/[RomCheater]/trunk/Win32/Sojaner.MemoryScanner/MemoryScanner.cs
ViewVC logotype

Contents of /trunk/Win32/Sojaner.MemoryScanner/MemoryScanner.cs

Parent Directory Parent Directory | Revision Log Revision Log


Revision 599 - (show annotations) (download)
Fri Jun 7 09:55:01 2013 UTC (7 years, 8 months ago) by william
File size: 38684 byte(s)

1 #region Logging Defines
2 // include this any class or method that required logging, and comment-out what is not needed
3
4 #region Enabled logging levels
5 #define LOGGING_ENABLE_INFO
6 #define LOGGING_ENABLE_WARN
7 #define LOGGING_ENABLE_DEBUG
8 #define LOGGING_ENABLE_VERBOSEDEBUG
9 #define LOGGING_ENABLE_ERROR
10 #define LOGGING_ENABLE_VERBOSEERROR
11 //#define LOGGING_ENABLE_PROFILER
12 #endregion
13 #endregion
14 using System;
15 using System.Collections.Generic;
16 using System.Text;
17 using System.Diagnostics;
18 using System.Threading;
19 using System.Runtime.InteropServices;
20 using RomCheater.Logging;
21 using System.IO;
22 using Sojaner.MemoryScanner.MemoryProviers;
23 using Microsoft.Win32.SafeHandles;
24 using Microsoft.Win32.Interop;
25 using System.ComponentModel;
26 using ManagedWinapi;
27 using RomCheater.PluginFramework.Events;
28
29 namespace Sojaner.MemoryScanner
30 {
31 // code borrowed from: http://www.codeproject.com/KB/cs/sojaner_memory_scanner.aspx
32 #region ProcessMemoryReader class
33 //Thanks goes to Arik Poznanski for P/Invokes and methods needed to read and write the Memory
34 //For more information refer to "Minesweeper, Behind the scenes" article by Arik Poznanski at Codeproject.com
35 internal class ProcessMemoryReader : IMemoryReader, IMemoryWriter, IFileWriter, IPatchMemory,IReadMemory, IAcceptsBytesReadEvent
36 {
37 // constants information can be found in <winnt.h>
38 [Flags]
39 enum ProcessAccessFlags : uint
40 {
41 All = 0x001F0FFF,
42 Terminate = 0x00000001,
43 CreateThread = 0x00000002,
44 VMOperation = 0x00000008,
45 VMRead = 0x00000010,
46 VMWrite = 0x00000020,
47 DupHandle = 0x00000040,
48 SetInformation = 0x00000200,
49 QueryInformation = 0x00000400,
50 Synchronize = 0x00100000
51 }
52 [Flags]
53 public enum AllocationProtect : uint
54 {
55 // http://msdn.microsoft.com/en-us/library/windows/desktop/aa366786(v=vs.85).aspx
56 NONE = 0,
57 PAGE_NOACCESS = 0x00000001,
58 PAGE_READONLY = 0x00000002,
59 PAGE_READWRITE = 0x00000004,
60 PAGE_WRITECOPY = 0x00000008,
61 PAGE_EXECUTE = 0x00000010,
62 PAGE_EXECUTE_READ = 0x00000020,
63 PAGE_EXECUTE_READWRITE = 0x00000040,
64 PAGE_EXECUTE_WRITECOPY = 0x00000080,
65 PAGE_GUARD = 0x00000100,
66 PAGE_NOCACHE = 0x00000200,
67 PAGE_WRITECOMBINE = 0x00000400
68 }
69 [StructLayout(LayoutKind.Sequential)]
70 public struct MEMORY_BASIC_INFORMATION
71 {
72 public IntPtr BaseAddress;
73 public IntPtr AllocationBase;
74 public AllocationProtect AllocationProtect;
75 public IntPtr RegionSize;
76 public uint State;
77 public uint Protect;
78 public uint Type;
79 }
80
81 public ProcessMemoryReader()
82 {
83 }
84 public event BaseEventHandler<OnBytesReadEventArgs> OnBytesRead;
85 /// <summary>
86 /// Process from which to read
87 /// </summary>
88 public Process ReadProcess
89 {
90 get
91 {
92 return m_ReadProcess;
93 }
94 set
95 {
96 m_ReadProcess = value;
97 }
98 }
99
100 private Process m_ReadProcess = null;
101
102 //SafeWaitHandle handle;
103 //private IntPtr handle = IntPtr.Zero;
104 //SafeWaitHandle m_hProcess; /* unused */
105 //public void OpenProcess()
106 //{
107 // try
108 // {
109 // // m_hProcess = ProcessMemoryReaderApi.OpenProcess(ProcessMemoryReaderApi.PROCESS_VM_READ, 1, (uint)m_ReadProcess.Id);
110 // //if (!TokenAdjuster.AdjustProcessTokenPrivileges("SeDebugPrivilege"))
111 // //{
