/[RomCheater]/trunk/Win32/Sojaner.MemoryScanner/MemoryScanner.cs
ViewVC logotype

Contents of /trunk/Win32/Sojaner.MemoryScanner/MemoryScanner.cs

Parent Directory Parent Directory | Revision Log Revision Log


Revision 428 - (show annotations) (download)
Tue May 28 13:32:28 2013 UTC (8 years, 4 months ago) by william
File size: 37133 byte(s)
+ fix memory scanner and memory providers to read and write process memory simulataneously without crashing due to null process handle
*** this has been done using ProcessMemoryChunk for all memory read/write operations
** we no longer need to open and close native handles to the process

1 #region Logging Defines
2 // include this any class or method that required logging, and comment-out what is not needed
3
4 #region Enabled logging levels
5 #define LOGGING_ENABLE_INFO
6 #define LOGGING_ENABLE_WARN
7 #define LOGGING_ENABLE_DEBUG
8 #define LOGGING_ENABLE_VERBOSEDEBUG
9 #define LOGGING_ENABLE_ERROR
10 #define LOGGING_ENABLE_VERBOSEERROR
11 //#define LOGGING_ENABLE_PROFILER
12 #endregion
13 #endregion
14 using System;
15 using System.Collections.Generic;
16 using System.Text;
17 using System.Diagnostics;
18 using System.Threading;
19 using System.Runtime.InteropServices;
20 using RomCheater.Logging;
21 using System.IO;
22 using Sojaner.MemoryScanner.MemoryProviers;
23 using Microsoft.Win32.SafeHandles;
24 using Microsoft.Win32.Interop;
25 using System.ComponentModel;
26 using ManagedWinapi;
27 using RomCheater.PluginFramework.Events;
28
29 namespace Sojaner.MemoryScanner
30 {
31 // code borrowed from: http://www.codeproject.com/KB/cs/sojaner_memory_scanner.aspx
32 #region ProcessMemoryReader class
33 //Thanks goes to Arik Poznanski for P/Invokes and methods needed to read and write the Memory
34 //For more information refer to "Minesweeper, Behind the scenes" article by Arik Poznanski at Codeproject.com
35 internal class ProcessMemoryReader : IMemoryReader, IMemoryWriter, IFileWriter, IPatchMemory,IReadMemory, IAcceptsBytesReadEvent
36 {
37 // constants information can be found in <winnt.h>
38 [Flags]
39 enum ProcessAccessFlags : uint
40 {
41 All = 0x001F0FFF,
42 Terminate = 0x00000001,
43 CreateThread = 0x00000002,
44 VMOperation = 0x00000008,
45 VMRead = 0x00000010,
46 VMWrite = 0x00000020,
47 DupHandle = 0x00000040,
48 SetInformation = 0x00000200,
49 QueryInformation = 0x00000400,
50 Synchronize = 0x00100000
51 }
52 [Flags]
53 public enum AllocationProtect : uint
54 {
55 // http://msdn.microsoft.com/en-us/library/windows/desktop/aa366786(v=vs.85).aspx
56 NONE = 0,
57 PAGE_NOACCESS = 0x00000001,
58 PAGE_READONLY = 0x00000002,
59 PAGE_READWRITE = 0x00000004,
60 PAGE_WRITECOPY = 0x00000008,
61 PAGE_EXECUTE = 0x00000010,
62 PAGE_EXECUTE_READ = 0x00000020,
63 PAGE_EXECUTE_READWRITE = 0x00000040,
64 PAGE_EXECUTE_WRITECOPY = 0x00000080,
65 PAGE_GUARD = 0x00000100,
66 PAGE_NOCACHE = 0x00000200,
67 PAGE_WRITECOMBINE = 0x00000400
68 }
69 [StructLayout(LayoutKind.Sequential)]
70 public struct MEMORY_BASIC_INFORMATION
71 {
72 public IntPtr BaseAddress;
73 public IntPtr AllocationBase;
74 public AllocationProtect AllocationProtect;
75 public IntPtr RegionSize;
76 public uint State;
77 public uint Protect;
78 public uint Type;
79 }
80
81 public ProcessMemoryReader()
82 {
83 }
84 public event BaseEventHandler<OnBytesReadEventArgs> OnBytesRead;
85 /// <summary>
86 /// Process from which to read
87 /// </summary>
88 public Process ReadProcess
89 {
90 get
91 {
