extra

package
v0.0.0-...-ad9669b Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 19, 2025 License: BSD-3-Clause Imports: 8 Imported by: 0

Documentation

Index

Constants

View Source 
const (

	// NT Defined Privileges
	SE_CREATE_TOKEN_NAME                      = "SeCreateTokenPrivilege"
	SE_ASSIGNPRIMARYTOKEN_NAME                = "SeAssignPrimaryTokenPrivilege"
	SE_LOCK_MEMORY_NAME                       = "SeLockMemoryPrivilege"
	SE_INCREASE_QUOTA_NAME                    = "SeIncreaseQuotaPrivilege"
	SE_UNSOLICITED_INPUT_NAME                 = "SeUnsolicitedInputPrivilege"
	SE_MACHINE_ACCOUNT_NAME                   = "SeMachineAccountPrivilege"
	SE_TCB_NAME                               = "SeTcbPrivilege"
	SE_SECURITY_NAME                          = "SeSecurityPrivilege"
	SE_TAKE_OWNERSHIP_NAME                    = "SeTakeOwnershipPrivilege"
	SE_LOAD_DRIVER_NAME                       = "SeLoadDriverPrivilege"
	SE_SYSTEM_PROFILE_NAME                    = "SeSystemProfilePrivilege"
	SE_SYSTEMTIME_NAME                        = "SeSystemtimePrivilege"
	SE_PROF_SINGLE_PROCESS_NAME               = "SeProfileSingleProcessPrivilege"
	SE_INC_BASE_PRIORITY_NAME                 = "SeIncreaseBasePriorityPrivilege"
	SE_CREATE_PAGEFILE_NAME                   = "SeCreatePagefilePrivilege"
	SE_CREATE_PERMANENT_NAME                  = "SeCreatePermanentPrivilege"
	SE_BACKUP_NAME                            = "SeBackupPrivilege"
	SE_RESTORE_NAME                           = "SeRestorePrivilege"
	SE_SHUTDOWN_NAME                          = "SeShutdownPrivilege"
	SE_DEBUG_NAME                             = "SeDebugPrivilege"
	SE_AUDIT_NAME                             = "SeAuditPrivilege"
	SE_SYSTEM_ENVIRONMENT_NAME                = "SeSystemEnvironmentPrivilege"
	SE_CHANGE_NOTIFY_NAME                     = "SeChangeNotifyPrivilege"
	SE_REMOTE_SHUTDOWN_NAME                   = "SeRemoteShutdownPrivilege"
	SE_UNDOCK_NAME                            = "SeUndockPrivilege"
	SE_SYNC_AGENT_NAME                        = "SeSyncAgentPrivilege"
	SE_ENABLE_DELEGATION_NAME                 = "SeEnableDelegationPrivilege"
	SE_MANAGE_VOLUME_NAME                     = "SeManageVolumePrivilege"
	SE_IMPERSONATE_NAME                       = "SeImpersonatePrivilege"
	SE_CREATE_GLOBAL_NAME                     = "SeCreateGlobalPrivilege"
	SE_TRUSTED_CREDMAN_ACCESS_NAME            = "SeTrustedCredManAccessPrivilege"
	SE_RELABEL_NAME                           = "SeRelabelPrivilege"
	SE_INC_WORKING_SET_NAME                   = "SeIncreaseWorkingSetPrivilege"
	SE_TIME_ZONE_NAME                         = "SeTimeZonePrivilege"
	SE_CREATE_SYMBOLIC_LINK_NAME              = "SeCreateSymbolicLinkPrivilege"
	SE_DELEGATE_SESSION_USER_IMPERSONATE_NAME = "SeDelegateSessionUserImpersonatePrivilege"
)
View Source 
const (
	// Logon Support APIs
	LOGON32_PROVIDER_DEFAULT = uint32(iota)
	LOGON32_PROVIDER_WINNT35
	LOGON32_LOGON_INTERACTIVE
	LOGON32_LOGON_NETWORK
	LOGON32_LOGON_BATCH
	LOGON32_LOGON_SERVICE
	LOGON32_LOGON_UNLOCK = iota + 1

	// LogonFlags
	LOGON_WITH_PROFILE         uint32 = 0x00000001
	LOGON_NETCREDENTIALS_ONLY  uint32 = 0x00000002
	LOGON_ZERO_PASSWORD_BUFFER uint32 = 0x80000000
)
View Source 
const (
	WM_MOUSEMOVE     = iota + 0x0200
	WM_LBUTTONDOWN   // 左键按下
	WM_LBUTTONUP     // 左键释放
	WM_LBUTTONDBLCLK // 左键双击
	WM_RBUTTONDOWN   // 右键按下
	WM_RBUTTONUP     // 右键释放
	WM_RBUTTONDBLCLK // 右键双击
	WM_MBUTTONDOWN   // 中键按下
	WM_MBUTTONUP     // 中键释放
	WM_MBUTTONDBLCLK // 中键双击

