Reading TEB+PEB memory fail

[HongThatCong]

Test with a example Donut shellcode.
Error reading TEB memory to get PEB in the usual, common way that shellcodes often use.
Please allocate and build TEB and PEB structs.

37 0x3e9464: push  rdi ;0x0
38 0x3e9465: sub   rsp,20h
39 0x3e9469: mov   rax,gs:[30h]
39 Reading TEB 0x7fffffdd000
40 0x3e9472: mov   rdi,r8
41 0x3e9475: mov   rsi,rdx
42 0x3e9478: mov   rbp,rcx
43 0x3e947b: xor   r10d,r10d
44 0x3e947e: mov   r9,[rax+60h]
45 0x3e9482: mov   rax,[r9+18h]
/!\ error dereferencing qword on 0x7fffffdf018
exception without any SEH handler nor vector configured.

donut.bin.gz

Tks very much

[sha0coder]

Hello, with some modifications it’s emulating 7,093,034 instructions,
and don't continue the emulation because is calling a function on the injected process.

7093034 0x3e7a37: call  r15
/!\ changing RIP to loader.text
thread 'main' panicked at /Users/jesus/src/libscemu/src/emu/winapi64.rs:30:14:
/!\ trying to execute on loader.text at 0x7ff00ac2720

[sha0coder]

libscemu git updated and published to crates.io.
scemu git updated.
pyscemu updating ...

[sha0coder]

pyscemu also updated.

Thanks for using scemu.