#pragma once #include "NativeSubsystem.h" namespace blackbone { ///

/// X86 OS subsystem. Used ///

class x86Native : public Native { public: BLACKBONE_API x86Native( HANDLE hProcess ); BLACKBONE_API ~x86Native(); ///

/// Query virtual memory ///

/// Address to query /// Retrieved memory info /// Status code virtual NTSTATUS VirtualQueryExT( ptr_t lpAddress, PMEMORY_BASIC_INFORMATION64 lpBuffer ); ///

/// Get WOW64 thread context ///

/// Thread handle. /// Thread context /// Status code virtual NTSTATUS GetThreadContextT( HANDLE hThread, _CONTEXT32& ctx ); ///

/// Get native thread context ///

/// Thread handle. /// Thread context /// Status code virtual NTSTATUS GetThreadContextT( HANDLE hThread, _CONTEXT64& ctx ); ///

/// Set WOW64 thread context ///

/// Thread handle. /// Thread context /// Status code virtual NTSTATUS SetThreadContextT( HANDLE hThread, _CONTEXT32& ctx ); ///

/// Set native thread context ///

/// Thread handle. /// Thread context /// Status code virtual NTSTATUS SetThreadContextT( HANDLE hThread, _CONTEXT64& ctx ); ///

/// Gets WOW64 PEB ///

/// Retrieved PEB /// PEB pointer virtual ptr_t getPEB( _PEB32* ppeb ); ///

/// Get native PEB ///

/// Retrieved PEB /// PEB pointer virtual ptr_t getPEB( _PEB64* ppeb ); ///

/// Get WOW64 TEB ///

/// Retrieved TEB /// TEB pointer virtual ptr_t getTEB( HANDLE hThread, _TEB32* pteb ); ///

/// Get native TEB ///

/// Retrieved TEB /// TEB pointer virtual ptr_t getTEB( HANDLE hThread, _TEB64* pteb ); private: }; }