	// 剪贴板动作
	WM_DESTROYCLIPBOARD = 0x0307
	WM_DRAWCLIPBOARD    = 0x0308
	WM_CLIPBOARDUPDATE  = 0x031D

	WH_KEYBOARD_LL = 13
	WH_MOUSE_LL    = 14
)

鼠标动作

View Source 
const (
	MB_OK               = 0x00000000
	MB_OKCANCEL         = 0x00000001
	MB_ABORTRETRYIGNORE = 0x00000002
	MB_YESNOCANCEL      = 0x00000003
	MB_YESNO            = 0x00000004
	MB_RETRYCANCEL      = 0x00000005
)
View Source 
const (
	REG_SZ            = 1
	ERROR_SUCEESS     = 0
	HKEY_CURRENT_USER = 0x80000001
	KEY_SET_VALUE     = 0x0002
	KEY_WOW64_64KEY   = 0x100
	KEY_WOW32_32KEY   = 0x200
)

Reg APIs define

View Source 
const (
	// Service Types
	//SERVICE_WIN32_OWN_PROCESS   = 0x00000010
	//SERVICE_WIN32_SHARE_PROCESS = 0x00000020
	//SERVICE_WIN32               = SERVICE_WIN32_OWN_PROCESS | SERVICE_WIN32_SHARE_PROCESS
	SERVICE_USER_SERVICE = 0x00000040

	// Service object specific access type
	//SERVICE_QUERY_CONFIG         = 0x0001
	//SERVICE_CHANGE_CONFIG        = 0x0002
	//SERVICE_QUERY_STATUS         = 0x0004
	//SERVICE_ENUMERATE_DEPENDENTS = 0x0008
	//SERVICE_START                = 0x0010
	//SERVICE_STOP                 = 0x0020
	//SERVICE_PAUSE_CONTINUE       = 0x0040
	//SERVICE_INTERROGATE          = 0x0080
	//SERVICE_USER_DEFINED_CONTROL = 0x0100
	SERVICE_ALL_ACCESS = 0xF01FF // ALL of (Service object specific access type) | ()

	// Controls
	SERVICE_CONTROL_TIMECHANGE = 0x00000010
)

Service Table

View Source 
const (
	// WinHttpOpen dwAccessType values (also for WINHTTP_PROXY_INFO::dwAccessType)
	WINHTTP_ACCESS_TYPE_DEFAULT_PROXY   = 0
	WINHTTP_ACCESS_TYPE_NO_PROXY        = 1
	WINHTTP_ACCESS_TYPE_NAMED_PROXY     = 3
	WINHTTP_ACCESS_TYPE_AUTOMATIC_PROXY = 4

	// WinHttpOpenRequest prettifers for optional parameters
	WINHTTP_NO_REFERER           = ""
	WINHTTP_DEFAULT_ACCEPT_TYPES = ""

	// Flags for dwAutoDetectFlags
	WINHTTP_AUTO_DETECT_TYPE_DHCP  = 0x00000001
	WINHTTP_AUTO_DETECT_TYPE_DNS_A = 0x00000002
)
View Source 
const (
	// Windows Error
	ERROR_SUCCESS syscall.Errno = 0

	CF_TEXT        = 1
	CF_UNICODETEXT = 13
	CW_USEDEFAULT  = ^uintptr(uint32(0))

	HC_ACTION = 0

	WS_EX_APPWINDOW = 0x00040000
	WS_POPUP        = 0x80000000
)

U

Variables

This section is empty.

Functions

func CheckRemoteDebuggerPresent 

func CheckRemoteDebuggerPresent(hProcess wincall.Handle, pbDebuggerPresent *bool) (err error)

func ControlService 

func ControlService(hService wincall.Handle, dwControl uint32, pControlParam *wincall.SERVICE_STATUS) (err error)

Use wincall ControlService

func ControlServiceEx 

func ControlServiceEx(hService wincall.Handle, dwControl, dwInfoLevel uint32, pControlParam *wincall.SERVICE_STATUS) (err error)

func CreateCmdProcess 

func CreateCmdProcess(StdInPipeRead, StdOutPipeWrite wincall.Handle) (wincall.Handle, error)

func CreateProcess 

func CreateProcess(appName *uint16, commandLine *uint16, cF uint32, sI *wincall.StartupInfo, pI *wincall.ProcessInformation) error

func CreateProcessWithToken 

func CreateProcessWithToken(token wincall.Token, dwLogonFlags uint32, appName *uint16, commandLine *uint16, creationFlags uint32, env *uint16, currentDir *uint16, startupInfo *wincall.StartupInfo, outProcInfo *wincall.ProcessInformation) (err error)

func CreateRemoteThread 

func CreateRemoteThread(hProcess wincall.Handle, lpThreadAttributes *wincall.SecurityAttributes, dwStackSize, lpStartAddress uintptr, lpParameter uintptr, dwCreationFlags uint32, lpThreadId *uint32) (r1 uintptr, err error)

TODO: lpStartAddress LPTHREAD_START_ROUTINE

func DeleteService 

func DeleteService(hService wincall.Handle) (err error)

func DuplicateTokenEx 

func DuplicateTokenEx(hExistingToken wincall.Token, dwDesireAccess uint32, lpTokenAttr *wincall.SecurityAttributes, impersonationLevel, tokenType uint32, phNewToken *wincall.Token) (err error)

func EnableDebugPrivilege 

func EnableDebugPrivilege(hToken *wincall.Token) (err error)

func EnablePrivileges 

func EnablePrivileges(token *wincall.Token, privs []string) (err error)

func FindProcName 

func FindProcName(name string, pe32 *wincall.ProcessEntry32) error

func GlobalAlloc 

func GlobalAlloc(uFlags uint32, dwSize *uint32) (r1 uintptr, err error)

func GlobalFree 

func GlobalFree(hMem uintptr) (r1 uintptr, err error)

func GlobalLock 

func GlobalLock(hMem uintptr) (r1 uintptr, err error)

func GlobalMemoryStatusEx 

func GlobalMemoryStatusEx(lpBuffer *MemoryStatusEX) (err error)

func GlobalUnlock 

func GlobalUnlock(hMem uintptr) (err error)

func ImpersonateLoggedOnUser 

func ImpersonateLoggedOnUser(token wincall.Token) (err error)

func IsDebuggerPresent 

func IsDebuggerPresent() bool

func LogonUser 

func LogonUser(lpszUsername, lpszDomain, lpszPassword string, dwLogonType, dwLogonProvider uint32, phToken *wincall.Token) (err error)

func NtQueryInformationProcess 

func NtQueryInformationProcess(hProcess wincall.Handle, information wincall.PROCESS_BASIC_INFORMATION, pbi wincall.ProcessInformation, returnLength uint32) (err error)

func OpenCurrentProcessToken 

func OpenCurrentProcessToken() (wincall.Token, error)

func OpenSCManager 

func OpenSCManager(lpMachineName, lpDatabaseName *uint16, dwDesiredAccess uint32) (handle wincall.Handle, err error)

func OpenService 

func OpenService(hSCManager wincall.Handle, lpServiceName *uint16, dwDesiredAccess uint32) (handle wincall.Handle, err error)

Use wincall OpenService

func OutputDebugString 

func OutputDebugString(lpOutputStr *uint16) (err error)

func RegCreateKeyEx 

func RegCreateKeyEx(hKey wincall.Handle, lpSubKey *uint16, Reserved DWORD, lpClass LPCWSTR, dwOptions, samDesired DWORD, lpSecurityAttr *wincall.SecurityAttributes, phkResult *wincall.Handle, lpdwDisposition *DWORD) (err error)

func RegEnumValue 

func RegEnumValue(hKey wincall.Handle, dwIndex uint32, lpValueName *uint16, lpcchValueName, lpReserved, dwType *uint32, lpData LPBYTE, lpcbData *uint32) (err error)

RegOpenKeyEx = syscall.RegOpenKeyEx RegCloseKey = syscall.RegCloseKey TODO:

func RegSetValueEx 

func RegSetValueEx(hKey wincall.Handle, lpValueName LPCWSTR, Reserved, dwType DWORD, lpData LPBYTE, cbData DWORD) (err error)

func RemovePrivileges 

func RemovePrivileges(token *wincall.Token, privs []string) (err error)

func ReportErrorCloseHandle 

func ReportErrorCloseHandle(err error, header string, handle wincall.Handle, closeFunc func(wincall.Handle))

func RtlCopyMemory 

func RtlCopyMemory(dst, src uintptr, length uint32) (err error)

func StringFromU16Slice 

func StringFromU16Slice(charName []uint16) string

func UTF16PtrToString 

func UTF16PtrToString(p *uint16) string

func VirtualAlloc 

func VirtualAlloc(lpAddress, dwSize uintptr, flAllocationType, flProtect uint32) (value uintptr, err error)

Use wincall VirtualAlloc

func VirtualAllocEx 

func VirtualAllocEx(hProcess wincall.Handle, lpAddress, dwSize uintptr, flAllocationType, flProtect uint32) (r1 uintptr, err error)

func VirtualFreeEx 

func VirtualFreeEx(hProcess wincall.Handle, lpAddress, dwSize uintptr, dwFreeType uint32) (err error)

Types

type BitMapInfoHeader 

type BitMapInfoHeader struct {
	BiSize          uint32
	BiWidth         int32
	BiHeight        int32
	BiPlanes        uint16
	BiBitCount      uint16
	BiCompression   uint32
	BiSizeImage     uint32
	BiXPelsPerMeter int32
	BiYPelsPerMeter int32
	BiClrUsed       uint32
	BiClrImportant  uint32
}

type Callback 

type Callback func(hwnd uintptr, msg uint32, wparam, lparam uintptr) uintptr

Callback Initialize a WindowsClassEx for register

type DWORD 

type DWORD = uint32

type HANDLE 

type HANDLE = syscall.Handle

type HKEY 

type HKEY = uintptr

type KbdLLHook 

type KbdLLHook struct {
	VkCode      uint32
	ScanCode    uint32
	Flags       uint32
	Time        uint32
	DwExtraInfo uintptr
}

KbdLLHook KeyBoard Hook Struct

type LONG 

type LONG = int32

type LPARAM 

type LPARAM = uintptr

type LPBYTE 

type LPBYTE = *byte

type LPCTSTR 

type LPCTSTR = *uint16

type LPCWSTR 

type LPCWSTR = *uint16

type LPDWORD 

type LPDWORD = *uint32

type LPTSTR 

type LPTSTR = *uint16

type LPVOID 

type LPVOID = unsafe.Pointer

type MSG 

type MSG struct {
	Pt      Point
	Hwnd    uintptr
	Message uint32
	WParam  uintptr
	LParam  uintptr
	Time    uint32
}

type MemoryStatusEX 

type MemoryStatusEX struct {
	DwLength                uint32
	DwMemoryLoad            uint32
	UllTotalPhys            uint64
	UllAvailPhys            uint64
	UllTotalPageFile        uint64
	UllAvailPageFile        uint64
	UllTotalVirtual         uint64
	UllAvailVirtual         uint64
	UllAvailExtendedVirtual uint64
}

type MsLLHook 

type MsLLHook struct {
	Pt          Point
	MouseData   uint32
	Flags       uint32
	Time        uint32
	DwExtraInfo uintptr
}

MsLLHook Mouse Hook Struct

type PipeHandle 

type PipeHandle []wincall.Handle

PipeHandle Make an Input/Output Anonymous Pipe

func MakePipe 

func MakePipe() (p PipeHandle, err error)

func (*PipeHandle) Init 

func (p *PipeHandle) Init() (err error)

func (PipeHandle) Read 

func (p PipeHandle) Read(b []byte) (n int, err error)

func (PipeHandle) Write 

func (p PipeHandle) Write(b []byte) (n int, err error)

type Point 

type Point struct {
	X, Y int32
}

type ProcessInformationClass 

type ProcessInformationClass any
var (
	ProcessBasicInformation ProcessInformationClass = wincall.ProcessBasicInformation
)

type SIZE_T 

type SIZE_T = *uint32

type Slice 

type Slice struct {
	Data unsafe.Pointer
	Len  int
	Cap  int
}

type ThreadStartRoutine 

type ThreadStartRoutine uintptr

type ULONG 

type ULONG = uint32

type WINHTTP_NO_CLIENT_CERT_CONTEXT 

type WINHTTP_NO_CLIENT_CERT_CONTEXT = types.Nil

WinHttpOpen prettifiers for optional parameters

type WORD 

type WORD = uint16

type WPARAM 

type WPARAM = uintptr

type WinHttpCurrUserIEProxyConfig 

type WinHttpCurrUserIEProxyConfig struct {
	FbAutoDetect      bool
	LpszAutoConfigUrl *uint16
	LpszProxy         *uint16
	LpszProxyBypass   *uint16
}

type WindowClassEX 

type WindowClassEX struct {
	CbSize        uint32
	Style         uint32
	LpfnWndProc   uintptr
	CbClsExtra    int32
	CbWndExtra    int32
	HInstance     uintptr
	HIcon         uintptr
	HCursor       uintptr
	HbrBackground uintptr
	LpszMenuName  *uint16
	LpszClassName *uint16
	HIconSm       uintptr
}

WindowClassEX Windows

func InitWindowClassEx 

func InitWindowClassEx(cb Callback, hInstance uintptr, lpClassName string) (ex *WindowClassEX)

Source Files

View all Source files

Directories

Path Synopsis
Package sysdll is an internal leaf package that records and reports which Windows DLL names are used by Go itself.
 Package sysdll is an internal leaf package that records and reports which Windows DLL names are used by Go itself.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.