/[RomCheater]/trunk/Win32/Sojaner.MemoryScanner/MemoryScanner.cs
ViewVC logotype

Contents of /trunk/Win32/Sojaner.MemoryScanner/MemoryScanner.cs

Parent Directory Parent Directory | Revision Log Revision Log


Revision 429 - (show annotations) (download)
Tue May 28 15:16:05 2013 UTC (8 years, 6 months ago) by william
File size: 37206 byte(s)
+ fix search so that the result count(s) match

1 #region Logging Defines
2 // include this any class or method that required logging, and comment-out what is not needed
3
4 #region Enabled logging levels
5 #define LOGGING_ENABLE_INFO
6 #define LOGGING_ENABLE_WARN
7 #define LOGGING_ENABLE_DEBUG
8 #define LOGGING_ENABLE_VERBOSEDEBUG
9 #define LOGGING_ENABLE_ERROR
10 #define LOGGING_ENABLE_VERBOSEERROR
11 //#define LOGGING_ENABLE_PROFILER
12 #endregion
13 #endregion
14 using System;
15 using System.Collections.Generic;
16 using System.Text;
17 using System.Diagnostics;
18 using System.Threading;
19 using System.Runtime.InteropServices;
20 using RomCheater.Logging;
21 using System.IO;
22 using Sojaner.MemoryScanner.MemoryProviers;
23 using Microsoft.Win32.SafeHandles;
24 using Microsoft.Win32.Interop;
25 using System.ComponentModel;
26 using ManagedWinapi;
27 using RomCheater.PluginFramework.Events;
28
29 namespace Sojaner.MemoryScanner
30 {
31 // code borrowed from: http://www.codeproject.com/KB/cs/sojaner_memory_scanner.aspx
32 #region ProcessMemoryReader class
33 //Thanks goes to Arik Poznanski for P/Invokes and methods needed to read and write the Memory
34 //For more information refer to "Minesweeper, Behind the scenes" article by Arik Poznanski at Codeproject.com
35 internal class ProcessMemoryReader : IMemoryReader, IMemoryWriter, IFileWriter, IPatchMemory,IReadMemory, IAcceptsBytesReadEvent
36 {
37 // constants information can be found in <winnt.h>
38 [Flags]
39 enum ProcessAccessFlags : uint
40 {
41 All = 0x001F0FFF,
42 Terminate = 0x00000001,
43 CreateThread = 0x00000002,
44 VMOperation = 0x00000008,
45 VMRead = 0x00000010,
46 VMWrite = 0x00000020,
47 DupHandle = 0x00000040,
48 SetInformation = 0x00000200,
49 QueryInformation = 0x00000400,
50 Synchronize = 0x00100000
51 }
52 [Flags]
53 public enum AllocationProtect : uint
54 {
55 // http://msdn.microsoft.com/en-us/library/windows/desktop/aa366786(v=vs.85).aspx
56 NONE = 0,
57 PAGE_NOACCESS = 0x00000001,
58 PAGE_READONLY = 0x00000002,
59 PAGE_READWRITE = 0x00000004,
60 PAGE_WRITECOPY = 0x00000008,
61 PAGE_EXECUTE = 0x00000010,
62 PAGE_EXECUTE_READ = 0x00000020,
63 PAGE_EXECUTE_READWRITE = 0x00000040,
64 PAGE_EXECUTE_WRITECOPY = 0x00000080,
65 PAGE_GUARD = 0x00000100,
66 PAGE_NOCACHE = 0x00000200,
67 PAGE_WRITECOMBINE = 0x00000400
68 }
69 [StructLayout(LayoutKind.Sequential)]
70 public struct MEMORY_BASIC_INFORMATION
71 {
72 public IntPtr BaseAddress;
73 public IntPtr AllocationBase;
74 public AllocationProtect AllocationProtect;
75 public IntPtr RegionSize;
76 public uint State;
77 public uint Protect;
78 public uint Type;
79 }
80
81 public ProcessMemoryReader()
82 {
83 }
84 public event BaseEventHandler<OnBytesReadEventArgs> OnBytesRead;
85 /// <summary>
86 /// Process from which to read
87 /// </summary>
88 public Process ReadProcess
89 {
90 get
91 {
92 return m_ReadProcess;
93 }
94 set
95 {
96 m_ReadProcess = value;
97 }
98 }
99
100 private Process m_ReadProcess = null;
101
102 //SafeWaitHandle handle;
103 //private IntPtr handle = IntPtr.Zero;
