bb107
diff --git a/‎.gitignore‎
Lines changed: 2 additions & 1 deletion b/‎.gitignore‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎MemoryModule/Loader.cpp‎
Lines changed: 10 additions & 0 deletions b/‎MemoryModule/Loader.cpp‎
Lines changed: 10 additions & 0 deletions
diff --git a/‎MemoryModule/Loader.h‎
Lines changed: 0 additions & 10 deletions b/‎MemoryModule/Loader.h‎
Lines changed: 0 additions & 10 deletions
diff --git a/‎MemoryModule/MemoryModule.cpp‎
Lines changed: 5 additions & 1 deletion b/‎MemoryModule/MemoryModule.cpp‎
Lines changed: 5 additions & 1 deletion
diff --git a/‎MemoryModule/MemoryModule.vcxproj‎
Lines changed: 322 additions & 0 deletions b/‎MemoryModule/MemoryModule.vcxproj‎
Lines changed: 322 additions & 0 deletions
diff --git a/‎MemoryModule/MmpGlobalData.h‎
Lines changed: 1 addition & 1 deletion b/‎MemoryModule/MmpGlobalData.h‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎MemoryModule/MmpTls.cpp‎
Lines changed: 2 additions & 2 deletions b/‎MemoryModule/MmpTls.cpp‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎MemoryModule/ReflectiveLoader.c‎
Lines changed: 1 addition & 1 deletion b/‎MemoryModule/ReflectiveLoader.c‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎MemoryModulePP.sln‎
Lines changed: 30 additions & 2 deletions b/‎MemoryModulePP.sln‎
Lines changed: 30 additions & 2 deletions
@@ -338,4 +338,5 @@ ASALocalRun/
 
 # BeatPulse healthcheck temp database
 healthchecksdb
-/test/a.dll
+/test/a.dll
+/MemoryModule/DebugDll
@@ -1,6 +1,16 @@
 #include "stdafx.h"
 #include <cmath>
 
+#ifdef _USRDLL
+#if (defined(_WIN64) || defined(_M_ARM))
+#pragma comment(linker,"/export:LdrUnloadDllMemoryAndExitThread")
+#pragma comment(linker,"/export:FreeLibraryMemoryAndExitThread=LdrUnloadDllMemoryAndExitThread")
+#else
+#pragma comment(linker,"/export:LdrUnloadDllMemoryAndExitThread=_LdrUnloadDllMemoryAndExitThread@8")
+#pragma comment(linker,"/export:FreeLibraryMemoryAndExitThread=_LdrUnloadDllMemoryAndExitThread@8")
+#endif
+#endif
+
 NTSTATUS NTAPI LdrMapDllMemory(
 	_In_ HMEMORYMODULE ViewBase,
 	_In_ DWORD dwFlags,
 
@@ -61,16 +61,6 @@ NTSTATUS NTAPI LdrLoadDllMemoryExW(
 //Unload modules previously loaded from memory
 NTSTATUS NTAPI LdrUnloadDllMemory(_In_ HMEMORYMODULE BaseAddress);
 
-#if (!defined(_USRDLL) && defined(_MEMORY_MODULE))
-#ifdef _WIN64
-#pragma comment(linker,"/export:LdrUnloadDllMemoryAndExitThread")
-#pragma comment(linker,"/export:FreeLibraryMemoryAndExitThread=LdrUnloadDllMemoryAndExitThread")
-#else
-#pragma comment(linker,"/export:LdrUnloadDllMemoryAndExitThread=_LdrUnloadDllMemoryAndExitThread@8")
-#pragma comment(linker,"/export:FreeLibraryMemoryAndExitThread=_LdrUnloadDllMemoryAndExitThread@8")
-#endif
-#endif
-
 extern "C" {
 	__declspec(noreturn) VOID NTAPI LdrUnloadDllMemoryAndExitThread(
 		_In_ HMEMORYMODULE BaseAddress,
 
@@ -1,6 +1,10 @@
 #include "stdafx.h"
 
-#ifdef _WIN64
+#if defined(_M_ARM64)
+#define HOST_MACHINE IMAGE_FILE_MACHINE_ARM64
+#elif defined(_M_ARM)
+#define HOST_MACHINE IMAGE_FILE_MACHINE_ARM
+#elif defined(_WIN64)
 #define HOST_MACHINE IMAGE_FILE_MACHINE_AMD64
 #else
 #define HOST_MACHINE IMAGE_FILE_MACHINE_I386
 
@@ -100,7 +100,7 @@ typedef enum class _WINDOWS_VERSION :BYTE {
 #define MEMORY_MODULE_GET_MINOR_VERSION(MinorVersion) (~0x8000&(MinorVersion))
 
