github.com/iDigitalFlame/xmt@v0.5.4/device/winapi/c_compat_crypt.go (about) 1 //go:build windows && (altload || crypt) && !go1.11 2 // +build windows 3 // +build altload crypt 4 // +build !go1.11 5 6 // Copyright (C) 2020 - 2023 iDigitalFlame 7 // 8 // This program is free software: you can redistribute it and/or modify 9 // it under the terms of the GNU General Public License as published by 10 // the Free Software Foundation, either version 3 of the License, or 11 // any later version. 12 // 13 // This program is distributed in the hope that it will be useful, 14 // but WITHOUT ANY WARRANTY; without even the implied warranty of 15 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 // GNU General Public License for more details. 17 // 18 // You should have received a copy of the GNU General Public License 19 // along with this program. If not, see <https://www.gnu.org/licenses/>. 20 // 21 22 package winapi 23 24 // All hashes are in the FNV format. 25 /* 26 def fnv(v): 27 h = 2166136261 28 for n in v: 29 h *= 16777619 30 h ^= ord(n) 31 h = h&0xFFFFFFFF 32 return "0x" + hex(h).upper()[2:] 33 */ 34 35 var ( 36 funcRtlMoveMemory = dllNtdll.proc(0xA0CE107B) 37 funcNtCancelIoFile = dllNtdll.sysProc(0xF402EB27) 38 39 funcCreateRemoteThread = dllKernel32.proc(0xEE34539B) 40 funcSetProcessWorkingSetSize = dllKernel32.proc(0x28085D42) 41 42 funcRegDeleteKey = dllAdvapi32.proc(0xE93C7BC8) 43 funcCheckTokenMembership = dllAdvapi32.proc(0xE42E234E) 44 45 funcEnumDeviceDrivers = dllPsapi.proc(0x36EBB2F5) 46 funcGetModuleInformation = dllPsapi.proc(0xC94AC5BB) 47 funcGetDeviceDriverFileName = dllPsapi.proc(0x1F449D97) 48 )