From 6a482669ab540dca76b4d209981cd083e0aee403 Mon Sep 17 00:00:00 2001
From: xerox <xerox@back.engineering>
Date: Tue, 25 Aug 2020 09:25:15 +0000
Subject: [PATCH] Update README.md

---
 README.md | 44 ++++++++++++++++++--------------------------
 1 file changed, 18 insertions(+), 26 deletions(-)

diff --git a/README.md b/README.md
index f3d005d..3886711 100644
--- a/README.md
+++ b/README.md
@@ -14,32 +14,24 @@ Link to write up can be found [here](https://back.engineering/post/virtual-memor
 # example
 
 ```cpp
-#include <iostream>
-#include "kernel_ctx/kernel_ctx.h"
-#include "mem_ctx/mem_ctx.hpp"
-
-int __cdecl main(int argc, char** argv)
-{
-	// only time driver needs to be loaded is to init physmeme/kernel_ctx...
-	nasa::load_drv();
-	nasa::kernel_ctx kernel;
-	if (kernel.clear_piddb_cache(nasa::drv_key, util::get_file_header((void*)raw_driver)->TimeDateStamp))
-		std::cout << "[+] flushed PIDDB Cache for physmeme driver..." << std::endl;
-	nasa::unload_drv();
-
-	const std::pair<unsigned, virt_addr_t> my_proc_data = { GetCurrentProcessId(), virt_addr_t{ GetModuleHandle(NULL) } };
-	std::cout << "[+] my pid: " << std::hex << my_proc_data.first << std::endl;
-	std::cout << "[+] my base: " << std::showbase << std::hex << my_proc_data.second.value << std::endl;
-
-	nasa::mem_ctx my_proc(kernel, my_proc_data.first);
-	const auto module_base = my_proc_data.second;
-
-	std::cout << "[+] base address pml4e: " << std::hex << my_proc[module_base.pml4_index].value << std::endl;
-	std::cout << "[+] base address pdpte: " << std::hex << my_proc[{module_base.pml4_index, module_base.pdpt_index}].value << std::endl;
-	std::cout << "[+] base address pde: " << std::hex << my_proc[{module_base.pml4_index, module_base.pdpt_index, module_base.pd_index}].value << std::endl;
-	std::cout << "[+] base address pte: " << std::hex << my_proc[{module_base.pml4_index, module_base.pdpt_index, module_base.pd_index, module_base.pt_index}].value << std::endl;
-	std::cin.get();
-}
+// only time driver needs to be loaded is to init physmeme/kernel_ctx...
+nasa::load_drv();
+nasa::kernel_ctx kernel;
+if (kernel.clear_piddb_cache(nasa::drv_key, util::get_file_header((void*)raw_driver)->TimeDateStamp))
+std::cout << "[+] flushed PIDDB Cache for physmeme driver..." << std::endl;
+nasa::unload_drv();
+
+const std::pair<unsigned, virt_addr_t> my_proc_data = { GetCurrentProcessId(), virt_addr_t{ GetModuleHandle(NULL) } };
+std::cout << "[+] my pid: " << std::hex << my_proc_data.first << std::endl;
+std::cout << "[+] my base: " << std::showbase << std::hex << my_proc_data.second.value << std::endl;
+
+nasa::mem_ctx my_proc(kernel, my_proc_data.first);
+const auto module_base = my_proc_data.second;
+
+std::cout << "[+] base address pml4e: " << std::hex << my_proc[module_base.pml4_index].value << std::endl;
+std::cout << "[+] base address pdpte: " << std::hex << my_proc[{module_base.pml4_index, module_base.pdpt_index}].value << std::endl;
+std::cout << "[+] base address pde: " << std::hex << my_proc[{module_base.pml4_index, module_base.pdpt_index, module_base.pd_index}].value << std::endl;
+std::cout << "[+] base address pte: " << std::hex << my_proc[{module_base.pml4_index, module_base.pdpt_index, module_base.pd_index, module_base.pt_index}].value << std::endl;
 ```
 
 result: