Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

1
.code
2

3
; Reference: https://j00ru.vexillium.org/syscalls/nt/64/
4

5
; Windows 7 SP1 / Server 2008 R2 specific syscalls
6

7
ZwProtectVirtualMemory7SP1 proc
8
		mov r10, rcx
9
		mov eax, 4Dh
10
		syscall
11
		ret
12
ZwProtectVirtualMemory7SP1 endp
13

14
ZwWriteVirtualMemory7SP1 proc
15
		mov r10, rcx
16
		mov eax, 37h
17
		syscall
18
		ret
19
ZwWriteVirtualMemory7SP1 endp
20

21
ZwReadVirtualMemory7SP1 proc
22
		mov r10, rcx
23
		mov eax, 3Ch
24
		syscall
25
		ret
26
ZwReadVirtualMemory7SP1 endp
27

28
; Windows 8 / Server 2012 specific syscalls
29

30
ZwProtectVirtualMemory80 proc
31
		mov r10, rcx
32
		mov eax, 4Eh
33
		syscall
34
		ret
35
ZwProtectVirtualMemory80 endp
36

37
ZwWriteVirtualMemory80 proc
38
		mov r10, rcx
39
		mov eax, 38h
40
		syscall
41
		ret
42
ZwWriteVirtualMemory80 endp
43

44
ZwReadVirtualMemory80 proc
45
		mov r10, rcx
46
		mov eax, 3Dh
47
		syscall
48
		ret
49
ZwReadVirtualMemory80 endp
50

51
; Windows 8.1 / Server 2012 R2 specific syscalls
52

53
ZwProtectVirtualMemory81 proc
54
		mov r10, rcx
55
		mov eax, 4Fh
56
		syscall
57
		ret
58
ZwProtectVirtualMemory81 endp
59

60
ZwWriteVirtualMemory81 proc
61
		mov r10, rcx
62
		mov eax, 39h
63
		syscall
64
		ret
65
ZwWriteVirtualMemory81 endp
66

67
ZwReadVirtualMemory81 proc
68
		mov r10, rcx
69
		mov eax, 3Eh
70
		syscall
71
		ret
72
ZwReadVirtualMemory81 endp
73

74
; Windows 10 / Server 2016 specific syscalls
75
 
76
ZwProtectVirtualMemory10 proc
77
		mov r10, rcx
78
		mov eax, 50h
79
		syscall
80
		ret
81
ZwProtectVirtualMemory10 endp
82

83
ZwWriteVirtualMemory10 proc
84
		mov r10, rcx
85
		mov eax, 3Ah
86
		syscall
87
		ret
88
ZwWriteVirtualMemory10 endp
89

90
ZwReadVirtualMemory10 proc
91
		mov r10, rcx
92
		mov eax, 3Fh
93
		syscall
94
		ret
95
ZwReadVirtualMemory10 endp
96

97
end
98