Home       Trees       Indices       Help   
WinAppDbg - Programming Reference
Package winappdbg :: Package win32 :: Module peb_teb
[hide private]
[frames] | no frames]

Module peb_teb

source code

PEB and TEB structures, constants and data types.

Classes [hide private]
  CLIENT_ID
  RTL_USER_PROCESS_PARAMETERS
  PPS_POST_PROCESS_INIT_ROUTINE
  LDR_MODULE
  PEB_LDR_DATA
  PEB_FREE_BLOCK
  PPEB_FREE_BLOCK
  RTL_DRIVE_LETTER_CURDIR
  CURDIR
  RTL_CRITICAL_SECTION
  RTL_CRITICAL_SECTION_DEBUG
  PRTL_CRITICAL_SECTION
  PRTL_CRITICAL_SECTION_DEBUG
  PPEB_LDR_DATA
  PRTL_USER_PROCESS_PARAMETERS
  PPEBLOCKROUTINE
  _PEB_NT
  _PEB_2000
  _PEB_XP
  _PEB_XP_64
  _PEB_2003
  _PEB_2003_64
  _PEB_2003_R2
  _PEB_2003_R2_64
  _PEB_2008
  _PEB_2008_64
  _PEB_2008_R2
  _PEB_2008_R2_64
  _PEB_Vista
  _PEB_Vista_64
  _PEB_W7
  _PEB_W7_64
  _PEB_W7_Beta
This definition of the PEB structure is only valid for the beta versions of Windows 7.
  PEB
  PEB_32
  Wx86ThreadState
  RTL_ACTIVATION_CONTEXT_STACK_FRAME
  ACTIVATION_CONTEXT_STACK
  PROCESSOR_NUMBER
  _NT_TIB_UNION
  NT_TIB
  PNTTIB
  EXCEPTION_REGISTRATION_RECORD
  EXCEPTION_DISPOSITION
  PEXCEPTION_DISPOSITION
  PEXCEPTION_REGISTRATION_RECORD
  PPEB
  GDI_TEB_BATCH
  TEB_ACTIVE_FRAME_CONTEXT
  PTEB_ACTIVE_FRAME_CONTEXT
  TEB_ACTIVE_FRAME
  PTEB_ACTIVE_FRAME
  _TEB_NT
  _TEB_2000
  _TEB_XP
  _TEB_XP_64
  _TEB_2003
  _TEB_2003_64
  _TEB_2003_R2
  _TEB_2003_R2_64
  _TEB_2008
  _TEB_2008_64
  _TEB_2008_R2
  _TEB_2008_R2_64
  _TEB_Vista
  _TEB_Vista_64
  _TEB_W7
  _TEB_W7_64
  TEB
  PTEB
Variables [hide private]
  __revision__ = '$Id: peb_teb.py 1299 2013-12-20 09:30:55Z qvas...
  ERROR_NO_RECOVERY_PROGRAM = 1082
  ERROR_DBG_TERMINATE_PROCESS = 692
  ERROR_BUFFER_OVERFLOW = 111
  STANDARD_RIGHTS_WRITE = 131072
  STANDARD_RIGHTS_EXECUTE = 131072
  SYNCHRONIZE = 1048576
  ERROR_BAD_LENGTH = 24
  TRUE = 1
  ERROR_ENVVAR_NOT_FOUND = 203
  ERROR_ELEVATION_REQUIRED = 740
  ERROR_ALREADY_EXISTS = 183
  ERROR_DIFFERENT_SERVICE_ACCOUNT = 1079
  WIN32_VERBOSE_MODE = False
  ERROR_FAILED_SERVICE_CONTROLLER_CONNECT = 1063
  ERROR_NONE_MAPPED = 1332
  ERROR_NOT_SUPPORTED = 50
  ERROR_INVALID_HANDLE = 6
  ERROR_INVALID_FUNCTION = 1
  ERROR_DBG_REPLY_LATER = 689
  ERROR_MORE_DATA = 234
  ERROR_INVALID_PARAMETER = 87
  ANYSIZE_ARRAY = 1
  ERROR_FILE_EXISTS = 80
  ERROR_INVALID_DRIVE = 15
  ERROR_BAD_THREADID_ADDR = 159
  STANDARD_RIGHTS_ALL = 2031616
  ERROR_FILE_NOT_FOUND = 2
  STANDARD_RIGHTS_READ = 131072
  ERROR_DBG_CONTROL_BREAK = 696
  ERROR_WOW_ASSERTION = 670
  ERROR_NOT_ENOUGH_MEMORY = 8
  ERROR_DBG_EXCEPTION_NOT_HANDLED = 688
  ERROR_INVALID_NAME = 123
  ERROR_SERVICE_NOT_IN_EXE = 1083
  ERROR_SERVICE_NEVER_STARTED = 1077
  ERROR_INSUFFICIENT_BUFFER = 122
  MAX_MODULE_NAME32 = 255
  ERROR_HANDLE_DISK_FULL = 39
  ERROR_UNHANDLED_EXCEPTION = 574
  ERROR_INVALID_FLAG_NUMBER = 186
  ERROR_DBG_CONTINUE = 767
  ERROR_SERVICE_DEPENDENCY_FAIL = 1068
  ERROR_NOT_SAFEBOOT_SERVICE = 1084
  ERROR_ALREADY_RUNNING_LKG = 1074
  ERROR_THREAD_NOT_IN_PROCESS = 566
  ERROR_CIRCULAR_DEPENDENCY = 1059
  ERROR_CALL_NOT_IMPLEMENTED = 120
  ERROR_SERVICE_DOES_NOT_EXIST = 1060
  ERROR_DBG_PRINTEXCEPTION_C = 694
  ERROR_SERVICE_MARKED_FOR_DELETE = 1072
  MAX_PATH = 260
  WRITE_DAC = 262144
  ERROR_DBG_CONTROL_C = 693
  STANDARD_RIGHTS_REQUIRED = 983040
  ERROR_DATABASE_DOES_NOT_EXIST = 1065
  ERROR_DBG_TERMINATE_THREAD = 691
  ERROR_DEBUGGER_INACTIVE = 1284
  windll = WinDllHook()
  ERROR_PROC_NOT_FOUND = 127
  ERROR_ASSERTION_FAILURE = 668
  ERROR_INVALID_SERVICE_LOCK = 1071
  ERROR_DUPLICATE_SERVICE_NAME = 1078
  ERROR_SERVICE_LOGON_FAILED = 1069
  WRITE_OWNER = 524288
  ERROR_SERVICE_NOT_ACTIVE = 1062
  WinCallHook
  ERROR_BAD_PATHNAME = 161
  ERROR_PROCESS_ABORTED = 1067
  ERROR_PRIVILEGE_NOT_HELD = 1314
  ERROR_DBG_RIPEXCEPTION = 695
  ERROR_NOACCESS = 998
  ERROR_BAD_ARGUMENTS = 160
  ERROR_SERVICE_CANNOT_ACCEPT_CTRL = 1061
  ERROR_BOOT_ALREADY_ACCEPTED = 1076
  FALSE = 0
  INVALID_HANDLE_VALUE = 4294967295
  ERROR_DIR_NOT_EMPTY = 145
  WinFuncHook
  ERROR_DISK_FULL = 112
  WinDllHook
  ERROR_INVALID_ADDRESS = 487
  DELETE = 65536
  ERROR_FILENAME_EXCED_RANGE = 206
  ERROR_NO_MORE_FILES = 18
  ERROR_SERVICE_SPECIFIC_ERROR = 1066
  ERROR_DBG_COMMAND_EXCEPTION = 697
  ERROR_HANDLE_EOF = 38
  NULL = None
hash(x)
  ERROR_SERVICE_DEPENDENCY_DELETED = 1075
  ERROR_CANNOT_DETECT_PROCESS_ABORT = 1081
  ERROR_SEM_TIMEOUT = 121
  ERROR_ACCESS_DENIED = 5
  ERROR_PATH_NOT_FOUND = 3
  ERROR_EXCEPTION_IN_SERVICE = 1064
  ERROR_SUCCESS = 0
  SPECIFIC_RIGHTS_ALL = 65535
  RPC_S_SERVER_UNAVAILABLE = 1722
  ERROR_CANNOT_DETECT_DRIVER_FAILURE = 1080
  READ_CONTROL = 131072
  INFINITE = -1
  ERROR_DBG_EXCEPTION_HANDLED = 766
  ERROR_MOD_NOT_FOUND = 126
  ERROR_CONTROL_C_EXIT = 572
  WAIT_TIMEOUT = 258
  ERROR_PARTIAL_COPY = 299
  ERROR_SERVICE_EXISTS = 1073
  ERROR_NO_MORE_ITEMS = 259
