added rkm/wkm non-templated option

4 years ago · e403343c2a
parent c38649db56
commit e403343c2a
2 changed files with 23 additions and 14 deletions
--- a/VDM/vdm_ctx/vdm_ctx.cpp
+++ b/VDM/vdm_ctx/vdm_ctx.cpp
@ -47,6 +47,24 @@ namespace vdm
 		this->write_phys = write_func;
 	}

+	void vdm_ctx::rkm(void* dst, void* src, std::size_t size)
+	{
+		static const auto ntoskrnl_memcpy =
+			util::get_kmodule_export("ntoskrnl.exe", "memcpy");
+
+		this->syscall<decltype(&memcpy)>(
+			ntoskrnl_memcpy, dst, src, size);
+	}
+
+	void vdm_ctx::wkm(void* dst, void* src, std::size_t size)
+	{
+		static const auto ntoskrnl_memcpy =
+			util::get_kmodule_export("ntoskrnl.exe", "memcpy");
+
+		this->syscall<decltype(&memcpy)>(
+			ntoskrnl_memcpy, dst, src, size);
+	}
+
 	void vdm_ctx::locate_syscall(std::uintptr_t address, std::uintptr_t length) const
 	{
 		const auto page_data =
--- a/VDM/vdm_ctx/vdm_ctx.hpp
+++ b/VDM/vdm_ctx/vdm_ctx.hpp
@ -12,10 +12,8 @@ namespace vdm
 {
 	// change this to whatever you want :^)
 	constexpr std::pair<const char*, const char*> syscall_hook = { "NtShutdownSystem", "ntdll.dll" };
-
 	inline std::atomic<bool> is_page_found = false;
 	inline std::atomic<void*> syscall_address = nullptr;
-
 	inline std::uint16_t nt_page_offset;
 	inline std::uint32_t nt_rva;
 	inline std::uint8_t* ntoskrnl;
@ -26,9 +24,11 @@ namespace vdm
 	class vdm_ctx
 	{
 	public:
-		vdm_ctx(read_phys_t& read_func, write_phys_t& write_func);
+		explicit vdm_ctx(read_phys_t& read_func, write_phys_t& write_func);
 		void set_read(read_phys_t& read_func);
 		void set_write(write_phys_t& write_func);
+		void rkm(void* dst, void* src, std::size_t size);
+		void wkm(void* dst, void* src, std::size_t size);

 		template <class T, class ... Ts>
 		__forceinline std::invoke_result_t<T, Ts...> syscall(void* addr, Ts ... args) const
@ -67,24 +67,15 @@ namespace vdm
 		template <class T>
 		__forceinline auto rkm(std::uintptr_t addr) -> T
 		{
-			static const auto ntoskrnl_memcpy =
-				util::get_kmodule_export("ntoskrnl.exe", "memcpy");
-
 			T buffer;
-			this->syscall<decltype(&memcpy)>(
-				ntoskrnl_memcpy, &buffer, (void*)addr, sizeof T);
-
+			rkm((void*)&buffer, (void*)addr, sizeof T);
 			return buffer;
 		}

 		template <class T>
 		__forceinline void wkm(std::uintptr_t addr, const T& value)
 		{
-			static const auto ntoskrnl_memcpy =
-				util::get_kmodule_export("ntoskrnl.exe", "memcpy");
-
-			this->syscall<decltype(&memcpy)>(
-				ntoskrnl_memcpy, (void*)addr, &value, sizeof T);
+			wkm((void*)addr, (void*)&value, sizeof T);
 		}

 		__forceinline auto get_peprocess(std::uint32_t pid) -> PEPROCESS