12. `windows.alpc` – Advanced Local Procedure Call¶

The windows.alpc module regroups the classes that permits to send and receive ALPC messages over an ALPC port and the classes representing these messages.

Note

See samples:

simple alpc communication

advanced alpc communication

12.1. ALPC Message¶

class windows.alpc.AlpcMessage(msg_or_size=4096, attributes=None)[source]¶

Represent a full ALPC Message: a AlpcMessagePort and a MessageAttribute

allocated_attributes¶

The list of allocated attributes

Type:	[`Flag`]

context_attribute¶

The ALPC_MESSAGE_CONTEXT_ATTRIBUTE of the message:

Type:	`ALPC_CONTEXT_ATTR`

context_is_valid¶: True if ALPC_MESSAGE_CONTEXT_ATTRIBUTE is a ValidAttributes

data¶: The data of the message (located after the PORT_MESSAGE header)

handle_attribute¶

The ALPC_MESSAGE_HANDLE_ATTRIBUTE of the message:

Type:	`ALPC_HANDLE_ATTR`

handle_is_valid¶: True if ALPC_MESSAGE_HANDLE_ATTRIBUTE is a ValidAttributes

security_attribute¶

The ALPC_MESSAGE_SECURITY_ATTRIBUTE of the message

Type:	`ALPC_SECURITY_ATTR`

security_is_valid¶: True if ALPC_MESSAGE_SECURITY_ATTRIBUTE is a ValidAttributes

type¶: The type of the message (PORT_MESSAGE.u2.s2.Type)

valid_attributes¶

The list of valid attributes

Type:	[`Flag`]

view_attribute¶

The ALPC_MESSAGE_VIEW_ATTRIBUTE of the message:

Type:	`ALPC_DATA_VIEW_ATTR`

view_is_valid¶: True if ALPC_MESSAGE_VIEW_ATTRIBUTE is a ValidAttributes

class windows.alpc.AlpcMessagePort[source]¶

The effective ALPC Message composed of a PORT_MESSAGE structure followed by the data

data¶: The data of the message (located after the header)

datalen¶: The length of the data

classmethod from_buffer(object, offset=0) → C instance[source]¶: create a C instance from a writeable buffer

class windows.alpc.MessageAttribute[source]¶

The attributes of an ALPC message

allocated_list¶

The list of allocated attributes

Type:	[`Flag`]

is_allocated(attribute)[source]¶: Return True if attribute is allocated

is_valid(attribute)[source]¶: Return True if attribute is valid

valid_list¶

The list of valid attributes

Type:	[`Flag`]

classmethod with_all_attributes()[source]¶

Create a new MessageAttribute with the following attributes allocated:

ALPC_MESSAGE_SECURITY_ATTRIBUTE
ALPC_MESSAGE_VIEW_ATTRIBUTE
ALPC_MESSAGE_CONTEXT_ATTRIBUTE
ALPC_MESSAGE_HANDLE_ATTRIBUTE
ALPC_MESSAGE_TOKEN_ATTRIBUTE
ALPC_MESSAGE_DIRECT_ATTRIBUTE
ALPC_MESSAGE_WORK_ON_BEHALF_ATTRIBUTE

Returns:	`MessageAttribute`

classmethod with_attributes(attributes)[source]¶

Create a new MessageAttribute with attributes allocated

Returns:	`MessageAttribute`

12.2. ALPC client¶

class windows.alpc.AlpcClient(port_name=None)[source]¶

An ALPC client able to connect to a port and send/receive messages

connect_to_port(port_name, connect_message=None, port_attr=None, port_attr_flags=65536, obj_attr=None, flags=ALPC_MSGFLG_SYNC_REQUEST(0x20000), timeout=None)[source]¶

Connect to the ALPC port port_name. Most of the parameters have defauls value is None is passed.

Parameters:

connect_message (AlpcMessage) – The message send with the connection request, if not None the function will return an AlpcMessage
port_attr (ALPC_PORT_ATTRIBUTES) – The port attributes, one with default value will be used if this parameter is None
port_attr_flags (int) – ALPC_PORT_ATTRIBUTES.Flags used if port_attr is None (MUTUALY EXCLUSINVE WITH port_attr)
obj_attr (OBJECT_ATTRIBUTES) – The attributes of the port (can be None)
flags (int) – The flags for NtAlpcConnectPort()
timeout (int) – The timeout of the request

port_name = None¶: The name of the ALPC port the client is connect to.

recv(receive_msg=None, flags=0)¶

Receive a message into alpc_message with flags.

