- Generated by
1.8.13
|
Bitdefender Hypervisor Memory Introspection
|
A Windows token structure as reported by Introcore alerts. More...
#include <intro_types.h>
Data Fields | |
| BOOLEAN | ImpersonationToken |
| TRUE if this is an impersonation token. More... | |
| INTRO_TOKEN_PRIVILEGES | Privileges |
| The privileges associated with this token. More... | |
| BYTE | _padding [3] |
| DWORD | SidCount |
| The number of valid entries in the SidsAndAttributes array. More... | |
| INTRO_SID_ATTRIBUTES | SidsAndAttributes [INTRO_SIDS_MAX_COUNT] |
| The SIDs associated with this token. More... | |
| DWORD | RestrictedSidCount |
| The number of valid entries in the RestrictedSids array. More... | |
| INTRO_SID_ATTRIBUTES | RestrictedSids [INTRO_SIDS_MAX_COUNT] |
| The restricted SIDs associated with this token. More... | |
| BOOLEAN | SidsBufferTooSmall |
| If TRUE, not all the entries from the guest's SidsAndAttributes were returned. More... | |
| BOOLEAN | RestrictedSIdsBufferTooSmall |
| If TRUE, not all the entries from the guest's SidsAndAttributes were returned. More... | |
| BOOLEAN | Valid |
| If FALSE, we failed to get the thread and the process token. More... | |
A Windows token structure as reported by Introcore alerts.
Definition at line 861 of file intro_types.h.
| BYTE _INTRO_WIN_TOKEN::_padding[3] |
Definition at line 867 of file intro_types.h.
| BOOLEAN _INTRO_WIN_TOKEN::ImpersonationToken |
TRUE if this is an impersonation token.
Definition at line 864 of file intro_types.h.
Referenced by IntCrSendAlert().
| INTRO_TOKEN_PRIVILEGES _INTRO_WIN_TOKEN::Privileges |
The privileges associated with this token.
Definition at line 866 of file intro_types.h.
| DWORD _INTRO_WIN_TOKEN::RestrictedSidCount |
The number of valid entries in the RestrictedSids array.
Definition at line 874 of file intro_types.h.
| INTRO_SID_ATTRIBUTES _INTRO_WIN_TOKEN::RestrictedSids[INTRO_SIDS_MAX_COUNT] |
The restricted SIDs associated with this token.
Definition at line 876 of file intro_types.h.
| BOOLEAN _INTRO_WIN_TOKEN::RestrictedSIdsBufferTooSmall |
If TRUE, not all the entries from the guest's SidsAndAttributes were returned.
Definition at line 881 of file intro_types.h.
| DWORD _INTRO_WIN_TOKEN::SidCount |
The number of valid entries in the SidsAndAttributes array.
Definition at line 869 of file intro_types.h.
| INTRO_SID_ATTRIBUTES _INTRO_WIN_TOKEN::SidsAndAttributes[INTRO_SIDS_MAX_COUNT] |
The SIDs associated with this token.
Definition at line 871 of file intro_types.h.
| BOOLEAN _INTRO_WIN_TOKEN::SidsBufferTooSmall |
If TRUE, not all the entries from the guest's SidsAndAttributes were returned.
Definition at line 879 of file intro_types.h.
| BOOLEAN _INTRO_WIN_TOKEN::Valid |
If FALSE, we failed to get the thread and the process token.
Definition at line 883 of file intro_types.h.
Referenced by IntCrSendAlert().
1.8.13