KMDF MmCopyVirtualMemory Undefined











up vote
0
down vote

favorite












Hello and my problem today is I was trying out a new/old method of writing memory with a system files(.sys) after watching Zer0Mem0ry's video on the subject. But I tried to copy but came with the error :



 Error C4013 'MmCopyVirtualMemory' undefined; assuming extern returning int


Even after having done everything. So I was wondering if I had to define this function or importation would be enough. Any help would be amazing!
My Code(driver.c)



https://pastebin.com/AfBUGFCh



Couldn't paste code for some reason.



#include "driver.h"

#include <ntddk.h>

#include "driver.tmh"

#pragma comment(lib, "Ntoskrnl.lib")



#ifdef ALLOC_PRAGMA

#pragma alloc_text (INIT, DriverEntry)

#pragma alloc_text (PAGE, CallOfDutySysFileEvtDeviceAdd)

#pragma alloc_text (PAGE, CallOfDutySysFileEvtDriverContextCleanup)

#endif



NTSTATUS KeReadProcessMemory(PEPROCESS Process, PVOID SourceAddress, PVOID TargetAddress, SIZE_T Size)

{

    PEPROCESS SourceProcess = Process;

    PEPROCESS TargetProcess = PsGetCurrentProcess();

    SIZE_T Result;

    if (NT_SUCCESS(MmCopyVirtualMemory(SourceProcess, SourceAddress, TargetProcess, TargetAddress, Size, KernelMode, &Result)))

        return STATUS_SUCCESS;

    else

        return STATUS_ACCESS_DENIED;

}

NTSTATUS KeWriteProcessMemory(PEPROCESS Process, PVOID SourceAddress, PVOID TargetAddress, SIZE_T Size)

{

    PEPROCESS SourceProcess = PsGetCurrentProcess();

    PEPROCESS TargetProcess = Process;

    SIZE_T Result;



    if (NT_SUCCESS(MmCopyVirtualMemory(SourceProcess, SourceAddress, TargetProcess, TargetAddress, Size, KernelMode, &Result)))

        return STATUS_SUCCESS;

    else

        return STATUS_ACCESS_DENIED;



}



NTSTATUS

DriverEntry(_In_ PDRIVER_OBJECT  DriverObject, _In_ PUNICODE_STRING RegistryPath)

{

    WDF_DRIVER_CONFIG config;

    NTSTATUS status;

    WDF_OBJECT_ATTRIBUTES attributes;

    WPP_INIT_TRACING(DriverObject, RegistryPath);

    TraceEvents(TRACE_LEVEL_INFORMATION, TRACE_DRIVER, "%!FUNC! Entry");

    WDF_OBJECT_ATTRIBUTES_INIT(&attributes);

    attributes.EvtCleanupCallback = CallOfDutySysFileEvtDriverContextCleanup;



    WDF_DRIVER_CONFIG_INIT(&config,

                           CallOfDutySysFileEvtDeviceAdd

                           );



    status = WdfDriverCreate(DriverObject,

                             RegistryPath,

                             &attributes,

                             &config,

                             WDF_NO_HANDLE

                             );



    if (!NT_SUCCESS(status)) {

        TraceEvents(TRACE_LEVEL_ERROR, TRACE_DRIVER, "WdfDriverCreate failed %!STATUS!", status);

        WPP_CLEANUP(DriverObject);

        return status;

    }



    TraceEvents(TRACE_LEVEL_INFORMATION, TRACE_DRIVER, "%!FUNC! Exit");







    return status;

}



NTSTATUS

CallOfDutySysFileEvtDeviceAdd(

    _In_    WDFDRIVER       Driver,

    _Inout_ PWDFDEVICE_INIT DeviceInit

    )

{

    NTSTATUS status;



    UNREFERENCED_PARAMETER(Driver);



    PAGED_CODE();



    TraceEvents(TRACE_LEVEL_INFORMATION, TRACE_DRIVER, "%!FUNC! Entry");



    status = CallOfDutySysFileCreateDevice(DeviceInit);



    TraceEvents(TRACE_LEVEL_INFORMATION, TRACE_DRIVER, "%!FUNC! Exit");



    return status;

}



VOID

CallOfDutySysFileEvtDriverContextCleanup(

    _In_ WDFOBJECT DriverObject

    )

{

    UNREFERENCED_PARAMETER(DriverObject);



    PAGED_CODE();



    TraceEvents(TRACE_LEVEL_INFORMATION, TRACE_DRIVER, "%!FUNC! Entry");



    WPP_CLEANUP(WdfDriverWdmGetDriverObject((WDFDRIVER)DriverObject));

}





kmdf







share|improve this question




























    up vote
    0
    down vote

    favorite












    Hello and my problem today is I was trying out a new/old method of writing memory with a system files(.sys) after watching Zer0Mem0ry's video on the subject. But I tried to copy but came with the error :



     Error C4013 'MmCopyVirtualMemory' undefined; assuming extern returning int


    Even after having done everything. So I was wondering if I had to define this function or importation would be enough. Any help would be amazing!
    My Code(driver.c)



    https://pastebin.com/AfBUGFCh



    Couldn't paste code for some reason.



    #include "driver.h"
    
#include <ntddk.h>
    
#include "driver.tmh"
    
#pragma comment(lib, "Ntoskrnl.lib")
    

    
#ifdef ALLOC_PRAGMA
    
#pragma alloc_text (INIT, DriverEntry)
    
#pragma alloc_text (PAGE, CallOfDutySysFileEvtDeviceAdd)
    
#pragma alloc_text (PAGE, CallOfDutySysFileEvtDriverContextCleanup)
    
#endif
    

    
NTSTATUS KeReadProcessMemory(PEPROCESS Process, PVOID SourceAddress, PVOID TargetAddress, SIZE_T Size)
    
{
    
    PEPROCESS SourceProcess = Process;
    
    PEPROCESS TargetProcess = PsGetCurrentProcess();
    
    SIZE_T Result;
    
    if (NT_SUCCESS(MmCopyVirtualMemory(SourceProcess, SourceAddress, TargetProcess, TargetAddress, Size, KernelMode, &Result)))
    
        return STATUS_SUCCESS;
    
    else
    
        return STATUS_ACCESS_DENIED;
    
}
    
NTSTATUS KeWriteProcessMemory(PEPROCESS Process, PVOID SourceAddress, PVOID TargetAddress, SIZE_T Size)
    
{
    
    PEPROCESS SourceProcess = PsGetCurrentProcess();
    
    PEPROCESS TargetProcess = Process;
    
    SIZE_T Result;
    

    
    if (NT_SUCCESS(MmCopyVirtualMemory(SourceProcess, SourceAddress, TargetProcess, TargetAddress, Size, KernelMode, &Result)))
    
        return STATUS_SUCCESS;
    
    else
    
        return STATUS_ACCESS_DENIED;
    

    
}
    

    
NTSTATUS
    
DriverEntry(_In_ PDRIVER_OBJECT  DriverObject, _In_ PUNICODE_STRING RegistryPath)
    
{
    
    WDF_DRIVER_CONFIG config;
    
    NTSTATUS status;
    
    WDF_OBJECT_ATTRIBUTES attributes;
    
    WPP_INIT_TRACING(DriverObject, RegistryPath);
    
    TraceEvents(TRACE_LEVEL_INFORMATION, TRACE_DRIVER, "%!FUNC! Entry");
    
    WDF_OBJECT_ATTRIBUTES_INIT(&attributes);
    
    attributes.EvtCleanupCallback = CallOfDutySysFileEvtDriverContextCleanup;
    

    
    WDF_DRIVER_CONFIG_INIT(&config,
    
                           CallOfDutySysFileEvtDeviceAdd
    
                           );
    

    
    status = WdfDriverCreate(DriverObject,
    
                             RegistryPath,
    
                             &attributes,
    
                             &config,
    
                             WDF_NO_HANDLE
    
                             );
    

    
    if (!NT_SUCCESS(status)) {
    
        TraceEvents(TRACE_LEVEL_ERROR, TRACE_DRIVER, "WdfDriverCreate failed %!STATUS!", status);
    
        WPP_CLEANUP(DriverObject);
    
        return status;
    