92 return m_ReadProcess;
93 }
94 set
95 {
96 m_ReadProcess = value;
97 }
98 }
99
100 private Process m_ReadProcess = null;
101
102 //SafeWaitHandle handle;
103 //private IntPtr handle = IntPtr.Zero;
104 //SafeWaitHandle m_hProcess; /* unused */
105 //public void OpenProcess()
106 //{
107 // try
108 // {
109 // // m_hProcess = ProcessMemoryReaderApi.OpenProcess(ProcessMemoryReaderApi.PROCESS_VM_READ, 1, (uint)m_ReadProcess.Id);
110 // //if (!TokenAdjuster.AdjustProcessTokenPrivileges("SeDebugPrivilege"))
111 // //{
112 // // logger.Warn.WriteLine("Failed to set SeDebugPrivilege on current process");
113 // //}
114 // ProcessAccessFlags access;
115 // access = ProcessAccessFlags.VMRead
116 // | ProcessAccessFlags.VMWrite
117 // | ProcessAccessFlags.VMOperation;
118 // //m_hProcess = ProcessMemoryReaderApi.OpenProcess((uint)access, 1, (uint)m_ReadProcess.Id);
119 // handle = ProcessMemoryReaderApi.OpenProcess(access, true, m_ReadProcess.Id);
120 // //m_hProcess = new SafeWaitHandle(handle, false);
121 // }
122 // catch (SEHException ex)
123 // {
124 // logger.Error.WriteLine("WriteProcessMemoryToFile() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
125 // logger.Error.WriteLine(ex.ToString());
126 // throw ex;
127 // }
128 // catch (Exception ex)
129 // {
130 // logger.Error.WriteLine(ex.ToString());
131 // throw ex;
132 // }
133 //}
134
135 //public void CloseHandle()
136 //{
137 // try
138 // {
139 // ////if (handle.IsInvalid) { return; }
140 // ////if (handle.IsClosed) { return; }
141 // //m_hProcess.Close();
142 // //m_hProcess.Dispose();
143 // //m_hProcess = null;
144 // //handle = IntPtr.Zero;
145 // //m_ReadProcess = null;
146 // //string stack_trace = System.Environment.StackTrace;
147 // int iRetValue;
148 // iRetValue = ProcessMemoryReaderApi.CloseHandle(handle);
149 // handle = IntPtr.Zero;
150 // ReadProcess = null;
151 // if (iRetValue == 0)
152 // {
153 // throw new Exception("CloseHandle failed");
154 // }
155 // }
156 // catch (SEHException ex)
157 // {
158 // logger.Error.WriteLine("WriteProcessMemoryToFile() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
159 // logger.Error.WriteLine(ex.ToString());
160 // throw ex;
161 // }
162 // catch (Exception ex)
163 // {
164 // logger.Error.WriteLine(ex.ToString());
165 // throw ex;
166 // }
167 //}
168 /// <summary>
169 /// ProcessMemoryReader is a class that enables direct reading a process memory
170 /// </summary>
171 private class ProcessMemoryReaderApi
172 {
173 [DllImport("kernel32.dll")]
174 public static extern int VirtualQueryEx(IntPtr hProcess, IntPtr lpAddress, out MEMORY_BASIC_INFORMATION lpBuffer, uint dwLength);
175
176 // function declarations are found in the MSDN and in <winbase.h>
177
178 // HANDLE OpenProcess(
179 // DWORD dwDesiredAccess, // access flag
180 // BOOL bInheritHandle, // handle inheritance option
181 // DWORD dwProcessId // process identifier
182 // );
183 [DllImport("kernel32.dll")]
184 public static extern IntPtr OpenProcess(ProcessAccessFlags dwDesiredAccess, [MarshalAs(UnmanagedType.Bool)] bool bInheritHandle, int dwProcessId);
185
186 // BOOL CloseHandle(
187 // HANDLE hObject // handle to object
188 // );
189 [DllImport("kernel32.dll")]
190 public static extern Int32 CloseHandle(IntPtr hObject);
191
192 // BOOL ReadProcessMemory(
193 // HANDLE hProcess, // handle to the process
194 // LPCVOID lpBaseAddress, // base of memory area
195 // LPVOID lpBuffer, // data buffer
196 // SIZE_T nSize, // number of bytes to read
197 // SIZE_T * lpNumberOfBytesRead // number of bytes read
198 // );
199 [DllImport("kernel32.dll", SetLastError = true)]
200 public static extern bool ReadProcessMemory(
201 IntPtr hProcess,
202 IntPtr lpBaseAddress,
203 [Out] byte[] lpBuffer,
204 uint dwSize,
205 out int lpNumberOfBytesRead
206 );
207
208 // BOOL WriteProcessMemory(
209 // HANDLE hProcess, // handle to process
210 // LPVOID lpBaseAddress, // base of memory area
211 // LPCVOID lpBuffer, // data buffer
212 // SIZE_T nSize, // count of bytes to write
213 // SIZE_T * lpNumberOfBytesWritten // count of bytes written
214 // );
215 [DllImport("kernel32.dll", SetLastError = true)]
216 public static extern bool WriteProcessMemory(
217 IntPtr hProcess,
218 IntPtr lpBaseAddress,
219 byte[] lpBuffer,
220 uint nSize,
221 out UIntPtr lpNumberOfBytesWritten);
222
223
224 }
225
226 #region IMemoryReader Members
227 #region public bool ReadFirstNonZeroByte(uint MemoryAddress, uint bytesToRead, out int address)
228 public bool ReadFirstNonZeroByte(int MemoryAddress, uint bytesToRead, out int address)
229 {
230 //logger.Info.WriteLine("Dumping memory (0x{0:x8}-0x{1:x8}) from pid=({2})", MemoryAddress, MemoryAddress + bytesToRead, string.Format("0x{0:x4} {1}.exe", ppid.Id, ppid.ProcessName));
231 address = 0;
232 uint byte_alignment = 1;
233 // get common init parameters
234 //InitMemoryDump(out byte_alignment);
235 int mem_address = MemoryAddress;
236 uint _bytesToRead = bytesToRead;
237 byte[] buffer = new byte[] { };
238 try
239 {
240 //using (MemoryStream ms = new MemoryStream())
241 //{
242 // //BinaryWriter bw = new BinaryWriter(ms);
243 // //foreach (byte b in data) { bw.Write(b); }
244 for (uint i = 0; i <= bytesToRead; )
245 {
246 if (_bytesToRead < byte_alignment)
247 {
248 _bytesToRead = bytesToRead;
249 buffer = new byte[_bytesToRead];
250 }
251 else
252 {
253 _bytesToRead = byte_alignment;
254 buffer = new byte[byte_alignment];
255 }
256 int bytesRead = 0;
257 ReadProcessMemory(mem_address, _bytesToRead, out bytesRead, out buffer);
258 if (buffer.Length == 0 && bytesRead == 0)
259 {
260 throw new Exception(string.Format("Failed to read memory from process: {0}", ReadProcess.ToString()));
261 }
262 //bw.Write(buffer);
263 //bw.Flush();
264 if (_bytesToRead < byte_alignment)
265 {
266 i += _bytesToRead;
267 mem_address += (int)_bytesToRead;
268 }
269 else
270 {
271 i += byte_alignment;
272 mem_address += (int)byte_alignment;
273 }
274 for (uint j = 0; j < buffer.Length; j++)
275 {
276 if (buffer[j] != 0)
277 {
278 address = mem_address;
279 break;
280 }
281 }
282 if (address != 0)
283 break;
284 }
285 // bw.Close();
286 //}
287 //logger.Info.WriteLine("Succefully dumped memory (0x{0:x8}-0x{1:x8}) from pid=({2})", MemoryAddress, MemoryAddress + bytesToRead, string.Format("0x{0:x4} {1}.exe", ppid.Id, ppid.ProcessName));
288 return true;
289 }
290 catch (SEHException ex)
291 {
292 logger.Error.WriteLine("ReadFirstNonZeroByte() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
293 logger.Error.WriteLine(ex.ToString());
294 throw ex;
295 }
296 catch (OutOfMemoryException ex)
297 {
298 logger.Error.WriteLine("ReadFirstNonZeroByte(): OutOfMemoryException");
299 logger.Error.WriteLine(ex.ToString());
300 }
301 catch (Exception ex)
302 {
303 logger.Error.WriteLine("ReadFirstNonZeroByte(): Exception");
304 logger.Error.WriteLine(ex.ToString());
305 throw ex;
306 }
307 return false;
308 }
309 #endregion
310
311 public void ReadProcessMemoryAtOnce(uint MemoryAddress, uint bytesToRead, object UserState)
312 {
313 uint size = 1024 * 128;
314 for (uint j = MemoryAddress; j < (MemoryAddress + bytesToRead); j += size)
315 {
316 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)j, (int)size))
317 {
318 byte[] bigMem = mem.Read();
319 if (this.OnBytesRead != null)
320 this.OnBytesRead.Invoke(new OnBytesReadEventArgs(this, UserState, bigMem, j, bytesToRead));
321 bigMem = null;
322 }
323 }
324 }
325 public void ReadProcessMemoryAtOnce(uint MemoryAddress, uint bytesToRead, out int bytesRead, out byte[] data)
326 {
327 Stopwatch st = new Stopwatch();
328 st.Start();
329 List<byte> buffer_list = new List<byte>();
330 //for (uint j = MemoryAddress; j < (MemoryAddress+bytesToRead); j += size)
331 //{
332 // using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)j, (int)bytesToRead))
333 // {
334 // byte[] bigMem = mem.Read();
335 // foreach (byte b in bigMem) { buffer_list.Add(b); }
336 // bigMem = null;
337 // }
338 //}
339
340 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)MemoryAddress, (int)bytesToRead))
341 {
342 byte[] bigMem = mem.Read();
343 foreach (byte b in bigMem) { buffer_list.Add(b); }
344 bigMem = null;
345 }
346
347 bytesRead = buffer_list.Count;
348 data = new byte[bytesToRead];
349 data.Initialize();
350 Buffer.BlockCopy(buffer_list.ToArray(), 0, data, 0, (int)bytesToRead);
351 st.Stop();
352 logger.Profiler.WriteLine("ReadProcessMemoryAtOnce(): start=0x{0:x8} end=0x{1:x8} took {2:0.0000} seconds", MemoryAddress, MemoryAddress + bytesToRead, st.Elapsed.TotalSeconds);
353 }
354 #region public void ReadProcessMemory(int MemoryAddress, uint bytesToRead, out int bytesRead, out byte[] data)
355 public void ReadProcessMemory(int MemoryAddress, uint bytesToRead, out int bytesRead, out byte[] data)
356 {
357 ReadProcessMemory((uint)MemoryAddress, bytesToRead, out bytesRead, out data);
358 }
359 public void ReadProcessMemory(uint MemoryAddress, uint bytesToRead, out int bytesRead, out byte[] data)
360 {
361 try
362 {
363 ReadProcessMemoryAtOnce(MemoryAddress, bytesToRead, out bytesRead, out data);
364 //bytesRead = 0;
365 //data = new byte[bytesToRead];
366 //const int alignment = 1;
367 //List<byte> buffer_list = new List<byte>();
368 //uint _MemoryAddress = MemoryAddress;
369 //for (int i = 0; i < bytesToRead; i++)
370 //{
371 // byte[] buffer = new byte[alignment];
372 // int _bytesRead = 0;
373 // MEMORY_BASIC_INFORMATION m;
374 // ProcessMemoryReaderApi.VirtualQueryEx(m_ReadProcess.Handle, (IntPtr)_MemoryAddress, out m, (uint)Marshal.SizeOf(typeof(MEMORY_BASIC_INFORMATION)));
375
376 // if (m.AllocationProtect.HasFlag(AllocationProtect.PAGE_NOACCESS) ||
377 // m.AllocationProtect == 0)
378 // {
379 // uint OrignalAddress = _MemoryAddress;
380 // while (m.AllocationProtect.HasFlag(AllocationProtect.PAGE_NOACCESS) || m.AllocationProtect == 0)
381 // {
382 // ProcessMemoryReaderApi.VirtualQueryEx(m_ReadProcess.Handle, (IntPtr)_MemoryAddress, out m, (uint)Marshal.SizeOf(typeof(MEMORY_BASIC_INFORMATION)));
383 // _MemoryAddress++;
384 // buffer_list.Add(0);
385 // }
386 // _MemoryAddress--;
387 // uint diff = _MemoryAddress - OrignalAddress;
388 // i += (int)diff;
389 // buffer_list.RemoveAt(buffer_list.Count-1);
390 // }
391
392 // ProcessMemoryReader.ProcessMemoryReaderApi.ReadProcessMemory(handle, (IntPtr)_MemoryAddress, buffer, alignment, out _bytesRead);
