From faf3603d97986f75b36da2010faad303a7e289cf Mon Sep 17 00:00:00 2001
From: boris <wzn@moneybot.cc>
Date: Thu, 29 Nov 2018 12:27:47 +1300
Subject: hook

---
 loader/client/syscall.hpp | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

(limited to 'loader/client/syscall.hpp')

diff --git a/loader/client/syscall.hpp b/loader/client/syscall.hpp
index 55135ca..64121f2 100644
--- a/loader/client/syscall.hpp
+++ b/loader/client/syscall.hpp
@@ -8,7 +8,7 @@
 #include "strings.hpp"
 
 namespace syscall {
-	//stub for calling the syscalls
+	// stub for calling the syscalls
 	class c_syscall_stub {
 		uint8_t m_stub[11] = {
 			0x4c, 0x8b, 0xd1,				// mov r10, rcx
@@ -21,7 +21,7 @@ namespace syscall {
 		void set_index(uint32_t index) {
 			unsigned long old;
 			if (VirtualProtect(m_stub, sizeof m_stub, PAGE_EXECUTE_READWRITE, &old)) {
-				//okay now this is epic
+				// okay now this is epic
 				*(uint32_t*)(&m_stub[4]) = index;
 			}
 		}
@@ -35,11 +35,13 @@ namespace syscall {
 		}
 	};
 
-	//syscaller
+	// syscaller
+	using file_t = std::pair< uint8_t *, size_t >;
+
 	class c_syscall_mgr {
 		std::map< hash_t, c_syscall_stub > m_syscalls;
-	
-		uint8_t *load_ntdll();
+
+		file_t load_ntdll();
 	public:
 		bool start();
 
-- 
cgit v1.2.3