How to Read From Shared Memory C
 |  |
 |  |  |  |  |  |  |  |
We strive to provide all our services for gratis and not interrupt your visit with intrusive advertisements or restrictions - support us past disabling your advertising blocker or whitelisting our site.
  | |||||||
| Thread Tools |
| shared retentivity between kernel and usermode. |
 fifth March 2019, 02:31 PM | #1 | |||||||||||
| Super l337  Join Date: Oct 2018 Posts: 214 Reputation: 159 Points: 3,949, Level: 6
Level up: 39%, 551 Points needed
Action: 5.9%
| then i have read about shared memory in msdn and i have some few questions here considering i have never touched shared memory earlier i spent ane hr reading most it and there are some parts where i got confused a fleck and i just said i will ask hither and see if someone have manged to get it working tin can aid me with it . so . i looked at https://github.com/mq1n/EasyRing0?files=ane but its confusing and he is doing a lot of things at kernel side that i couldn't empathize. lets say for example i desire to Read memory with MmCopyVirtualMemory from my kernel driver to my usermode with sharedmemory. and then what things do i need to practice to accomplish that. in that easyRing0 example he is just reading and writing a simple string but what if i wanted to use my MmCopyVirtualMemory role with sharedmemory ? just want to see a code snippet or and actually code that does this and so i tin can understand how does this works . + another question is creating a mutex with Waitforsingleobject for reading/ writing memory is a good solution ? i experience that will decrease the efficiency of the commuter (idk correct me if am wrong). and concluding thing , is there is whatsoever easier style of creating DACL + ACL and security descriptor. because in that easy ring0 he is over complicating it i thought it was easier than that according to msdn. | |||||||||||
| |  |
shared retention between kernel and usermode. 
| 5th March 2019, 05:43 PM | #2 | |||||||||||
| MVP Join Date: Sep 2005 Posts: 16,458 Reputation: 379169 Points: 1, Level: 1
Level up: 0%, ane Points needed
Activity: 0%
| if you dont understand memory yous should exist no where near kernel. beginning with something unproblematic like using cheat engine on a game similar assault cube. Make a hack for that then move onto other games with unproblematic AC'southward. And so possibly move onto kernel stuff | |||||||||||
| | |
| 5th March 2019, 06:11 PM | #iii | |||||||||||
| Super l337 Join Date: Oct 2018 Posts: 214 Reputation: 159 Points: 3,949, Level: 6
Level up: 39%, 551 Points needed
Activity: five.9%
| Quote: Originally Posted by Fyrahh if you dont understand memory you should be no where near kernel. offset with something elementary like using cheat engine on a game like assault cube. Make a hack for that then move onto other games with simple Ac's. Then maybe motion onto kernel stuff and what has this to practise with my problem ? i tin read/write with IOCTL lawmaking fine with my other commuter but am just new to shared memory , (no offense ) only i highly doubt that y'all know smth about shared retentivity. (delight don't respond to a thread that you yourself don't even know smth about information technology | |||||||||||
| | |
)
| 5th March 2019, 06:24 PM | #4 | |||||||||||
| Primary Contributor Join Appointment: April 2016 Posts: 1,093 Reputation: 15100 Points: 19,513, Level: 19
Level upward: 15%, 1,287 Points needed
Activeness: 6.i%
| Quote: Originally Posted by someonether and terminal matter , is in that location is any easier manner of creating DACL + ACL and security descriptor. because in that easy ring0 he is over complicating it i idea it was easier than that according to msdn. whom do yous trust more in this state of affairs? msdn or a random github. Quote: Originally Posted past someonether and what has this to practise with my problem ? i can read/write with IOCTL lawmaking fine with my other driver but am simply new to shared memory , (no offense ) but i highly doubt that you know smth almost shared retentiveness. (please don't respond to a thread that you yourself don't fifty-fifty know smth about it based on threads similar this i tin can say with certainty that it wasn't your driver at all and it was probably zeromemory's driver that every single paster uses. | |||||||||||
| | |
| 5th March 2019, 07:00 PM | #5 | |||||||||||
| Super l337 Join Date: October 2018 Posts: 214 Reputation: 159 Points: iii,949, Level: six
Level upward: 39%, 551 Points needed
Activeness: 5.9%
| Quote: Originally Posted by CatalystFTW whom do you trust more in this situation? msdn or a random github. based on threads similar this i can say with certainty that it wasn't your driver at all and it was probably zeromemory'due south driver that every single paster uses. well non to lie i have used zero'south memory driver haha , and yep msdn because that github driver is just missed up. could i ask you a few questions about shared mem if you don't listen answering them for me so now i have noticed after searching here in uc and in that github commuter that mapping retention from kernel requires functions that starts with [Zw] (correct me if am wrong). now afterward i have searched i have seen this mail https://www.unknowncheats.me/forum/2348014-post24.html by @Astralux and that made information technology easier for me to understand and yes i take googled every unmarried function right there and understood what it is for . now all i demand to do afaik is to use ZwMapViewOfSection to map memory into user space . and from Usermode i tin can open a handle to it via the following functions (CreateFileA,OpenFileMappingA) now i don't know how shared memory works with reading and writing to a target process i accept seen an case in that github driver it only copies a string buffer from UM to KM and from KM to UM . at present am dislocated how am going to write or read from a game retentiveness with sharedmem . if you tin show me how or give me whatever examples i would be very appreciated | |||||||||||
| | |
| 5th March 2019, 07:22 PM | #vi | |||||||||||
| Supreme H4x0|2  Bring together Engagement: Aug 2017 Location: Republic of hungary Posts: 596 Reputation: 5183 Points: 11,308, Level: 13
Level up: 24%, 992 Points needed
Activity: 4.7%
| Quote: Originally Posted past someonether well non to prevarication i have used zero'southward retentivity driver haha , and yeah msdn because that github driver is only missed up. could i ask you a few questions about shared mem if you lot don't mind answering them for me so now i have noticed later on searching here in uc and in that github driver that mapping memory from kernel requires functions that starts with [Zw] (correct me if am wrong). now after i accept searched i have seen this mail service https://www.unknowncheats.me/forum/2348014-post24.html by @Astralux and that made it easier for me to sympathize and yeah i have googled every unmarried function right there and understood what it is for . now all i need to practise afaik is to use ZwMapViewOfSection to map memory into user infinite . and from Usermode i tin can open a handle to it via the following functions (CreateFileA,OpenFileMappingA) at present i don't know how shared retentiveness works with reading and writing to a target procedure i have seen an example in that github driver it merely copies a string buffer from UM to KM and from KM to UM . now am confused how am going to write or read from a game retention with sharedmem . if you can show me how or give me whatsoever examples i would exist very appreciated You are not going to write or read from a game's memory trough sharedmem. | |||||||||||