 #define MEMORY_MODULE_MAJOR_VERSION 2
-#define MEMORY_MODULE_MINOR_VERSION 0
+#define MEMORY_MODULE_MINOR_VERSION MEMORY_MODULE_MAKE_PREVIEW(1)
 
 typedef struct _MMP_GLOBAL_DATA {
 
 
@@ -231,7 +231,7 @@ DWORD NTAPI MmpUserThreadStart(LPVOID lpThreadParameter) {
     return Context.ThreadStartRoutine(Context.ThreadParameter);
 }
 
-#ifdef _WIN64
+#if (defined(_WIN64) || defined(_M_ARM))
 VOID NTAPI HookRtlUserThreadStart(
     _In_ PTHREAD_START_ROUTINE Function,
     _In_ PVOID Parameter) {
@@ -256,7 +256,7 @@ HookRtlUserThreadStart(
 
         // Context.ThreadParameter = Parameter;
         mov dword ptr ds : [esp + 4] , ebx;
-        
+
         mov eax, MmpUserThreadStart;
         mov ebx, esp;
 
 
@@ -1,4 +1,4 @@
-#ifdef _USRDLL
+#if !(defined(_M_ARM) || defined(_M_ARM64) || defined(_USRDLL))
 
 //===============================================================================================//
 // Copyright (c) 2012, Stephen Fewer of Harmony Security (www.harmonysecurity.com)
 
