/// <summary>
/// Generate return from function with event synchronization
/// </summary>
/// <param name="a">Target assembly helper</param>
/// <param name="mt">32/64bit loader</param>
/// <param name="retType">Function return type</param>
/// <param name="retOffset">Return value offset</param>
void RemoteExec::AddReturnWithEvent(
AsmHelperBase& a,
eModType mt /*= mt_default*/,
eReturnType retType /*= rt_int32 */,
uint32_t retOffset /*= RET_OFFSET*/
)
{
size_t ptr = _userData.ptr<size_t>();
auto pSetEvent = _proc.modules().GetExport( _proc.modules().GetModule( L"ntdll.dll", LdrList, mt ), "NtSetEvent" );
a.SaveRetValAndSignalEvent( (size_t)pSetEvent.procAddress, ptr + retOffset, ptr + EVENT_OFFSET, ptr + ERR_OFFSET, retType );
}
/// <summary>
/// Generate return from function with event synchronization
/// </summary>
/// <param name="a">Target assembly helper</param>
/// <param name="mt">32/64bit loader</param>
/// <param name="retType">Function return type</param>
/// <param name="retOffset">Return value offset</param>
void RemoteExec::AddReturnWithEvent(
AsmHelperBase& a,
eModType mt /*= mt_default*/,
eReturnType retType /*= rt_int32 */,
uint32_t retOffset /*= RET_OFFSET*/
)
{
// Allocate block if missing
if (!_userData.valid())
_userData = _memory.Allocate( 0x4000, PAGE_READWRITE );
size_t ptr = _userData.ptr<size_t>();
auto pSetEvent = _proc.modules().GetExport( _proc.modules().GetModule( L"ntdll.dll", LdrList, mt ), "NtSetEvent" );
a.SaveRetValAndSignalEvent( (size_t)pSetEvent.procAddress, ptr + retOffset, ptr + EVENT_OFFSET, ptr + ERR_OFFSET, retType );
}