From a8eb0d637c8828b96efbbf13030660c59d5a8270 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jo=C3=A3o?= <joaovictorti08@gmail.com>
Date: Fri, 26 Jul 2024 22:11:09 -0300
Subject: [PATCH] Adding the ZwProtectVirtualMemory type

---
 driver/src/includes/mod.rs | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/driver/src/includes/mod.rs b/driver/src/includes/mod.rs
index a749250..c17b742 100644
--- a/driver/src/includes/mod.rs
+++ b/driver/src/includes/mod.rs
@@ -7,7 +7,7 @@ use {
     wdk_sys::{
         ACCESS_MASK, KIRQL, KPROCESSOR_MODE, NTSTATUS, PACCESS_STATE, PCUNICODE_STRING, 
         PEPROCESS, PKIRQL, POBJECT_ATTRIBUTES, POBJECT_TYPE, PPEB, PSIZE_T, PUNICODE_STRING, 
-        PVOID, SIZE_T, _DRIVER_OBJECT, HANDLE, PHANDLE
+        PVOID, SIZE_T, _DRIVER_OBJECT, HANDLE, PHANDLE, ULONG, PULONG
     }, 
     winapi::ctypes::c_void
 };
@@ -46,6 +46,14 @@ pub type ZwCreateThreadExType = unsafe extern "system" fn (
     AttributeList: PPS_ATTRIBUTE_LIST
 ) -> NTSTATUS;
 
+pub type ZwProtectVirtualMemoryType = unsafe extern "system" fn (
+    ProcessHandle: HANDLE,
+    BaseAddress: *mut PVOID,
+    RegionSize: PSIZE_T,
+    NewProtect: ULONG,
+    OldProtect: PULONG
+) -> NTSTATUS;
+
 #[repr(C)]
 #[derive(Debug, Clone, Copy)]
 pub struct SystemModule {