/[RomCheater]/trunk/Win32/Sojaner.MemoryScanner/MemoryScanner.cs
ViewVC logotype

Contents of /trunk/Win32/Sojaner.MemoryScanner/MemoryScanner.cs

Parent Directory Parent Directory | Revision Log Revision Log


Revision 471 - (show annotations) (download)
Mon Jun 3 07:13:44 2013 UTC (8 years, 3 months ago) by william
File size: 39836 byte(s)
+ pass process informatin by using the process's PID, instead of passing the process as a reference

1 #region Logging Defines
2 // include this any class or method that required logging, and comment-out what is not needed
3
4 #region Enabled logging levels
5 #define LOGGING_ENABLE_INFO
6 #define LOGGING_ENABLE_WARN
7 #define LOGGING_ENABLE_DEBUG
8 #define LOGGING_ENABLE_VERBOSEDEBUG
9 #define LOGGING_ENABLE_ERROR
10 #define LOGGING_ENABLE_VERBOSEERROR
11 //#define LOGGING_ENABLE_PROFILER
12 #endregion
13 #endregion
14 using System;
15 using System.Collections.Generic;
16 using System.Text;
17 using System.Diagnostics;
18 using System.Threading;
19 using System.Runtime.InteropServices;
20 using RomCheater.Logging;
21 using System.IO;
22 using Sojaner.MemoryScanner.MemoryProviers;
23 using Microsoft.Win32.SafeHandles;
24 using Microsoft.Win32.Interop;
25 using System.ComponentModel;
26 using ManagedWinapi;
27 using RomCheater.PluginFramework.Events;
28 using libWin32.Win32.Threading;
29
30 namespace Sojaner.MemoryScanner
31 {
32 // code borrowed from: http://www.codeproject.com/KB/cs/sojaner_memory_scanner.aspx
33 #region ProcessMemoryReader class
34 //Thanks goes to Arik Poznanski for P/Invokes and methods needed to read and write the Memory
35 //For more information refer to "Minesweeper, Behind the scenes" article by Arik Poznanski at Codeproject.com
36 internal class ProcessMemoryReader : IMemoryReader, IMemoryWriter, IFileWriter, IPatchMemory,IReadMemory, IAcceptsBytesReadEvent
37 {
38 // constants information can be found in <winnt.h>
39 [Flags]
40 enum ProcessAccessFlags : uint
41 {
42 All = 0x001F0FFF,
43 Terminate = 0x00000001,
44 CreateThread = 0x00000002,
45 VMOperation = 0x00000008,
46 VMRead = 0x00000010,
47 VMWrite = 0x00000020,
48 DupHandle = 0x00000040,
49 SetInformation = 0x00000200,
50 QueryInformation = 0x00000400,
51 Synchronize = 0x00100000
52 }
53 [Flags]
54 public enum AllocationProtect : uint
55 {
56 // http://msdn.microsoft.com/en-us/library/windows/desktop/aa366786(v=vs.85).aspx
57 NONE = 0,
58 PAGE_NOACCESS = 0x00000001,
59 PAGE_READONLY = 0x00000002,
60 PAGE_READWRITE = 0x00000004,
61 PAGE_WRITECOPY = 0x00000008,
62 PAGE_EXECUTE = 0x00000010,
63 PAGE_EXECUTE_READ = 0x00000020,
64 PAGE_EXECUTE_READWRITE = 0x00000040,
65 PAGE_EXECUTE_WRITECOPY = 0x00000080,
66 PAGE_GUARD = 0x00000100,
67 PAGE_NOCACHE = 0x00000200,
68 PAGE_WRITECOMBINE = 0x00000400
69 }
70 [StructLayout(LayoutKind.Sequential)]
71 public struct MEMORY_BASIC_INFORMATION
72 {
73 public IntPtr BaseAddress;
74 public IntPtr AllocationBase;
75 public AllocationProtect AllocationProtect;
76 public IntPtr RegionSize;
77 public uint State;
78 public uint Protect;
79 public uint Type;
80 }
81
82 public ProcessMemoryReader()
83 {
84 }
85 public event BaseEventHandler<OnBytesReadEventArgs> OnBytesRead;
86 /// <summary>
87 /// Process from which to read
88 /// </summary>
89 public int ProcessPID
90 {
91 get
92 {
93 return m_ProcessPID;
94 }
95 set
96 {
97 m_ProcessPID = value;
98 }
99 }
100
101 private int m_ProcessPID = 0;
102
103 //SafeWaitHandle handle;
104 //private IntPtr handle = IntPtr.Zero;
105 //SafeWaitHandle m_hProcess; /* unused */
106 //public void OpenProcess()
107 //{
108 // try
109 // {
110 // // m_hProcess = ProcessMemoryReaderApi.OpenProcess(ProcessMemoryReaderApi.PROCESS_VM_READ, 1, (uint)m_ReadProcess.Id);
111 // //if (!TokenAdjuster.AdjustProcessTokenPrivileges("SeDebugPrivilege"))
112 // //{
113 // // logger.Warn.WriteLine("Failed to set SeDebugPrivilege on current process");
114 // //}
115 // ProcessAccessFlags access;
116 // access = ProcessAccessFlags.VMRead
117 // | ProcessAccessFlags.VMWrite
118 // | ProcessAccessFlags.VMOperation;
119 // //m_hProcess = ProcessMemoryReaderApi.OpenProcess((uint)access, 1, (uint)m_ReadProcess.Id);
120 // handle = ProcessMemoryReaderApi.OpenProcess(access, true, m_ReadProcess.Id);
121 // //m_hProcess = new SafeWaitHandle(handle, false);
122 // }
123 // catch (SEHException ex)
124 // {
125 // logger.Error.WriteLine("WriteProcessMemoryToFile() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
126 // logger.Error.WriteLine(ex.ToString());
127 // throw ex;
128 // }
129 // catch (Exception ex)
130 // {
131 // logger.Error.WriteLine(ex.ToString());
132 // throw ex;
133 // }
134 //}
135
136 //public void CloseHandle()
137 //{
138 // try
139 // {
140 // ////if (handle.IsInvalid) { return; }
141 // ////if (handle.IsClosed) { return; }
142 // //m_hProcess.Close();
143 // //m_hProcess.Dispose();
144 // //m_hProcess = null;
145 // //handle = IntPtr.Zero;
146 // //m_ReadProcess = null;
147 // //string stack_trace = System.Environment.StackTrace;
148 // int iRetValue;
149 // iRetValue = ProcessMemoryReaderApi.CloseHandle(handle);
150 // handle = IntPtr.Zero;
151 // ReadProcess = null;
152 // if (iRetValue == 0)
153 // {
154 // throw new Exception("CloseHandle failed");
155 // }
156 // }
157 // catch (SEHException ex)
158 // {
159 // logger.Error.WriteLine("WriteProcessMemoryToFile() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
160 // logger.Error.WriteLine(ex.ToString());
161 // throw ex;
162 // }
163 // catch (Exception ex)
164 // {
165 // logger.Error.WriteLine(ex.ToString());
166 // throw ex;
167 // }
168 //}
169 /// <summary>
170 /// ProcessMemoryReader is a class that enables direct reading a process memory
171 /// </summary>
172 private class ProcessMemoryReaderApi
173 {
174 [DllImport("kernel32.dll")]
175 public static extern int VirtualQueryEx(IntPtr hProcess, IntPtr lpAddress, out MEMORY_BASIC_INFORMATION lpBuffer, uint dwLength);
176
177 // function declarations are found in the MSDN and in <winbase.h>
178
179 // HANDLE OpenProcess(
180 // DWORD dwDesiredAccess, // access flag
181 // BOOL bInheritHandle, // handle inheritance option
182 // DWORD dwProcessId // process identifier
183 // );
184 [DllImport("kernel32.dll")]
185 public static extern IntPtr OpenProcess(ProcessAccessFlags dwDesiredAccess, [MarshalAs(UnmanagedType.Bool)] bool bInheritHandle, int dwProcessId);
186
187 // BOOL CloseHandle(
188 // HANDLE hObject // handle to object
189 // );
190 [DllImport("kernel32.dll")]
191 public static extern Int32 CloseHandle(IntPtr hObject);
192
193 // BOOL ReadProcessMemory(
194 // HANDLE hProcess, // handle to the process
195 // LPCVOID lpBaseAddress, // base of memory area
196 // LPVOID lpBuffer, // data buffer
197 // SIZE_T nSize, // number of bytes to read
198 // SIZE_T * lpNumberOfBytesRead // number of bytes read
199 // );
200 [DllImport("kernel32.dll", SetLastError = true)]
201 public static extern bool ReadProcessMemory(
202 IntPtr hProcess,
203 IntPtr lpBaseAddress,
204 [Out] byte[] lpBuffer,
205 uint dwSize,
206 out int lpNumberOfBytesRead
207 );
208
209 // BOOL WriteProcessMemory(
210 // HANDLE hProcess, // handle to process
211 // LPVOID lpBaseAddress, // base of memory area
212 // LPCVOID lpBuffer, // data buffer
213 // SIZE_T nSize, // count of bytes to write
214 // SIZE_T * lpNumberOfBytesWritten // count of bytes written
215 // );
216 [DllImport("kernel32.dll", SetLastError = true)]
217 public static extern bool WriteProcessMemory(
218 IntPtr hProcess,
219 IntPtr lpBaseAddress,
220 byte[] lpBuffer,
221 uint nSize,
222 out UIntPtr lpNumberOfBytesWritten);
223
224
225 }
226
227 #region IMemoryReader Members
228 #region public bool ReadFirstNonZeroByte(uint MemoryAddress, uint bytesToRead, out int address)
229 public bool ReadFirstNonZeroByte(int MemoryAddress, uint bytesToRead, out int address)
230 {
231 //logger.Info.WriteLine("Dumping memory (0x{0:x8}-0x{1:x8}) from pid=({2})", MemoryAddress, MemoryAddress + bytesToRead, string.Format("0x{0:x4} {1}.exe", ppid.Id, ppid.ProcessName));
232 address = 0;
233 uint byte_alignment = 1;
234 // get common init parameters
235 //InitMemoryDump(out byte_alignment);
236 int mem_address = MemoryAddress;
237 uint _bytesToRead = bytesToRead;
238 byte[] buffer = new byte[] { };
239 try
240 {
241 //using (MemoryStream ms = new MemoryStream())
242 //{
243 // //BinaryWriter bw = new BinaryWriter(ms);
244 // //foreach (byte b in data) { bw.Write(b); }
245 for (uint i = 0; i <= bytesToRead; )
246 {
247 if (_bytesToRead < byte_alignment)
248 {
249 _bytesToRead = bytesToRead;
250 buffer = new byte[_bytesToRead];
251 }
252 else
253 {
254 _bytesToRead = byte_alignment;
255 buffer = new byte[byte_alignment];
256 }
257 int bytesRead = 0;
258 ReadProcessMemory(mem_address, _bytesToRead, out bytesRead, out buffer);
259 if (buffer.Length == 0 && bytesRead == 0)
260 {
261 throw new Exception(string.Format("Failed to read memory from process: {0}", ProcessUtils.ProcessName(m_ProcessPID)));
262 }
263 //bw.Write(buffer);
264 //bw.Flush();
265 if (_bytesToRead < byte_alignment)
266 {
267 i += _bytesToRead;
268 mem_address += (int)_bytesToRead;
269 }
270 else
271 {
272 i += byte_alignment;
273 mem_address += (int)byte_alignment;
274 }
275 for (uint j = 0; j < buffer.Length; j++)
276 {
277 if (buffer[j] != 0)
278 {
279 address = mem_address;
280 break;
281 }
282 }
283 if (address != 0)
284 break;
285 }
286 // bw.Close();
287 //}
288 //logger.Info.WriteLine("Succefully dumped memory (0x{0:x8}-0x{1:x8}) from pid=({2})", MemoryAddress, MemoryAddress + bytesToRead, string.Format("0x{0:x4} {1}.exe", ppid.Id, ppid.ProcessName));
289 return true;
290 }
291 catch (SEHException ex)
292 {
293 logger.Error.WriteLine("ReadFirstNonZeroByte() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
294 logger.Error.WriteLine(ex.ToString());
295 throw ex;
296 }
297 catch (OutOfMemoryException ex)
298 {
299 logger.Error.WriteLine("ReadFirstNonZeroByte(): OutOfMemoryException");
300 logger.Error.WriteLine(ex.ToString());
301 }
302 catch (Exception ex)
303 {
304 logger.Error.WriteLine("ReadFirstNonZeroByte(): Exception");
305 logger.Error.WriteLine(ex.ToString());
306 throw ex;
307 }
308 return false;
309 }
310 #endregion
311
312 public void ReadProcessMemoryAtOnce(uint MemoryAddress, uint bytesToRead, object UserState)
313 {
314 using (Process p = Process.GetProcessById(m_ProcessPID))
315 {
316 uint size = 1024 * 128;
317 int count = 0;
318 for (uint j = MemoryAddress; j < (MemoryAddress + bytesToRead); j += size)
319 {
320 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(p, (IntPtr)j, (int)size))
321 {
322 byte[] bigMem = mem.Read();
323 count += bigMem.Length;
324 if (this.OnBytesRead != null)
325 {
326 OnBytesReadEventArgs t = new OnBytesReadEventArgs(this, UserState, bigMem, j, bytesToRead);
327 this.OnBytesRead.Invoke(t);
328 if (t.Canceled)
329 {
330 bigMem = null;
331 break;
332 }
333
334 }
335 bigMem = null;
336 }
337
338 }
339 }
340 }
341 public void ReadProcessMemoryAtOnce(uint MemoryAddress, uint bytesToRead, out int bytesRead, out byte[] data)
342 {
343 using (Process p = Process.GetProcessById(m_ProcessPID))