393 // int LastError = Marshal.GetLastWin32Error();
394 // if (LastError != ResultWin32.ERROR_SUCCESS)
395 // {
396 // string ErrorName = ResultWin32.GetErrorName(LastError);
397 // }
398 // if (_bytesRead > 0)
399 // {
400 // foreach (byte b in buffer)
401 // {
402 // buffer_list.Add(b);
403 // }
404 // _MemoryAddress += (uint)buffer.Length;
405 // }
406 //}
407 //bytesRead = buffer_list.Count;
408 //Buffer.BlockCopy(buffer_list.ToArray(), 0, data, 0, (int)bytesToRead);
409 }
410 catch (SEHException ex)
411 {
412 logger.Error.WriteLine("ReadProcessMemory() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
413 logger.Error.WriteLine(ex.ToString());
414 throw ex;
415 }
416 catch (Exception ex)
417 {
418 logger.Error.WriteLine("ReadProcessMemory(): Exception");
419 logger.Error.WriteLine(ex.ToString());
420 throw ex;
421 }
422 }
423 #endregion
424 #endregion
425
426 #region IMemoryWriter Members
427 #region public void WriteProcessMemory(uint MemoryAddress, byte[] bytesToWrite, out int bytesWritten)
428 public void WriteProcessMemory(int MemoryAddress, byte[] bytesToWrite, out int bytesWritten)
429 {
430 uint _bytesWritten = 0;
431 WriteProcessMemory((uint)MemoryAddress, bytesToWrite, out _bytesWritten);
432 bytesWritten = (int)_bytesWritten;
433 }
434 public void WriteProcessMemory(uint MemoryAddress, byte[] bytesToWrite, out uint bytesWritten)
435 {
436 try
437 {
438 //uint _bytesWritten = 0;
439 uint _MemoryAddress = MemoryAddress;
440
441 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)MemoryAddress, bytesToWrite.Length))
442 {
443 mem.Write(0, bytesToWrite);
444 }
445
446 //for (int i = 0; i < bytesToWrite.Length; i++)
447 //{
448 // UIntPtr _ptrBytesWritten = UIntPtr.Zero;
449 // byte[] buffer = new byte[] { bytesToWrite[i] };
450 // ProcessMemoryReaderApi.WriteProcessMemory(handle, (IntPtr)_MemoryAddress, buffer, (uint)buffer.Length, out _ptrBytesWritten);
451 // _MemoryAddress++;
452 // _bytesWritten++;
453 //}
454 //bytesWritten = _bytesWritten;
455 bytesWritten = (uint)bytesToWrite.Length;
456 }
457 catch (SEHException ex)
458 {
459 logger.Error.WriteLine("WriteProcessMemory() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
460 logger.Error.WriteLine(ex.ToString());
461 throw ex;
462 }
463 catch (Exception ex)
464 {
465
466 logger.Error.WriteLine("WriteProcessMemory() Exception");
467 logger.Error.WriteLine(ex.ToString());
468 bytesWritten = 0;
469 throw ex;
470 }
471 }
472 #endregion
473 #endregion
474
475 #region IFileWriter Members
476 #region public bool WriteProcessMemoryToFile(string filename, uint MemoryAddress, uint bytesToRead, out int bytesRead)
477 public bool WriteProcessMemoryToFile(string filename, int MemoryAddress, uint bytesToRead, out int bytesRead)
478 {
479 //logger.Info.WriteLine("Dumping memory (0x{0:x8}-0x{1:x8}) from pid=({3}) to file {2}", MemoryAddress, MemoryAddress + bytesToRead, filename, string.Format("0x{0:x4} {1}.exe", ppid.Id, ppid.ProcessName));
480 bytesRead = 0;
481 uint byte_alignment = 102400;
482 int address = MemoryAddress;
483 uint _bytesToRead = bytesToRead;
484 byte[] buffer = new byte[] { };
485 try
486 {
487 FileInfo fi = new FileInfo(filename);
488 if (fi.Exists)
489 fi.Delete();
490 using (FileStream fs = new FileStream(filename, FileMode.CreateNew, FileAccess.ReadWrite, FileShare.ReadWrite))
491 {
492 BinaryWriter bw = new BinaryWriter(fs);
493 //foreach (byte b in data) { bw.Write(b); }
494
495 for (uint i = 0; i <= bytesToRead; )
496 {