112 // // logger.Warn.WriteLine("Failed to set SeDebugPrivilege on current process");
113 // //}
114 // ProcessAccessFlags access;
115 // access = ProcessAccessFlags.VMRead
116 // | ProcessAccessFlags.VMWrite
117 // | ProcessAccessFlags.VMOperation;
118 // //m_hProcess = ProcessMemoryReaderApi.OpenProcess((uint)access, 1, (uint)m_ReadProcess.Id);
119 // handle = ProcessMemoryReaderApi.OpenProcess(access, true, m_ReadProcess.Id);
120 // //m_hProcess = new SafeWaitHandle(handle, false);
121 // }
122 // catch (SEHException ex)
123 // {
124 // logger.Error.WriteLine("WriteProcessMemoryToFile() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
125 // logger.Error.WriteLine(ex.ToString());
126 // throw ex;
127 // }
128 // catch (Exception ex)
129 // {
130 // logger.Error.WriteLine(ex.ToString());
131 // throw ex;
132 // }
133 //}
134
135 //public void CloseHandle()
136 //{
137 // try
138 // {
139 // ////if (handle.IsInvalid) { return; }
140 // ////if (handle.IsClosed) { return; }
141 // //m_hProcess.Close();
142 // //m_hProcess.Dispose();
143 // //m_hProcess = null;
144 // //handle = IntPtr.Zero;
145 // //m_ReadProcess = null;
146 // //string stack_trace = System.Environment.StackTrace;
147 // int iRetValue;
148 // iRetValue = ProcessMemoryReaderApi.CloseHandle(handle);
149 // handle = IntPtr.Zero;
150 // ReadProcess = null;
151 // if (iRetValue == 0)
152 // {
153 // throw new Exception("CloseHandle failed");
154 // }
155 // }
156 // catch (SEHException ex)
157 // {
158 // logger.Error.WriteLine("WriteProcessMemoryToFile() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
159 // logger.Error.WriteLine(ex.ToString());
160 // throw ex;
161 // }
162 // catch (Exception ex)
163 // {
164 // logger.Error.WriteLine(ex.ToString());
165 // throw ex;
166 // }
167 //}
168 ///// <summary>
169 ///// ProcessMemoryReader is a class that enables direct reading a process memory
170 ///// </summary>
171 //private class ProcessMemoryReaderApi
172 ////{
173 //[DllImport("kernel32.dll")]
174 //public static extern int VirtualQueryEx(IntPtr hProcess, IntPtr lpAddress, out MEMORY_BASIC_INFORMATION lpBuffer, uint dwLength);
175
176 // // function declarations are found in the MSDN and in <winbase.h>
177
178 // // HANDLE OpenProcess(
179 // // DWORD dwDesiredAccess, // access flag
180 // // BOOL bInheritHandle, // handle inheritance option
181 // // DWORD dwProcessId // process identifier
182 // // );
183 // [DllImport("kernel32.dll")]
184 // public static extern IntPtr OpenProcess(ProcessAccessFlags dwDesiredAccess, [MarshalAs(UnmanagedType.Bool)] bool bInheritHandle, int dwProcessId);
185
186 // // BOOL CloseHandle(
187 // // HANDLE hObject // handle to object
188 // // );
189 // [DllImport("kernel32.dll")]
190 // public static extern Int32 CloseHandle(IntPtr hObject);
191
192 // // BOOL ReadProcessMemory(
193 // // HANDLE hProcess, // handle to the process
194 // // LPCVOID lpBaseAddress, // base of memory area
195 // // LPVOID lpBuffer, // data buffer
196 // // SIZE_T nSize, // number of bytes to read
197 // // SIZE_T * lpNumberOfBytesRead // number of bytes read
198 // // );
199 // [DllImport("kernel32.dll", SetLastError = true)]
200 // public static extern bool ReadProcessMemory(
201 // IntPtr hProcess,
202 // IntPtr lpBaseAddress,
203 // [Out] byte[] lpBuffer,
204 // uint dwSize,
205 // out int lpNumberOfBytesRead
206 // );
207
208 // // BOOL WriteProcessMemory(
209 // // HANDLE hProcess, // handle to process
210 // // LPVOID lpBaseAddress, // base of memory area
211 // // LPCVOID lpBuffer, // data buffer
212 // // SIZE_T nSize, // count of bytes to write
213 // // SIZE_T * lpNumberOfBytesWritten // count of bytes written
214 // // );
215 // [DllImport("kernel32.dll", SetLastError = true)]
216 // public static extern bool WriteProcessMemory(
217 // IntPtr hProcess,
218 // IntPtr lpBaseAddress,
219 // byte[] lpBuffer,
220 // uint nSize,
221 // out UIntPtr lpNumberOfBytesWritten);
222
223
224 //}
225
226 #region IMemoryReader Members
227 #region public bool ReadFirstNonZeroByte(uint MemoryAddress, uint bytesToRead, out int address)
228 public bool ReadFirstNonZeroByte(ulong MemoryAddress, ulong bytesToRead, out ulong address)
229 {
230 //logger.Info.WriteLine("Dumping memory (0x{0:x8}-0x{1:x8}) from pid=({2})", MemoryAddress, MemoryAddress + bytesToRead, string.Format("0x{0:x4} {1}.exe", ppid.Id, ppid.ProcessName));
231 address = 0;
232 uint byte_alignment = 1;
233 // get common init parameters
234 //InitMemoryDump(out byte_alignment);
235 ulong mem_address = MemoryAddress;
236 ulong _bytesToRead = bytesToRead;
237 byte[] buffer = new byte[] { };
238 try
239 {
240 //using (MemoryStream ms = new MemoryStream())
241 //{
242 // //BinaryWriter bw = new BinaryWriter(ms);
243 // //foreach (byte b in data) { bw.Write(b); }
244 for (ulong i = 0; i <= bytesToRead; )
245 {
246 if (_bytesToRead < byte_alignment)
247 {
248 _bytesToRead = bytesToRead;
249 buffer = new byte[_bytesToRead];
250 }
251 else
252 {
253 _bytesToRead = byte_alignment;
254 buffer = new byte[byte_alignment];
255 }
256 ulong bytesRead = 0;
257 ReadProcessMemory(mem_address, _bytesToRead, out bytesRead, out buffer);
258 if (buffer.Length == 0 && bytesRead == 0)
259 {
260 throw new Exception(string.Format("Failed to read memory from process: {0}", ReadProcess.ToString()));
261 }
262 //bw.Write(buffer);
263 //bw.Flush();
264 if (_bytesToRead < byte_alignment)
265 {
266 i += _bytesToRead;
267 mem_address += (ulong)_bytesToRead;
268 }
269 else
270 {
271 i += byte_alignment;
272 mem_address += (ulong)byte_alignment;
273 }
274 for (uint j = 0; j < buffer.Length; j++)
275 {
276 if (buffer[j] != 0)
277 {
278 address = mem_address;
279 break;
280 }
281 }
282 if (address != 0)
283 break;
284 }
285 // bw.Close();
286 //}
287 //logger.Info.WriteLine("Succefully dumped memory (0x{0:x8}-0x{1:x8}) from pid=({2})", MemoryAddress, MemoryAddress + bytesToRead, string.Format("0x{0:x4} {1}.exe", ppid.Id, ppid.ProcessName));
288 return true;
289 }
290 catch (SEHException ex)
291 {
292 logger.Error.WriteLine("ReadFirstNonZeroByte() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
293 logger.Error.WriteLine(ex.ToString());
294 throw ex;
295 }
296 catch (OutOfMemoryException ex)
297 {
298 logger.Error.WriteLine("ReadFirstNonZeroByte(): OutOfMemoryException");
299 logger.Error.WriteLine(ex.ToString());
300 }
301 catch (Exception ex)
302 {
303 logger.Error.WriteLine("ReadFirstNonZeroByte(): Exception");
304 logger.Error.WriteLine(ex.ToString());
305 throw ex;
306 }
307 return false;
308 }
309 #endregion
310
311
312 public void QueryMemoryRegions()
313 {
314 ulong location = 0;
315 int size = 0;
316 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)location, size))
317 {
318 }
319 }
320
321 public void UpdateAddressArray(ulong[] addresses, ulong size, out byte[][] values)
322 {
323 // size = size of data to read at each address
324 values = new byte[addresses.Length][];
325 for (int x = 0; x < values.Length; x++) { values[x] = new byte[size]; }
326
327 for (ulong i = 0; i < (ulong)addresses.Length; i++)
328 {
329 byte[] data = new byte[size];
330 ulong bytesRead = 0;
331 var address = addresses[i];
332 this.ReadProcessMemory(address, size, out bytesRead, out data);
333 values[i] = data;
334 }
335 }
336
337
338 public void ReadProcessMemoryAtOnce(ulong MemoryAddress, ulong bytesToRead, object UserState)
339 {
