WriteProcessMemoryAPC - Nim

Description

WriteProcessMemoryAPC is an alternative to Windows' WriteProcessMemory that leverages APCs (Asynchronous Procedure Calls) to write into a process's memory. Instead of writing directly, it schedules a series of calls to RtlFillMemory via APCs to write byte by byte.

This is a Nim reimplementation of the original C technique.

Operation with APCs

Create a suspended thread in the target process.
For each byte to write:
- Schedule an APC that will call RtlFillMemory.
- The APC writes a single byte at a time.
Resume the thread execution to process the APCs.
Wait for execution to complete.
Clean up resources.

Usage

WriteProcessMemoryAPC(hProcess: HANDLE, pAddress: ptr BYTE, pData: ptr BYTE, dwLength: DWORD): DWORD

Original C technique by x86matthew, reimplemented in Nim.

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
README.md		README.md
WriteProcessMemoryAPC.nim		WriteProcessMemoryAPC.nim

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

WriteProcessMemoryAPC - Nim

Description

Operation with APCs

Usage

About

Uh oh!

Releases

Packages

Languages

ahkeur/WriteProcessMemoryAPC

Folders and files

Latest commit

History

Repository files navigation

WriteProcessMemoryAPC - Nim

Description

Operation with APCs

Usage

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages