221225617
  STATUS_FLOAT_STACK_CHECK = 3221225618
  STATUS_FLOAT_UNDERFLOW = 3221225619
  STATUS_INTEGER_DIVIDE_BY_ZERO = 3221225620
  STATUS_INTEGER_OVERFLOW = 3221225621
  STATUS_PRIVILEGED_INSTRUCTION = 3221225622
  STATUS_STACK_OVERFLOW = 3221225725
  STATUS_CONTROL_C_EXIT = 3221225786
  STATUS_FLOAT_MULTIPLE_FAULTS = 3221226164
  STATUS_FLOAT_MULTIPLE_TRAPS = 3221226165
  STATUS_REG_NAT_CONSUMPTION = 3221226185
  STATUS_SXS_EARLY_DEACTIVATION = 3222601743
  STATUS_SXS_INVALID_DEACTIVATION = 3222601744
  STATUS_STACK_BUFFER_OVERRUN = 3221226505
  STATUS_WX86_BREAKPOINT = 1073741855
  STATUS_HEAP_CORRUPTION = 3221226356
  STATUS_POSSIBLE_DEADLOCK = 3221225876
  STATUS_UNWIND_CONSOLIDATE = 2147483689
  EXCEPTION_ACCESS_VIOLATION = 3221225477
  EXCEPTION_ARRAY_BOUNDS_EXCEEDED = 3221225612
  EXCEPTION_BREAKPOINT = 2147483651
  EXCEPTION_DATATYPE_MISALIGNMENT = 2147483650
  EXCEPTION_FLT_DENORMAL_OPERAND = 3221225613
  EXCEPTION_FLT_DIVIDE_BY_ZERO = 3221225614
  EXCEPTION_FLT_INEXACT_RESULT = 3221225615
  EXCEPTION_FLT_INVALID_OPERATION = 3221225616
  EXCEPTION_FLT_OVERFLOW = 3221225617
  EXCEPTION_FLT_STACK_CHECK = 3221225618
  EXCEPTION_FLT_UNDERFLOW = 3221225619
  EXCEPTION_ILLEGAL_INSTRUCTION = 3221225501
  EXCEPTION_IN_PAGE_ERROR = 3221225478
  EXCEPTION_INT_DIVIDE_BY_ZERO = 3221225620
  EXCEPTION_INT_OVERFLOW = 3221225621
  EXCEPTION_INVALID_DISPOSITION = 3221225510
  EXCEPTION_NONCONTINUABLE_EXCEPTION = 3221225509
  EXCEPTION_PRIV_INSTRUCTION = 3221225622
  EXCEPTION_SINGLE_STEP = 2147483652
  EXCEPTION_STACK_OVERFLOW = 3221225725
  EXCEPTION_GUARD_PAGE = 2147483649
  EXCEPTION_INVALID_HANDLE = 3221225480
  EXCEPTION_POSSIBLE_DEADLOCK = 3221225876
  EXCEPTION_WX86_BREAKPOINT = 1073741855
  CONTROL_C_EXIT = 3221225786
  DBG_CONTROL_C = 1073807365
  MS_VC_EXCEPTION = 1080890248
  ACCESS_VIOLATION_TYPE_READ = 0
  ACCESS_VIOLATION_TYPE_WRITE = 1
  ACCESS_VIOLATION_TYPE_DEP = 8
  SLE_ERROR = 1
  SLE_MINORERROR = 2
  SLE_WARNING = 3
  DUPLICATE_CLOSE_SOURCE = 1
  DUPLICATE_SAME_ACCESS = 2
  FILE_NAME_NORMALIZED = 0
  FILE_NAME_OPENED = 8
  VOLUME_NAME_DOS = 0
  VOLUME_NAME_GUID = 1
  VOLUME_NAME_NONE = 4
  VOLUME_NAME_NT = 2
  PRODUCT_BUSINESS = 6
  PRODUCT_BUSINESS_N = 16
  PRODUCT_CLUSTER_SERVER = 18
  PRODUCT_DATACENTER_SERVER = 8
  PRODUCT_DATACENTER_SERVER_CORE = 12
  PRODUCT_DATACENTER_SERVER_CORE_V = 39
  PRODUCT_DATACENTER_SERVER_V = 37
  PRODUCT_ENTERPRISE = 4
  PRODUCT_ENTERPRISE_E = 70
  PRODUCT_ENTERPRISE_N = 27
  PRODUCT_ENTERPRISE_SERVER = 10
  PRODUCT_ENTERPRISE_SERVER_CORE = 14
  PRODUCT_ENTERPRISE_SERVER_CORE_V = 41
  PRODUCT_ENTERPRISE_SERVER_IA64 = 15
  PRODUCT_ENTERPRISE_SERVER_V = 38
  PRODUCT_HOME_BASIC = 2
  PRODUCT_HOME_BASIC_E = 67
  PRODUCT_HOME_BASIC_N = 5
  PRODUCT_HOME_PREMIUM = 3
  PRODUCT_HOME_PREMIUM_E = 68
  PRODUCT_HOME_PREMIUM_N = 26
  PRODUCT_HYPERV = 42
  PRODUCT_MEDIUMBUSINESS_SERVER_MANAGEMENT = 30
  PRODUCT_MEDIUMBUSINESS_SERVER_MESSAGING = 32
  PRODUCT_MEDIUMBUSINESS_SERVER_SECURITY = 31
  PRODUCT_PROFESSIONAL = 48
  PRODUCT_PROFESSIONAL_E = 69
  PRODUCT_PROFESSIONAL_N = 49
  PRODUCT_SERVER_FOR_SMALLBUSINESS = 24
  PRODUCT_SERVER_FOR_SMALLBUSINESS_V = 35
  PRODUCT_SERVER_FOUNDATION = 33
  PRODUCT_SMALLBUSINESS_SERVER = 9
  PRODUCT_STANDARD_SERVER = 7
  PRODUCT_STANDARD_SERVER_CORE = 13
  PRODUCT_STANDARD_SERVER_CORE_V = 40
  PRODUCT_STANDARD_SERVER_V = 36
  PRODUCT_STARTER = 11
  PRODUCT_STARTER_E = 66
  PRODUCT_STARTER_N = 47
  PRODUCT_STORAGE_ENTERPRISE_SERVER = 23
  PRODUCT_STORAGE_EXPRESS_SERVER = 20
  PRODUCT_STORAGE_STANDARD_SERVER = 21
  PRODUCT_STORAGE_WORKGROUP_SERVER = 22
  PRODUCT_UNDEFINED = 0
  PRODUCT_UNLICENSED = 2882382797
  PRODUCT_ULTIMATE = 1
  PRODUCT_ULTIMATE_E = 71
  PRODUCT_ULTIMATE_N = 28
  PRODUCT_WEB_SERVER = 17
  PRODUCT_WEB_SERVER_CORE = 29
  PROCESS_DEP_ENABLE = 1
  PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION = 2
  SEM_FAILCRITICALERRORS = 1
  SEM_NOGPFAULTERRORBOX = 2
  SEM_NOALIGNMENTFAULTEXCEPT = 4
  SEM_NOOPENFILEERRORBOX = 2048
  HANDLE_FLAG_INHERIT = 1
  HANDLE_FLAG_PROTECT_FROM_CLOSE = 2
  PROC_THREAD_ATTRIBUTE_NUMBER = 65535
  PROC_THREAD_ATTRIBUTE_THREAD = 65536
  PROC_THREAD_ATTRIBUTE_INPUT = 131072
  PROC_THREAD_ATTRIBUTE_ADDITIVE = 262144
  ProcThreadAttributeParentProcess = 0
  ProcThreadAttributeExtendedFlags = 1
  ProcThreadAttributeHandleList = 2
  ProcThreadAttributeGroupAffinity = 3
  ProcThreadAttributePreferredNode = 4
  ProcThreadAttributeIdealProcessor = 5
  ProcThreadAttributeUmsThread = 6
  ProcThreadAttributeMitigationPolicy = 7
  ProcThreadAttributeMax = 8
  PROC_THREAD_ATTRIBUTE_PARENT_PROCESS = 131072
  PROC_THREAD_ATTRIBUTE_EXTENDED_FLAGS = 393217
  PROC_THREAD_ATTRIBUTE_HANDLE_LIST = 131074
  PROC_THREAD_ATTRIBUTE_GROUP_AFFINITY = 196611
  PROC_THREAD_ATTRIBUTE_PREFERRED_NODE = 131076
  PROC_THREAD_ATTRIBUTE_IDEAL_PROCESSOR = 196613
  PROC_THREAD_ATTRIBUTE_UMS_THREAD = 196614
  PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY = 131079
  PROCESS_CREATION_MITIGATION_POLICY_DEP_ENABLE = 1
  PROCESS_CREATION_MITIGATION_POLICY_DEP_ATL_THUNK_ENABLE = 2
  PROCESS_CREATION_MITIGATION_POLICY_SEHOP_ENABLE = 4
  FOREGROUND_MASK = 15
  BACKGROUND_MASK = 240
  COMMON_LVB_MASK = 65280
  FOREGROUND_BLACK = 0
  FOREGROUND_BLUE = 1
  FOREGROUND_GREEN = 2
  FOREGROUND_CYAN = 3
