Skip to content

Commit 32f2abc

Browse files
ntoskrnl7ntoskrnl7
authored
Merge pull request #14 from ntoskrnl7/fix/peb-teb
Fix PEB, TEB
2 parents 8883233 + eadb396 commit 32f2abc

File tree

5 files changed

+31
-3
lines changed

5 files changed

+31
-3
lines changed

include/Ldk/peb.h

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,8 +3,22 @@
33
#ifndef _LDK_PEB_
44
#define _LDK_PEB_
55

6+
#include <winnt.h>
7+
#include <minwindef.h>
8+
9+
#define RTL_USER_PROC_SECURE_PROCESS 0x80000000
10+
11+
typedef struct _RTL_USER_PROCESS_PARAMETERS {
12+
ULONG MaximumLength;
13+
ULONG Length;
14+
ULONG Flags;
15+
} RTL_USER_PROCESS_PARAMETERS, *PRTL_USER_PROCESS_PARAMETERS;
16+
17+
#define FLG_APPLICATION_VERIFIER 0x0100
18+
619
typedef struct _LDK_PEB {
720
ULONG NtGlobalFlag;
21+
PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
822
} LDK_PEB, *PLDK_PEB;
923

1024
#endif // _LDK_PEB_

include/Ldk/teb.h

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
#pragma once
2+
3+
#ifndef _LDK_TEB_
4+
#define _LDK_TEB_
5+
6+
#include "peb.h"
7+
8+
typedef struct _LDK_TEB {
9+
PLDK_PEB ProcessEnvironmentBlock;
10+
} LDK_TEB, *PLDK_TEB;
11+
12+
#endif // _LDK_TEB_

src/peb.h

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -49,10 +49,11 @@ typedef struct _RTL_USER_PROCESS_PARAMETERS {
4949
typedef struct _LDK_PEB {
5050

5151
ULONG NtGlobalFlag;
52+
PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
5253

5354
PVOID ImageBaseAddress;
5455
SIZE_T ImageBaseSize;
55-
56+
5657
// \??\X:\~~~
5758
ANSI_STRING FullPathName;
5859

@@ -61,8 +62,6 @@ typedef struct _LDK_PEB {
6162

6263
LARGE_INTEGER CriticalSectionTimeout;
6364

64-
PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
65-
6665
PDRIVER_OBJECT DriverObject;
6766
UNICODE_STRING RegistryPath;
6867

src/teb.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,7 @@ LdkpCreateTeb (
4646
ExFreeToNPagedLookasideList(&LdkpTebLookaside, Teb);
4747
return NULL;
4848
}
49+
Teb->ProcessEnvironmentBlock = LdkCurrentPeb();
4950
return Teb;
5051
}
5152

src/teb.h

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,6 +6,8 @@
66

77
typedef struct _LDK_TEB {
88

9+
PLDK_PEB ProcessEnvironmentBlock;
10+
911
EX_RUNDOWN_REF RundownProtect;
1012

1113
PETHREAD Thread;

0 commit comments

Comments
 (0)