《Undocumented Windows 2000 Secrets》翻译 --- 附录B（表B-1）

附录  B

内核API函数（Kernel API Functions）

 

附录B包含在第二章讨论的系统模块：win32k.sys、ntdll.dll和ntoskrnl.exe导出的函数列表。N/A表示不支持（Not Available）。

 

表B-1.    Windows 2000 Native API

	函数名称	INT 2eh	Ntdll.Nt*	Ntdll.Zw*	Ntoskrnl.Nt*	Ntoskrnl.Zw*
1	NtAcceptConnectPort	0x0000			N/A	N/A
2	NtAccessCheck	0x0001			N/A	N/A
3	NtAccessCheckAndAuditAlarm	0x0002			N/A
4	NtAccessCheckByType	0x0003			N/A	N/A
5	NtAccessCheckByTypeAndAuditAlarm	0x0004			N/A	N/A
6	NtAccessCheckByTypeResultList	0x0005			N/A	N/A
7	NtAccessCheckByTypeResultListAndAuditAlarm	0x0006			N/A	N/A
8	NtAccessCheckByTypeResultListAndAuditAlarmByHandle	0x0007			N/A	N/A
9	NtAddAtom	0x0008				N/A
10	NtAdjustGroupsToken	0x0009			N/A	N/A
11	NtAdjustPrivilegesToken	0x000A
12	NtAlertResumeThread	0x000B			N/A	N/A
13	NtAlertThread	0x000C			N/A
14	NtAllocateLocallyUniqueld	0x000D				N/A
15	NtAllocateUserPhysicalPages	0x000E			N/A	N/A
16	NtAllocateUuids	0x000F				N/A
17	NtAllocateVirtualMemory	0x0010
18	NtAreMappedFilesTheSame	0x0011			N/A	N/A
19	NtAssignProcessToJobObject	0x0012			N/A	N/A
20	NtBuildNumber	N/A	N/A	N/A		N/A
21	NtCallbackReturn	0x0013			N/A	N/A
22	NtCancelDeviceWakeupRequest	0x0016			N/A	N/A
23	NtCancelloFile	0x0014			N/A
24	NtCancelTimer	0x0015			N/A
25	NtClearEvent	0x0017			N/A
26	NtClose	0x0018
27	NtCloseObjectAuditAlarm	0x0019			N/A
28	NtCompleteConnectPort	0x001A			N/A	N/A
29	NtConnectPort	0x001B
30	NtContinue	0x001C			N/A	N/A
31	NtCreateChannel	0x00F1			N/A	N/A
32	NtCreateDirectoryObject	0x001D			N/A
33	NtCreateEvent	0x001E
34	NtCreateEventPair	0x001F			N/A	N/A
35	NtCreateFile	0x0020
36	NtCreateloCompletion	0x0021			N/A	N/A
37	NtCreateJobObject	0x0022			N/A	N/A
38	NtCreateKey	0x0023			N/A
39	NtCreateMailslotFile	0x0024			N/A	N/A
40	NtCreateMutant	0x0025			N/A	N/A
41	NtCreateNamedPipeFile	0x0026			N/A	N/A
42	NtCreatePagingFile	0x0027			N/A	N/A
43	NtCreatePort	0x0028			N/A	N/A
44	NtCreateProcess	0x0029			N/A	N/A
45	NtCreateProfile	0x002A			N/A	N/A
46	NtCreateSection	0x002B
47	NtCreateSemaphore	0x002C			N/A	N/A
48	NtCreateSymbolicLinkObject	0x002D			N/A
49	NtCreateThread	0x002E			N/A	N/A
50	NtCreateTimer	0x002F			N/A
51	NtCreateToken	0x0030			N/A	N/A
52	NtCreateWaitablePort	0x0031			N/A	N/A
53	NtCurrentTeb	N/A		N/A	N/A	N/A
54	NtDelayExecution	0x0032			N/A	N/A
55	NtDeleteAtom	0x0033				N/A
56	NtDeleteFile	0x0034
57	NtDeleteKey	0x0035			N/A
58	NtDeleteObjectAuditAlarm	0x0036			N/A	N/A
