[ViewVC] Log of: RomCheater/trunk/Win32/Sojaner.MemoryScanner

Revision 446 - Directory Listing - [select for diffs]
Modified Sun Jun 2 19:52:03 2013 UTC (10 years, 4 months ago) by william
Diff to previous 429

+ fix search cancel/reset

Revision 429 - Directory Listing - [select for diffs]
Modified Tue May 28 15:16:05 2013 UTC (10 years, 4 months ago) by william
Diff to previous 428

+ fix search so that the result count(s) match

Revision 428 - Directory Listing - [select for diffs]
Modified Tue May 28 13:32:28 2013 UTC (10 years, 4 months ago) by william
Diff to previous 427

+ fix memory scanner and memory providers to read and write process memory simulataneously without crashing due to null process handle
*** this has been done using ProcessMemoryChunk for all memory read/write operations
** we no longer need to open and close native handles to the process

Revision 427 - Directory Listing - [select for diffs]
Modified Tue May 28 12:39:42 2013 UTC (10 years, 4 months ago) by william
Diff to previous 425

only disable: #define LOGGING_ENABLE_PROFILER
in MemoryScanner.cs

Revision 425 - Directory Listing - [select for diffs]
Modified Tue May 28 12:33:14 2013 UTC (10 years, 4 months ago) by william
Diff to previous 424

Revision 424 - Directory Listing - [select for diffs]
Modified Tue May 28 12:03:10 2013 UTC (10 years, 4 months ago) by william
Diff to previous 423

revert r423
+  do not close provider - keep it open for shared access

Revision 423 - Directory Listing - [select for diffs]
Modified Tue May 28 11:58:22 2013 UTC (10 years, 4 months ago) by william
Diff to previous 419

+  do not close provider - keep it open for shared access

Revision 419 - Directory Listing - [select for diffs]
Modified Tue May 28 11:08:26 2013 UTC (10 years, 4 months ago) by william
Diff to previous 415

+ stop complaining about exception variables not being used:  changed from 'throw;' to 'throw ex;'
+ comment-out currently unsued variables:
 FloatingMemorySearcher.cs:
  static int col_Found_Frozen = 3;
  static int col_Added_Frozen = 3;
 MemoryScanner.cs:
  SafeWaitHandle m_hProcess;

Revision 415 - Directory Listing - [select for diffs]
Modified Fri Jun 22 08:33:51 2012 UTC (11 years, 3 months ago) by william
Diff to previous 414

Revision 414 - Directory Listing - [select for diffs]
Modified Fri Jun 22 08:21:18 2012 UTC (11 years, 3 months ago) by william
Diff to previous 411

Revision 411 - Directory Listing - [select for diffs]
Modified Thu Jun 21 21:07:34 2012 UTC (11 years, 3 months ago) by william
Diff to previous 409

Revision 409 - Directory Listing - [select for diffs]
Modified Thu Jun 21 20:02:40 2012 UTC (11 years, 3 months ago) by william
Diff to previous 408

Revision 408 - Directory Listing - [select for diffs]
Modified Thu Jun 21 18:10:21 2012 UTC (11 years, 3 months ago) by william
Diff to previous 404

Revision 404 - Directory Listing - [select for diffs]
Modified Thu Jun 21 12:51:57 2012 UTC (11 years, 3 months ago) by william
Diff to previous 399

Revision 399 - Directory Listing - [select for diffs]
Modified Wed Jun 20 13:24:49 2012 UTC (11 years, 3 months ago) by william
Diff to previous 398

Revision 398 - Directory Listing - [select for diffs]
Modified Wed Jun 20 12:16:34 2012 UTC (11 years, 3 months ago) by william
Diff to previous 393

MemmoryProvider: using statements

Revision 393 - Directory Listing - [select for diffs]
Modified Wed Jun 20 10:40:24 2012 UTC (11 years, 3 months ago) by william
Diff to previous 387

ReadMemoryAtOnce(): don't attempt to buffer the data

Revision 387 - Directory Listing - [select for diffs]
Modified Tue Jun 19 11:54:38 2012 UTC (11 years, 3 months ago) by william
Diff to previous 379

use Buffer.BlockCopy in ReadMemoryAtOnce

Revision 379 - Directory Listing - [select for diffs]
Modified Tue Jun 19 08:09:02 2012 UTC (11 years, 3 months ago) by william
Diff to previous 378

+ correctly read linker timedatestamp
// This field holds the number of seconds since December 31st, 1969, at 4:00 P.M.

Revision 378 - Directory Listing - [select for diffs]
Modified Tue Jun 19 07:56:36 2012 UTC (11 years, 3 months ago) by william
Diff to previous 377

use uint instead of int for memory addresses

Revision 377 - Directory Listing - [select for diffs]
Modified Sun Jun 10 07:55:18 2012 UTC (11 years, 3 months ago) by william
Diff to previous 370

Revision 370 - Directory Listing - [select for diffs]
Modified Sun Jun 10 05:40:24 2012 UTC (11 years, 3 months ago) by william
Diff to previous 366

+ add support to write ascii character when memory region cannot be read

Revision 366 - Directory Listing - [select for diffs]
Modified Sun Jun 10 03:14:42 2012 UTC (11 years, 3 months ago) by william
Diff to previous 361

Revision 361 - Directory Listing - [select for diffs]
Modified Sun Jun 10 01:33:21 2012 UTC (11 years, 3 months ago) by william
Diff to previous 359

Revision 359 - Directory Listing - [select for diffs]
Modified Sun Jun 10 01:09:58 2012 UTC (11 years, 3 months ago) by william
Diff to previous 358

Revision 358 - Directory Listing - [select for diffs]
Modified Sun Jun 10 01:09:09 2012 UTC (11 years, 3 months ago) by william
Diff to previous 357

Revision 357 - Directory Listing - [select for diffs]
Modified Sun Jun 10 00:47:58 2012 UTC (11 years, 3 months ago) by william
Diff to previous 354

Revision 354 - Directory Listing - [select for diffs]
Modified Sat Jun 9 21:46:37 2012 UTC (11 years, 3 months ago) by william
Diff to previous 352

Revision 352 - Directory Listing - [select for diffs]
Modified Sat Jun 9 21:11:02 2012 UTC (11 years, 3 months ago) by william
Diff to previous 351

Revision 351 - Directory Listing - [select for diffs]
Modified Sat Jun 9 20:52:19 2012 UTC (11 years, 3 months ago) by william
Diff to previous 350

Revision 350 - Directory Listing - [select for diffs]
Modified Sat Jun 9 20:07:18 2012 UTC (11 years, 3 months ago) by william
Diff to previous 348

+redeclaration

Revision 348 - Directory Listing - [select for diffs]
Modified Fri Jun 8 04:23:30 2012 UTC (11 years, 3 months ago) by william
Diff to previous 347

Revision 347 - Directory Listing - [select for diffs]
Modified Fri Jun 8 04:03:02 2012 UTC (11 years, 3 months ago) by william
Diff to previous 346

Revision 346 - Directory Listing - [select for diffs]
Modified Fri Jun 8 04:02:44 2012 UTC (11 years, 3 months ago) by william
Diff to previous 345

+ fix ReadMemory() methods

Revision 345 - Directory Listing - [select for diffs]
Modified Fri Jun 8 03:17:40 2012 UTC (11 years, 3 months ago) by william
Diff to previous 344

Revision 344 - Directory Listing - [select for diffs]
Modified Fri Jun 8 02:52:18 2012 UTC (11 years, 3 months ago) by william
Diff to previous 343

+ add section byte data

Revision 343 - Directory Listing - [select for diffs]
Modified Fri Jun 8 02:25:34 2012 UTC (11 years, 3 months ago) by william
Diff to previous 342

+ add DataSectionFlags

Revision 342 - Directory Listing - [select for diffs]
Modified Fri Jun 8 02:02:28 2012 UTC (11 years, 3 months ago) by william
Diff to previous 341

+ only add an image section if it's raw data size is not zero

Revision 341 - Directory Listing - [select for diffs]
Modified Fri Jun 8 01:59:32 2012 UTC (11 years, 3 months ago) by william
Diff to previous 340

- revert back to last working revision

Revision 340 - Directory Listing - [select for diffs]
Modified Fri Jun 8 01:12:08 2012 UTC (11 years, 3 months ago) by william
Diff to previous 339

+ wip for data direcory tables

Revision 339 - Directory Listing - [select for diffs]
Modified Fri Jun 8 00:20:39 2012 UTC (11 years, 3 months ago) by william
Diff to previous 337

Revision 337 - Directory Listing - [select for diffs]
Modified Thu Jun 7 23:48:29 2012 UTC (11 years, 3 months ago) by william
Diff to previous 336

Revision 336 - Directory Listing - [select for diffs]
Modified Thu Jun 7 21:47:14 2012 UTC (11 years, 3 months ago) by william
Diff to previous 324

Revision 324 - Directory Listing - [select for diffs]
Modified Thu Jun 7 17:42:57 2012 UTC (11 years, 3 months ago) by william
Diff to previous 323

PEData add Is32bitAssembly()

Revision 323 - Directory Listing - [select for diffs]
Modified Thu Jun 7 16:33:41 2012 UTC (11 years, 3 months ago) by william
Diff to previous 322

+ add event for being able to subscribe to PEReader updates

Revision 322 - Directory Listing - [select for diffs]
Modified Tue Jun 5 23:20:12 2012 UTC (11 years, 3 months ago) by william
Diff to previous 321

Revision 321 - Directory Listing - [select for diffs]
Modified Tue Jun 5 23:12:53 2012 UTC (11 years, 3 months ago) by william
Diff to previous 320

GetDateTimeFromDosDateTime iYear = 1970 (not 1980)

Revision 320 - Directory Listing - [select for diffs]
Modified Tue Jun 5 19:18:20 2012 UTC (11 years, 3 months ago) by william
Diff to previous 319

+ add rest of properties to currently present structures for property grid support

Revision 319 - Directory Listing - [select for diffs]
Modified Tue Jun 5 18:39:06 2012 UTC (11 years, 3 months ago) by william
Diff to previous 318

+ more property grid implementation work

Revision 318 - Directory Listing - [select for diffs]
Modified Tue Jun 5 17:57:37 2012 UTC (11 years, 3 months ago) by william
Diff to previous 299

+ add support for displaying PE Struct data into property grid (read-only)

Revision 299 - Directory Listing - [select for diffs]
Modified Tue Jun 5 11:36:17 2012 UTC (11 years, 3 months ago) by william
Diff to previous 294

+ add internal logging override (so it can be turned on/off for performance reasons)

Revision 294 - Directory Listing - [select for diffs]
Modified Tue Jun 5 10:48:07 2012 UTC (11 years, 3 months ago) by william
Diff to previous 293

+ setup logging format

Revision 293 - Directory Listing - [select for diffs]
Modified Tue Jun 5 10:27:16 2012 UTC (11 years, 3 months ago) by william
Diff to previous 290

fix format of IMAGE_NT_HEADERS

Revision 290 - Directory Listing - [select for diffs]
Modified Tue Jun 5 09:30:32 2012 UTC (11 years, 3 months ago) by william
Diff to previous 286

+ IMAGE_NT_HEADERS->IMAGE_FILE_HEADER set FieldOffset to 8 to not overlapp Signature
+ add exception handling that will bubble up from the using statement

Revision 286 - Directory Listing - [select for diffs]
Modified Tue Jun 5 02:19:13 2012 UTC (11 years, 3 months ago) by william
Diff to previous 284

+ more wip

Revision 284 - Directory Listing - [select for diffs]
Modified Tue Jun 5 01:50:38 2012 UTC (11 years, 3 months ago) by william
Diff to previous 283

use SafeWaitHandle in when closing process handle

Revision 283 - Directory Listing - [select for diffs]
Modified Tue Jun 5 01:50:13 2012 UTC (11 years, 3 months ago) by william
Diff to previous 273

set provider null after close to free memory

Revision 273 - Directory Listing - [select for diffs]
Modified Sun Jun 3 21:26:28 2012 UTC (11 years, 4 months ago) by william
Diff to previous 258

ReadProcessMemory(): make sure to set byte array capacity :: data = new byte[bytesToRead];

Revision 258 - Directory Listing - [select for diffs]
Modified Sun Jun 3 17:26:59 2012 UTC (11 years, 4 months ago) by william
Diff to previous 257

Revision 257 - Directory Listing - [select for diffs]
Modified Sun Jun 3 16:51:35 2012 UTC (11 years, 4 months ago) by william
Diff to previous 255

set internal access specifier on ProcessMemoryReader class (must use memory provider classes)

Revision 255 - Directory Listing - [select for diffs]
Modified Sun Jun 3 16:45:47 2012 UTC (11 years, 4 months ago) by william
Diff to previous 254

remove code to use MemoryScanner from r204 (I think we fixed the error in the last commit)

Revision 254 - Directory Listing - [select for diffs]
Modified Sun Jun 3 16:44:42 2012 UTC (11 years, 4 months ago) by william
Diff to previous 253

ReadProcessMemory(): byte[] buffer = new byte[] { }; ==> byte[] buffer = new byte[bytesToRead]; (the lack of capacity was causing errors to be thrown)

Revision 253 - Directory Listing - [select for diffs]
Modified Sun Jun 3 16:41:16 2012 UTC (11 years, 4 months ago) by william
Diff to previous 251

Revision 251 - Directory Listing - [select for diffs]
Modified Sun Jun 3 16:32:58 2012 UTC (11 years, 4 months ago) by william
Diff to previous 249

+ add variant classes that use MemoryScanner from r204

Revision 249 - Directory Listing - [select for diffs]
Modified Sun Jun 3 16:09:05 2012 UTC (11 years, 4 months ago) by william
Diff to previous 248

change address from uint to int

Revision 248 - Directory Listing - [select for diffs]
Modified Sun Jun 3 15:28:16 2012 UTC (11 years, 4 months ago) by william
Diff to previous 247

Revision 247 - Directory Listing - [select for diffs]
Modified Sun Jun 3 15:27:23 2012 UTC (11 years, 4 months ago) by william
Diff to previous 246

+ catch, log and throw errors

Revision 246 - Directory Listing - [select for diffs]
Modified Sun Jun 3 15:15:51 2012 UTC (11 years, 4 months ago) by william
Diff to previous 245

Revision 245 - Directory Listing - [select for diffs]
Modified Sun Jun 3 14:50:09 2012 UTC (11 years, 4 months ago) by william
Diff to previous 235

+ add exception logic to ensure provider is open

Revision 235 - Directory Listing - [select for diffs]
Modified Sun Jun 3 12:44:26 2012 UTC (11 years, 4 months ago) by william
Diff to previous 232

change int in method to uint

Revision 232 - Directory Listing - [select for diffs]
Modified Sun Jun 3 12:37:44 2012 UTC (11 years, 4 months ago) by william
Diff to previous 231

remove

Revision 231 - Directory Listing - [select for diffs]
Modified Sun Jun 3 12:36:47 2012 UTC (11 years, 4 months ago) by william
Diff to previous 229

+ overhaul memory scanner

Revision 229 - Directory Listing - [select for diffs]
Modified Sat Jun 2 18:31:40 2012 UTC (11 years, 4 months ago) by william
Diff to previous 212

Revision 212 - Directory Listing - [select for diffs]
Modified Sat Jun 2 10:33:38 2012 UTC (11 years, 4 months ago) by william
Diff to previous 204

ignore CS0436: importing conflicting types (AssemblyConfig)

Revision 204 - Directory Listing - [select for diffs]
Modified Thu May 31 09:08:24 2012 UTC (11 years, 4 months ago) by william
Diff to previous 203

DumpMemoryToByteArray(): set byte_alignment to 1

Revision 203 - Directory Listing - [select for diffs]
Modified Thu May 31 09:03:53 2012 UTC (11 years, 4 months ago) by william
Diff to previous 200

+ add support to automatically goto the first address that has a non-zero byte

Revision 200 - Directory Listing - [select for diffs]
Modified Thu May 31 07:29:44 2012 UTC (11 years, 4 months ago) by william
Diff to previous 198

Revision 198 - Directory Listing - [select for diffs]
Modified Thu May 31 07:13:43 2012 UTC (11 years, 4 months ago) by william
Diff to previous 185

+ initial support for memoryview and getting ram from process for display

Revision 185 - Directory Listing - [select for diffs]
Modified Mon May 28 10:21:03 2012 UTC (11 years, 4 months ago) by william
Diff to previous 182

Revision 182 - Directory Listing - [select for diffs]
Modified Mon May 28 10:08:44 2012 UTC (11 years, 4 months ago) by william
Diff to previous 179

Revision 179 - Directory Listing - [select for diffs]
Modified Mon May 28 09:42:27 2012 UTC (11 years, 4 months ago) by william
Diff to previous 177

Revision 177 - Directory Listing - [select for diffs]
Modified Mon May 28 09:37:16 2012 UTC (11 years, 4 months ago) by william
Diff to previous 172

Revision 172 - Directory Listing - [select for diffs]
Modified Mon May 28 09:15:17 2012 UTC (11 years, 4 months ago) by william
Diff to previous 171

Revision 171 - Directory Listing - [select for diffs]
Modified Mon May 28 08:56:42 2012 UTC (11 years, 4 months ago) by william
Diff to previous 169

Revision 169 - Directory Listing - [select for diffs]
Modified Mon May 28 08:49:42 2012 UTC (11 years, 4 months ago) by william
Diff to previous 167

+ add success/failure messages for ram dump

Revision 167 - Directory Listing - [select for diffs]
Modified Mon May 28 08:31:56 2012 UTC (11 years, 4 months ago) by william
Diff to previous 166

+ fix memory dump when bytes to read is less than buffer amount

Revision 166 - Directory Listing - [select for diffs]
Modified Mon May 28 08:14:02 2012 UTC (11 years, 4 months ago) by william
Diff to previous 164

DumpMemory(): write out using 100mb blocks

Revision 164 - Directory Listing - [select for diffs]
Modified Mon May 28 07:49:48 2012 UTC (11 years, 4 months ago) by william
Diff to previous 162

Revision 162 - Directory Listing - [select for diffs]
Modified Mon May 28 07:12:37 2012 UTC (11 years, 4 months ago) by william
Diff to previous 161

+ add support to dump ram to file (even if it is ~2gb or more)

Revision 161 - Directory Listing - [select for diffs]
Modified Mon May 28 05:55:59 2012 UTC (11 years, 4 months ago) by william
Diff to previous 160

Revision 160 - Directory Listing - [select for diffs]
Modified Mon May 28 05:30:14 2012 UTC (11 years, 4 months ago) by william
Diff to previous 159

Force the use of the enum values for these types
public struct IMAGE_FILE_HEADER
{
  public MachineType Machine;
  public DllCharacteristicsType Characteristics;
}

Revision 159 - Directory Listing - [select for diffs]
Modified Mon May 28 05:22:28 2012 UTC (11 years, 4 months ago) by william
Diff to previous 156

+ add support to parse an exe

Revision 156 - Directory Listing - [select for diffs]
Modified Mon May 28 04:14:03 2012 UTC (11 years, 4 months ago) by william
Diff to previous 119

+ add support for selecting process by different means

Revision 119 - Directory Listing - [select for diffs]
Modified Thu May 10 18:34:26 2012 UTC (11 years, 4 months ago) by william
Diff to previous 117

Revision 117 - Directory Listing - [select for diffs]
Modified Thu May 10 18:12:06 2012 UTC (11 years, 4 months ago) by william
Diff to previous 91

Revision 91 - Directory Listing - [select for diffs]
Modified Wed May 9 21:02:31 2012 UTC (11 years, 4 months ago) by william
Diff to previous 90

removed these obsolete files

Revision 90 - Directory Listing - [select for diffs]
Modified Wed May 9 21:00:22 2012 UTC (11 years, 4 months ago) by william
Diff to previous 89

Revision 89 - Directory Listing - [select for diffs]
Modified Wed May 9 21:00:02 2012 UTC (11 years, 4 months ago) by william
Diff to previous 88

Revision 88 - Directory Listing - [select for diffs]
Added Wed May 9 20:52:20 2012 UTC (11 years, 4 months ago) by william

Convenience Links