github.com/iDigitalFlame/xmt@v0.5.4/cmd/mem_map.go (about) 1 //go:build windows && map 2 // +build windows,map 3 4 // Copyright (C) 2020 - 2023 iDigitalFlame 5 // 6 // This program is free software: you can redistribute it and/or modify 7 // it under the terms of the GNU General Public License as published by 8 // the Free Software Foundation, either version 3 of the License, or 9 // any later version. 10 // 11 // This program is distributed in the hope that it will be useful, 12 // but WITHOUT ANY WARRANTY; without even the implied warranty of 13 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 // GNU General Public License for more details. 15 // 16 // You should have received a copy of the GNU General Public License 17 // along with this program. If not, see <https://www.gnu.org/licenses/>. 18 // 19 20 package cmd 21 22 import ( 23 "unsafe" 24 25 "github.com/iDigitalFlame/xmt/device/winapi" 26 ) 27 28 func freeMemory(h, addr uintptr) error { 29 return winapi.NtUnmapViewOfSection(h, addr) 30 } 31 func writeMemory(h uintptr, protect uint32, n uint64, b []byte) (uintptr, error) { 32 // 0xE - SECTION_MAP_READ | SECTION_MAP_WRITE | SECTION_MAP_EXECUTE 33 // 0x40 - PAGE_EXECUTE_READWRITE 34 // 0x8000000 - SEC_COMMIT 35 s, err := winapi.NtCreateSection(0xE, n, 0x40, 0x8000000, 0) 36 if err != nil { 37 return 0, err 38 } 39 // 0x4 - PAGE_READWRITE 40 // 0x2 - ViewUnmap 41 a, err := winapi.NtMapViewOfSection(s, winapi.CurrentProcess, 0, n, 2, 0, 0x4) 42 if err != nil { 43 winapi.CloseHandle(s) 44 return 0, err 45 } 46 // 0x2 - ViewUnmap 47 r, err := winapi.NtMapViewOfSection(s, h, 0, n, 0x2, 0, protect) 48 if err != nil { 49 winapi.NtUnmapViewOfSection(winapi.CurrentProcess, a) 50 winapi.CloseHandle(s) 51 return 0, err 52 } 53 for i := range b { 54 (*(*[1]byte)(unsafe.Pointer(a + uintptr(i))))[0] = b[i] 55 } 56 winapi.NtUnmapViewOfSection(winapi.CurrentProcess, a) 57 winapi.CloseHandle(s) 58 return r, nil 59 }