customWin32

package

v0.4.0 Latest Latest Go to latest Published: Dec 4, 2020 License: AGPL-3.0 Imports: 6 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/fkie-cad/yapscan

Links

Open Source Insights

Documentation ¶

Rendered for windows/amd64

Overview ¶

Package customWin32 provides a small subset of win32 bindings. For most win32 purposes, this project uses https://github.com/0xrawsec/golang-win32, however some wrappers are undesirable without exposing the lower level calls, thus these are implemented here.

Index ¶

func ConvertSidToStringSid(sid *syscall.SID) (string, error)
func GetTokenOwner(token syscall.Token) (*syscall.SID, error)
func ListThreads(pid int) ([]int, error)
func OpenProcessToken(process syscall.Handle, desiredAccess uint32) (syscall.Token, error)
func Process32NextW(hSnapshot win32.HANDLE, lpte k32.LPPROCESSENTRY32W) error
func ReadProcessMemory(hProcess win32.HANDLE, lpBaseAddress win32.LPCVOID, buffer []byte) (int, error)
func ResumeProcess(pid int) error
func SuspendProcess(pid int) error
func Thread32First(hSnapshot win32.HANDLE, lpte k32.LPTHREADENTRY32) error
func Thread32Next(hSnapshot win32.HANDLE, lpte k32.LPTHREADENTRY32) error
func UsernameFromSID(sid *syscall.SID) (string, error)
type MemoryStatusEx
- func GlobalMemoryStatusEx() (*MemoryStatusEx, error)
type TokenOwner

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ConvertSidToStringSid ¶

func ConvertSidToStringSid(sid *syscall.SID) (string, error)

BOOL ConvertSidToStringSidW(

PSID   Sid,
LPWSTR *StringSid

);

func GetTokenOwner ¶

func GetTokenOwner(token syscall.Token) (*syscall.SID, error)

BOOL GetTokenInformation(

HANDLE                  TokenHandle,
TOKEN_INFORMATION_CLASS TokenInformationClass,
LPVOID                  TokenInformation,
DWORD                   TokenInformationLength,
PDWORD                  ReturnLength

);

func ListThreads ¶

func ListThreads(pid int) ([]int, error)

func OpenProcessToken ¶

func OpenProcessToken(process syscall.Handle, desiredAccess uint32) (syscall.Token, error)

BOOL OpenProcessToken(

HANDLE  ProcessHandle,
DWORD   DesiredAccess,
PHANDLE TokenHandle

);

func Process32NextW ¶

func Process32NextW(hSnapshot win32.HANDLE, lpte k32.LPPROCESSENTRY32W) error

func ReadProcessMemory ¶

func ReadProcessMemory(hProcess win32.HANDLE, lpBaseAddress win32.LPCVOID, buffer []byte) (int, error)

func ResumeProcess ¶

func ResumeProcess(pid int) error

func SuspendProcess ¶

func SuspendProcess(pid int) error

func Thread32First ¶

func Thread32First(hSnapshot win32.HANDLE, lpte k32.LPTHREADENTRY32) error

func Thread32Next ¶

func Thread32Next(hSnapshot win32.HANDLE, lpte k32.LPTHREADENTRY32) error

Thread32Next Win32 API wrapper

func UsernameFromSID ¶

func UsernameFromSID(sid *syscall.SID) (string, error)

BOOL LookupAccountSidW(

LPCWSTR       lpSystemName,
PSID          Sid,
LPWSTR        Name,
LPDWORD       cchName,
LPWSTR        ReferencedDomainName,
LPDWORD       cchReferencedDomainName,
PSID_NAME_USE peUse

);

Types ¶

type MemoryStatusEx ¶

type MemoryStatusEx struct {
	Length               win32.DWORD
	MemoryLoad           win32.DWORD
	TotalPhys            win32.DWORDLONG
	AvailPhys            win32.DWORDLONG
	TotalPageFile        win32.DWORDLONG
	AvailPageFile        win32.DWORDLONG
	TotalVirtual         win32.DWORDLONG
	AvailVirtual         win32.DWORDLONG
	AvailExtendedVirtual win32.DWORDLONG
}

func GlobalMemoryStatusEx ¶

func GlobalMemoryStatusEx() (*MemoryStatusEx, error)

type TokenOwner ¶

type TokenOwner C.TOKEN_OWNER

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL