18#pragma region API Definitions
24 SIZE_T NumberOfBytesToWrite,
25 PSIZE_T NumberOfBytesWritten
36 _In_ HANDLE SectionHandle,
37 _In_ HANDLE ProcessHandle,
38 _Inout_ _At_(*BaseAddress, _Readable_bytes_(*ViewSize) _Writable_bytes_(*ViewSize)
39 _Post_readable_byte_size_(*ViewSize)) PVOID* BaseAddress,
40 _Inout_opt_ PLARGE_INTEGER SectionOffset,
41 _Inout_ PSIZE_T ViewSize,
42 _In_ ULONG AllocationType,
43 _In_ ULONG PageProtection,
44 _Inout_updates_opt_(ExtendedParameterCount) PMEM_EXTENDED_PARAMETER ExtendedParameters,
45 _In_ ULONG ExtendedParameterCount
NTSTATUS(NTAPI * pNtWriteVirtualMemory)(HANDLE ProcessHandle, PVOID BaseAddress, PVOID Buffer, SIZE_T NumberOfBytesToWrite, PSIZE_T NumberOfBytesWritten)
The NtWriteVirtualMemory function writes memory to a specified process.
struct _BOOT_ENTRY BOOT_ENTRY
The BOOT_ENTRY structure represents a boot entry in the boot configuration database....
struct _BOOT_ENTRY * PBOOT_ENTRY
NTSTATUS(NTAPI * pNtModifyBootEntry)(PBOOT_ENTRY BootEntry)
The NtModifyBootEntry function modifies a boot entry in the boot configuration database.
NTSTATUS(NTAPI * pNtMapViewOfSectionEx)(_In_ HANDLE SectionHandle, _In_ HANDLE ProcessHandle, _Inout_ _At_(*BaseAddress, _Readable_bytes_(*ViewSize) _Writable_bytes_(*ViewSize) _Post_readable_byte_size_(*ViewSize)) PVOID *BaseAddress, _Inout_opt_ PLARGE_INTEGER SectionOffset, _Inout_ PSIZE_T ViewSize, _In_ ULONG AllocationType, _In_ ULONG PageProtection, _Inout_updates_opt_(ExtendedParameterCount) PMEM_EXTENDED_PARAMETER ExtendedParameters, _In_ ULONG ExtendedParameterCount)
The NtMapViewOfSectionEx function maps a view of a section into the address space of a process.
The BOOT_ENTRY structure represents a boot entry in the boot configuration database....
1.9.8