-
Notifications
You must be signed in to change notification settings - Fork 10
/
functions.rb
91 lines (75 loc) · 3.42 KB
/
functions.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
if RUBY_PLATFORM == "java"
require "rubygems" unless defined?(Gem)
gem "ffi"
end
require "ffi" unless defined?(FFI)
module Process::Functions
module FFI::Library
unless instance_methods.include?(:attach_pfunc)
# Wrapper method for attach_function + private
def attach_pfunc(*args)
attach_function(*args)
private args[0]
end
end
end
extend FFI::Library
typedef :ulong, :dword
typedef :uintptr_t, :handle
typedef :uintptr_t, :hwnd
typedef :uintptr_t, :hmodule
ffi_lib :kernel32
attach_pfunc :CloseHandle, [:handle], :bool
attach_pfunc :CreateToolhelp32Snapshot, %i{dword dword}, :handle
attach_pfunc :GenerateConsoleCtrlEvent, %i{dword dword}, :bool
attach_pfunc :GetCurrentProcess, [], :handle
attach_pfunc :GetModuleHandle, :GetModuleHandleA, [:string], :hmodule
attach_pfunc :GetProcessAffinityMask, %i{handle pointer pointer}, :bool
attach_pfunc :GetPriorityClass, [:handle], :dword
attach_pfunc :GetProcAddress, %i{hmodule string}, :pointer
attach_pfunc :GetVersionExA, [:pointer], :bool
attach_pfunc :Heap32ListFirst, %i{handle pointer}, :bool
attach_pfunc :Heap32ListNext, %i{handle pointer}, :bool
attach_pfunc :Heap32First, %i{pointer dword uintptr_t}, :bool
attach_pfunc :Heap32Next, [:pointer], :bool
attach_pfunc :Module32First, %i{handle pointer}, :bool
attach_pfunc :Module32Next, %i{handle pointer}, :bool
attach_pfunc :IsProcessInJob, %i{handle pointer pointer}, :bool # 2nd arg optional
attach_pfunc :OpenProcess, %i{dword int dword}, :handle
attach_pfunc :Process32First, %i{handle pointer}, :bool
attach_pfunc :Process32Next, %i{handle pointer}, :bool
attach_pfunc :SetHandleInformation, %i{handle dword dword}, :bool
attach_pfunc :SetErrorMode, [:uint], :uint
attach_pfunc :SetPriorityClass, %i{handle dword}, :bool
attach_pfunc :TerminateProcess, %i{handle uint}, :bool
attach_pfunc :Thread32First, %i{handle pointer}, :bool
attach_pfunc :Thread32Next, %i{handle pointer}, :bool
attach_pfunc :WaitForSingleObject, %i{handle dword}, :dword
attach_pfunc :CreateRemoteThread,
%i{handle pointer size_t pointer pointer dword pointer}, :handle
attach_pfunc :GetVolumeInformationA,
%i{string pointer dword pointer pointer pointer pointer dword}, :bool
attach_pfunc :CreateProcessW,
%i{buffer_in buffer_inout pointer pointer int
dword buffer_in buffer_in pointer pointer}, :bool
attach_pfunc :AssignProcessToJobObject, %i{handle handle}, :bool
attach_pfunc :CreateJobObjectA, %i{pointer string}, :handle
attach_pfunc :OpenJobObjectA, %i{dword int string}, :handle
attach_pfunc :QueryInformationJobObject, %i{handle int pointer dword pointer}, :bool
attach_pfunc :SetInformationJobObject, %i{handle int pointer dword}, :bool
attach_pfunc :GetExitCodeProcess, %i{handle pointer}, :bool
ffi_lib :advapi32
attach_pfunc :ConvertSidToStringSidA, %i{buffer_in pointer}, :bool
attach_pfunc :GetTokenInformation, %i{handle int pointer dword pointer}, :bool
attach_pfunc :OpenProcessToken, %i{handle dword pointer}, :bool
attach_pfunc :CreateProcessWithLogonW,
%i{buffer_in buffer_in buffer_in dword buffer_in buffer_inout
dword buffer_in buffer_in pointer pointer}, :bool
ffi_lib FFI::Library::LIBC
attach_pfunc :get_osfhandle, :_get_osfhandle, [:int], :intptr_t
begin
attach_pfunc :get_errno, :_get_errno, [:pointer], :int
rescue FFI::NotFoundError
# Do nothing, Windows XP or earlier.
end
end