Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enhancements - x86 support (WoW64 + native), ability to change function prefix #9

Merged
merged 3 commits into from Mar 13, 2022
Merged

Enhancements - x86 support (WoW64 + native), ability to change function prefix #9

merged 3 commits into from Mar 13, 2022

Conversation

bugproof
Copy link
Contributor

@bugproof bugproof commented Oct 7, 2021
edited

Seems to work. Please check if 32 bit version asm is correct.

I was wondering if a separate .asm file should be generated for this. Now the generated .asm will build on both architectures using IFDEF RAX.

Some ideas worth mentioning to improve this even further:

  • Add -x86/-32bit argument to optionally enable 32-bit support

Custom function prefix only works with Nt functions. I don't know if it's needed for Rtl as well.

Closes #7

@bugproof bugproof changed the title Add 32-bit support Enhancements (32-bit support, ability to change function prefix) Oct 7, 2021
@bugproof bugproof changed the title Enhancements (32-bit support, ability to change function prefix) Enhancements (wow64 support, ability to change function prefix) Oct 7, 2021
@bugproof bugproof changed the title Enhancements (wow64 support, ability to change function prefix) Enhancements - x86 support (WoW64 + native), ability to change function prefix Oct 7, 2021
@Mecanik
Copy link

Mecanik commented Oct 9, 2021

Great stuff, I will have a look soon (not much time really) :)

@Sh0ckFR
Copy link

Sh0ckFR commented Feb 1, 2022

I tried since this morning to make the code compatible, and now I just saw this PR, I hate my life but thanks a lot @bugproof

@xenoscr
Copy link
Contributor

xenoscr commented Feb 22, 2022

I have a variation that generates separate ASM files fro x86 and x64 as well as some changes to shave off some redundant code. Should I make a new pull request?

@Sh0ckFR
Copy link

Sh0ckFR commented Feb 22, 2022
edited

I have a variation that generates separate ASM files fro x86 and x64 as well as some changes to shave off some redundant code. Should I make a new pull request?

I did the same thing on my side but not tested it, I just waited this PR but do not worry, I will let you create a new PR ;)

Here is my changes if you want to take a look and maybe improve your version: https://github.com/Sh0ckFR/SysWhispers2

xenoscr added a commit to xenoscr/SysWhispers2 that referenced this pull request Feb 27, 2022
@xenoscr
Adding x86 Support (Wow64+native) with refactoring. This commit is si…
533c686 
…milar to jthuraisamy#9 and some inspiration from https://github.com/mai1zhi2/SysWhispers2_x86/blob/main/SysWhispers2_x86_WOW64Gate/SyscallsStubs.asm.

Updated README.md with instructions to support both x86 and x64 targets.
Updated base.c to support x86 registers
Updated syswhispers.py to add x86 and x64 stubs to support a refactored version that uses fewer redundant instructions.
This was referenced Feb 27, 2022
Closed
Closed
@odzhan odzhan merged commit 90dbc1e into jthuraisamy:main Mar 13, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Improvements/Suggestions (function names, x86, wow64)
5 participants
@bugproof @Mecanik @Sh0ckFR @xenoscr @odzhan