Skip to content

Commit 509c846

Browse files
odzhanodzhan
committed
upd
1 parent 8bd5d7a commit 509c846

6 files changed

Lines changed: 18 additions & 127 deletions

File tree

os/win/getapi/dynamic/get_gpa.c

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,10 @@
3232

3333
typedef BYTE UBYTE;
3434

35+
#ifndef UNW_FLAG_CHAININFO
36+
#define UNW_FLAG_CHAININFO 4
37+
#endif
38+
3539
typedef enum _UNWIND_OP_CODES {
3640
UWOP_PUSH_NONVOL = 0, /* info == register number */
3741
UWOP_ALLOC_LARGE, /* no info, alloc size in next 2 slots */
@@ -92,7 +96,7 @@ LPVOID GetGPA(VOID) {
9296
PBYTE s1, e1, s2, e2;
9397
PUNWIND_INFO ui;
9498

95-
peb = (PPEB) __readgsqword(0x60);
99+
peb = NtCurrentTeb()->ProcessEnvironmentBlock;
96100
ldr = (PPEB_LDR_DATA)peb->Ldr;
97101

98102
for (dte=(PLDR_DATA_TABLE_ENTRY)ldr->InLoadOrderModuleList.Flink;

os/win/getapi/dynamic/get_gpa1.c

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@
2727
ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
2828
POSSIBILITY OF SUCH DAMAGE. */
2929

30-
#include "getapi.h"
30+
#include "peb.h"
3131

3232
LPVOID GetGPA(VOID) {
3333
PPEB peb;
@@ -41,7 +41,7 @@ LPVOID GetGPA(VOID) {
4141
DWORD i, j, h;
4242
PBYTE cs;
4343

44-
peb = (PPEB) __readfsdword(0x30);
44+
peb = NtCurrentTeb()->ProcessEnvironmentBlock;
4545
ldr = (PPEB_LDR_DATA)peb->Ldr;
4646

4747
// for each DLL loaded
@@ -86,15 +86,16 @@ LPVOID GetGPA(VOID) {
8686
}
8787

8888
int main(void) {
89-
89+
LPVOID addr = GetGPA();
90+
9091
if (addr != NULL) {
9192
printf ("GetProcAddress: %p\n", addr);
9293

9394
printf ("GetProcAddress: %p\n",
94-
GetProcAddress("kernelbase", "GetProcAddress"));
95+
(LPVOID)GetProcAddress(GetModuleHandle("kernelbase"), "GetProcAddress"));
9596

9697
printf ("GetProcAddressForCaller: %p\n",
97-
GetProcAddress("kernelbase", "GetProcAddressForCaller"));
98+
(LPVOID)GetProcAddress(GetModuleHandle("kernelbase"), "GetProcAddressForCaller"));
9899
}
99100
return 0;
100101
}

os/win/getapi/dynamic/getapi.c

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -29,6 +29,9 @@
2929

3030
#include "peb.h"
3131

32+
LPVOID get_api(DWORD);
33+
LPVOID get_apix(DWORD);
34+
3235
// converts string to lowercase
3336
uint32_t crc32c(const char *s) {
3437
int i;
@@ -192,7 +195,7 @@ int main(int argc, char *argv[])
192195

193196
h = dll_h + api_h;
194197

195-
p = get_api(h);
198+
p = get_apix(h);
196199
// if not found
197200
if (p==NULL) {
198201
// load the module into memory
@@ -201,7 +204,7 @@ int main(int argc, char *argv[])
201204
return 0;
202205
}
203206
// then try again
204-
p = get_api(h);
207+
p = get_apix(h);
205208
}
206209
if (p==NULL) {
207210
printf ("\nUnable to locate API address \"%s\"", argv[2]);

os/win/getapi/dynamic/getapi.exe

5 KB
Binary file not shown.

os/win/getapi/dynamic/peb.h

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,8 @@
3333
#define PEB_H
3434

3535
#include <windows.h>
36+
#include <stdio.h>
37+
#include <stdint.h>
3638

3739
#ifndef ROTR32
3840
#define ROTR32(v,n)(((v)>>(n))|((v)<<(32-(n))))

os/win/getapi/dynamic/winexec.c

Lines changed: 0 additions & 119 deletions
This file was deleted.

0 commit comments

Comments
 (0)