Documentation
¶
Rendered for windows/amd64
Overview ¶
Package customWin32 provides a small subset of win32 bindings. For most win32 purposes, this project uses https://github.com/0xrawsec/golang-win32, however some wrappers are undesirable without exposing the lower level calls, thus these are implemented here.
Index ¶
- Constants
- func ConvertSidToStringSid(sid *syscall.SID) (string, error)
- func CreateRemoteThreadMinimal(hProcess win32.HANDLE, startAddress uintptr) error
- func GetTokenOwner(token syscall.Token) (*syscall.SID, error)
- func ListThreads(pid int) ([]int, error)
- func OpenProcessToken(process syscall.Handle, desiredAccess uint32) (syscall.Token, error)
- func Process32NextW(hSnapshot win32.HANDLE, lpte k32.LPPROCESSENTRY32W) error
- func ReadProcessMemory(hProcess win32.HANDLE, lpBaseAddress win32.LPCVOID, buffer []byte) (int, error)
- func ResumeProcess(pid int) error
- func SuspendProcess(pid int) error
- func Thread32First(hSnapshot win32.HANDLE, lpte k32.LPTHREADENTRY32) error
- func Thread32Next(hSnapshot win32.HANDLE, lpte k32.LPTHREADENTRY32) error
- func UsernameFromSID(sid *syscall.SID) (string, error)
- type MemoryStatusEx
- type TokenOwner
Constants ¶
View Source
const ERROR_NOT_ENOUGH_MEMORY = 0x8
Variables ¶
This section is empty.
Functions ¶
func GetTokenOwner ¶
BOOL GetTokenInformation(
HANDLE TokenHandle, TOKEN_INFORMATION_CLASS TokenInformationClass, LPVOID TokenInformation, DWORD TokenInformationLength, PDWORD ReturnLength
);
func ListThreads ¶
func OpenProcessToken ¶
BOOL OpenProcessToken(
HANDLE ProcessHandle, DWORD DesiredAccess, PHANDLE TokenHandle
);
func Process32NextW ¶
func Process32NextW(hSnapshot win32.HANDLE, lpte k32.LPPROCESSENTRY32W) error
func ReadProcessMemory ¶
func ResumeProcess ¶
func SuspendProcess ¶
func Thread32First ¶
func Thread32First(hSnapshot win32.HANDLE, lpte k32.LPTHREADENTRY32) error
func Thread32Next ¶
func Thread32Next(hSnapshot win32.HANDLE, lpte k32.LPTHREADENTRY32) error
Thread32Next Win32 API wrapper
Types ¶
type MemoryStatusEx ¶
type MemoryStatusEx struct {
Length win32.DWORD
MemoryLoad win32.DWORD
TotalPhys win32.DWORDLONG
AvailPhys win32.DWORDLONG
TotalPageFile win32.DWORDLONG
AvailPageFile win32.DWORDLONG
TotalVirtual win32.DWORDLONG
AvailVirtual win32.DWORDLONG
AvailExtendedVirtual win32.DWORDLONG
}
func GlobalMemoryStatusEx ¶
func GlobalMemoryStatusEx() (*MemoryStatusEx, error)
type TokenOwner ¶
type TokenOwner C.TOKEN_OWNER
Source Files
Click to show internal directories.
Click to hide internal directories.