ViewVC Help
View File | Revision Log | Show Annotations | Download File | View Changeset | Root Listing
root/RomCheater/trunk/Win32/Sojaner.MemoryScanner/MemoryScanner.cs
Revision: 446
Committed: Sun Jun 2 19:52:03 2013 UTC (10 years, 3 months ago) by william
File size: 37506 byte(s)
Log Message: 
+ fix search cancel/reset

File Contents

# Content
1 #region Logging Defines
2 // include this any class or method that required logging, and comment-out what is not needed
3
4 #region Enabled logging levels
5 #define LOGGING_ENABLE_INFO
6 #define LOGGING_ENABLE_WARN
7 #define LOGGING_ENABLE_DEBUG
8 #define LOGGING_ENABLE_VERBOSEDEBUG
9 #define LOGGING_ENABLE_ERROR
10 #define LOGGING_ENABLE_VERBOSEERROR
11 //#define LOGGING_ENABLE_PROFILER
12 #endregion
13 #endregion
14 using System;
15 using System.Collections.Generic;
16 using System.Text;
17 using System.Diagnostics;
18 using System.Threading;
19 using System.Runtime.InteropServices;
20 using RomCheater.Logging;
21 using System.IO;
22 using Sojaner.MemoryScanner.MemoryProviers;
23 using Microsoft.Win32.SafeHandles;
24 using Microsoft.Win32.Interop;
25 using System.ComponentModel;
26 using ManagedWinapi;
27 using RomCheater.PluginFramework.Events;
28
29 namespace Sojaner.MemoryScanner
30 {
31 // code borrowed from: http://www.codeproject.com/KB/cs/sojaner_memory_scanner.aspx
32 #region ProcessMemoryReader class
33 //Thanks goes to Arik Poznanski for P/Invokes and methods needed to read and write the Memory
34 //For more information refer to "Minesweeper, Behind the scenes" article by Arik Poznanski at Codeproject.com
35 internal class ProcessMemoryReader : IMemoryReader, IMemoryWriter, IFileWriter, IPatchMemory,IReadMemory, IAcceptsBytesReadEvent
36 {
37 // constants information can be found in <winnt.h>
38 [Flags]
39 enum ProcessAccessFlags : uint
40 {
41 All = 0x001F0FFF,
42 Terminate = 0x00000001,
43 CreateThread = 0x00000002,
44 VMOperation = 0x00000008,
45 VMRead = 0x00000010,
46 VMWrite = 0x00000020,
47 DupHandle = 0x00000040,
48 SetInformation = 0x00000200,
49 QueryInformation = 0x00000400,
50 Synchronize = 0x00100000
51 }
52 [Flags]
53 public enum AllocationProtect : uint
54 {
55 // http://msdn.microsoft.com/en-us/library/windows/desktop/aa366786(v=vs.85).aspx
56 NONE = 0,
57 PAGE_NOACCESS = 0x00000001,
58 PAGE_READONLY = 0x00000002,
59 PAGE_READWRITE = 0x00000004,
60 PAGE_WRITECOPY = 0x00000008,
61 PAGE_EXECUTE = 0x00000010,
62 PAGE_EXECUTE_READ = 0x00000020,
63 PAGE_EXECUTE_READWRITE = 0x00000040,
64 PAGE_EXECUTE_WRITECOPY = 0x00000080,
65 PAGE_GUARD = 0x00000100,
66 PAGE_NOCACHE = 0x00000200,
67 PAGE_WRITECOMBINE = 0x00000400
68 }
69 [StructLayout(LayoutKind.Sequential)]
70 public struct MEMORY_BASIC_INFORMATION
71 {
72 public IntPtr BaseAddress;
73 public IntPtr AllocationBase;
74 public AllocationProtect AllocationProtect;
75 public IntPtr RegionSize;
76 public uint State;
77 public uint Protect;
78 public uint Type;
79 }
80
81 public ProcessMemoryReader()
82 {
83 }
84 public event BaseEventHandler<OnBytesReadEventArgs> OnBytesRead;
85 /// <summary>
86 /// Process from which to read
87 /// </summary>
88 public Process ReadProcess
89 {
90 get
91 {
92 return m_ReadProcess;
93 }
94 set
95 {
96 m_ReadProcess = value;
97 }
98 }
99
100 private Process m_ReadProcess = null;
101
102 //SafeWaitHandle handle;
103 //private IntPtr handle = IntPtr.Zero;
104 //SafeWaitHandle m_hProcess; /* unused */
105 //public void OpenProcess()
106 //{
107 // try
108 // {
109 // // m_hProcess = ProcessMemoryReaderApi.OpenProcess(ProcessMemoryReaderApi.PROCESS_VM_READ, 1, (uint)m_ReadProcess.Id);
110 // //if (!TokenAdjuster.AdjustProcessTokenPrivileges("SeDebugPrivilege"))
111 // //{
112 // // logger.Warn.WriteLine("Failed to set SeDebugPrivilege on current process");
113 // //}
114 // ProcessAccessFlags access;
115 // access = ProcessAccessFlags.VMRead
116 // | ProcessAccessFlags.VMWrite
117 // | ProcessAccessFlags.VMOperation;
118 // //m_hProcess = ProcessMemoryReaderApi.OpenProcess((uint)access, 1, (uint)m_ReadProcess.Id);
119 // handle = ProcessMemoryReaderApi.OpenProcess(access, true, m_ReadProcess.Id);
120 // //m_hProcess = new SafeWaitHandle(handle, false);
121 // }
122 // catch (SEHException ex)
123 // {
124 // logger.Error.WriteLine("WriteProcessMemoryToFile() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
125 // logger.Error.WriteLine(ex.ToString());
126 // throw ex;
127 // }
128 // catch (Exception ex)
129 // {
130 // logger.Error.WriteLine(ex.ToString());
131 // throw ex;
132 // }
133 //}
134
135 //public void CloseHandle()
136 //{
137 // try
138 // {
139 // ////if (handle.IsInvalid) { return; }
140 // ////if (handle.IsClosed) { return; }
141 // //m_hProcess.Close();
142 // //m_hProcess.Dispose();
143 // //m_hProcess = null;
144 // //handle = IntPtr.Zero;
145 // //m_ReadProcess = null;
146 // //string stack_trace = System.Environment.StackTrace;
147 // int iRetValue;
148 // iRetValue = ProcessMemoryReaderApi.CloseHandle(handle);
149 // handle = IntPtr.Zero;
150 // ReadProcess = null;
151 // if (iRetValue == 0)
152 // {
153 // throw new Exception("CloseHandle failed");
154 // }
155 // }
156 // catch (SEHException ex)
157 // {
158 // logger.Error.WriteLine("WriteProcessMemoryToFile() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
159 // logger.Error.WriteLine(ex.ToString());
160 // throw ex;
161 // }
162 // catch (Exception ex)
163 // {
164 // logger.Error.WriteLine(ex.ToString());
165 // throw ex;
166 // }
167 //}
168 /// <summary>
169 /// ProcessMemoryReader is a class that enables direct reading a process memory
170 /// </summary>
171 private class ProcessMemoryReaderApi
172 {
173 [DllImport("kernel32.dll")]
174 public static extern int VirtualQueryEx(IntPtr hProcess, IntPtr lpAddress, out MEMORY_BASIC_INFORMATION lpBuffer, uint dwLength);
175
176 // function declarations are found in the MSDN and in <winbase.h>
177
178 // HANDLE OpenProcess(
179 // DWORD dwDesiredAccess, // access flag
180 // BOOL bInheritHandle, // handle inheritance option
181 // DWORD dwProcessId // process identifier
182 // );
183 [DllImport("kernel32.dll")]
184 public static extern IntPtr OpenProcess(ProcessAccessFlags dwDesiredAccess, [MarshalAs(UnmanagedType.Bool)] bool bInheritHandle, int dwProcessId);
185
186 // BOOL CloseHandle(
187 // HANDLE hObject // handle to object
188 // );
189 [DllImport("kernel32.dll")]
190 public static extern Int32 CloseHandle(IntPtr hObject);
191
192 // BOOL ReadProcessMemory(
193 // HANDLE hProcess, // handle to the process
194 // LPCVOID lpBaseAddress, // base of memory area
195 // LPVOID lpBuffer, // data buffer
196 // SIZE_T nSize, // number of bytes to read
197 // SIZE_T * lpNumberOfBytesRead // number of bytes read
198 // );
199 [DllImport("kernel32.dll", SetLastError = true)]
200 public static extern bool ReadProcessMemory(
201 IntPtr hProcess,
202 IntPtr lpBaseAddress,
203 [Out] byte[] lpBuffer,
204 uint dwSize,
205 out int lpNumberOfBytesRead
206 );
207
208 // BOOL WriteProcessMemory(
209 // HANDLE hProcess, // handle to process
210 // LPVOID lpBaseAddress, // base of memory area
211 // LPCVOID lpBuffer, // data buffer
212 // SIZE_T nSize, // count of bytes to write
213 // SIZE_T * lpNumberOfBytesWritten // count of bytes written
214 // );
215 [DllImport("kernel32.dll", SetLastError = true)]
216 public static extern bool WriteProcessMemory(
217 IntPtr hProcess,
218 IntPtr lpBaseAddress,
219 byte[] lpBuffer,
220 uint nSize,
221 out UIntPtr lpNumberOfBytesWritten);
222
223
224 }
225
226 #region IMemoryReader Members
227 #region public bool ReadFirstNonZeroByte(uint MemoryAddress, uint bytesToRead, out int address)
228 public bool ReadFirstNonZeroByte(int MemoryAddress, uint bytesToRead, out int address)
229 {
230 //logger.Info.WriteLine("Dumping memory (0x{0:x8}-0x{1:x8}) from pid=({2})", MemoryAddress, MemoryAddress + bytesToRead, string.Format("0x{0:x4} {1}.exe", ppid.Id, ppid.ProcessName));
231 address = 0;
232 uint byte_alignment = 1;
233 // get common init parameters
234 //InitMemoryDump(out byte_alignment);
235 int mem_address = MemoryAddress;
236 uint _bytesToRead = bytesToRead;
237 byte[] buffer = new byte[] { };
238 try
239 {
240 //using (MemoryStream ms = new MemoryStream())
241 //{
242 // //BinaryWriter bw = new BinaryWriter(ms);
243 // //foreach (byte b in data) { bw.Write(b); }
244 for (uint i = 0; i <= bytesToRead; )
245 {
246 if (_bytesToRead < byte_alignment)
247 {
248 _bytesToRead = bytesToRead;
249 buffer = new byte[_bytesToRead];
250 }
251 else
252 {
253 _bytesToRead = byte_alignment;
254 buffer = new byte[byte_alignment];
255 }
256 int bytesRead = 0;
257 ReadProcessMemory(mem_address, _bytesToRead, out bytesRead, out buffer);
258 if (buffer.Length == 0 && bytesRead == 0)
259 {
260 throw new Exception(string.Format("Failed to read memory from process: {0}", ReadProcess.ToString()));
261 }
262 //bw.Write(buffer);
263 //bw.Flush();
264 if (_bytesToRead < byte_alignment)
265 {
266 i += _bytesToRead;
267 mem_address += (int)_bytesToRead;
268 }
269 else
270 {
271 i += byte_alignment;
272 mem_address += (int)byte_alignment;
273 }
274 for (uint j = 0; j < buffer.Length; j++)
275 {
276 if (buffer[j] != 0)
277 {
278 address = mem_address;
279 break;
280 }
281 }
282 if (address != 0)
283 break;
284 }
285 // bw.Close();
286 //}
287 //logger.Info.WriteLine("Succefully dumped memory (0x{0:x8}-0x{1:x8}) from pid=({2})", MemoryAddress, MemoryAddress + bytesToRead, string.Format("0x{0:x4} {1}.exe", ppid.Id, ppid.ProcessName));
288 return true;
289 }
290 catch (SEHException ex)
291 {
292 logger.Error.WriteLine("ReadFirstNonZeroByte() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
293 logger.Error.WriteLine(ex.ToString());
294 throw ex;
295 }
296 catch (OutOfMemoryException ex)
297 {
298 logger.Error.WriteLine("ReadFirstNonZeroByte(): OutOfMemoryException");
299 logger.Error.WriteLine(ex.ToString());
300 }
301 catch (Exception ex)
302 {
303 logger.Error.WriteLine("ReadFirstNonZeroByte(): Exception");
304 logger.Error.WriteLine(ex.ToString());
305 throw ex;
306 }
307 return false;
308 }
309 #endregion
310
311 public void ReadProcessMemoryAtOnce(uint MemoryAddress, uint bytesToRead, object UserState)
312 {
313 uint size = 1024 * 128;
314 int count = 0;
315 for (uint j = MemoryAddress; j < (MemoryAddress + bytesToRead); j += size)
316 {
317 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)j, (int)size))
318 {
319 byte[] bigMem = mem.Read();
320 count += bigMem.Length;
321 if (this.OnBytesRead != null)
322 {
323 OnBytesReadEventArgs t = new OnBytesReadEventArgs(this, UserState, bigMem, j, bytesToRead);
324 this.OnBytesRead.Invoke(t);
325 if (t.Canceled)
326 {
327 bigMem = null;
328 break;
329 }
330
331 }
332 bigMem = null;
333 }
334 }
335 }
336 public void ReadProcessMemoryAtOnce(uint MemoryAddress, uint bytesToRead, out int bytesRead, out byte[] data)
337 {
338 Stopwatch st = new Stopwatch();
339 st.Start();
340 List<byte> buffer_list = new List<byte>();
341 //for (uint j = MemoryAddress; j < (MemoryAddress+bytesToRead); j += size)
342 //{
343 // using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)j, (int)bytesToRead))
344 // {
345 // byte[] bigMem = mem.Read();
346 // foreach (byte b in bigMem) { buffer_list.Add(b); }
347 // bigMem = null;
348 // }
349 //}
350
351 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)MemoryAddress, (int)bytesToRead))
352 {
353 byte[] bigMem = mem.Read();
354 foreach (byte b in bigMem) { buffer_list.Add(b); }
355 bigMem = null;
356 }
357
358 bytesRead = buffer_list.Count;
359 data = new byte[bytesToRead];
360 data.Initialize();
361 Buffer.BlockCopy(buffer_list.ToArray(), 0, data, 0, (int)bytesToRead);
362 st.Stop();
363 logger.Profiler.WriteLine("ReadProcessMemoryAtOnce(): start=0x{0:x8} end=0x{1:x8} took {2:0.0000} seconds", MemoryAddress, MemoryAddress + bytesToRead, st.Elapsed.TotalSeconds);
364 }
365 #region public void ReadProcessMemory(int MemoryAddress, uint bytesToRead, out int bytesRead, out byte[] data)
366 public void ReadProcessMemory(int MemoryAddress, uint bytesToRead, out int bytesRead, out byte[] data)
367 {
368 ReadProcessMemory((uint)MemoryAddress, bytesToRead, out bytesRead, out data);
369 }
370 public void ReadProcessMemory(uint MemoryAddress, uint bytesToRead, out int bytesRead, out byte[] data)
371 {
372 try
373 {
374 ReadProcessMemoryAtOnce(MemoryAddress, bytesToRead, out bytesRead, out data);
375 //bytesRead = 0;
376 //data = new byte[bytesToRead];
377 //const int alignment = 1;
378 //List<byte> buffer_list = new List<byte>();
379 //uint _MemoryAddress = MemoryAddress;
380 //for (int i = 0; i < bytesToRead; i++)
381 //{
382 // byte[] buffer = new byte[alignment];
383 // int _bytesRead = 0;
384 // MEMORY_BASIC_INFORMATION m;
385 // ProcessMemoryReaderApi.VirtualQueryEx(m_ReadProcess.Handle, (IntPtr)_MemoryAddress, out m, (uint)Marshal.SizeOf(typeof(MEMORY_BASIC_INFORMATION)));
386
387 // if (m.AllocationProtect.HasFlag(AllocationProtect.PAGE_NOACCESS) ||
388 // m.AllocationProtect == 0)
389 // {
390 // uint OrignalAddress = _MemoryAddress;
391 // while (m.AllocationProtect.HasFlag(AllocationProtect.PAGE_NOACCESS) || m.AllocationProtect == 0)
392 // {
393 // ProcessMemoryReaderApi.VirtualQueryEx(m_ReadProcess.Handle, (IntPtr)_MemoryAddress, out m, (uint)Marshal.SizeOf(typeof(MEMORY_BASIC_INFORMATION)));
394 // _MemoryAddress++;
395 // buffer_list.Add(0);
396 // }
397 // _MemoryAddress--;
398 // uint diff = _MemoryAddress - OrignalAddress;
399 // i += (int)diff;
400 // buffer_list.RemoveAt(buffer_list.Count-1);
401 // }
402
403 // ProcessMemoryReader.ProcessMemoryReaderApi.ReadProcessMemory(handle, (IntPtr)_MemoryAddress, buffer, alignment, out _bytesRead);
404 // int LastError = Marshal.GetLastWin32Error();
405 // if (LastError != ResultWin32.ERROR_SUCCESS)
406 // {
407 // string ErrorName = ResultWin32.GetErrorName(LastError);
408 // }
409 // if (_bytesRead > 0)
410 // {
411 // foreach (byte b in buffer)
412 // {
413 // buffer_list.Add(b);
414 // }
415 // _MemoryAddress += (uint)buffer.Length;
416 // }
417 //}
418 //bytesRead = buffer_list.Count;
419 //Buffer.BlockCopy(buffer_list.ToArray(), 0, data, 0, (int)bytesToRead);
420 }
421 catch (SEHException ex)
422 {
423 logger.Error.WriteLine("ReadProcessMemory() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
424 logger.Error.WriteLine(ex.ToString());
425 throw ex;
426 }
427 catch (Exception ex)
428 {
429 logger.Error.WriteLine("ReadProcessMemory(): Exception");
430 logger.Error.WriteLine(ex.ToString());
431 throw ex;
432 }
433 }
434 #endregion
435 #endregion
436
437 #region IMemoryWriter Members
438 #region public void WriteProcessMemory(uint MemoryAddress, byte[] bytesToWrite, out int bytesWritten)
439 public void WriteProcessMemory(int MemoryAddress, byte[] bytesToWrite, out int bytesWritten)
440 {
441 uint _bytesWritten = 0;
442 WriteProcessMemory((uint)MemoryAddress, bytesToWrite, out _bytesWritten);
443 bytesWritten = (int)_bytesWritten;
444 }
445 public void WriteProcessMemory(uint MemoryAddress, byte[] bytesToWrite, out uint bytesWritten)
446 {
447 try
448 {
449 //uint _bytesWritten = 0;
450 uint _MemoryAddress = MemoryAddress;
451
452 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)MemoryAddress, bytesToWrite.Length))
453 {
454 mem.Write(0, bytesToWrite);
455 }
456
457 //for (int i = 0; i < bytesToWrite.Length; i++)
458 //{
459 // UIntPtr _ptrBytesWritten = UIntPtr.Zero;
460 // byte[] buffer = new byte[] { bytesToWrite[i] };
461 // ProcessMemoryReaderApi.WriteProcessMemory(handle, (IntPtr)_MemoryAddress, buffer, (uint)buffer.Length, out _ptrBytesWritten);
462 // _MemoryAddress++;
463 // _bytesWritten++;
464 //}
465 //bytesWritten = _bytesWritten;
466 bytesWritten = (uint)bytesToWrite.Length;
467 }
468 catch (SEHException ex)
469 {
470 logger.Error.WriteLine("WriteProcessMemory() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
471 logger.Error.WriteLine(ex.ToString());
472 throw ex;
473 }
474 catch (Exception ex)
475 {
476
477 logger.Error.WriteLine("WriteProcessMemory() Exception");
478 logger.Error.WriteLine(ex.ToString());
479 bytesWritten = 0;
480 throw ex;
481 }
482 }
483 #endregion
484 #endregion
485
486 #region IFileWriter Members
487 #region public bool WriteProcessMemoryToFile(string filename, uint MemoryAddress, uint bytesToRead, out int bytesRead)
488 public bool WriteProcessMemoryToFile(string filename, int MemoryAddress, uint bytesToRead, out int bytesRead)
489 {
490 //logger.Info.WriteLine("Dumping memory (0x{0:x8}-0x{1:x8}) from pid=({3}) to file {2}", MemoryAddress, MemoryAddress + bytesToRead, filename, string.Format("0x{0:x4} {1}.exe", ppid.Id, ppid.ProcessName));
491 bytesRead = 0;
492 uint byte_alignment = 102400;
493 int address = MemoryAddress;
494 uint _bytesToRead = bytesToRead;
495 byte[] buffer = new byte[] { };
496 try
497 {
498 FileInfo fi = new FileInfo(filename);
499 if (fi.Exists)
500 fi.Delete();
501 using (FileStream fs = new FileStream(filename, FileMode.CreateNew, FileAccess.ReadWrite, FileShare.ReadWrite))
502 {
503 BinaryWriter bw = new BinaryWriter(fs);
504 //foreach (byte b in data) { bw.Write(b); }
505
506 for (uint i = 0; i <= bytesToRead; )
507 {
508 if (_bytesToRead < byte_alignment)
509 {
510 _bytesToRead = bytesToRead;
511 buffer = new byte[_bytesToRead];
512 }
513 else
514 {
515 _bytesToRead = byte_alignment;
516 buffer = new byte[byte_alignment];
517 }
518 ReadProcessMemory(address, _bytesToRead, out bytesRead, out buffer);
519 bw.Write(buffer);
520 bw.Flush();
521
522 if (_bytesToRead < byte_alignment)
523 {
524 i += _bytesToRead;
525 address += (int)_bytesToRead;
526 }
527 else
528 {
529 i += byte_alignment;
530 address += (int)byte_alignment;
531 }
532
533
534 }
535 bw.Close();
536 }
537 logger.Info.WriteLine("Succefully dumped memory (0x{0:x8}-0x{1:x8}) from pid=({3}) to file {2}", MemoryAddress, MemoryAddress + bytesToRead, filename, string.Format("0x{0:x4} {1}.exe", ReadProcess.Id, ReadProcess.ProcessName));
538 return true;
539 }
540 catch (SEHException ex)
541 {
542 logger.Error.WriteLine("WriteProcessMemoryToFile() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
543 logger.Error.WriteLine(ex.ToString());
544 throw ex;
545 }
546 catch (OutOfMemoryException ex)
547 {
548 logger.Error.WriteLine("WriteProcessMemoryToFile(): Exception");
549 logger.Error.WriteLine(ex.ToString());
550 }
551 catch (Exception ex)
552 {
553 logger.Error.WriteLine("WriteProcessMemoryToFile(): Exception");
554 logger.Error.WriteLine(ex.ToString());
555 throw ex;
556 }
557 return false;
558 }
559 #endregion
560 #endregion
561
562 #region IPatchMemory members
563 #region public virtual bool PatchMemory(uint address, byte value)
564 public virtual bool PatchMemory(uint address, byte value)
565 {
566 byte[] bitData = BitConverter.GetBytes(value);
567 //UIntPtr ptrBytesWritten;
568 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
569 {
570 mem.Write(0, bitData);
571 }
572 //ProcessMemoryReaderApi.WriteProcessMemory(handle, (IntPtr)address, bitData, (uint)bitData.Length, out ptrBytesWritten);
573 //if (ptrBytesWritten.ToUInt32() == 0)
574 // return false;
575 byte check = 0;
576 ReadMemory(address, out check);
577 if (check == value) return true;
578 return false;
579 }
580 #endregion
581 #region public virtual bool PatchMemory(uint address, sbyte value)
582 public virtual bool PatchMemory(uint address, sbyte value)
583 {
584 byte[] bitData = BitConverter.GetBytes(value);
585 //UIntPtr ptrBytesWritten;
586 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
587 {
588 mem.Write(0, bitData);
589 }
590 //ProcessMemoryReaderApi.WriteProcessMemory(handle, (IntPtr)address, bitData, (uint)bitData.Length, out ptrBytesWritten);
591 //if (ptrBytesWritten.ToUInt32() == 0)
592 // return false;
593 sbyte check = 0;
594 ReadMemory(address, out check);
595 if (check == value) return true;
596 return false;
597 }
598 #endregion
599 #region public virtual bool PatchMemory(uint address, ushort value)
600 public virtual bool PatchMemory(uint address, ushort value)
601 {
602 byte[] bitData = BitConverter.GetBytes(value);
603 //UIntPtr ptrBytesWritten;
604 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
605 {
606 mem.Write(0, bitData);
607 }
608 //if (ptrBytesWritten.ToUInt32() == 0)
609 // return false;
610 ushort check = 0;
611 ReadMemory(address, out check);
612 if (check == value) return true;
613 return false;
614 }
615 #endregion
616 #region public virtual bool PatchMemory(uint address, short value)
617 public virtual bool PatchMemory(uint address, short value)
618 {
619 byte[] bitData = BitConverter.GetBytes(value);
620 //UIntPtr ptrBytesWritten;
621 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
622 {
623 mem.Write(0, bitData);
624 }
625 //if (ptrBytesWritten.ToUInt32() == 0)
626 // return false;
627 short check = 0;
628 ReadMemory(address, out check);
629 if (check == value) return true;
630 return false;
631 }
632 #endregion
633 #region public virtual bool PatchMemory(uint address, uint value)
634 public virtual bool PatchMemory(uint address, uint value)
635 {
636 byte[] bitData = BitConverter.GetBytes(value);
637 //UIntPtr ptrBytesWritten;
638 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
639 {
640 mem.Write(0, bitData);
641 }
642 //if (ptrBytesWritten.ToUInt32() == 0)
643 // return false;
644 uint check = 0;
645 ReadMemory(address, out check);
646 if (check == value) return true;
647 return false;
648 }
649 #endregion
650 #region public virtual bool PatchMemory(uint address, int value)
651 public virtual bool PatchMemory(uint address, int value)
652 {
653 byte[] bitData = BitConverter.GetBytes(value);
654 //UIntPtr ptrBytesWritten;
655 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
656 {
657 mem.Write(0, bitData);
658 }
659 //if (ptrBytesWritten.ToUInt32() == 0)
660 // return false;
661 int check = 0;
662 ReadMemory(address, out check);
663 if (check == value) return true;
664 return false;
665 }
666 #endregion
667 #region public virtual bool PatchMemory(uint address, ulong value)
668 public virtual bool PatchMemory(uint address, ulong value)
669 {
670 byte[] bitData = BitConverter.GetBytes(value);
671 //UIntPtr ptrBytesWritten;
672 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
673 {
674 mem.Write(0, bitData);
675 }
676 //if (ptrBytesWritten.ToUInt32() == 0)
677 // return false;
678 ulong check = 0;
679 ReadMemory(address, out check);
680 if (check == value) return true;
681 return false;
682 }
683 #endregion
684 #region public virtual bool PatchMemory(uint address, long value)
685 public virtual bool PatchMemory(uint address, long value)
686 {
687 byte[] bitData = BitConverter.GetBytes(value);
688 //UIntPtr ptrBytesWritten;
689 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
690 {
691 mem.Write(0, bitData);
692 }
693 //if (ptrBytesWritten.ToUInt32() == 0)
694 // return false;
695 long check = 0;
696 ReadMemory(address, out check);
697 if (check == value) return true;
698 return false;
699 }
700 #endregion
701 #endregion
702
703 #region IReadMemory members
704 #region public virtual bool ReadMemory(uint address, out byte value)
705 public virtual bool ReadMemory(uint address, out byte value)
706 {
707 value = 0;
708 try
709 {
710 //int bytesRead;
711 uint size = sizeof(byte);
712 byte[] bitData = new byte[size];
713 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
714 {
715 mem.Read(0, (int)size);
716 }
717 //if (bytesRead == 0)
718 // return false;
719 value = bitData[0];
720 return true;
721 }
722 catch
723 {
724 value = 0x00;
725 return false;
726 }
727 }
728 #endregion
729 #region public virtual bool ReadMemory(uint address, out sbyte value)
730 public virtual bool ReadMemory(uint address, out sbyte value)
731 {
732 value = 0;
733 try
734 {
735 //int bytesRead;
736 uint size = sizeof(sbyte);
737 byte[] bitData = new byte[size];
738 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
739 {
740 mem.Read(0, (int)size);
741 }
742 //if (bytesRead == 0)
743 // return false;
744 value = Convert.ToSByte(bitData[0]);
745 return true;
746 }
747 catch
748 {
749 value = 0x00;
750 return false;
751 }
752 }
753 #endregion
754 #region public virtual bool ReadMemory(uint address, out ushort value)
755 public virtual bool ReadMemory(uint address, out ushort value)
756 {
757 value = 0;
758 try
759 {
760 //int bytesRead;
761 uint size = sizeof(ushort);
762 byte[] bitData = new byte[size];
763 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
764 {
765 mem.Read(0, (int)size);
766 }
767 //if (bytesRead == 0)
768 // return false;
769 value = BitConverter.ToUInt16(bitData, 0);
770 return true;
771 }
772 catch
773 {
774 value = 0x00;
775 return false;
776 }
777 }
778 #endregion
779 #region public virtual bool ReadMemory(uint address, out short value)
780 public virtual bool ReadMemory(uint address, out short value)
781 {
782 value = 0;
783 try
784 {
785 //int bytesRead;
786 uint size = sizeof(short);
787 byte[] bitData = new byte[size];
788 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
789 {
790 mem.Read(0, (int)size);
791 }
792 //if (bytesRead == 0)
793 // return false;
794 value = BitConverter.ToInt16(bitData, 0);
795 return true;
796 }
797 catch
798 {
799 value = 0x00;
800 return false;
801 }
802 }
803 #endregion
804 #region public virtual bool ReadMemory(uint address, out uint value)
805 public virtual bool ReadMemory(uint address, out uint value)
806 {
807 value = 0;
808 try
809 {
810 //int bytesRead;
811 uint size = sizeof(uint);
812 byte[] bitData = new byte[size];
813 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
814 {
815 mem.Read(0, (int)size);
816 }
817 //if (bytesRead == 0)
818 // return false;
819 value = BitConverter.ToUInt32(bitData, 0);
820 return true;
821 }
822 catch
823 {
824 value = 0x00;
825 return false;
826 }
827 }
828 #endregion
829 #region public virtual bool ReadMemory(uint address, out int value)
830 public virtual bool ReadMemory(uint address, out int value)
831 {
832 value = 0;
833 try
834 {
835 //int bytesRead;
836 uint size = sizeof(int);
837 byte[] bitData = new byte[size];
838 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
839 {
840 mem.Read(0, (int)size);
841 }
842 //if (bytesRead == 0)
843 // return false;
844 value = BitConverter.ToInt32(bitData, 0);
845 return true;
846 }
847 catch
848 {
849 value = 0x00;
850 return false;
851 }
852 }
853 #endregion
854 #region public virtual bool ReadMemory(uint address, out ulong value)
855 public virtual bool ReadMemory(uint address, out ulong value)
856 {
857 value = 0;
858 try
859 {
860 //int bytesRead;
861 uint size = sizeof(ulong);
862 byte[] bitData = new byte[size];
863 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
864 {
865 mem.Read(0, (int)size);
866 }
867 //if (bytesRead == 0)
868 // return false;
869 value = BitConverter.ToUInt64(bitData, 0);
870 return true;
871 }
872 catch
873 {
874 value = 0x00;
875 return false;
876 }
877 }
878 #endregion
879 #region public virtual bool ReadMemory(uint address, out long value)
880 public virtual bool ReadMemory(uint address, out long value)
881 {
882 value = 0;
883 try
884 {
885 // int bytesRead;
886 uint size = sizeof(long);
887 byte[] bitData = new byte[size];
888 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
889 {
890 mem.Read(0, (int)size);
891 }
892 //if (bytesRead == 0)
893 // return false;
894 value = BitConverter.ToInt64(bitData, 0);
895 return true;
896 }
897 catch
898 {
899 value = 0x00;
900 return false;
901 }
902 }
903 #endregion
904 #endregion
905 }
906 #endregion
907 }