github.com/iDigitalFlame/xmt@v0.5.4/examples/example_zombie.go

github.com/iDigitalFlame/xmt@v0.5.4/examples/example_zombie.go (about)

     1  //go:build windows
     2  // +build windows
     3  
     4  // Copyright (C) 2020 - 2023 iDigitalFlame
     5  //
     6  // This program is free software: you can redistribute it and/or modify
     7  // it under the terms of the GNU General Public License as published by
     8  // the Free Software Foundation, either version 3 of the License, or
     9  // any later version.
    10  //
    11  // This program is distributed in the hope that it will be useful,
    12  // but WITHOUT ANY WARRANTY; without even the implied warranty of
    13  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    14  // GNU General Public License for more details.
    15  //
    16  // You should have received a copy of the GNU General Public License
    17  // along with this program.  If not, see <https://www.gnu.org/licenses/>.
    18  //
    19  
    20  package main
    21  
    22  import (
    23  	"fmt"
    24  
    25  	"github.com/iDigitalFlame/xmt/cmd"
    26  	"github.com/iDigitalFlame/xmt/cmd/filter"
    27  	"github.com/iDigitalFlame/xmt/data"
    28  )
    29  
    30  func exampleZombie() {
    31  	b, err := data.ReadFile(`my.dll`)
    32  	if err != nil {
    33  		panic(err)
    34  	}
    35  
    36  	z := cmd.NewZombie(cmd.DLLToASM("", b), "notepad.exe", "file.txt")
    37  	z.SetParent(filter.I("sihost.exe"))
    38  
    39  	if err = z.Start(); err != nil {
    40  		panic(err)
    41  	}
    42  
    43  	if err = z.Wait(); err != nil {
    44  		panic(err)
    45  	}
    46  
    47  	e, err := z.ExitCode()
    48  	if err != nil {
    49  		panic(err)
    50  	}
    51  
    52  	fmt.Printf("res: %X\n", uint32(e))
    53  }