devtools

package

v0.1.1 Latest Latest Go to latest Published: Nov 11, 2021 License: GPL-3.0 Imports: 12 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/iDigitalFlame/xmt

Links

Open Source Insights

Documentation ¶

Rendered for

Index ¶

Constants
Variables
func AdjustPrivileges(_ ...string) error
func AdjustTokenPrivileges(_ uintptr, _ ...string) error
func ImpersonatePipeToken(_ uintptr) error
func IsDebugged() bool
func Proxy(r *http.Request) (*url.URL, error)
func RevertToSelf() error
func ServiceMain(name string, f func()) error
func SetCritical(_ bool) error
type RegistryFile
- func Registry(_, _ string) (*RegistryFile, error)
type Service
- func (s *Service) Run() error
- func (s *Service) RunContext(_ context.Context) error
Bugs

Constants ¶

View Source

const (
	TypeString         = 1
	TypeExpandString   = 2
	TypeBinary         = 3
	TypeDWORD          = 4
	TypeDWORDBigEndian = 5
	TypeMultiString    = 7
	TypeQWORD          = 11
)

Registry constant types ripped from

https://cs.opensource.google/go/x/sys/+/0f9fa26a:windows/registry/value.go;l=17

to remove the dependency for *nix systems to use this package.

Variables ¶

View Source

var ErrNoWindows = xerr.New("only supported on Windows devices")

ErrNoWindows is an error that is returned when a non-Windows device attempts a Windows specific function.

View Source

var ErrUnexpectedType = xerr.New("unexpected key value type")

ErrUnexpectedType is returned by the value retriving functions when the value's type was not the requested underlying type.

Functions ¶

func AdjustPrivileges ¶

func AdjustPrivileges(_ ...string) error

AdjustPrivileges will attempt to enable the supplied Windows privilege values on the current process's Token. Errors during encoding, lookup or assignment will be returned and not all privileges will be assigned, if they occur. Always returns 'ErrNoWindows' on non-Windows devices.

func AdjustTokenPrivileges ¶

func AdjustTokenPrivileges(_ uintptr, _ ...string) error

AdjustTokenPrivileges will attempt to enable the supplied Windows privilege values on the supplied process Token. Errors during encoding, lookup or assignment will be returned and not all privileges will be assigned, if they occur. Always returns 'ErrNoWindows' on non-Windows devices.

func ImpersonatePipeToken ¶ added in v0.1.0

func ImpersonatePipeToken(_ uintptr) error

ImpersonatePipeToken will attempt to impersonate the Token used by the Named Pipe client. This function is only usable on Windows with a Server Pipe handle. Always returns 'ErrNoWindows' on non-Windows devices.

func IsDebugged ¶ added in v0.1.0

func IsDebugged() bool

IsDebugged returns true if the current process is attached by a debugger.

func Proxy ¶ added in v0.1.0

func Proxy(r *http.Request) (*url.URL, error)

Proxy returns the URL of the proxy to use for a given request, as indicated by the on-device settings.

Unix/Linux/BSD devices use the environment variables HTTP_PROXY, HTTPS_PROXY and NO_PROXY (or the lowercase versions thereof). HTTPS_PROXY takes precedence over HTTP_PROXY for https requests.

Windows devices will query the Windows API and resolve the system setting values.

The environment values may be either a complete URL or a "host[:port]", in which case the "http" scheme is assumed. The schemes "http", "https", and "socks5" are supported. An error is returned if the value is a different form.

A nil URL and nil error are returned if no proxy is defined in the environment, or a proxy should not be used for the given request, as defined by NO_PROXY or ProxyBypass.

As a special case, if req.URL.Host is "localhost" (with or without a port number), then a nil URL and nil error will be returned.

BUG(dij): I don't have handeling of "<local>" (Windows specific) bypass

rules in place. I would have to re-implement "httpproxy" code
and might not be worth it.

func RevertToSelf ¶ added in v0.1.0

func RevertToSelf() error

RevertToSelf function terminates the impersonation of a client application. Returns an error if no impersonation is being done. Always returns 'ErrNoWindows' on non-Windows devices.

func ServiceMain ¶ added in v0.1.0

func ServiceMain(name string, f func()) error

ServiceMain is a quick assistant function that can be used to create and execute a Windows service.

This function takes the service name and the function to run in the service body.

func SetCritical ¶ added in v0.1.0

func SetCritical(_ bool) error

SetCritical will set the critical flag on the current process. This function requires administrative privileges and will attempt to get the "SeDebugPrivilege" first before running.

If successful, "critical" processes will BSOD the host when killed or will be prevented from running.

Use this function with "false" to disable the critical flag.

NOTE: THIS MUST BE DISABED ON PROCESS EXIT OTHERWISE THE HOST WILL BSOD!!!

Any errors when setting or obtaining privileges will be returned.

Always returns 'ErrNoWindows' on non-Windows devices.

