Struct Process

pub struct Process {
    pub h_process: HANDLE,
    pub module_base_address: usize,
}

Fields

h_process: HANDLE

module_base_address: usize

Implementations

impl Process

pub fn new(process_name: &str) -> Result<Process, Error>

pub fn write_aob(&self, ptr: usize, data: &[u8], absolute: bool)

Writes an array of bytes (as vectors) into the desired address. It can take relative or absolute values.

pub fn write_nops(&self, ptr: usize, n: usize, absolute: bool)

Writes n nops into the desired address It can take relative or absolute values.

pub fn get_aob(&self, ptr: usize, n: usize, absolute: bool) -> Vec<u8>

Reads n bytes from the desired address It can take relative or absolute values.

pub fn read_value<OutputType>(&self, ptr: usize, absolute: bool) -> OutputType

pub fn write_value<InputType>( &self, ptr: usize, output: InputType, absolute: bool, )

pub unsafe fn inject_shellcode( &self, entry_point: *const u32, instruction_size: usize, f_start: *const u8, f_end: *const u8, ) -> *const c_void

Inject an an ASM function which requires the labels start and end as an input, and an entry point where the position will be injected.

Safety

This function is highly unsafe. It can fails for so many reasons that the user should be aware when using it. The function maybe could not find a code cave, it could not write the bytes correctly, or it could just simply fail because OS reasons.