104 //SafeWaitHandle m_hProcess; /* unused */
105 //public void OpenProcess()
106 //{
107 // try
108 // {
109 // // m_hProcess = ProcessMemoryReaderApi.OpenProcess(ProcessMemoryReaderApi.PROCESS_VM_READ, 1, (uint)m_ReadProcess.Id);
110 // //if (!TokenAdjuster.AdjustProcessTokenPrivileges("SeDebugPrivilege"))
111 // //{
112 // // logger.Warn.WriteLine("Failed to set SeDebugPrivilege on current process");
113 // //}
114 // ProcessAccessFlags access;
115 // access = ProcessAccessFlags.VMRead
116 // | ProcessAccessFlags.VMWrite
117 // | ProcessAccessFlags.VMOperation;
118 // //m_hProcess = ProcessMemoryReaderApi.OpenProcess((uint)access, 1, (uint)m_ReadProcess.Id);
119 // handle = ProcessMemoryReaderApi.OpenProcess(access, true, m_ReadProcess.Id);
120 // //m_hProcess = new SafeWaitHandle(handle, false);
121 // }
122 // catch (SEHException ex)
123 // {
124 // logger.Error.WriteLine("WriteProcessMemoryToFile() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
125 // logger.Error.WriteLine(ex.ToString());
126 // throw ex;
127 // }
128 // catch (Exception ex)
129 // {
130 // logger.Error.WriteLine(ex.ToString());
131 // throw ex;
132 // }
133 //}
134
135 //public void CloseHandle()
136 //{
137 // try
138 // {
139 // ////if (handle.IsInvalid) { return; }
140 // ////if (handle.IsClosed) { return; }
141 // //m_hProcess.Close();
142 // //m_hProcess.Dispose();
143 // //m_hProcess = null;
144 // //handle = IntPtr.Zero;
145 // //m_ReadProcess = null;
146 // //string stack_trace = System.Environment.StackTrace;
147 // int iRetValue;
148 // iRetValue = ProcessMemoryReaderApi.CloseHandle(handle);
149 // handle = IntPtr.Zero;
150 // ReadProcess = null;
151 // if (iRetValue == 0)
152 // {
153 // throw new Exception("CloseHandle failed");
154 // }
155 // }
156 // catch (SEHException ex)
157 // {
158 // logger.Error.WriteLine("WriteProcessMemoryToFile() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
159 // logger.Error.WriteLine(ex.ToString());
160 // throw ex;
161 // }
162 // catch (Exception ex)
163 // {
164 // logger.Error.WriteLine(ex.ToString());
165 // throw ex;
166 // }
167 //}
168 /// <summary>
169 /// ProcessMemoryReader is a class that enables direct reading a process memory
170 /// </summary>
171 private class ProcessMemoryReaderApi
172 {
173 [DllImport("kernel32.dll")]
174 public static extern int VirtualQueryEx(IntPtr hProcess, IntPtr lpAddress, out MEMORY_BASIC_INFORMATION lpBuffer, uint dwLength);
175
176 // function declarations are found in the MSDN and in <winbase.h>
177
178 // HANDLE OpenProcess(
179 // DWORD dwDesiredAccess, // access flag
180 // BOOL bInheritHandle, // handle inheritance option
181 // DWORD dwProcessId // process identifier
182 // );
183 [DllImport("kernel32.dll")]
184 public static extern IntPtr OpenProcess(ProcessAccessFlags dwDesiredAccess, [MarshalAs(UnmanagedType.Bool)] bool bInheritHandle, int dwProcessId);
185
186 // BOOL CloseHandle(
187 // HANDLE hObject // handle to object
188 // );
189 [DllImport("kernel32.dll")]
190 public static extern Int32 CloseHandle(IntPtr hObject);
191
192 // BOOL ReadProcessMemory(
193 // HANDLE hProcess, // handle to the process
194 // LPCVOID lpBaseAddress, // base of memory area
195 // LPVOID lpBuffer, // data buffer
196 // SIZE_T nSize, // number of bytes to read
197 // SIZE_T * lpNumberOfBytesRead // number of bytes read
198 // );
199 [DllImport("kernel32.dll", SetLastError = true)]
200 public static extern bool ReadProcessMemory(
