53 lines
1.1 KiB
C
53 lines
1.1 KiB
C
|
#ifndef PEB
|
||
|
#define PEB 1
|
||
|
#include <stdint.h>
|
||
|
void *get_peb_data(int reqEntry);
|
||
|
|
||
|
typedef struct _list_entry
|
||
|
{
|
||
|
void *next;
|
||
|
void *prev;
|
||
|
} list_entry;
|
||
|
|
||
|
typedef struct _PEB_LDR_DATA //, 7 elements, 0x28 bytes
|
||
|
{
|
||
|
uint32_t dwLength;
|
||
|
uint32_t dwInitialized;
|
||
|
void * lpSsHandle;
|
||
|
list_entry InLoadOrderModuleList;
|
||
|
list_entry InMemoryOrderModuleList;
|
||
|
list_entry InInitializationOrderModuleList;
|
||
|
void * lpEntryInProgress;
|
||
|
} peb_ldr_data;
|
||
|
|
||
|
typedef struct __PEB // 65 elements, 0x210 bytes
|
||
|
{
|
||
|
uint8_t bInheritedAddressSpace;
|
||
|
uint8_t bReadImageFileExecOptions;
|
||
|
uint8_t bBeingDebugged;
|
||
|
uint8_t bSpareBool;
|
||
|
void * lpMutant;
|
||
|
void * lpImageBaseAddress;
|
||
|
peb_ldr_data *pLdr;
|
||
|
} peb;
|
||
|
|
||
|
typedef struct _LDR_DATA_TABLE_ENTRY
|
||
|
{
|
||
|
//list_entry InLoadOrderLinks;
|
||
|
//list_entry InMemoryOrderModuleList;
|
||
|
/* we set the struct here: */
|
||
|
list_entry InInitializationOrderModuleList;
|
||
|
void * DllBase;
|
||
|
void * EntryPoint;
|
||
|
unsigned long SizeOfImage;
|
||
|
void * FullDllName;
|
||
|
void * BaseDllName;
|
||
|
unsigned long Flags;
|
||
|
uint16_t LoadCount;
|
||
|
uint16_t TlsIndex;
|
||
|
list_entry HashTableEntry;
|
||
|
unsigned long TimeDateStamp;
|
||
|
} ldr_data_table_entry;
|
||
|
|
||
|
#endif
|