/[RomCheater]/trunk/Win32/Sojaner.MemoryScanner/MemoryScanner.cs
ViewVC logotype

Contents of /trunk/Win32/Sojaner.MemoryScanner/MemoryScanner.cs

Parent Directory Parent Directory | Revision Log Revision Log


Revision 578 - (show annotations) (download)
Thu Jun 6 08:18:44 2013 UTC (6 years, 8 months ago) by william
File size: 38326 byte(s)

1 #region Logging Defines
2 // include this any class or method that required logging, and comment-out what is not needed
3
4 #region Enabled logging levels
5 #define LOGGING_ENABLE_INFO
6 #define LOGGING_ENABLE_WARN
7 #define LOGGING_ENABLE_DEBUG
8 #define LOGGING_ENABLE_VERBOSEDEBUG
9 #define LOGGING_ENABLE_ERROR
10 #define LOGGING_ENABLE_VERBOSEERROR
11 //#define LOGGING_ENABLE_PROFILER
12 #endregion
13 #endregion
14 using System;
15 using System.Collections.Generic;
16 using System.Text;
17 using System.Diagnostics;
18 using System.Threading;
19 using System.Runtime.InteropServices;
20 using RomCheater.Logging;
21 using System.IO;
22 using Sojaner.MemoryScanner.MemoryProviers;
23 using Microsoft.Win32.SafeHandles;
24 using Microsoft.Win32.Interop;
25 using System.ComponentModel;
26 using ManagedWinapi;
27 using RomCheater.PluginFramework.Events;
28
29 namespace Sojaner.MemoryScanner
30 {
31 // code borrowed from: http://www.codeproject.com/KB/cs/sojaner_memory_scanner.aspx
32 #region ProcessMemoryReader class
33 //Thanks goes to Arik Poznanski for P/Invokes and methods needed to read and write the Memory
34 //For more information refer to "Minesweeper, Behind the scenes" article by Arik Poznanski at Codeproject.com
35 internal class ProcessMemoryReader : IMemoryReader, IMemoryWriter, IFileWriter, IPatchMemory,IReadMemory, IAcceptsBytesReadEvent
36 {
37 // constants information can be found in <winnt.h>
38 [Flags]
39 enum ProcessAccessFlags : uint
40 {
41 All = 0x001F0FFF,
42 Terminate = 0x00000001,
43 CreateThread = 0x00000002,
44 VMOperation = 0x00000008,
45 VMRead = 0x00000010,
46 VMWrite = 0x00000020,
47 DupHandle = 0x00000040,
48 SetInformation = 0x00000200,
49 QueryInformation = 0x00000400,
50 Synchronize = 0x00100000
51 }
52 [Flags]
53 public enum AllocationProtect : uint
54 {
55 // http://msdn.microsoft.com/en-us/library/windows/desktop/aa366786(v=vs.85).aspx
56 NONE = 0,
57 PAGE_NOACCESS = 0x00000001,
58 PAGE_READONLY = 0x00000002,
59 PAGE_READWRITE = 0x00000004,
60 PAGE_WRITECOPY = 0x00000008,
61 PAGE_EXECUTE = 0x00000010,
62 PAGE_EXECUTE_READ = 0x00000020,
63 PAGE_EXECUTE_READWRITE = 0x00000040,
64 PAGE_EXECUTE_WRITECOPY = 0x00000080,
65 PAGE_GUARD = 0x00000100,
66 PAGE_NOCACHE = 0x00000200,
67 PAGE_WRITECOMBINE = 0x00000400
68 }
69 [StructLayout(LayoutKind.Sequential)]
70 public struct MEMORY_BASIC_INFORMATION
71 {
72 public IntPtr BaseAddress;
73 public IntPtr AllocationBase;
74 public AllocationProtect AllocationProtect;
75 public IntPtr RegionSize;
76 public uint State;
77 public uint Protect;
78 public uint Type;
79 }
80
81 public ProcessMemoryReader()
82 {
83 }
84 public event BaseEventHandler<OnBytesReadEventArgs> OnBytesRead;
85 /// <summary>
86 /// Process from which to read
87 /// </summary>
88 public Process ReadProcess
89 {
90 get
91 {
92 return m_ReadProcess;
93 }
94 set
95 {
96 m_ReadProcess = value;
97 }
98 }
99
100 private Process m_ReadProcess = null;
101
102 //SafeWaitHandle handle;
103 //private IntPtr handle = IntPtr.Zero;
104 //SafeWaitHandle m_hProcess; /* unused */
105 //public void OpenProcess()
106 //{
107 // try
108 // {
109 // // m_hProcess = ProcessMemoryReaderApi.OpenProcess(ProcessMemoryReaderApi.PROCESS_VM_READ, 1, (uint)m_ReadProcess.Id);
110 // //if (!TokenAdjuster.AdjustProcessTokenPrivileges("SeDebugPrivilege"))
111 // //{
112 // // logger.Warn.WriteLine("Failed to set SeDebugPrivilege on current process");
113 // //}
114 // ProcessAccessFlags access;
115 // access = ProcessAccessFlags.VMRead
116 // | ProcessAccessFlags.VMWrite
117 // | ProcessAccessFlags.VMOperation;
118 // //m_hProcess = ProcessMemoryReaderApi.OpenProcess((uint)access, 1, (uint)m_ReadProcess.Id);
119 // handle = ProcessMemoryReaderApi.OpenProcess(access, true, m_ReadProcess.Id);
120 // //m_hProcess = new SafeWaitHandle(handle, false);
121 // }
122 // catch (SEHException ex)
123 // {
124 // logger.Error.WriteLine("WriteProcessMemoryToFile() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
125 // logger.Error.WriteLine(ex.ToString());
126 // throw ex;
127 // }
128 // catch (Exception ex)
129 // {
130 // logger.Error.WriteLine(ex.ToString());
131 // throw ex;
132 // }
133 //}
134
135 //public void CloseHandle()
136 //{
137 // try
138 // {
139 // ////if (handle.IsInvalid) { return; }
140 // ////if (handle.IsClosed) { return; }
141 // //m_hProcess.Close();
142 // //m_hProcess.Dispose();
143 // //m_hProcess = null;
144 // //handle = IntPtr.Zero;
145 // //m_ReadProcess = null;
146 // //string stack_trace = System.Environment.StackTrace;
147 // int iRetValue;
148 // iRetValue = ProcessMemoryReaderApi.CloseHandle(handle);
149 // handle = IntPtr.Zero;
150 // ReadProcess = null;
151 // if (iRetValue == 0)
152 // {
153 // throw new Exception("CloseHandle failed");
154 // }
155 // }
156 // catch (SEHException ex)
157 // {
158 // logger.Error.WriteLine("WriteProcessMemoryToFile() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
159 // logger.Error.WriteLine(ex.ToString());
160 // throw ex;
161 // }
162 // catch (Exception ex)
163 // {
164 // logger.Error.WriteLine(ex.ToString());
165 // throw ex;
166 // }
167 //}
168 /// <summary>
169 /// ProcessMemoryReader is a class that enables direct reading a process memory
170 /// </summary>
171 private class ProcessMemoryReaderApi
172 {
173 [DllImport("kernel32.dll")]
174 public static extern int VirtualQueryEx(IntPtr hProcess, IntPtr lpAddress, out MEMORY_BASIC_INFORMATION lpBuffer, uint dwLength);
175
176 // function declarations are found in the MSDN and in <winbase.h>
177
178 // HANDLE OpenProcess(
179 // DWORD dwDesiredAccess, // access flag
180 // BOOL bInheritHandle, // handle inheritance option
181 // DWORD dwProcessId // process identifier
182 // );
183 [DllImport("kernel32.dll")]
184 public static extern IntPtr OpenProcess(ProcessAccessFlags dwDesiredAccess, [MarshalAs(UnmanagedType.Bool)] bool bInheritHandle, int dwProcessId);
185
186 // BOOL CloseHandle(
187 // HANDLE hObject // handle to object
188 // );
189 [DllImport("kernel32.dll")]
190 public static extern Int32 CloseHandle(IntPtr hObject);
191
192 // BOOL ReadProcessMemory(
193 // HANDLE hProcess, // handle to the process
194 // LPCVOID lpBaseAddress, // base of memory area
195 // LPVOID lpBuffer, // data buffer
196 // SIZE_T nSize, // number of bytes to read
197 // SIZE_T * lpNumberOfBytesRead // number of bytes read
198 // );
199 [DllImport("kernel32.dll", SetLastError = true)]
200 public static extern bool ReadProcessMemory(
201 IntPtr hProcess,
202 IntPtr lpBaseAddress,
203 [Out] byte[] lpBuffer,
204 uint dwSize,
205 out int lpNumberOfBytesRead
206 );
207
208 // BOOL WriteProcessMemory(
209 // HANDLE hProcess, // handle to process