201 IntPtr hProcess,
202 IntPtr lpBaseAddress,
203 [Out] byte[] lpBuffer,
204 uint dwSize,
205 out int lpNumberOfBytesRead
206 );
207
208 // BOOL WriteProcessMemory(
209 // HANDLE hProcess, // handle to process
210 // LPVOID lpBaseAddress, // base of memory area
211 // LPCVOID lpBuffer, // data buffer
212 // SIZE_T nSize, // count of bytes to write
213 // SIZE_T * lpNumberOfBytesWritten // count of bytes written
214 // );
215 [DllImport("kernel32.dll", SetLastError = true)]
216 public static extern bool WriteProcessMemory(
217 IntPtr hProcess,
218 IntPtr lpBaseAddress,
219 byte[] lpBuffer,
220 uint nSize,
221 out UIntPtr lpNumberOfBytesWritten);
222
223
224 }
225
226 #region IMemoryReader Members
227 #region public bool ReadFirstNonZeroByte(uint MemoryAddress, uint bytesToRead, out int address)
228 public bool ReadFirstNonZeroByte(int MemoryAddress, uint bytesToRead, out int address)
229 {
230 //logger.Info.WriteLine("Dumping memory (0x{0:x8}-0x{1:x8}) from pid=({2})", MemoryAddress, MemoryAddress + bytesToRead, string.Format("0x{0:x4} {1}.exe", ppid.Id, ppid.ProcessName));
231 address = 0;
232 uint byte_alignment = 1;
233 // get common init parameters
234 //InitMemoryDump(out byte_alignment);
235 int mem_address = MemoryAddress;
236 uint _bytesToRead = bytesToRead;
237 byte[] buffer = new byte[] { };
238 try
239 {
240 //using (MemoryStream ms = new MemoryStream())
241 //{
242 // //BinaryWriter bw = new BinaryWriter(ms);
243 // //foreach (byte b in data) { bw.Write(b); }
244 for (uint i = 0; i <= bytesToRead; )
245 {
246 if (_bytesToRead < byte_alignment)
247 {
248 _bytesToRead = bytesToRead;
249 buffer = new byte[_bytesToRead];
250 }
251 else
252 {
253 _bytesToRead = byte_alignment;
254 buffer = new byte[byte_alignment];
255 }
256 int bytesRead = 0;
257 ReadProcessMemory(mem_address, _bytesToRead, out bytesRead, out buffer);
258 if (buffer.Length == 0 && bytesRead == 0)
259 {
260 throw new Exception(string.Format("Failed to read memory from process: {0}", ReadProcess.ToString()));
261 }
262 //bw.Write(buffer);
263 //bw.Flush();
264 if (_bytesToRead < byte_alignment)
265 {
266 i += _bytesToRead;
267 mem_address += (int)_bytesToRead;
268 }
269 else
270 {
271 i += byte_alignment;
272 mem_address += (int)byte_alignment;
273 }
274 for (uint j = 0; j < buffer.Length; j++)
275 {
276 if (buffer[j] != 0)
277 {
278 address = mem_address;
279 break;
280 }
281 }
282 if (address != 0)
283 break;
284 }
285 // bw.Close();
286 //}
287 //logger.Info.WriteLine("Succefully dumped memory (0x{0:x8}-0x{1:x8}) from pid=({2})", MemoryAddress, MemoryAddress + bytesToRead, string.Format("0x{0:x4} {1}.exe", ppid.Id, ppid.ProcessName));
288 return true;
289 }
290 catch (SEHException ex)
291 {
292 logger.Error.WriteLine("ReadFirstNonZeroByte() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
293 logger.Error.WriteLine(ex.ToString());
294 throw ex;
295 }
296 catch (OutOfMemoryException ex)
297 {
298 logger.Error.WriteLine("ReadFirstNonZeroByte(): OutOfMemoryException");
299 logger.Error.WriteLine(ex.ToString());
300 }
301 catch (Exception ex)
302 {
303 logger.Error.WriteLine("ReadFirstNonZeroByte(): Exception");
304 logger.Error.WriteLine(ex.ToString());
305 throw ex;
306 }
307 return false;
308 }
309 #endregion
310
311 public void ReadProcessMemoryAtOnce(uint MemoryAddress, uint bytesToRead, object UserState)
312 {
313 uint size = 1024 * 128;
314 int count = 0;
315 for (uint j = MemoryAddress; j < (MemoryAddress + bytesToRead); j += size)
316 {
317 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)j, (int)size))
318 {
319 byte[] bigMem = mem.Read();
320 count += bigMem.Length;
321 if (this.OnBytesRead != null)
322 this.OnBytesRead.Invoke(new OnBytesReadEventArgs(this, UserState, bigMem, j, bytesToRead));
323 bigMem = null;
324 }
325 }
326 }
327 public void ReadProcessMemoryAtOnce(uint MemoryAddress, uint bytesToRead, out int bytesRead, out byte[] data)
328 {
329 Stopwatch st = new Stopwatch();
330 st.Start();
331 List<byte> buffer_list = new List<byte>();
332 //for (uint j = MemoryAddress; j < (MemoryAddress+bytesToRead); j += size)
333 //{
334 // using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)j, (int)bytesToRead))
335 // {
336 // byte[] bigMem = mem.Read();
337 // foreach (byte b in bigMem) { buffer_list.Add(b); }
338 // bigMem = null;
339 // }
340 //}
341
342 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)MemoryAddress, (int)bytesToRead))
343 {
344 byte[] bigMem = mem.Read();
345 foreach (byte b in bigMem) { buffer_list.Add(b); }
346 bigMem = null;
347 }
348
349 bytesRead = buffer_list.Count;
350 data = new byte[bytesToRead];
351 data.Initialize();
352 Buffer.BlockCopy(buffer_list.ToArray(), 0, data, 0, (int)bytesToRead);
353 st.Stop();
354 logger.Profiler.WriteLine("ReadProcessMemoryAtOnce(): start=0x{0:x8} end=0x{1:x8} took {2:0.0000} seconds", MemoryAddress, MemoryAddress + bytesToRead, st.Elapsed.TotalSeconds);
355 }
356 #region public void ReadProcessMemory(int MemoryAddress, uint bytesToRead, out int bytesRead, out byte[] data)
357 public void ReadProcessMemory(int MemoryAddress, uint bytesToRead, out int bytesRead, out byte[] data)
358 {
359 ReadProcessMemory((uint)MemoryAddress, bytesToRead, out bytesRead, out data);
360 }
361 public void ReadProcessMemory(uint MemoryAddress, uint bytesToRead, out int bytesRead, out byte[] data)
362 {
363 try
364 {
365 ReadProcessMemoryAtOnce(MemoryAddress, bytesToRead, out bytesRead, out data);
366 //bytesRead = 0;
367 //data = new byte[bytesToRead];
368 //const int alignment = 1;
369 //List<byte> buffer_list = new List<byte>();
370 //uint _MemoryAddress = MemoryAddress;
371 //for (int i = 0; i < bytesToRead; i++)
372 //{
373 // byte[] buffer = new byte[alignment];
374 // int _bytesRead = 0;
375 // MEMORY_BASIC_INFORMATION m;
376 // ProcessMemoryReaderApi.VirtualQueryEx(m_ReadProcess.Handle, (IntPtr)_MemoryAddress, out m, (uint)Marshal.SizeOf(typeof(MEMORY_BASIC_INFORMATION)));
377
378 // if (m.AllocationProtect.HasFlag(AllocationProtect.PAGE_NOACCESS) ||
379 // m.AllocationProtect == 0)
380 // {
381 // uint OrignalAddress = _MemoryAddress;
382 // while (m.AllocationProtect.HasFlag(AllocationProtect.PAGE_NOACCESS) || m.AllocationProtect == 0)
383 // {
384 // ProcessMemoryReaderApi.VirtualQueryEx(m_ReadProcess.Handle, (IntPtr)_MemoryAddress, out m, (uint)Marshal.SizeOf(typeof(MEMORY_BASIC_INFORMATION)));
385 // _MemoryAddress++;
386 // buffer_list.Add(0);
387 // }
388 // _MemoryAddress--;
389 // uint diff = _MemoryAddress - OrignalAddress;
390 // i += (int)diff;
391 // buffer_list.RemoveAt(buffer_list.Count-1);
392 // }
393
394 // ProcessMemoryReader.ProcessMemoryReaderApi.ReadProcessMemory(handle, (IntPtr)_MemoryAddress, buffer, alignment, out _bytesRead);
395 // int LastError = Marshal.GetLastWin32Error();
396 // if (LastError != ResultWin32.ERROR_SUCCESS)
397 // {