@@ -1,7 +1,7 @@
 
 Microsoft Visual Studio Solution File, Format Version 12.00
-# Visual Studio Version 16
-VisualStudioVersion = 16.0.29709.97
+# Visual Studio Version 17
+VisualStudioVersion = 17.7.34202.233
 MinimumVisualStudioVersion = 10.0.40219.1
 Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "MemoryModule", "MemoryModule\MemoryModule.vcxproj", "{5B1F46DB-036E-4A50-AF5F-F5D6584D42C6}"
 EndProject
@@ -11,34 +11,62 @@ Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "a", "a\a.vcxproj", "{DA79C6
 EndProject
 Global
 	GlobalSection(SolutionConfigurationPlatforms) = preSolution
+		Debug|ARM = Debug|ARM
+		Debug|ARM64 = Debug|ARM64
 		Debug|x64 = Debug|x64
 		Debug|x86 = Debug|x86
+		Release|ARM = Release|ARM
+		Release|ARM64 = Release|ARM64
 		Release|x64 = Release|x64
 		Release|x86 = Release|x86
 	EndGlobalSection
 	GlobalSection(ProjectConfigurationPlatforms) = postSolution
+		{5B1F46DB-036E-4A50-AF5F-F5D6584D42C6}.Debug|ARM.ActiveCfg = Debug|ARM
+		{5B1F46DB-036E-4A50-AF5F-F5D6584D42C6}.Debug|ARM.Build.0 = Debug|ARM
+		{5B1F46DB-036E-4A50-AF5F-F5D6584D42C6}.Debug|ARM64.ActiveCfg = Debug|ARM64
+		{5B1F46DB-036E-4A50-AF5F-F5D6584D42C6}.Debug|ARM64.Build.0 = Debug|ARM64
 		{5B1F46DB-036E-4A50-AF5F-F5D6584D42C6}.Debug|x64.ActiveCfg = Debug|x64
 		{5B1F46DB-036E-4A50-AF5F-F5D6584D42C6}.Debug|x64.Build.0 = Debug|x64
 		{5B1F46DB-036E-4A50-AF5F-F5D6584D42C6}.Debug|x86.ActiveCfg = Debug|Win32
 		{5B1F46DB-036E-4A50-AF5F-F5D6584D42C6}.Debug|x86.Build.0 = Debug|Win32
+		{5B1F46DB-036E-4A50-AF5F-F5D6584D42C6}.Release|ARM.ActiveCfg = Release|ARM
+		{5B1F46DB-036E-4A50-AF5F-F5D6584D42C6}.Release|ARM.Build.0 = Release|ARM
+		{5B1F46DB-036E-4A50-AF5F-F5D6584D42C6}.Release|ARM64.ActiveCfg = Release|ARM64
+		{5B1F46DB-036E-4A50-AF5F-F5D6584D42C6}.Release|ARM64.Build.0 = Release|ARM64
 		{5B1F46DB-036E-4A50-AF5F-F5D6584D42C6}.Release|x64.ActiveCfg = Release|x64
 		{5B1F46DB-036E-4A50-AF5F-F5D6584D42C6}.Release|x64.Build.0 = Release|x64
 		{5B1F46DB-036E-4A50-AF5F-F5D6584D42C6}.Release|x86.ActiveCfg = Release|Win32
 		{5B1F46DB-036E-4A50-AF5F-F5D6584D42C6}.Release|x86.Build.0 = Release|Win32
+		{5B3131BA-178A-4A28-BD54-315A45C97ED1}.Debug|ARM.ActiveCfg = Debug|ARM
+		{5B3131BA-178A-4A28-BD54-315A45C97ED1}.Debug|ARM.Build.0 = Debug|ARM
+		{5B3131BA-178A-4A28-BD54-315A45C97ED1}.Debug|ARM64.ActiveCfg = Debug|ARM64
+		{5B3131BA-178A-4A28-BD54-315A45C97ED1}.Debug|ARM64.Build.0 = Debug|ARM64
 		{5B3131BA-178A-4A28-BD54-315A45C97ED1}.Debug|x64.ActiveCfg = Debug|x64
 		{5B3131BA-178A-4A28-BD54-315A45C97ED1}.Debug|x64.Build.0 = Debug|x64
 		{5B3131BA-178A-4A28-BD54-315A45C97ED1}.Debug|x64.Deploy.0 = Debug|x64
 		{5B3131BA-178A-4A28-BD54-315A45C97ED1}.Debug|x86.ActiveCfg = Debug|Win32
 		{5B3131BA-178A-4A28-BD54-315A45C97ED1}.Debug|x86.Build.0 = Debug|Win32
 		{5B3131BA-178A-4A28-BD54-315A45C97ED1}.Debug|x86.Deploy.0 = Debug|Win32
+		{5B3131BA-178A-4A28-BD54-315A45C97ED1}.Release|ARM.ActiveCfg = Release|ARM
+		{5B3131BA-178A-4A28-BD54-315A45C97ED1}.Release|ARM.Build.0 = Release|ARM
+		{5B3131BA-178A-4A28-BD54-315A45C97ED1}.Release|ARM64.ActiveCfg = Release|ARM64
+		{5B3131BA-178A-4A28-BD54-315A45C97ED1}.Release|ARM64.Build.0 = Release|ARM64
 		{5B3131BA-178A-4A28-BD54-315A45C97ED1}.Release|x64.ActiveCfg = Release|x64
 		{5B3131BA-178A-4A28-BD54-315A45C97ED1}.Release|x64.Build.0 = Release|x64
 		{5B3131BA-178A-4A28-BD54-315A45C97ED1}.Release|x86.ActiveCfg = Release|Win32
 		{5B3131BA-178A-4A28-BD54-315A45C97ED1}.Release|x86.Build.0 = Release|Win32
+		{DA79C619-BDAC-4CF1-A38C-B1F5E05F4485}.Debug|ARM.ActiveCfg = Debug|ARM
+		{DA79C619-BDAC-4CF1-A38C-B1F5E05F4485}.Debug|ARM.Build.0 = Debug|ARM
+		{DA79C619-BDAC-4CF1-A38C-B1F5E05F4485}.Debug|ARM64.ActiveCfg = Debug|ARM64
+		{DA79C619-BDAC-4CF1-A38C-B1F5E05F4485}.Debug|ARM64.Build.0 = Debug|ARM64
 		{DA79C619-BDAC-4CF1-A38C-B1F5E05F4485}.Debug|x64.ActiveCfg = Debug|x64
 		{DA79C619-BDAC-4CF1-A38C-B1F5E05F4485}.Debug|x64.Build.0 = Debug|x64
 		{DA79C619-BDAC-4CF1-A38C-B1F5E05F4485}.Debug|x86.ActiveCfg = Debug|Win32
 		{DA79C619-BDAC-4CF1-A38C-B1F5E05F4485}.Debug|x86.Build.0 = Debug|Win32
+		{DA79C619-BDAC-4CF1-A38C-B1F5E05F4485}.Release|ARM.ActiveCfg = Release|ARM
+		{DA79C619-BDAC-4CF1-A38C-B1F5E05F4485}.Release|ARM.Build.0 = Release|ARM
+		{DA79C619-BDAC-4CF1-A38C-B1F5E05F4485}.Release|ARM64.ActiveCfg = Release|ARM64
+		{DA79C619-BDAC-4CF1-A38C-B1F5E05F4485}.Release|ARM64.Build.0 = Release|ARM64
 		{DA79C619-BDAC-4CF1-A38C-B1F5E05F4485}.Release|x64.ActiveCfg = Release|x64
 		{DA79C619-BDAC-4CF1-A38C-B1F5E05F4485}.Release|x64.Build.0 = Release|x64
 		{DA79C619-BDAC-4CF1-A38C-B1F5E05F4485}.Release|x86.ActiveCfg = Release|Win32
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-#ifdef _USRDLL`
	`1`	`+#if !(defined(_M_ARM) \|\| defined(_M_ARM64) \|\| defined(_USRDLL))`
`2`	`2`
`3`	`3`	`//===============================================================================================//`
`4`	`4`	`// Copyright (c) 2012, Stephen Fewer of Harmony Security (www.harmonysecurity.com)`