irma

package

v1.0.1-beta Latest Latest Go to latest Published: Mar 21, 2023 License: MIT Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/nullentrypoint/tekken7-web-displayer

README ¶

irma

github.com/codeyourweb/irma

Documentation ¶

Index ¶

Constants
func CreateMutex(name string) (uintptr, error)
func DumpModuleMemory(procHandle windows.Handle, modHandle syscall.Handle, verbose bool) ([]byte, error)
func EnumProcessModules(hProcess windows.Handle, nSize uintptr) (modules []syscall.Handle, err error)
func FindProcessByName(needProcessName string) (windows.Handle, error)
func GetExitCodeProcess(hProcess windows.Handle) uint32
func GetModuleFileNameEx(hProcess windows.Handle, hModule syscall.Handle, nSize uintptr) (data []byte, err error)
func GetProcessHandle(pid uint32, desiredAccess uint32) (handle windows.Handle, err error)
func GetProcessImageFileName(hProcess windows.Handle, nSize uintptr) (data []byte, err error)
func GetProcessModulesHandles(procHandle windows.Handle) (processFilename string, modules []syscall.Handle, err error)
func GetProcessesList() (procsIds []uint32, bytesReturned uint32, err error)
func KillProcessByID(procID uint32, verbose bool) (err error)
func ReadProcessMemory(hProcess windows.Handle, lpBaseAddress uintptr, nSize uintptr) (data []byte, err error)
func VirtualProtect(lpAddress unsafe.Pointer, dwSize uintptr, flNewProtect uint32, ...) bool
func WriteProcessMemoryToFile(path string, file string, data []byte) (err error)
type ENUM_SERVICE_STATUS_PROCESS
type ModuleInfo
- func GetModuleInformation(hProcess windows.Handle, hModule syscall.Handle) (modInfos ModuleInfo, err error)
type ProcessInformation
- func GetProcessMemory(pid uint32, handle windows.Handle, verbose bool) (ProcessInformation, []byte, error)
type SERVICE_STATUS_PROCESS
type SystemInfo
- func GetSystemInfo() (si SystemInfo)

Constants ¶

View Source

const (
	SVC_SC_ENUM_PROCESS_INFO = 0
	SVC_SERVICE_WIN32        = 0x00000030
	SVC_SERVICE_STATE_ALL    = 0x00000003
	SVC_SERVICE_ACCEPT_STOP  = 0x00000001
)

Windows services constants

View Source

const STILL_ACTIVE = 259

Variables ¶

This section is empty.

Functions ¶

func CreateMutex ¶

func CreateMutex(name string) (uintptr, error)

CreateMutex is a wrapper for CreateMutexW WIN32 API function https://docs.microsoft.com/en-us/windows/win32/api/synchapi/nf-synchapi-createmutexw

func DumpModuleMemory ¶

func DumpModuleMemory(procHandle windows.Handle, modHandle syscall.Handle, verbose bool) ([]byte, error)

DumpModuleMemory dump a process module memory and return it as a byte slice

func EnumProcessModules ¶

func EnumProcessModules(hProcess windows.Handle, nSize uintptr) (modules []syscall.Handle, err error)

EnumProcessModules is a wrapper for the same WIN32 API function https://docs.microsoft.com/fr-fr/windows/win32/api/psapi/nf-psapi-enumprocessmodules?redirectedfrom=MSDN

func FindProcessByName ¶

func FindProcessByName(needProcessName string) (windows.Handle, error)

func GetExitCodeProcess ¶

func GetExitCodeProcess(hProcess windows.Handle) uint32

GetExitCodeProcess is a wrapper for the same WIN32 API function https://docs.microsoft.com/en-us/windows/win32/api/processthreadsapi/nf-processthreadsapi-getexitcodeprocess

func GetModuleFileNameEx ¶

func GetModuleFileNameEx(hProcess windows.Handle, hModule syscall.Handle, nSize uintptr) (data []byte, err error)

GetModuleFileNameEx is a wrapper for the same WIN32 API function https://docs.microsoft.com/fr-fr/windows/win32/api/psapi/nf-psapi-getmodulefilenameexa?redirectedfrom=MSDN

func GetProcessHandle ¶

func GetProcessHandle(pid uint32, desiredAccess uint32) (handle windows.Handle, err error)

GetProcessHandle return the process handle from the specified PID

func GetProcessImageFileName ¶

func GetProcessImageFileName(hProcess windows.Handle, nSize uintptr) (data []byte, err error)