497 if (_bytesToRead < byte_alignment)
498 {
499 _bytesToRead = bytesToRead;
500 buffer = new byte[_bytesToRead];
501 }
502 else
503 {
504 _bytesToRead = byte_alignment;
505 buffer = new byte[byte_alignment];
506 }
507 ReadProcessMemory(address, _bytesToRead, out bytesRead, out buffer);
508 bw.Write(buffer);
509 bw.Flush();
510
511 if (_bytesToRead < byte_alignment)
512 {
513 i += _bytesToRead;
514 address += (int)_bytesToRead;
515 }
516 else
517 {
518 i += byte_alignment;
519 address += (int)byte_alignment;
520 }
521
522
523 }
524 bw.Close();
525 }
526 logger.Info.WriteLine("Succefully dumped memory (0x{0:x8}-0x{1:x8}) from pid=({3}) to file {2}", MemoryAddress, MemoryAddress + bytesToRead, filename, string.Format("0x{0:x4} {1}.exe", ReadProcess.Id, ReadProcess.ProcessName));
527 return true;
528 }
529 catch (SEHException ex)
530 {
531 logger.Error.WriteLine("WriteProcessMemoryToFile() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
532 logger.Error.WriteLine(ex.ToString());
533 throw ex;
534 }
535 catch (OutOfMemoryException ex)
536 {
537 logger.Error.WriteLine("WriteProcessMemoryToFile(): Exception");
538 logger.Error.WriteLine(ex.ToString());
539 }
540 catch (Exception ex)
541 {
542 logger.Error.WriteLine("WriteProcessMemoryToFile(): Exception");
543 logger.Error.WriteLine(ex.ToString());
544 throw ex;
545 }
546 return false;
547 }
548 #endregion
549 #endregion
550
551 #region IPatchMemory members
552 #region public virtual bool PatchMemory(uint address, byte value)
553 public virtual bool PatchMemory(uint address, byte value)
554 {
555 byte[] bitData = BitConverter.GetBytes(value);
556 //UIntPtr ptrBytesWritten;
557 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
558 {
559 mem.Write(0, bitData);
560 }
561 //ProcessMemoryReaderApi.WriteProcessMemory(handle, (IntPtr)address, bitData, (uint)bitData.Length, out ptrBytesWritten);
562 //if (ptrBytesWritten.ToUInt32() == 0)
563 // return false;
564 byte check = 0;
565 ReadMemory(address, out check);
566 if (check == value) return true;
567 return false;
568 }
569 #endregion
570 #region public virtual bool PatchMemory(uint address, sbyte value)
571 public virtual bool PatchMemory(uint address, sbyte value)
572 {
573 byte[] bitData = BitConverter.GetBytes(value);
574 //UIntPtr ptrBytesWritten;
575 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
576 {
577 mem.Write(0, bitData);
578 }
579 //ProcessMemoryReaderApi.WriteProcessMemory(handle, (IntPtr)address, bitData, (uint)bitData.Length, out ptrBytesWritten);
580 //if (ptrBytesWritten.ToUInt32() == 0)
581 // return false;
582 sbyte check = 0;
583 ReadMemory(address, out check);
584 if (check == value) return true;
585 return false;
586 }
587 #endregion
588 #region public virtual bool PatchMemory(uint address, ushort value)
589 public virtual bool PatchMemory(uint address, ushort value)
590 {
591 byte[] bitData = BitConverter.GetBytes(value);
592 //UIntPtr ptrBytesWritten;
593 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
594 {
595 mem.Write(0, bitData);
596 }
597 //if (ptrBytesWritten.ToUInt32() == 0)
598 // return false;
599 ushort check = 0;
600 ReadMemory(address, out check);
601 if (check == value) return true;
602 return false;
603 }
604 #endregion
605 #region public virtual bool PatchMemory(uint address, short value)
606 public virtual bool PatchMemory(uint address, short value)
607 {
608 byte[] bitData = BitConverter.GetBytes(value);
609 //UIntPtr ptrBytesWritten;
