| Trees | Indices | Help |
|
|---|
|
|
The following is a description of windows stations from MSDN:
http://msdn.microsoft.com/en-us/library/windows/desktop/ms687096(v=vs.85).aspx
A window station contains a clipboard, an atom table, and one or more desktop objects. Each window station object is a securable object. When a window station is created, it is associated with the calling process and assigned to the current session.
The interactive window station is the only window station that can display a user interface or receive user input. It is assigned to the logon session of the interactive user, and contains the keyboard, mouse, and display device. It is always named "WinSta0". All other window stations are noninteractive, which means they cannot display a user interface or receive user input.
Ref: http://volatility-labs.blogspot.de/2012/09/movp-13-desktops-heaps-and-ransomware.html
NOTE: Windows 8 does not have a global atom table any more. http://mista.nu/research/smashing_the_atom.pdf
| Classes | |
|
WindowsStations Displays all the windows stations by following lists. |
|
|
WinDesktops Print information on each desktop. |
|
| Variables | |
__package__ = |
|
| Trees | Indices | Help |
|
|---|
| Generated by Epydoc 3.0.1 on Mon Oct 9 03:27:47 2017 | http://epydoc.sourceforge.net |