From e403343c2acecd9704c08ee2249c4684b773dfc0 Mon Sep 17 00:00:00 2001
From: _xeroxz <xerox@back.engineering>
Date: Sat, 21 Nov 2020 20:26:48 -0800
Subject: [PATCH] added rkm/wkm non-templated option

---
 VDM/vdm_ctx/vdm_ctx.cpp | 18 ++++++++++++++++++
 VDM/vdm_ctx/vdm_ctx.hpp | 19 +++++--------------
 2 files changed, 23 insertions(+), 14 deletions(-)

diff --git a/VDM/vdm_ctx/vdm_ctx.cpp b/VDM/vdm_ctx/vdm_ctx.cpp
index 6a47462..8d59289 100644
--- a/VDM/vdm_ctx/vdm_ctx.cpp
+++ b/VDM/vdm_ctx/vdm_ctx.cpp
@@ -47,6 +47,24 @@ namespace vdm
 		this->write_phys = write_func;
 	}
 
+	void vdm_ctx::rkm(void* dst, void* src, std::size_t size)
+	{
+		static const auto ntoskrnl_memcpy =
+			util::get_kmodule_export("ntoskrnl.exe", "memcpy");
+
+		this->syscall<decltype(&memcpy)>(
+			ntoskrnl_memcpy, dst, src, size);
+	}
+
+	void vdm_ctx::wkm(void* dst, void* src, std::size_t size)
+	{
+		static const auto ntoskrnl_memcpy =
+			util::get_kmodule_export("ntoskrnl.exe", "memcpy");
+
+		this->syscall<decltype(&memcpy)>(
+			ntoskrnl_memcpy, dst, src, size);
+	}
+
 	void vdm_ctx::locate_syscall(std::uintptr_t address, std::uintptr_t length) const
 	{
 		const auto page_data =
diff --git a/VDM/vdm_ctx/vdm_ctx.hpp b/VDM/vdm_ctx/vdm_ctx.hpp
index 5117b99..99b2428 100644
--- a/VDM/vdm_ctx/vdm_ctx.hpp
+++ b/VDM/vdm_ctx/vdm_ctx.hpp
@@ -12,10 +12,8 @@ namespace vdm
 {
 	// change this to whatever you want :^)
 	constexpr std::pair<const char*, const char*> syscall_hook = { "NtShutdownSystem", "ntdll.dll" };
-
 	inline std::atomic<bool> is_page_found = false;
 	inline std::atomic<void*> syscall_address = nullptr;
-
 	inline std::uint16_t nt_page_offset;
 	inline std::uint32_t nt_rva;
 	inline std::uint8_t* ntoskrnl;
@@ -26,9 +24,11 @@ namespace vdm
 	class vdm_ctx
 	{
 	public:
-		vdm_ctx(read_phys_t& read_func, write_phys_t& write_func);
+		explicit vdm_ctx(read_phys_t& read_func, write_phys_t& write_func);
 		void set_read(read_phys_t& read_func);
 		void set_write(write_phys_t& write_func);
+		void rkm(void* dst, void* src, std::size_t size);
+		void wkm(void* dst, void* src, std::size_t size);
 
 		template <class T, class ... Ts>
 		__forceinline std::invoke_result_t<T, Ts...> syscall(void* addr, Ts ... args) const
@@ -67,24 +67,15 @@ namespace vdm
 		template <class T>
 		__forceinline auto rkm(std::uintptr_t addr) -> T
 		{
-			static const auto ntoskrnl_memcpy =
-				util::get_kmodule_export("ntoskrnl.exe", "memcpy");
-
 			T buffer;
-			this->syscall<decltype(&memcpy)>(
-				ntoskrnl_memcpy, &buffer, (void*)addr, sizeof T);
-
+			rkm((void*)&buffer, (void*)addr, sizeof T);
 			return buffer;
 		}
 
 		template <class T>
 		__forceinline void wkm(std::uintptr_t addr, const T& value)
 		{
-			static const auto ntoskrnl_memcpy =
-				util::get_kmodule_export("ntoskrnl.exe", "memcpy");
-
-			this->syscall<decltype(&memcpy)>(
-				ntoskrnl_memcpy, (void*)addr, &value, sizeof T);
+			wkm((void*)addr, (void*)&value, sizeof T);
 		}
 
 		__forceinline auto get_peprocess(std::uint32_t pid) -> PEPROCESS