@ -60,6 +60,33 @@ of the kernel memory which you can then use with ReadProcessMemory/WriteProcessM
}
}
```
```
### Example
```cpp
auto kmem_handle = nasa::kmem_ctx::get_handle();
unsigned short mz = 0u;
std::size_t bytes_handled;
// ReadProcessMemory kernel memory example...
result = ReadProcessMemory(
kmem_handle,
reinterpret_cast<void*>(ntoskrnl_translated),
&mz, sizeof mz,
&bytes_handled
);
std::printf("[+] ReadProcessMemory Result -> %d, mz -> 0x%x\n", result, mz);
```
```
[+] ntoskrnl base -> 0xFFFFF8024A600000
[+] ntoskrnl translated -> 0x000078824A600000
[+] set manager pethread -> 0xFFFF848887775040
[+] suspend thread result -> 0x0000000000000000
[+] ReadProcessMemory Result -> 1, mz -> 0x5a4d
[+] press enter to exit...
```
# Warning
# Warning
WriteProcessMemory does not work right now since NtWriteVirtualMemory --> MmCopyVirtualMemory --> MmProbeAndLockPages <---thisfails.https://githacks.org/_xeroxz/kmem/-/issues/1
WriteProcessMemory does not work right now since NtWriteVirtualMemory --> MmCopyVirtualMemory --> MmProbeAndLockPages <---thisfails.https://githacks.org/_xeroxz/kmem/-/issues/1