SYMBOL INDEX (287 symbols across 6 files) FILE: PPLdump/PPLdump.cpp function wmain (line 10) | int wmain(int argc, wchar_t* argv[]) FILE: PPLdump/exploit.cpp function BOOL (line 4) | BOOL StartETWLogger() function WINAPI (line 436) | WINAPI CtrlCHandler function BOOL (line 454) | BOOL CheckRequirements() function BOOL (line 532) | BOOL IsCurrentUserSystem(_Out_ PBOOL pbResult) function BOOL (line 560) | BOOL GetHijackableDllName(_Out_ LPWSTR* ppwszDllName) function BOOL (line 587) | BOOL GetPayloadDll(_Out_ LPVOID * ppBuffer, _Out_ PDWORD pdwSize) function BOOL (line 627) | BOOL FindFileForTransaction(_In_ DWORD dwMinSize, _Out_ LPWSTR* ppwszFil... function BOOL (line 687) | BOOL WritePayloadDllTransacted(_Out_ PHANDLE pdhFile) function BOOL (line 790) | BOOL FindProcessTokenAndDuplicate(_In_ LPCWSTR pwszTargetSid, _Out_ PHAN... function BOOL (line 904) | BOOL Impersonate(_In_ HANDLE hToken) function BOOL (line 918) | BOOL ImpersonateUser(_In_ LPCWSTR pwszSid, _Out_ PHANDLE phToken, _In_op... function BOOL (line 955) | BOOL ImpersonateSystem(_Out_ PHANDLE phSystemToken) function BOOL (line 963) | BOOL ImpersonateLocalService(_Out_ PHANDLE phLocalServiceToken) function BOOL (line 969) | BOOL CheckKnownDllSymbolicLink(_In_ LPCWSTR pwszDllName, _In_ LPWSTR pws... function BOOL (line 1029) | BOOL MapDll(_In_ LPWSTR pwszSectionName, _Out_ PHANDLE phSection) function BOOL (line 1112) | BOOL UnmapDll(_In_ HANDLE hSection) function BOOL (line 1128) | BOOL PrepareCommandLine(_In_ LPWSTR pwszRandomGuid, _Out_ LPWSTR* ppwszC... function BOOL (line 1164) | BOOL CreateProtectedProcessAsUser(_In_ HANDLE hToken, _In_ LPWSTR pwszCo... FILE: PPLdump/ntdll.h type NTSTATUS (line 41) | typedef _Return_type_success_(return >= 0) LONG NTSTATUS; type LONG (line 43) | typedef LONG NTSTATUS; type EVENT_TYPE (line 93) | typedef enum _EVENT_TYPE type STRING (line 104) | typedef struct _STRING type UNICODE_STRING (line 116) | typedef struct _UNICODE_STRING type RTL_BITMAP (line 127) | typedef struct _RTL_BITMAP type RTL_BUFFER (line 137) | typedef struct _RTL_BUFFER type RTL_UNICODE_STRING_BUFFER (line 151) | typedef struct _RTL_UNICODE_STRING_BUFFER type STRING (line 159) | typedef STRING ANSI_STRING; type PSTRING (line 160) | typedef PSTRING PANSI_STRING; type STRING (line 162) | typedef STRING OEM_STRING; type PSTRING (line 163) | typedef PSTRING POEM_STRING; type CONST (line 164) | typedef CONST STRING* PCOEM_STRING; type UNICODE_STRING (line 166) | typedef const UNICODE_STRING *PCUNICODE_STRING; type OBJECT_ATTRIBUTES (line 192) | typedef struct _OBJECT_ATTRIBUTES type IO_STATUS_BLOCK (line 206) | typedef struct _IO_STATUS_BLOCK type CLIENT_ID (line 222) | typedef struct _CLIENT_ID function BOOLEAN (line 257) | BOOLEAN function FORCEINLINE (line 266) | FORCEINLINE function FORCEINLINE (line 275) | FORCEINLINE function FORCEINLINE (line 291) | FORCEINLINE function FORCEINLINE (line 307) | FORCEINLINE type GENERATE_NAME_CONTEXT (line 693) | typedef struct _GENERATE_NAME_CONTEXT type POOL_TYPE (line 749) | typedef enum _POOL_TYPE { type OBJECT_INFORMATION_CLASS (line 773) | typedef enum _OBJECT_INFORMATION_CLASS type OBJECT_BASIC_INFORMATION (line 789) | typedef struct _OBJECT_BASIC_INFORMATION type OBJECT_NAME_INFORMATION (line 808) | typedef struct _OBJECT_NAME_INFORMATION type OBJECT_TYPE_INFORMATION (line 817) | typedef struct _OBJECT_TYPE_INFORMATION type OBJECT_TYPES_INFORMATION (line 842) | typedef struct _OBJECT_TYPES_INFORMATION type OBJECT_HANDLE_FLAG_INFORMATION (line 853) | typedef struct _OBJECT_HANDLE_FLAG_INFORMATION type OBJECT_DIRECTORY_INFORMATION (line 863) | typedef struct _OBJECT_DIRECTORY_INFORMATION type RTL_GENERIC_COMPARE_RESULTS (line 995) | typedef enum _RTL_GENERIC_COMPARE_RESULTS type RTL_SPLAY_LINKS (line 1003) | typedef struct _RTL_SPLAY_LINKS type _RTL_GENERIC_TABLE (line 1011) | struct _RTL_GENERIC_TABLE type RTL_GENERIC_TABLE (line 1036) | typedef struct _RTL_GENERIC_TABLE type RTL_HANDLE_TABLE_ENTRY (line 1050) | typedef struct _RTL_HANDLE_TABLE_ENTRY type RTL_HANDLE_TABLE (line 1057) | typedef struct _RTL_HANDLE_TABLE type KEY_INFORMATION_CLASS (line 1236) | typedef enum _KEY_INFORMATION_CLASS type KEY_VALUE_INFORMATION_CLASS (line 1247) | typedef enum _KEY_VALUE_INFORMATION_CLASS type KEY_SET_INFORMATION_CLASS (line 1256) | typedef enum _KEY_SET_INFORMATION_CLASS type KEY_BASIC_INFORMATION (line 1263) | typedef struct _KEY_BASIC_INFORMATION type KEY_NODE_INFORMATION (line 1271) | typedef struct _KEY_NODE_INFORMATION type KEY_FULL_INFORMATION (line 1281) | typedef struct _KEY_FULL_INFORMATION type KEY_NAME_INFORMATION (line 1296) | typedef struct _KEY_NAME_INFORMATION type KEY_CACHED_INFORMATION (line 1301) | typedef struct _KEY_CACHED_INFORMATION type KEY_FLAGS_INFORMATION (line 1314) | typedef struct _KEY_FLAGS_INFORMATION type KEY_VALUE_BASIC_INFORMATION (line 1319) | typedef struct _KEY_VALUE_BASIC_INFORMATION type KEY_VALUE_FULL_INFORMATION (line 1327) | typedef struct _KEY_VALUE_FULL_INFORMATION type KEY_VALUE_PARTIAL_INFORMATION (line 1337) | typedef struct _KEY_VALUE_PARTIAL_INFORMATION type RTL_QUERY_REGISTRY_TABLE (line 1581) | typedef struct _RTL_QUERY_REGISTRY_TABLE type SYSTEM_INFORMATION_CLASS (line 1607) | typedef enum _SYSTEM_INFORMATION_CLASS type LONG (line 1714) | typedef LONG KPRIORITY; type SYSTEM_BASIC_INFORMATION (line 1719) | typedef struct _SYSTEM_BASIC_INFORMATION type SYSTEM_PROCESSOR_INFORMATION (line 1735) | typedef struct _SYSTEM_PROCESSOR_INFORMATION type SYSTEM_PERFORMANCE_INFORMATION (line 1745) | typedef struct _SYSTEM_PERFORMANCE_INFORMATION type SYSTEM_TIMEOFDAY_INFORMATION (line 1824) | typedef struct _SYSTEM_TIMEOFDAY_INFORMATION type SYSTEM_THREAD_INFORMATION (line 1839) | typedef struct _SYSTEM_THREAD_INFORMATION type SYSTEM_PROCESS_INFORMATION (line 1854) | typedef struct _SYSTEM_PROCESS_INFORMATION type SYSTEM_CALL_COUNT_INFORMATION (line 1903) | typedef struct _SYSTEM_CALL_COUNT_INFORMATION type SYSTEM_DEVICE_INFORMATION (line 1910) | typedef struct _SYSTEM_DEVICE_INFORMATION type SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION (line 1921) | typedef struct _SYSTEM_PROCESSOR_PERFORMANCE_INFORMATION type SYSTEM_FLAGS_INFORMATION (line 1932) | typedef struct _SYSTEM_FLAGS_INFORMATION type SYSTEM_CALL_TIME_INFORMATION (line 1938) | typedef struct _SYSTEM_CALL_TIME_INFORMATION type RTL_PROCESS_MODULE_INFORMATION (line 1946) | typedef struct _RTL_PROCESS_MODULE_INFORMATION type RTL_PROCESS_MODULES (line 1960) | typedef struct _RTL_PROCESS_MODULES type RTL_PROCESS_LOCK_INFORMATION (line 1967) | typedef struct _RTL_PROCESS_LOCK_INFORMATION type RTL_PROCESS_LOCKS (line 1981) | typedef struct _RTL_PROCESS_LOCKS type RTL_PROCESS_BACKTRACE_INFORMATION (line 1988) | typedef struct _RTL_PROCESS_BACKTRACE_INFORMATION type RTL_PROCESS_BACKTRACES (line 1997) | typedef struct _RTL_PROCESS_BACKTRACES type SYSTEM_POOL_ENTRY (line 2007) | typedef struct _SYSTEM_POOL_ENTRY type SYSTEM_POOL_INFORMATION (line 2021) | typedef struct _SYSTEM_POOL_INFORMATION type SYSTEM_HANDLE_TABLE_ENTRY_INFO (line 2033) | typedef struct _SYSTEM_HANDLE_TABLE_ENTRY_INFO type SYSTEM_HANDLE_INFORMATION (line 2044) | typedef struct _SYSTEM_HANDLE_INFORMATION type SYSTEM_OBJECTTYPE_INFORMATION (line 2051) | typedef struct _SYSTEM_OBJECTTYPE_INFORMATION type SYSTEM_OBJECT_INFORMATION (line 2066) | typedef struct _SYSTEM_OBJECT_INFORMATION type SYSTEM_PAGEFILE_INFORMATION (line 2083) | typedef struct _SYSTEM_PAGEFILE_INFORMATION type SYSTEM_VDM_INSTEMUL_INFO (line 2093) | typedef struct _SYSTEM_VDM_INSTEMUL_INFO type SYSTEM_FILECACHE_INFORMATION (line 2134) | typedef struct _SYSTEM_FILECACHE_INFORMATION type SYSTEM_POOLTAG (line 2148) | typedef struct _SYSTEM_POOLTAG type SYSTEM_POOLTAG_INFORMATION (line 2162) | typedef struct _SYSTEM_POOLTAG_INFORMATION type SYSTEM_INTERRUPT_INFORMATION (line 2169) | typedef struct _SYSTEM_INTERRUPT_INFORMATION type SYSTEM_DPC_BEHAVIOR_INFORMATION (line 2180) | typedef struct _SYSTEM_DPC_BEHAVIOR_INFORMATION type SYSTEM_MEMORY_INFO (line 2190) | typedef struct _SYSTEM_MEMORY_INFO type SYSTEM_MEMORY_INFORMATION (line 2199) | typedef struct _SYSTEM_MEMORY_INFORMATION type SYSTEM_GDI_DRIVER_INFORMATION (line 2207) | typedef struct _SYSTEM_GDI_DRIVER_INFORMATION type SYSTEM_QUERY_TIME_ADJUST_INFORMATION (line 2221) | typedef struct _SYSTEM_QUERY_TIME_ADJUST_INFORMATION type SYSTEM_SET_TIME_ADJUST_INFORMATION (line 2228) | typedef struct _SYSTEM_SET_TIME_ADJUST_INFORMATION type SYSTEM_REF_TRACE_INFORMATION (line 2239) | typedef struct _SYSTEM_REF_TRACE_INFORMATION type SYSTEM_EXCEPTION_INFORMATION (line 2250) | typedef struct _SYSTEM_EXCEPTION_INFORMATION type SYSTEM_CRASH_STATE_INFORMATION (line 2259) | typedef struct _SYSTEM_CRASH_STATE_INFORMATION type SYSTEM_KERNEL_DEBUGGER_INFORMATION (line 2265) | typedef struct _SYSTEM_KERNEL_DEBUGGER_INFORMATION type SYSTEM_CONTEXT_SWITCH_INFORMATION (line 2272) | typedef struct _SYSTEM_CONTEXT_SWITCH_INFORMATION type SYSTEM_REGISTRY_QUOTA_INFORMATION (line 2289) | typedef struct _SYSTEM_REGISTRY_QUOTA_INFORMATION type SYSTEM_PLUGPLAY_BUS_INFORMATION (line 2303) | typedef struct _SYSTEM_PLUGPLAY_BUS_INFORMATION type SYSTEM_DOCK_STATE (line 2310) | typedef enum _SYSTEM_DOCK_STATE type INTERFACE_TYPE (line 2317) | typedef enum _INTERFACE_TYPE type SYSTEM_DOCK_INFORMATION (line 2339) | typedef struct _SYSTEM_DOCK_INFORMATION type SYSTEM_POWER_INFORMATION_NATIVE (line 2348) | typedef struct _SYSTEM_POWER_INFORMATION_NATIVE type SYSTEM_LEGACY_DRIVER_INFORMATION (line 2363) | typedef struct _SYSTEM_LEGACY_DRIVER_INFORMATION type SYSTEM_LOOKASIDE_INFORMATION (line 2374) | typedef struct _SYSTEM_LOOKASIDE_INFORMATION type SYSTEM_VERIFIER_INFORMATION (line 2402) | typedef struct _SYSTEM_VERIFIER_INFORMATION type SYSTEM_SESSION_PROCESS_INFORMATION (line 2434) | typedef struct _SYSTEM_SESSION_PROCESS_INFORMATION type SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX (line 2454) | typedef struct _SYSTEM_HANDLE_TABLE_ENTRY_INFO_EX type SYSTEM_HANDLE_INFORMATION_EX (line 2467) | typedef struct _SYSTEM_HANDLE_INFORMATION_EX type SYSTEM_HOTPATCH_CODE_INFORMATION (line 2476) | typedef struct _SYSTEM_HOTPATCH_CODE_INFORMATION type _SYSTEM_FIRMWARE_TABLE_INFORMATION (line 2532) | struct _SYSTEM_FIRMWARE_TABLE_INFORMATION type NTSTATUS (line 2533) | typedef NTSTATUS (__cdecl *PFNFTH)( type SYSTEM_FIRMWARE_TABLE_ACTION (line 2537) | typedef enum _SYSTEM_FIRMWARE_TABLE_ACTION type SYSTEM_FIRMWARE_TABLE_HANDLER (line 2543) | typedef struct _SYSTEM_FIRMWARE_TABLE_HANDLER type SYSTEM_FIRMWARE_TABLE_INFORMATION (line 2554) | typedef struct _SYSTEM_FIRMWARE_TABLE_INFORMATION type SYSTEM_MEMORY_LIST_INFORMATION (line 2566) | typedef struct _SYSTEM_MEMORY_LIST_INFORMATION type SYSTEM_PROCESS_ID_INFORMATION (line 2580) | typedef struct _SYSTEM_PROCESS_ID_INFORMATION type SYSTEM_BOOT_ENVIRONMENT_INFORMATION (line 2589) | typedef struct _SYSTEM_BOOT_ENVIRONMENT_INFORMATION type SHUTDOWN_ACTION (line 2669) | typedef enum _SHUTDOWN_ACTION type FILE_INFORMATION_CLASS (line 2769) | typedef enum _FILE_INFORMATION_CLASS type FILE_DIRECTORY_INFORMATION (line 2865) | typedef struct _FILE_DIRECTORY_INFORMATION { type FILE_FULL_DIR_INFORMATION (line 2880) | typedef struct _FILE_FULL_DIR_INFORMATION { type FILE_BOTH_DIR_INFORMATION (line 2896) | typedef struct _FILE_BOTH_DIR_INFORMATION { type FILE_BASIC_INFORMATION (line 2914) | typedef struct _FILE_BASIC_INFORMATION { type FILE_STANDARD_INFORMATION (line 2923) | typedef struct _FILE_STANDARD_INFORMATION { type FILE_STANDARD_INFORMATION_EX (line 2932) | typedef struct _FILE_STANDARD_INFORMATION_EX { type FILE_INTERNAL_INFORMATION (line 2942) | typedef struct _FILE_INTERNAL_INFORMATION { type FILE_EA_INFORMATION (line 2947) | typedef struct _FILE_EA_INFORMATION { type FILE_ACCESS_INFORMATION (line 2952) | typedef struct _FILE_ACCESS_INFORMATION { type FILE_NAME_INFORMATION (line 2957) | typedef struct _FILE_NAME_INFORMATION { type FILE_RENAME_INFORMATION (line 2963) | typedef struct _FILE_RENAME_INFORMATION { type FILE_RENAME_INFORMATION_EX (line 2974) | typedef struct _FILE_RENAME_INFORMATION_EX { type FILE_NAMES_INFORMATION (line 2981) | typedef struct _FILE_NAMES_INFORMATION { type FILE_DISPOSITION_INFORMATION (line 2989) | typedef struct _FILE_DISPOSITION_INFORMATION { type FILE_POSITION_INFORMATION (line 2994) | typedef struct _FILE_POSITION_INFORMATION { type FILE_FULL_EA_INFORMATION (line 2999) | typedef struct _FILE_FULL_EA_INFORMATION { type FILE_MODE_INFORMATION (line 3008) | typedef struct _FILE_MODE_INFORMATION { type FILE_ALIGNMENT_INFORMATION (line 3013) | typedef struct _FILE_ALIGNMENT_INFORMATION { type FILE_ALL_INFORMATION (line 3018) | typedef struct _FILE_ALL_INFORMATION { type FILE_ALLOCATION_INFORMATION (line 3031) | typedef struct _FILE_ALLOCATION_INFORMATION { type FILE_END_OF_FILE_INFORMATION (line 3036) | typedef struct _FILE_END_OF_FILE_INFORMATION { type FILE_STREAM_INFORMATION (line 3041) | typedef struct _FILE_STREAM_INFORMATION { type FILE_PIPE_INFORMATION (line 3049) | typedef struct _FILE_PIPE_INFORMATION { type FILE_PIPE_LOCAL_INFORMATION (line 3055) | typedef struct _FILE_PIPE_LOCAL_INFORMATION { type FILE_PIPE_REMOTE_INFORMATION (line 3069) | typedef struct _FILE_PIPE_REMOTE_INFORMATION { type FILE_MAILSLOT_QUERY_INFORMATION (line 3075) | typedef struct _FILE_MAILSLOT_QUERY_INFORMATION { type FILE_MAILSLOT_SET_INFORMATION (line 3084) | typedef struct _FILE_MAILSLOT_SET_INFORMATION { type FILE_COMPRESSION_INFORMATION (line 3089) | typedef struct _FILE_COMPRESSION_INFORMATION { type FILE_LINK_INFORMATION (line 3099) | typedef struct _FILE_LINK_INFORMATION { type FILE_LINK_INFORMATION_EX (line 3115) | typedef struct _FILE_LINK_INFORMATION_EX { type FILE_OBJECTID_INFORMATION (line 3123) | typedef struct _FILE_OBJECTID_INFORMATION type FILE_COMPLETION_INFORMATION (line 3138) | typedef struct _FILE_COMPLETION_INFORMATION { type FILE_MOVE_CLUSTER_INFORMATION (line 3144) | typedef struct _FILE_MOVE_CLUSTER_INFORMATION { type FILE_NETWORK_OPEN_INFORMATION (line 3152) | typedef struct _FILE_NETWORK_OPEN_INFORMATION { type FILE_ATTRIBUTE_TAG_INFORMATION (line 3163) | typedef struct _FILE_ATTRIBUTE_TAG_INFORMATION { type FILE_TRACKING_INFORMATION (line 3169) | typedef struct _FILE_TRACKING_INFORMATION { type FILE_REPARSE_POINT_INFORMATION (line 3176) | typedef struct _FILE_REPARSE_POINT_INFORMATION { type FILE_QUOTA_INFORMATION (line 3182) | typedef struct _FILE_QUOTA_INFORMATION { type FILE_ID_BOTH_DIR_INFORMATION (line 3193) | typedef struct _FILE_ID_BOTH_DIR_INFORMATION { type FILE_ID_FULL_DIR_INFORMATION (line 3212) | typedef struct _FILE_ID_FULL_DIR_INFORMATION { type FILE_VALID_DATA_LENGTH_INFORMATION (line 3229) | typedef struct _FILE_VALID_DATA_LENGTH_INFORMATION { type FILE_IO_COMPLETION_NOTIFICATION_INFORMATION (line 3249) | typedef struct _FILE_IO_COMPLETION_NOTIFICATION_INFORMATION { type FILE_PROCESS_IDS_USING_FILE_INFORMATION (line 3254) | typedef struct _FILE_PROCESS_IDS_USING_FILE_INFORMATION { type FILE_IOSTATUSBLOCK_RANGE_INFORMATION (line 3260) | typedef struct _FILE_IOSTATUSBLOCK_RANGE_INFORMATION { type IO_PRIORITY_HINT (line 3266) | typedef enum _IO_PRIORITY_HINT { type FILE_IO_PRIORITY_HINT_INFORMATION (line 3276) | typedef struct _FILE_IO_PRIORITY_HINT_INFORMATION { type FILE_SFIO_RESERVE_INFORMATION (line 3285) | typedef struct _FILE_SFIO_RESERVE_INFORMATION { type FILE_SFIO_VOLUME_INFORMATION (line 3298) | typedef struct _FILE_SFIO_VOLUME_INFORMATION { type FILE_LINK_ENTRY_INFORMATION (line 3305) | typedef struct _FILE_LINK_ENTRY_INFORMATION { type FILE_LINKS_INFORMATION (line 3313) | typedef struct _FILE_LINKS_INFORMATION type FILE_ID_128 (line 3321) | typedef struct _FILE_ID_128 type FILE_LINK_ENTRY_FULL_ID_INFORMATION (line 3327) | typedef struct _FILE_LINK_ENTRY_FULL_ID_INFORMATION type FILE_ID_GLOBAL_TX_DIR_INFORMATION (line 3335) | typedef struct _FILE_ID_GLOBAL_TX_DIR_INFORMATION type FILE_IS_REMOTE_DEVICE_INFORMATION (line 3354) | typedef struct _FILE_IS_REMOTE_DEVICE_INFORMATION type FILE_NUMA_NODE_INFORMATION (line 3359) | typedef struct _FILE_NUMA_NODE_INFORMATION { type FILE_STANDARD_LINK_INFORMATION (line 3363) | typedef struct _FILE_STANDARD_LINK_INFORMATION type FILE_VOLUME_NAME_INFORMATION (line 3371) | typedef struct _FILE_VOLUME_NAME_INFORMATION type FILE_ID_INFORMATION (line 3377) | typedef struct _FILE_ID_INFORMATION type FILE_ID_EXTD_DIR_INFORMATION (line 3383) | typedef struct _FILE_ID_EXTD_DIR_INFORMATION type FILE_ID_EXTD_BOTH_DIR_INFORMATION (line 3401) | typedef struct _FILE_ID_EXTD_BOTH_DIR_INFORMATION type FILE_DISPOSITION_INFORMATION_EX (line 3427) | typedef struct _FILE_DISPOSITION_INFORMATION_EX type FILE_STORAGE_TIER_CLASS (line 3433) | typedef enum _FILE_STORAGE_TIER_CLASS { type FILE_DESIRED_STORAGE_CLASS_INFORMATION (line 3442) | typedef struct _FILE_DESIRED_STORAGE_CLASS_INFORMATION type FILE_STAT_INFORMATION (line 3450) | typedef struct _FILE_STAT_INFORMATION type FILE_MEMORY_PARTITION_INFORMATION (line 3465) | typedef struct _FILE_MEMORY_PARTITION_INFORMATION type FILE_STAT_LX_INFORMATION (line 3478) | typedef struct _FILE_STAT_LX_INFORMATION { type FILE_CASE_SENSITIVE_INFORMATION (line 3500) | typedef struct _FILE_CASE_SENSITIVE_INFORMATION type FS_INFORMATION_CLASS (line 3505) | typedef enum _FSINFOCLASS { type FILE_FS_VOLUME_INFORMATION (line 3522) | typedef struct _FILE_FS_VOLUME_INFORMATION { type FILE_FS_LABEL_INFORMATION (line 3531) | typedef struct _FILE_FS_LABEL_INFORMATION { type FILE_FS_SIZE_INFORMATION (line 3537) | typedef struct _FILE_FS_SIZE_INFORMATION { type FILE_FS_DEVICE_INFORMATION (line 3545) | typedef struct _FILE_FS_DEVICE_INFORMATION { type FILE_FS_ATTRIBUTE_INFORMATION (line 3551) | typedef struct _FILE_FS_ATTRIBUTE_INFORMATION { type FILE_FS_CONTROL_INFORMATION (line 3559) | typedef struct _FILE_FS_CONTROL_INFORMATION { type FILE_FS_FULL_SIZE_INFORMATION (line 3569) | typedef struct _FILE_FS_FULL_SIZE_INFORMATION { type FILE_FS_OBJECTID_INFORMATION (line 3578) | typedef struct _FILE_FS_OBJECTID_INFORMATION { type FILE_FS_DRIVER_PATH_INFORMATION (line 3584) | typedef struct _FILE_FS_DRIVER_PATH_INFORMATION { type FILE_FS_VOLUME_FLAGS_INFORMATION (line 3591) | typedef struct _FILE_FS_VOLUME_FLAGS_INFORMATION { type FILE_FS_SECTOR_SIZE_INFORMATION (line 3595) | typedef struct _FILE_FS_SECTOR_SIZE_INFORMATION { type RTL_PATH_TYPE (line 4098) | typedef enum _RTL_PATH_TYPE type CURDIR (line 4111) | typedef struct _CURDIR type PROCESSINFOCLASS (line 4230) | typedef enum _PROCESSINFOCLASS { type THREADINFOCLASS (line 4289) | typedef enum _THREADINFOCLASS { type RTL_DRIVE_LETTER_CURDIR (line 4312) | typedef struct _RTL_DRIVE_LETTER_CURDIR type SECTION_IMAGE_INFORMATION (line 4322) | typedef struct _SECTION_IMAGE_INFORMATION type RTL_USER_PROCESS_INFORMATION (line 4348) | typedef struct _RTL_USER_PROCESS_INFORMATION type RTL_USER_PROCESS_PARAMETERS (line 4359) | typedef struct _RTL_USER_PROCESS_PARAMETERS type PEB_FREE_BLOCK (line 4405) | typedef struct _PEB_FREE_BLOCK type PEB_LDR_DATA (line 4413) | typedef struct _PEB_LDR_DATA type LDR_DATA_TABLE_ENTRY (line 4458) | typedef struct _LDR_DATA_TABLE_ENTRY type PEB (line 4491) | typedef struct _PEB type TEB (line 4620) | typedef struct _TEB type PROCESS_BASIC_INFORMATION (line 4638) | typedef struct _PROCESS_BASIC_INFORMATION type BOOLEAN (line 4649) | typedef BOOLEAN (*PDLL_INIT_ROUTINE)( type VOID (line 4659) | typedef VOID (*PPS_APC_ROUTINE) ( type PORT_MESSAGE (line 4997) | typedef struct _PORT_MESSAGE type PORT_VIEW (line 5039) | typedef struct _PORT_VIEW { type REMOTE_PORT_VIEW (line 5058) | typedef struct _REMOTE_PORT_VIEW { type RTL_HEAP_PARAMETERS (line 5512) | typedef struct RTL_HEAP_PARAMETERS { type MEMORY_INFORMATION_CLASS (line 5649) | typedef enum _MEMORY_INFORMATION_CLASS type MEMORY_WORKING_SET_ENTRY (line 5658) | typedef struct _MEMORY_WORKING_SET_ENTRY type SECTION_INHERIT (line 5821) | typedef enum _SECTION_INHERIT type SECTION_INFORMATION_CLASS (line 5829) | typedef enum _SECTION_INFORMATION_CLASS type WAIT_TYPE (line 6036) | typedef enum _WAIT_TYPE { type EVENT_INFORMATION_CLASS (line 6085) | typedef enum _EVENT_INFORMATION_CLASS { type EVENT_BASIC_INFORMATION (line 6089) | typedef struct _EVENT_BASIC_INFORMATION { type TOKEN_SECURITY_ATTRIBUTE_FQBN_VALUE (line 6617) | typedef struct _TOKEN_SECURITY_ATTRIBUTE_FQBN_VALUE type TOKEN_SECURITY_ATTRIBUTE_OCTET_STRING_VALUE (line 6624) | typedef struct _TOKEN_SECURITY_ATTRIBUTE_OCTET_STRING_VALUE type TOKEN_SECURITY_ATTRIBUTE_V1 (line 6631) | typedef struct _TOKEN_SECURITY_ATTRIBUTE_V1 type TOKEN_SECURITY_ATTRIBUTES_INFORMATION (line 6650) | typedef struct _TOKEN_SECURITY_ATTRIBUTES_INFORMATION type HARDERROR_RESPONSE_OPTION (line 6873) | typedef enum _HARDERROR_RESPONSE_OPTION type HARDERROR_RESPONSE (line 6885) | typedef enum _HARDERROR_RESPONSE FILE: PPLdump/utils.cpp function BOOL (line 3) | BOOL ParseArguments(int argc, wchar_t* argv[]) function VOID (line 44) | VOID PrintArguments() function VOID (line 49) | VOID PrintUsage() function VOID (line 87) | VOID PrintLastError(LPCWSTR pwszFunctionName) function VOID (line 93) | VOID PrintVerbose(LPCWSTR