398 // string ErrorName = ResultWin32.GetErrorName(LastError);
399 // }
400 // if (_bytesRead > 0)
401 // {
402 // foreach (byte b in buffer)
403 // {
404 // buffer_list.Add(b);
405 // }
406 // _MemoryAddress += (uint)buffer.Length;
407 // }
408 //}
409 //bytesRead = buffer_list.Count;
410 //Buffer.BlockCopy(buffer_list.ToArray(), 0, data, 0, (int)bytesToRead);
411 }
412 catch (SEHException ex)
413 {
414 logger.Error.WriteLine("ReadProcessMemory() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
415 logger.Error.WriteLine(ex.ToString());
416 throw ex;
417 }
418 catch (Exception ex)
419 {
420 logger.Error.WriteLine("ReadProcessMemory(): Exception");
421 logger.Error.WriteLine(ex.ToString());
422 throw ex;
423 }
424 }
425 #endregion
426 #endregion
427
428 #region IMemoryWriter Members
429 #region public void WriteProcessMemory(uint MemoryAddress, byte[] bytesToWrite, out int bytesWritten)
430 public void WriteProcessMemory(int MemoryAddress, byte[] bytesToWrite, out int bytesWritten)
431 {
432 uint _bytesWritten = 0;
433 WriteProcessMemory((uint)MemoryAddress, bytesToWrite, out _bytesWritten);
434 bytesWritten = (int)_bytesWritten;
435 }
436 public void WriteProcessMemory(uint MemoryAddress, byte[] bytesToWrite, out uint bytesWritten)
437 {
438 try
439 {
440 //uint _bytesWritten = 0;
441 uint _MemoryAddress = MemoryAddress;
442
443 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)MemoryAddress, bytesToWrite.Length))
444 {
445 mem.Write(0, bytesToWrite);
446 }
447
448 //for (int i = 0; i < bytesToWrite.Length; i++)
449 //{
450 // UIntPtr _ptrBytesWritten = UIntPtr.Zero;
451 // byte[] buffer = new byte[] { bytesToWrite[i] };
452 // ProcessMemoryReaderApi.WriteProcessMemory(handle, (IntPtr)_MemoryAddress, buffer, (uint)buffer.Length, out _ptrBytesWritten);
453 // _MemoryAddress++;
454 // _bytesWritten++;
455 //}
456 //bytesWritten = _bytesWritten;
457 bytesWritten = (uint)bytesToWrite.Length;
458 }
459 catch (SEHException ex)
460 {
461 logger.Error.WriteLine("WriteProcessMemory() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
462 logger.Error.WriteLine(ex.ToString());
463 throw ex;
464 }
465 catch (Exception ex)
466 {
467
468 logger.Error.WriteLine("WriteProcessMemory() Exception");
469 logger.Error.WriteLine(ex.ToString());
470 bytesWritten = 0;
471 throw ex;
472 }
473 }
474 #endregion
475 #endregion
476
477 #region IFileWriter Members
478 #region public bool WriteProcessMemoryToFile(string filename, uint MemoryAddress, uint bytesToRead, out int bytesRead)
479 public bool WriteProcessMemoryToFile(string filename, int MemoryAddress, uint bytesToRead, out int bytesRead)
480 {
481 //logger.Info.WriteLine("Dumping memory (0x{0:x8}-0x{1:x8}) from pid=({3}) to file {2}", MemoryAddress, MemoryAddress + bytesToRead, filename, string.Format("0x{0:x4} {1}.exe", ppid.Id, ppid.ProcessName));
482 bytesRead = 0;
483 uint byte_alignment = 102400;
484 int address = MemoryAddress;
485 uint _bytesToRead = bytesToRead;
486 byte[] buffer = new byte[] { };
487 try
488 {
489 FileInfo fi = new FileInfo(filename);
490 if (fi.Exists)
491 fi.Delete();
492 using (FileStream fs = new FileStream(filename, FileMode.CreateNew, FileAccess.ReadWrite, FileShare.ReadWrite))
493 {
494 BinaryWriter bw = new BinaryWriter(fs);
495 //foreach (byte b in data) { bw.Write(b); }
496
497 for (uint i = 0; i <= bytesToRead; )
498 {
499 if (_bytesToRead < byte_alignment)
500 {
501 _bytesToRead = bytesToRead;
