golang获取windows版本和详细信息

场景:

将木马丢到感染机运行后回连时希望返回感染机的操作系统信息.golang 可以通过runtime.OS获取到操作系统类型,但是无法获取详细的版本信息,如win7 win10等,

解决方案;

下面是chatgpt的写法;

  
package main
 
import (
    "fmt"
    "os"
    "syscall"
    "unsafe"
)
 
func main() {
    version, err := getWindowsVersion()
    if err != nil {
        fmt.Println("Failed to get Windows version:", err)
        return
    }
 
    fmt.Println("Windows version:", version)
}
 
func getWindowsVersion() (string, error) {
    kernel32, err := syscall.LoadDLL("kernel32.dll")
    if err != nil {
        return "", err
    }
 
    proc, err := kernel32.FindProc("GetVersion")
    if err != nil {
        return "", err
    }
 
    version, _, _ := proc.Call()
    major := byte(version & 0xFF)
    minor := byte((version >> 8) & 0xFF)
    build := uint16((version >> 16) & 0xFFFF)
 
    var info syscall.RtlOsVersionInfoEx
    info.OSVersionInfoSize = uint32(unsafe.Sizeof(info))
    err = syscall.RtlGetVersion(&info)
    if err != nil {
        return "", err
    }
 
    switch {
    case major == 10 && build >= 22000:
        return "Windows 11", nil
    case major == 10 && build >= 19041:
        return "Windows 10 Version 2004 or later", nil
    case major == 10 && build >= 18362:
        return "Windows 10 Version 1903 or later", nil
    case major == 10 && build >= 17763:
        return "Windows 10 Version 1809 or later", nil
    case major == 10 && build >= 17134:
        return "Windows 10 Version 1803 or later", nil
    case major == 10 && build >= 16299:
        return "Windows 10 Version 1709 or later", nil
    case major == 10 && build >= 15063:
        return "Windows 10 Version 1703 or later", nil
    case major == 10 && build >= 14393:
        return "Windows 10 Version 1607 or later", nil
    case major == 10 && build >= 10586:
        return "Windows 10 Version 1511 or later", nil
    case major == 10:
        return "Windows 10 or later", nil
    case major == 6 && minor == 3:
        return "Windows 8.1", nil
    case major == 6 && minor == 2:
        return "Windows 8", nil
    case major == 6 && minor == 1:
        return "Windows 7", nil
    case major == 6 && minor == 0:
        return "Windows Vista", nil
    case major == 5 && minor == 2:
        return "Windows Server 2003", nil
    case major == 5 && minor == 1:
        return "Windows XP", nil
    default:
        return fmt.Sprintf("Windows %d.%d (Build %d)", major, minor, build), nil
    }
}

posted @ 2023-03-06 19:21 干炸小黄鱼阅读(728) 评论(0) 编辑收藏举报

刷新页面返回顶部

登录后才能查看或发表评论，立即登录或者逛逛博客园首页

相关博文：

· chatgpt

· golang在 ubuntu下交叉编译报错 gcc: error: unrecognized command line option ‘-mthreads’; did you mean ‘-pthread’?

· golang: 获取系统和应用的相关信息

· windows golang 多版本管理

· goalng的一些问答小知识

阅读排行：
· TypeScript + Deepseek 打造卜卦网站：技术与玄学的结合
· 阿里巴巴 QwQ-32B真的超越了 DeepSeek R-1吗？
· 【译】Visual Studio 中新的强大生产力特性
· 【设计模式】告别冗长if-else语句：使用策略模式优化代码结构
· 10年+ .NET Coder 心语 ── 封装的思维：从隐藏、稳定开始理解其本质意义

公告

昵称：干炸小黄鱼
园龄： 10年7个月
粉丝： 0
关注： 1

+加关注

2025年3月

日

一

二

三

四

五

六

golang获取windows版本和详细信息

场景:

解决方案;

公告

搜索

常用链接

我的标签

随笔分类

随笔档案

阅读排行榜


	package main

	import (
	"fmt"
	"os"
	"syscall"
	"unsafe"
	)

	func main() {
	version, err := getWindowsVersion()
	if err != nil {
	fmt.Println("Failed to get Windows version:", err)
	return
	}

	fmt.Println("Windows version:", version)
	}

	func getWindowsVersion() (string, error) {
	kernel32, err := syscall.LoadDLL("kernel32.dll")
	if err != nil {
	return "", err
	}

	proc, err := kernel32.FindProc("GetVersion")
	if err != nil {
	return "", err
	}

	version, _, _ := proc.Call()
	major := byte(version & 0xFF)
	minor := byte((version >> 8) & 0xFF)
	build := uint16((version >> 16) & 0xFFFF)

	var info syscall.RtlOsVersionInfoEx
	info.OSVersionInfoSize = uint32(unsafe.Sizeof(info))
	err = syscall.RtlGetVersion(&info)
	if err != nil {
	return "", err
	}

	switch {
	case major == 10 && build >= 22000:
	return "Windows 11", nil
	case major == 10 && build >= 19041:
	return "Windows 10 Version 2004 or later", nil
	case major == 10 && build >= 18362:
	return "Windows 10 Version 1903 or later", nil
	case major == 10 && build >= 17763:
	return "Windows 10 Version 1809 or later", nil
	case major == 10 && build >= 17134:
	return "Windows 10 Version 1803 or later", nil
	case major == 10 && build >= 16299:
	return "Windows 10 Version 1709 or later", nil
	case major == 10 && build >= 15063:
	return "Windows 10 Version 1703 or later", nil
	case major == 10 && build >= 14393:
	return "Windows 10 Version 1607 or later", nil
	case major == 10 && build >= 10586:
	return "Windows 10 Version 1511 or later", nil
	case major == 10:
	return "Windows 10 or later", nil
	case major == 6 && minor == 3:
	return "Windows 8.1", nil
	case major == 6 && minor == 2:
	return "Windows 8", nil
	case major == 6 && minor == 1:
	return "Windows 7", nil
	case major == 6 && minor == 0:
	return "Windows Vista", nil
	case major == 5 && minor == 2:
	return "Windows Server 2003", nil
	case major == 5 && minor == 1:
	return "Windows XP", nil
	default:
	return fmt.Sprintf("Windows %d.%d (Build %d)", major, minor, build), nil
	}
	}