A tool for deriving PKG packet encryption keys for ps4 written in c++
| 1 | // SPDX-FileCopyrightText: Copyright 2024 shadPS4 Emulator Project |
| 2 | // SPDX-License-Identifier: GPL-2.0-or-later |
| 3 | |
| 4 | #pragma once |
| 5 | |
| 6 | #ifdef _WIN32 |
| 7 | |
| 8 | #include <windows.h> |
| 9 | #include "common/shadpkg_types.h" |
| 10 | |
| 11 | typedef enum _FILE_INFORMATION_CLASS { |
| 12 | FileDirectoryInformation = 1, |
| 13 | FileFullDirectoryInformation = 2, |
| 14 | FileBothDirectoryInformation = 3, |
| 15 | FileBasicInformation = 4, |
| 16 | FileStandardInformation = 5, |
| 17 | FileInternalInformation = 6, |
| 18 | FileEaInformation = 7, |
| 19 | FileAccessInformation = 8, |
| 20 | FileNameInformation = 9, |
| 21 | FileRenameInformation = 10, |
| 22 | FileLinkInformation = 11, |
| 23 | FileNamesInformation = 12, |
| 24 | FileDispositionInformation = 13, |
| 25 | FilePositionInformation = 14, |
| 26 | FileFullEaInformation = 15, |
| 27 | FileModeInformation = 16, |
| 28 | FileAlignmentInformation = 17, |
| 29 | FileAllInformation = 18, |
| 30 | FileAllocationInformation = 19, |
| 31 | FileEndOfFileInformation = 20, |
| 32 | FileAlternateNameInformation = 21, |
| 33 | FileStreamInformation = 22, |
| 34 | FilePipeInformation = 23, |
| 35 | FilePipeLocalInformation = 24, |
| 36 | FilePipeRemoteInformation = 25, |
| 37 | FileMailslotQueryInformation = 26, |
| 38 | FileMailslotSetInformation = 27, |
| 39 | FileCompressionInformation = 28, |
| 40 | FileObjectIdInformation = 29, |
| 41 | FileCompletionInformation = 30, |
| 42 | FileMoveClusterInformation = 31, |
| 43 | FileQuotaInformation = 32, |
| 44 | FileReparsePointInformation = 33, |
| 45 | FileNetworkOpenInformation = 34, |
| 46 | FileAttributeTagInformation = 35, |
| 47 | FileTrackingInformation = 36, |
| 48 | FileIdBothDirectoryInformation = 37, |
| 49 | FileIdFullDirectoryInformation = 38, |
| 50 | FileValidDataLengthInformation = 39, |
| 51 | FileShortNameInformation = 40, |
| 52 | FileIoCompletionNotificationInformation = 41, |
| 53 | FileIoStatusBlockRangeInformation = 42, |
| 54 | FileIoPriorityHintInformation = 43, |
| 55 | FileSfioReserveInformation = 44, |
| 56 | FileSfioVolumeInformation = 45, |
| 57 | FileHardLinkInformation = 46, |
| 58 | FileProcessIdsUsingFileInformation = 47, |
| 59 | FileNormalizedNameInformation = 48, |
| 60 | FileNetworkPhysicalNameInformation = 49, |
| 61 | FileIdGlobalTxDirectoryInformation = 50, |
| 62 | FileIsRemoteDeviceInformation = 51, |
| 63 | FileUnusedInformation = 52, |
| 64 | FileNumaNodeInformation = 53, |
| 65 | FileStandardLinkInformation = 54, |
| 66 | FileRemoteProtocolInformation = 55, |
| 67 | FileRenameInformationBypassAccessCheck = 56, |
| 68 | FileLinkInformationBypassAccessCheck = 57, |
| 69 | FileVolumeNameInformation = 58, |
| 70 | FileIdInformation = 59, |
| 71 | FileIdExtdDirectoryInformation = 60, |
| 72 | FileReplaceCompletionInformation = 61, |
| 73 | FileHardLinkFullIdInformation = 62, |
| 74 | FileIdExtdBothDirectoryInformation = 63, |
| 75 | FileDispositionInformationEx = 64, |
| 76 | FileRenameInformationEx = 65, |
| 77 | FileRenameInformationExBypassAccessCheck = 66, |
| 78 | FileDesiredStorageClassInformation = 67, |
| 79 | FileStatInformation = 68, |
| 80 | FileMemoryPartitionInformation = 69, |
| 81 | FileStatLxInformation = 70, |
| 82 | FileCaseSensitiveInformation = 71, |
| 83 | FileLinkInformationEx = 72, |
| 84 | FileLinkInformationExBypassAccessCheck = 73, |
| 85 | FileStorageReserveIdInformation = 74, |
| 86 | FileCaseSensitiveInformationForceAccessCheck = 75, |
| 87 | FileKnownFolderInformation = 76, |
| 88 | FileStatBasicInformation = 77, |
| 89 | FileId64ExtdDirectoryInformation = 78, |
| 90 | FileId64ExtdBothDirectoryInformation = 79, |
| 91 | FileIdAllExtdDirectoryInformation = 80, |
| 92 | FileIdAllExtdBothDirectoryInformation = 81, |
| 93 | FileStreamReservationInformation, |
| 94 | FileMupProviderInfo, |
| 95 | FileMaximumInformation |
| 96 | } FILE_INFORMATION_CLASS, |
| 97 | *PFILE_INFORMATION_CLASS; |
| 98 | |
| 99 | typedef struct _IO_STATUS_BLOCK { |
| 100 | union { |
| 101 | u32 Status; |
| 102 | PVOID Pointer; |
| 103 | }; |
| 104 | ULONG_PTR Information; |
| 105 | } IO_STATUS_BLOCK, *PIO_STATUS_BLOCK; |
| 106 | |
| 107 | typedef struct _FILE_DISPOSITION_INFORMATION { |
| 108 | BOOLEAN DeleteFile; |
| 109 | } FILE_DISPOSITION_INFORMATION, *PFILE_DISPOSITION_INFORMATION; |
| 110 | |
| 111 | typedef struct _UNICODE_STRING { |
| 112 | USHORT Length; |
| 113 | USHORT MaximumLength; |
| 114 | PWCH Buffer; |
| 115 | } UNICODE_STRING, *PUNICODE_STRING; |
| 116 | |
| 117 | typedef const UNICODE_STRING* PCUNICODE_STRING; |
| 118 | |
| 119 | typedef struct _OBJECT_ATTRIBUTES { |
| 120 | ULONG Length; |
| 121 | HANDLE RootDirectory; |
| 122 | PCUNICODE_STRING ObjectName; |
| 123 | ULONG Attributes; |
| 124 | PVOID SecurityDescriptor; // PSECURITY_DESCRIPTOR; |
| 125 | PVOID SecurityQualityOfService; // PSECURITY_QUALITY_OF_SERVICE |
| 126 | } OBJECT_ATTRIBUTES, *POBJECT_ATTRIBUTES; |
| 127 | |
| 128 | typedef const OBJECT_ATTRIBUTES* PCOBJECT_ATTRIBUTES; |
| 129 | |
| 130 | typedef struct _CLIENT_ID { |
| 131 | HANDLE UniqueProcess; |
| 132 | HANDLE UniqueThread; |
| 133 | } CLIENT_ID, *PCLIENT_ID; |
| 134 | |
| 135 | typedef struct _INITIAL_TEB { |
| 136 | struct { |
| 137 | PVOID OldStackBase; |
| 138 | PVOID OldStackLimit; |
| 139 | } OldInitialTeb; |
| 140 | PVOID StackBase; |
| 141 | PVOID StackLimit; |
| 142 | PVOID StackAllocationBase; |
| 143 | } INITIAL_TEB, *PINITIAL_TEB; |
| 144 | |
| 145 | typedef struct _PEB_LDR_DATA { |
| 146 | ULONG Length; |
| 147 | BOOLEAN Initialized; |
| 148 | PVOID SsHandle; |
| 149 | LIST_ENTRY InLoadOrderModuleList; |
| 150 | LIST_ENTRY InMemoryOrderModuleList; |
| 151 | LIST_ENTRY InInitializationOrderModuleList; |
| 152 | PVOID EntryInProgress; |
| 153 | BOOLEAN ShutdownInProgress; |
| 154 | HANDLE ShutdownThreadId; |
| 155 | } PEB_LDR_DATA, *PPEB_LDR_DATA; |
| 156 | |
| 157 | typedef struct _CURDIR { |
| 158 | UNICODE_STRING DosPath; |
| 159 | PVOID Handle; |
| 160 | } CURDIR, *PCURDIR; |
| 161 | |
| 162 | typedef struct RTL_DRIVE_LETTER_CURDIR { |
| 163 | USHORT Flags; |
| 164 | USHORT Length; |
| 165 | ULONG TimeStamp; |
| 166 | UNICODE_STRING DosPath; |
| 167 | } RTL_DRIVE_LETTER_CURDIR, *PRTL_DRIVE_LETTER_CURDIR; |
| 168 | |
| 169 | typedef struct _RTL_USER_PROCESS_PARAMETERS { |
| 170 | ULONG AllocationSize; |
| 171 | ULONG Size; |
| 172 | ULONG Flags; |
| 173 | ULONG DebugFlags; |
| 174 | HANDLE ConsoleHandle; |
| 175 | ULONG ConsoleFlags; |
| 176 | HANDLE hStdInput; |
| 177 | HANDLE hStdOutput; |
| 178 | HANDLE hStdError; |
| 179 | CURDIR CurrentDirectory; |
| 180 | UNICODE_STRING DllPath; |
| 181 | UNICODE_STRING ImagePathName; |
| 182 | UNICODE_STRING CommandLine; |
| 183 | PWSTR Environment; |
| 184 | ULONG dwX; |
| 185 | ULONG dwY; |
| 186 | ULONG dwXSize; |
| 187 | ULONG dwYSize; |
| 188 | ULONG dwXCountChars; |
| 189 | ULONG dwYCountChars; |
| 190 | ULONG dwFillAttribute; |
| 191 | ULONG dwFlags; |
| 192 | ULONG wShowWindow; |
| 193 | UNICODE_STRING WindowTitle; |
| 194 | UNICODE_STRING Desktop; |
| 195 | UNICODE_STRING ShellInfo; |
| 196 | UNICODE_STRING RuntimeInfo; |
| 197 | RTL_DRIVE_LETTER_CURDIR DLCurrentDirectory[0x20]; |
| 198 | ULONG_PTR EnvironmentSize; |
| 199 | ULONG_PTR EnvironmentVersion; |
| 200 | PVOID PackageDependencyData; |
| 201 | ULONG ProcessGroupId; |
| 202 | ULONG LoaderThreads; |
| 203 | } RTL_USER_PROCESS_PARAMETERS, *PRTL_USER_PROCESS_PARAMETERS; |
| 204 | |
| 205 | typedef struct tagRTL_BITMAP { |
| 206 | ULONG SizeOfBitMap; |
| 207 | PULONG Buffer; |
| 208 | } RTL_BITMAP, *PRTL_BITMAP; |
| 209 | |
| 210 | typedef struct { |
| 211 | UINT next; |
| 212 | UINT id; |
| 213 | ULONGLONG addr; |
| 214 | ULONGLONG size; |
| 215 | UINT args[4]; |
| 216 | } CROSS_PROCESS_WORK_ENTRY; |
| 217 | |
| 218 | typedef union { |
| 219 | struct { |
| 220 | UINT first; |
| 221 | UINT counter; |
| 222 | }; |
| 223 | volatile LONGLONG hdr; |
| 224 | } CROSS_PROCESS_WORK_HDR; |
| 225 | |
| 226 | typedef struct { |
| 227 | CROSS_PROCESS_WORK_HDR free_list; |
| 228 | CROSS_PROCESS_WORK_HDR work_list; |
| 229 | ULONGLONG unknown[4]; |
| 230 | CROSS_PROCESS_WORK_ENTRY entries[1]; |
| 231 | } CROSS_PROCESS_WORK_LIST; |
| 232 | |
| 233 | typedef struct _CHPEV2_PROCESS_INFO { |
| 234 | ULONG Wow64ExecuteFlags; /* 000 */ |
| 235 | USHORT NativeMachineType; /* 004 */ |
| 236 | USHORT EmulatedMachineType; /* 006 */ |
| 237 | HANDLE SectionHandle; /* 008 */ |
| 238 | CROSS_PROCESS_WORK_LIST* CrossProcessWorkList; /* 010 */ |
| 239 | void* unknown; /* 018 */ |
| 240 | } CHPEV2_PROCESS_INFO, *PCHPEV2_PROCESS_INFO; |
| 241 | |
| 242 | typedef u64(__stdcall* KERNEL_CALLBACK_PROC)(void*, ULONG); |
| 243 | |
| 244 | typedef struct _PEB { /* win32/win64 */ |
| 245 | BOOLEAN InheritedAddressSpace; /* 000/000 */ |
| 246 | BOOLEAN ReadImageFileExecOptions; /* 001/001 */ |
| 247 | BOOLEAN BeingDebugged; /* 002/002 */ |
| 248 | UCHAR ImageUsedLargePages : 1; /* 003/003 */ |
| 249 | UCHAR IsProtectedProcess : 1; |
| 250 | UCHAR IsImageDynamicallyRelocated : 1; |
| 251 | UCHAR SkipPatchingUser32Forwarders : 1; |
| 252 | UCHAR IsPackagedProcess : 1; |
| 253 | UCHAR IsAppContainer : 1; |
| 254 | UCHAR IsProtectedProcessLight : 1; |
| 255 | UCHAR IsLongPathAwareProcess : 1; |
| 256 | HANDLE Mutant; /* 004/008 */ |
| 257 | HMODULE ImageBaseAddress; /* 008/010 */ |
| 258 | PPEB_LDR_DATA LdrData; /* 00c/018 */ |
| 259 | RTL_USER_PROCESS_PARAMETERS* ProcessParameters; /* 010/020 */ |
| 260 | PVOID SubSystemData; /* 014/028 */ |
| 261 | HANDLE ProcessHeap; /* 018/030 */ |
| 262 | PRTL_CRITICAL_SECTION FastPebLock; /* 01c/038 */ |
| 263 | PVOID AtlThunkSListPtr; /* 020/040 */ |
| 264 | PVOID IFEOKey; /* 024/048 */ |
| 265 | ULONG ProcessInJob : 1; /* 028/050 */ |
| 266 | ULONG ProcessInitializing : 1; |
| 267 | ULONG ProcessUsingVEH : 1; |
| 268 | ULONG ProcessUsingVCH : 1; |
| 269 | ULONG ProcessUsingFTH : 1; |
| 270 | ULONG ProcessPreviouslyThrottled : 1; |
| 271 | ULONG ProcessCurrentlyThrottled : 1; |
| 272 | ULONG ProcessImagesHotPatched : 1; |
| 273 | ULONG ReservedBits0 : 24; |
| 274 | KERNEL_CALLBACK_PROC* KernelCallbackTable; /* 02c/058 */ |
| 275 | ULONG Reserved; /* 030/060 */ |
| 276 | ULONG AtlThunkSListPtr32; /* 034/064 */ |
| 277 | PVOID ApiSetMap; /* 038/068 */ |
| 278 | ULONG TlsExpansionCounter; /* 03c/070 */ |
| 279 | PRTL_BITMAP TlsBitmap; /* 040/078 */ |
| 280 | ULONG TlsBitmapBits[2]; /* 044/080 */ |
| 281 | PVOID ReadOnlySharedMemoryBase; /* 04c/088 */ |
| 282 | PVOID SharedData; /* 050/090 */ |
| 283 | PVOID* ReadOnlyStaticServerData; /* 054/098 */ |
| 284 | PVOID AnsiCodePageData; /* 058/0a0 */ |
| 285 | PVOID OemCodePageData; /* 05c/0a8 */ |
| 286 | PVOID UnicodeCaseTableData; /* 060/0b0 */ |
| 287 | ULONG NumberOfProcessors; /* 064/0b8 */ |
| 288 | ULONG NtGlobalFlag; /* 068/0bc */ |
| 289 | LARGE_INTEGER CriticalSectionTimeout; /* 070/0c0 */ |
| 290 | SIZE_T HeapSegmentReserve; /* 078/0c8 */ |
| 291 | SIZE_T HeapSegmentCommit; /* 07c/0d0 */ |
| 292 | SIZE_T HeapDeCommitTotalFreeThreshold; /* 080/0d8 */ |
| 293 | SIZE_T HeapDeCommitFreeBlockThreshold; /* 084/0e0 */ |
| 294 | ULONG NumberOfHeaps; /* 088/0e8 */ |
| 295 | ULONG MaximumNumberOfHeaps; /* 08c/0ec */ |
| 296 | PVOID* ProcessHeaps; /* 090/0f0 */ |
| 297 | PVOID GdiSharedHandleTable; /* 094/0f8 */ |
| 298 | PVOID ProcessStarterHelper; /* 098/100 */ |
| 299 | PVOID GdiDCAttributeList; /* 09c/108 */ |
| 300 | PVOID LoaderLock; /* 0a0/110 */ |
| 301 | ULONG OSMajorVersion; /* 0a4/118 */ |
| 302 | ULONG OSMinorVersion; /* 0a8/11c */ |
| 303 | ULONG OSBuildNumber; /* 0ac/120 */ |
| 304 | ULONG OSPlatformId; /* 0b0/124 */ |
| 305 | ULONG ImageSubSystem; /* 0b4/128 */ |
| 306 | ULONG ImageSubSystemMajorVersion; /* 0b8/12c */ |
| 307 | ULONG ImageSubSystemMinorVersion; /* 0bc/130 */ |
| 308 | KAFFINITY ActiveProcessAffinityMask; /* 0c0/138 */ |
| 309 | #ifdef _WIN64 |
| 310 | ULONG GdiHandleBuffer[60]; /* /140 */ |
| 311 | #else |
| 312 | ULONG GdiHandleBuffer[34]; /* 0c4/ */ |
| 313 | #endif |
| 314 | PVOID PostProcessInitRoutine; /* 14c/230 */ |
| 315 | PRTL_BITMAP TlsExpansionBitmap; /* 150/238 */ |
| 316 | ULONG TlsExpansionBitmapBits[32]; /* 154/240 */ |
| 317 | ULONG SessionId; /* 1d4/2c0 */ |
| 318 | ULARGE_INTEGER AppCompatFlags; /* 1d8/2c8 */ |
| 319 | ULARGE_INTEGER AppCompatFlagsUser; /* 1e0/2d0 */ |
| 320 | PVOID ShimData; /* 1e8/2d8 */ |
| 321 | PVOID AppCompatInfo; /* 1ec/2e0 */ |
| 322 | UNICODE_STRING CSDVersion; /* 1f0/2e8 */ |
| 323 | PVOID ActivationContextData; /* 1f8/2f8 */ |
| 324 | PVOID ProcessAssemblyStorageMap; /* 1fc/300 */ |
| 325 | PVOID SystemDefaultActivationData; /* 200/308 */ |
| 326 | PVOID SystemAssemblyStorageMap; /* 204/310 */ |
| 327 | SIZE_T MinimumStackCommit; /* 208/318 */ |
| 328 | PVOID* FlsCallback; /* 20c/320 */ |
| 329 | LIST_ENTRY FlsListHead; /* 210/328 */ |
| 330 | union { |
| 331 | PRTL_BITMAP FlsBitmap; /* 218/338 */ |
| 332 | #ifdef _WIN64 |
| 333 | CHPEV2_PROCESS_INFO* ChpeV2ProcessInfo; /* /338 */ |
| 334 | #endif |
| 335 | }; |
| 336 | ULONG FlsBitmapBits[4]; /* 21c/340 */ |
| 337 | ULONG FlsHighIndex; /* 22c/350 */ |
| 338 | PVOID WerRegistrationData; /* 230/358 */ |
| 339 | PVOID WerShipAssertPtr; /* 234/360 */ |
| 340 | PVOID EcCodeBitMap; /* 238/368 */ |
| 341 | PVOID pImageHeaderHash; /* 23c/370 */ |
| 342 | ULONG HeapTracingEnabled : 1; /* 240/378 */ |
| 343 | ULONG CritSecTracingEnabled : 1; |
| 344 | ULONG LibLoaderTracingEnabled : 1; |
| 345 | ULONG SpareTracingBits : 29; |
| 346 | ULONGLONG CsrServerReadOnlySharedMemoryBase; /* 248/380 */ |
| 347 | ULONG TppWorkerpListLock; /* 250/388 */ |
| 348 | LIST_ENTRY TppWorkerpList; /* 254/390 */ |
| 349 | PVOID WaitOnAddressHashTable[0x80]; /* 25c/3a0 */ |
| 350 | PVOID TelemetryCoverageHeader; /* 45c/7a0 */ |
| 351 | ULONG CloudFileFlags; /* 460/7a8 */ |
| 352 | ULONG CloudFileDiagFlags; /* 464/7ac */ |
| 353 | CHAR PlaceholderCompatibilityMode; /* 468/7b0 */ |
| 354 | CHAR PlaceholderCompatibilityModeReserved[7]; /* 469/7b1 */ |
| 355 | PVOID LeapSecondData; /* 470/7b8 */ |
| 356 | ULONG LeapSecondFlags; /* 474/7c0 */ |
| 357 | ULONG NtGlobalFlag2; /* 478/7c4 */ |