Types ¶

type RegistryFile ¶

type RegistryFile struct {
	// contains filtered or unexported fields
}

RegistryFile is a struct that is returned from a Registry function call on Windows devices. This interface is a combinaton of the io.Reader and os.FileInfo interfaces.

func Registry ¶

func Registry(_, _ string) (*RegistryFile, error)

Registry attempts to open a registry value or key, value pair on Windows devices. Returns err if the system is not a Windows device or an error occurred during the open. Always returns 'ErrNoWindows' on non-windows devices.

func (*RegistryFile) Bytes ¶ added in v0.1.0

func (r *RegistryFile) Bytes() ([]byte, error)

Bytes retrieves the binary value for the specified RegistryFile value. This function does not verify the underlying type, which allows for direct access to the raw Registry byte values.

This function will empty the underlying buffer. Future calls to 'Read' will return 'io.EOF'.

func (*RegistryFile) Close ¶

func (r *RegistryFile) Close() error

Close fulfills the io.Closer interface. For this struct, this function clears any internal buffers and always returns nil.

func (*RegistryFile) Int ¶ added in v0.1.0

func (r *RegistryFile) Int() (uint64, error)

Int retrieves the integer value for the specified RegistryFile value. If value is not DWORD (TypeDWORD), QWORD (TypeQWORD) or DWORD_BIG_ENDIAN (TypeDWORDBigEndian), it will return ErrUnexpectedType. If the buffer does not contain enough space to read the requested type size, it will return an error.

This function will advance the buffer 4 bytes (DWORD) or 8 bytes (QWORD) and may continue to have leftover data.

func (*RegistryFile) IsDir ¶

func (r *RegistryFile) IsDir() bool

IsDir returns true if the specified registry path represents a key.

func (*RegistryFile) Len ¶ added in v0.1.0

func (r *RegistryFile) Len() int

Len returns the number of bytes of the unread portion of the RegistryFile.

func (*RegistryFile) ModTime ¶

func (r *RegistryFile) ModTime() time.Time

ModTime returns the RegistryFile's last modified time, if avaliable.

func (*RegistryFile) Mode ¶

func (r *RegistryFile) Mode() os.FileMode

Mode returns the file mode of this RegistryFile. This will return a ModeDir is this represents a key.

func (*RegistryFile) Name ¶

func (r *RegistryFile) Name() string

Name returns the full path of this RegistryFile.

func (*RegistryFile) Read ¶

func (r *RegistryFile) Read(b []byte) (int, error)

Read will attempt to read the data from this RegistryFile into the supplied buffer. This will return io.EOF if this struct represents a key or there is no data left to read.

func (*RegistryFile) Seek ¶ added in v0.1.0

func (r *RegistryFile) Seek(o int64, w int) (int64, error)

Seek will attempt to seek to the provided offset index and whence. This function will return the new offset if successful and will return an error if the offset and/or whence are invalid.

func (*RegistryFile) Size ¶

func (r *RegistryFile) Size() int64

Size returns the size of the data enclosed in this RegistryFile. This function returns 0 if the path is to a registry key or there is no data to read.

func (*RegistryFile) String ¶

func (r *RegistryFile) String() string

Similar to the Name function, this returns the full path of this RegistryFile.

func (*RegistryFile) StringVal ¶ added in v0.1.0

func (r *RegistryFile) StringVal() (string, error)

StringVal retrieves the string value for the specified RegistryFile value. If value is not SZ (TypeString) or EXPAND_SZ (TypeExpandString), it will return ErrUnexpectedType.

This function will empty the underlying buffer. Future calls to 'Read' will return 'io.EOF'.

func (*RegistryFile) Strings ¶ added in v0.1.0

func (r *RegistryFile) Strings() ([]string, error)

Strings retrieves the []string value for the specified RegistryFile value. If value is not MULTI_SZ (TypeMultiString), it will return ErrUnexpectedType.

This function will empty the underlying buffer. Future calls to 'Read' will return 'io.EOF'.

func (RegistryFile) Sys ¶

func (r RegistryFile) Sys() interface{}

Sys will return a pointer to the underlying buffer if the RegistryFile represents a value.

func (*RegistryFile) Type ¶ added in v0.1.0

func (r *RegistryFile) Type() int

Type returns the Registry Value type, expressed as an integer. This value will be 0 (NONE) for Keys.

func (*RegistryFile) WriteTo ¶ added in v0.1.0

func (r *RegistryFile) WriteTo(w io.Writer) (int64, error)

WriteTo writes data to the supplied Writer until there's no more data to write or when an error occurs. The return value is the number of bytes written. Any error encountered during the write is also returned.

type Service ¶

type Service struct {
	Start, End, Exec func()
	Name             string
	Interval         time.Duration
}

Service is a struct that assists in running a Windows service. This struct can be created and given functions to run (Exec - the function to run for each Timeout when greater than zero, Start - function to run on service start, End - function to run on service shutdown.) Trigger the service to start by using the 'Service.Run' function. The 'Run' function always returns 'ErrNoWindows' on non-Windows devices.

func (*Service) Run ¶

func (s *Service) Run() error

Run will trigger the service to start and will block until the service completes. Will always returns 'ErrNoWindows' on non-Windows devices.

func (*Service) RunContext ¶

func (s *Service) RunContext(_ context.Context) error

RunContext will trigger the service to start and will block until the service completes. Will always returns 'ErrNoWindows' on non-Windows devices. This function allows to pass a Context to cancel the running service.

Notes ¶

Bugs ¶

I don't have handeling of "<local>" (Windows specific) bypass

rules in place. I would have to re-implement "httpproxy" code
and might not be worth it.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL