public static NTSTATUS ZwClose10(IntPtr handle)
{
byte[] syscall = bZwClose10;
IntPtr memoryAddress = msil.getAdrressWithMSIL(syscall);
Delegates.ZwClose myAssemblyFunction = (Delegates.ZwClose)Marshal.GetDelegateForFunctionPointer(memoryAddress, typeof(Delegates.ZwClose));
return((NTSTATUS)myAssemblyFunction(handle));
}
public static NTSTATUS ZwClose10(IntPtr handle)
{
byte[] syscall = bZwClose10;
GCHandle pinnedArray = GCHandle.Alloc(syscall, GCHandleType.Pinned);
IntPtr memoryAddress = pinnedArray.AddrOfPinnedObject();
if (!Natives.VirtualProtect(memoryAddress,
(UIntPtr)syscall.Length, memoryPtrotection, out uint oldprotect))
{
throw new Win32Exception();
}
Delegates.ZwClose myAssemblyFunction = (Delegates.ZwClose)Marshal.GetDelegateForFunctionPointer(memoryAddress, typeof(Delegates.ZwClose));
return((NTSTATUS)myAssemblyFunction(handle));
}
public static NTSTATUS ZwClose10(IntPtr handle)
{
byte[] syscall = bZwClose10;
unsafe
{
fixed(byte *ptr = syscall)
{
IntPtr memoryAddress = (IntPtr)ptr;
if (!VirtualProtectEx(Process.GetCurrentProcess().Handle, memoryAddress,
(UIntPtr)syscall.Length, 0x40, out uint oldprotect))
{
throw new Win32Exception();
}
Delegates.ZwClose myAssemblyFunction = (Delegates.ZwClose)Marshal.GetDelegateForFunctionPointer(memoryAddress, typeof(Delegates.ZwClose));
return((NTSTATUS)myAssemblyFunction(handle));
}
}
}
