C++ (Cpp) NktNtAllocateVirtualMemory示例

编程语言: C++ (Cpp)

方法/功能: NktNtAllocateVirtualMemory

hotexamples.com的示例: 3

C++ (Cpp) NktNtAllocateVirtualMemory - 已找到3个示例。这些是从开源项目中提取的最受好评的NktNtAllocateVirtualMemory现实C++ (Cpp)示例。您可以评价示例，以帮助我们提高示例质量。

示例#1

显示文件

文件： ProcessEntry.cpp 项目： 0xra/Deviare-InProc

BOOL CProcessesHandles::CEntry::CMemBlock::Initialize(__in ULONGLONG nMin, __in ULONGLONG nMax)
{
  MEMORY_BASIC_INFORMATION sMbi;
  SIZE_T nSize, nResultLength;
  NTSTATUS nNtStatus;

  if (lpFreeEntries == NULL)
    return FALSE;
  if (nMin < 65536)
    nMin = 65536;
  while (nMin < nMax)
  {
    NktHookLibHelpers::MemSet(&sMbi, 0, sizeof(sMbi));
    nNtStatus = NktNtQueryVirtualMemory(hProc, (PVOID)nMin, MyMemoryBasicInformation, &sMbi, sizeof(sMbi),
                                        &nResultLength);
    if (NT_SUCCESS(nNtStatus) && sMbi.State == MEM_FREE)
    {
      lpBaseAddress = (LPBYTE)nMin;
      nSize = 65536;
      nNtStatus = NktNtAllocateVirtualMemory(hProc, (PVOID*)&lpBaseAddress, 0, &nSize, MEM_RESERVE|MEM_COMMIT,
                                             PAGE_EXECUTE_READWRITE);

      if (NT_SUCCESS(nNtStatus))
        return TRUE;
    }
    nMin += 65536;
  }
  lpBaseAddress = NULL;
  return FALSE;
}

示例#2

显示文件

文件： Wow64.cpp 项目： nektra/Deviare-InProc

NTSTATUS NtAllocateVirtualMemory64(__in HANDLE ProcessHandle, __inout ULONGLONG *BaseAddress, __in ULONGLONG ZeroBits,
                                   __inout PSIZE_T RegionSize, __in ULONG AllocationType, __in ULONG Protect)
{
#if defined(_M_IX86)
  ULONGLONG nRegionSize;
  NTSTATUS nNtStatus;

  Initialize();
  //----
  if (NktHookLib_fnNtAllocateVirtualMemory64 == 0ui64)
  {
    if (BaseAddress != NULL)
      *BaseAddress = 0;
    if (RegionSize != NULL)
      *RegionSize = 0;
    return STATUS_NOT_IMPLEMENTED;
  }
  nRegionSize = (ULONGLONG)(*RegionSize);
  nNtStatus = NktHookLib_CallWow64(NktHookLib_fnNtAllocateVirtualMemory64, Handle2Ull(ProcessHandle),
                                   Ptr2Ull(BaseAddress), ZeroBits, Ptr2Ull(&nRegionSize), Ul2Ull(AllocationType),
                                   Ul2Ull(Protect), 0ui64, 0ui64, 0ui64, 0ui64, 0ui64);
  *RegionSize = (SIZE_T)nRegionSize;
  return nNtStatus;
#elif defined(_M_X64)
  return NktNtAllocateVirtualMemory(ProcessHandle, (PVOID*)BaseAddress, ZeroBits, RegionSize, AllocationType, Protect);
#endif
}

示例#3

显示文件

文件： ProcessEntry.cpp 项目： 0xra/Deviare-InProc

BOOL CProcessesHandles::CEntry::CMemBlock::Initialize()
{
  SIZE_T nSize;
  NTSTATUS nNtStatus;

  if (lpFreeEntries == NULL)
    return FALSE;
  lpBaseAddress = NULL;
  nSize = 65536;
  nNtStatus = NktNtAllocateVirtualMemory(hProc, (PVOID*)&lpBaseAddress, 0, &nSize, MEM_RESERVE|MEM_COMMIT,
                                         PAGE_EXECUTE_READWRITE);
  if (!NT_SUCCESS(nNtStatus))
    lpBaseAddress = NULL;
  return (lpBaseAddress != NULL) ? TRUE : FALSE;
}