TEB结构说明

kd> dt _teb
nt!_TEB
+0x000 NtTib            : _NT_TIB
+0x01c EnvironmentPointer : Ptr32 Void
+0x020 ClientId         : _CLIENT_ID                        //进程的pid
+0x028 ActiveRpcHandle  : Ptr32 Void
+0x02c ThreadLocalStoragePointer : Ptr32 Void
+0x030 ProcessEnvironmentBlock : Ptr32 _PEB                 //进程PEB
+0x034 LastErrorValue   : Uint4B
+0x038 CountOfOwnedCriticalSections : Uint4B
+0x03c CsrClientThread  : Ptr32 Void
+0x040 Win32ThreadInfo  : Ptr32 Void
+0x044 User32Reserved   : [26] Uint4B
+0x0ac UserReserved     : [5] Uint4B
+0x0c0 WOW32Reserved    : Ptr32 Void
+0x0c4 CurrentLocale    : Uint4B
+0x0c8 FpSoftwareStatusRegister : Uint4B
+0x0cc SystemReserved1  : [54] Ptr32 Void
+0x1a4 ExceptionCode    : Int4B
+0x1a8 ActivationContextStack : _ACTIVATION_CONTEXT_STACK
+0x1bc SpareBytes1      : [24] UChar
+0x1d4 GdiTebBatch      : _GDI_TEB_BATCH
+0x6b4 RealClientId     : _CLIENT_ID
+0x6bc GdiCachedProcessHandle : Ptr32 Void
+0x6c0 GdiClientPID     : Uint4B
+0x6c4 GdiClientTID     : Uint4B
+0x6c8 GdiThreadLocalInfo : Ptr32 Void
+0x6cc Win32ClientInfo  : [62] Uint4B
+0x7c4 glDispatchTable  : [233] Ptr32 Void
+0xb68 glReserved1      : [29] Uint4B
+0xbdc glReserved2      : Ptr32 Void
+0xbe0 glSectionInfo    : Ptr32 Void
+0xbe4 glSection        : Ptr32 Void
+0xbe8 glTable          : Ptr32 Void
+0xbec glCurrentRC      : Ptr32 Void
+0xbf0 glContext        : Ptr32 Void
+0xbf4 LastStatusValue  : Uint4B
+0xbf8 StaticUnicodeString : _UNICODE_STRING
+0xc00 StaticUnicodeBuffer : [261] Uint2B
+0xe0c DeallocationStack : Ptr32 Void
+0xe10 TlsSlots         : [64] Ptr32 Void                  //TLS值 是个数组[64]
+0xf10 TlsLinks         : _LIST_ENTRY
+0xf18 Vdm              : Ptr32 Void
+0xf1c ReservedForNtRpc : Ptr32 Void
+0xf20 DbgSsReserved    : [2] Ptr32 Void
+0xf28 HardErrorsAreDisabled : Uint4B
+0xf2c Instrumentation  : [16] Ptr32 Void
+0xf6c WinSockData      : Ptr32 Void
+0xf70 GdiBatchCount    : Uint4B
+0xf74 InDbgPrint       : UChar
+0xf75 FreeStackOnTermination : UChar
+0xf76 HasFiberData     : UChar
+0xf77 IdealProcessor   : UChar
+0xf78 Spare3           : Uint4B
+0xf7c ReservedForPerf  : Ptr32 Void
+0xf80 ReservedForOle   : Ptr32 Void
+0xf84 WaitingOnLoaderLock : Uint4B
+0xf88 Wx86Thread       : _Wx86ThreadState
+0xf94 TlsExpansionSlots : Ptr32 Ptr32 Void                //TLS扩展值 是个数组[Ptr32]
+0xf98 ImpersonationLocale : Uint4B
+0xf9c IsImpersonating  : Uint4B
+0xfa0 NlsCache         : Ptr32 Void
+0xfa4 pShimData        : Ptr32 Void
+0xfa8 HeapVirtualAffinity : Uint4B
+0xfac CurrentTransactionHandle : Ptr32 Void
+0xfb0 ActiveFrame      : Ptr32 _TEB_ACTIVE_FRAME
+0xfb4 SafeThunkCall    : UChar
+0xfb5 BooleanSpare     : [3] UChar