210 // LPVOID lpBaseAddress, // base of memory area
211 // LPCVOID lpBuffer, // data buffer
212 // SIZE_T nSize, // count of bytes to write
213 // SIZE_T * lpNumberOfBytesWritten // count of bytes written
214 // );
215 [DllImport("kernel32.dll", SetLastError = true)]
216 public static extern bool WriteProcessMemory(
217 IntPtr hProcess,
218 IntPtr lpBaseAddress,
219 byte[] lpBuffer,
220 uint nSize,
221 out UIntPtr lpNumberOfBytesWritten);
222
223
224 }
225
226 #region IMemoryReader Members
227 #region public bool ReadFirstNonZeroByte(uint MemoryAddress, uint bytesToRead, out int address)
228 public bool ReadFirstNonZeroByte(ulong MemoryAddress, ulong bytesToRead, out ulong address)
229 {
230 //logger.Info.WriteLine("Dumping memory (0x{0:x8}-0x{1:x8}) from pid=({2})", MemoryAddress, MemoryAddress + bytesToRead, string.Format("0x{0:x4} {1}.exe", ppid.Id, ppid.ProcessName));
231 address = 0;
232 uint byte_alignment = 1;
233 // get common init parameters
234 //InitMemoryDump(out byte_alignment);
235 ulong mem_address = MemoryAddress;
236 ulong _bytesToRead = bytesToRead;
237 byte[] buffer = new byte[] { };
238 try
239 {
240 //using (MemoryStream ms = new MemoryStream())
241 //{
242 // //BinaryWriter bw = new BinaryWriter(ms);
243 // //foreach (byte b in data) { bw.Write(b); }
244 for (ulong i = 0; i <= bytesToRead; )
245 {
246 if (_bytesToRead < byte_alignment)
247 {
248 _bytesToRead = bytesToRead;
249 buffer = new byte[_bytesToRead];
250 }
251 else
252 {
253 _bytesToRead = byte_alignment;
254 buffer = new byte[byte_alignment];
255 }
256 ulong bytesRead = 0;
257 ReadProcessMemory(mem_address, _bytesToRead, out bytesRead, out buffer);
258 if (buffer.Length == 0 && bytesRead == 0)
259 {
260 throw new Exception(string.Format("Failed to read memory from process: {0}", ReadProcess.ToString()));
261 }
262 //bw.Write(buffer);
263 //bw.Flush();
264 if (_bytesToRead < byte_alignment)
265 {
266 i += _bytesToRead;
267 mem_address += (ulong)_bytesToRead;
268 }
269 else
270 {
271 i += byte_alignment;
272 mem_address += (ulong)byte_alignment;
273 }
274 for (uint j = 0; j < buffer.Length; j++)
275 {
276 if (buffer[j] != 0)
277 {
278 address = mem_address;
279 break;
280 }
281 }
282 if (address != 0)
283 break;
284 }
285 // bw.Close();
286 //}
287 //logger.Info.WriteLine("Succefully dumped memory (0x{0:x8}-0x{1:x8}) from pid=({2})", MemoryAddress, MemoryAddress + bytesToRead, string.Format("0x{0:x4} {1}.exe", ppid.Id, ppid.ProcessName));
288 return true;
289 }
290 catch (SEHException ex)
291 {
292 logger.Error.WriteLine("ReadFirstNonZeroByte() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
293 logger.Error.WriteLine(ex.ToString());
294 throw ex;
295 }
296 catch (OutOfMemoryException ex)
297 {
298 logger.Error.WriteLine("ReadFirstNonZeroByte(): OutOfMemoryException");
299 logger.Error.WriteLine(ex.ToString());
300 }
301 catch (Exception ex)
302 {
303 logger.Error.WriteLine("ReadFirstNonZeroByte(): Exception");
304 logger.Error.WriteLine(ex.ToString());
305 throw ex;
306 }
307 return false;
308 }
309 #endregion
310
311
312 public void UpdateAddressArray(ulong[] addresses, ulong size, out byte[][] values)
313 {
314 // size = size of data to read at each address
315 values = new byte[addresses.Length][];
316 for (int x = 0; x < values.Length; x++) { values[x] = new byte[size]; }
317
318 for (ulong i = 0; i < (ulong)addresses.Length; i++)
319 {
320 byte[] data = new byte[size];
321 ulong bytesRead = 0;
322 var address = addresses[i];
323 this.ReadProcessMemory(address, size, out bytesRead, out data);
324 values[i] = data;
325 }
326 }
327
328
329 public void ReadProcessMemoryAtOnce(ulong MemoryAddress, ulong bytesToRead, object UserState)
330 {
331 uint size = 128;
332 //int count = 0;
333 for (ulong j = MemoryAddress; j < (MemoryAddress + bytesToRead); j += size)
334 {
335 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)j, (int)size))
336 {
337 byte[] bigMem = mem.Read();
338 //count += bigMem.Length;
339 if (this.OnBytesRead != null)
340 {
341 OnBytesReadEventArgs t = new OnBytesReadEventArgs(this, UserState, bigMem, j, bytesToRead);
342 this.OnBytesRead.Invoke(t);
343 if (t.Canceled)
344 {
345 bigMem = null;
346 break;
347 }
348
349 }
350 bigMem = null;
351 }
352 }
353 }
354 public void ReadProcessMemoryAtOnce(ulong MemoryAddress, ulong bytesToRead, out ulong bytesRead, out byte[] data)
355 {
356 Stopwatch st = new Stopwatch();
357 st.Start();
358 List<byte> buffer_list = new List<byte>();
359 //for (uint j = MemoryAddress; j < (MemoryAddress+bytesToRead); j += size)
360 //{
361 // using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)j, (int)bytesToRead))
362 // {
363 // byte[] bigMem = mem.Read();
364 // foreach (byte b in bigMem) { buffer_list.Add(b); }
365 // bigMem = null;
366 // }
367 //}
368
369 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)MemoryAddress, (int)bytesToRead))
370 {
371 byte[] bigMem = mem.Read();
372 foreach (byte b in bigMem) { buffer_list.Add(b); }
373 bigMem = null;
374 }
375
376 bytesRead = (ulong)buffer_list.Count;
377 data = new byte[bytesToRead];
378 data.Initialize();
379 Buffer.BlockCopy(buffer_list.ToArray(), 0, data, 0, (int)bytesToRead);
380 st.Stop();
381 logger.Profiler.WriteLine("ReadProcessMemoryAtOnce(): start=0x{0:x8} end=0x{1:x8} took {2:0.0000} seconds", MemoryAddress, MemoryAddress + bytesToRead, st.Elapsed.TotalSeconds);
382 }
383 #region public void ReadProcessMemory(int MemoryAddress, uint bytesToRead, out int bytesRead, out byte[] data)
384 public void ReadProcessMemory(long MemoryAddress, long bytesToRead, out ulong bytesRead, out byte[] data)
385 {
386 ReadProcessMemory((ulong)MemoryAddress, (ulong)bytesToRead, out bytesRead, out data);
387 }
388 public void ReadProcessMemory(ulong MemoryAddress, ulong bytesToRead, out ulong bytesRead, out byte[] data)
389 {
390 try
391 {
392 ReadProcessMemoryAtOnce(MemoryAddress, bytesToRead, out bytesRead, out data);
393 //bytesRead = 0;
394 //data = new byte[bytesToRead];
395 //const int alignment = 1;
396 //List<byte> buffer_list = new List<byte>();
397 //uint _MemoryAddress = MemoryAddress;
398 //for (int i = 0; i < bytesToRead; i++)
399 //{
400 // byte[] buffer = new byte[alignment];
401 // int _bytesRead = 0;
402 // MEMORY_BASIC_INFORMATION m;
403 // ProcessMemoryReaderApi.VirtualQueryEx(m_ReadProcess.Handle, (IntPtr)_MemoryAddress, out m, (uint)Marshal.SizeOf(typeof(MEMORY_BASIC_INFORMATION)));
404
405 // if (m.AllocationProtect.HasFlag(AllocationProtect.PAGE_NOACCESS) ||
406 // m.AllocationProtect == 0)
407 // {
408 // uint OrignalAddress = _MemoryAddress;
409 // while (m.AllocationProtect.HasFlag(AllocationProtect.PAGE_NOACCESS) || m.AllocationProtect == 0)
410 // {
411 // ProcessMemoryReaderApi.VirtualQueryEx(m_ReadProcess.Handle, (IntPtr)_MemoryAddress, out m, (uint)Marshal.SizeOf(typeof(MEMORY_BASIC_INFORMATION)));
412 // _MemoryAddress++;
413 // buffer_list.Add(0);
414 // }
415 // _MemoryAddress--;
416 // uint diff = _MemoryAddress - OrignalAddress;
417 // i += (int)diff;
418 // buffer_list.RemoveAt(buffer_list.Count-1);
419 // }
420
421 // ProcessMemoryReader.ProcessMemoryReaderApi.ReadProcessMemory(handle, (IntPtr)_MemoryAddress, buffer, alignment, out _bytesRead);
422 // int LastError = Marshal.GetLastWin32Error();
423 // if (LastError != ResultWin32.ERROR_SUCCESS)
424 // {
425 // string ErrorName = ResultWin32.GetErrorName(LastError);
426 // }
427 // if (_bytesRead > 0)
428 // {
429 // foreach (byte b in buffer)
430 // {
431 // buffer_list.Add(b);
432 // }
433 // _MemoryAddress += (uint)buffer.Length;
434 // }
435 //}
436 //bytesRead = buffer_list.Count;
437 //Buffer.BlockCopy(buffer_list.ToArray(), 0, data, 0, (int)bytesToRead);
438 }
439 catch (SEHException ex)
440 {
441 logger.Error.WriteLine("ReadProcessMemory() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
442 logger.Error.WriteLine(ex.ToString());
443 throw ex;
444 }
445 catch (Exception ex)
446 {
447 logger.Error.WriteLine("ReadProcessMemory(): Exception");
448 logger.Error.WriteLine(ex.ToString());
449 throw ex;
450 }
451 }
452 #endregion
453 #endregion
454
455 #region IMemoryWriter Members
456 #region public void WriteProcessMemory(uint MemoryAddress, byte[] bytesToWrite, out int bytesWritten)
457 public void WriteProcessMemory(long MemoryAddress, byte[] bytesToWrite, out ulong bytesWritten)
458 {
459 ulong _bytesWritten = 0;
460 WriteProcessMemory((ulong)MemoryAddress, bytesToWrite, out _bytesWritten);
461 bytesWritten = (ulong)_bytesWritten;
462 }
463 public void WriteProcessMemory(ulong MemoryAddress, byte[] bytesToWrite, out ulong bytesWritten)
464 {
465 try
466 {
467 //uint _bytesWritten = 0;
468 ulong _MemoryAddress = MemoryAddress;
469
470 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)MemoryAddress, bytesToWrite.Length))
471 {
472 mem.Write(0, bytesToWrite);
473 }
474
475 //for (int i = 0; i < bytesToWrite.Length; i++)
476 //{
477 // UIntPtr _ptrBytesWritten = UIntPtr.Zero;
478 // byte[] buffer = new byte[] { bytesToWrite[i] };
479 // ProcessMemoryReaderApi.WriteProcessMemory(handle, (IntPtr)_MemoryAddress, buffer, (uint)buffer.Length, out _ptrBytesWritten);
480 // _MemoryAddress++;
481 // _bytesWritten++;
482 //}
483 //bytesWritten = _bytesWritten;
484 bytesWritten = (uint)bytesToWrite.Length;
485 }
486 catch (SEHException ex)
487 {
488 logger.Error.WriteLine("WriteProcessMemory() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
489 logger.Error.WriteLine(ex.ToString());
490 throw ex;
491 }
492 catch (Exception ex)
493 {
494
495 logger.Error.WriteLine("WriteProcessMemory() Exception");
496 logger.Error.WriteLine(ex.ToString());
497 bytesWritten = 0;
498 throw ex;
499 }
500 }
501 #endregion
502 #endregion
503
504 #region IFileWriter Members
505 #region public bool WriteProcessMemoryToFile(string filename, uint MemoryAddress, uint bytesToRead, out int bytesRead)
506 public bool WriteProcessMemoryToFile(string filename, ulong MemoryAddress, ulong bytesToRead, out ulong bytesRead)
507 {
508 //logger.Info.WriteLine("Dumping memory (0x{0:x8}-0x{1:x8}) from pid=({3}) to file {2}", MemoryAddress, MemoryAddress + bytesToRead, filename, string.Format("0x{0:x4} {1}.exe", ppid.Id, ppid.ProcessName));
509 bytesRead = 0;
510 uint byte_alignment = 102400;
511 ulong address = MemoryAddress;
512 ulong _bytesToRead = bytesToRead;
513 byte[] buffer = new byte[] { };
514 try
515 {
516 FileInfo fi = new FileInfo(filename);
517 if (fi.Exists)
518 fi.Delete();
519 using (FileStream fs = new FileStream(filename, FileMode.CreateNew, FileAccess.ReadWrite, FileShare.ReadWrite))
520 {
521 BinaryWriter bw = new BinaryWriter(fs);