610 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
611 {
612 mem.Write(0, bitData);
613 }
614 //if (ptrBytesWritten.ToUInt32() == 0)
615 // return false;
616 short check = 0;
617 ReadMemory(address, out check);
618 if (check == value) return true;
619 return false;
620 }
621 #endregion
622 #region public virtual bool PatchMemory(uint address, uint value)
623 public virtual bool PatchMemory(uint address, uint value)
624 {
625 byte[] bitData = BitConverter.GetBytes(value);
626 //UIntPtr ptrBytesWritten;
627 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
628 {
629 mem.Write(0, bitData);
630 }
631 //if (ptrBytesWritten.ToUInt32() == 0)
632 // return false;
633 uint check = 0;
634 ReadMemory(address, out check);
635 if (check == value) return true;
636 return false;
637 }
638 #endregion
639 #region public virtual bool PatchMemory(uint address, int value)
640 public virtual bool PatchMemory(uint address, int value)
641 {
642 byte[] bitData = BitConverter.GetBytes(value);
643 //UIntPtr ptrBytesWritten;
644 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
645 {
646 mem.Write(0, bitData);
647 }
648 //if (ptrBytesWritten.ToUInt32() == 0)
649 // return false;
650 int check = 0;
651 ReadMemory(address, out check);
652 if (check == value) return true;
653 return false;
654 }
655 #endregion
656 #region public virtual bool PatchMemory(uint address, ulong value)
657 public virtual bool PatchMemory(uint address, ulong value)
658 {
659 byte[] bitData = BitConverter.GetBytes(value);
660 //UIntPtr ptrBytesWritten;
661 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
662 {
663 mem.Write(0, bitData);
664 }
665 //if (ptrBytesWritten.ToUInt32() == 0)
666 // return false;
667 ulong check = 0;
668 ReadMemory(address, out check);
669 if (check == value) return true;
670 return false;
671 }
672 #endregion
673 #region public virtual bool PatchMemory(uint address, long value)
674 public virtual bool PatchMemory(uint address, long value)
675 {
676 byte[] bitData = BitConverter.GetBytes(value);
677 //UIntPtr ptrBytesWritten;
678 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
679 {
680 mem.Write(0, bitData);
681 }
682 //if (ptrBytesWritten.ToUInt32() == 0)
683 // return false;
684 long check = 0;
685 ReadMemory(address, out check);
686 if (check == value) return true;
687 return false;
688 }
689 #endregion
690 #endregion
691
692 #region IReadMemory members
693 #region public virtual bool ReadMemory(uint address, out byte value)
694 public virtual bool ReadMemory(uint address, out byte value)
695 {
696 value = 0;
697 try
698 {
699 //int bytesRead;
700 uint size = sizeof(byte);
701 byte[] bitData = new byte[size];
702 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
703 {
704 mem.Read(0, (int)size);
705 }
706 //if (bytesRead == 0)
707 // return false;
708 value = bitData[0];
709 return true;
710 }
711 catch
712 {
713 value = 0x00;
714 return false;
715 }
716 }
717 #endregion
718 #region public virtual bool ReadMemory(uint address, out sbyte value)
719 public virtual bool ReadMemory(uint address, out sbyte value)
720 {
721 value = 0;
722 try
723 {
724 //int bytesRead;
725 uint size = sizeof(sbyte);
726 byte[] bitData = new byte[size];
727 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
728 {
729 mem.Read(0, (int)size);
730 }
731 //if (bytesRead == 0)
732 // return false;
733 value = Convert.ToSByte(bitData[0]);
734 return true;
735 }
736 catch
737 {
738 value = 0x00;
739 return false;
