-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathVM.cpp
63 lines (51 loc) · 1.41 KB
/
VM.cpp
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
#include "VM.h"
VM::VM()
{
this->VMProcessId = 0;
this->VMProcessHandle = INVALID_HANDLE_VALUE;
this->VMPipeHandle = INVALID_HANDLE_VALUE;
this->SuccessfullyInitialized = FALSE;
}
VM::~VM()
{
if (this->VMProcessHandle != INVALID_HANDLE_VALUE)
{
CloseHandle(this->VMProcessHandle);
}
if (this->VMPipeHandle != INVALID_HANDLE_VALUE)
{
CloseHandle(this->VMPipeHandle);
}
}
WHPHOOK_ERROR VM::Initialize(_Out_ PHANDLE Pipe)
{
WHPHOOK_ERROR err;
ULONG ulProcessId;
HANDLE hPipe;
HANDLE hProcess;
err = ErrorUnknown;
hPipe = CreateFileA("\\\\.\\pipe\\whp_hook", GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, 0, 0);
if (hPipe == INVALID_HANDLE_VALUE)
{
err = ErrorBadPipe;
*(HANDLE*)Pipe = INVALID_HANDLE_VALUE;
return(err);
}
this->VMPipeHandle = hPipe;
*(HANDLE*)Pipe = hPipe;
if (!GetNamedPipeServerProcessId(this->VMPipeHandle, &ulProcessId))
{
err = ErrorNoPipePID;
return(err);
}
this->VMProcessId = ulProcessId;
hProcess = OpenProcess(PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_QUERY_INFORMATION, FALSE, this->VMProcessId);
if (hProcess == INVALID_HANDLE_VALUE)
{
err = ErrorUnableToOpenProcess;
return(err);
}
this->VMProcessHandle = hProcess;
err = ErrorSuccess;
return(err);
}