You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
84 lines
1.6 KiB
84 lines
1.6 KiB
package readmemory
|
|
|
|
import (
|
|
"strings"
|
|
"syscall"
|
|
"unsafe"
|
|
|
|
windows "golang.org/x/sys/windows"
|
|
)
|
|
|
|
const TH32CS_SNAPPROCESS = 0x00000002
|
|
|
|
type WindowsProcess struct {
|
|
ProcessID int
|
|
ParentProcessID int
|
|
Exe string
|
|
}
|
|
|
|
func processes() ([]WindowsProcess, error) {
|
|
handle, err := windows.CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
defer windows.CloseHandle(handle)
|
|
|
|
var entry windows.ProcessEntry32
|
|
entry.Size = uint32(unsafe.Sizeof(entry))
|
|
err = windows.Process32First(handle, &entry)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
results := make([]WindowsProcess, 0, 50)
|
|
for {
|
|
results = append(results, newWindowsProcess(&entry))
|
|
|
|
err = windows.Process32Next(handle, &entry)
|
|
if err != nil {
|
|
if err == syscall.ERROR_NO_MORE_FILES {
|
|
return results, nil
|
|
}
|
|
return nil, err
|
|
}
|
|
}
|
|
}
|
|
|
|
func findProcessByName(processes []WindowsProcess, name string) *WindowsProcess {
|
|
for _, p := range processes {
|
|
if strings.ToLower(p.Exe) == strings.ToLower(name) {
|
|
return &p
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func newWindowsProcess(e *windows.ProcessEntry32) WindowsProcess {
|
|
end := 0
|
|
for {
|
|
if e.ExeFile[end] == 0 {
|
|
break
|
|
}
|
|
end++
|
|
}
|
|
|
|
return WindowsProcess{
|
|
ProcessID: int(e.ProcessID),
|
|
ParentProcessID: int(e.ParentProcessID),
|
|
Exe: syscall.UTF16ToString(e.ExeFile[:end]),
|
|
}
|
|
}
|
|
|
|
func bindDefaultProcess(defaultName string) (uint32, bool) {
|
|
procs, err := processes()
|
|
if err != nil {
|
|
return 0, false
|
|
}
|
|
|
|
explorer := findProcessByName(procs, defaultName)
|
|
if explorer == nil {
|
|
return 0, false
|
|
}
|
|
|
|
return uint32(explorer.ProcessID), true
|
|
}
|