find_tzm
| Crates.io | find_tzm |
| lib.rs | find_tzm |
| version | 0.1.0 |
| created_at | 2024-12-06 07:42:54.015552+00 |
| updated_at | 2024-12-06 07:42:54.015552+00 |
| description | mem hack for find tzm code |
| homepage | |
| repository | https://github.com/emptyqwb/find_tzm.git |
| max_upload_size | |
| id | 1474009 |
| size | 30,107 |
(emptyqwb)
documentation
README
find feature code
This repository contains scripts and instructions for building the Windows kernel using the Rust programming language.
Prerequisites
-
Install Rust and Cargo: https://rustup.rs/
Build Instructions
- Clone this repository:
cargo add find_tzm <version>
Example
fn main() {
let mut ret_list = Vec::<u64>::new();
let mut buffer = vec![0u8; 0x1400fffff];
buffer[24000000-1] = 0x7b;
buffer[24000000] = 0x48;
buffer[24000001] = 0x8b;
buffer[24000002] = 0x31;
buffer[24000003] = 0x1c;
buffer[24000004] = 0x15;
buffer[24000005] = 0x00;
buffer[24000006] = 0x48;
buffer[24000007] = 0x8b;
buffer[34000000-1] = 0x7b;
buffer[34000000] = 0x48;
buffer[34000001] = 0x8b;
buffer[34000002] = 0x31;
buffer[34000003] = 0x1c;
buffer[34000004] = 0x15;
buffer[34000005] = 0x00;
buffer[34000006] = 0x48;
buffer[34000007] = 0x8b;
// buffer[20] = 0x48;
// buffer[21] = 0x8b;
// buffer[22] = 0x31;
// buffer[23] = 0x1c;
// buffer[24] = 0x15;
// buffer[25] = 0x00;
// buffer[26] = 0x48;
// buffer[27] = 0x8b;
let search_start_addr = buffer.as_mut_ptr() as u64;
let search_size = 84000000;
let tzm = "?b 48 8b 3? ?c ?? ?? 48 8b ?? ?? ??";
let offset_size = 0;
let search_num = 2;
sse2_pattern_find(&mut ret_list, search_start_addr, search_size, tzm, offset_size, search_num).unwrap();
assert_eq!(ret_list, [24000000-1, 34000000-1]);
}
MORE
see https://docs.rs/