diff --git a/plugins/template/src/lib/TemplateCode.cpp b/plugins/template/src/lib/TemplateCode.cpp index b3cb9fa2..c877eb17 100755 --- a/plugins/template/src/lib/TemplateCode.cpp +++ b/plugins/template/src/lib/TemplateCode.cpp @@ -22,10 +22,10 @@ namespace Template // available events. void TemplateCode::doStuffWithProcessStart(std::shared_ptr processInformation) { - auto dtbContent = lowLevelIntrospectionApi->read64PA(processInformation->processCR3); + auto dtbContent = lowLevelIntrospectionApi->read64PA(processInformation->processUserDtb); // Example for structured logging calls logger->info("Process start triggered.", - {{"processDtb", processInformation->processCR3}, + {{"processDtb", processInformation->processUserDtb}, {"processId", processInformation->pid}, {"dtbContent", dtbContent}}); } diff --git a/plugins/template/test/TemplateCode_unittest.cpp b/plugins/template/test/TemplateCode_unittest.cpp index 2efc1ab1..7208d9cf 100755 --- a/plugins/template/test/TemplateCode_unittest.cpp +++ b/plugins/template/test/TemplateCode_unittest.cpp @@ -19,7 +19,7 @@ namespace Template // Test setup uint64_t processDtb = 0x1337; auto processInformation = - std::make_shared(ActiveProcessInformation{.processCR3 = processDtb}); + std::make_shared(ActiveProcessInformation{.processUserDtb = processDtb}); std::shared_ptr introspectionApi = std::make_shared(); std::unique_ptr> pluginInterface = std::make_unique>();