Parameters:	receive_msg (AlpcMessage or None) – The message to send. If `receive_msg` is a `None` it create and return a simple `AlpcMessage` flags (int) – The flags for `NtAlpcSendWaitReceivePort()`

send(alpc_message, flags=0)¶

Send the alpc_message with flags

Parameters:	alpc_message (AlpcMessage or str) – The message to send. If `alpc_message` is a `str` it build an AlpcMessage with the message as data. flags (int) – The flags for `NtAlpcSendWaitReceivePort()`

send_receive(alpc_message, receive_msg=None, flags=ALPC_MSGFLG_SYNC_REQUEST(0x20000), timeout=None)¶

Send and receive a message with flags.

Parameters:	alpc_message (AlpcMessage or str) – The message to send. If `alpc_message` is a `str` it build an AlpcMessage with the message as data. receive_msg (AlpcMessage or None) – The message to send. If `receive_msg` is a `None` it create and return a simple `AlpcMessage` flags (int) – The flags for `NtAlpcSendWaitReceivePort()`

12.3. ALPC Server¶

class windows.alpc.AlpcServer(port_name=None)[source]¶

An ALPC server able to create a port, accept connections and send/receive messages

accept_connection(msg, port_attr=None, port_context=None)[source]¶

Accept the connection for a LPC_CONNECTION_REQUEST message. msg.MessageId must be the same as the connection requesting message.

Parameters:	msg (AlpcMessage) – The response message. port_attr (ALPC_PORT_ATTRIBUTES) – The attributes of the port, one with default value will be used if this parameter is `None` port_context (PVOID) – A value that will be copied in `ALPC_CONTEXT_ATTR.PortContext` of every message on this connection.

create_port(port_name, msglen=None, port_attr_flags=0, obj_attr=None, port_attr=None)[source]¶

Create the ALPC port port_name. Most of the parameters have defauls value is None is passed.

Parameters:

port_name (str) – The port’s name to create.
msglen (int) – ALPC_PORT_ATTRIBUTES.MaxMessageLength used if port_attr is None (MUTUALY EXCLUSINVE WITH port_attr)
port_attr_flags (int) – ALPC_PORT_ATTRIBUTES.Flags used if port_attr is None (MUTUALY EXCLUSINVE WITH port_attr)
obj_attr (OBJECT_ATTRIBUTES) – The attributes of the port, one with default value will be used if this parameter is None
port_attr (ALPC_PORT_ATTRIBUTES) – The port attributes, one with default value will be used if this parameter is None

recv(receive_msg=None, flags=0)¶

Receive a message into alpc_message with flags.

Parameters:	receive_msg (AlpcMessage or None) – The message to send. If `receive_msg` is a `None` it create and return a simple `AlpcMessage` flags (int) – The flags for `NtAlpcSendWaitReceivePort()`

send(alpc_message, flags=0)¶

Send the alpc_message with flags

Parameters:	alpc_message (AlpcMessage or str) – The message to send. If `alpc_message` is a `str` it build an AlpcMessage with the message as data. flags (int) – The flags for `NtAlpcSendWaitReceivePort()`

send_receive(alpc_message, receive_msg=None, flags=ALPC_MSGFLG_SYNC_REQUEST(0x20000), timeout=None)¶

Send and receive a message with flags.

Parameters:	alpc_message (AlpcMessage or str) – The message to send. If `alpc_message` is a `str` it build an AlpcMessage with the message as data. receive_msg (AlpcMessage or None) – The message to send. If `receive_msg` is a `None` it create and return a simple `AlpcMessage` flags (int) – The flags for `NtAlpcSendWaitReceivePort()`

12. `windows.alpc` – Advanced Local Procedure Call¶

12.1. ALPC Message¶

12.2. ALPC client¶

12.3. ALPC Server¶

Table of Contents

Previous topic

Next topic

This Page

12. windows.alpc – Advanced Local Procedure Call¶

12.1. ALPC Message¶

12.2. ALPC client¶

12.3. ALPC Server¶

12. `windows.alpc` – Advanced Local Procedure Call¶