522 //foreach (byte b in data) { bw.Write(b); }
523
524 for (ulong i = 0; i <= bytesToRead; )
525 {
526 if (_bytesToRead < byte_alignment)
527 {
528 _bytesToRead = bytesToRead;
529 buffer = new byte[_bytesToRead];
530 }
531 else
532 {
533 _bytesToRead = byte_alignment;
534 buffer = new byte[byte_alignment];
535 }
536 ReadProcessMemory(address, _bytesToRead, out bytesRead, out buffer);
537 bw.Write(buffer);
538 bw.Flush();
539
540 if (_bytesToRead < byte_alignment)
541 {
542 i += _bytesToRead;
543 address += (ulong)_bytesToRead;
544 }
545 else
546 {
547 i += byte_alignment;
548 address += (ulong)byte_alignment;
549 }
550
551
552 }
553 bw.Close();
554 }
555 logger.Info.WriteLine("Succefully dumped memory (0x{0:x8}-0x{1:x8}) from pid=({3}) to file {2}", MemoryAddress, MemoryAddress + bytesToRead, filename, string.Format("0x{0:x4} {1}.exe", ReadProcess.Id, ReadProcess.ProcessName));
556 return true;
557 }
558 catch (SEHException ex)
559 {
560 logger.Error.WriteLine("WriteProcessMemoryToFile() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
561 logger.Error.WriteLine(ex.ToString());
562 throw ex;
563 }
564 catch (OutOfMemoryException ex)
565 {
566 logger.Error.WriteLine("WriteProcessMemoryToFile(): Exception");
567 logger.Error.WriteLine(ex.ToString());
568 }
569 catch (Exception ex)
570 {
571 logger.Error.WriteLine("WriteProcessMemoryToFile(): Exception");
572 logger.Error.WriteLine(ex.ToString());
573 throw ex;
574 }
575 return false;
576 }
577 #endregion
578 #endregion
579
580 #region IPatchMemory members
581 #region public virtual bool PatchMemory(uint address, byte value)
582 public virtual bool PatchMemory(ulong address, byte value)
583 {
584 byte[] bitData = BitConverter.GetBytes(value);
585 //UIntPtr ptrBytesWritten;
586 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
587 {
588 mem.Write(0, bitData);
589 }
590 //ProcessMemoryReaderApi.WriteProcessMemory(handle, (IntPtr)address, bitData, (uint)bitData.Length, out ptrBytesWritten);
591 //if (ptrBytesWritten.ToUInt32() == 0)
592 // return false;
593 byte check = 0;
594 ReadMemory(address, out check);
595 if (check == value) return true;
596 return false;
597 }
598 #endregion
599 #region public virtual bool PatchMemory(uint address, sbyte value)
600 public virtual bool PatchMemory(ulong address, sbyte value)
601 {
602 byte[] bitData = BitConverter.GetBytes(value);
603 //UIntPtr ptrBytesWritten;
604 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
605 {
606 mem.Write(0, bitData);
607 }
608 //ProcessMemoryReaderApi.WriteProcessMemory(handle, (IntPtr)address, bitData, (uint)bitData.Length, out ptrBytesWritten);
609 //if (ptrBytesWritten.ToUInt32() == 0)
610 // return false;
611 sbyte check = 0;
612 ReadMemory(address, out check);
613 if (check == value) return true;
614 return false;
615 }
616 #endregion
617 #region public virtual bool PatchMemory(uint address, ushort value)
618 public virtual bool PatchMemory(ulong address, ushort value)
619 {
620 byte[] bitData = BitConverter.GetBytes(value);
621 //UIntPtr ptrBytesWritten;
622 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
623 {
624 mem.Write(0, bitData);
625 }
626 //if (ptrBytesWritten.ToUInt32() == 0)
627 // return false;
628 ushort check = 0;
629 ReadMemory(address, out check);
630 if (check == value) return true;
631 return false;
632 }
633 #endregion
634 #region public virtual bool PatchMemory(uint address, short value)
635 public virtual bool PatchMemory(ulong address, short value)
636 {
637 byte[] bitData = BitConverter.GetBytes(value);