| | |
| 5th March 2019, 07:35 PM | #seven | |||||||||||
| Super l337 Join Appointment: Oct 2018 Posts: 214 Reputation: 159 Points: 3,949, Level: 6
Level up: 39%, 551 Points needed
Activity: five.9%
| Quote: Originally Posted by janekaldo Y'all are not going to write or read from a game'south retentivity trough sharedmem. thanks for answering me , but only got 1 question earlier with IOCTL code i used to call IoDeviceControl to ship requests to my driver so information technology knows conditions i need to write memory or read . how could that be done with shared retention i mean if i have this (one-time IOCTL driver) Lawmaking: typedef struct _READ_REQUEST { ULONG ProcessId; UINT_PTR SourceAddress; UINT_PTR TargetAddress; ULONG Size; } _READ_REQUEST, *P_READ_REQUEST; Code: NTSTATUS ReadKernelMemory(PEPROCESS Process, PVOID SourceAddress, PVOID TargetAddress, SIZE_T Size) { PSIZE_T Bytes; if (NT_SUCCESS(MmCopyVirtualMemory(Process, SourceAddress, PsGetCurrentProcess(), TargetAddress, Size, KernelMode, &Bytes))) render STATUS_SUCCESS; else return STATUS_ACCESS_DENIED; } so then i could call it like Code: NTSTATUS IoControl(PDEVICE_OBJECT DeviceObject, PIRP Irp) { NTSTATUS Status; ULONG BytesIO = 0; PIO_STACK_LOCATION stack = IoGetCurrentIrpStackLocation(Irp); // Lawmaking received from user space ULONG ControlCode = stack->Parameters.DeviceIoControl.IoControlCode; switch (ControlCode) { case(READ_REQUEST): { // practise smth here.. } } so now READ_REQUEST is an IOCTL code how could that be changed to piece of work with shared mem . because the only style that i know is to ship via IOTCL code. and if you could tell me how could i call information technology from usermode like with Iodevicecontrol | |||||||||||
| | |
| fifth March 2019, 07:40 PM | #viii | |||||||||||
| Supreme H4x0|2 Join Appointment: Aug 2017 Location: Republic of hungary Posts: 596 Reputation: 5183 Points: 11,308, Level: 13
Level up: 24%, 992 Points needed
Action: four.seven%
| Quote: Originally Posted by someonether thanks for answering me , but simply got 1 question before with IOCTL code i used to phone call IoDeviceControl to send requests to my driver so it knows weather i need to write memory or read . how could that exist washed with shared memory i hateful if i have this (old IOCTL driver) Code: typedef struct _READ_REQUEST { ULONG ProcessId; UINT_PTR SourceAddress; UINT_PTR TargetAddress; ULONG Size; } _READ_REQUEST, *P_READ_REQUEST; Code: NTSTATUS ReadKernelMemory(PEPROCESS Process, PVOID SourceAddress, PVOID TargetAddress, SIZE_T Size) { PSIZE_T Bytes; if (NT_SUCCESS(MmCopyVirtualMemory(Process, SourceAddress, PsGetCurrentProcess(), TargetAddress, Size, KernelMode, &Bytes))) return STATUS_SUCCESS; else return STATUS_ACCESS_DENIED; } so then i could call it similar Code: NTSTATUS IoControl(PDEVICE_OBJECT DeviceObject, PIRP Irp) { NTSTATUS Status; ULONG BytesIO = 0; PIO_STACK_LOCATION stack = IoGetCurrentIrpStackLocation(Irp); // Code received from user infinite ULONG ControlCode = stack->Parameters.DeviceIoControl.IoControlCode; switch (ControlCode) { case(READ_REQUEST): { // exercise smth hither.. } } so now READ_REQUEST is an IOCTL code how could that be changed to work with shared mem . because the but fashion that i know is to send via IOTCL code. and if you could tell me how could i call it from usermode like with Iodevicecontrol I think you lot could find this useful | |||||||||||
| | |
| 5th March 2019, 07:47 PM | #9 | |||||||||||
| Master Correspondent Join Date: Apr 2016 Posts: 1,093 Reputation: 15100 Points: 19,513, Level: 19
Level up: 15%, i,287 Points needed
Action: 6.ane%
| Quote: Originally Posted past someonether thank you lot for answering me , but simply got i question before with IOCTL code i used to call IoDeviceControl to send requests to my driver so it knows weather condition i need to write memory or read . how could that exist done with shared memory i mean if i have this (old IOCTL driver) Lawmaking: typedef struct _READ_REQUEST { ULONG ProcessId; UINT_PTR SourceAddress; UINT_PTR TargetAddress; ULONG Size; } _READ_REQUEST, *P_READ_REQUEST; Code: NTSTATUS ReadKernelMemory(PEPROCESS Procedure, PVOID SourceAddress, PVOID TargetAddress, SIZE_T Size) { PSIZE_T Bytes; if (NT_SUCCESS(MmCopyVirtualMemory(Process, SourceAddress, PsGetCurrentProcess(), TargetAddress, Size, KernelMode, &Bytes))) render STATUS_SUCCESS; else return STATUS_ACCESS_DENIED; } and so so i could telephone call information technology like Code: NTSTATUS IoControl(PDEVICE_OBJECT DeviceObject, PIRP Irp) { NTSTATUS Status; ULONG BytesIO = 0; PIO_STACK_LOCATION stack = IoGetCurrentIrpStackLocation(Irp); // Code received from user space ULONG ControlCode = stack->Parameters.DeviceIoControl.IoControlCode; switch (ControlCode) { case(READ_REQUEST): { // do smth hither.. } } then at present READ_REQUEST is an IOCTL lawmaking how could that be changed to work with shared mem . because the only way that i know is to send via IOTCL code. and if you could tell me how could i phone call it from usermode like with Iodevicecontrol do you desire uc to write your unabridged crook while we are at it? you accept a shared section, use your encephalon to find out how can we use that to communicate. the fact that you lot inquire how you can utilize something like iodevicecontrol with a shared department proves that you haven't really given this a thought and await uc to make your cheat, are you frankooo's second account? | |||||||||||
| | |
| 5th March 2019, 09:21 PM | #10 | |||||||||||
| Super l337 Join Date: October 2018 Posts: 214 Reputation: 159 Points: three,949, Level: half-dozen
Level up: 39%, 551 Points needed
Activity: 5.9%
| @janekaldo thanks for trying to help me just i already read that . | |||||||||||
| | |
| sixth March 2019, 11:44 PM | #xi | |||||||||||
| Super l337 Join Date: Oct 2018 Posts: 214 Reputation: 159 Points: iii,949, Level: 6
Level up: 39%, 551 Points needed
Activity: 5.nine%
| just realized that msdn is the best resource on the internet lmao , my simply trouble is communicating between my commuter with usermode via (ReadFile,WriteFile) am however looking on how it works if someone know anything that will make my life easier then kindly share it | |||||||||||
| | |
| 7th March 2019, 02:03 AM | #12 | |||||||||||
| A God  Join Date: Mar 2018 Location: yes Posts: 172 Reputation: 1261 Points: iv,143, Level: 6
Level up: 61%, 357 Points needed
Activeness: 2.iv%
| Quote: Originally Posted past someonether just realized that msdn is the all-time resource on the net lmao , my only problem is communicating between my driver with usermode via (ReadFile,WriteFile) am still looking on how it works if someone know anything that will make my life easier then kindly share it merely brand 2 mapping of the shared department, 1 in your process and 1 in the organisation process. Then you can just copy data into the department with memcpy or smth __________________ ok | |||||||||||
| | |
| 7th March 2019, 12:02 PM | #thirteen | |||||||||||
| Super l337 Join Date: Oct 2018 Posts: 214 Reputation: 159 Points: 3,949, Level: half-dozen
Level up: 39%, 551 Points needed
Activity: 5.9%
| Quote: Originally Posted by L0rdTachanka merely make 2 mapping of the shared section, 1 in your process and ane in the arrangement process. And then y'all tin can but copy data into the section with memcpy or smth thanks for this idea i will see if memcpy works for me or not | |||||||||||
| | |
| 7th March 2019, 04:45 PM | #fourteen | |||||||||||
| A God Join Appointment: Mar 2018 Location: yep Posts: 172 Reputation: 1261 Points: 4,143, Level: 6
Level upwardly: 61%, 357 Points needed
Action: ii.four%
