github.com/iDigitalFlame/xmt@v0.5.4/cmd/mem_map.go (about)

     1  //go:build windows && map
     2  // +build windows,map
     3  
     4  // Copyright (C) 2020 - 2023 iDigitalFlame
     5  //
     6  // This program is free software: you can redistribute it and/or modify
     7  // it under the terms of the GNU General Public License as published by
     8  // the Free Software Foundation, either version 3 of the License, or
     9  // any later version.
    10  //
    11  // This program is distributed in the hope that it will be useful,
    12  // but WITHOUT ANY WARRANTY; without even the implied warranty of
    13  // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    14  // GNU General Public License for more details.
    15  //
    16  // You should have received a copy of the GNU General Public License
    17  // along with this program.  If not, see <https://www.gnu.org/licenses/>.
    18  //
    19  
    20  package cmd
    21  
    22  import (
    23  	"unsafe"
    24  
    25  	"github.com/iDigitalFlame/xmt/device/winapi"
    26  )
    27  
    28  func freeMemory(h, addr uintptr) error {
    29  	return winapi.NtUnmapViewOfSection(h, addr)
    30  }
    31  func writeMemory(h uintptr, protect uint32, n uint64, b []byte) (uintptr, error) {
    32  	// 0xE       - SECTION_MAP_READ | SECTION_MAP_WRITE | SECTION_MAP_EXECUTE
    33  	// 0x40      - PAGE_EXECUTE_READWRITE
    34  	// 0x8000000 - SEC_COMMIT
    35  	s, err := winapi.NtCreateSection(0xE, n, 0x40, 0x8000000, 0)
    36  	if err != nil {
    37  		return 0, err
    38  	}
    39  	// 0x4 - PAGE_READWRITE
    40  	// 0x2 - ViewUnmap
    41  	a, err := winapi.NtMapViewOfSection(s, winapi.CurrentProcess, 0, n, 2, 0, 0x4)
    42  	if err != nil {
    43  		winapi.CloseHandle(s)
    44  		return 0, err
    45  	}
    46  	// 0x2 - ViewUnmap
    47  	r, err := winapi.NtMapViewOfSection(s, h, 0, n, 0x2, 0, protect)
    48  	if err != nil {
    49  		winapi.NtUnmapViewOfSection(winapi.CurrentProcess, a)
    50  		winapi.CloseHandle(s)
    51  		return 0, err
    52  	}
    53  	for i := range b {
    54  		(*(*[1]byte)(unsafe.Pointer(a + uintptr(i))))[0] = b[i]
    55  	}
    56  	winapi.NtUnmapViewOfSection(winapi.CurrentProcess, a)
    57  	winapi.CloseHandle(s)
    58  	return r, nil
    59  }