mirror of
https://github.com/momo5502/emulator.git
synced 2026-01-18 11:13:57 +00:00
More syscalls
This commit is contained in:
momo5502
@@ -282,7 +282,7 @@ namespace
|
||||
context.process_params.access([&](RTL_USER_PROCESS_PARAMETERS& proc_params)
|
||||
{
|
||||
proc_params.Length = sizeof(proc_params);
|
||||
proc_params.Flags = 0x6001 | 0x80000000; // Prevent CsrClientConnectToServer
|
||||
proc_params.Flags = 0x6001 | 0x80000000; // Prevent CsrClientConnectToServer
|
||||
|
||||
proc_params.ConsoleHandle = reinterpret_cast<HANDLE>(CONSOLE_HANDLE);
|
||||
proc_params.StandardOutput = reinterpret_cast<HANDLE>(STDOUT_HANDLE);
|
||||
@@ -578,10 +578,6 @@ namespace
|
||||
const auto entry1 = find_exported_function(context.ntdll.exports, "LdrInitializeThunk");
|
||||
const auto entry2 = find_exported_function(context.ntdll.exports, "RtlUserThreadStart");
|
||||
|
||||
(void)entry1;
|
||||
(void)entry2;
|
||||
|
||||
|
||||
syscall_dispatcher dispatcher{context.ntdll.exports};
|
||||
|
||||
emu->hook_instruction(x64_hookable_instructions::syscall, [&]
|
||||
@@ -610,6 +606,11 @@ namespace
|
||||
});*/
|
||||
|
||||
const auto execution_context = context.gs_segment.reserve<CONTEXT>();
|
||||
execution_context.access([&](CONTEXT& c)
|
||||
{
|
||||
c.Rip = entry2;
|
||||
c.Rsp = emu->reg(x64_register::rsp);
|
||||
});
|
||||
|
||||
emu->reg(x64_register::rcx, execution_context.value());
|
||||
emu->reg(x64_register::rdx, context.ntdll.image_base);
|
||||
|
||||
@@ -27,7 +27,6 @@ namespace
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
bool is_uppercase(const char character)
|
||||
{
|
||||
return toupper(character) == character;
|
||||
@@ -178,6 +177,28 @@ namespace
|
||||
c.emu.reg<int64_t>(x64_register::rax, ret);
|
||||
}
|
||||
|
||||
void apply_context(x64_emulator& emu, const CONTEXT& context)
|
||||
{
|
||||
emu.reg(x64_register::rax, context.Rax);
|
||||
emu.reg(x64_register::rbx, context.Rbx);
|
||||
emu.reg(x64_register::rcx, context.Rcx);
|
||||
emu.reg(x64_register::rdx, context.Rdx);
|
||||
emu.reg(x64_register::rsp, context.Rsp);
|
||||
emu.reg(x64_register::rbp, context.Rbp);
|
||||
emu.reg(x64_register::rsi, context.Rsi);
|
||||
emu.reg(x64_register::rdi, context.Rdi);
|
||||
emu.reg(x64_register::r8, context.R8);
|
||||
emu.reg(x64_register::r9, context.R9);
|
||||
emu.reg(x64_register::r10, context.R10);
|
||||
emu.reg(x64_register::r11, context.R11);
|
||||
emu.reg(x64_register::r12, context.R12);
|
||||
emu.reg(x64_register::r13, context.R13);
|
||||
emu.reg(x64_register::r14, context.R14);
|
||||
emu.reg(x64_register::r15, context.R15);
|
||||
|
||||
emu.reg(x64_register::rip, context.Rip);
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtQueryPerformanceCounter(const syscall_context&,
|
||||
const emulator_object<LARGE_INTEGER> performance_counter,
|
||||
const emulator_object<LARGE_INTEGER> performance_frequency)
|
||||
@@ -1021,12 +1042,51 @@ namespace
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtDeviceIoControlFile(const syscall_context& c)
|
||||
NTSTATUS handle_NtDeviceIoControlFile()
|
||||
{
|
||||
puts("NtDeviceIoControlFile not supported");
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtQueryWnfStateData()
|
||||
{
|
||||
puts("NtQueryWnfStateData not supported");
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtOpenProcessToken()
|
||||
{
|
||||
puts("NtOpenProcessToken not supported");
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtQuerySecurityAttributesToken()
|
||||
{
|
||||
puts("NtQuerySecurityAttributesToken not supported");
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtQueryLicenseValue()
|
||||
{
|
||||
puts("NtQueryLicenseValue not supported");
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtTestAlert()
|
||||
{
|
||||
puts("NtTestAlert not supported");
|
||||
return STATUS_NOT_SUPPORTED;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtContinue(const syscall_context& c, const emulator_object<CONTEXT> thread_context,
|
||||
const BOOLEAN raise_alert)
|
||||
{
|
||||
const auto context = thread_context.read();
|
||||
apply_context(c.emu, context);
|
||||
|
||||
return STATUS_SUCCESS;
|
||||
}
|
||||
|
||||
NTSTATUS handle_NtCreateFile(const syscall_context& c, const emulator_object<uint64_t> file_handle,
|
||||
ACCESS_MASK /*desired_access*/,
|
||||
const emulator_object<OBJECT_ATTRIBUTES> object_attributes)
|
||||
@@ -1098,6 +1158,12 @@ syscall_dispatcher::syscall_dispatcher(const exported_symbols& ntdll_exports)
|
||||
add_handler(NtConnectPort);
|
||||
add_handler(NtCreateFile);
|
||||
add_handler(NtDeviceIoControlFile);
|
||||
add_handler(NtQueryWnfStateData);
|
||||
add_handler(NtOpenProcessToken);
|
||||
add_handler(NtQuerySecurityAttributesToken);
|
||||
add_handler(NtQueryLicenseValue);
|
||||
add_handler(NtTestAlert);
|
||||
add_handler(NtContinue);
|
||||
|
||||
#undef add_handler
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user