502 buffer = new byte[_bytesToRead];
503 }
504 else
505 {
506 _bytesToRead = byte_alignment;
507 buffer = new byte[byte_alignment];
508 }
509 ReadProcessMemory(address, _bytesToRead, out bytesRead, out buffer);
510 bw.Write(buffer);
511 bw.Flush();
512
513 if (_bytesToRead < byte_alignment)
514 {
515 i += _bytesToRead;
516 address += (int)_bytesToRead;
517 }
518 else
519 {
520 i += byte_alignment;
521 address += (int)byte_alignment;
522 }
523
524
525 }
526 bw.Close();
527 }
528 logger.Info.WriteLine("Succefully dumped memory (0x{0:x8}-0x{1:x8}) from pid=({3}) to file {2}", MemoryAddress, MemoryAddress + bytesToRead, filename, string.Format("0x{0:x4} {1}.exe", ReadProcess.Id, ReadProcess.ProcessName));
529 return true;
530 }
531 catch (SEHException ex)
532 {
533 logger.Error.WriteLine("WriteProcessMemoryToFile() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
534 logger.Error.WriteLine(ex.ToString());
535 throw ex;
536 }
537 catch (OutOfMemoryException ex)
538 {
539 logger.Error.WriteLine("WriteProcessMemoryToFile(): Exception");
540 logger.Error.WriteLine(ex.ToString());
541 }
542 catch (Exception ex)
543 {
544 logger.Error.WriteLine("WriteProcessMemoryToFile(): Exception");
545 logger.Error.WriteLine(ex.ToString());
546 throw ex;
547 }
548 return false;
549 }
550 #endregion
551 #endregion
552
553 #region IPatchMemory members
554 #region public virtual bool PatchMemory(uint address, byte value)
555 public virtual bool PatchMemory(uint address, byte value)
556 {
557 byte[] bitData = BitConverter.GetBytes(value);
558 //UIntPtr ptrBytesWritten;
559 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
560 {
561 mem.Write(0, bitData);
562 }
563 //ProcessMemoryReaderApi.WriteProcessMemory(handle, (IntPtr)address, bitData, (uint)bitData.Length, out ptrBytesWritten);
564 //if (ptrBytesWritten.ToUInt32() == 0)
565 // return false;
566 byte check = 0;
567 ReadMemory(address, out check);
568 if (check == value) return true;
569 return false;
570 }
571 #endregion
572 #region public virtual bool PatchMemory(uint address, sbyte value)
573 public virtual bool PatchMemory(uint address, sbyte value)
574 {
575 byte[] bitData = BitConverter.GetBytes(value);
576 //UIntPtr ptrBytesWritten;
577 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
578 {
579 mem.Write(0, bitData);
580 }
581 //ProcessMemoryReaderApi.WriteProcessMemory(handle, (IntPtr)address, bitData, (uint)bitData.Length, out ptrBytesWritten);
582 //if (ptrBytesWritten.ToUInt32() == 0)
583 // return false;
584 sbyte check = 0;
585 ReadMemory(address, out check);
586 if (check == value) return true;
587 return false;
588 }
589 #endregion
590 #region public virtual bool PatchMemory(uint address, ushort value)
591 public virtual bool PatchMemory(uint address, ushort value)
592 {
593 byte[] bitData = BitConverter.GetBytes(value);
594 //UIntPtr ptrBytesWritten;
595 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
596 {
597 mem.Write(0, bitData);
598 }
599 //if (ptrBytesWritten.ToUInt32() == 0)
600 // return false;
601 ushort check = 0;
602 ReadMemory(address, out check);
603 if (check == value) return true;
604 return false;
605 }
606 #endregion
607 #region public virtual bool PatchMemory(uint address, short value)
608 public virtual bool PatchMemory(uint address, short value)
609 {
610 byte[] bitData = BitConverter.GetBytes(value);
611 //UIntPtr ptrBytesWritten;
612 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
613 {
614 mem.Write(0, bitData);
615 }
616 //if (ptrBytesWritten.ToUInt32() == 0)
617 // return false;
618 short check = 0;
619 ReadMemory(address, out check);
620 if (check == value) return true;
621 return false;
622 }
623 #endregion
624 #region public virtual bool PatchMemory(uint address, uint value)
625 public virtual bool PatchMemory(uint address, uint value)
626 {
627 byte[] bitData = BitConverter.GetBytes(value);
628 //UIntPtr ptrBytesWritten;
629 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
630 {
631 mem.Write(0, bitData);
632 }
633 //if (ptrBytesWritten.ToUInt32() == 0)
634 // return false;
635 uint check = 0;
636 ReadMemory(address, out check);
637 if (check == value) return true;
638 return false;
639 }
640 #endregion
641 #region public virtual bool PatchMemory(uint address, int value)
642 public virtual bool PatchMemory(uint address, int value)
643 {
644 byte[] bitData = BitConverter.GetBytes(value);
645 //UIntPtr ptrBytesWritten;
646 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
647 {
648 mem.Write(0, bitData);
649 }
650 //if (ptrBytesWritten.ToUInt32() == 0)
651 // return false;
652 int check = 0;
653 ReadMemory(address, out check);
654 if (check == value) return true;
655 return false;
656 }
657 #endregion
658 #region public virtual bool PatchMemory(uint address, ulong value)
659 public virtual bool PatchMemory(uint address, ulong value)
660 {
661 byte[] bitData = BitConverter.GetBytes(value);
662 //UIntPtr ptrBytesWritten;
663 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
664 {
665 mem.Write(0, bitData);
666 }
667 //if (ptrBytesWritten.ToUInt32() == 0)
668 // return false;
669 ulong check = 0;
670 ReadMemory(address, out check);
671 if (check == value) return true;
672 return false;
673 }
674 #endregion
675 #region public virtual bool PatchMemory(uint address, long value)
676 public virtual bool PatchMemory(uint address, long value)
677 {
678 byte[] bitData = BitConverter.GetBytes(value);
679 //UIntPtr ptrBytesWritten;
680 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
681 {
682 mem.Write(0, bitData);
683 }
684 //if (ptrBytesWritten.ToUInt32() == 0)
685 // return false;
686 long check = 0;
687 ReadMemory(address, out check);
688 if (check == value) return true;
689 return false;
690 }
691 #endregion
692 #endregion
693
694 #region IReadMemory members
695 #region public virtual bool ReadMemory(uint address, out byte value)
696 public virtual bool ReadMemory(uint address, out byte value)
697 {
698 value = 0;
699 try
700 {
701 //int bytesRead;
702 uint size = sizeof(byte);
703 byte[] bitData = new byte[size];
704 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
705 {
706 mem.Read(0, (int)size);
707 }
708 //if (bytesRead == 0)
709 // return false;
710 value = bitData[0];
711 return true;
712 }
713 catch
714 {
715 value = 0x00;
716 return false;
717 }
718 }
719 #endregion
720 #region public virtual bool ReadMemory(uint address, out sbyte value)
721 public virtual bool ReadMemory(uint address, out sbyte value)
722 {
723 value = 0;
724 try
725 {
726 //int bytesRead;
727 uint size = sizeof(sbyte);
728 byte[] bitData = new byte[size];
729 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
730 {
731 mem.Read(0, (int)size);
732 }
733 //if (bytesRead == 0)
734 // return false;
735 value = Convert.ToSByte(bitData[0]);
736 return true;
737 }
738 catch
739 {
740 value = 0x00;
741 return false;
742 }
743 }
