syscall64/misc.cpp

#include <cstdio>
#include <ntdll.h>
#include "structs.h"
#include "misc.h"

BOOL is_WOW64()
{
	return NULL != __readfsdword(0xC0);
}

VOID print_os_info()
{
	_KUSER_SHARED_DATA* _kuser_s_d = GET_KUSER_SHARED_DATA();
	ULONG majorVersion = _kuser_s_d->NtMajorVersion;
	ULONG minorVersion = _kuser_s_d->NtMinorVersion;
	NT_PRODUCT_TYPE productType = _kuser_s_d->NtProductType;
	_PEB* p = (_PEB*)__readfsdword(0x30);
	ULONG buildID = p->NtBuildNumber;

	printf("Running on %i.%i %i %X (x%s)\n", majorVersion, minorVersion, buildID, productType, (is_WOW64() ? "64" : "86"));
}

DWORD hash(const char* str)
{
	return hash((const unsigned char*)str, strlen(str));
}

DWORD hash(const unsigned char* buf, const size_t sz)
{
	unsigned int hash = 5381;

	for(unsigned int i = 0; i < sz; i++)
		hash = ((hash << 5) + hash) + (unsigned int)buf[i];

	return hash;
}


BOOL is_executable(LPVOID addr)
{
	MEMORY_BASIC_INFORMATION mbi = {0};
	if(!VirtualQuery(addr, &mbi, sizeof(MEMORY_BASIC_INFORMATION)))
	{
		return FALSE;
	}
	return (mbi.Protect & PAGE_EXECUTE);
}

BOOL is_Win8()
{
	KUSER_SHARED_DATA* _kuser_s_d = GET_KUSER_SHARED_DATA();
	ULONG majorVersion = _kuser_s_d->NtMajorVersion;
	ULONG minorVersion = _kuser_s_d->NtMinorVersion;

	return 6 == majorVersion && 2 == minorVersion;
}