Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #include <Windows.h>
- #include <array>
- #include <iostream>
- int main(int argc, char* argv[])
- {
- std::array<unsigned char, 11> NtProtectVirtualMemoryBytes =
- {
- 0x4C, 0x8B, 0xD1, /*mov r10, rcx*/
- 0xB8, 0x50, 0x00, 0x00, 0x00, /*mov eax, 0x50*/
- 0x0F, 0x05, /*syscall*/
- 0xC3 /*ret*/
- };
- auto* NtProtectVirtualMemoryStub{ VirtualAlloc(nullptr,
- NtProtectVirtualMemoryBytes.size(),
- MEM_RESERVE | MEM_COMMIT, PAGE_EXECUTE_READWRITE) };
- memcpy(NtProtectVirtualMemoryStub, NtProtectVirtualMemoryBytes.data(),
- NtProtectVirtualMemoryBytes.size());
- using NtProtectVirtualMemoryFnc = NTSTATUS(NTAPI*)(HANDLE, PVOID*, SIZE_T*, ULONG, PULONG);
- auto NtProtectVirtualMemory{
- reinterpret_cast<NtProtectVirtualMemoryFnc>(NtProtectVirtualMemoryStub) };
- SIZE_T allocSize = 4096;
- auto* testPage{ VirtualAlloc(nullptr, allocSize,
- MEM_RESERVE | MEM_COMMIT, PAGE_READONLY) };
- DWORD oldPermissions{};
- auto result{ NtProtectVirtualMemory(GetCurrentProcess(), &testPage, &allocSize,
- PAGE_EXECUTE_READWRITE, &oldPermissions) };
- std::cout << "Result: " << std::hex << result;
- auto* testWrite{ "Some bytes" };
- memcpy(testPage, testWrite, strlen(testWrite));
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