744 #endregion
745 #region public virtual bool ReadMemory(uint address, out ushort value)
746 public virtual bool ReadMemory(uint address, out ushort value)
747 {
748 value = 0;
749 try
750 {
751 //int bytesRead;
752 uint size = sizeof(ushort);
753 byte[] bitData = new byte[size];
754 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
755 {
756 mem.Read(0, (int)size);
757 }
758 //if (bytesRead == 0)
759 // return false;
760 value = BitConverter.ToUInt16(bitData, 0);
761 return true;
762 }
763 catch
764 {
765 value = 0x00;
766 return false;
767 }
768 }
769 #endregion
770 #region public virtual bool ReadMemory(uint address, out short value)
771 public virtual bool ReadMemory(uint address, out short value)
772 {
773 value = 0;
774 try
775 {
776 //int bytesRead;
777 uint size = sizeof(short);
778 byte[] bitData = new byte[size];
779 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
780 {
781 mem.Read(0, (int)size);
782 }
783 //if (bytesRead == 0)
784 // return false;
785 value = BitConverter.ToInt16(bitData, 0);
786 return true;
787 }
788 catch
789 {
790 value = 0x00;
791 return false;
792 }
793 }
794 #endregion
795 #region public virtual bool ReadMemory(uint address, out uint value)
796 public virtual bool ReadMemory(uint address, out uint value)
797 {
798 value = 0;
799 try
800 {
801 //int bytesRead;
802 uint size = sizeof(uint);
803 byte[] bitData = new byte[size];
804 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
805 {
806 mem.Read(0, (int)size);
807 }
808 //if (bytesRead == 0)
809 // return false;
810 value = BitConverter.ToUInt32(bitData, 0);
811 return true;
812 }
813 catch
814 {
815 value = 0x00;
816 return false;
817 }
818 }
819 #endregion
820 #region public virtual bool ReadMemory(uint address, out int value)
821 public virtual bool ReadMemory(uint address, out int value)
822 {
823 value = 0;
824 try
825 {
826 //int bytesRead;
827 uint size = sizeof(int);
828 byte[] bitData = new byte[size];
829 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
830 {
831 mem.Read(0, (int)size);
832 }
833 //if (bytesRead == 0)
834 // return false;
835 value = BitConverter.ToInt32(bitData, 0);
836 return true;
837 }
838 catch
839 {
840 value = 0x00;
841 return false;
842 }
843 }
844 #endregion
845 #region public virtual bool ReadMemory(uint address, out ulong value)
846 public virtual bool ReadMemory(uint address, out ulong value)
847 {
848 value = 0;
849 try
850 {
851 //int bytesRead;
852 uint size = sizeof(ulong);
853 byte[] bitData = new byte[size];
854 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
855 {
856 mem.Read(0, (int)size);
857 }
858 //if (bytesRead == 0)
859 // return false;
860 value = BitConverter.ToUInt64(bitData, 0);
861 return true;
862 }
863 catch
864 {
865 value = 0x00;
866 return false;
867 }
868 }
869 #endregion
870 #region public virtual bool ReadMemory(uint address, out long value)
871 public virtual bool ReadMemory(uint address, out long value)
872 {
873 value = 0;
874 try
875 {
876 // int bytesRead;
877 uint size = sizeof(long);
878 byte[] bitData = new byte[size];
879 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
880 {
881 mem.Read(0, (int)size);
882 }
883 //if (bytesRead == 0)
884 // return false;
885 value = BitConverter.ToInt64(bitData, 0);
886 return true;
887 }
888 catch
889 {
890 value = 0x00;
891 return false;
892 }
893 }
894 #endregion
895 #endregion
896 }
897 #endregion
898 }

  ViewVC Help
Powered by ViewVC 1.1.22