59	NtDeleteValueKey	0x0037			N/A
60	NtDeviceloControlFile	0x0038
61	NtDisplayString	0x0039			N/A
62	NtDuplicateObject	0x003A
63	NtDuplicateToken	0x003B
64	NtEnumerateKey	0x003C			N/A
65	NtEnumerateValueKey	0x003D			N/A
66	NtExtendSection	0x003E			N/A	N/A
67	NtFilterToken	0x003F			N/A	N/A
68	NtFindAtom	0x0040				N/A
69	NtFlushBuffersFile	0x0041			N/A	N/A
70	NtFlushlnstructionCache	0x0042			N/A
71	NtFlushKey	0x0043			N/A
72	NtFlushVirtualMemory	0x0044			N/A
73	NtFlushWriteBuffer	0x0045			N/A	N/A
74	NtFreeUserPhysicalPages	0x0046			N/A	N/A
75	NtFreeVirtualMemory	0x0047
76	NtFsControlFile	0x0048
77	NtGetContextThread	0x0049			N/A	N/A
78	NtGetDevicePowerState	0x004A			N/A	N/A
79	NtGetPlugPlayEvent	0x004B			N/A	N/A
80	NtGetTickCount	0x004C			N/A	N/A
81	NtGetWriteWatch	0x004D			N/A	N/A
82	NtGlobalFlag	N/A	N/A	N/A		N/A
83	NtlmpersonateAnonymousToken	0x004E			N/A	N/A
84	NtlmpersonateClientOfPort	0x004F			N/A	N/A
85	NtlmpersonateThread	0x0050			N/A	N/A
86	NtlnitializeRegistry	0x0051			N/A	N/A
87	NtlnitiatePowerAction	0x0052			N/A
88	NtlsSystemResumeAutomatic	0x0053			N/A	N/A
89	NtListenChannel	0x00F2			N/A	N/A
90	NtListenPort	0x0054			N/A	N/A
91	NtLoadDriver	0x0055			N/A
92	NtLoadKey	0x0056			N/A
93	NtLoadKey2	0x0057			N/A	N/A
94	NtLockFile	0x0058				N/A
95	NtLockVirtualMemory	0x0059			N/A	N/A
96	NtMakeTemporaryObject	0x005A			N/A
97	NtMapUserPhysicalPages	0x005B			N/A	N/A
98	NtMapUserPhysicalPagesScatter	0x005C			N/A	N/A
99	NtMapViewOf Section	0x005D
100	NtNotifyChangeDirectoryFile	0x005E				N/A
101	NtNotifyChangeKey	0x005F			N/A
102	NtNotifyChangeMultipleKeys	0x0060			N/A	N/A
103	NtOpenChannel	0x00F3			N/A	N/A
104	NtOpenDirectoryObject	0x0061			N/A
105	NtOpenEvent	0x0062			N/A
106	NtOpenEventPair	0x0063			N/A	N/A
107	NtOpenFile	0x0064
108	NtOpenloCompletion	0x0065			N/A	N/A
109	NtOpenJobObject	0x0066			N/A	N/A
110	NtOpenKey	0x0067			N/A
111	NtOpenMutant	0x0068			N/A	N/A
112	NtOpenObjectAuditAlarm	0x0069			N/A	N/A
113	NtOpenProcess	0x006A
114	NtOpenProcessToken	0x006B
115	NtOpenSection	0x006C			N/A
116	NtOpenSemaphore	0x006D			N/A	N/A
117	NtOpenSymbolicLinkObject	0x006E			N/A
118	NtOpenThread	0x006F			N/A
119	NtOpenThreadToken	0x0070			N/A
120	NtOpenTimer	0x0071			N/A
121	NtPlugPlayControl	0x0072			N/A	N/A
122	NtPowerlnformation	0x0073			N/A
123	NtPrivilegeCheck	0x0074			N/A	N/A
124	NtPrivilegedServiceAuditAlarm	0x0075			N/A	N/A
125	NtPrivilegeObjectAuditAlarm	0x0076			N/A	N/A
