pub struct Offset {
pub struct_name: &'static str,
pub struct_field_define: &'static str,
pub variable_name: String,
pub value_endfix: &'static str,
}
lazy_static! {
pub static ref NEED_STRUCT: Vec<Offset> = {
let mut r = Vec::<Offset>::new();
r.push(Offset {
struct_name: "_EPROCESS",
struct_field_define: "Peb;",
variable_name: "eprocess_peb".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_EPROCESS",
struct_field_define: "RundownProtect;",
variable_name: "eprocess_rundown_protect".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_EPROCESS",
struct_field_define: "SectionObject;",
variable_name: "eprocess_section_object".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_EPROCESS",
struct_field_define: "SectionBaseAddress;",
variable_name: "eprocess_section_base_address".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_EPROCESS",
struct_field_define: "Flags;",
variable_name: "eprocess_flags".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_EPROCESS",
struct_field_define: "Pcb;",
variable_name: "eprocess_pcb".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_EPROCESS",
struct_field_define: "ThreadListHead;",
variable_name: "eprocess_thread_list_head".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_EPROCESS",
struct_field_define: "ProcessLock;",
variable_name: "eprocess_process_lock".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_EPROCESS",
struct_field_define: "ObjectTable;",
variable_name: "eprocess_object_table".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_EPROCESS",
struct_field_define: "sizeof",
variable_name: "eprocess_size".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_ETHREAD",
struct_field_define: "ThreadListEntry;",
variable_name: "ethread_thread_list_entry".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_ETHREAD",
struct_field_define: "CrossThreadFlags;",
variable_name: "ethread_cross_thread_flags".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_ETHREAD",
struct_field_define: "StartAddress;",
variable_name: "ethread_start_address".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_ETHREAD",
struct_field_define: "Win32StartAddress;",
variable_name: "ethread_win32_start_address".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_ETHREAD",
struct_field_define: "RundownProtect;",
variable_name: "ethread_run_down_protect".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_ETHREAD",
struct_field_define: "Cid;",
variable_name: "ethread_cid".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_ETHREAD",
struct_field_define: "sizeof",
variable_name: "ethread_size".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_PEB",
struct_field_define: "Ldr;",
variable_name: "peb_ldr".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_PEB_LDR_DATA",
struct_field_define: "InLoadOrderModuleList;",
variable_name: "ldr_in_load_order_module_list".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_LDR_DATA_TABLE_ENTRY",
struct_field_define: "BaseDllName;",
variable_name: "ldre_base_dll_name".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_LDR_DATA_TABLE_ENTRY",
struct_field_define: "DllBase;",
variable_name: "ldre_dll_base".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_HANDLE_TABLE",
struct_field_define: "TableCode;",
variable_name: "handle_table_table_code".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_HANDLE_TABLE_ENTRY",
struct_field_define: "LowValue;",
variable_name: "handle_table_entry_low".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_OBJECT_HEADER",
struct_field_define: "TypeIndex;",
variable_name: "object_header_type_index".to_string(),
value_endfix: "",
});
r.push(Offset {
struct_name: "_OBJECT_HEADER",
struct_field_define: "Body;",
variable_name: "object_header_body".to_string(),
value_endfix: "",
});
r
};
}