56 lines
1.3 KiB
C++
56 lines
1.3 KiB
C++
#include <cstdio>
|
|
#include <ntdll.h>
|
|
#include "structs.h"
|
|
#include "misc.h"
|
|
|
|
BOOL is_WOW64()
|
|
{
|
|
return NULL != __readfsdword(0xC0);
|
|
}
|
|
|
|
VOID print_os_info()
|
|
{
|
|
_KUSER_SHARED_DATA* _kuser_s_d = GET_KUSER_SHARED_DATA();
|
|
ULONG majorVersion = _kuser_s_d->NtMajorVersion;
|
|
ULONG minorVersion = _kuser_s_d->NtMinorVersion;
|
|
NT_PRODUCT_TYPE productType = _kuser_s_d->NtProductType;
|
|
_PEB* p = (_PEB*)__readfsdword(0x30);
|
|
ULONG buildID = p->NtBuildNumber;
|
|
|
|
printf("Running on %i.%i %i %X (x%s)\n", majorVersion, minorVersion, buildID, productType, (is_WOW64() ? "64" : "86"));
|
|
}
|
|
|
|
DWORD hash(const char* str)
|
|
{
|
|
return hash((const unsigned char*)str, strlen(str));
|
|
}
|
|
|
|
DWORD hash(const unsigned char* buf, const size_t sz)
|
|
{
|
|
unsigned int hash = 5381;
|
|
|
|
for(unsigned int i = 0; i < sz; i++)
|
|
hash = ((hash << 5) + hash) + (unsigned int)buf[i];
|
|
|
|
return hash;
|
|
}
|
|
|
|
|
|
BOOL is_executable(LPVOID addr)
|
|
{
|
|
MEMORY_BASIC_INFORMATION mbi = {0};
|
|
if(!VirtualQuery(addr, &mbi, sizeof(MEMORY_BASIC_INFORMATION)))
|
|
{
|
|
return FALSE;
|
|
}
|
|
return (mbi.Protect & PAGE_EXECUTE);
|
|
}
|
|
|
|
BOOL is_Win8()
|
|
{
|
|
KUSER_SHARED_DATA* _kuser_s_d = GET_KUSER_SHARED_DATA();
|
|
ULONG majorVersion = _kuser_s_d->NtMajorVersion;
|
|
ULONG minorVersion = _kuser_s_d->NtMinorVersion;
|
|
|
|
return 6 == majorVersion && 2 == minorVersion;
|
|
} |