126	NtProtectVirtualMemory	0x0077			N/A	N/A
127	NtPulseEvent	0x0078			N/A
128	NtQueryAttributesFile	0x007A			N/A	N/A
129	NtQueryDefaultLocale	0x007B			N/A
130	NtQueryDefaultUILanguage	0x007C			N/A
131	NtQueryDirectoryFile	0x007D
132	NtQueryDirectoryObject	0x007E			N/A
133	NtQueryEaFile	0x007F
134	NtQueryEvent	0x0080			N/A	N/A
135	NtQueryFullAttributesFile	0x0081			N/A	N/A
136	NtQuerylnformationAtom	0x0079				N/A
137	NtQuerylnformationFile	0x0082
138	NtQuerylnformationJobObject	0x0083			N/A	N/A
139	NtQuerylnformationPort	0x0085			N/A	N/A
140	NtQuerylnformationProcess	0x0086
141	NtQuerylnformationThread	0x0087			N/A	N/A
142	NtQuerylnformationToken	0x0088
143	NtQuerylnstallUILanguage	0x0089			N/A
144	NtQuerylntervalProfile	0x008A			N/A	N/A
145	NtQueryIoCompletion	0x0084			N/A	N/A
146	NtQueryKey	0x008B			N/A
147	NtQueryMultipleValueKey	0x008C			N/A	N/A
148	NtQueryMutant	0x008D			N/A	N/A
149	NtQueryObject	0x008E			N/A
150	NtQueryOpenSubKeys	0x008F			N/A	N/A
151	NtQueryPerformanceCounter	0x0090			N/A	N/A
152	NtQueryQuotalnformationFile	0x0091				N/A
153	NtQuerySection	0x0092			N/A
154	NtQuerySecurityObject	0x0093
156	NtQuerySemaphore	0x0094			N/A	N/A
157	NtQuerySymbolicLinkObject	0x0095			N/A
158	NtQuerySystemEnvironment Value	0x0096			N/A	N/A
159	NtQuerySystemlnformation	0x0097
160	NtQuerySystemTime	0x0098			N/A	N/A
161	NtQuery Timer	0x0099			N/A	N/A
162	NtQueryTimerResolution	0x009A			N/A	N/A
163	NtQueryValueKey	0x009B			N/A
164	NtQuery VirtualMemory	0x009C			N/A	N/A
165	NtQuery VolumelnformationFile	0x009D
166	NtQueueApcThread	0x009E			N/A	N/A
167	NtRaiseException	0x009F			N/A	N/A
168	NtRaiseHardError	0x00A0			N/A	N/A
169	NtReadFile	0x00Al
170	NtReadFileScatter	0x00A2			N/A	N/A
171	NtReadRequestData	0x00A3			N/A	N/A
172	NtReadVirtualMemory	0x00A4			N/A	N/A
173	NtRegisterThreadTerminatePort	0x00A5			N/A	N/A
174	NtReleaseMutant	0x00A6			N/A	N/A
175	NtReleaseSemaphore	0x00A7			N/A	N/A
176	NtRemoveloCompletion	0x00A8			N/A	N/A
177	NtReplaceKey	0x00A9			N/A
178	NtReplyPort	0x00AA			N/A	N/A
179	NtReplyWaitReceivePort	0x00AB			N/A	N/A
180	NtReplyWaitReceivePortEx	0x00AC			N/A	N/A
181	NtReplyWaitReplyPort	0x00AD			N/A	N/A
182	NtReplyWaitSendChannel	0x00F4			N/A	N/A
183	NtRequestDeviceWakeup	0x00AE			N/A	N/A
184	NtRequestPort	0x00AF				N/A
185	NtRequestWaitReplyPort	0x00B0
186	NtRequestWakeupLatency	0x00Bl			N/A	N/A
187	NtResetEvent	0x00B2			N/A
188	NtResetWriteWatch	0x00B3			N/A	N/A
