diff --git a/bofs/src/wDirectSyscall.asm b/bofs/src/wDirectSyscall.asm index e232f30..dc5bd21 100644 --- a/bofs/src/wDirectSyscall.asm +++ b/bofs/src/wDirectSyscall.asm @@ -8,7 +8,7 @@ section '.text' code readable executable align 8 align 8 go: .STACK_SIZE = 128+8 - sub rsp, .STACK_SIZE ; allocate some stack space and align it to 16 bytes + sub rsp, .STACK_SIZE ; allocate stack space and align it to 16 bytes mov rax, [gs:0x60] ; PEB address mov rax, [rax+32] ; ProcessParameters address @@ -28,13 +28,13 @@ go: mov dword [rsp+80], 0 ; EaLength call nt_create_file - mov ecx, 0 - mov rdx, str_fmt - mov r8d, eax - call BeaconPrintf + mov ecx, 0 ; `type` + mov rdx, str_fmt ; `fmt` + mov r8d, eax ; `...` + call BeaconPrintf ; print result returned from syscall (NTSTATUS) add rsp, .STACK_SIZE - xor eax, eax + xor eax, eax ; BOF exit code ret ; syscall numbers for Windows 10+ x64: diff --git a/build.zig b/build.zig index 3d019d3..27e1449 100644 --- a/build.zig +++ b/build.zig @@ -139,12 +139,14 @@ pub fn build(b: *std.build.Builder) void { ); winver_x86.step.dependOn(b.getInstallStep()); - // TODO: Check if we are running on Windows 10+ - //const direct_syscall_x64 = b.addSystemCommand( - // &.{ "zig-out/bin/cli4bofs_win_x64.exe", "zig-out/bin/wDirectSyscall.coff.x64.o" }, - //); - //direct_syscall_x64.step.dependOn(b.getInstallStep()); - //test_step.dependOn(&direct_syscall_x64.step); + const detected_version = std.zig.system.windows.detectRuntimeVersion(); + if (detected_version.isAtLeast(.win10)) { + const direct_syscall_x64 = b.addSystemCommand( + &.{ "zig-out/bin/cli4bofs_win_x64.exe", "zig-out/bin/wDirectSyscall.coff.x64.o" }, + ); + direct_syscall_x64.step.dependOn(b.getInstallStep()); + test_step.dependOn(&direct_syscall_x64.step); + } test_step.dependOn(&udp_scanner_x64.step); test_step.dependOn(&udp_scanner_x86.step);