740 }
741 }
742 #endregion
743 #region public virtual bool ReadMemory(uint address, out ushort value)
744 public virtual bool ReadMemory(uint address, out ushort value)
745 {
746 value = 0;
747 try
748 {
749 //int bytesRead;
750 uint size = sizeof(ushort);
751 byte[] bitData = new byte[size];
752 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
753 {
754 mem.Read(0, (int)size);
755 }
756 //if (bytesRead == 0)
757 // return false;
758 value = BitConverter.ToUInt16(bitData, 0);
759 return true;
760 }
761 catch
762 {
763 value = 0x00;
764 return false;
765 }
766 }
767 #endregion
768 #region public virtual bool ReadMemory(uint address, out short value)
769 public virtual bool ReadMemory(uint address, out short value)
770 {
771 value = 0;
772 try
773 {
774 //int bytesRead;
775 uint size = sizeof(short);
776 byte[] bitData = new byte[size];
777 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
778 {
779 mem.Read(0, (int)size);
780 }
781 //if (bytesRead == 0)
782 // return false;
783 value = BitConverter.ToInt16(bitData, 0);
784 return true;
785 }
786 catch
787 {
788 value = 0x00;
789 return false;
790 }
791 }
792 #endregion
793 #region public virtual bool ReadMemory(uint address, out uint value)
794 public virtual bool ReadMemory(uint address, out uint value)
795 {
796 value = 0;
797 try
798 {
799 //int bytesRead;
800 uint size = sizeof(uint);
801 byte[] bitData = new byte[size];
802 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
803 {
804 mem.Read(0, (int)size);
805 }
806 //if (bytesRead == 0)
807 // return false;
808 value = BitConverter.ToUInt32(bitData, 0);
809 return true;
810 }
811 catch
812 {
813 value = 0x00;
814 return false;
815 }
816 }
817 #endregion
818 #region public virtual bool ReadMemory(uint address, out int value)
819 public virtual bool ReadMemory(uint address, out int value)
820 {
821 value = 0;
822 try
823 {
824 //int bytesRead;
825 uint size = sizeof(int);
826 byte[] bitData = new byte[size];
827 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
828 {
829 mem.Read(0, (int)size);
830 }
831 //if (bytesRead == 0)
832 // return false;
833 value = BitConverter.ToInt32(bitData, 0);
834 return true;
835 }
836 catch
837 {
838 value = 0x00;
839 return false;
840 }
841 }
842 #endregion
843 #region public virtual bool ReadMemory(uint address, out ulong value)
844 public virtual bool ReadMemory(uint address, out ulong value)
845 {
846 value = 0;
847 try
848 {
849 //int bytesRead;
850 uint size = sizeof(ulong);
851 byte[] bitData = new byte[size];
852 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
853 {
854 mem.Read(0, (int)size);
855 }
856 //if (bytesRead == 0)
857 // return false;
858 value = BitConverter.ToUInt64(bitData, 0);
859 return true;
860 }
861 catch
862 {
863 value = 0x00;
864 return false;
865 }
866 }
867 #endregion
868 #region public virtual bool ReadMemory(uint address, out long value)
869 public virtual bool ReadMemory(uint address, out long value)
870 {
871 value = 0;
872 try
873 {
874 // int bytesRead;
875 uint size = sizeof(long);
876 byte[] bitData = new byte[size];
877 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
878 {
879 mem.Read(0, (int)size);
880 }
881 //if (bytesRead == 0)
882 // return false;
883 value = BitConverter.ToInt64(bitData, 0);
884 return true;
885 }
886 catch
887 {
888 value = 0x00;
889 return false;
890 }
891 }
892 #endregion
893 #endregion
894 }
895 #endregion
896 }

  ViewVC Help
Powered by ViewVC 1.1.22