    }
    

    
    TraceEvents(TRACE_LEVEL_INFORMATION, TRACE_DRIVER, "%!FUNC! Exit");
    

    

    

    
    return status;
    
}
    

    
NTSTATUS
    
CallOfDutySysFileEvtDeviceAdd(
    
    _In_    WDFDRIVER       Driver,
    
    _Inout_ PWDFDEVICE_INIT DeviceInit
    
    )
    
{
    
    NTSTATUS status;
    

    
    UNREFERENCED_PARAMETER(Driver);
    

    
    PAGED_CODE();
    

    
    TraceEvents(TRACE_LEVEL_INFORMATION, TRACE_DRIVER, "%!FUNC! Entry");
    

    
    status = CallOfDutySysFileCreateDevice(DeviceInit);
    

    
    TraceEvents(TRACE_LEVEL_INFORMATION, TRACE_DRIVER, "%!FUNC! Exit");
    

    
    return status;
    
}
    

    
VOID
    
CallOfDutySysFileEvtDriverContextCleanup(
    
    _In_ WDFOBJECT DriverObject
    
    )
    
{
    
    UNREFERENCED_PARAMETER(DriverObject);
    

    
    PAGED_CODE();
    

    
    TraceEvents(TRACE_LEVEL_INFORMATION, TRACE_DRIVER, "%!FUNC! Entry");
    

    
    WPP_CLEANUP(WdfDriverWdmGetDriverObject((WDFDRIVER)DriverObject));
    
}





    kmdf







    share|improve this question


























      up vote
      0
      down vote

      favorite









      up vote
      0
      down vote

      favorite











      Hello and my problem today is I was trying out a new/old method of writing memory with a system files(.sys) after watching Zer0Mem0ry's video on the subject. But I tried to copy but came with the error :



       Error C4013 'MmCopyVirtualMemory' undefined; assuming extern returning int


      Even after having done everything. So I was wondering if I had to define this function or importation would be enough. Any help would be amazing!
      My Code(driver.c)



      https://pastebin.com/AfBUGFCh



      Couldn't paste code for some reason.



      #include "driver.h"
      
#include <ntddk.h>
      
#include "driver.tmh"
      
#pragma comment(lib, "Ntoskrnl.lib")
      

      
#ifdef ALLOC_PRAGMA
      
#pragma alloc_text (INIT, DriverEntry)
      
#pragma alloc_text (PAGE, CallOfDutySysFileEvtDeviceAdd)
      
#pragma alloc_text (PAGE, CallOfDutySysFileEvtDriverContextCleanup)
      
#endif
      

      
NTSTATUS KeReadProcessMemory(PEPROCESS Process, PVOID SourceAddress, PVOID TargetAddress, SIZE_T Size)
      
{
      
    PEPROCESS SourceProcess = Process;
      
    PEPROCESS TargetProcess = PsGetCurrentProcess();
      
    SIZE_T Result;
      
    if (NT_SUCCESS(MmCopyVirtualMemory(SourceProcess, SourceAddress, TargetProcess, TargetAddress, Size, KernelMode, &Result)))
      
        return STATUS_SUCCESS;
      
    else
      
        return STATUS_ACCESS_DENIED;
      
}
      
NTSTATUS KeWriteProcessMemory(PEPROCESS Process, PVOID SourceAddress, PVOID TargetAddress, SIZE_T Size)
      
{
      
    PEPROCESS SourceProcess = PsGetCurrentProcess();
      
    PEPROCESS TargetProcess = Process;
      
    SIZE_T Result;
      

      
    if (NT_SUCCESS(MmCopyVirtualMemory(SourceProcess, SourceAddress, TargetProcess, TargetAddress, Size, KernelMode, &Result)))
      
        return STATUS_SUCCESS;
      
    else
      
        return STATUS_ACCESS_DENIED;
      

      
}
      

      
NTSTATUS
      
DriverEntry(_In_ PDRIVER_OBJECT  DriverObject, _In_ PUNICODE_STRING RegistryPath)
      
{
      
    WDF_DRIVER_CONFIG config;
      
    NTSTATUS status;
      
    WDF_OBJECT_ATTRIBUTES attributes;
      
