_xeroxz
/
physmeme
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

tracking all mapped memory, CloseHandle!

Browse Source
merge-requests/1/head
xerox 4 years ago
parent 8e8e306c52
commit c4e6cbbd17
2 changed files with 52 additions and 19 deletions
Show Stats Download Patch File Download Diff File

23
physmeme-lib/physmeme/physmeme.hpp
Unescape View File

@ -19,11 +19,17 @@ typedef struct _GIOMAP
} GIOMAP; } GIOMAP;
#pragma pack ( pop ) #pragma pack ( pop )
#define MAP_PHYS 0xC3502004
#define UNMAP_PHYS 0xC3502008
namespace physmeme namespace physmeme
{ {
inline std::string drv_key; inline std::string drv_key;
inline HANDLE drv_handle = NULL; inline HANDLE drv_handle = NULL;
// keep track of mappings.
inline std::vector<std::pair<std::uintptr_t, std::uint32_t >> virtual_mappings;
// //
// please code this function depending on your method of physical read/write. // please code this function depending on your method of physical read/write.
// //
@ -53,7 +59,7 @@ namespace physmeme
// //
inline bool unload_drv() inline bool unload_drv()
{ {
return driver::unload(drv_key); return CloseHandle(drv_handle) && driver::unload(drv_key);
} }
// //
@ -71,8 +77,10 @@ namespace physmeme
GIOMAP in_buffer = { 0, 0, addr, 0, size }; GIOMAP in_buffer = { 0, 0, addr, 0, size };
uintptr_t out_buffer[2] = { 0 }; uintptr_t out_buffer[2] = { 0 };
unsigned long returned = 0; unsigned long returned = 0;
DeviceIoControl(drv_handle, 0xC3502004, reinterpret_cast<LPVOID>(&in_buffer), sizeof(in_buffer), DeviceIoControl(drv_handle, MAP_PHYS, reinterpret_cast<LPVOID>(&in_buffer), sizeof(in_buffer),
reinterpret_cast<LPVOID>(out_buffer), sizeof(out_buffer), &returned, NULL); reinterpret_cast<LPVOID>(out_buffer), sizeof(out_buffer), &returned, NULL);
virtual_mappings.emplace_back(std::pair<std::uintptr_t, std::size_t>(out_buffer[0], size));
return out_buffer[0]; return out_buffer[0];
} }
@ -88,8 +96,17 @@ namespace physmeme
uintptr_t out_buffer[2] = { sizeof(out_buffer) }; uintptr_t out_buffer[2] = { sizeof(out_buffer) };
unsigned long returned = NULL; unsigned long returned = NULL;
DeviceIoControl(drv_handle, 0xC3502008, reinterpret_cast<LPVOID>(&in_buffer), sizeof(in_buffer), DeviceIoControl(drv_handle, UNMAP_PHYS, reinterpret_cast<LPVOID>(&in_buffer), sizeof(in_buffer),
reinterpret_cast<LPVOID>(out_buffer), sizeof(out_buffer), &returned, NULL); reinterpret_cast<LPVOID>(out_buffer), sizeof(out_buffer), &returned, NULL);
return out_buffer[0]; return out_buffer[0];
} }
//
// unmap all physical memory that was mapped.
//
inline void unmap_all()
{
for (auto idx = 0u; idx < virtual_mappings.size(); ++idx)
unmap_phys(virtual_mappings[idx].first, virtual_mappings[idx].second);
}
} }

22
physmeme/physmeme/physmeme.hpp
Unescape View File

@ -19,11 +19,17 @@ typedef struct _GIOMAP
} GIOMAP; } GIOMAP;
#pragma pack ( pop ) #pragma pack ( pop )
#define MAP_PHYS 0xC3502004
#define UNMAP_PHYS 0xC3502008
namespace physmeme namespace physmeme
{ {
inline std::string drv_key; inline std::string drv_key;
inline HANDLE drv_handle = NULL; inline HANDLE drv_handle = NULL;
// keep track of mappings.
inline std::vector<std::pair<std::uintptr_t, std::uint32_t >> virtual_mappings;
// //
// please code this function depending on your method of physical read/write. // please code this function depending on your method of physical read/write.
// //
@ -71,10 +77,11 @@ namespace physmeme
GIOMAP in_buffer = { 0, 0, addr, 0, size }; GIOMAP in_buffer = { 0, 0, addr, 0, size };
uintptr_t out_buffer[2] = { 0 }; uintptr_t out_buffer[2] = { 0 };
unsigned long returned = 0; unsigned long returned = 0;
DeviceIoControl(drv_handle, 0xC3502004, reinterpret_cast<LPVOID>(&in_buffer), sizeof(in_buffer), DeviceIoControl(drv_handle, MAP_PHYS, reinterpret_cast<LPVOID>(&in_buffer), sizeof(in_buffer),
reinterpret_cast<LPVOID>(out_buffer), sizeof(out_buffer), &returned, NULL); reinterpret_cast<LPVOID>(out_buffer), sizeof(out_buffer), &returned, NULL);
return out_buffer[0];
virtual_mappings.emplace_back(std::pair<std::uintptr_t, std::size_t>(out_buffer[0], size));
return out_buffer[0];
} }
// //
@ -89,8 +96,17 @@ namespace physmeme
uintptr_t out_buffer[2] = { sizeof(out_buffer) }; uintptr_t out_buffer[2] = { sizeof(out_buffer) };
unsigned long returned = NULL; unsigned long returned = NULL;
DeviceIoControl(drv_handle, 0xC3502008, reinterpret_cast<LPVOID>(&in_buffer), sizeof(in_buffer), DeviceIoControl(drv_handle, UNMAP_PHYS, reinterpret_cast<LPVOID>(&in_buffer), sizeof(in_buffer),
reinterpret_cast<LPVOID>(out_buffer), sizeof(out_buffer), &returned, NULL); reinterpret_cast<LPVOID>(out_buffer), sizeof(out_buffer), &returned, NULL);
return out_buffer[0]; return out_buffer[0];
} }
//
// unmap all physical memory that was mapped.
//
inline void unmap_all()
{
for (auto idx = 0u; idx < virtual_mappings.size(); ++idx)
unmap_phys(virtual_mappings[idx].first, virtual_mappings[idx].second);
}
} }
Write Preview
Loading…
Cancel
Save