spsutil

package

v0.0.0-...-f1241d1 Latest Latest Go to latest Published: Mar 19, 2024 License: MulanPSL-2.0 Imports: 6 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

gitee.com/solidone/sutils

Documentation ¶

Index ¶

Constants
func FindPid(name string) uint32
func GetModelHandle(_pid uint32) uintptr
func OpenProcess(dwDesiredAccess uint32, dwProcessId uint32) (syscall.Handle, error)
func Pids() []uint32
func ReadProcessMemory(hProcess syscall.Handle, lpBaseAddress uintptr, lpBuffer []byte) (int, error)
func ScanPatternPage(hProcess syscall.Handle, address uintptr, subStr string) (uintptr, uintptr)
func WriteProcessMemory(hProcess syscall.Handle, lpBaseAddress uintptr, lpBuffer []byte) (uintptr, error)
type MEMORY_BASIC_INFORMATION
type ProcessMoudleInfo
- func EnumProcessModulesList(hProcess uintptr) ([]ProcessMoudleInfo, error)
- func GetProcessMoudleInfo(hProcess uintptr, moduleName string) (ProcessMoudleInfo, error)

Constants ¶

View Source

const (
	PAGE_EXECUTE           = 0x10
	PAGE_EXECUTE_READ      = 0x20
	PAGE_EXECUTE_READWRITE = 0x40
	PAGE_EXECUTE_WRITECOPY = 0x80
	PAGE_NOACCESS          = 0x01
	PAGE_READONLY          = 0x02
	PAGE_READWRITE         = 0x04
	PAGE_WRITECOPY         = 0x08
	PAGE_GUARD             = 0x100
	PAGE_NOCACHE           = 0x200
	MEM_COMMIT             = 0x1000
	PAGE_WRITECOMBINE      = 0x400
)

Variables ¶

This section is empty.

Functions ¶

func FindPid ¶

func FindPid(name string) uint32

获取指定进程PID

func GetModelHandle ¶

func GetModelHandle(_pid uint32) uintptr

获取进程值

func OpenProcess ¶

func OpenProcess(dwDesiredAccess uint32, dwProcessId uint32) (syscall.Handle, error)

获取进程句柄

func Pids ¶

func Pids() []uint32

获取所有进程PID

func ReadProcessMemory ¶

func ReadProcessMemory(hProcess syscall.Handle, lpBaseAddress uintptr, lpBuffer []byte) (int, error)

读取进程中地址的值

func ScanPatternPage ¶

func ScanPatternPage(hProcess syscall.Handle, address uintptr, subStr string) (uintptr, uintptr)

扫描内存

Parameters
   ----------
   handle: syscall.Handle
       Handle to an open object
   address: uintptr
       An address to search from
   subStr: string
       A regex byte pattern to search for
Returns

func WriteProcessMemory ¶

func WriteProcessMemory(hProcess syscall.Handle, lpBaseAddress uintptr, lpBuffer []byte) (uintptr, error)

写入进程中地址的值

Types ¶

type MEMORY_BASIC_INFORMATION ¶

type MEMORY_BASIC_INFORMATION struct {
	BaseAddress       uintptr
	AllocationBase    uintptr
	AllocationProtect uint32
	RegionSize        uintptr
	State             uint32
	Protect           uint32
	Type              uint32
}

type ProcessMoudleInfo ¶

type ProcessMoudleInfo struct {
	BaseAddress    int64  //基址地址
	BaseHexAddress string //基址地址(十六进制)
	MoudlePath     string // 模块地址
	MoudleName     string //模块名称
}

func EnumProcessModulesList ¶

func EnumProcessModulesList(hProcess uintptr) ([]ProcessMoudleInfo, error)

枚举进程模块

func GetProcessMoudleInfo ¶

func GetProcessMoudleInfo(hProcess uintptr, moduleName string) (ProcessMoudleInfo, error)

获取进程中某个模块的基本信息

Source Files ¶

View all Source files

spsutil.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL