Moved Windows constants

author: Bryan McNulty <bryanmcnulty@protonmail.com> 2025-04-19 11:19:58 -0500
committer: Bryan McNulty <bryanmcnulty@protonmail.com> 2025-04-19 11:19:58 -0500
commit: 2a6559ae72c2570b76de5f8a2f8021167d39438e (patch)
tree: cf81c580ed7f74ae3bd58fca08c00f4c78f9d3b4
parent: cb8c332d79dc46e563c6ee44ed0e03db0b95dbee (diff)
download: goexec-2a6559ae72c2570b76de5f8a2f8021167d39438e.tar.gz
goexec-2a6559ae72c2570b76de5f8a2f8021167d39438e.zip
5 files changed, 46 insertions, 47 deletions
diff --git a/internal/windows/const.go b/internal/windows/const.go
deleted file mode 100644
index 4c4fbe6..0000000
--- a/internal/windows/const.go
+++ /dev/null
@@ -1,37 +0,0 @@
-package windows
-
-const (
-	// Windows error codes
-	ERROR_FILE_NOT_FOUND          uint32 = 0x00000002
-	ERROR_SERVICE_REQUEST_TIMEOUT uint32 = 0x0000041d
-	ERROR_SERVICE_DOES_NOT_EXIST  uint32 = 0x00000424
-	ERROR_SERVICE_NOT_ACTIVE      uint32 = 0x00000426
-
-	// Windows service/scm constants
-	SERVICE_BOOT_START   uint32 = 0x00000000
-	SERVICE_SYSTEM_START uint32 = 0x00000001
-	SERVICE_AUTO_START   uint32 = 0x00000002
-	SERVICE_DEMAND_START uint32 = 0x00000003
-	SERVICE_DISABLED     uint32 = 0x00000004
-
-	// https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-scmr/4e91ff36-ab5f-49ed-a43d-a308e72b0b3c
-	SERVICE_CONTINUE_PENDING uint32 = 0x00000005
-	SERVICE_PAUSE_PENDING    uint32 = 0x00000006
-	SERVICE_PAUSED           uint32 = 0x00000007
-	SERVICE_RUNNING          uint32 = 0x00000004
-	SERVICE_START_PENDING    uint32 = 0x00000002
-	SERVICE_STOP_PENDING     uint32 = 0x00000003
-	SERVICE_STOPPED          uint32 = 0x00000001
-
-	SERVICE_WIN32_OWN_PROCESS uint32 = 0x00000010
-
-	SERVICE_CONTROL_STOP      uint32 = 0x00000001
-	SC_MANAGER_CREATE_SERVICE uint32 = 0x00000002
-
-	// https://learn.microsoft.com/en-us/windows/win32/services/service-security-and-access-rights
-	SERVICE_QUERY_CONFIG  uint32 = 0x00000001
-	SERVICE_CHANGE_CONFIG uint32 = 0x00000002
-	SERVICE_START         uint32 = 0x00000010
-	SERVICE_STOP          uint32 = 0x00000020
-	SERVICE_DELETE        uint32 = 0x00010000 // special permission
-)
diff --git a/pkg/goexec/scmr/change.go b/pkg/goexec/scmr/change.go
index c8321f7..db58d3d 100644
--- a/pkg/goexec/scmr/change.go
+++ b/pkg/goexec/scmr/change.go
@@ -86,11 +86,11 @@ func (m *ScmrChange) Execute(ctx context.Context, in *goexec.ExecutionInput) (er
 
   stopResponse, err := m.ctl.ControlService(ctx, &svcctl.ControlServiceRequest{
     Service: svc.handle,
-    Control: windows.SERVICE_CONTROL_STOP,
+    Control: ServiceControlStop,
   })
 
   if err != nil {
-    if stopResponse == nil || stopResponse.Return != windows.ERROR_SERVICE_NOT_ACTIVE {
+    if stopResponse == nil || stopResponse.Return != ErrorServiceNotActive {
 
       log.Error().Err(err).Msg("Failed to stop existing service")
       return fmt.Errorf("stop service: %w", err)
@@ -115,7 +115,7 @@ func (m *ScmrChange) Execute(ctx context.Context, in *goexec.ExecutionInput) (er
     BinaryPathName:   in.String(),
     DisplayName:      svc.originalConfig.DisplayName,
     ServiceType:      svc.originalConfig.ServiceType,
-    StartType:        windows.SERVICE_DEMAND_START,
+    StartType:        ServiceDemandStart,
     ErrorControl:     svc.originalConfig.ErrorControl,
     LoadOrderGroup:   svc.originalConfig.LoadOrderGroup,
     ServiceStartName: svc.originalConfig.ServiceStartName,
diff --git a/pkg/goexec/scmr/create.go b/pkg/goexec/scmr/create.go
index 6de50f8..00d70af 100644
--- a/pkg/goexec/scmr/create.go
+++ b/pkg/goexec/scmr/create.go
@@ -50,8 +50,8 @@ func (m *ScmrCreate) Execute(ctx context.Context, in *goexec.ExecutionInput) (er
     ServiceName:    m.ServiceName,
     DisplayName:    m.DisplayName,
     BinaryPathName: in.String(),
-    ServiceType:    windows.SERVICE_WIN32_OWN_PROCESS,
-    StartType:      windows.SERVICE_DEMAND_START,
+    ServiceType:    ServiceWin32OwnProcess,
+    StartType:      ServiceDemandStart,
     DesiredAccess:  ServiceAllAccess, // TODO: Replace
   })
 
diff --git a/pkg/goexec/scmr/module.go b/pkg/goexec/scmr/module.go
index efa3d50..0edd7a3 100644
--- a/pkg/goexec/scmr/module.go
+++ b/pkg/goexec/scmr/module.go
@@ -5,7 +5,6 @@ import (
   "errors"
   "fmt"
   "github.com/FalconOpsLLC/goexec/internal/util"
-  "github.com/FalconOpsLLC/goexec/internal/windows"
   "github.com/FalconOpsLLC/goexec/pkg/goexec/dce"
   "github.com/oiweiwei/go-msrpc/dcerpc"
   "github.com/oiweiwei/go-msrpc/midl/uuid"
@@ -18,6 +17,43 @@ const (
 
   DefaultEndpoint = "ncacn_np:[svcctl]"
   ScmrUuid        = "367ABB81-9844-35F1-AD32-98F038001003"
+
+  ErrorServiceRequestTimeout uint32 = 0x0000041d
+  ErrorServiceNotActive      uint32 = 0x00000426
+
+  ServiceDemandStart     uint32 = 0x00000003
+  ServiceWin32OwnProcess uint32 = 0x00000010
+
+  // https://learn.microsoft.com/en-us/windows/win32/services/service-security-and-access-rights
+
+  ServiceQueryConfig     uint32 = 0x00000001
+  ServiceChangeConfig    uint32 = 0x00000002
+  ServiceStart           uint32 = 0x00000010
+  ServiceStop            uint32 = 0x00000020
+  ServiceDelete          uint32 = 0x00010000 // special permission
+  ServiceControlStop     uint32 = 0x00000001
+  ScManagerCreateService uint32 = 0x00000002
+
+  /*
+        // Windows error codes
+        ERROR_FILE_NOT_FOUND          uint32 = 0x00000002
+        ERROR_SERVICE_DOES_NOT_EXIST  uint32 = 0x00000424
+
+     // Windows service/scm constants
+     SERVICE_BOOT_START   uint32 = 0x00000000
+     SERVICE_SYSTEM_START uint32 = 0x00000001
+     SERVICE_AUTO_START   uint32 = 0x00000002
+     SERVICE_DISABLED     uint32 = 0x00000004
+
+     // https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-scmr/4e91ff36-ab5f-49ed-a43d-a308e72b0b3c
+     SERVICE_CONTINUE_PENDING uint32 = 0x00000005
+     SERVICE_PAUSE_PENDING    uint32 = 0x00000006
+     SERVICE_PAUSED           uint32 = 0x00000007
+     SERVICE_RUNNING          uint32 = 0x00000004
+     SERVICE_START_PENDING    uint32 = 0x00000002
+     SERVICE_STOP_PENDING     uint32 = 0x00000003
+     SERVICE_STOPPED          uint32 = 0x00000001
+  */
 )
 
 type Scmr struct {
@@ -118,7 +154,7 @@ func (m *Scmr) startService(ctx context.Context, svc *service) error {
       svc.handle = nil
       return nil
 
-    } else if sr.Return == windows.ERROR_SERVICE_REQUEST_TIMEOUT {
+    } else if sr.Return == ErrorServiceRequestTimeout {
       log.Info().Msg("Received request timeout. Execution was likely successful")
       return nil
     }
diff --git a/pkg/goexec/scmr/scmr.go b/pkg/goexec/scmr/scmr.go
index 3ee8f9c..ed755d6 100644
--- a/pkg/goexec/scmr/scmr.go
+++ b/pkg/goexec/scmr/scmr.go
@@ -6,9 +6,9 @@ import (
 )
 
 const (
-  ServiceDeleteAccess uint32 = windows.SERVICE_DELETE
-  ServiceModifyAccess uint32 = windows.SERVICE_QUERY_CONFIG | windows.SERVICE_CHANGE_CONFIG | windows.SERVICE_STOP | windows.SERVICE_START | windows.SERVICE_DELETE
-  ServiceCreateAccess uint32 = windows.SC_MANAGER_CREATE_SERVICE | windows.SERVICE_START | windows.SERVICE_STOP | windows.SERVICE_DELETE
+  ServiceDeleteAccess uint32 = ServiceDelete
+  ServiceModifyAccess uint32 = ServiceQueryConfig | ServiceChangeConfig | ServiceStop | ServiceStart | ServiceDelete
+  ServiceCreateAccess uint32 = ScManagerCreateService | ServiceStart | ServiceStop | ServiceDelete
   ServiceAllAccess    uint32 = ServiceCreateAccess | ServiceModifyAccess
 )
author	Bryan McNulty <bryanmcnulty@protonmail.com>	2025-04-19 11:19:58 -0500
committer	Bryan McNulty <bryanmcnulty@protonmail.com>	2025-04-19 11:19:58 -0500
commit	2a6559ae72c2570b76de5f8a2f8021167d39438e (patch)
tree	cf81c580ed7f74ae3bd58fca08c00f4c78f9d3b4
parent	cb8c332d79dc46e563c6ee44ed0e03db0b95dbee (diff)
download	goexec-2a6559ae72c2570b76de5f8a2f8021167d39438e.tar.gz goexec-2a6559ae72c2570b76de5f8a2f8021167d39438e.zip