Update README.md

master
_xeroxz 4 years ago
parent 00ba3e75f3
commit 7f3e83537e

@ -19,4 +19,11 @@ pclone_ctx clone_ctx(vdm, util::get_pid("notepad.exe"));
// clone_handle is a PROCESS_ALL_ACCESS handle which you can // clone_handle is a PROCESS_ALL_ACCESS handle which you can
// use to call VirtualAllocEx, ReadProcessMemory, WriteProcessMemory... etc... // use to call VirtualAllocEx, ReadProcessMemory, WriteProcessMemory... etc...
const auto [clone_pid, clone_handle] = clone_ctx.clone(); const auto [clone_pid, clone_handle] = clone_ctx.clone();
``` ```
# Example
As you can see here I clone notepad using a `RuntimeBroker.exe` as a dummy process to use as the clone. The loaded modules list the ones in notepad.exe and all the virtual memory is the same
as it is in notepad.exe
<img src="https://imgur.com/XDADPMA.png"/>
Loading…
Cancel
Save