"Rajat" <rajat.dud...@gmail.com> ha scritto nel messaggio news:8c8b5cf2-bc77-4633-96ca-e3b908430...@z14g2000yqa.googlegroups.com... > > > > Using ctypes can I access the windows structures like: > > > > > PROCESS_INFORMATION_BLOCK, Process Environment Block(PEB), > > > PEB_LDR_DATA, etc? > > > > ctypes.wintypes lists all of the Windows structures included with the > > module. > > > > You should be able to use ctypes.Structure class to roll your own: > > Thanks Alex. As you suggested, I'm trying to implemenet the below > structure, windows PEB, in Python: > > typedef struct _PEB { > BYTE Reserved1[2]; > BYTE BeingDebugged; > BYTE Reserved2[21]; > PPEB_LDR_DATA LoaderData; > PRTL_USER_PROCESS_PARAMETERS ProcessParameters; > BYTE Reserved3[520]; > PPS_POST_PROCESS_INIT_ROUTINE PostProcessInitRoutine; > BYTE Reserved4[136]; > ULONG SessionId; > } PEB; > > My equivalent Python structure is: > class PEB(Structure): > _fields_ = [("Reserved1", wintypes.BYTE * 2), > ("BeingDebugged", wintypes.BYTE), > ("Reserved2", wintypes.BYTE * 2), > ("Reserved3", c_void_p), > ("Ldr", pointer(PEB_LDR_DATA)), > ("ProcessParameters", pointer > (RTL_USER_PROCESS_PARAMETERS)), > ("Reserved4", wintypes.BYTE * 104), > ("Reserved5", c_void_p), > (), > ("Reserved6", wintypes.BYTE), > ("Reserved7", c_void_p), > ("SessionId", c_ulong)] > > I'm not sure what needs to go in the above empty tuple for > "PPS_POST_PROCESS_INIT_ROUTINE PostProcessInitRoutine" (in Original > PEB). > > Please suggest.
PostProcessInitRoutine should be a callback function or something similar. It should be enough to define a type PostProcessInitRoutine = WINFUNCTYPE(...parameters...) and use this. Regards, Enrico -- http://mail.python.org/mailman/listinfo/python-list