pwszFormat, ...) function VOID (line 132) | VOID PrintDebug(LPCWSTR pwszFormat, ...) function BOOL (line 168) | BOOL ProcessGetProtectionLevel(DWORD dwProcessId, PDWORD pdwProtectionLe... function BOOL (line 197) | BOOL ProcessGetProtectionLevelAsString(DWORD dwProcessId, LPWSTR* ppwszP... function BOOL (line 253) | BOOL ProcessGetIntegrityLevel(DWORD dwProcessId, PDWORD pdwIntegrityLevel) function BOOL (line 295) | BOOL ProcessGetPIDFromName(LPWSTR pwszProcessName, PDWORD pdwProcessId) function HANDLE (line 364) | HANDLE ObjectManagerCreateDirectory(LPCWSTR dirname) function HANDLE (line 385) | HANDLE ObjectManagerCreateSymlink(LPCWSTR linkname, LPCWSTR targetname) function BOOL (line 408) | BOOL TokenGetSid(HANDLE hToken, PSID* ppSid) function BOOL (line 452) | BOOL TokenGetSidAsString(HANDLE hToken, LPWSTR* ppwszStringSid) function BOOL (line 469) | BOOL TokenCompareSids(PSID pSidA, PSID pSidB) function BOOL (line 487) | BOOL TokenGetUsername(HANDLE hToken, LPWSTR* ppwszUsername) function BOOL (line 521) | BOOL TokenCheckPrivilege(HANDLE hToken, LPCWSTR pwszPrivilege, BOOL bEna... function BOOL (line 605) | BOOL TokenIsNotRestricted(HANDLE hToken, PBOOL pbIsNotRestricted) function BOOL (line 642) | BOOL MiscSystemArchIsAmd64() function BOOL (line 649) | BOOL MiscGenerateGuidString(LPWSTR* ppwszGuid) FILE: PPLdumpDll/PPLdumpDll.cpp function BOOL (line 38) | BOOL APIENTRY DllMain(HMODULE hModule, DWORD ul_reason_for_call, LPVOID ... function LogonUserExExW (line 70) | void APIENTRY LogonUserExExW() { } function BriCreateBrokeredEvent (line 75) | void APIENTRY BriCreateBrokeredEvent() { } function BriDeleteBrokeredEvent (line 76) | void APIENTRY BriDeleteBrokeredEvent() { } function EaCreateAggregatedEvent (line 77) | void APIENTRY EaCreateAggregatedEvent() { } function EACreateAggregateEvent (line 78) | void APIENTRY EACreateAggregateEvent() { } function EaQueryAggregatedEventParameters (line 79) | void APIENTRY EaQueryAggregatedEventParameters() { } function EAQueryAggregateEventData (line 80) | void APIENTRY EAQueryAggregateEventData() { } function EaFreeAggregatedEventParameters (line 81) | void APIENTRY EaFreeAggregatedEventParameters() { } function EaDeleteAggregatedEvent (line 82) | void APIENTRY EaDeleteAggregatedEvent() { } function EADeleteAggregateEvent (line 83) | void APIENTRY EADeleteAggregateEvent() { } FILE: PPLdumpDll/dllexploit.cpp function DoStuff (line 7) | void DoStuff() function LogToConsole (line 117) | void LogToConsole(LPCWSTR pwszFormat, ...) function LogLastError (line 173) | void LogLastError(LPCWSTR pwszFunctionName) function BOOL (line 180) | BOOL GetCurrentDllFileName(LPWSTR* ppwszDllName) function BOOL (line 200) | BOOL DeleteKnownDllEntry(LPCWSTR pwszDllName) function BOOL (line 335) | BOOL ParseCommandLine() function RunWatcherThread (line 368) | void RunWatcherThread() { function HookedEntryPoint (line 399) | int WINAPI HookedEntryPoint(VOID) { function BOOL (line 435) | BOOL StartTracing() { function StopTracing (line 447) | void StopTracing() {