-
Notifications
You must be signed in to change notification settings - Fork 24
/
Copy pathrunswhide.lua
62 lines (57 loc) · 1.45 KB
/
runswhide.lua
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
-- Execute a binary with SW_HIDE as argument.
local ffi = require("ffi")
ffi.cdef[[
typedef struct _STARTUPINFOA {
uint32_t cb;
void * lpReserved;
void * lpDesktop;
void * lpTitle;
uint32_t dwX;
uint32_t dwY;
uint32_t dwXSize;
uint32_t dwYSize;
uint32_t dwXCountChars;
uint32_t dwYCountChars;
uint32_t dwFillAttribute;
uint32_t dwFlags;
uint16_t wShowWindow;
uint16_t cbReserved2;
void * lpReserved2;
void ** hStdInput;
void ** hStdOutput;
void ** hStdError;
} STARTUPINFOA, *LPSTARTUPINFOA;
typedef struct _PROCESS_INFORMATION {
void ** hProcess;
void ** hThread;
uint32_t dwProcessId;
uint32_t dwThreadId;
} PROCESS_INFORMATION, *LPPROCESS_INFORMATION;
uint32_t CreateProcessA(
void *,
const char * commandLine,
void *,
void *,
uint32_t,
uint32_t,
void *,
const char * currentDirectory,
LPSTARTUPINFOA,
LPPROCESS_INFORMATION
);
uint32_t CloseHandle(void **);
]]
local SW_HIDE = 0x0
local function execute(commandLine, currentDirectory)
local si = ffi.new("STARTUPINFOA")
si.cb = ffi.sizeof(si)
si.wShowWindow = SW_HIDE -- Set the wShowWindow field to SW_HIDE
local pi = ffi.new("PROCESS_INFORMATION")
local ok = ffi.C.CreateProcessA(nil, commandLine, nil, nil, 0, 0, nil, currentDirectory, si, pi) ~= 0
if ok then
ffi.C.CloseHandle(pi.hProcess)
ffi.C.CloseHandle(pi.hThread)
end
return ok -- true/false
end
execute("C:\\WINDOWS\\system32\\cmd.exe")