#include "MemoryInt.h"#include <Psapi.h>#pragma comment(lib, "Psapi.lib")

1. #include "MemoryInt.h"
2. #include <Psapi.h>
3.  
4. #pragma comment(lib, "Psapi.lib")
5.  
6. #define MEM_WRITE (PAGE_READWRITE | PAGE_WRITECOPY | PAGE_EXECUTE_READWRITE | PAGE_EXECUTE_WRITECOPY)
7. #define MEM_EXEC_WRITE (PAGE_EXECUTE_READWRITE | PAGE_EXECUTE_WRITECOPY)
8.  
9. UINT_PTR GetDMA(UINT_PTR BaseAddress, UINT_PTR * Offsets, UINT PointerLevel)
10. {
11.     BaseAddress = Read<UINT_PTR>(BaseAddress);
12.  
13.     --PointerLevel;
14.  
15.     for (; PointerLevel && BaseAddress; --PointerLevel, ++Offsets)
16.         BaseAddress = Read<UINT_PTR>(BaseAddress + *Offsets);
17.  
18.     if (BaseAddress)
19.         return (BaseAddress + *Offsets);
20.  
21.     return 0;
22. }
23.  
24. UINT_PTR GetDMA_s(UINT_PTR BaseAddress, UINT_PTR * Offsets, UINT PointerLevel)
25. {
26.     BaseAddress = Read_s<UINT_PTR>(BaseAddress);
27.  
28.     --PointerLevel;
29.  
30.     for (;PointerLevel && BaseAddress; --PointerLevel, ++Offsets)
31.         BaseAddress = Read_s<UINT_PTR>(BaseAddress + *Offsets);
32.  
33.     if (BaseAddress)
34.         return (BaseAddress + *Offsets);
35.  
36.     return 0;
37. }
38.  
39. bool IsValidWritePtr(void * Ptr)
40. {
41.     if (!Ptr)
42.         return false;
43.  
44.     MEMORY_BASIC_INFORMATION MBI{ 0 };
45.     if (!VirtualQuery(Ptr, &MBI, sizeof(MEMORY_BASIC_INFORMATION)))
46.         return false;
47.    
48.     return (MBI.State == MEM_COMMIT && (MBI.Protect & MEM_WRITE) != 0);
49. }
50.  
51. bool IsValidReadPtr(void * Ptr)
52. {
53.     if (!Ptr)
54.         return false;
55.    
56.     MEMORY_BASIC_INFORMATION MBI{ 0 };
57.     if (!VirtualQuery(Ptr, &MBI, sizeof(MEMORY_BASIC_INFORMATION)))
58.         return false;
59.  
60.     if (MBI.State == MEM_COMMIT && !(MBI.Protect & PAGE_NOACCESS))
61.         return true;
62.     return false;
63. }
64.  
65. HANDLE CreateThreadAtAddress(PTHREAD_START_ROUTINE pFunc, void * pArg, BYTE * pAddress)
66. {
67.     if (!pFunc)
68.         return nullptr;
69.  
70.     bool Restore = false;
71.     if (pAddress)
72.         Restore = true;
73.    
74.     DWORD dwOld = 0;
75.     if (!pAddress)
76.         pAddress = reinterpret_cast<BYTE*>(VirtualAlloc(nullptr, 0x10, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE));
77.     else if (!VirtualProtect(pAddress, 0x10, PAGE_EXECUTE_READWRITE, &dwOld))
78.         return nullptr;
79.     if (!pAddress)
80.         return nullptr;
81.  
82.     BYTE Buffer[0x10];
83.     if (Restore)
84.         memcpy(Buffer, pAddress, 0x10);
85.  
86.     #ifdef _WIN64
87.    
88.     *pAddress = 0x48;
89.     *(pAddress + 1) = 0xB8;
90.     *reinterpret_cast<PTHREAD_START_ROUTINE*>(pAddress + 2) = pFunc;
91.     *(pAddress + 0xA) = 0xFF;
92.     *(pAddress + 0xB) = 0xE0;
93.  
94.     #else
95.  
96.     *pAddress = 0xE9;
97.     *reinterpret_cast<DWORD*>(pAddress + 1) = (BYTE*)pFunc - pAddress - 5;
98.  
99.     #endif
100.  
101.     HANDLE hThread = CreateThread(nullptr, 0, (PTHREAD_START_ROUTINE)pAddress, pArg, 0, nullptr);
102.     if (!hThread)
103.         VirtualFree(pAddress, 0x10, MEM_DECOMMIT);
104.  
105.     Sleep(100);
106.     if (Restore)
107.     {
108.         memcpy(pAddress, Buffer, 0x10);
109.         VirtualProtect(pAddress, 0x10, dwOld, &dwOld);
110.     }
111.     else
112.         VirtualFree(pAddress, 0x10, MEM_DECOMMIT);
113.  
114.     return hThread;
115. }