  ERROR_DBG_UNABLE_TO_PROVIDE_HANDLE = 690
  ERROR_SERVICE_START_HANG = 1070
  os = 'Windows 7 (64 bits)'
  ImageUsesLargePages = 1
  IsProtectedProcess = 2
  IsLegacyProcess = 4
  IsImageDynamicallyRelocated = 8
  SkipPatchingUser32Forwarders = 16
  ProcessInJob = 1
  ProcessInitializing = 2
  ProcessUsingVEH = 4
  ProcessUsingVCH = 8
  ProcessUsingFTH = 16
  HeapTracingEnabled = 1
  CritSecTracingEnabled = 2
  FLG_VALID_BITS = 4194303
  FLG_STOP_ON_EXCEPTION = 1
  FLG_SHOW_LDR_SNAPS = 2
  FLG_DEBUG_INITIAL_COMMAND = 4
  FLG_STOP_ON_HUNG_GUI = 8
  FLG_HEAP_ENABLE_TAIL_CHECK = 16
  FLG_HEAP_ENABLE_FREE_CHECK = 32
  FLG_HEAP_VALIDATE_PARAMETERS = 64
  FLG_HEAP_VALIDATE_ALL = 128
  FLG_POOL_ENABLE_TAIL_CHECK = 256
  FLG_POOL_ENABLE_FREE_CHECK = 512
  FLG_POOL_ENABLE_TAGGING = 1024
  FLG_HEAP_ENABLE_TAGGING = 2048
  FLG_USER_STACK_TRACE_DB = 4096
  FLG_KERNEL_STACK_TRACE_DB = 8192
  FLG_MAINTAIN_OBJECT_TYPELIST = 16384
  FLG_HEAP_ENABLE_TAG_BY_DLL = 32768
  FLG_IGNORE_DEBUG_PRIV = 65536
  FLG_ENABLE_CSRDEBUG = 131072
  FLG_ENABLE_KDEBUG_SYMBOL_LOAD = 262144
  FLG_DISABLE_PAGE_KERNEL_STACKS = 524288
  FLG_HEAP_ENABLE_CALL_TRACING = 1048576
  FLG_HEAP_DISABLE_COALESCING = 2097152
  FLG_ENABLE_CLOSE_EXCEPTION = 4194304
  FLG_ENABLE_EXCEPTION_LOGGING = 8388608
  FLG_ENABLE_HANDLE_TYPE_TAGGING = 16777216
  FLG_HEAP_PAGE_ALLOCS = 33554432
  FLG_DEBUG_WINLOGON = 67108864
  FLG_ENABLE_DBGPRINT_BUFFERING = 134217728
  FLG_EARLY_CRITICAL_SECTION_EVT = 268435456
  FLG_DISABLE_DLL_VERIFICATION = 2147483648
  DbgSafeThunkCall = 1
  DbgInDebugPrint = 2
  DbgHasFiberData = 4
  DbgSkipThreadAttach = 8
  DbgWerInShipAssertCode = 16
  DbgRanProcessInit = 32
  DbgClonedThread = 64
  DbgSuppressDebugMsg = 128
  RtlDisableUserStackWalk = 256
  RtlExceptionAttached = 512
  RtlInitialThread = 1024
  _all = set(['ACTIVATION_CONTEXT_STACK', 'CLIENT_ID', 'CURDIR',...
  __package__ = 'winappdbg.win32'
  _x = 'FLG_IGNORE_DEBUG_PRIV'
Variables Details [hide private]

__revision__

Value:
'$Id: peb_teb.py 1299 2013-12-20 09:30:55Z qvasimodo $'

_all

Value:
set(['ACTIVATION_CONTEXT_STACK',
     'CLIENT_ID',
     'CURDIR',
     'CritSecTracingEnabled',
     'DbgClonedThread',
     'DbgHasFiberData',
     'DbgInDebugPrint',
     'DbgRanProcessInit',
...

   Home       Trees       Indices       Help   
WinAppDbg - Programming Reference
Generated by Epydoc 3.0.1 on Fri Dec 20 17:54:48 2013 http://epydoc.sourceforge.net