//写内存
NTSTATUS KeWriteProcessMemory(PEPROCESS Process, PVOID SourceAddress, PVOID TargetAddress, SIZE_T Size)
{ // This write func is just like the read func, except vice versa.
// Since the process writing from is our module
// change the source process variable for that.
PEPROCESS SourceProcess = PsGetCurrentProcess();
// Since the process we write to is the input process
// we set the target process as the argument
PEPROCESS TargetProcess = Process;
SIZE_T Result;
if (NT_SUCCESS(MmCopyVirtualMemory(SourceProcess, SourceAddress, TargetProcess, TargetAddress, Size, KernelMode, &Result)))
return STATUS_SUCCESS; // operation was successful
else
return STATUS_ACCESS_DENIED;
}
case IOCTL_IO_WRITE:
{
pWriteStruct wt = pIoBuffer;
KeWriteProcessMemory(proc, wt->WriteBuffer, wt->TargetAddress, wt->WriteSize);
}
typedef struct writeStruct
{
PVOID WriteBuffer;
ULONGLONG WriteSize;
PVOID TargetAddress;
} WriteStruct, * pWriteStruct;
bool WriteMemory(PVOID pAddress, int Size, PVOID lpBuffer)
{
WriteStruct wt = { NULL };
wt.WriteBuffer = lpBuffer;
wt.TargetAddress = pAddress;
wt.WriteSize = Size;
BOOL bRet = DeviceIoControl(hDevice, IOCTL_IO_WRITE, &wt, sizeof(wt), 0, 0, 0, 0);
return bRet;
}