Class: TurboRex::Windows

Inherits:
Metasm::WinOS
  • Object
show all
Defined in:
lib/turborex/windows.rb,
lib/turborex/windows/com.rb,
lib/turborex/windows/alpc.rb,
lib/turborex/windows/utils.rb,
lib/turborex/windows/process.rb,
lib/turborex/windows/tinysdk.rb,
lib/turborex/windows/security.rb,
lib/turborex/windows/com/utils.rb,
lib/turborex/windows/constants.rb,
lib/turborex/windows/com/client.rb,
lib/turborex/windows/security/ace.rb,
lib/turborex/windows/security/acl.rb,
lib/turborex/windows/com/interface.rb,
lib/turborex/windows/com/com_finder.rb,
lib/turborex/windows/com/com_registry.rb,
lib/turborex/windows/security/security_descriptor.rb

Defined Under Namespace

Modules: ALPC, COM, Constants, Security, Utils Classes: Process, Thread, TinySDK, Token, Win32API

Class Method Summary collapse

Class Method Details

.list_all_process_pidObject 



392
393
394
395
396
397
398
399
400
 
# File 'lib/turborex/windows.rb', line 392

def self.list_all_process_pid
  lpidProcess = Win32API.alloc_c_ary('DWORD', 1024)
  cb = 1024
  lpcbNeeded = 0

  Win32API.enumprocesses(lpidProcess, cb, lpcbNeeded)

  lpidProcess
end

.open_process(pid, mask = Metasm::WinAPI::PROCESS_QUERY_INFORMATION) ⇒ Object 



375
376
377
378
379
380
381
 
# File 'lib/turborex/windows.rb', line 375

def self.open_process(pid, mask = Metasm::WinAPI::PROCESS_QUERY_INFORMATION)
  if handle = Metasm::WinAPI.openprocess(mask, 0, pid)
    return open_process_handle(handle)
  end

  nil
end

.open_process_handle(handle) ⇒ Object 



383
384
385
386
387
388
389
390
 
# File 'lib/turborex/windows.rb', line 383

def self.open_process_handle(handle)
  pid = begin
          WinAPI.getprocessid(handle)
        rescue StandardError
          0
        end
  TurboRex::Windows::Process.new(pid, handle)
end

.tinysdkObject 



5
6
7
 
# File 'lib/turborex/windows/tinysdk.rb', line 5

def self.tinysdk
  TurboRex::Windows::TinySDK.instance
end