Documentation
¶
Index ¶
- func AllocADsMem() *syscall.LazyProc
- func Beep() *syscall.LazyProc
- func CloseHandle() *syscall.LazyProc
- func ConvertThreadToFiber() *syscall.LazyProc
- func CreateFiber() *syscall.LazyProc
- func CreateRemoteThreadEx() *syscall.LazyProc
- func CreateThread() *syscall.LazyProc
- func CreateToolhelp32Snapshot() *syscall.LazyProc
- func EnumPageFilesW() *syscall.LazyProc
- func EnumSystemLocalesA() *syscall.LazyProc
- func EnumSystemLocalesEx() *syscall.LazyProc
- func EnumSystemLocalesW() *syscall.LazyProc
- func EnumerateLoadedModules() *syscall.LazyProc
- func EtwEventWrite() *syscall.LazyProc
- func EtwEventWriteEx() *syscall.LazyProc
- func EtwEventWriteFull() *syscall.LazyProc
- func EtwEventWriteString() *syscall.LazyProc
- func EtwEventWriteTransfer() *syscall.LazyProc
- func EtwpCreateEtwThread() *syscall.LazyProc
- func GetCurrentProcess() *syscall.LazyProc
- func GetCurrentThread() *syscall.LazyProc
- func GetPhysicallyInstalledSystemMemory() *syscall.LazyProc
- func GetTickCount() *syscall.LazyProc
- func HeapAlloc() *syscall.LazyProc
- func HeapCreate() *syscall.LazyProc
- func I_QueryTagInformation() *syscall.LazyProc
- func NewLazyDLLAndProc(dll, name string) *syscall.LazyProc
- func NtAllocateVirtualMemory() *syscall.LazyProc
- func NtQueryInformationProcess() *syscall.LazyProc
- func NtQueryInformationThread() *syscall.LazyProc
- func NtQueueApcThreadEx() *syscall.LazyProc
- func NtWriteVirtualMemory() *syscall.LazyProc
- func OpenProcess() *syscall.LazyProc
- func OpenThread() *syscall.LazyProc
- func QueueUserAPC() *syscall.LazyProc
- func ReadProcessMemory() *syscall.LazyProc
- func ReallocADsMem() *syscall.LazyProc
- func RtlCopyBytes() *syscall.LazyProc
- func RtlCopyMemory() *syscall.LazyProc
- func RtlCreateUserThread() *syscall.LazyProc
- func RtlEthernetAddressToStringA() *syscall.LazyProc
- func RtlEthernetStringToAddressA() *syscall.LazyProc
- func RtlIpv4AddressToStringA() *syscall.LazyProc
- func RtlIpv4StringToAddressA() *syscall.LazyProc
- func RtlMoveMemory() *syscall.LazyProc
- func SwitchToFiber() *syscall.LazyProc
- func TerminateThread() *syscall.LazyProc
- func Thread32First() *syscall.LazyProc
- func UuidFromStringA() *syscall.LazyProc
- func VirtualAlloc() *syscall.LazyProc
- func VirtualAllocEx() *syscall.LazyProc
- func VirtualProtect() *syscall.LazyProc
- func VirtualProtectEx() *syscall.LazyProc
- func WaitForSingleObject() *syscall.LazyProc
- func WriteProcessMemory() *syscall.LazyProc
- type IMAGE_DATA_DIRECTORY
- type IMAGE_DOS_HEADER
- type IMAGE_FILE_HEADER
- type IMAGE_NT_HEADER
- type IMAGE_OPTIONAL_HEADER
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func AllocADsMem ¶
func CloseHandle ¶
func ConvertThreadToFiber ¶
func CreateFiber ¶
func CreateRemoteThreadEx ¶
func CreateThread ¶
func EnumPageFilesW ¶
func EnumSystemLocalesA ¶
func EnumSystemLocalesEx ¶
func EnumSystemLocalesW ¶
func EnumerateLoadedModules ¶
func EtwEventWrite ¶
func EtwEventWriteEx ¶
func EtwEventWriteFull ¶
func EtwEventWriteString ¶
func EtwEventWriteTransfer ¶
func EtwpCreateEtwThread ¶
func GetCurrentProcess ¶
func GetCurrentThread ¶
func GetTickCount ¶
func HeapCreate ¶
func I_QueryTagInformation ¶
func NewLazyDLLAndProc ¶
NewLazyDLLAndProc 返回指定 dll 的指定函数
func NtAllocateVirtualMemory ¶
func NtQueueApcThreadEx ¶
func NtWriteVirtualMemory ¶
func OpenProcess ¶
func OpenThread ¶
func QueueUserAPC ¶
func ReadProcessMemory ¶
func ReallocADsMem ¶
func RtlCopyBytes ¶
func RtlCopyMemory ¶
func RtlCreateUserThread ¶
func RtlIpv4AddressToStringA ¶
func RtlIpv4StringToAddressA ¶
func RtlMoveMemory ¶
func SwitchToFiber ¶
func TerminateThread ¶
func Thread32First ¶
func UuidFromStringA ¶
func VirtualAlloc ¶
func VirtualAllocEx ¶
func VirtualProtect ¶
func VirtualProtectEx ¶
func WaitForSingleObject ¶
func WriteProcessMemory ¶
Types ¶
type IMAGE_DATA_DIRECTORY ¶
type IMAGE_DOS_HEADER ¶
type IMAGE_DOS_HEADER struct {
/*E_magic uint16 // Magic number
E_cblp uint16 // Bytes on last page of file
E_cp uint16 // Pages in file
E_crlc uint16 // Relocations
E_cparhdr uint16 // Size of header in paragraphs
E_minalloc uint16 // Minimum extra paragraphs needed
E_maxalloc uint16 // Maximum extra paragraphs needed
E_ss uint16 // Initial (relative) SS value
E_sp uint16 // Initial SP value
E_csum uint16 // Checksum
E_ip uint16 // Initial IP value
E_cs uint16 // Initial (relative) CS value
E_lfarlc uint16 // File address of relocation table
E_ovno uint16 // Overlay number
E_res [4]uint16 // Reserved words
E_oemid uint16 // OEM identifier (for E_oeminfo)
E_oeminfo uint16 // OEM information; E_oemid specific
E_res2 [10]uint16 // Reserved words*/
E_lfanew uint32 // File address of new exe header
}
type IMAGE_FILE_HEADER ¶
type IMAGE_NT_HEADER ¶
type IMAGE_NT_HEADER struct {
Signature uint32
FileHeader IMAGE_FILE_HEADER
OptionalHeader IMAGE_OPTIONAL_HEADER
}
type IMAGE_OPTIONAL_HEADER ¶
type IMAGE_OPTIONAL_HEADER struct {
Magic uint16
MajorLinkerVersion uint8
MinorLinkerVersion uint8
SizeOfCode uint32
SizeOfInitializedData uint32
SizeOfUninitializedData uint32
AddressOfEntryPoint uint32
BaseOfCode uint32
ImageBase uint64
SectionAlignment uint32
FileAlignment uint32
MajorOperatingSystemVersion uint16
MinorOperatingSystemVersion uint16
MajorImageVersion uint16
MinorImageVersion uint16
MajorSubsystemVersion uint16
MinorSubsystemVersion uint16
Win32VersionValue uint32
SizeOfImage uint32
SizeOfHeaders uint32
CheckSum uint32
Subsystem uint16
DllCharacteristics uint16
SizeOfStackReserve uint64
SizeOfStackCommit uint64
SizeOfHeapReserve uint64
SizeOfHeapCommit uint64
LoaderFlags uint32
NumberOfRvaAndSizes uint32
DataDirectory [16]IMAGE_DATA_DIRECTORY
}
Source Files
Click to show internal directories.
Click to hide internal directories.