    WPP_INIT_TRACING(DriverObject, RegistryPath);
      
    TraceEvents(TRACE_LEVEL_INFORMATION, TRACE_DRIVER, "%!FUNC! Entry");
      
    WDF_OBJECT_ATTRIBUTES_INIT(&attributes);
      
    attributes.EvtCleanupCallback = CallOfDutySysFileEvtDriverContextCleanup;
      

      
    WDF_DRIVER_CONFIG_INIT(&config,
      
                           CallOfDutySysFileEvtDeviceAdd
      
                           );
      

      
    status = WdfDriverCreate(DriverObject,
      
                             RegistryPath,
      
                             &attributes,
      
                             &config,
      
                             WDF_NO_HANDLE
      
                             );
      

      
    if (!NT_SUCCESS(status)) {
      
        TraceEvents(TRACE_LEVEL_ERROR, TRACE_DRIVER, "WdfDriverCreate failed %!STATUS!", status);
      
        WPP_CLEANUP(DriverObject);
      
        return status;
      
    }
      

      
    TraceEvents(TRACE_LEVEL_INFORMATION, TRACE_DRIVER, "%!FUNC! Exit");
      

      

      

      
    return status;
      
}
      

      
NTSTATUS
      
CallOfDutySysFileEvtDeviceAdd(
      
    _In_    WDFDRIVER       Driver,
      
    _Inout_ PWDFDEVICE_INIT DeviceInit
      
    )
      
{
      
    NTSTATUS status;
      

      
    UNREFERENCED_PARAMETER(Driver);
      

      
    PAGED_CODE();
      

      
    TraceEvents(TRACE_LEVEL_INFORMATION, TRACE_DRIVER, "%!FUNC! Entry");
      

      
    status = CallOfDutySysFileCreateDevice(DeviceInit);
      

      
    TraceEvents(TRACE_LEVEL_INFORMATION, TRACE_DRIVER, "%!FUNC! Exit");
      

      
    return status;
      
}
      

      
VOID
      
CallOfDutySysFileEvtDriverContextCleanup(
      
    _In_ WDFOBJECT DriverObject
      
    )
      
{
      
    UNREFERENCED_PARAMETER(DriverObject);
      

      
    PAGED_CODE();
      

      
    TraceEvents(TRACE_LEVEL_INFORMATION, TRACE_DRIVER, "%!FUNC! Entry");
      

      
    WPP_CLEANUP(WdfDriverWdmGetDriverObject((WDFDRIVER)DriverObject));
      
}





      kmdf







      share|improve this question















      Hello and my problem today is I was trying out a new/old method of writing memory with a system files(.sys) after watching Zer0Mem0ry's video on the subject. But I tried to copy but came with the error :



       Error C4013 'MmCopyVirtualMemory' undefined; assuming extern returning int


      Even after having done everything. So I was wondering if I had to define this function or importation would be enough. Any help would be amazing!
      My Code(driver.c)



      https://pastebin.com/AfBUGFCh



      Couldn't paste code for some reason.



      #include "driver.h"
      
#include <ntddk.h>
      
#include "driver.tmh"
      
#pragma comment(lib, "Ntoskrnl.lib")
      

      
#ifdef ALLOC_PRAGMA
      
#pragma alloc_text (INIT, DriverEntry)
      
#pragma alloc_text (PAGE, CallOfDutySysFileEvtDeviceAdd)
      
#pragma alloc_text (PAGE, CallOfDutySysFileEvtDriverContextCleanup)
      
#endif
      

      
NTSTATUS KeReadProcessMemory(PEPROCESS Process, PVOID SourceAddress, PVOID TargetAddress, SIZE_T Size)
      
{
      
    PEPROCESS SourceProcess = Process;
      
    PEPROCESS TargetProcess = PsGetCurrentProcess();
      
    SIZE_T Result;
      
    if (NT_SUCCESS(MmCopyVirtualMemory(SourceProcess, SourceAddress, TargetProcess, TargetAddress, Size, KernelMode, &Result)))
      
        return STATUS_SUCCESS;
      
    else
      
        return STATUS_ACCESS_DENIED;
      
}
      
NTSTATUS KeWriteProcessMemory(PEPROCESS Process, PVOID SourceAddress, PVOID TargetAddress, SIZE_T Size)
      
{
      
    PEPROCESS SourceProcess = PsGetCurrentProcess();
      
    PEPROCESS TargetProcess = Process;
      
    SIZE_T Result;
      

      
    if (NT_SUCCESS(MmCopyVirtualMemory(SourceProcess, SourceAddress, TargetProcess, TargetAddress, Size, KernelMode, &Result)))
      
        return STATUS_SUCCESS;
      
    else
      
        return STATUS_ACCESS_DENIED;
      

      
}
      

      
NTSTATUS
      
DriverEntry(_In_ PDRIVER_OBJECT  DriverObject, _In_ PUNICODE_STRING RegistryPath)
      
{
      
    WDF_DRIVER_CONFIG config;
      
    NTSTATUS status;
      
    WDF_OBJECT_ATTRIBUTES attributes;
      
    WPP_INIT_TRACING(DriverObject, RegistryPath);
      
    TraceEvents(TRACE_LEVEL_INFORMATION, TRACE_DRIVER, "%!FUNC! Entry");
      
    WDF_OBJECT_ATTRIBUTES_INIT(&attributes);
      
    attributes.EvtCleanupCallback = CallOfDutySysFileEvtDriverContextCleanup;
      

      
    WDF_DRIVER_CONFIG_INIT(&config,
      
                           CallOfDutySysFileEvtDeviceAdd
      
                           );
      

      
    status = WdfDriverCreate(DriverObject,
      
                             RegistryPath,
      
                             &attributes,
      
                             &config,
      
                             WDF_NO_HANDLE
      
                             );
      

      
    if (!NT_SUCCESS(status)) {
      
        TraceEvents(TRACE_LEVEL_ERROR, TRACE_DRIVER, "WdfDriverCreate failed %!STATUS!", status);
      
        WPP_CLEANUP(DriverObject);
      
        return status;
      
    }
      

      
    TraceEvents(TRACE_LEVEL_INFORMATION, TRACE_DRIVER, "%!FUNC! Exit");
      

      

      

      
    return status;
      
}
      

      
NTSTATUS
      
CallOfDutySysFileEvtDeviceAdd(
      
    _In_    WDFDRIVER       Driver,
      
    _Inout_ PWDFDEVICE_INIT DeviceInit
      
    )
      
{
      
    NTSTATUS status;
      

      
    UNREFERENCED_PARAMETER(Driver);
      

      
    PAGED_CODE();
      

      
    TraceEvents(TRACE_LEVEL_INFORMATION, TRACE_DRIVER, "%!FUNC! Entry");
      

      
    status = CallOfDutySysFileCreateDevice(DeviceInit);
      

      
    TraceEvents(TRACE_LEVEL_INFORMATION, TRACE_DRIVER, "%!FUNC! Exit");
      

      
    return status;
      
}
      

      
VOID
      
CallOfDutySysFileEvtDriverContextCleanup(
      
    _In_ WDFOBJECT DriverObject
      
    )
      
{
      
    UNREFERENCED_PARAMETER(DriverObject);
      

      
    PAGED_CODE();
      

      
    TraceEvents(TRACE_LEVEL_INFORMATION, TRACE_DRIVER, "%!FUNC! Entry");
      

      
    WPP_CLEANUP(WdfDriverWdmGetDriverObject((WDFDRIVER)DriverObject));
      
}





      kmdf




      kmdf






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited yesterday









      Rick Smith

      9861314




      9861314










      asked Oct 15 at 12:44









      Asbj1477

      62




      62





























          active

          oldest

          votes











          Your Answer






          StackExchange.ifUsing("editor", function () {
          StackExchange.using("externalEditor", function () {
          StackExchange.using("snippets", function () {
          StackExchange.snippets.init();
          });
          });
          }, "code-snippets");

          StackExchange.ready(function() {
          var channelOptions = {
          tags: "".split(" "),
          id: "1"
          };
          initTagRenderer("".split(" "), "".split(" "), channelOptions);

