retour\arch\x86\thunk/
x64.rs

1use crate::pic::Thunkable;
2use std::mem;
3
4#[repr(packed)]
5struct CallAbs {
6  // call [rip+8]
7  opcode0: u8,
8  opcode1: u8,
9  dummy0: u32,
10  // jmp +10
11  dummy1: u8,
12  dummy2: u8,
13  // destination
14  address: usize,
15}
16
17pub fn call_abs(destination: usize) -> Box<dyn Thunkable> {
18  let code = CallAbs {
19    opcode0: 0xFF,
20    opcode1: 0x15,
21    dummy0: 0x0_0000_0002,
22    dummy1: 0xEB,
23    dummy2: 0x08,
24    address: destination,
25  };
26
27  let slice: [u8; 16] = unsafe { mem::transmute(code) };
28  Box::new(slice.to_vec())
29}
30
31#[repr(packed)]
32struct JumpAbs {
33  // jmp +6
34  opcode0: u8,
35  opcode1: u8,
36  dummy0: u32,
37  // destination
38  address: usize,
39}
40
41pub fn jmp_abs(destination: usize) -> Box<dyn Thunkable> {
42  let code = JumpAbs {
43    opcode0: 0xFF,
44    opcode1: 0x25,
45    dummy0: 0x0_0000_0000,
46    address: destination,
47  };
48
49  let slice: [u8; 14] = unsafe { mem::transmute(code) };
50  Box::new(slice.to_vec())
51}
52
53#[repr(packed)]
54struct JccAbs {
55  // jxx + 16
56  opcode: u8,
57  dummy0: u8,
58  dummy1: u8,
59  dummy2: u8,
60  dummy3: u32,
61  // destination
62  address: usize,
63}
64
65pub fn jcc_abs(destination: usize, condition: u8) -> Box<dyn Thunkable> {
66  let code = JccAbs {
67    // Invert the condition in x64 mode to simplify the conditional jump logic
68    opcode: 0x71 ^ condition,
69    dummy0: 0x0E,
70    dummy1: 0xFF,
71    dummy2: 0x25,
72    dummy3: 0x0000_0000,
73    address: destination,
74  };
75
76  let slice: [u8; 16] = unsafe { mem::transmute(code) };
77  Box::new(slice.to_vec())
78}
retour\arch\x86\thunk/x64.rs

retour\arch\x86\thunk/
x64.rs
