winapi_kernel32 is a library to allow the Lua programmer to interface with the underlying WINAPI Kernel32.lib. Also, this library has been tested with Lua 5.1.5, 5.2.4 and 5.3.3.
Note: Due the huge amount of functions available in the Kernel32.lib, this is going to take a considerable time of work to bind them all, which is going to happen in a lot of releases.
- Beep
- CloseHandle
- CreateToolhelp32Snapshot
- GetLastError
- GetModuleHandleA
- GetProcAddress
- LoadLibraryA
- Module32First
- Module32Next
- OpenProcess
- Process32First
- Process32Next
- ReadBytes
- ReadCString
- ReadInt16
- ReadInt32
- ReadInt64
- ReadInt8
- SetLastError
- Sleep
- Thread32First
- Thread32Next
- VirtualAllocEx
- VirtualFreeEx
- WriteBytes
- WriteInt16
- WriteInt32
- WriteInt64
- WriteInt8
local kernel32 = require("winapi_kernel32")
-- BOOL
local result = kernel32.Beep(
750, -- DWORD dwFreq
300 -- DWORD dwDuration
)
local kernel32 = require("winapi_kernel32")
local hObject = -- previously acquired HANDLE
-- BOOL
local result = kernel32.CloseHandle(
hObject -- HANDLE hObject
)
local kernel32 = require("winapi_kernel32")
local TH32CS_SNAPMODULE = 0x8
-- HANDLE
local hSnapshot = kernel32.CreateToolhelp32Snapshot(
TH32CS_SNAPMODULE, -- DWORD dwFlags
1234 -- DWORD th32ProcessID
)
local kernel32 = require("winapi_kernel32")
-- DWORD dwErrCode
local error = kernel32.GetLastError()
local kernel32 = require("winapi_kernel32")
-- HMODULE
local hModule = kernel32.GetModuleHandleA(
"kernel32.dll" -- (can be nil) LPCTSTR lpModuleName
)
local kernel32 = require("winapi_kernel32")
local hModule = -- previously acquired HMODULE
-- integer
local FARPROC = kernel32.GetProcAddress(
hModule, -- HMODULE hModule
"LoadLibraryA" -- LPCSTR lpProcName
)
local kernel32 = require("winapi_kernel32")
-- HMODULE
local hModule = kernel32.LoadLibraryA(
"user32.dll" -- LPCTSTR lpFileName
)
local kernel32 = require("winapi_kernel32")
local hSnapshot = -- previously acquired HANDLE
local result, me32 = kernel32.Module32First(
hSnapshot -- HANDLE hSnapshot
)
if (result) then
print("module name: ", me32.szModule)
end
local kernel32 = require("winapi_kernel32")
local hSnapshot = -- previously acquired HANDLE
local result, me32 = kernel32.Module32Next(
hSnapshot -- HANDLE hSnapshot
)
if (result) then
print("module name: ", me32.szModule)
end
local kernel32 = require("winapi_kernel32")
local PROCESS_ALL_ACCESS = 0x1F0FFF
-- HANDLE
local hProcess = kernel32.OpenProcess(
PROCESS_ALL_ACCESS, -- DWORD dwDesiredAccess
false, -- BOOL bInheritHandle
1234 -- DWORD dwProcessId
)
local kernel32 = require("winapi_kernel32")
local hSnapshot = -- previously acquired HANDLE
local result, pe32 = kernel32.Process32First(
hSnapshot -- HANDLE hSnapshot
)
if (result) then
print("process id: ", pe32.th32ProcessID)
end
local kernel32 = require("winapi_kernel32")
local hSnapshot = -- previously acquired HANDLE
local result, pe32 = kernel32.Process32Next(
hSnapshot -- HANDLE hSnapshot
)
if (result) then
print("process id: ", pe32.th32ProcessID)
end
This method is intended to supply a work around ReadProcessMemory.
Summary: Reads n bytes from the process handle and returns the data (exactly n bytes) as a Lua string
local kernel32 = require("winapi_kernel32")
local hProcess = -- previously acquired HANDLE
-- BOOL, string, SIZE_T
local result, data, numberOfBytesRead = kernel32.ReadBytes(
hProcess, -- HANDLE hProcess
0x40000000, -- number lpBaseAddress
10 -- DWORD numberOfBytesToRead
)
if (result) then
assert(#data == 10)
local byte
for i = 1, #data do
-- data is a regular Lua string, so
-- you can access i-th byte
-- this way
local byte = data:sub(i, i):byte()
end
end
This method is intended to supply a work around ReadProcessMemory.
Summary: Reads n bytes from the process handle and returns the data (up to the NULL-terminated character or n) as a Lua string
local kernel32 = require("winapi_kernel32")
local hProcess = -- previously acquired HANDLE
-- BOOL, string, SIZE_T
local result, data, numberOfBytesRead = kernel32.ReadCString(
hProcess, -- HANDLE hProcess
0x40000000, -- number lpBaseAddress
10 -- DWORD numberOfBytesToRead
)
if (result) then
print(data)
end
This method is intended to supply a work around ReadProcessMemory.
Summary: Reads 16 bits from the process
local kernel32 = require("winapi_kernel32")
local hProcess = -- previously acquired HANDLE
-- BOOL, INT16, SIZE_T
local result, data, numberOfBytesRead = kernel32.ReadInt16(
hProcess, -- HANDLE hProcess
0x40000000, -- number lpBaseAddress
)
if (result) then
print(data)
end
This method is intended to supply a work around ReadProcessMemory.
Summary: Reads 32 bits from the process
local kernel32 = require("winapi_kernel32")
local hProcess = -- previously acquired HANDLE
-- BOOL, INT32, SIZE_T
local result, data, numberOfBytesRead = kernel32.ReadInt32(
hProcess, -- HANDLE hProcess
0x40000000, -- number lpBaseAddress
)
if (result) then
print(data)
end
This method is intended to supply a work around ReadProcessMemory.
Summary: Reads 64 bits from the process
local kernel32 = require("winapi_kernel32")
local hProcess = -- previously acquired HANDLE
-- BOOL, INT64, SIZE_T
local result, data, numberOfBytesRead = kernel32.ReadInt64(
hProcess, -- HANDLE hProcess
0x40000000, -- number lpBaseAddress
)
if (result) then
print(data)
end
This method is intended to supply a work around ReadProcessMemory.
Summary: Reads 8 bits from the process
local kernel32 = require("winapi_kernel32")
local hProcess = -- previously acquired HANDLE
-- BOOL, INT8, SIZE_T
local result, data, numberOfBytesRead = kernel32.ReadInt8(
hProcess, -- HANDLE hProcess
0x40000000, -- number lpBaseAddress
)
if (result) then
print(data)
end
local kernel32 = require("winapi_kernel32")
kernel32.SetLastError(
1234 -- DWORD dwErrCode
)
local kernel32 = require("winapi_kernel32")
kernel32.Sleep(
1000 -- DWORD dwMilliseconds
)
local kernel32 = require("winapi_kernel32")
local hSnapshot = -- previously acquired HANDLE
local result, te32 = kernel32.Thread32First(
hSnapshot -- HANDLE hSnapshot
)
if (result) then
print("thread id: ", te32.th32ThreadID)
end
local kernel32 = require("winapi_kernel32")
local hSnapshot = -- previously acquired HANDLE
local result, te32 = kernel32.Thread32Next(
hSnapshot -- HANDLE hSnapshot
)
if (result) then
print("thread id: ", te32.th32ThreadID)
end
local kernel32 = require("winapi_kernel32")
local hProcess = -- previously acquired HANDLE
local MEM_RESERVE = 0x00002000
local PAGE_READWRITE = 0x4
-- integer
local remoteMemory = kernel32.VirtualAllocEx(
hProcess, -- HANDLE hProcess
0x40000000, -- integer lpAddress
0x100, -- SIZE_T dwSize
MEM_RESERVE, -- DWORD flAllocationType
PAGE_READWRITE -- DWORD flProtect
)
local kernel32 = require("winapi_kernel32")
local hProcess = -- previously acquired HANDLE
local MEM_RELEASE = 0x8000
-- BOOL
local result = kernel32.VirtualFreeEx(
hProcess, -- HANDLE hProcess
0x40000000, -- integer lpAddress
0x100, -- SIZE_T dwSize
MEM_RELEASE -- DWORD dwFreeType
)
This method is intended to supply a work around WriteProcessMemory.
Summary: Writes bytes to the process through the data passed as a Lua string
local kernel32 = require("winapi_kernel32")
local hProcess = -- previously acquired HANDLE
-- BOOL, SIZE_T
local result, numberOfBytesWritten = kernel32.WriteBytes(
hProcess, -- HANDLE hProcess
0x40000000, -- integer lpBaseAddress
"\12\23\244\0\4" -- string data (will write these bytes { 12, 23, 244, 0, 4 })
)
if (result) then
print("number of bytes written: ", numberOfBytesWritten)
end
This method is intended to supply a work around WriteProcessMemory.
Summary: Writes 16 bits to the process
local kernel32 = require("winapi_kernel32")
local hProcess = -- previously acquired HANDLE
-- BOOL, SIZE_T
local result, numberOfBytesWritten = kernel32.WriteInt16(
hProcess, -- HANDLE hProcess
0x40000000, -- integer lpBaseAddress
0xFFFF
)
if (result) then
print("number of bytes written: ", numberOfBytesWritten)
end
This method is intended to supply a work around WriteProcessMemory.
Summary: Writes 32 bits to the process
local kernel32 = require("winapi_kernel32")
local hProcess = -- previously acquired HANDLE
-- BOOL, SIZE_T
local result, numberOfBytesWritten = kernel32.WriteInt32(
hProcess, -- HANDLE hProcess
0x40000000, -- integer lpBaseAddress
0xFFFFFFFF
)
if (result) then
print("number of bytes written: ", numberOfBytesWritten)
end
This method is intended to supply a work around WriteProcessMemory.
Summary: Writes 64 bits to the process
local kernel32 = require("winapi_kernel32")
local hProcess = -- previously acquired HANDLE
-- BOOL, SIZE_T
local result, numberOfBytesWritten = kernel32.WriteInt64(
hProcess, -- HANDLE hProcess
0x40000000, -- integer lpBaseAddress
0xFFFFFFFFFF
)
if (result) then
print("number of bytes written: ", numberOfBytesWritten)
end
This method is intended to supply a work around WriteProcessMemory.
Summary: Writes 8 bits to the process
local kernel32 = require("winapi_kernel32")
local hProcess = -- previously acquired HANDLE
-- BOOL, SIZE_T
local result, numberOfBytesWritten = kernel32.WriteInt8(
hProcess, -- HANDLE hProcess
0x40000000, -- integer lpBaseAddress
0xFF
)
if (result) then
print("number of bytes written: ", numberOfBytesWritten)
end