638 //UIntPtr ptrBytesWritten;
639 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
640 {
641 mem.Write(0, bitData);
642 }
643 //if (ptrBytesWritten.ToUInt32() == 0)
644 // return false;
645 short check = 0;
646 ReadMemory(address, out check);
647 if (check == value) return true;
648 return false;
649 }
650 #endregion
651 #region public virtual bool PatchMemory(uint address, uint value)
652 public virtual bool PatchMemory(ulong address, uint value)
653 {
654 byte[] bitData = BitConverter.GetBytes(value);
655 //UIntPtr ptrBytesWritten;
656 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
657 {
658 mem.Write(0, bitData);
659 }
660 //if (ptrBytesWritten.ToUInt32() == 0)
661 // return false;
662 uint check = 0;
663 ReadMemory(address, out check);
664 if (check == value) return true;
665 return false;
666 }
667 #endregion
668 #region public virtual bool PatchMemory(uint address, int value)
669 public virtual bool PatchMemory(ulong address, int value)
670 {
671 byte[] bitData = BitConverter.GetBytes(value);
672 //UIntPtr ptrBytesWritten;
673 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
674 {
675 mem.Write(0, bitData);
676 }
677 //if (ptrBytesWritten.ToUInt32() == 0)
678 // return false;
679 int check = 0;
680 ReadMemory(address, out check);
681 if (check == value) return true;
682 return false;
683 }
684 #endregion
685 #region public virtual bool PatchMemory(uint address, ulong value)
686 public virtual bool PatchMemory(ulong address, ulong value)
687 {
688 byte[] bitData = BitConverter.GetBytes(value);
689 //UIntPtr ptrBytesWritten;
690 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
691 {
692 mem.Write(0, bitData);
693 }
694 //if (ptrBytesWritten.ToUInt32() == 0)
695 // return false;
696 ulong check = 0;
697 ReadMemory(address, out check);
698 if (check == value) return true;
699 return false;
700 }
701 #endregion
702 #region public virtual bool PatchMemory(uint address, long value)
703 public virtual bool PatchMemory(ulong address, long value)
704 {
705 byte[] bitData = BitConverter.GetBytes(value);
706 //UIntPtr ptrBytesWritten;
707 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
708 {
709 mem.Write(0, bitData);
710 }
711 //if (ptrBytesWritten.ToUInt32() == 0)
712 // return false;
713 long check = 0;
714 ReadMemory(address, out check);
715 if (check == value) return true;
716 return false;
717 }
718 #endregion
719 #endregion
720
721 #region IReadMemory members
722 #region public virtual bool ReadMemory(uint address, out byte value)
723 public virtual bool ReadMemory(ulong address, out byte value)
724 {
725 value = 0;
726 try
727 {
728 //int bytesRead;
729 uint size = sizeof(byte);
730 byte[] bitData = new byte[size];
731 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
732 {
733 bitData = mem.Read(0, (int)size);
734 }
735 //if (bytesRead == 0)
736 // return false;
737 value = bitData[0];
738 return true;
739 }
740 catch
741 {
742 value = 0x00;
743 return false;
744 }
745 }
746 #endregion
747 #region public virtual bool ReadMemory(uint address, out sbyte value)
748 public virtual bool ReadMemory(ulong address, out sbyte value)
749 {
750 value = 0;
751 try
752 {
753 //int bytesRead;
754 uint size = sizeof(sbyte);
755 byte[] bitData = new byte[size];
756 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
757 {
758 bitData = mem.Read(0, (int)size);
759 }
760 //if (bytesRead == 0)
761 // return false;
762 value = Convert.ToSByte(bitData[0]);
763 return true;
764 }
765 catch
766 {
767 value = 0x00;
