void showNoWrite(IO &io2,char *args)
{
//ULONG status = NtInitializeRegistry(2);
//CHECKER(status);
unsigned int addr=0x8066eb34; //CmpNoWrite
char *c=(char*)addr;
BYTE Value;
IO_STRUCT io;
memset(&io, 0, sizeof(io));
io.IoAddr = RdWrIoPort;
io.pBuffer = (PVOID)(ULONG_PTR)addr;
io.NumBytes = 1;
io.Reserved4 = 1;
io.Reserved6 = 1;
ULONG status = ZwSystemDebugControl(DebugSysWriteIoSpace, &io, sizeof(io), NULL, 0,NULL);
CHECKER(status)
memset(&io, 0, sizeof(io));
io.IoAddr = RdWrIoPort;
io.pBuffer = &Value;
io.NumBytes = 1;
io.Reserved4 = 1;
io.Reserved6 = 1;
status = ZwSystemDebugControl(DebugSysReadIoSpace, &io, sizeof(io), NULL, 0,NULL);
CHECKER(status);
if (Value == 1)
{
io2.println("NoWrite set");
/*Value = 0;
memset(&io, 0, sizeof(io));
io.IoAddr = RdWrIoPort;
io.pBuffer = &Value;
io.NumBytes = 1;
io.Reserved4 = 1;
io.Reserved6 = 1;
status = ZwSystemDebugControl(DebugSysWriteIoSpace, &io, sizeof(io), NULL, 0,NULL);
CHECKER(status);
memset(&io, 0, sizeof(io));
io.IoAddr = RdWrIoPort;
io.pBuffer = (PVOID)(ULONG_PTR)addr;
io.NumBytes = 1;
io.Reserved4 = 1;
io.Reserved6 = 1;
status = ZwSystemDebugControl(DebugSysReadIoSpace, &io, sizeof(io), NULL, 0, NULL);
CHECKER(status);*/
}
else
io2.println("NoWrite not set");
}
BOOL CProcess::SystemDebugControl(ULONG uAddress,PVOID pvData,ULONG usize,SYSDBG_COMMAND command)
{
NTSTATUS status;
MEMORY_CHUNKS datas;
//填充内存数据结构
datas.Address = uAddress;
datas.Data = pvData;
datas.Length = usize;
//修改内存
status = ZwSystemDebugControl(command,&datas,sizeof(datas),NULL,NULL,NULL);
if(NT_SUCCESS(status)) return TRUE;
return FALSE;
}