#include "Memory/memory_.h"
static LIST_ENTRY g_PageTableList;
static KSPIN_LOCK g_PageTableListLock;
NTSTATUS MmInitManager() {
InitializeListHead(&g_PageTableList);
KeInitializeSpinLock(&g_PageTableListLock);
return STATUS_SUCCESS;
}
static NTSTATUS MmSaveInfo(
//PHYSICAL_ADDRESS PhysicalAddress,
//PVOID HostAddress,
PVOID GuestAddress
//PAGE_ALLOCATION_TYPE AllocationType,
//ULONG uNumberOfPages,
//ULONG Flags
) {
PALLOCATED_MEM allocatedMem;
if (!GuestAddress) {
return STATUS_INVALID_PARAMETER;
}
allocatedMem = (PALLOCATED_MEM)ExAllocatePoolWithTag(NonPagedPool, sizeof(ALLOCATED_MEM), ITL_TAG);
if (!allocatedMem) {
return STATUS_INSUFFICIENT_RESOURCES;
}
RtlZeroMemory(allocatedMem, sizeof(ALLOCATED_MEM));
allocatedMem->GuestAddress = GuestAddress;
ExInterlockedInsertTailList(&g_PageTableList, &allocatedMem->le, &g_PageTableListLock);
return STATUS_SUCCESS;
}
PVOID MmAllocate(SIZE_T numberOfBytes) {
PVOID pBlock;
NTSTATUS status;
pBlock = ExAllocatePoolWithTag(NonPagedPool, numberOfBytes, ITL_TAG);
if (!pBlock) {
return NULL;
}
RtlZeroMemory(pBlock, numberOfBytes);
status = MmSaveInfo(pBlock);
if (!NT_SUCCESS(status)) {
return NULL;
}
return pBlock;
}
NTSTATUS MmShutdownManager() {
PALLOCATED_MEM allocatedMem;
PLIST_ENTRY pLe;
while (pLe = ExInterlockedRemoveHeadList(&g_PageTableList, &g_PageTableListLock)) {
allocatedMem = CONTAINING_RECORD(pLe, ALLOCATED_MEM, le);
ExFreePoolWithTag(allocatedMem->GuestAddress, ITL_TAG);
ExFreePoolWithTag(allocatedMem, ITL_TAG);
}
return STATUS_SUCCESS;
}
NTSTATUS KeReadMemory(IN ULONG ProcessHandle,IN DWORD32 AddressToRead,IN ULONG LenthToRead,IN OUT PVOID BufferToRecviveData)
{
NTSTATUS status = STATUS_UNSUCCESSFUL;
PEPROCESS ProcessPointer = NULL;
BOOLEAN IsAttached = FALSE;
__try
{
status = ObReferenceObjectByHandle((HANDLE)ProcessHandle,
0,
*PsProcessType,
KernelMode,
(PVOID*)&ProcessPointer,
NULL);
if (!NT_SUCCESS(status))
{
__leave;
}
ObDereferenceObject(ProcessPointer);
KeAttachProcess((PRKPROCESS)ProcessPointer);
IsAttached = TRUE;
if( !MmIsAddressValid(BufferToRecviveData) || !MmIsAddressValid((PVOID)AddressToRead) )
status= STATUS_INVALID_PARAMETER;
else
{
RtlCopyMemory(BufferToRecviveData,(PVOID)AddressToRead,LenthToRead);
}
}
__finally
{
if (IsAttached)
{
KeDetachProcess();
IsAttached = FALSE;
}
}
return status;
}
NTSTATUS KeWriteMemory(IN ULONG ProcessHandle,IN DWORD32 AddressToWrite,IN ULONG LenthToWrite,IN PVOID BufferToRecviveData)
{
NTSTATUS status = STATUS_UNSUCCESSFUL;
PEPROCESS ProcessPointer = NULL;
BOOLEAN IsAttached = FALSE;
__try
{
status = ObReferenceObjectByHandle((HANDLE)ProcessHandle,
0,
*PsProcessType,
KernelMode,
(PVOID*)&ProcessPointer,
NULL);
if (!NT_SUCCESS(status))
{
__leave;
}
ObDereferenceObject(ProcessPointer);
KeAttachProcess((PRKPROCESS)ProcessPointer);
IsAttached = TRUE;
if( !MmIsAddressValid(BufferToRecviveData) || !MmIsAddressValid((PVOID)AddressToWrite) )
status= STATUS_INVALID_PARAMETER;
else
{
RtlCopyMemory((PVOID)AddressToWrite,BufferToRecviveData,LenthToWrite);
}
}
__finally
{
if (IsAttached)
{
KeDetachProcess();
IsAttached = FALSE;
}
}
return status;
}
没有合适的资源?快使用搜索试试~ 我知道了~
Vmx.zip_VMX
共48个文件
h:23个
cpp:18个
asm:5个
1.该资源内容由用户上传,如若侵权请联系客服进行举报
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
2.虚拟产品一经售出概不退款(资源遇到问题,请及时私信上传者)
版权申诉
0 下载量 20 浏览量
2022-09-21
22:24:22
上传
评论
收藏 65KB ZIP 举报
温馨提示
VM x 源码, 功能很详细,说明文档里面有。所有对小伙伴有所帮助
资源详情
资源评论
资源推荐
收起资源包目录
Vmx.zip (48个子文件)
Vmx
VirtualDbgHide
Memory
memory.c 3KB
memory_.h 987B
Driver.cpp 6KB
Driver.h 400B
VM
Cpu.h 3KB
Vm.cpp 3KB
ControlArea.cpp 3KB
Misc.h 664B
amd64vm.asm 3KB
Misc.cpp 4KB
amd64vm.h 186B
VmInterrupt.cpp 982B
stdafx.h 469B
VMXT.h 58B
Vm.h 134B
VTx.cpp 3KB
VmExitHandlers.h 998B
VmInterrupt.h 2KB
VTx.h 124B
amd64.h 13KB
Cpu.cpp 22KB
ControlArea.h 394B
VmExit.h 154B
vmx.h 10KB
amd64.asm 1017B
VmExitHandlers.cpp 12KB
common.inc 1KB
VmExit.cpp 4KB
asm64.asm 5KB
IoControl.cpp 4KB
CallBack
.cpp 265B
CallBack .h 5KB
FSD
FileProtect.h 75B
FileProtect.cpp 7KB
Misc
Drx.asm 680B
Pe.h 270B
Pe.cpp 3KB
Syscall
Utility.cpp 11KB
stdafx.h 241B
Nt.cpp 12KB
SSDT.cpp 23KB
syscall64.asm 6KB
Utility.h 916B
CallBack.cpp 265B
Hook.cpp 6KB
Nt.h 14KB
SSDT.h 2KB
Hook.h 407B
共 48 条
- 1
局外狗
- 粉丝: 66
- 资源: 1万+
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功
评论0