API tools faq
paste
FlyFar

TaskFucker - Mess with Task Manager using WIndows API

FlyFar
Jul 15th, 2023
128
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Go 3.49 KB | Cybersecurity | 0 0
raw download clone embed print report
  1. package main
  2.  
  3. import (
  4.     "bufio"
  5.     "fmt"
  6.     "os"
  7.     "strconv"
  8.     "strings"
  9.     "syscall"
  10.     "unsafe"
  11. )
  12.  
  13. var (
  14.     user32             = syscall.MustLoadDLL("user32.dll")
  15.     procGetWindowTextW = user32.MustFindProc("GetWindowTextW")
  16.     procEnumWindows    = user32.MustFindProc("EnumWindows")
  17.     procShowWindow     = user32.MustFindProc("ShowWindow")
  18.     procEnumChildWindows   = user32.MustFindProc("EnumChildWindows")
  19.  
  20.     kernel32    = syscall.MustLoadDLL("kernel32.dll")
  21.     closeHandle = kernel32.MustFindProc("CloseHandle")
  22.  
  23.     state bool = false
  24. )
  25.  
  26. //  SW_HIDE            = 0
  27. //  SW_NORMAL          = 1
  28. //  SW_SHOWNORMAL      = 1
  29. //  SW_SHOWMINIMIZED   = 2
  30. //  SW_MAXIMIZE        = 3
  31. //  SW_SHOWMAXIMIZED   = 3
  32. //  SW_SHOWNOACTIVATE  = 4
  33. //  SW_SHOW            = 5
  34. //  SW_MINIMIZE        = 6
  35. //  SW_SHOWMINNOACTIVE = 7
  36. //  SW_SHOWNA          = 8
  37. //  SW_RESTORE         = 9
  38. //  SW_SHOWDEFAULT     = 10
  39. //  SW_FORCEMINIMIZE   = 11
  40.  
  41. func FuckWithTaskManager(){
  42.     TaskManager := FindWindow("Task Manager")
  43.     if TaskManager != 0 {
  44.         fmt.Println("Task Manager Handle: " + strconv.FormatInt(int64(TaskManager), 16))
  45.  
  46.         TaskProcTab := GetChildHandle(TaskManager)
  47.         fmt.Println("Task Manager first child: " + strconv.FormatInt(int64(TaskProcTab), 16))
  48.  
  49.         if state{
  50.             ShowWindow(TaskProcTab, 1)
  51.             state = false
  52.             fmt.Println("Showing")
  53.         }else{
  54.             ShowWindow(TaskProcTab, 0)
  55.             state = true
  56.             fmt.Println("Hiding")
  57.         }
  58.         CloseHandle(TaskProcTab)
  59.         CloseHandle(TaskManager)
  60.     }
  61. }
  62.  
  63.  
  64. func main() {
  65.     Menu:
  66.         fmt.Println("")
  67.     fmt.Println("Fuck with Task Manager [Press Anykey] ")
  68.     CommandScan := bufio.NewScanner(os.Stdin)
  69.     CommandScan.Scan()
  70.     FuckWithTaskManager()
  71.     goto Menu
  72.  
  73. }
  74.  
  75. func GetChildHandle(hWnd syscall.Handle) syscall.Handle {
  76.     var hndl syscall.Handle
  77.     cb := syscall.NewCallback(func(h syscall.Handle, p uintptr) uintptr {
  78.         hndl = h
  79.         return 0
  80.     })
  81.     EnumChildWindows(hWnd, cb, 0)
  82.     return hndl
  83. }
  84.  
  85. func ShowWindow(hWnd syscall.Handle, nCmdShow int32) bool {
  86.     ret, _, _ := syscall.Syscall(procShowWindow.Addr(), 2,
  87.         uintptr(hWnd),
  88.         uintptr(nCmdShow),
  89.         0)
  90.  
  91.     return ret != 0
  92. }
  93.  
  94. func CloseHandle(hObject syscall.Handle) bool {
  95.     ret, _, _ := syscall.Syscall(closeHandle.Addr(), 1,
  96.         uintptr(hObject),
  97.         0,
  98.         0)
  99.  
  100.     return ret != 0
  101. }
  102.  
  103. func EnumChildWindows(hWndParent syscall.Handle, lpEnumFunc, lParam uintptr) bool {
  104.     ret, _, _ := syscall.Syscall(procEnumChildWindows.Addr(), 3,
  105.         uintptr(hWndParent),
  106.         lpEnumFunc,
  107.         lParam)
  108.  
  109.     return ret != 0
  110. }
  111.  
  112. func GetWindowText(hwnd syscall.Handle, str *uint16, maxCount int32) (len int32, err error) {
  113.     r0, _, e1 := syscall.Syscall(procGetWindowTextW.Addr(), 3, uintptr(hwnd), uintptr(unsafe.Pointer(str)), uintptr(maxCount))
  114.     len = int32(r0)
  115.     if len == 0 {
  116.         if e1 != 0 {
  117.             err = error(e1)
  118.         } else {
  119.             err = syscall.EINVAL
  120.         }
  121.     }
  122.     return
  123. }
  124.  
  125. func FindWindow(title string) syscall.Handle {
  126.     var hwnd syscall.Handle
  127.     cb := syscall.NewCallback(func(h syscall.Handle, p uintptr) uintptr {
  128.         b := make([]uint16, 200)
  129.         _, err := GetWindowText(h, &b[0], int32(len(b)))
  130.         if err != nil {
  131.             return 1
  132.         }
  133.         if strings.Contains(syscall.UTF16ToString(b), title) {
  134.             hwnd = h
  135.             return 0
  136.         }
  137.         return 1
  138.     })
  139.     _ = EnumWindows(cb, 0)
  140.     if hwnd == 0 {
  141.         return 0
  142.     }
  143.     return hwnd
  144. }
  145.  
  146. func EnumWindows(enumFunc uintptr, lparam uintptr) (err error) {
  147.     r1, _, e1 := syscall.Syscall(procEnumWindows.Addr(), 2, uintptr(enumFunc), uintptr(lparam), 0)
  148.     if r1 == 0 {
  149.         if e1 != 0 {
  150.             err = error(e1)
  151.         } else {
  152.             err = syscall.EINVAL
  153.         }
  154.     }
  155.     return
  156. }
  157.  
Tags: Fuck go manager Task taskmgr
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!