1 files changed, 289 insertions, 0 deletions
diff --git a/ntproto.h b/ntproto.h
new file mode 100644
index 0000000..ddb3d76
--- /dev/null
+++ b/ntproto.h
@@ -0,0 +1,289 @@
+/*
+ * Copyright (c) 2004 Security Architects Corporation. All rights reserved.
+ *
+ * Module Name:
+ *
+ *              ntproto.h
+ *
+ * Abstract:
+ *
+ *              This module defines various types defined in WINNT.H and used by hooking routines.
+ *
+ * Author:
+ *
+ *              Eugene Tsyrklevich 04-Mar-2004
+ */
+#ifndef __NTPROTO_H__
+#define __NTPROTO_H__
+typedef struct _SYSTEM_MODULE_INFORMATION {
+  ULONG Reserved[2];
+  PVOID Base;
+  ULONG Size;
+  ULONG Flags;
+  USHORT Index;
+  USHORT Unknown;
+  USHORT LoadCount;
+  USHORT ModuleNameOffset;
+  CHAR ImageName[256];
+} SYSTEM_MODULE_INFORMATION, *PSYSTEM_MODULE_INFORMATION;
+/*
+ * from WINNT.H
+ */
+#ifndef _WINNT_
+typedef unsigned short      WORD;
+typedef unsigned long      DWORD;
+typedef unsigned char      BYTE;
+#define IMAGE_DOS_SIGNATURE     0x5A4D
+typedef struct _IMAGE_DOS_HEADER {      // DOS .EXE header
+    WORD   e_magic;                     // Magic number
+    WORD   e_cblp;                      // Bytes on last page of file
+    WORD   e_cp;                        // Pages in file
+    WORD   e_crlc;                      // Relocations
+    WORD   e_cparhdr;                   // Size of header in paragraphs
+    WORD   e_minalloc;                  // Minimum extra paragraphs needed
+    WORD   e_maxalloc;                  // Maximum extra paragraphs needed
+    WORD   e_ss;                        // Initial (relative) SS value
+    WORD   e_sp;                        // Initial SP value
+    WORD   e_csum;                      // Checksum
+    WORD   e_ip;                        // Initial IP value
+    WORD   e_cs;                        // Initial (relative) CS value
+    WORD   e_lfarlc;                    // File address of relocation table
+    WORD   e_ovno;                      // Overlay number
+    WORD   e_res[4];                    // Reserved words
+    WORD   e_oemid;                     // OEM identifier (for e_oeminfo)
+    WORD   e_oeminfo;                   // OEM information; e_oemid specific
+    WORD   e_res2[10];                  // Reserved words
+    LONG   e_lfanew;                    // File address of new exe header
+} IMAGE_DOS_HEADER, *PIMAGE_DOS_HEADER;
+typedef struct _IMAGE_FILE_HEADER {
+    WORD    Machine;
+    WORD    NumberOfSections;
+    DWORD   TimeDateStamp;
+    DWORD   PointerToSymbolTable;
+    DWORD   NumberOfSymbols;
+    WORD    SizeOfOptionalHeader;
+    WORD    Characteristics;
+} IMAGE_FILE_HEADER, *PIMAGE_FILE_HEADER;
+typedef struct _IMAGE_DATA_DIRECTORY {
+    DWORD   VirtualAddress;
+    DWORD   Size;
+} IMAGE_DATA_DIRECTORY, *PIMAGE_DATA_DIRECTORY;
+#define IMAGE_NUMBEROF_DIRECTORY_ENTRIES    16
+typedef struct _IMAGE_OPTIONAL_HEADER {
+    //
+    // Standard fields.
+    //
+    WORD    Magic;
+    BYTE    MajorLinkerVersion;
+    BYTE    MinorLinkerVersion;
+    DWORD   SizeOfCode;
+    DWORD   SizeOfInitializedData;
+    DWORD   SizeOfUninitializedData;
+    DWORD   AddressOfEntryPoint;
+    DWORD   BaseOfCode;
+    DWORD   BaseOfData;
+    //
+    // NT additional fields.
+    //
+    DWORD   ImageBase;
+    DWORD   SectionAlignment;
+    DWORD   FileAlignment;
+    WORD    MajorOperatingSystemVersion;
+    WORD    MinorOperatingSystemVersion;
+    WORD    MajorImageVersion;
+    WORD    MinorImageVersion;
+    WORD    MajorSubsystemVersion;
+    WORD    MinorSubsystemVersion;
+    DWORD   Win32VersionValue;
+    DWORD   SizeOfImage;
+    DWORD   SizeOfHeaders;
+    DWORD   CheckSum;
+    WORD    Subsystem;
+    WORD    DllCharacteristics;
+    DWORD   SizeOfStackReserve;
+    DWORD   SizeOfStackCommit;
+    DWORD   SizeOfHeapReserve;
+    DWORD   SizeOfHeapCommit;
+    DWORD   LoaderFlags;
+    DWORD   NumberOfRvaAndSizes;
+    IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES];
+} IMAGE_OPTIONAL_HEADER32, *PIMAGE_OPTIONAL_HEADER32;
+// "PE\0\0"
+#define IMAGE_PE_SIGNATURE      0x00004550
+typedef struct _IMAGE_NT_HEADERS {
+    DWORD Signature;
+    IMAGE_FILE_HEADER FileHeader;
+    IMAGE_OPTIONAL_HEADER32 OptionalHeader;
+} IMAGE_NT_HEADERS32, *PIMAGE_NT_HEADERS32;
+#ifdef _WIN64
+#error Win64 not supported
+#else
+typedef IMAGE_NT_HEADERS32                  IMAGE_NT_HEADERS;
+typedef PIMAGE_NT_HEADERS32                 PIMAGE_NT_HEADERS;
+#endif
+typedef struct _IMAGE_EXPORT_DIRECTORY {
+    DWORD   Characteristics;
+    DWORD   TimeDateStamp;
+    WORD    MajorVersion;
+    WORD    MinorVersion;
+    DWORD   Name;
+    DWORD   OrdinalBase;
+    DWORD   NumberOfFunctions;
+    DWORD   NumberOfNames;
+    DWORD   AddressOfFunctions;     // RVA from base of image
+    DWORD   AddressOfNames;         // RVA from base of image
+    DWORD   AddressOfNameOrdinals;  // RVA from base of image
+} IMAGE_EXPORT_DIRECTORY, *PIMAGE_EXPORT_DIRECTORY;
+#define IMAGE_DIRECTORY_ENTRY_EXPORT          0   // Export Directory
+#define IMAGE_DIRECTORY_ENTRY_IMPORT          1   // Import Directory
+#define IMAGE_DIRECTORY_ENTRY_RESOURCE        2   // Resource Directory
+#define IMAGE_DIRECTORY_ENTRY_EXCEPTION       3   // Exception Directory
+#define IMAGE_DIRECTORY_ENTRY_SECURITY        4   // Security Directory
+#define IMAGE_DIRECTORY_ENTRY_BASERELOC       5   // Base Relocation Table
+#define IMAGE_DIRECTORY_ENTRY_DEBUG           6   // Debug Directory
+//      IMAGE_DIRECTORY_ENTRY_COPYRIGHT       7   // (X86 usage)
+#define IMAGE_DIRECTORY_ENTRY_ARCHITECTURE    7   // Architecture Specific Data
+#define IMAGE_DIRECTORY_ENTRY_GLOBALPTR       8   // RVA of GP
+#define IMAGE_DIRECTORY_ENTRY_TLS             9   // TLS Directory
+#define IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG    10   // Load Configuration Directory
+#define IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT   11   // Bound Import Directory in headers
+#define IMAGE_DIRECTORY_ENTRY_IAT            12   // Import Address Table
+#define IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT   13   // Delay Load Import Descriptors
+#define IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR 14   // COM Runtime descriptor
+typedef struct _SID_AND_ATTRIBUTES
+{
+    PSID                                Sid;
+    DWORD                               Attributes;
+} SID_AND_ATTRIBUTES, *PSID_AND_ATTRIBUTES;
+                                                                                // Query Set
+typedef enum _TOKEN_INFORMATION_CLASS
+{
+        TokenUser = 1,                                          // 1 Y N
+        TokenGroups,                                            // 2 Y N
+        TokenPrivileges,                                        // 3 Y N
+        TokenOwner,                                                     // 4 Y Y
+        TokenPrimaryGroup,                                      // 5 Y Y
