Add API: BridgeGetNtBuildNumber

2022-07-10 14:28:58 +02:00 · 2022-07-10 14:28:58 +02:00 · b867b5ba3a
parent 953c06dc88
commit b867b5ba3a
2 changed files with 23 additions and 0 deletions
--- a/src/bridge/bridgemain.cpp
+++ b/src/bridge/bridgemain.cpp
@ -266,6 +266,23 @@ BRIDGE_IMPEXP bool BridgeIsProcessElevated()
    return !!IsAdminMember;
 }

+BRIDGE_IMPEXP unsigned int BridgeGetNtBuildNumber()
+{
+    // https://www.vergiliusproject.com/kernels/x64/Windows%2010%20%7C%202016/1507%20Threshold%201/_KUSER_SHARED_DATA
+    auto NtBuildNumber = *(unsigned int*)(0x7FFE0000 + 0x260);
+    if(NtBuildNumber == 0)
+    {
+        // Older versions of Windows
+        static auto p_RtlGetVersion = (NTSTATUS(*)(PRTL_OSVERSIONINFOW))GetProcAddress(GetModuleHandleW(L"ntdll.dll"), "RtlGetVersion");
+        RTL_OSVERSIONINFOW info = { sizeof(info) };
+        if(p_RtlGetVersion && p_RtlGetVersion(&info) == 0)
+        {
+            NtBuildNumber = info.dwBuildNumber;
+        }
+    }
+    return NtBuildNumber;
+}
+
 BRIDGE_IMPEXP bool DbgMemRead(duint va, void* dest, duint size)
 {
 #ifdef _DEBUG
--- a/src/bridge/bridgemain.h
+++ b/src/bridge/bridgemain.h
@ -130,6 +130,12 @@ BRIDGE_IMPEXP int BridgeGetDbgVersion();
 /// <returns>true if the process is elevated, false otherwise.</returns>
 BRIDGE_IMPEXP bool BridgeIsProcessElevated();

+/// <summary>
+/// Gets the NT build number from the operating system.
+/// </summary>
+/// <returns>NtBuildNumber</returns>
+BRIDGE_IMPEXP unsigned int BridgeGetNtBuildNumber();
+
 #ifdef __cplusplus
 }
 #endif