@ -719,6 +719,34 @@ ffff998b`c5368c90 c3 ret
< img src = "https://githacks.org/_xeroxz/theodosius/-/raw/a5de4b8a1a6cf32bb0213d8d9602f5dc955275b1/imgs/um-example-2.png" / >
< img src = "https://githacks.org/_xeroxz/theodosius/-/raw/a5de4b8a1a6cf32bb0213d8d9602f5dc955275b1/imgs/um-example-2.png" / >
This example uses WinAPI's to allocate virtual memory in another process and also to copy virtual memory. Only exported routines from loaded DLL's in the target process can be resolved.
```cpp
theo::resolve_symbol_t _resolver =
[&, &extern_symbols = extern_symbols ](const char* symbol_name ) -> std::uintptr_t
{
auto loaded_modules = std::make_unique< HMODULE [ ] > (64);
std::uintptr_t result = 0u, loaded_module_sz = 0u;
if (!EnumProcessModules(phandle,
loaded_modules.get(), 512, (PDWORD)& loaded_module_sz))
return {};
for (auto i = 0u; i < loaded_module_sz / 8u ; i + + )
{
wchar_t file_name[MAX_PATH] = L"";
if (!GetModuleFileNameExW(phandle,
loaded_modules.get()[i], file_name, _countof(file_name)))
continue;
if ((result = reinterpret_cast< std::uintptr_t > (
GetProcAddress(LoadLibrary(file_name), symbol_name))))
break;
}
return result;
};
```
# License - BSD 3-Clause
# License - BSD 3-Clause
Copyright (c) 2021, _xeroxz
Copyright (c) 2021, _xeroxz