+        TokenDefaultDacl,                                       // 6 Y Y
+        TokenSource,                                            // 7 Y N
+        TokenType,                                                      // 8 Y N
+        TokenImpersonationLevel,                        // 9 Y N
+        TokenStatistics,                                        // 10 Y N
+        TokenRestrictedSids,                            // 11 Y N
+        TokenSessionId                                          // 12 Y Y
+} TOKEN_INFORMATION_CLASS;
+/* Information Class 1 */
+typedef struct _TOKEN_USER
+{
+        SID_AND_ATTRIBUTES      User;
+} TOKEN_USER, *PTOKEN_USER;
+#define JOB_OBJECT_ASSIGN_PROCESS           (0x0001)
+#define JOB_OBJECT_SET_ATTRIBUTES           (0x0002)
+#define JOB_OBJECT_QUERY                    (0x0004)
+#define JOB_OBJECT_TERMINATE                (0x0008)
+#define JOB_OBJECT_SET_SECURITY_ATTRIBUTES  (0x0010)
+#define JOB_OBJECT_ALL_ACCESS                           (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0x1F)
+#define MUTANT_QUERY_STATE                                      (0x0001)
+#define MUTANT_ALL_ACCESS                                       (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE |  MUTANT_QUERY_STATE)
+#define TIMER_QUERY_STATE                                       (0x0001)
+#define TIMER_MODIFY_STATE                                      (0x0002)
+#define TIMER_ALL_ACCESS                                        (STANDARD_RIGHTS_REQUIRED|SYNCHRONIZE|TIMER_QUERY_STATE|TIMER_MODIFY_STATE)
+#define PROCESS_TERMINATE         (0x0001)  
+#define PROCESS_CREATE_THREAD     (0x0002)  
+#define PROCESS_SET_SESSIONID     (0x0004)  
+#define PROCESS_VM_OPERATION      (0x0008)  
+#define PROCESS_VM_READ           (0x0010)  
+#define PROCESS_VM_WRITE          (0x0020)  
+#define PROCESS_DUP_HANDLE        (0x0040)  
+#define PROCESS_CREATE_PROCESS    (0x0080)  
+#define PROCESS_SET_QUOTA         (0x0100)  
+#define PROCESS_SET_INFORMATION   (0x0200)  
+#define PROCESS_QUERY_INFORMATION (0x0400)  
+#define PROCESS_SUSPEND_RESUME    (0x0800)  
+#define PROCESS_ALL_ACCESS        (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0xFFF)
+#define THREAD_TERMINATE               (0x0001)  
+#define THREAD_SUSPEND_RESUME          (0x0002)  
+#define THREAD_GET_CONTEXT             (0x0008)  
+#define THREAD_SET_CONTEXT             (0x0010)  
+#define THREAD_SET_INFORMATION         (0x0020)  
+#define THREAD_QUERY_INFORMATION       (0x0040)  
+#define THREAD_SET_THREAD_TOKEN        (0x0080)
+#define THREAD_IMPERSONATE             (0x0100)
+#define THREAD_DIRECT_IMPERSONATION    (0x0200)
+#define THREAD_ALL_ACCESS                               (STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0x3FF)
+/*
+ * Token Specific Access Rights.
+ */
+#define TOKEN_ASSIGN_PRIMARY    (0x0001)
+#define TOKEN_DUPLICATE         (0x0002)
+#define TOKEN_IMPERSONATE       (0x0004)
+#define TOKEN_QUERY             (0x0008)
+#define TOKEN_QUERY_SOURCE      (0x0010)
+#define TOKEN_ADJUST_PRIVILEGES (0x0020)
+#define TOKEN_ADJUST_GROUPS     (0x0040)
+#define TOKEN_ADJUST_DEFAULT    (0x0080)
+#define TOKEN_ADJUST_SESSIONID  (0x0100)
+#define CURRENT_THREAD                  ((HANDLE) -2)
+#define CURRENT_PROCESS                 ((HANDLE) -1)
+#endif _WINNT_
+#endif  /* __NTPROTO_H__ */
+\ No newline at end of file

diff --git a/ntproto.h b/ntproto.h new file mode 100644 index 0000000..ddb3d76 --- /dev/null +++ b/ntproto.h
@@ -0,0 +1,289 @@
	1	/*
	2	* Copyright (c) 2004 Security Architects Corporation. All rights reserved.
	3	*
	4	* Module Name:
	5	*
	6	* ntproto.h
	7	*
	8	* Abstract:
	9	*
	10	* This module defines various types defined in WINNT.H and used by hooking routines.
