blob: 94d4e34dc5868688b060cba91f754587c72c2b89 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
|
static __inline__ void * pe_get_teb_address(void)
{
void * ptrRet;
__asm__ __volatile__ (
"mov %%gs:0x30, %0\n\t"
: "=r" (ptrRet) : :
);
return ptrRet;
}
static __inline__ void * pe_get_peb_address(void)
{
void * ptrRet;
__asm__ __volatile__ (
"mov %%gs:0x60, %0\n\t"
: "=r" (ptrRet) : :
);
return ptrRet;
}
static __inline__ void * pe_get_peb_address_alt(void)
{
void * ptrRet;
__asm__ __volatile__ (
"mov %%gs:0x60, %0\n\t"
: "=r" (ptrRet) : :
);
return ptrRet;
}
static __inline__ void * pe_get_peb_ldr_data_address(void)
{
void * ptrRet;
__asm__ __volatile__ (
"mov %%gs:0x60, %0\n\t"
"mov %%ds:0x18(%0), %0\n\t"
: "=r" (ptrRet) : :
);
return ptrRet;
}
static __inline__ void * pe_get_peb_ldr_data_address_alt(void)
{
void * ptrRet;
__asm__ __volatile__ (
"mov %%gs:0x60, %0\n\t"
"mov %%ds:0x18(%0), %0\n\t"
: "=r" (ptrRet) : :
);
return ptrRet;
}
static __inline__ uint32_t pe_get_current_process_id(void)
{
uint32_t ptrRet;
__asm__ __volatile__ (
"mov %%gs:0x40, %0\n\t"
: "=r" (ptrRet) : :
);
return ptrRet;
}
static __inline__ uint32_t pe_get_current_thread_id(void)
{
uint32_t ptrRet;
__asm__ __volatile__ (
"mov %%gs:0x48, %0\n\t"
: "=r" (ptrRet) : :
);
return ptrRet;
}
static __inline__ uint32_t pe_get_current_session_id(void)
{
uint32_t ptrRet;
__asm__ __volatile__ (
"mov %%gs:0x60, %0\n\t"
"mov %%ds:0x2c0(%0), %0\n\t"
: "=r" (ptrRet) : :
);
return ptrRet;
}
|