#include <stdio.h>
#include <windows.h>

/* TEB Fun... 
  dijital1
  */
int main()
{
		int oldprot;
		VirtualProtect(0x7FFDF000, 1, 0x40, &oldprot);

		__asm {
		mov eax, dword ptr fs:[0x18] //TEB
		mov ebx, dword ptr[eax+0x30] //PEB
		mov ecx, dword ptr[ebx+0xc]  //Module Ldr Struct
		
		push dword ptr[ecx+0x1c]
		push dword ptr[ebx+0xc]
		push ebx
		push eax
	}
	printf("\nThread's TEB is at: 0x%p\n"
		     "Thread's PEB is at: 0x%p\n"
			 "Pointer to Module Ldr Struct: 0x%p\n"
			 "Pointer to Module Init List : 0x%p\n");

	__asm {
		add esp,0x10 // Clean up the stack
		
		cld
		mov edi, dword ptr fs:[0x18]
		lea edi, [edi+0xc00]
		mov ebx, edi

		mov ecx, 0x82 //130 iterations
		mov eax, 0x41414141
		rep stosd

		push ebx
	}
	printf("\nWriting and Reading 520 bytes \nfrom TEB internal buffer: \n\n%s\n");

	__asm {
		add esp, 0x4
	}

	return 0;
}