	11	*
	12	* Author:
	13	*
	14	* Eugene Tsyrklevich 04-Mar-2004
	15	*/
	16
	17	#ifndef __NTPROTO_H__
	18	#define __NTPROTO_H__
	19
	20
	21
	22	typedef struct _SYSTEM_MODULE_INFORMATION {
	23	ULONG Reserved[2];
	24	PVOID Base;
	25	ULONG Size;
	26	ULONG Flags;
	27	USHORT Index;
	28	USHORT Unknown;
	29	USHORT LoadCount;
	30	USHORT ModuleNameOffset;
	31	CHAR ImageName[256];
	32	} SYSTEM_MODULE_INFORMATION, *PSYSTEM_MODULE_INFORMATION;
	33
	34
	35
	36	/*
	37	* from WINNT.H
	38	*/
	39
	40	#ifndef _WINNT_
	41
	42	typedef unsigned short WORD;
	43	typedef unsigned long DWORD;
	44	typedef unsigned char BYTE;
	45
	46	#define IMAGE_DOS_SIGNATURE 0x5A4D
	47
	48	typedef struct _IMAGE_DOS_HEADER { // DOS .EXE header
	49	WORD e_magic; // Magic number
	50	WORD e_cblp; // Bytes on last page of file
	51	WORD e_cp; // Pages in file
	52	WORD e_crlc; // Relocations
	53	WORD e_cparhdr; // Size of header in paragraphs
	54	WORD e_minalloc; // Minimum extra paragraphs needed
	55	WORD e_maxalloc; // Maximum extra paragraphs needed
	56	WORD e_ss; // Initial (relative) SS value
	57	WORD e_sp; // Initial SP value
	58	WORD e_csum; // Checksum
	59	WORD e_ip; // Initial IP value
	60	WORD e_cs; // Initial (relative) CS value
	61	WORD e_lfarlc; // File address of relocation table
	62	WORD e_ovno; // Overlay number
	63	WORD e_res[4]; // Reserved words
	64	WORD e_oemid; // OEM identifier (for e_oeminfo)
	65	WORD e_oeminfo; // OEM information; e_oemid specific
	66	WORD e_res2[10]; // Reserved words
	67	LONG e_lfanew; // File address of new exe header
	68	} IMAGE_DOS_HEADER, *PIMAGE_DOS_HEADER;
	69
	70
	71	typedef struct _IMAGE_FILE_HEADER {
	72	WORD Machine;
	73	WORD NumberOfSections;
	74	DWORD TimeDateStamp;
	75	DWORD PointerToSymbolTable;
	76	DWORD NumberOfSymbols;
	77	WORD SizeOfOptionalHeader;
	78	WORD Characteristics;
	79
	80	} IMAGE_FILE_HEADER, *PIMAGE_FILE_HEADER;
	81
	82
	83	typedef struct _IMAGE_DATA_DIRECTORY {
	84	DWORD VirtualAddress;
	85	DWORD Size;
	86
	87	} IMAGE_DATA_DIRECTORY, *PIMAGE_DATA_DIRECTORY;
	88
	89
	90	#define IMAGE_NUMBEROF_DIRECTORY_ENTRIES 16
	91
	92	typedef struct _IMAGE_OPTIONAL_HEADER {
	93	//
	94	// Standard fields.
	95	//
	96
	97	WORD Magic;
	98	BYTE MajorLinkerVersion;
	99	BYTE MinorLinkerVersion;
	100	DWORD SizeOfCode;
	101	DWORD SizeOfInitializedData;
	102	DWORD SizeOfUninitializedData;
	103	DWORD AddressOfEntryPoint;
	104	DWORD BaseOfCode;
	105	DWORD BaseOfData;
	106
	107	//
	108	// NT additional fields.
	109	//
	110
	111	DWORD ImageBase;
	112	DWORD SectionAlignment;
	113	DWORD FileAlignment;
	114	WORD MajorOperatingSystemVersion;
	115	WORD MinorOperatingSystemVersion;
	116	WORD MajorImageVersion;
	117	WORD MinorImageVersion;
	118	WORD MajorSubsystemVersion;
	119	WORD MinorSubsystemVersion;
	120	DWORD Win32VersionValue;
	121	DWORD SizeOfImage;
	122	DWORD SizeOfHeaders;
	123	DWORD CheckSum;
	124	WORD Subsystem;
	125	WORD DllCharacteristics;
	126	DWORD SizeOfStackReserve;
	127	DWORD SizeOfStackCommit;
	128	DWORD SizeOfHeapReserve;
	129	DWORD SizeOfHeapCommit;
	130	DWORD LoaderFlags;
	131	DWORD NumberOfRvaAndSizes;
	132	IMAGE_DATA_DIRECTORY DataDirectory[IMAGE_NUMBEROF_DIRECTORY_ENTRIES];
	133
	134	} IMAGE_OPTIONAL_HEADER32, *PIMAGE_OPTIONAL_HEADER32;
	135
	136
	137	// "PE\0\0"
	138	#define IMAGE_PE_SIGNATURE 0x00004550
	139
	140	typedef struct _IMAGE_NT_HEADERS {
	141	DWORD Signature;
	142	IMAGE_FILE_HEADER FileHeader;
	143	IMAGE_OPTIONAL_HEADER32 OptionalHeader;
	144
	145	} IMAGE_NT_HEADERS32, *PIMAGE_NT_HEADERS32;
	146
	147
	148	#ifdef _WIN64
	149	#error Win64 not supported
	150	#else
	151	typedef IMAGE_NT_HEADERS32 IMAGE_NT_HEADERS;
	152	typedef PIMAGE_NT_HEADERS32 PIMAGE_NT_HEADERS;
	153	#endif
	154
	155	typedef struct _IMAGE_EXPORT_DIRECTORY {
	156	DWORD Characteristics;
	157	DWORD TimeDateStamp;
	158	WORD MajorVersion;
	159	WORD MinorVersion;
	160	DWORD Name;
	161	DWORD OrdinalBase;
	162	DWORD NumberOfFunctions;
	163	DWORD NumberOfNames;
	164	DWORD AddressOfFunctions; // RVA from base of image
	165	DWORD AddressOfNames; // RVA from base of image
	166	DWORD AddressOfNameOrdinals; // RVA from base of image
	167
	168	} IMAGE_EXPORT_DIRECTORY, *PIMAGE_EXPORT_DIRECTORY;
	169
	170
	171	#define IMAGE_DIRECTORY_ENTRY_EXPORT 0 // Export Directory
	172	#define IMAGE_DIRECTORY_ENTRY_IMPORT 1 // Import Directory
	173	#define IMAGE_DIRECTORY_ENTRY_RESOURCE 2 // Resource Directory
	174	#define IMAGE_DIRECTORY_ENTRY_EXCEPTION 3 // Exception Directory
	175	#define IMAGE_DIRECTORY_ENTRY_SECURITY 4 // Security Directory
	176	#define IMAGE_DIRECTORY_ENTRY_BASERELOC 5 // Base Relocation Table
	177	#define IMAGE_DIRECTORY_ENTRY_DEBUG 6 // Debug Directory
	178	// IMAGE_DIRECTORY_ENTRY_COPYRIGHT 7 // (X86 usage)
	179	#define IMAGE_DIRECTORY_ENTRY_ARCHITECTURE 7 // Architecture Specific Data
	180	#define IMAGE_DIRECTORY_ENTRY_GLOBALPTR 8 // RVA of GP
	181	#define IMAGE_DIRECTORY_ENTRY_TLS 9 // TLS Directory
	182	#define IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG 10 // Load Configuration Directory
	183	#define IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT 11 // Bound Import Directory in headers
	184	#define IMAGE_DIRECTORY_ENTRY_IAT 12 // Import Address Table
	185	#define IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT 13 // Delay Load Import Descriptors
	186	#define IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR 14 // COM Runtime descriptor
	187
	188
	189	typedef struct _SID_AND_ATTRIBUTES
	190	{
	191	PSID Sid;
	192	DWORD Attributes;
	193
	194	} SID_AND_ATTRIBUTES, *PSID_AND_ATTRIBUTES;
	195
	196	// Query Set
	197	typedef enum _TOKEN_INFORMATION_CLASS
	198	{
	199	TokenUser = 1, // 1 Y N
	200	TokenGroups, // 2 Y N
	201	TokenPrivileges, // 3 Y N
	202	TokenOwner, // 4 Y Y
	203	TokenPrimaryGroup, // 5 Y Y
	204	TokenDefaultDacl, // 6 Y Y
	205	TokenSource, // 7 Y N
	206	TokenType, // 8 Y N
	207	TokenImpersonationLevel, // 9 Y N
	208	TokenStatistics, // 10 Y N
	209	TokenRestrictedSids, // 11 Y N
	210	TokenSessionId // 12 Y Y
	211
	212	} TOKEN_INFORMATION_CLASS;
	213
	214
	215	/* Information Class 1 */
	216
	217	typedef struct _TOKEN_USER
	218	{
	219	SID_AND_ATTRIBUTES User;
	220
	221	} TOKEN_USER, *PTOKEN_USER;
	222
	223
	224	#define JOB_OBJECT_ASSIGN_PROCESS (0x0001)
	225	#define JOB_OBJECT_SET_ATTRIBUTES (0x0002)
	226	#define JOB_OBJECT_QUERY (0x0004)
	227	#define JOB_OBJECT_TERMINATE (0x0008)
	228	#define JOB_OBJECT_SET_SECURITY_ATTRIBUTES (0x0010)
	229	#define JOB_OBJECT_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED \| SYNCHRONIZE \| 0x1F)
	230
	231	#define MUTANT_QUERY_STATE (0x0001)
	232	#define MUTANT_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED \| SYNCHRONIZE \| MUTANT_QUERY_STATE)
	233
	234
	235	#define TIMER_QUERY_STATE (0x0001)
	236	#define TIMER_MODIFY_STATE (0x0002)
	237	#define TIMER_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED\|SYNCHRONIZE\|TIMER_QUERY_STATE\|TIMER_MODIFY_STATE)
	238
	239
	240	#define PROCESS_TERMINATE (0x0001)
	241	#define PROCESS_CREATE_THREAD (0x0002)
	242	#define PROCESS_SET_SESSIONID (0x0004)
	243	#define PROCESS_VM_OPERATION (0x0008)
	244	#define PROCESS_VM_READ (0x0010)
	245	#define PROCESS_VM_WRITE (0x0020)
	246	#define PROCESS_DUP_HANDLE (0x0040)
	247	#define PROCESS_CREATE_PROCESS (0x0080)
	248	#define PROCESS_SET_QUOTA (0x0100)
	249	#define PROCESS_SET_INFORMATION (0x0200)
	250	#define PROCESS_QUERY_INFORMATION (0x0400)
	251	#define PROCESS_SUSPEND_RESUME (0x0800)
	252	#define PROCESS_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED \| SYNCHRONIZE \| 0xFFF)
	253
	254
	255	#define THREAD_TERMINATE (0x0001)
	256	#define THREAD_SUSPEND_RESUME (0x0002)
	257	#define THREAD_GET_CONTEXT (0x0008)
	258	#define THREAD_SET_CONTEXT (0x0010)
	259	#define THREAD_SET_INFORMATION (0x0020)
	260	#define THREAD_QUERY_INFORMATION (0x0040)
	261	#define THREAD_SET_THREAD_TOKEN (0x0080)
	262	#define THREAD_IMPERSONATE (0x0100)
	263	#define THREAD_DIRECT_IMPERSONATION (0x0200)
	264	#define THREAD_ALL_ACCESS (STANDARD_RIGHTS_REQUIRED \| SYNCHRONIZE \| 0x3FF)
	265
	266
	267	/*
	268	* Token Specific Access Rights.
	269	*/
	270
	271	#define TOKEN_ASSIGN_PRIMARY (0x0001)
	272	#define TOKEN_DUPLICATE (0x0002)
	273	#define TOKEN_IMPERSONATE (0x0004)
	274	#define TOKEN_QUERY (0x0008)
	275	#define TOKEN_QUERY_SOURCE (0x0010)
	276	#define TOKEN_ADJUST_PRIVILEGES (0x0020)
	277	#define TOKEN_ADJUST_GROUPS (0x0040)
	278	#define TOKEN_ADJUST_DEFAULT (0x0080)
	279	#define TOKEN_ADJUST_SESSIONID (0x0100)
	280
	281
	282	#define CURRENT_THREAD ((HANDLE) -2)
	283	#define CURRENT_PROCESS ((HANDLE) -1)
	284
	285
	286	#endif _WINNT_
	287
	288
	289	#endif /* __NTPROTO_H__ */ \ No newline at end of file