189	NtRestoreKey	0x00B4			N/A
190	NtResumeThread	0x00B5			N/A	N/A
191	NtSaveKey	0x00B6			N/A
192	NtSaveMergedKeys	0x00B7			N/A	N/A
193	NtSecureConnectPort	0x00B8			N/A	N/A
194	NtSendWaitReplyChannel	0x00F5			N/A	N/A
195	NtSetContextChannel	0x00F6			N/A	N/A
196	NtSetContextThread	0x00BA			N/A	N/A
197	NtSetDefaultHardErrorPort	0x00BB			N/A	N/A
198	NtSetDefaultLocale	0x00BC			N/A
199	NtSetDefaultUILanguage	0x00BD			N/A
200	NtSetEaFile	0x00BE
201	NtSetEvent	0x00BF
202	NtSetHighEventPair	0x00C0			N/A	N/A
203	NtSetHighWaitLowEventPair	0x00Cl			N/A	N/A
204	NtSetlnformationFile	0x00C2
205	NtSetlnformationJobObject	0x00C3			N/A	N/A
206	NtSetlnformationKey	0x00C4			N/A	N/A
207	NtSetlnformationObject	0x00C5			N/A
208	NtSetlnformationProcess	0x00C6
209	NtSetlnformationThread	0x00c7
210	NtSetlnformationToken	0x00C8			N/A	N/A
211	NtSetlntervalProfile	0x00C9			N/A	N/A
212	NtSetloCompletion	0x00B9			N/A	N/A
213	NtSetLdtEntries	0x00CA			N/A	N/A
214	NtSetLowEventPair	0x00CB			N/A	N/A
215	NtSetLowWaitHighEventPair	0x00CC			N/A	N/A
216	NtSetQuotalnformationFile	0x00CD				N/A
217	NtSetSecurityObject	0x00CE
218	NtSetSystemEnvironment Value	0x00CF			N/A	N/A
219	NtSetSystemlnformation	0x00D0			N/A
220	NtSetSystemPowerState	0x00Dl			N/A	N/A
221	NtSetSystemTime	0x00D2			N/A
222	NtSetThreadExecutionState	0x00D3			N/A	N/A
223	NtSetTimer	0x00D4			N/A
224	NtSetTimerResolution	0x00D5			N/A	N/A
225	NtSetUuidSeed	0x00D6			N/A	N/A
226	NtSetValueKey	0x00D7			N/A
227	NtSetVolumelnformationFile	0x00D8
228	NtShutdownSystem	0x00D9			N/A	N/A
229	NtSignalAndWaitForSingleObject	0x00DA			N/A	N/A
230	NtStartProfile	0x00DB			N/A	N/A
231	NtStopProfile	0x00DC			N/A	N/A
232	NtSuspendThread	0x00DD			N/A	N/A
233	NtSystemDebugControl	0x00DE			N/A	N/A
234	NtTerminateJobObject	0x00DF			N/A	N/A
235	NtTerminateProcess	0x00E0			N/A
236	NtTerminateThread	0x00El			N/A	N/A
237	NtTestAlert	0x00E2			N/A	N/A
238	NtUnloadDriver	0x00E3			N/A
239	NtUnloadKey	0x00E4			N/A
240	NtUnlockFile	0x00E5				N/A
241	NtUnlockVirtualMemory	0x00E6			N/A	N/A
242	NtUnmapViewOfSection	0x00E7			N/A
243	NtVdmControl	0x00E8				N/A
244	NtWaitForMultipleObjects	0x00E9			N/A
245	NtWaitForSingleObject	0x00EA
246	NtWaitHighEventPair	0x00EB			N/A	N/A
247	NtWaitLowEventPair	0x00EC			N/A	N/A
248	NtWriteFile	0x00ED
249	NtWriteFileGather	0x00EE			N/A	N/A
250	NtWriteRequestData	0x00EF			N/A	N/A
251	NtWriteVirtualMemory	0x00F0			N/A	N/A
252	NtYieldExecution	0x00F7			N/A