-
Notifications
You must be signed in to change notification settings - Fork 444
/
undocAPI.h
96 lines (92 loc) · 4.42 KB
/
undocAPI.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
#pragma once
typedef struct _UNICODE_STRING2 {
USHORT Length;
USHORT MaximumLength;
PWSTR Buffer;
} UNICODE_STRING2;
typedef UNICODE_STRING2 *PUNICODE_STRING2;
typedef const UNICODE_STRING2 *PCUNICODE_STRING2;
const DWORD GT_DEVICE_TO_WORLD = 0x0402;
const DWORD GT_WORLD_TO_DEVICE = 0x0204;
const DWORD GT_WORLD_TO_PAGE = 0x0203;
const DWORD GT_PAGE_TO_DEVICE = 0x0304;
typedef int(__stdcall * TGetTextFA)(HDC, int, LPWSTR);
typedef BOOL (__stdcall *PFNCreateProcessInternalW)
(
HANDLE hToken,
LPCTSTR lpApplicationName,
LPTSTR lpCommandLine,
LPSECURITY_ATTRIBUTES lpProcessAttributes,
LPSECURITY_ATTRIBUTES lpThreadAttributes,
BOOL bInheritHandles,
DWORD dwCreationFlags,
LPVOID lpEnvironment,
LPCTSTR lpCurrentDirectory,
LPSTARTUPINFO lpStartupInfo,
LPPROCESS_INFORMATION lpProcessInformation ,
PHANDLE hNewToken
);
typedef BOOL
(WINAPI *PFNCreateProcessW)(
__in_opt LPCWSTR lpApplicationName,
__inout_opt LPWSTR lpCommandLine,
__in_opt LPSECURITY_ATTRIBUTES lpProcessAttributes,
__in_opt LPSECURITY_ATTRIBUTES lpThreadAttributes,
__in BOOL bInheritHandles,
__in DWORD dwCreationFlags,
__in_opt LPVOID lpEnvironment,
__in_opt LPCWSTR lpCurrentDirectory,
__in LPSTARTUPINFOW lpStartupInfo,
__out LPPROCESS_INFORMATION lpProcessInformation
);
typedef BOOL
(WINAPI *PFNCreateProcessA)(
__in_opt LPCSTR lpApplicationName,
__inout_opt LPSTR lpCommandLine,
__in_opt LPSECURITY_ATTRIBUTES lpProcessAttributes,
__in_opt LPSECURITY_ATTRIBUTES lpThreadAttributes,
__in BOOL bInheritHandles,
__in DWORD dwCreationFlags,
__in_opt LPVOID lpEnvironment,
__in_opt LPCSTR lpCurrentDirectory,
__in LPSTARTUPINFOA lpStartupInfo,
__out LPPROCESS_INFORMATION lpProcessInformation
);
typedef BOOL (WINAPI *PFNIsWow64Process)(HANDLE hProcess, PBOOL Wow64Process );
typedef int (WINAPI * TGdiGetCodePage)(HDC);
typedef BOOL (WINAPI * TGetTransform)(HDC, DWORD, XFORM*);
typedef BOOL (WINAPI * PFNGetFontResourceInfo)(LPCWSTR, DWORD*, VOID*, DWORD);
typedef LONG (WINAPI * PFNLdrLoadDll)(
IN PWCHAR PathToFile OPTIONAL,
IN ULONG Flags OPTIONAL,
IN UNICODE_STRING2* ModuleFileName,
OUT HANDLE* ModuleHandle
);
typedef BOOL(WINAPI * PFNSetProcessMitigationPolicy)(
_In_ PROCESS_MITIGATION_POLICY MitigationPolicy,
_In_ PVOID lpBuffer,
_In_ SIZE_T dwLength);
static TGetTransform GetTransform = (TGetTransform)GetProcAddress(LoadLibrary(_T("gdi32.dll")), "GetTransform");
/***********************************************************************
* GetTransform (GDI32.@)
+ *
+ * Undocumented
+ *
+ * Returns one of the co-ordinate space transforms
+ *
+ * PARAMS
+ * hdc [I] Device context.
+ * which [I] Which xform to return:
+ * 0x203 World -> Page transform (that set by SetWorldTransform).
+ * 0x304 Page -> Device transform (the mapping mode transform).
+ * 0x204 World -> Device transform (the combination of the above two).
+ * 0x402 Device -> World transform (the inversion of the above).
+ * xform [O] The xform.
+ *
************************************************************************/
static TGdiGetCodePage GdiGetCodePage = (TGdiGetCodePage)GetProcAddress(LoadLibrary(_T("gdi32.dll")),"GdiGetCodePage");
static TGetTextFA GetTextFaceAliasW= (TGetTextFA)GetProcAddress(LoadLibrary(_T("gdi32.dll")),"GetTextFaceAliasW");
static PFNCreateProcessInternalW CreateProcessInternalW_KernelBase = (PFNCreateProcessInternalW)GetProcAddress(GetModuleHandle(_T("kernelbase.dll")),"CreateProcessInternalW");
static PFNCreateProcessInternalW CreateProcessInternalW = CreateProcessInternalW_KernelBase ? CreateProcessInternalW_KernelBase:(PFNCreateProcessInternalW)GetProcAddress(GetModuleHandle(_T("kernel32.dll")),"CreateProcessInternalW");
//static PFNIsWow64Process IsWow64Process=(PFNIsWow64Process)GetProcAddress(LoadLibrary(L"Kernel32.dll"), "IsWow64Process");
static PFNGetFontResourceInfo GetFontResourceInfo=(PFNGetFontResourceInfo)GetProcAddress(LoadLibrary(L"gdi32.dll"), "GetFontResourceInfoW");