          StackExchange.using("externalEditor", function() {
          // Have to fire editor after snippets, if snippets enabled
          if (StackExchange.settings.snippets.snippetsEnabled) {
          StackExchange.using("snippets", function() {
          createEditor();
          });
          }
          else {
          createEditor();
          }
          });

          function createEditor() {
          StackExchange.prepareEditor({
          heartbeatType: 'answer',
          convertImagesToLinks: true,
          noModals: true,
          showLowRepImageUploadWarning: true,
          reputationToPostImages: 10,
          bindNavPrevention: true,
          postfix: "",
          imageUploader: {
          brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
          contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
          allowUrls: true
          },
          onDemand: true,
          discardSelector: ".discard-answer"
          ,immediatelyShowMarkdownHelp:true
          });


          }
          });














           

          draft saved


          draft discarded


















          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f52817091%2fkmdf-mmcopyvirtualmemory-undefined%23new-answer', 'question_page');
          }
          );

          Post as a guest























          active

          oldest

          votes













          active

          oldest

          votes









          active

          oldest

          votes






          active

          oldest

          votes
















           

          draft saved


          draft discarded



















































           


          draft saved


          draft discarded














          StackExchange.ready(
          function () {
          StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fstackoverflow.com%2fquestions%2f52817091%2fkmdf-mmcopyvirtualmemory-undefined%23new-answer', 'question_page');
          }
          );

          Post as a guest






































































          -

          Popular posts from this blog

          The Sandy Post

          Image
          The Sandy Post From Wikipedia, the free encyclopedia Jump to navigation Jump to search The Sandy Post Type Weekly Newspaper Format Tabloid Owner(s) Community Newspapers/Pamplin Media Group Publisher J. Mark Garber Editor Steve Brown Founded 1937  ( 1937 ) Headquarters Sandy, Oregon Circulation 3,800 Website www.pamplinmedia.com/sandy-post-home/ This article needs additional citations for verification . Please help improve this article by adding citations to reliable sources. Unsourced material may be challenged and removed. (February 2010) (Learn how and when to remove this template message) The Sandy Post is a weekly newspaper, published in Sandy, Oregon, United States. The paper, founded in 1937, serves the communities of Sandy, Boring, the Villages at Mount Hood and the surrounding areas. The newspaper is owned by Community Newspapers/Pamplin Media Group, a company of ...
          Read more

          Danny Elfman

          Image
          Danny Elfman From Wikipedia, the free encyclopedia Jump to navigation Jump to search Danny Elfman Elfman at the 2010 San Diego Comic-Con Born Daniel Robert Elfman ( 1953-05-29 ) May 29, 1953 (age 65) Los Angeles, California, U.S. Spouse(s) Bridget Fonda ( m.  2003) Children 1 Musical career Genres Rock [1] ska [2] new wave film music video game music Occupation(s) Composer, singer, songwriter, record producer Instruments Trombone guitar percussion vocals keyboards [3] Years active 1972–present Associated acts Oingo Boingo James Newton Howard Daniel Robert Elfman (born May 29, 1953) is an American composer, singer, songwriter, and record producer. Elfman first became known for being the lead singer and songwriter for the band Oingo Boingo from 1974 to 1995. He is well known for scoring films and television shows, particularly his frequent collabora...
          Read more

          Pages that link to "Head v. Amoskeag Manufacturing Co."

          Image
          Help Pages that link to "Head v. Amoskeag Manufacturing Co." ← Head v. Amoskeag Manufacturing Co. Jump to navigation Jump to search What links here Page:   Namespace:  all (Article) Talk User User talk Wikipedia Wikipedia talk File File talk MediaWiki MediaWiki talk Template Template talk Help Help talk Category Category talk Portal Portal talk Book Book talk Draft Draft talk TimedText TimedText talk Module Module talk Gadget Gadget talk Gadget definition Gadget definition talk   Invert selection Filters Hide transclusions | Hide links | Hide redirects The following pages link to Head v. Amoskeag Manufacturing Co. External tools: Show redirects only View (previous 50 | next 50) (20 | 50 | 100 | 250 | 500) Amoskeag Manufacturing Company ‎ (links | edit) List of United States Supreme Court cases by the Waite Court ‎ (links | edit) Talk:Head v. Amoskeag Manuf...
          Read more