initial

src/win32/mod.rs

@@ -0,0 +1,66 @@
+pub mod pe_image;
+pub mod module_iter;
+pub mod importer;
+
+pub use pe_image::*;
+pub use module_iter::*;
+
+pub mod tls;
+
+#[inline(always)]
+pub unsafe fn find_kernel32() -> usize {
+    let mut _k32: usize = 0;
+    core::arch::asm!(
+    "mov {x}, gs:[60h]",    // TEB->PEB
+    "mov {x}, [{x} + 18h]", // PEB->LDR
+    "mov {x}, [{x} + 10h]", // LDR->InLoadOrderModuleList
+    "mov {x}, [{x}]",
+    "mov {x}, [{x}]",
+    "mov {x}, [{x} + 30h]",
+    x = out(reg) _k32,
+    );
+    _k32
+}
+
+#[inline(always)]
+pub unsafe fn loaded_modules() -> ModuleIter {
+    let mut module_link: *const LDR_DATA_TABLE_ENTRY;
+    core::arch::asm!(
+    "mov {x}, gs:[60h]",    // TEB->PEB
+    "mov {x}, [{x} + 18h]", // PEB->LDR
+    "mov {x}, [{x} + 10h]", // LDR->InLoadOrderModuleList
+    x = out(reg) module_link,
+    );
+    ModuleIter {
+        entry: (*module_link).prev,
+        head: (*module_link).prev,
+    }
+}
+
+extern "C" {
+    #[link_name = "__ImageBase"]
+    static ImageBaseDosHeader: ImageDOSHeader;
+    #[link_name = "__ImageBase"]
+    static ImageBasePtr: [u8;0];
+}
+
+#[inline(always)]
+pub fn image_base() -> &'static ImageBase {
+    unsafe { &*(ImageBasePtr.as_ptr() as *const ImageBase) }
+}
+
+#[inline(always)]
+pub fn image_header() -> &'static ImageDOSHeader {
+    unsafe { &ImageBaseDosHeader }
+}
+
+#[inline(always)]
+pub unsafe fn process_executable() -> &'static ImageBase {
+    let mut process_exe: *const ImageBase;
+    core::arch::asm!(
+    "mov {x}, gs:[60h]",    // TEB->PEB
+    "mov {x}, [{x} + 10h]", // PEB->ImageBaseAddress
+    x = out(reg) process_exe,
+    );
+    &*process_exe
+}