-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathwindowsAPI.go
More file actions
73 lines (61 loc) · 2.76 KB
/
windowsAPI.go
File metadata and controls
73 lines (61 loc) · 2.76 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
//go:build windows
package main
import (
"errors"
"syscall"
"unsafe"
"golang.org/x/sys/windows"
)
const PROCESS_ALL_ACCESS = 0x1F0FFF
var kernel32 = windows.NewLazyDLL("kernel32.dll")
func VirtualAllocEx(hProcess windows.Handle, lpAddress, dwSize, flAllocationType, flProtect uintptr) (uintptr, error) {
remoteMem, _, err := kernel32.NewProc("VirtualAllocEx").Call(uintptr(hProcess), lpAddress, dwSize, flAllocationType, flProtect)
if err != nil && err != syscall.Errno(0) {
return 0, errors.New("VirtualAllocEx failed: " + err.Error())
}
return remoteMem, nil
}
func SetProcessAffinityMask(processInfo *windows.ProcessInformation, processAffinityMask uint32) error {
_, _, err := kernel32.NewProc("SetProcessAffinityMask").Call(uintptr(processInfo.Process), uintptr(processAffinityMask))
if err != nil && err != syscall.Errno(0) {
return errors.New("SetProcessAffinityMask failed: " + err.Error())
}
return nil
}
func SetPriorityClass(processInfo *windows.ProcessInformation, priorityClass uint32) error {
_, _, err := kernel32.NewProc("SetPriorityClass").Call(uintptr(processInfo.Process), uintptr(priorityClass))
if err != nil && err != syscall.Errno(0) {
return errors.New("SetPriorityClass failed: " + err.Error())
}
return nil
}
func GetAddressLoadLibraryW() (uintptr, error) {
loadLibraryProc := kernel32.NewProc("LoadLibraryW")
err := loadLibraryProc.Find()
if err != nil {
return 0, errors.New("GetAddressLoadLibraryW failed: " + err.Error())
}
return loadLibraryProc.Addr(), nil
}
func WriteProcessMemory(hProcess windows.Handle, baseAddress uintptr, buffer *uint16, nBytesToBeWritten int, bytesWritten uintptr) error {
_, _, err := kernel32.NewProc("WriteProcessMemory").Call(uintptr(hProcess), baseAddress, uintptr(unsafe.Pointer(buffer)), uintptr(nBytesToBeWritten), bytesWritten)
if err != nil && err != syscall.Errno(0) {
return errors.New("WriteProcessMemory failed: " + err.Error())
}
return nil
}
func CreateRemoteThread(hProcess windows.Handle, lpThreadAttributes, dwStackSize, lpStartAddress, lpParameter, dwCreationFlags, lpThreadId uintptr) (windows.Handle, error) {
remoteThread, _, err := kernel32.NewProc("CreateRemoteThread").Call(uintptr(hProcess), lpThreadAttributes, dwStackSize, lpStartAddress, lpParameter, dwCreationFlags, lpThreadId)
if err != nil && err != syscall.Errno(0) {
return 0, errors.New("CreateRemoteThread failed: " + err.Error())
}
return windows.Handle(remoteThread), nil
}
func VirtualFreeEx(hProcess windows.Handle, lpAddress, dwSize, dwFreeType uintptr) error {
VirtualFreeEx := kernel32.NewProc("VirtualFreeEx")
_, _, err := VirtualFreeEx.Call(uintptr(hProcess), lpAddress, dwSize, windows.MEM_RELEASE)
if err != nil && err != syscall.Errno(0) {
return errors.New("VirtualFreeEx failed: " + err.Error())
}
return nil
}