344 {
345 Stopwatch st = new Stopwatch();
346 st.Start();
347 List<byte> buffer_list = new List<byte>();
348 //for (uint j = MemoryAddress; j < (MemoryAddress+bytesToRead); j += size)
349 //{
350 // using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)j, (int)bytesToRead))
351 // {
352 // byte[] bigMem = mem.Read();
353 // foreach (byte b in bigMem) { buffer_list.Add(b); }
354 // bigMem = null;
355 // }
356 //}
357
358 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(p, (IntPtr)MemoryAddress, (int)bytesToRead))
359 {
360 byte[] bigMem = mem.Read();
361 foreach (byte b in bigMem) { buffer_list.Add(b); }
362 bigMem = null;
363 }
364
365 bytesRead = buffer_list.Count;
366 data = new byte[bytesToRead];
367 data.Initialize();
368 Buffer.BlockCopy(buffer_list.ToArray(), 0, data, 0, (int)bytesToRead);
369 st.Stop();
370 logger.Profiler.WriteLine("ReadProcessMemoryAtOnce(): start=0x{0:x8} end=0x{1:x8} took {2:0.0000} seconds", MemoryAddress, MemoryAddress + bytesToRead, st.Elapsed.TotalSeconds);
371 }
372 }
373 #region public void ReadProcessMemory(int MemoryAddress, uint bytesToRead, out int bytesRead, out byte[] data)
374 public void ReadProcessMemory(int MemoryAddress, uint bytesToRead, out int bytesRead, out byte[] data)
375 {
376 ReadProcessMemory((uint)MemoryAddress, bytesToRead, out bytesRead, out data);
377 }
378 public void ReadProcessMemory(uint MemoryAddress, uint bytesToRead, out int bytesRead, out byte[] data)
379 {
380 try
381 {
382 ReadProcessMemoryAtOnce(MemoryAddress, bytesToRead, out bytesRead, out data);
383 //bytesRead = 0;
384 //data = new byte[bytesToRead];
385 //const int alignment = 1;
386 //List<byte> buffer_list = new List<byte>();
387 //uint _MemoryAddress = MemoryAddress;
388 //for (int i = 0; i < bytesToRead; i++)
389 //{
390 // byte[] buffer = new byte[alignment];
391 // int _bytesRead = 0;
392 // MEMORY_BASIC_INFORMATION m;
393 // ProcessMemoryReaderApi.VirtualQueryEx(m_ReadProcess.Handle, (IntPtr)_MemoryAddress, out m, (uint)Marshal.SizeOf(typeof(MEMORY_BASIC_INFORMATION)));
394
395 // if (m.AllocationProtect.HasFlag(AllocationProtect.PAGE_NOACCESS) ||
396 // m.AllocationProtect == 0)
397 // {
398 // uint OrignalAddress = _MemoryAddress;
399 // while (m.AllocationProtect.HasFlag(AllocationProtect.PAGE_NOACCESS) || m.AllocationProtect == 0)
400 // {
401 // ProcessMemoryReaderApi.VirtualQueryEx(m_ReadProcess.Handle, (IntPtr)_MemoryAddress, out m, (uint)Marshal.SizeOf(typeof(MEMORY_BASIC_INFORMATION)));
402 // _MemoryAddress++;
403 // buffer_list.Add(0);
404 // }
405 // _MemoryAddress--;
406 // uint diff = _MemoryAddress - OrignalAddress;
407 // i += (int)diff;
408 // buffer_list.RemoveAt(buffer_list.Count-1);
409 // }
410
411 // ProcessMemoryReader.ProcessMemoryReaderApi.ReadProcessMemory(handle, (IntPtr)_MemoryAddress, buffer, alignment, out _bytesRead);
412 // int LastError = Marshal.GetLastWin32Error();
413 // if (LastError != ResultWin32.ERROR_SUCCESS)
414 // {
415 // string ErrorName = ResultWin32.GetErrorName(LastError);
416 // }
417 // if (_bytesRead > 0)
418 // {
419 // foreach (byte b in buffer)
420 // {
421 // buffer_list.Add(b);
422 // }
423 // _MemoryAddress += (uint)buffer.Length;
424 // }
425 //}
426 //bytesRead = buffer_list.Count;
427 //Buffer.BlockCopy(buffer_list.ToArray(), 0, data, 0, (int)bytesToRead);
428 }
429 catch (SEHException ex)
430 {
431 logger.Error.WriteLine("ReadProcessMemory() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
432 logger.Error.WriteLine(ex.ToString());
433 throw ex;
434 }
435 catch (Exception ex)
436 {
437 logger.Error.WriteLine("ReadProcessMemory(): Exception");
438 logger.Error.WriteLine(ex.ToString());
439 throw ex;
440 }
441 }
442 #endregion
443 #endregion
444
445 #region IMemoryWriter Members
446 #region public void WriteProcessMemory(uint MemoryAddress, byte[] bytesToWrite, out int bytesWritten)
447 public void WriteProcessMemory(int MemoryAddress, byte[] bytesToWrite, out int bytesWritten)
448 {
449 uint _bytesWritten = 0;
450 WriteProcessMemory((uint)MemoryAddress, bytesToWrite, out _bytesWritten);
451 bytesWritten = (int)_bytesWritten;
452 }
453 public void WriteProcessMemory(uint MemoryAddress, byte[] bytesToWrite, out uint bytesWritten)
454 {
455 try
456 {
457 using (Process p = Process.GetProcessById(m_ProcessPID))
458 {
459 //uint _bytesWritten = 0;
460 uint _MemoryAddress = MemoryAddress;
461
462 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(p, (IntPtr)MemoryAddress, bytesToWrite.Length))
463 {
464 mem.Write(0, bytesToWrite);
465 }
466
467 //for (int i = 0; i < bytesToWrite.Length; i++)
468 //{
469 // UIntPtr _ptrBytesWritten = UIntPtr.Zero;
470 // byte[] buffer = new byte[] { bytesToWrite[i] };
471 // ProcessMemoryReaderApi.WriteProcessMemory(handle, (IntPtr)_MemoryAddress, buffer, (uint)buffer.Length, out _ptrBytesWritten);
472 // _MemoryAddress++;
473 // _bytesWritten++;
474 //}
475 //bytesWritten = _bytesWritten;
476 bytesWritten = (uint)bytesToWrite.Length;
477 }
478 }
479 catch (SEHException ex)
480 {
481 logger.Error.WriteLine("WriteProcessMemory() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
482 logger.Error.WriteLine(ex.ToString());
483 throw ex;
484 }
485 catch (Exception ex)
486 {
487
488 logger.Error.WriteLine("WriteProcessMemory() Exception");
489 logger.Error.WriteLine(ex.ToString());
490 bytesWritten = 0;
491 throw ex;
492 }
493 }
494 #endregion
495 #endregion
496
497 #region IFileWriter Members
498 #region public bool WriteProcessMemoryToFile(string filename, uint MemoryAddress, uint bytesToRead, out int bytesRead)
499 public bool WriteProcessMemoryToFile(string filename, int MemoryAddress, uint bytesToRead, out int bytesRead)
500 {
501 //logger.Info.WriteLine("Dumping memory (0x{0:x8}-0x{1:x8}) from pid=({3}) to file {2}", MemoryAddress, MemoryAddress + bytesToRead, filename, string.Format("0x{0:x4} {1}.exe", ppid.Id, ppid.ProcessName));
502 bytesRead = 0;
503 uint byte_alignment = 102400;
504 int address = MemoryAddress;
505 uint _bytesToRead = bytesToRead;
506 byte[] buffer = new byte[] { };
507 try
508 {
509 FileInfo fi = new FileInfo(filename);
510 if (fi.Exists)
511 fi.Delete();
512 using (FileStream fs = new FileStream(filename, FileMode.CreateNew, FileAccess.ReadWrite, FileShare.ReadWrite))
513 {
514 BinaryWriter bw = new BinaryWriter(fs);
515 //foreach (byte b in data) { bw.Write(b); }
516
517 for (uint i = 0; i <= bytesToRead; )
518 {
519 if (_bytesToRead < byte_alignment)
520 {
521 _bytesToRead = bytesToRead;
522 buffer = new byte[_bytesToRead];
523 }
524 else
525 {
526 _bytesToRead = byte_alignment;
527 buffer = new byte[byte_alignment];
528 }
529 ReadProcessMemory(address, _bytesToRead, out bytesRead, out buffer);
530 bw.Write(buffer);
531 bw.Flush();
532
533 if (_bytesToRead < byte_alignment)
534 {
535 i += _bytesToRead;
536 address += (int)_bytesToRead;
537 }
538 else
539 {
540 i += byte_alignment;
541 address += (int)byte_alignment;
542 }
543
544
545 }
546 bw.Close();
547 }
548 logger.Info.WriteLine("Succefully dumped memory (0x{0:x8}-0x{1:x8}) from pid=({3}) to file {2}", MemoryAddress, MemoryAddress + bytesToRead, filename, string.Format("0x{0:x4} {1}.exe", m_ProcessPID, ProcessUtils.ProcessName(m_ProcessPID)));
549 return true;
550 }
551 catch (SEHException ex)
552 {
553 logger.Error.WriteLine("WriteProcessMemoryToFile() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
554 logger.Error.WriteLine(ex.ToString());
555 throw ex;
556 }
557 catch (OutOfMemoryException ex)
558 {
559 logger.Error.WriteLine("WriteProcessMemoryToFile(): Exception");
560 logger.Error.WriteLine(ex.ToString());
561 }
562 catch (Exception ex)
563 {
564 logger.Error.WriteLine("WriteProcessMemoryToFile(): Exception");
565 logger.Error.WriteLine(ex.ToString());
566 throw ex;
567 }
568 return false;
569 }
570 #endregion
571 #endregion
572
573 #region IPatchMemory members
574 #region public virtual bool PatchMemory(uint address, byte value)
575 public virtual bool PatchMemory(uint address, byte value)
576 {
577 using (Process p = Process.GetProcessById(m_ProcessPID))
578 {
579 byte[] bitData = BitConverter.GetBytes(value);
580 //UIntPtr ptrBytesWritten;
581 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(p, (IntPtr)address, bitData.Length))
582 {
583 mem.Write(0, bitData);
584 }
585 }
586 //ProcessMemoryReaderApi.WriteProcessMemory(handle, (IntPtr)address, bitData, (uint)bitData.Length, out ptrBytesWritten);
587 //if (ptrBytesWritten.ToUInt32() == 0)
588 // return false;
589 byte check = 0;
590 ReadMemory(address, out check);
591 if (check == value) return true;
592 return false;
593
594 }
595 #endregion
596 #region public virtual bool PatchMemory(uint address, sbyte value)
597 public virtual bool PatchMemory(uint address, sbyte value)
598 {
599 using (Process p = Process.GetProcessById(m_ProcessPID))
600 {
601 byte[] bitData = BitConverter.GetBytes(value);
602 //UIntPtr ptrBytesWritten;
603 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(p, (IntPtr)address, bitData.Length))
604 {
605 mem.Write(0, bitData);
606 }
607 }
608 //ProcessMemoryReaderApi.WriteProcessMemory(handle, (IntPtr)address, bitData, (uint)bitData.Length, out ptrBytesWritten);
609 //if (ptrBytesWritten.ToUInt32() == 0)
610 // return false;
611 sbyte check = 0;
612 ReadMemory(address, out check);
613 if (check == value) return true;
614 return false;
615 }
616 #endregion
617 #region public virtual bool PatchMemory(uint address, ushort value)
618 public virtual bool PatchMemory(uint address, ushort value)
619 {
620 using (Process p = Process.GetProcessById(m_ProcessPID))
621 {
622 byte[] bitData = BitConverter.GetBytes(value);
623 //UIntPtr ptrBytesWritten;
624 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(p, (IntPtr)address, bitData.Length))
625 {
626 mem.Write(0, bitData);
627 }
628 }
629 //if (ptrBytesWritten.ToUInt32() == 0)
630 // return false;
631 ushort check = 0;
632 ReadMemory(address, out check);
633 if (check == value) return true;
634 return false;
635 }
636 #endregion
637 #region public virtual bool PatchMemory(uint address, short value)
638 public virtual bool PatchMemory(uint address, short value)
639 {
640 using (Process p = Process.GetProcessById(m_ProcessPID))
641 {
642 byte[] bitData = BitConverter.GetBytes(value);
643 //UIntPtr ptrBytesWritten;
644 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(p, (IntPtr)address, bitData.Length))
645 {
646 mem.Write(0, bitData);
647 }
648 }
649 //if (ptrBytesWritten.ToUInt32() == 0)
650 // return false;
651 short check = 0;
652 ReadMemory(address, out check);
653 if (check == value) return true;
654 return false;
655 }
656 #endregion
657 #region public virtual bool PatchMemory(uint address, uint value)
658 public virtual bool PatchMemory(uint address, uint value)
659 {
660 using (Process p = Process.GetProcessById(m_ProcessPID))
661 {
662 byte[] bitData = BitConverter.GetBytes(value);
663 //UIntPtr ptrBytesWritten;
664 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(p, (IntPtr)address, bitData.Length))
665 {
666 mem.Write(0, bitData);
667 }
668 }
669 //if (ptrBytesWritten.ToUInt32() == 0)
670 // return false;
671 uint check = 0;
672 ReadMemory(address, out check);
673 if (check == value) return true;
674 return false;
675 }
676 #endregion
677 #region public virtual bool PatchMemory(uint address, int value)
678 public virtual bool PatchMemory(uint address, int value)
679 {
680 using (Process p = Process.GetProcessById(m_ProcessPID))
681 {
682 byte[] bitData = BitConverter.GetBytes(value);
683 //UIntPtr ptrBytesWritten;
684 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(p, (IntPtr)address, bitData.Length))
685 {
686 mem.Write(0, bitData);
687 }
688 }
689 //if (ptrBytesWritten.ToUInt32() == 0)
690 // return false;
691 int check = 0;
692 ReadMemory(address, out check);
693 if (check == value) return true;
694 return false;
695 }
696 #endregion
697 #region public virtual bool PatchMemory(uint address, ulong value)
698 public virtual bool PatchMemory(uint address, ulong value)
699 {
700 using (Process p = Process.GetProcessById(m_ProcessPID))
701 {
702 byte[] bitData = BitConverter.GetBytes(value);
703 //UIntPtr ptrBytesWritten;
704 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(p, (IntPtr)address, bitData.Length))
705 {
706 mem.Write(0, bitData);
707 }
708 }
709 //if (ptrBytesWritten.ToUInt32() == 0)
710 // return false;
711 ulong check = 0;
712 ReadMemory(address, out check);
713 if (check == value) return true;
714 return false;
715 }
716 #endregion
717 #region public virtual bool PatchMemory(uint address, long value)
718 public virtual bool PatchMemory(uint address, long value)
719 {
720 using (Process p = Process.GetProcessById(m_ProcessPID))
721 {
722 byte[] bitData = BitConverter.GetBytes(value);
723 //UIntPtr ptrBytesWritten;
724 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(p, (IntPtr)address, bitData.Length))
725 {
726 mem.Write(0, bitData);
727 }
728 }
729 //if (ptrBytesWritten.ToUInt32() == 0)
730 // return false;
731 long check = 0;
732 ReadMemory(address, out check);
733 if (check == value) return true;
734 return false;
735 }
736 #endregion
737 #endregion
738
739 #region IReadMemory members
740 #region public virtual bool ReadMemory(uint address, out byte value)
741 public virtual bool ReadMemory(uint address, out byte value)
742 {
743 value = 0;
744 try
745 {
746 //int bytesRead;
747 uint size = sizeof(byte);
748 byte[] bitData = new byte[size];
749 using (Process p = Process.GetProcessById(m_ProcessPID))
750 {
751 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(p, (IntPtr)address, (int)size))
752 {
753 mem.Read(0, (int)size);
754 }
755 }
756 //if (bytesRead == 0)
757 // return false;
758 value = bitData[0];
759 return true;
760 }
761 catch
762 {
763 value = 0x00;
764 return false;
765 }
766 }
767 #endregion
768 #region public virtual bool ReadMemory(uint address, out sbyte value)
769 public virtual bool ReadMemory(uint address, out sbyte value)
770 {
771 value = 0;
772 try
773 {
774 //int bytesRead;
775 uint size = sizeof(sbyte);
776 byte[] bitData = new byte[size];
777 using (Process p = Process.GetProcessById(m_ProcessPID))
778 {
779 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(p, (IntPtr)address, (int)size))
780 {
781 mem.Read(0, (int)size);
782 }
783 }
784 //if (bytesRead == 0)
785 // return false;
786 value = Convert.ToSByte(bitData[0]);
787 return true;
788 }
789 catch
790 {
791 value = 0x00;
792 return false;
793 }
794 }
795 #endregion
796 #region public virtual bool ReadMemory(uint address, out ushort value)
797 public virtual bool ReadMemory(uint address, out ushort value)
798 {
799 value = 0;
800 try
801 {
802 //int bytesRead;
803 uint size = sizeof(ushort);
804 byte[] bitData = new byte[size];
805 using (Process p = Process.GetProcessById(m_ProcessPID))
806 {
807 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(p, (IntPtr)address, (int)size))
808 {
809 mem.Read(0, (int)size);
810 }
811 }
812 //if (bytesRead == 0)
813 // return false;
814 value = BitConverter.ToUInt16(bitData, 0);
815 return true;
816 }
817 catch
818 {
819 value = 0x00;
820 return false;
821 }
822 }
823 #endregion
824 #region public virtual bool ReadMemory(uint address, out short value)
825 public virtual bool ReadMemory(uint address, out short value)
826 {
827 value = 0;
828 try
829 {
830 //int bytesRead;
831 uint size = sizeof(short);
832 byte[] bitData = new byte[size];
833 using (Process p = Process.GetProcessById(m_ProcessPID))
834 {
835 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(p, (IntPtr)address, (int)size))
836 {
837 mem.Read(0, (int)size);
838 }
839 }
840 //if (bytesRead == 0)
841 // return false;
842 value = BitConverter.ToInt16(bitData, 0);
843 return true;
844 }
845 catch
846 {
847 value = 0x00;
848 return false;
849 }
850 }
851 #endregion
852 #region public virtual bool ReadMemory(uint address, out uint value)
853 public virtual bool ReadMemory(uint address, out uint value)
854 {
855 value = 0;
856 try
857 {
858 //int bytesRead;
859 uint size = sizeof(uint);
860 byte[] bitData = new byte[size];
861 using (Process p = Process.GetProcessById(m_ProcessPID))
862 {
863 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(p, (IntPtr)address, (int)size))
864 {
865 mem.Read(0, (int)size);
866 }
867 }
868 //if (bytesRead == 0)
869 // return false;
870 value = BitConverter.ToUInt32(bitData, 0);
871 return true;
872 }
873 catch
874 {
875 value = 0x00;
876 return false;
877 }
878 }
879 #endregion
880 #region public virtual bool ReadMemory(uint address, out int value)
881 public virtual bool ReadMemory(uint address, out int value)
882 {
883 value = 0;
884 try
885 {
886 //int bytesRead;
887 uint size = sizeof(int);
888 byte[] bitData = new byte[size];
889 using (Process p = Process.GetProcessById(m_ProcessPID))
890 {
891 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(p, (IntPtr)address, (int)size))
892 {
893 mem.Read(0, (int)size);
894 }
895 }
896 //if (bytesRead == 0)
897 // return false;
898 value = BitConverter.ToInt32(bitData, 0);
899 return true;
900 }
901 catch
902 {
903 value = 0x00;
904 return false;
905 }
906 }
907 #endregion
908 #region public virtual bool ReadMemory(uint address, out ulong value)
909 public virtual bool ReadMemory(uint address, out ulong value)
910 {
911 value = 0;
912 try
913 {
914 //int bytesRead;
915 uint size = sizeof(ulong);
916 byte[] bitData = new byte[size];
917 using (Process p = Process.GetProcessById(m_ProcessPID))
918 {
919 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(p, (IntPtr)address, (int)size))
920 {
921 mem.Read(0, (int)size);
922 }
923 }
924 //if (bytesRead == 0)
925 // return false;
926 value = BitConverter.ToUInt64(bitData, 0);
927 return true;
928 }
929 catch
930 {
931 value = 0x00;
932 return false;
933 }
934 }
935 #endregion
936 #region public virtual bool ReadMemory(uint address, out long value)
937 public virtual bool ReadMemory(uint address, out long value)
938 {
939 value = 0;
940 try
941 {
942 // int bytesRead;
943 uint size = sizeof(long);
944 byte[] bitData = new byte[size];
945 using (Process p = Process.GetProcessById(m_ProcessPID))
946 {
947 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(p, (IntPtr)address, (int)size))
948 {
949 mem.Read(0, (int)size);
950 }
951 }
952 //if (bytesRead == 0)
953 // return false;
954 value = BitConverter.ToInt64(bitData, 0);
955 return true;
956 }
957 catch
958 {
959 value = 0x00;
960 return false;
961 }
962 }
963 #endregion
964 #endregion
965 }
966 #endregion
967 }

  ViewVC Help
Powered by ViewVC 1.1.22