| 358 | } PEB, *PPEB; |
| 359 | |
| 360 | typedef struct _RTL_ACTIVATION_CONTEXT_STACK_FRAME { |
| 361 | struct _RTL_ACTIVATION_CONTEXT_STACK_FRAME* Previous; |
| 362 | struct _ACTIVATION_CONTEXT* ActivationContext; |
| 363 | ULONG Flags; |
| 364 | } RTL_ACTIVATION_CONTEXT_STACK_FRAME, *PRTL_ACTIVATION_CONTEXT_STACK_FRAME; |
| 365 | |
| 366 | typedef struct _ACTIVATION_CONTEXT_STACK { |
| 367 | RTL_ACTIVATION_CONTEXT_STACK_FRAME* ActiveFrame; |
| 368 | LIST_ENTRY FrameListCache; |
| 369 | ULONG Flags; |
| 370 | ULONG NextCookieSequenceNumber; |
| 371 | ULONG_PTR StackId; |
| 372 | } ACTIVATION_CONTEXT_STACK, *PACTIVATION_CONTEXT_STACK; |
| 373 | |
| 374 | typedef struct _GDI_TEB_BATCH { |
| 375 | ULONG Offset; |
| 376 | HANDLE HDC; |
| 377 | ULONG Buffer[0x136]; |
| 378 | } GDI_TEB_BATCH; |
| 379 | |
| 380 | typedef struct _TEB_ACTIVE_FRAME_CONTEXT { |
| 381 | ULONG Flags; |
| 382 | const char* FrameName; |
| 383 | } TEB_ACTIVE_FRAME_CONTEXT, *PTEB_ACTIVE_FRAME_CONTEXT; |
| 384 | |
| 385 | typedef struct _TEB_ACTIVE_FRAME { |
| 386 | ULONG Flags; |
| 387 | struct _TEB_ACTIVE_FRAME* Previous; |
| 388 | TEB_ACTIVE_FRAME_CONTEXT* Context; |
| 389 | } TEB_ACTIVE_FRAME, *PTEB_ACTIVE_FRAME; |
| 390 | |
| 391 | typedef struct _TEB { /* win32/win64 */ |
| 392 | NT_TIB Tib; /* 000/0000 */ |
| 393 | PVOID EnvironmentPointer; /* 01c/0038 */ |
| 394 | CLIENT_ID ClientId; /* 020/0040 */ |
| 395 | PVOID ActiveRpcHandle; /* 028/0050 */ |
| 396 | PVOID ThreadLocalStoragePointer; /* 02c/0058 */ |
| 397 | PPEB Peb; /* 030/0060 */ |
| 398 | ULONG LastErrorValue; /* 034/0068 */ |
| 399 | ULONG CountOfOwnedCriticalSections; /* 038/006c */ |
| 400 | PVOID CsrClientThread; /* 03c/0070 */ |
| 401 | PVOID Win32ThreadInfo; /* 040/0078 */ |
| 402 | ULONG User32Reserved[26]; /* 044/0080 */ |
| 403 | ULONG UserReserved[5]; /* 0ac/00e8 */ |
| 404 | PVOID WOW32Reserved; /* 0c0/0100 */ |
| 405 | ULONG CurrentLocale; /* 0c4/0108 */ |
| 406 | ULONG FpSoftwareStatusRegister; /* 0c8/010c */ |
| 407 | PVOID ReservedForDebuggerInstrumentation[16]; /* 0cc/0110 */ |
| 408 | #ifdef _WIN64 |
| 409 | PVOID SystemReserved1[30]; /* /0190 */ |
| 410 | #else |
| 411 | PVOID SystemReserved1[26]; /* 10c/ */ |
| 412 | #endif |
| 413 | char PlaceholderCompatibilityMode; /* 174/0280 */ |
| 414 | BOOLEAN PlaceholderHydrationAlwaysExplicit; /* 175/0281 */ |
| 415 | char PlaceholderReserved[10]; /* 176/0282 */ |
| 416 | DWORD ProxiedProcessId; /* 180/028c */ |
| 417 | ACTIVATION_CONTEXT_STACK ActivationContextStack; /* 184/0290 */ |
| 418 | UCHAR WorkingOnBehalfOfTicket[8]; /* 19c/02b8 */ |
| 419 | LONG ExceptionCode; /* 1a4/02c0 */ |
| 420 | ACTIVATION_CONTEXT_STACK* ActivationContextStackPointer; /* 1a8/02c8 */ |
| 421 | ULONG_PTR InstrumentationCallbackSp; /* 1ac/02d0 */ |
| 422 | ULONG_PTR InstrumentationCallbackPreviousPc; /* 1b0/02d8 */ |
