heaven

package
v0.0.0-...-dbcb93e Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Feb 11, 2021 License: MIT Imports: 4 Imported by: 0

Documentation

Index

Constants

View Source 
const ERROR_SUCCESS syscall.Errno = 0

Variables

This section is empty.

Functions

func GetModuleHandle 

func GetModuleHandle(module string) (uint64, error)

GetModuleHandle returns a 64-bit handle to the specified module

func GetProcAddress 

func GetProcAddress(handle uint64, proc string) (uint64, error)

GetProcAddress returns the 64-bit address of the exported function from the given 64-bit module handle

func GetSelfHandle 

func GetSelfHandle() windows.Handle

GetSelfHandle returns a windows.Handle to the current process

func NtWow64QueryInformationProcess64 

func NtWow64QueryInformationProcess64(processHandle Handle, processInformationClass int32,
	processInformation windows.Pointer, processInformationLength uint32, returnLength *uint32) error

func NtWow64ReadVirtualMemory64 

func NtWow64ReadVirtualMemory64(processHandle Handle, baseAddress uint64,
	bufferData windows.Pointer, bufferSize uint64, returnSize *uint64) error

func Syscall 

func Syscall(proc uint64, args ...uint64) (errcode uint32, err error)

Syscall initiates a 64-bit procedure at the specificed proc address

Types

type ANSI_STRING_WOW64 

type ANSI_STRING_WOW64 struct {
	Length        uint16
	MaximumLength uint16
	WtfIsThis     uint32
	Buffer        uint64
}

type Handle 

type Handle = syscall.Handle

type LDR_DATA_TABLE_ENTRY64 

type LDR_DATA_TABLE_ENTRY64 struct {
	InLoadOrderLinks           LIST_ENTRY
	InMemoryOrderLinks         LIST_ENTRY
	InInitializationOrderLinks LIST_ENTRY
	DllBase                    uint64
	EntryPoint                 uint64
	SizeOfImage                uint32
	Dummy                      uint64
	FullDllName                UNICODE_STRING_WOW64
	BaseDllName                UNICODE_STRING_WTF // [Length][Max][??extra 4 bytes??][Buffer]
}

type LIST_ENTRY 

type LIST_ENTRY struct {
	Flink uint64
	Blink uint64
}

type PEB64 

type PEB64 struct {
	Reserved          [24]byte
	LdrData           uint64
	ProcessParameters uint64
}

type PEB_LDR_DATA64 

type PEB_LDR_DATA64 struct {
	Length                uint32
	Initialized           uint32
	SsHandle              uint64
	InLoadOrderModuleList LIST_ENTRY
}

type PROCESS_BASIC_INFORMATION64 

type PROCESS_BASIC_INFORMATION64 struct {
	ExitStatus                   uint64
	PebBaseAddress               uint64
	AffinityMask                 uint64
	BasePriority                 uint64
	UniqueProcessId              uint64
	InheritedFromUniqueProcessId uint64
}

type UNICODE_STRING_WOW64 

type UNICODE_STRING_WOW64 struct {
	Length        uint16
	MaximumLength uint16
	Buffer        uint64
}

type UNICODE_STRING_WTF 

type UNICODE_STRING_WTF struct {
	Length        uint16
	MaximumLength uint16
	WtfIsThis     uint32
	Buffer        uint64
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.