768 return false;
769 }
770 }
771 #endregion
772 #region public virtual bool ReadMemory(uint address, out ushort value)
773 public virtual bool ReadMemory(ulong address, out ushort value)
774 {
775 value = 0;
776 try
777 {
778 //int bytesRead;
779 uint size = sizeof(ushort);
780 byte[] bitData = new byte[size];
781 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
782 {
783 bitData = mem.Read(0, (int)size);
784 }
785 //if (bytesRead == 0)
786 // return false;
787 value = BitConverter.ToUInt16(bitData, 0);
788 return true;
789 }
790 catch
791 {
792 value = 0x00;
793 return false;
794 }
795 }
796 #endregion
797 #region public virtual bool ReadMemory(uint address, out short value)
798 public virtual bool ReadMemory(ulong address, out short value)
799 {
800 value = 0;
801 try
802 {
803 //int bytesRead;
804 uint size = sizeof(short);
805 byte[] bitData = new byte[size];
806 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
807 {
808 bitData = mem.Read(0, (int)size);
809 }
810 //if (bytesRead == 0)
811 // return false;
812 value = BitConverter.ToInt16(bitData, 0);
813 return true;
814 }
815 catch
816 {
817 value = 0x00;
818 return false;
819 }
820 }
821 #endregion
822 #region public virtual bool ReadMemory(uint address, out uint value)
823 public virtual bool ReadMemory(ulong address, out uint value)
824 {
825 value = 0;
826 try
827 {
828 //int bytesRead;
829 uint size = sizeof(uint);
830 byte[] bitData = new byte[size];
831 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
832 {
833 bitData = mem.Read(0, (int)size);
834 }
835 //if (bytesRead == 0)
836 // return false;
837 value = BitConverter.ToUInt32(bitData, 0);
838 return true;
839 }
840 catch
841 {
842 value = 0x00;
843 return false;
844 }
845 }
846 #endregion
847 #region public virtual bool ReadMemory(uint address, out int value)
848 public virtual bool ReadMemory(ulong address, out int value)
849 {
850 value = 0;
851 try
852 {
853 //int bytesRead;
854 uint size = sizeof(int);
855 byte[] bitData = new byte[size];
856 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
857 {
858 bitData = mem.Read(0, (int)size);
859 }
860 //if (bytesRead == 0)
861 // return false;
862 value = BitConverter.ToInt32(bitData, 0);
863 return true;
864 }
865 catch
866 {
867 value = 0x00;
868 return false;
869 }
870 }
871 #endregion
872 #region public virtual bool ReadMemory(uint address, out ulong value)
873 public virtual bool ReadMemory(ulong address, out ulong value)
874 {
875 value = 0;
876 try
877 {
878 //int bytesRead;
879 uint size = sizeof(ulong);
880 byte[] bitData = new byte[size];
881 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
882 {
883 bitData = mem.Read(0, (int)size);
884 }
885 //if (bytesRead == 0)
886 // return false;
887 value = BitConverter.ToUInt64(bitData, 0);
888 return true;
889 }
890 catch
891 {
892 value = 0x00;
893 return false;
894 }
895 }
896 #endregion
897 #region public virtual bool ReadMemory(uint address, out long value)
898 public virtual bool ReadMemory(ulong address, out long value)
899 {
900 value = 0;
901 try
902 {
903 // int bytesRead;
904 uint size = sizeof(long);
905 byte[] bitData = new byte[size];
906 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
907 {
908 bitData = mem.Read(0, (int)size);
909 }
910 //if (bytesRead == 0)
911 // return false;
912 value = BitConverter.ToInt64(bitData, 0);
913 return true;
914 }
915 catch
916 {
917 value = 0x00;
918 return false;
919 }
920 }
921 #endregion
922 #endregion
923 }
924 #endregion
925 }

  ViewVC Help
Powered by ViewVC 1.1.22