[C++] 纯文本查看 复制代码 #include <windows.h>
#pragma comment(lib, "ntdll.lib")
EXTERN_C NTSYSAPI NTSTATUS NTAPI ZwMapViewOfSection(
HANDLE SectionHandle,
HANDLE ProcessHandle,
PVOID* BaseAddress,
ULONG_PTR ZeroBits,
SIZE_T CommitSize,
PLARGE_INTEGER SectionOffset,
PSIZE_T ViewSize,
ULONG InheritDisposition,
ULONG AllocationType,
ULONG Win32Protect);
void f()
{
ZwMapViewOfSection();
}
// 或
typedef NTSTATUS(NTAPI _ZwMapViewOfSection)(
HANDLE SectionHandle,
HANDLE ProcessHandle,
PVOID* BaseAddress,
ULONG_PTR ZeroBits,
SIZE_T CommitSize,
PLARGE_INTEGER SectionOffset,
PSIZE_T ViewSize,
ULONG InheritDisposition,
ULONG AllocationType,
ULONG Win32Protect);
void f()
{
_ZwMapViewOfSection ZwMapViewOfSection = GetProcAddress(GetModuleHandleA("ntdll.dll"), "ZwMapViewOfSection");
ZwMapViewOfSection();
}
|