| 423 | ULONG_PTR InstrumentationCallbackPreviousSp; /* 1b4/02e0 */ |
| 424 | #ifdef _WIN64 |
| 425 | ULONG TxFsContext; /* /02e8 */ |
| 426 | BOOLEAN InstrumentationCallbackDisabled; /* /02ec */ |
| 427 | BOOLEAN UnalignedLoadStoreExceptions; /* /02ed */ |
| 428 | #else |
| 429 | BOOLEAN InstrumentationCallbackDisabled; /* 1b8/ */ |
| 430 | BYTE SpareBytes1[23]; /* 1b9/ */ |
| 431 | ULONG TxFsContext; /* 1d0/ */ |
| 432 | #endif |
| 433 | GDI_TEB_BATCH GdiTebBatch; /* 1d4/02f0 */ |
| 434 | CLIENT_ID RealClientId; /* 6b4/07d8 */ |
| 435 | HANDLE GdiCachedProcessHandle; /* 6bc/07e8 */ |
| 436 | ULONG GdiClientPID; /* 6c0/07f0 */ |
| 437 | ULONG GdiClientTID; /* 6c4/07f4 */ |
| 438 | PVOID GdiThreadLocaleInfo; /* 6c8/07f8 */ |
| 439 | ULONG_PTR Win32ClientInfo[62]; /* 6cc/0800 */ |
| 440 | PVOID glDispatchTable[233]; /* 7c4/09f0 */ |
| 441 | PVOID glReserved1[29]; /* b68/1138 */ |
| 442 | PVOID glReserved2; /* bdc/1220 */ |
| 443 | PVOID glSectionInfo; /* be0/1228 */ |
| 444 | PVOID glSection; /* be4/1230 */ |
| 445 | PVOID glTable; /* be8/1238 */ |
| 446 | PVOID glCurrentRC; /* bec/1240 */ |
| 447 | PVOID glContext; /* bf0/1248 */ |
| 448 | ULONG LastStatusValue; /* bf4/1250 */ |
| 449 | UNICODE_STRING StaticUnicodeString; /* bf8/1258 */ |
| 450 | WCHAR StaticUnicodeBuffer[261]; /* c00/1268 */ |
| 451 | PVOID DeallocationStack; /* e0c/1478 */ |
| 452 | PVOID TlsSlots[64]; /* e10/1480 */ |
| 453 | LIST_ENTRY TlsLinks; /* f10/1680 */ |
| 454 | PVOID Vdm; /* f18/1690 */ |
| 455 | PVOID ReservedForNtRpc; /* f1c/1698 */ |
| 456 | PVOID DbgSsReserved[2]; /* f20/16a0 */ |
| 457 | ULONG HardErrorMode; /* f28/16b0 */ |
| 458 | #ifdef _WIN64 |
| 459 | PVOID Instrumentation[11]; /* /16b8 */ |
| 460 | #else |
| 461 | PVOID Instrumentation[9]; /* f2c/ */ |
| 462 | #endif |
| 463 | GUID ActivityId; /* f50/1710 */ |
| 464 | PVOID SubProcessTag; /* f60/1720 */ |
| 465 | PVOID PerflibData; /* f64/1728 */ |
| 466 | PVOID EtwTraceData; /* f68/1730 */ |
| 467 | PVOID WinSockData; /* f6c/1738 */ |
| 468 | ULONG GdiBatchCount; /* f70/1740 */ |
| 469 | ULONG IdealProcessorValue; /* f74/1744 */ |
| 470 | ULONG GuaranteedStackBytes; /* f78/1748 */ |
| 471 | PVOID ReservedForPerf; /* f7c/1750 */ |
| 472 | PVOID ReservedForOle; /* f80/1758 */ |
| 473 | ULONG WaitingOnLoaderLock; /* f84/1760 */ |
| 474 | PVOID SavedPriorityState; /* f88/1768 */ |
| 475 | ULONG_PTR ReservedForCodeCoverage; /* f8c/1770 */ |
| 476 | PVOID ThreadPoolData; /* f90/1778 */ |
| 477 | PVOID* TlsExpansionSlots; /* f94/1780 */ |
| 478 | #ifdef _WIN64 |
| 479 | union { |
| 480 | PVOID DeallocationBStore; /* /1788 */ |
| 481 | PVOID* ChpeV2CpuAreaInfo; /* /1788 */ |
| 482 | } DUMMYUNIONNAME; |
| 483 | PVOID BStoreLimit; /* /1790 */ |
| 484 | #endif |
| 485 | ULONG MuiGeneration; /* f98/1798 */ |
| 486 | ULONG IsImpersonating; /* f9c/179c */ |
| 487 | PVOID NlsCache; /* fa0/17a0 */ |
| 488 | PVOID ShimData; /* fa4/17a8 */ |
| 489 | ULONG HeapVirtualAffinity; /* fa8/17b0 */ |
| 490 | PVOID CurrentTransactionHandle; /* fac/17b8 */ |
| 491 | TEB_ACTIVE_FRAME* ActiveFrame; /* fb0/17c0 */ |
| 492 | PVOID* FlsSlots; /* fb4/17c8 */ |
| 493 | PVOID PreferredLanguages; /* fb8/17d0 */ |
| 494 | PVOID UserPrefLanguages; /* fbc/17d8 */ |
| 495 | PVOID MergedPrefLanguages; /* fc0/17e0 */ |
| 496 | ULONG MuiImpersonation; /* fc4/17e8 */ |
| 497 | USHORT CrossTebFlags; /* fc8/17ec */ |
| 498 | USHORT SameTebFlags; /* fca/17ee */ |
| 499 | PVOID TxnScopeEnterCallback; /* fcc/17f0 */ |
| 500 | PVOID TxnScopeExitCallback; /* fd0/17f8 */ |
| 501 | PVOID TxnScopeContext; /* fd4/1800 */ |
| 502 | ULONG LockCount; /* fd8/1808 */ |
| 503 | LONG WowTebOffset; /* fdc/180c */ |
| 504 | PVOID ResourceRetValue; /* fe0/1810 */ |
| 505 | PVOID ReservedForWdf; /* fe4/1818 */ |
| 506 | ULONGLONG ReservedForCrt; /* fe8/1820 */ |
| 507 | GUID EffectiveContainerId; /* ff0/1828 */ |
| 508 | } TEB, *PTEB; |
| 509 | static_assert(offsetof(TEB, DeallocationStack) == |
| 510 | 0x1478); /* The only member we care about at the moment */ |
| 511 | |
| 512 | typedef union _USER_APC_OPTION { |
| 513 | ULONG_PTR UserApcFlags; |
| 514 | HANDLE MemoryReserveHandle; |
| 515 | } USER_APC_OPTION, *PUSER_APC_OPTION; |
| 516 | |
| 517 | using PPS_APC_ROUTINE = void (*)(PVOID ApcArgument1, PVOID ApcArgument2, PVOID ApcArgument3, |
| 518 | PCONTEXT Context); |
| 519 | |
| 520 | typedef u64(__stdcall* NtClose_t)(HANDLE Handle); |
| 521 | |
| 522 | typedef u64(__stdcall* NtSetInformationFile_t)(HANDLE FileHandle, PIO_STATUS_BLOCK IoStatusBlock, |
| 523 | PVOID FileInformation, ULONG Length, |
| 524 | FILE_INFORMATION_CLASS FileInformationClass); |
| 525 | |
| 526 | typedef u64(__stdcall* NtCreateThread_t)(PHANDLE ThreadHandle, ACCESS_MASK DesiredAccess, |
| 527 | PCOBJECT_ATTRIBUTES ObjectAttributes, HANDLE ProcessHandle, |
| 528 | PCLIENT_ID ClientId, PCONTEXT ThreadContext, |
| 529 | PINITIAL_TEB InitialTeb, BOOLEAN CreateSuspended); |
| 530 | |
| 531 | typedef u64(__stdcall* NtTerminateThread_t)(HANDLE ThreadHandle, u64 ExitStatus); |
| 532 | |
| 533 | typedef u64(__stdcall* NtQueueApcThreadEx_t)(HANDLE ThreadHandle, |
| 534 | USER_APC_OPTION UserApcReserveHandle, |
| 535 | PPS_APC_ROUTINE ApcRoutine, PVOID ApcArgument1, |
| 536 | PVOID ApcArgument2, PVOID ApcArgument3); |
| 537 | |
| 538 | extern NtClose_t NtClose; |
| 539 | extern NtSetInformationFile_t NtSetInformationFile; |
| 540 | extern NtCreateThread_t NtCreateThread; |
| 541 | extern NtTerminateThread_t NtTerminateThread; |
| 542 | extern NtQueueApcThreadEx_t NtQueueApcThreadEx; |
| 543 | |
| 544 | namespace Common::NtApi { |
| 545 | void Initialize(); |
| 546 | } |
| 547 | |
| 548 | #endif |
| 549 |