  FOREGROUND_RED = 4
  FOREGROUND_MAGENTA = 5
  FOREGROUND_YELLOW = 6
  FOREGROUND_GREY = 7
  FOREGROUND_INTENSITY = 8
  BACKGROUND_BLACK = 0
  BACKGROUND_BLUE = 16
  BACKGROUND_GREEN = 32
  BACKGROUND_CYAN = 48
  BACKGROUND_RED = 64
  BACKGROUND_MAGENTA = 80
  BACKGROUND_YELLOW = 96
  BACKGROUND_GREY = 112
  BACKGROUND_INTENSITY = 128
  COMMON_LVB_LEADING_BYTE = 256
  COMMON_LVB_TRAILING_BYTE = 512
  COMMON_LVB_GRID_HORIZONTAL = 1024
  COMMON_LVB_GRID_LVERTICAL = 2048
  COMMON_LVB_GRID_RVERTICAL = 4096
  COMMON_LVB_REVERSE_VIDEO = 16384
  COMMON_LVB_UNDERSCORE = 32768
  TH32CS_SNAPHEAPLIST = 1
  TH32CS_SNAPPROCESS = 2
  TH32CS_SNAPTHREAD = 4
  TH32CS_SNAPMODULE = 8
  TH32CS_INHERIT = 2147483648
  TH32CS_SNAPALL = 15
  GetDllDirectory = GuessStringType(GetDllDirectoryA, GetDllDire...
  SetDllDirectory = GuessStringType(SetDllDirectoryA, SetDllDire...
  LoadLibrary = GuessStringType(LoadLibraryA, LoadLibraryW)
  LoadLibraryEx = GuessStringType(LoadLibraryExA, LoadLibraryExW)
  GetModuleHandle = GuessStringType(GetModuleHandleA, GetModuleH...
  GetProcAddress = GuessStringType(GetProcAddressA, GetProcAddre...
  QueryFullProcessImageName = GuessStringType(QueryFullProcessIm...
  GetLogicalDriveStrings = GuessStringType(GetLogicalDriveString...
  QueryDosDevice = GuessStringType(QueryDosDeviceA, QueryDosDevi...
  OpenFileMapping = GuessStringType(OpenFileMappingA, OpenFileMa...
  CreateFileMapping = GuessStringType(CreateFileMappingA, Create...
  CreateFile = GuessStringType(CreateFileA, CreateFileW)
  SearchPath = GuessStringType(SearchPathA, SearchPathW)
  GetFinalPathNameByHandle = GuessStringType(GetFinalPathNameByH...
  GetFullPathName = GuessStringType(GetFullPathNameA, GetFullPat...
  GetTempPath = GuessStringType(GetTempPathA, GetTempPathW)
  GetTempFileName = GuessStringType(GetTempFileNameA, GetTempFil...
  GetCurrentDirectory = GuessStringType(GetCurrentDirectoryA, Ge...
  CreateMutex = GuessStringType(CreateMutexA, CreateMutexW)
  OpenMutex = GuessStringType(OpenMutexA, OpenMutexW)
  CreateEvent = GuessStringType(CreateEventA, CreateEventW)
  OpenEvent = GuessStringType(OpenEventA, OpenEventW)
  OutputDebugString = GuessStringType(OutputDebugStringA, Output...
  CreateProcess = GuessStringType(CreateProcessA, CreateProcessW)
  GlobalAddAtom = GuessStringType(GlobalAddAtomA, GlobalAddAtomW)
  GlobalFindAtom = GuessStringType(GlobalFindAtomA, GlobalFindAt...
  GlobalGetAtomName = GuessStringType(GlobalGetAtomNameA, Global...
  _all = set(['ABOVE_NORMAL_PRIORITY_CLASS', 'ACCESS_VIOLATION_T...
  psyco
  __package__ = 'winappdbg.win32'
  _x = 'JIT_DEBUG_INFO64'
Function Details [hide private]

