def hotpatch(source, destination):
source = cast(source, c_void_p).value
destination = cast(destination, c_void_p).value
old = DWORD()
if windll.kernel32.VirtualProtect(source - 5, 8, PAGE_EXECUTE_READWRITE, byref(old)):
try:
written = c_size_t()
jmp_code = struct.pack('<BI', 0xE9, (destination - source) & 0xFFFFFFFF)
windll.kernel32.WriteProcessMemory(-1, source - 5, cast(jmp_code, c_char_p), len(jmp_code), byref(written))
windll.kernel32.WriteProcessMemory(-1, source, cast(struct.pack('<H', 0xF9EB), c_char_p), 2, byref(written))
finally:
windll.kernel32.VirtualProtect(source - 5, 8, old, byref(old))
return source + 2
评论列表
文章目录