| Quote: Originally Posted by someonether thanks for this idea i will run across if memcpy works for me or not make sure the section is writeable __________________ ok | |||||||||||
| | |
| 7th March 2019, 08:02 PM | #15 | |||||||||||
| Super l337 Join Date: Oct 2018 Posts: 214 Reputation: 159 Points: 3,949, Level: vi
Level up: 39%, 551 Points needed
Activity: 5.9%
| Quote: Originally Posted by L0rdTachanka make certain the department is writeable thanks i have been reading a lot and at present i can say that i have understood something , if you don't heed correct me or telling me whatsoever hints and then lets accept readshared memory example from easyring0 github Code: VOID ReadSharedMemory() { if (!g_hSection) return; if (g_pSharedSection) ZwUnmapViewOfSection(NtCurrentProcess(), g_pSharedSection); SIZE_T ulViewSize = 1024 * 10; NTSTATUS ntStatus = ZwMapViewOfSection(g_hSection, NtCurrentProcess(), &g_pSharedSection, 0, ulViewSize, NULL, &ulViewSize, ViewShare, 0, PAGE_READWRITE | PAGE_NOCACHE); if (ntStatus != STATUS_SUCCESS) { DbgPrint("ZwMapViewOfSection fail! Status: %p\north", ntStatus); ZwClose(g_hSection); return; } DbgPrint("ZwMapViewOfSection completed!\due north"); DbgPrint("Shared retentivity read data: %s\n", g_pSharedSection); } now in my read role in usermode i could do something like this Code: if(memcpy(pBuf,&ReadRequest,sizeof(ReadRequest))){ return response; and pBuf should exist the one that i have opened with Lawmaking: pBuf = MapViewOfFile(hMapFile, FILE_MAP_WRITE, 0, 0, 4096); and at present g_pSharedSection is where the struct is stored at . but i got some questions. now if i want to laissez passer that info to my read function smth like this Code: NTSTATUS KeReadRequest(PDEVICE_OBJECT pDriverObject, PIRP pIrp){ // do whatever here ... } and there i have Code: PKERNEL_READ_REQUEST ReadInput = (PKERNEL_READ_REQUEST)Irp->AssociatedIrp.SystemBuffer; PKERNEL_READ_REQUEST ReadOutput = (PKERNEL_READ_REQUEST)Irp->AssociatedIrp.SystemBuffer; this code is from kernelbhop merely a proof of concept non copying anything from it . now i can alter PKERNEL_READ_REQUEST to g_pSharedSection because it will have my struct data stored in correct ? and some other question is in my Major_function when i add my readkernelmemory function there i should add it as Lawmaking: case IRP_MJ_WRITE: or how could i add information technology there without creating an IOCTL code. cheers in advance i have learned so many things when i started this thread. | |||||||||||
| | |
| 8th March 2019, 12:24 PM | #16 | |||||||||||
| Super l337 Join Engagement: Oct 2018 Posts: 214 Reputation: 159 Points: iii,949, Level: 6
Level up: 39%, 551 Points needed
Activity: 5.9%
| now am declining with OpenFileMappingA FILE_MAP_WRITE with ERROR_ACCESS_DENIED anyone know anything well-nigh that error how could i fix it . cheers | |||||||||||
| | |
 Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Terminal Mail |
| [Aid] Writing to shared memory from usermode application | MrNiggaGuy | C and C++ | 3 | quaternary March 2019 10:35 AM |
| [Help] kernel style shared memory | doretz | General Programming and Reversing | 25 | 5th February 2019 11:23 PM |
| [Request] shared memory between km & um | richy1 | C and C++ | 5 | 11th Jan 2019 02:12 PM |
| [Help] Usermode and Kernel Communication | tommy6648 | Anti-Crook Featherbed | ten | 10th November 2018 03:05 PM |
| [Source] Shared retention mapped files | evolution536 | C and C++ | 7 | 25th May 2013 06:37 PM |
| Tags |
memory, reading, kernel, shared, understand, code, creating, easier, read, msdn  |
« Previous Thread | Adjacent Thread »
|
|
All times are GMT. The fourth dimension now is 11:57 PM.
 |  |
no new posts
Source: https://www.unknowncheats.me/forum/c-and-c-/324505-shared-memory-kernel-usermode.html
0 Response to "How to Read From Shared Memory C"
Post a Comment