diff options
| author | boris <wzn@moneybot.cc> | 2018-11-29 12:27:47 +1300 |
|---|---|---|
| committer | boris <wzn@moneybot.cc> | 2018-11-29 12:27:47 +1300 |
| commit | faf3603d97986f75b36da2010faad303a7e289cf (patch) | |
| tree | 853bdbedf6301a22bbd203f30d0e5a5c11bf3a1b /loader/client/syscall.hpp | |
| parent | c163c5575af4d1e7755510b03a7cd7809869eeef (diff) | |
hook
Diffstat (limited to 'loader/client/syscall.hpp')
| -rw-r--r-- | loader/client/syscall.hpp | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/loader/client/syscall.hpp b/loader/client/syscall.hpp index 55135ca..64121f2 100644 --- a/loader/client/syscall.hpp +++ b/loader/client/syscall.hpp @@ -8,7 +8,7 @@ #include "strings.hpp"
namespace syscall {
- //stub for calling the syscalls
+ // stub for calling the syscalls
class c_syscall_stub {
uint8_t m_stub[11] = {
0x4c, 0x8b, 0xd1, // mov r10, rcx
@@ -21,7 +21,7 @@ namespace syscall { void set_index(uint32_t index) {
unsigned long old;
if (VirtualProtect(m_stub, sizeof m_stub, PAGE_EXECUTE_READWRITE, &old)) {
- //okay now this is epic
+ // okay now this is epic
*(uint32_t*)(&m_stub[4]) = index;
}
}
@@ -35,11 +35,13 @@ namespace syscall { }
};
- //syscaller
+ // syscaller
+ using file_t = std::pair< uint8_t *, size_t >;
+
class c_syscall_mgr {
std::map< hash_t, c_syscall_stub > m_syscalls;
-
- uint8_t *load_ntdll();
+
+ file_t load_ntdll();
public:
bool start();
|