GetProcessImageFileName is a wrapper for the same WIN32 API function https://docs.microsoft.com/fr-fr/windows/win32/api/psapi/nf-psapi-getprocessimagefilenamea?redirectedfrom=MSDN

func GetProcessModulesHandles ¶

func GetProcessModulesHandles(procHandle windows.Handle) (processFilename string, modules []syscall.Handle, err error)

GetProcessModulesHandles list modules handles from a process handle

func GetProcessesList ¶

func GetProcessesList() (procsIds []uint32, bytesReturned uint32, err error)

GetProcessesList return PID from running processes

func KillProcessByID ¶

func KillProcessByID(procID uint32, verbose bool) (err error)

KillProcessByID try to kill the specified PID

func ReadProcessMemory ¶

func ReadProcessMemory(hProcess windows.Handle, lpBaseAddress uintptr, nSize uintptr) (data []byte, err error)

ReadProcessMemory is a wrapper for the same WIN32 API function https://docs.microsoft.com/en-us/windows/win32/api/memoryapi/nf-memoryapi-readprocessmemory

func VirtualProtect ¶

func VirtualProtect(lpAddress unsafe.Pointer, dwSize uintptr, flNewProtect uint32, lpflOldProtect unsafe.Pointer) bool

VirtualProtect is a wrapper for the same WIN32 API function https://docs.microsoft.com/en-us/windows/win32/api/memoryapi/nf-memoryapi-virtualprotect

func WriteProcessMemoryToFile ¶

func WriteProcessMemoryToFile(path string, file string, data []byte) (err error)

WriteProcessMemoryToFile try to write a byte slice to the specified directory

Types ¶

type ENUM_SERVICE_STATUS_PROCESS ¶

type ENUM_SERVICE_STATUS_PROCESS struct {
	ServiceStatusProcess SERVICE_STATUS_PROCESS
	// contains filtered or unexported fields
}

wrapper for WIN32 API ENUM_SERVICE_STATUS_PROCESSW structure https://docs.microsoft.com/en-us/windows/win32/api/winsvc/ns-winsvc-enum_service_status_processw

type ModuleInfo ¶

type ModuleInfo struct {
	BaseOfDll   uintptr
	SizeOfImage int32
	EntryPoint  uintptr
}

ModuleInfo structure contains the module load address, size, and entry point. https://docs.microsoft.com/en-us/windows/win32/api/psapi/ns-psapi-moduleinfo

func GetModuleInformation ¶

func GetModuleInformation(hProcess windows.Handle, hModule syscall.Handle) (modInfos ModuleInfo, err error)

GetModuleInformation is a wrapper for the same WIN32 API function https://docs.microsoft.com/en-us/windows/win32/api/psapi/nf-psapi-getmoduleinformation

type ProcessInformation ¶

type ProcessInformation struct {
	PID         uint32
	ProcessName string
	ProcessPath string
	MemoryDump  []byte
}

ProcessInformation wrap basic process information and memory dump in a structure

func GetProcessMemory ¶

func GetProcessMemory(pid uint32, handle windows.Handle, verbose bool) (ProcessInformation, []byte, error)

GetProcessMemory return a process memory dump based on its handle

type SERVICE_STATUS_PROCESS ¶

type SERVICE_STATUS_PROCESS struct {
	// contains filtered or unexported fields
}

wrapper for WIN32 API SERVICE_STATUS_PROCESS structure https://docs.microsoft.com/en-us/windows/win32/api/winsvc/ns-winsvc-service_status_process

type SystemInfo ¶

type SystemInfo struct {
	ProcessorArchitecture int16

	PageSize                  int32
	MinimumApplicationAddress uintptr
	MaximumApplicationAddress uintptr
	ActiveProcessorMask       uintptr
	NumberOfProcessors        int32
	ProcessorType             int32
	AllocationGranularity     int32
	ProcessorLevel            int16
	ProcessorRevision         int16
	// contains filtered or unexported fields
}

SystemInfo structure contains information about the current computer system. This includes the architecture and type of the processor, the number of processors in the system, the page size, and other such information. https://docs.microsoft.com/en-us/windows/win32/api/sysinfoapi/ns-sysinfoapi-system_info

func GetSystemInfo ¶

func GetSystemInfo() (si SystemInfo)

GetSystemInfo is a wrapper for the same WIN32 API function https://docs.microsoft.com/en-us/windows/win32/api/sysinfoapi/nf-sysinfoapi-getsysteminfo

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL