Last active
June 13, 2021 04:27
-
-
Save pervognsen/8ea3c8e9ce467dd4b4c68b0f02402116 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #pragma section(".remotery_code", read, execute) | |
| __declspec(allocate(".remotery_code")) | |
| static const uint8_t code[] = | |
| { | |
| 0x50, // push rax | |
| 0x9C, // pushfq | |
| 0x53, // push rbx | |
| 0x51, // push rcx | |
| 0x52, // push rdx | |
| 0xB8, 0x01, 0x00, 0x00, 0x00, // mov eax, 1 | |
| 0x0F, 0xA2, // cpuid | |
| 0xC1, 0xEB, 0x18, // shr ebx, 24 | |
| 0x89, 0x5F, 0x10, // mov dword ptr [rdi + 16], ebx | |
| 0xC7, 0x47, 0x0C, 0x00, 0x00, 0x00, 0x00, // mov dword ptr [rdi + 12], 0 | |
| 0x5A, // pop rdx | |
| 0x59, // pop rcx | |
| 0x5B, // pop rbx | |
| 0x48, 0x8B, 0x07, // mov rax, qword ptr [rdi + 0] | |
| 0x48, 0x8B, 0x7F, 0x08, // mov rdi, qword ptr [rdi + 8] | |
| 0x9D, // popfq | |
| 0xC3 // ret | |
| }; | |
| static void (*const func)() = (void (*const)())code; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment