Documentation ¶
Index ¶
- Constants
- Variables
- func Collect() (localmachine.Info, error)
- func ConvertRegisteredTask(rt taskmaster.RegisteredTask) localmachine.RegisteredTask
- func EnumerateAccountRights(s *syscall.SID) ([]string, error)
- func Execute(cmd *cobra.Command, args []string) error
- func LsaAddAccountRights(hPolicy syscall.Handle, sid *syscall.SID, rights []string) error
- func LsaClose(hPolicy syscall.Handle) error
- func LsaEnumerateAccountRights(hPolicy syscall.Handle, sid *syscall.SID) ([]string, error)
- func LsaEnumerateAccountsWithUserRight(hPolicy syscall.Handle, userright string) ([]windowssecurity.SID, error)
- func LsaFreeMemory(buf uintptr) error
- func LsaNtStatusToWinError(status uintptr) error
- func LsaOpenPolicy(system string, access uint32) (*syscall.Handle, error)
- func LsaRemoveAccountRights(hPolicy syscall.Handle, sid *syscall.SID, removeAll bool, rights []string) error
- func TestInternet() string
- func UTF16PtrToStringN(wstr *uint16, n int) string
- type BOOL
- type BOOLEAN
- type BYTE
- type DWORD
- type DWORD64
- type HANDLE
- type HLOCAL
- type LARGE_INTEGER
- type LONG
- type LPVOID
- type Privilege
- type SIZE_T
- type UINT
- type ULONGLONG
- type ULONG_PTR
- type WORD
Constants ¶
const ( NULL uintptr = 0 ANY_SIZE int = 1 // Error Codes NO_ERROR uintptr = 0 ERROR_SUCCESS uintptr = 0 ERROR_MORE_DATA uintptr = 0xea // 234 ERROR_MR_MID_NOT_FOUND uintptr = 317 STATUS_NO_MORE_ENTRIES syscall.Errno = 0x8000001A NO_MORE_DATA_IS_AVAILABLE syscall.Errno = 0x80070103 // Booleans FALSE BOOL = 0 TRUE BOOL = 1 // Constants DWORD_MAX = DWORD(0xFFFFFFFF) )
Variables ¶
var ( PRIVILEGE_NAMES = []Privilege{ SE_CREATE_TOKEN_NAME, SE_ASSIGNPRIMARYTOKEN_NAME, SE_LOCK_MEMORY_NAME, SE_INCREASE_QUOTA_NAME, SE_UNSOLICITED_INPUT_NAME, SE_MACHINE_ACCOUNT_NAME, SE_TCB_NAME, SE_SECURITY_NAME, SE_TAKE_OWNERSHIP_NAME, SE_LOAD_DRIVER_NAME, SE_SYSTEM_PROFILE_NAME, SE_SYSTEMTIME_NAME, SE_PROF_SINGLE_PROCESS_NAME, SE_INC_BASE_PRIORITY_NAME, SE_CREATE_PAGEFILE_NAME, SE_CREATE_PERMANENT_NAME, SE_BACKUP_NAME, SE_RESTORE_NAME, SE_SHUTDOWN_NAME, SE_DEBUG_NAME, SE_AUDIT_NAME, SE_SYSTEM_ENVIRONMENT_NAME, SE_CHANGE_NOTIFY_NAME, SE_REMOTE_SHUTDOWN_NAME, SE_UNDOCK_NAME, SE_SYNC_AGENT_NAME, SE_ENABLE_DELEGATION_NAME, SE_MANAGE_VOLUME_NAME, SE_IMPERSONATE_NAME, SE_CREATE_GLOBAL_NAME, SE_TRUSTED_CREDMAN_ACCESS_NAME, SE_RELABEL_NAME, SE_INC_WORKING_SET_NAME, SE_TIME_ZONE_NAME, SE_CREATE_SYMBOLIC_LINK_NAME, SE_NETWORK_LOGON_RIGHT, SE_INTERACTIVE_LOGON_NAME, SE_REMOTE_INTERACTIVE_LOGON_NAME, SE_DENY_NETWORK_LOGON_NAME, SE_DENY_INTERACTIVE_LOGON_NAME, SE_DENY_REMOTE_INTERACTIVE_LOGON_NAME, SE_DENY_BATCH_LOGON_NAME, SE_DENY_SERVICE_LOGON_NAME, SE_BATCH_LOGON_NAME, SE_SERVICE_LOGON_NAME, SE_DELEGATE_SESSION_USER_IMPERSONATE_NAME, } )
Functions ¶
func Collect ¶
func Collect() (localmachine.Info, error)
func ConvertRegisteredTask ¶
func ConvertRegisteredTask(rt taskmaster.RegisteredTask) localmachine.RegisteredTask
func LsaAddAccountRights ¶
NTSTATUS LsaAddAccountRights(
LSA_HANDLE PolicyHandle, PSID AccountSid, PLSA_UNICODE_STRING UserRights, ULONG CountOfRights
); https://docs.microsoft.com/en-us/windows/desktop/api/ntsecapi/nf-ntsecapi-lsaaddaccountrights
func LsaClose ¶
NTSTATUS LsaClose(
LSA_HANDLE ObjectHandle
); https://docs.microsoft.com/en-us/windows/desktop/api/ntsecapi/nf-ntsecapi-lsaclose
func LsaEnumerateAccountRights ¶
NTSTATUS LsaEnumerateAccountRights(
LSA_HANDLE PolicyHandle, PSID AccountSid, PLSA_UNICODE_STRING *UserRights, PULONG CountOfRights
); https://docs.microsoft.com/en-us/windows/desktop/api/ntsecapi/nf-ntsecapi-lsaenumerateaccountrights
func LsaEnumerateAccountsWithUserRight ¶
func LsaEnumerateAccountsWithUserRight(hPolicy syscall.Handle, userright string) ([]windowssecurity.SID, error)
NTSTATUS LsaEnumerateAccountsWithUserRight(
[in] LSA_HANDLE PolicyHandle, [in] PLSA_UNICODE_STRING UserRight, [out] PVOID *Buffer, [out] PULONG CountReturned
func LsaFreeMemory ¶
NTSTATUS LsaFreeMemory(
PVOID Buffer
); https://docs.microsoft.com/en-us/windows/desktop/api/ntsecapi/nf-ntsecapi-lsafreememory
func LsaNtStatusToWinError ¶
ULONG LsaNtStatusToWinError(
NTSTATUS Status
); https://docs.microsoft.com/en-us/windows/desktop/api/ntsecapi/nf-ntsecapi-lsantstatustowinerror
func LsaOpenPolicy ¶
NTSTATUS LsaOpenPolicy(
PLSA_UNICODE_STRING SystemName, PLSA_OBJECT_ATTRIBUTES ObjectAttributes, ACCESS_MASK DesiredAccess, PLSA_HANDLE PolicyHandle );
https://docs.microsoft.com/en-us/windows/desktop/api/ntsecapi/nf-ntsecapi-lsaopenpolicy
func LsaRemoveAccountRights ¶
func LsaRemoveAccountRights(hPolicy syscall.Handle, sid *syscall.SID, removeAll bool, rights []string) error
NTSTATUS LsaRemoveAccountRights(
LSA_HANDLE PolicyHandle, PSID AccountSid, BOOLEAN AllRights, PLSA_UNICODE_STRING UserRights, ULONG CountOfRights
); https://docs.microsoft.com/en-us/windows/desktop/api/ntsecapi/nf-ntsecapi-lsaremoveaccountrights
func TestInternet ¶
func TestInternet() string
func UTF16PtrToStringN ¶
UTF16PtrToStringN converts a UTF-16 encoded C-String into a Go string. The n specifies the length of the string. This function supports only wide-character strings in UTF-16; not UTF-8.
Types ¶
type BOOL ¶
type BOOL uint32
Types Reference: https://docs.microsoft.com/en-us/windows/desktop/WinProg/windows-data-types
type BOOLEAN ¶
type BOOLEAN byte
Types Reference: https://docs.microsoft.com/en-us/windows/desktop/WinProg/windows-data-types
type BYTE ¶
type BYTE byte
Types Reference: https://docs.microsoft.com/en-us/windows/desktop/WinProg/windows-data-types
type DWORD ¶
type DWORD uint32
Types Reference: https://docs.microsoft.com/en-us/windows/desktop/WinProg/windows-data-types
type DWORD64 ¶
type DWORD64 uint64
Types Reference: https://docs.microsoft.com/en-us/windows/desktop/WinProg/windows-data-types
type HANDLE ¶
type HANDLE uintptr
Types Reference: https://docs.microsoft.com/en-us/windows/desktop/WinProg/windows-data-types
type HLOCAL ¶
type HLOCAL uintptr
Types Reference: https://docs.microsoft.com/en-us/windows/desktop/WinProg/windows-data-types
type LARGE_INTEGER ¶
type LARGE_INTEGER int64
Types Reference: https://docs.microsoft.com/en-us/windows/desktop/WinProg/windows-data-types
type LONG ¶
type LONG int32
Types Reference: https://docs.microsoft.com/en-us/windows/desktop/WinProg/windows-data-types
type LPVOID ¶
type LPVOID uintptr
Types Reference: https://docs.microsoft.com/en-us/windows/desktop/WinProg/windows-data-types
type Privilege ¶
type Privilege string
const ( SE_CREATE_TOKEN_NAME Privilege = "SeCreateTokenPrivilege" SE_ASSIGNPRIMARYTOKEN_NAME Privilege = "SeAssignPrimaryTokenPrivilege" SE_LOCK_MEMORY_NAME Privilege = "SeLockMemoryPrivilege" SE_INCREASE_QUOTA_NAME Privilege = "SeIncreaseQuotaPrivilege" SE_UNSOLICITED_INPUT_NAME Privilege = "SeUnsolicitedInputPrivilege" SE_MACHINE_ACCOUNT_NAME Privilege = "SeMachineAccountPrivilege" SE_TCB_NAME Privilege = "SeTcbPrivilege" SE_SECURITY_NAME Privilege = "SeSecurityPrivilege" SE_TAKE_OWNERSHIP_NAME Privilege = "SeTakeOwnershipPrivilege" SE_LOAD_DRIVER_NAME Privilege = "SeLoadDriverPrivilege" SE_SYSTEM_PROFILE_NAME Privilege = "SeSystemProfilePrivilege" SE_SYSTEMTIME_NAME Privilege = "SeSystemtimePrivilege" SE_PROF_SINGLE_PROCESS_NAME Privilege = "SeProfileSingleProcessPrivilege" SE_INC_BASE_PRIORITY_NAME Privilege = "SeIncreaseBasePriorityPrivilege" SE_CREATE_PAGEFILE_NAME Privilege = "SeCreatePagefilePrivilege" SE_CREATE_PERMANENT_NAME Privilege = "SeCreatePermanentPrivilege" SE_BACKUP_NAME Privilege = "SeBackupPrivilege" SE_RESTORE_NAME Privilege = "SeRestorePrivilege" SE_SHUTDOWN_NAME Privilege = "SeShutdownPrivilege" SE_DEBUG_NAME Privilege = "SeDebugPrivilege" SE_AUDIT_NAME Privilege = "SeAuditPrivilege" SE_SYSTEM_ENVIRONMENT_NAME Privilege = "SeSystemEnvironmentPrivilege" SE_CHANGE_NOTIFY_NAME Privilege = "SeChangeNotifyPrivilege" SE_REMOTE_SHUTDOWN_NAME Privilege = "SeRemoteShutdownPrivilege" SE_UNDOCK_NAME Privilege = "SeUndockPrivilege" SE_SYNC_AGENT_NAME Privilege = "SeSyncAgentPrivilege" SE_ENABLE_DELEGATION_NAME Privilege = "SeEnableDelegationPrivilege" SE_MANAGE_VOLUME_NAME Privilege = "SeManageVolumePrivilege" SE_IMPERSONATE_NAME Privilege = "SeImpersonatePrivilege" SE_CREATE_GLOBAL_NAME Privilege = "SeCreateGlobalPrivilege" SE_TRUSTED_CREDMAN_ACCESS_NAME Privilege = "SeTrustedCredManAccessPrivilege" SE_RELABEL_NAME Privilege = "SeRelabelPrivilege" SE_INC_WORKING_SET_NAME Privilege = "SeIncreaseWorkingSetPrivilege" SE_TIME_ZONE_NAME Privilege = "SeTimeZonePrivilege" SE_CREATE_SYMBOLIC_LINK_NAME Privilege = "SeCreateSymbolicLinkPrivilege" SE_NETWORK_LOGON_RIGHT Privilege = "SeNetworkLogonRight" SE_INTERACTIVE_LOGON_NAME Privilege = "SeInteractiveLogonRight" SE_REMOTE_INTERACTIVE_LOGON_NAME Privilege = "SeRemoteInteractiveLogonRight" SE_DENY_NETWORK_LOGON_NAME Privilege = "SeDenyNetworkLogonRight" SE_DENY_INTERACTIVE_LOGON_NAME Privilege = "SeDenyInteractiveLogonRight" SE_DENY_REMOTE_INTERACTIVE_LOGON_NAME Privilege = "SeDenyRemoteInteractiveLogonRight" SE_DENY_BATCH_LOGON_NAME Privilege = "SeDenyBatchLogonRight" SE_DENY_SERVICE_LOGON_NAME Privilege = "SeDenyServiceLogonRight" SE_BATCH_LOGON_NAME Privilege = "SeBatchLogonRight" SE_SERVICE_LOGON_NAME Privilege = "SeServiceLogonRight" SE_DELEGATE_SESSION_USER_IMPERSONATE_NAME Privilege = "SeDelegateSessionUserImpersonatePrivilege" )
type SIZE_T ¶
type SIZE_T uintptr
Types Reference: https://docs.microsoft.com/en-us/windows/desktop/WinProg/windows-data-types
type UINT ¶
type UINT uint32
Types Reference: https://docs.microsoft.com/en-us/windows/desktop/WinProg/windows-data-types
type ULONGLONG ¶
type ULONGLONG uint64
Types Reference: https://docs.microsoft.com/en-us/windows/desktop/WinProg/windows-data-types
type ULONG_PTR ¶
type ULONG_PTR uintptr
Types Reference: https://docs.microsoft.com/en-us/windows/desktop/WinProg/windows-data-types
type WORD ¶
type WORD uint16
Types Reference: https://docs.microsoft.com/en-us/windows/desktop/WinProg/windows-data-types