ViewVC Help
View File | Revision Log | Show Annotations | Download File | View Changeset | Root Listing
root/RomCheater/trunk/Win32/Sojaner.MemoryScanner/MemoryScanner.cs
Revision: 88
Committed: Wed May 9 20:52:20 2012 UTC (11 years, 6 months ago) by william
File size: 5985 byte(s)
Log Message:

File Contents

# User Rev Content
1 william 88 using System;
2     using System.Collections.Generic;
3     using System.Text;
4     using System.Diagnostics;
5     using System.Threading;
6     using System.Runtime.InteropServices;
7    
8     namespace Sojaner.MemoryScanner
9     {
10     // code borrowed from: http://www.codeproject.com/KB/cs/sojaner_memory_scanner.aspx
11     #region ProcessMemoryReader class
12     //Thanks goes to Arik Poznanski for P/Invokes and methods needed to read and write the Memory
13     //For more information refer to "Minesweeper, Behind the scenes" article by Arik Poznanski at Codeproject.com
14     public class ProcessMemoryReader
15     {
16    
17     public ProcessMemoryReader()
18     {
19     }
20    
21     /// <summary>
22     /// Process from which to read
23     /// </summary>
24     public Process ReadProcess
25     {
26     get
27     {
28     return m_ReadProcess;
29     }
30     set
31     {
32     m_ReadProcess = value;
33     }
34     }
35    
36     private Process m_ReadProcess = null;
37    
38     private IntPtr m_hProcess = IntPtr.Zero;
39    
40     public void OpenProcess()
41     {
42     // m_hProcess = ProcessMemoryReaderApi.OpenProcess(ProcessMemoryReaderApi.PROCESS_VM_READ, 1, (uint)m_ReadProcess.Id);
43     ProcessMemoryReaderApi.ProcessAccessType access;
44     access = ProcessMemoryReaderApi.ProcessAccessType.PROCESS_VM_READ
45     | ProcessMemoryReaderApi.ProcessAccessType.PROCESS_VM_WRITE
46     | ProcessMemoryReaderApi.ProcessAccessType.PROCESS_VM_OPERATION;
47     m_hProcess = ProcessMemoryReaderApi.OpenProcess((uint)access, 1, (uint)m_ReadProcess.Id);
48     }
49    
50     public void CloseHandle()
51     {
52     try
53     {
54     int iRetValue;
55     iRetValue = ProcessMemoryReaderApi.CloseHandle(m_hProcess);
56     if (iRetValue == 0)
57     {
58     throw new Exception("CloseHandle failed");
59     }
60     }
61     catch (Exception ex)
62     {
63     //System.Windows.Forms.MessageBox.Show(ex.Message, "error", System.Windows.Forms.MessageBoxButtons.OK, System.Windows.Forms.MessageBoxIcon.Warning);
64     throw ex;
65     }
66     }
67    
68     public byte[] ReadProcessMemory(IntPtr MemoryAddress, uint bytesToRead, out int bytesRead)
69     {
70     byte[] buffer = new byte[bytesToRead];
71    
72     IntPtr ptrBytesRead;
73     ProcessMemoryReaderApi.ReadProcessMemory(m_hProcess, MemoryAddress, buffer, bytesToRead, out ptrBytesRead);
74    
75     bytesRead = ptrBytesRead.ToInt32();
76    
77     return buffer;
78     }
79    
80     public void WriteProcessMemory(IntPtr MemoryAddress, byte[] bytesToWrite, out int bytesWritten)
81     {
82     IntPtr ptrBytesWritten;
83     ProcessMemoryReaderApi.WriteProcessMemory(m_hProcess, MemoryAddress, bytesToWrite, (uint)bytesToWrite.Length, out ptrBytesWritten);
84    
85     bytesWritten = ptrBytesWritten.ToInt32();
86     }
87    
88    
89     /// <summary>
90     /// ProcessMemoryReader is a class that enables direct reading a process memory
91     /// </summary>
92     class ProcessMemoryReaderApi
93     {
94     // constants information can be found in <winnt.h>
95     [Flags]
96     public enum ProcessAccessType
97     {
98     PROCESS_TERMINATE = (0x0001),
99     PROCESS_CREATE_THREAD = (0x0002),
100     PROCESS_SET_SESSIONID = (0x0004),
101     PROCESS_VM_OPERATION = (0x0008),
102     PROCESS_VM_READ = (0x0010),
103     PROCESS_VM_WRITE = (0x0020),
104     PROCESS_DUP_HANDLE = (0x0040),
105     PROCESS_CREATE_PROCESS = (0x0080),
106     PROCESS_SET_QUOTA = (0x0100),
107     PROCESS_SET_INFORMATION = (0x0200),
108     PROCESS_QUERY_INFORMATION = (0x0400)
109     }
110    
111     // function declarations are found in the MSDN and in <winbase.h>
112    
113     // HANDLE OpenProcess(
114     // DWORD dwDesiredAccess, // access flag
115     // BOOL bInheritHandle, // handle inheritance option
116     // DWORD dwProcessId // process identifier
117     // );
118     [DllImport("kernel32.dll")]
119     public static extern IntPtr OpenProcess(UInt32 dwDesiredAccess, Int32 bInheritHandle, UInt32 dwProcessId);
120    
121     // BOOL CloseHandle(
122     // HANDLE hObject // handle to object
123     // );
124     [DllImport("kernel32.dll")]
125     public static extern Int32 CloseHandle(IntPtr hObject);
126    
127     // BOOL ReadProcessMemory(
128     // HANDLE hProcess, // handle to the process
129     // LPCVOID lpBaseAddress, // base of memory area
130     // LPVOID lpBuffer, // data buffer
131     // SIZE_T nSize, // number of bytes to read
132     // SIZE_T * lpNumberOfBytesRead // number of bytes read
133     // );
134     [DllImport("kernel32.dll")]
135     public static extern Int32 ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [In, Out] byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesRead);
136    
137     // BOOL WriteProcessMemory(
138     // HANDLE hProcess, // handle to process
139     // LPVOID lpBaseAddress, // base of memory area
140     // LPCVOID lpBuffer, // data buffer
141     // SIZE_T nSize, // count of bytes to write
142     // SIZE_T * lpNumberOfBytesWritten // count of bytes written
143     // );
144     [DllImport("kernel32.dll")]
145     public static extern Int32 WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [In, Out] byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesWritten);
146    
147    
148     }
149     }
150     #endregion
151     }