"AccountExpiration": [32, ["WinFileTime"]], "PasswordFailedTime": [40, ["WinFileTime"]], "LoginCount": [66, ["unsigned short int"]], "FailedLoginCount": [64, ["unsigned short int"]], "Rid": [48, ["unsigned int"]], "Flags": [ 56, [ "Flags", dict(maskmap=utils.Invert({ 0x0001: "Account Disabled", 0x0002: "Home directory required", 0x0004: "Password not required", 0x0008: "Temporary duplicate account", 0x0010: "Normal user account", 0x0020: "MNS logon user account", 0x0040: "Interdomain trust account", 0x0080: "Workstation trust account", 0x0100: "Server trust account", 0x0200: "Password does not expire", 0x0400: "Account auto locked" }), target="unsigned short int") ] ], } ], } class SAMProfile(basic.Profile32Bits, basic.BasicClasses):
vm=x.obj_vm, parent=x) } ], '_OBJECT_HEADER': [ None, { "InfoMask": [ None, [ "Flags", dict( maskmap=utils.Invert({ 0x1: "CreatorInfo", 0x2: "NameInfo", 0x4: "HandleInfo", 0x8: "QuotaInfo", 0x10: "ProcessInfo", 0x20: "AuditInfo", 0x40: "PaddingInfo", }), target="unsigned char", ) ] ], 'GrantedAccess': lambda x: x.obj_parent.GrantedAccessBits } ], } win8_1_overlays = {
# USER objects on XP/2003/Vista/2008 HANDLE_TYPE_ENUM = utils.Invert( dict( # 8/17/2011 # http:#www.reactos.org/wiki/Techwiki:Win32k/HANDLEENTRY # HANDLEENTRY.bType TYPE_FREE=0, # 'must be zero! TYPE_WINDOW=1, # 'in order of use for C code lookups TYPE_MENU=2, # TYPE_CURSOR=3, # TYPE_SETWINDOWPOS=4, # HDWP TYPE_HOOK=5, # TYPE_CLIPDATA=6, # 'clipboard data TYPE_CALLPROC=7, # TYPE_ACCELTABLE=8, # TYPE_DDEACCESS=9, # tagSVR_INSTANCE_INFO TYPE_DDECONV=10, # TYPE_DDEXACT=11, # 'DDE transaction tracking info. TYPE_MONITOR=12, # TYPE_KBDLAYOUT=13, # 'Keyboard Layout handle (HKL) object. TYPE_KBDFILE=14, # 'Keyboard Layout file object. TYPE_WINEVENTHOOK=15, # 'WinEvent hook (EVENTHOOK) TYPE_TIMER=16, # TYPE_INPUTCONTEXT=17, # 'Input Context info structure TYPE_HIDDATA=18, # TYPE_DEVICEINFO=19, # TYPE_TOUCHINPUT=20, # 'Ustz' W7U sym tagTOUCHINPUTINFO TYPE_GESTUREINFO=21, # 'Usgi' TYPE_CTYPES=22, # 'Count of TYPEs; Must be LAST 1 TYPE_GENERIC=255 # 'used for generic handle validation ))