Update README.md

master
_xeroxz 4 years ago
parent 6cbcb9833d
commit 78abf153ab

@ -60,6 +60,33 @@ of the kernel memory which you can then use with ReadProcessMemory/WriteProcessM
} }
``` ```
### Example
```cpp
auto kmem_handle = nasa::kmem_ctx::get_handle();
unsigned short mz = 0u;
std::size_t bytes_handled;
// ReadProcessMemory kernel memory example...
result = ReadProcessMemory(
kmem_handle,
reinterpret_cast<void*>(ntoskrnl_translated),
&mz, sizeof mz,
&bytes_handled
);
std::printf("[+] ReadProcessMemory Result -> %d, mz -> 0x%x\n", result, mz);
```
```
[+] ntoskrnl base -> 0xFFFFF8024A600000
[+] ntoskrnl translated -> 0x000078824A600000
[+] set manager pethread -> 0xFFFF848887775040
[+] suspend thread result -> 0x0000000000000000
[+] ReadProcessMemory Result -> 1, mz -> 0x5a4d
[+] press enter to exit...
```
# Warning # Warning
WriteProcessMemory does not work right now since NtWriteVirtualMemory --> MmCopyVirtualMemory --> MmProbeAndLockPages <--- this fails. https://githacks.org/_xeroxz/kmem/-/issues/1 WriteProcessMemory does not work right now since NtWriteVirtualMemory --> MmCopyVirtualMemory --> MmProbeAndLockPages <--- this fails. https://githacks.org/_xeroxz/kmem/-/issues/1
Loading…
Cancel
Save