diff options
Diffstat (limited to 'ReverseEngineering/Get-PEB.format.ps1xml')
| -rw-r--r-- | ReverseEngineering/Get-PEB.format.ps1xml | 114 |
1 files changed, 114 insertions, 0 deletions
diff --git a/ReverseEngineering/Get-PEB.format.ps1xml b/ReverseEngineering/Get-PEB.format.ps1xml index 9c25dc1..88eee6a 100644 --- a/ReverseEngineering/Get-PEB.format.ps1xml +++ b/ReverseEngineering/Get-PEB.format.ps1xml @@ -1095,5 +1095,119 @@ </ListEntries>
</ListControl>
</View>
+ <View>
+ <Name>ProcessParameters</Name>
+ <ViewSelectedBy>
+ <TypeName>PEB.ProcessParameters</TypeName>
+ </ViewSelectedBy>
+ <ListControl>
+ <ListEntries>
+ <ListEntry>
+ <ListItems>
+ <ListItem>
+ <PropertyName>MaximumLength</PropertyName>
+ <FormatString>0x{0:X8}</FormatString>
+ </ListItem>
+ <ListItem>
+ <PropertyName>Length</PropertyName>
+ <FormatString>0x{0:X8}</FormatString>
+ </ListItem>
+ <ListItem>
+ <PropertyName>Flags</PropertyName>
+ <FormatString>0x{0:X8}</FormatString>
+ </ListItem>
+ <ListItem>
+ <PropertyName>DebugFlags</PropertyName>
+ <FormatString>0x{0:X8}</FormatString>
+ </ListItem>
+ <ListItem>
+ <Label>ConsoleHandle</Label>
+ <ScriptBlock>"0x$($_.ConsoleHandle.ToString("X$([IntPtr]::Size * 2)"))"</ScriptBlock>
+ </ListItem>
+ <ListItem>
+ <PropertyName>ConsoleFlags</PropertyName>
+ <FormatString>0x{0:X8}</FormatString>
+ </ListItem>
+ <ListItem>
+ <Label>StandardInput</Label>
+ <ScriptBlock>"0x$($_.StandardInput.ToString("X$([IntPtr]::Size * 2)"))"</ScriptBlock>
+ </ListItem>
+ <ListItem>
+ <Label>StandardOutput</Label>
+ <ScriptBlock>"0x$($_.StandardOutput.ToString("X$([IntPtr]::Size * 2)"))"</ScriptBlock>
+ </ListItem>
+ <ListItem>
+ <Label>StandardError</Label>
+ <ScriptBlock>"0x$($_.StandardError.ToString("X$([IntPtr]::Size * 2)"))"</ScriptBlock>
+ </ListItem>
+ <ListItem>
+ <PropertyName>CurrentDirectory</PropertyName>
+ </ListItem>
+ <ListItem>
+ <PropertyName>DllPath</PropertyName>
+ </ListItem>
+ <ListItem>
+ <PropertyName>ImagePathName</PropertyName>
+ </ListItem>
+ <ListItem>
+ <PropertyName>CommandLine</PropertyName>
+ </ListItem>
+ <ListItem>
+ <Label>Environment</Label>
+ <ScriptBlock>"0x$($_.Environment.ToString("X$([IntPtr]::Size * 2)"))"</ScriptBlock>
+ </ListItem>
+ <ListItem>
+ <PropertyName>StartingX</PropertyName>
+ <FormatString>0x{0:X8}</FormatString>
+ </ListItem>
+ <ListItem>
+ <PropertyName>StartingY</PropertyName>
+ <FormatString>0x{0:X8}</FormatString>
+ </ListItem>
+ <ListItem>
+ <PropertyName>CountX</PropertyName>
+ <FormatString>0x{0:X8}</FormatString>
+ </ListItem>
+ <ListItem>
+ <PropertyName>CountY</PropertyName>
+ <FormatString>0x{0:X8}</FormatString>
+ </ListItem>
+ <ListItem>
+ <PropertyName>CountCharsX</PropertyName>
+ <FormatString>0x{0:X8}</FormatString>
+ </ListItem>
+ <ListItem>
+ <PropertyName>CountCharsY</PropertyName>
+ <FormatString>0x{0:X8}</FormatString>
+ </ListItem>
+ <ListItem>
+ <PropertyName>FillAttribute</PropertyName>
+ <FormatString>0x{0:X8}</FormatString>
+ </ListItem>
+ <ListItem>
+ <PropertyName>WindowFlags</PropertyName>
+ <FormatString>0x{0:X8}</FormatString>
+ </ListItem>
+ <ListItem>
+ <PropertyName>ShowWindowFlags</PropertyName>
+ <FormatString>0x{0:X8}</FormatString>
+ </ListItem>
+ <ListItem>
+ <PropertyName>WindowTitle</PropertyName>
+ </ListItem>
+ <ListItem>
+ <PropertyName>DesktopInfo</PropertyName>
+ </ListItem>
+ <ListItem>
+ <PropertyName>ShellInfo</PropertyName>
+ </ListItem>
+ <ListItem>
+ <PropertyName>RuntimeData</PropertyName>
+ </ListItem>
+ </ListItems>
+ </ListEntry>
+ </ListEntries>
+ </ListControl>
+ </View>
</ViewDefinitions>
</Configuration>
\ No newline at end of file |