RaiseIfLastError(result, func=None, arguments=())

source code 

Error checking for Win32 API calls with no error-specific return value.

Regardless of the return value, the function calls GetLastError(). If the code is not ERROR_SUCCESS then a WindowsError exception is raised.

For this to work, the user MUST call SetLastError(ERROR_SUCCESS) prior to calling the API. Otherwise an exception may be raised even on success, since most API calls don't clear the error status code.

Wow64EnableWow64FsRedirection(Wow64FsEnableRedirection)

source code 

This function may not work reliably when there are nested calls. Therefore, this function has been replaced by the Wow64DisableWow64FsRedirection and Wow64RevertWow64FsRedirection functions.

See Also: http://msdn.microsoft.com/en-us/library/windows/desktop/aa365744(v=vs.85).aspx


Variables Details [hide private]

__revision__

Value:
'$Id: kernel32.py 1299 2013-12-20 09:30:55Z qvasimodo $'

GetFileVersionInfo

Value:
GuessStringType(GetFileVersionInfoA, GetFileVersionInfoW)

GetDllDirectory

Value:
GuessStringType(GetDllDirectoryA, GetDllDirectoryW)

SetDllDirectory

Value:
GuessStringType(SetDllDirectoryA, SetDllDirectoryW)

GetModuleHandle

Value:
GuessStringType(GetModuleHandleA, GetModuleHandleW)

GetProcAddress

Value:
GuessStringType(GetProcAddressA, GetProcAddressW)

QueryFullProcessImageName

Value:
GuessStringType(QueryFullProcessImageNameA, QueryFullProcessImageNameW\
)

GetLogicalDriveStrings

Value:
GuessStringType(GetLogicalDriveStringsA, GetLogicalDriveStringsW)

QueryDosDevice

Value:
GuessStringType(QueryDosDeviceA, QueryDosDeviceW)

OpenFileMapping

Value:
GuessStringType(OpenFileMappingA, OpenFileMappingW)

CreateFileMapping

Value:
GuessStringType(CreateFileMappingA, CreateFileMappingW)

GetFinalPathNameByHandle

Value:
GuessStringType(GetFinalPathNameByHandleA, GetFinalPathNameByHandleW)

GetFullPathName

Value:
GuessStringType(GetFullPathNameA, GetFullPathNameW)

GetTempFileName

Value:
GuessStringType(GetTempFileNameA, GetTempFileNameW)

GetCurrentDirectory

Value:
GuessStringType(GetCurrentDirectoryA, GetCurrentDirectoryW)

OutputDebugString

Value:
GuessStringType(OutputDebugStringA, OutputDebugStringW)

GlobalFindAtom

Value:
GuessStringType(GlobalFindAtomA, GlobalFindAtomW)

GlobalGetAtomName

Value:
GuessStringType(GlobalGetAtomNameA, GlobalGetAtomNameW)

_all

Value:
set(['ABOVE_NORMAL_PRIORITY_CLASS',
     'ACCESS_VIOLATION_TYPE_DEP',
     'ACCESS_VIOLATION_TYPE_READ',
     'ACCESS_VIOLATION_TYPE_WRITE',
     'ARCH_AARCH32',
     'ARCH_AARCH64',
     'ARCH_ALPHA',
     'ARCH_ALPHA64',
...

   Home       Trees       Indices       Help   
WinAppDbg - Programming Reference
Generated by Epydoc 3.0.1 on Fri Dec 20 17:54:47 2013 http://epydoc.sourceforge.net