SYSTEM_HANDLE_TABLE_ENTRY_INFO

The SYSTEM_HANDLE_TABLE_ENTRY_INFO structure is a recurring element in the SYSTEM_HANDLE_INFORMATION that a successful call to ZwQuerySystemInformation or NtQuerySystemInformation produces in its output buffer when given the information class SystemHandleInformation (0x10).

Documentation Status

The SYSTEM_HANDLE_TABLE_ENTRY_INFO structure is not documented.

Layout

The SYSTEM_HANDLE_TABLE_ENTRY_INFO structure is 0x10 or 0x18 bytes in 32-bit and 64-bit Windows, respectively.

Offset (x86) Offset (x64) Definition
0x00 0x00
USHORT UniqueProcessId;
0x02 0x02
USHORT CreatorBackTraceIndex;
0x04 0x04
UCHAR ObjectTypeIndex;
0x05 0x05
UCHAR HandleAttributes;
0x06 0x06
USHORT HandleValue;
0x08 0x08
PVOID Object;
0x0C 0x10
ULONG GrantedAccess;