CR3 Update

[lishaoju]

PVMMDLL_MAP_MODULEENTRY module_entry{};
if (!VMMDLL_Map_GetModuleFromNameU(vHandle, Current_Process.Pid, const_cast(Current_Process.Name.c_str()), &module_entry, NULL)) {
if (VMMDLL_InitializePlugins(vHandle)) {
sleep_for(milliseconds(500));
while (true) {
BYTE bytes[4] = { 0 };
DWORD i = 0;
if (VMMDLL_VfsReadW(vHandle, E(L"\misc\procinfo\progress_percent.txt"), bytes, 3, &i, 0) == VMMDLL_STATUS_SUCCESS && atoi(reinterpret_cast(bytes)) == 100) {
break;
}
sleep_for(milliseconds(100));
}
VMMDLL_VFS_FILELIST2 VfsFileList{};
VfsFileList.dwVersion = VMMDLL_VFS_FILELIST_VERSION;
VfsFileList.h = 0;
VfsFileList.pfnAddDirectory = 0;
VfsFileList.pfnAddFile = cbAddFile;
if (VMMDLL_VfsListW(vHandle, E(L"\misc\procinfo\"), &VfsFileList)) {
const size_t buffer_size = cbSize;
unique_ptr<BYTE[]> bytes(new BYTE[buffer_size]);
DWORD j = 0;
if (VMMDLL_VfsReadW(vHandle, E(L"\misc\procinfo\dtb.txt"), bytes.get(), buffer_size - 1, &j, 0) == VMMDLL_STATUS_SUCCESS) {
vector<uint64_t> possible_dtbs = { };
string lines(reinterpret_cast<char*>(bytes.get()));
istringstream iss(lines);
string line = "";
while (getline(iss, line)) {
Info info = { };
istringstream info_ss(line);
if (info_ss >> hex >> info.index >> dec >> info.process_id >> hex >> info.dtb >> info.kernelAddr >> info.name) {
if (info.process_id == 0) {
possible_dtbs.push_back(info.dtb);
}
if (Current_Process.Name.find(info.name) != string::npos) {
possible_dtbs.push_back(info.dtb);
}
}
}
for (size_t i = 0; i < possible_dtbs.size(); i++) {
if (VMMDLL_ConfigSet(vHandle, VMMDLL_OPT_PROCESS_DTB | Current_Process.Pid, possible_dtbs[i])) {
if (VMMDLL_Map_GetModuleFromNameU(vHandle, Current_Process.Pid, const_cast(Current_Process.Name.c_str()), &module_entry, NULL)) {
return true;
}
}
}
}
}
}
return false;
}
return true;

CR3 was updated last night. Please tell me how I should update my current CR3

[Metick]

It didn't get updated last night. Still works fine.

If you're talking about Rust, they just keep changing the CR3 non stop now. I will not be providing a fix for that

[lishaoju]

昨晚没有更新。仍然工作正常。

如果你在谈论 Rust，他们现在只是不停地改变 CR3。我不会提供解决方法

Thank you for your reply. Does this mean that the current state of RUST can be retrieved, but it is changing in real-time?

[Metick]

昨晚没有更新。仍然工作正常。
如果你在谈论 Rust，他们现在只是不停地改变 CR3。我不会提供解决方法

Thank you for your reply. Does this mean that the current state of RUST can be retrieved, but it is changing in real-time?

Yea. if you want it to work again you will have to spam fixCR3() every tick basicly, but DMA doesn't update the DTB list that often so you gotto figure out something for that so it updates it every tick aswell so you can actually patch cr3 when eac changes it again

[zijingsh]

memprocfs does not provide refresh dtb, nor do we get real-time dtb commands, we have to find a way to solve it

[lishaoju]

memprocfs does not provide refresh dtb, nor do we get real-time dtb commands, we have to find a way to solve it

I really want to know how I should update this DTB

[lishaoju]

Yea. if you want it to work again you will have to spam fixCR3() every tick basicly, but DMA doesn't update the DTB list that often so you gotto figure out something for that so it updates it every tick aswell so you can actually patch cr3 when eac changes it again

Could you tell me how to make DMA update the DTB list in real-time? I've spent several hours reading the source code but couldn't find where the DMA updates the DTB list

[Metick]

this is something for you to figure out yourself.