What is it? @.@

Here is the place where I record some tactics about wargame, systems, and other security issues.


Notes for function naming conventions

From: Basic Static Techniques - Practical Malware Analysis


    When evaluating unfamiliar Windows functions, a few naming conventions are worth noting because they came up often and might confuse you if you don't recognize them. For example, you will often encounter function names with an Ex suffix, such as CreateWindowEx. When Microsoft updates a function and the new function is incompatible with the old one, Microsoft continues to support the old function. The new function is given the same name as the old function, with an added Ex suffix. Functions that have been significantly updated twice have two Ex suffixes in their names.

    Many functions that take strings as parameters include an A or a W at the end of their names, such as CreateDirectoryW. This letter does not appear in the documentation for the function; it simply indicates that the function accepts a string parameter and that there are two different versions of the function: one for ASCII strings and one for wide character strings. Remember to drop the trailing A or W when searching for the function in the Microsoft documentation.

No comments:

Post a Comment