340 uint size = 128;
341 //int count = 0;
342 for (ulong j = MemoryAddress; j < (MemoryAddress + bytesToRead); j += size)
343 {
344 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)j, (int)size))
345 {
346 byte[] bigMem = mem.Read();
347 //count += bigMem.Length;
348 if (this.OnBytesRead != null)
349 {
350 OnBytesReadEventArgs t = new OnBytesReadEventArgs(this, UserState, bigMem, j, bytesToRead);
351 this.OnBytesRead.Invoke(t);
352 if (t.Canceled)
353 {
354 bigMem = null;
355 break;
356 }
357
358 }
359 bigMem = null;
360 }
361 }
362 }
363 public void ReadProcessMemoryAtOnce(ulong MemoryAddress, ulong bytesToRead, out ulong bytesRead, out byte[] data)
364 {
365 Stopwatch st = new Stopwatch();
366 st.Start();
367 List<byte> buffer_list = new List<byte>();
368 //for (uint j = MemoryAddress; j < (MemoryAddress+bytesToRead); j += size)
369 //{
370 // using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)j, (int)bytesToRead))
371 // {
372 // byte[] bigMem = mem.Read();
373 // foreach (byte b in bigMem) { buffer_list.Add(b); }
374 // bigMem = null;
375 // }
376 //}
377
378 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)MemoryAddress, (int)bytesToRead))
379 {
380 byte[] bigMem = mem.Read();
381 foreach (byte b in bigMem) { buffer_list.Add(b); }
382 bigMem = null;
383 }
384
385 bytesRead = (ulong)buffer_list.Count;
386 data = new byte[bytesToRead];
387 data.Initialize();
388 Buffer.BlockCopy(buffer_list.ToArray(), 0, data, 0, (int)bytesToRead);
389 st.Stop();
390 logger.Profiler.WriteLine("ReadProcessMemoryAtOnce(): start=0x{0:x8} end=0x{1:x8} took {2:0.0000} seconds", MemoryAddress, MemoryAddress + bytesToRead, st.Elapsed.TotalSeconds);
391 }
392 #region public void ReadProcessMemory(int MemoryAddress, uint bytesToRead, out int bytesRead, out byte[] data)
393 public void ReadProcessMemory(long MemoryAddress, long bytesToRead, out ulong bytesRead, out byte[] data)
394 {
395 ReadProcessMemory((ulong)MemoryAddress, (ulong)bytesToRead, out bytesRead, out data);
396 }
397 public void ReadProcessMemory(ulong MemoryAddress, ulong bytesToRead, out ulong bytesRead, out byte[] data)
398 {
399 try
400 {
401 ReadProcessMemoryAtOnce(MemoryAddress, bytesToRead, out bytesRead, out data);
402 //bytesRead = 0;
403 //data = new byte[bytesToRead];
404 //const int alignment = 1;
405 //List<byte> buffer_list = new List<byte>();
406 //uint _MemoryAddress = MemoryAddress;
407 //for (int i = 0; i < bytesToRead; i++)
408 //{
409 // byte[] buffer = new byte[alignment];
410 // int _bytesRead = 0;
411 // MEMORY_BASIC_INFORMATION m;
412 // ProcessMemoryReaderApi.VirtualQueryEx(m_ReadProcess.Handle, (IntPtr)_MemoryAddress, out m, (uint)Marshal.SizeOf(typeof(MEMORY_BASIC_INFORMATION)));
413
414 // if (m.AllocationProtect.HasFlag(AllocationProtect.PAGE_NOACCESS) ||
415 // m.AllocationProtect == 0)
416 // {
417 // uint OrignalAddress = _MemoryAddress;
418 // while (m.AllocationProtect.HasFlag(AllocationProtect.PAGE_NOACCESS) || m.AllocationProtect == 0)
419 // {
420 // ProcessMemoryReaderApi.VirtualQueryEx(m_ReadProcess.Handle, (IntPtr)_MemoryAddress, out m, (uint)Marshal.SizeOf(typeof(MEMORY_BASIC_INFORMATION)));
421 // _MemoryAddress++;
422 // buffer_list.Add(0);
423 // }
424 // _MemoryAddress--;
425 // uint diff = _MemoryAddress - OrignalAddress;
426 // i += (int)diff;
427 // buffer_list.RemoveAt(buffer_list.Count-1);
428 // }
429
430 // ProcessMemoryReader.ProcessMemoryReaderApi.ReadProcessMemory(handle, (IntPtr)_MemoryAddress, buffer, alignment, out _bytesRead);
431 // int LastError = Marshal.GetLastWin32Error();
432 // if (LastError != ResultWin32.ERROR_SUCCESS)
433 // {
434 // string ErrorName = ResultWin32.GetErrorName(LastError);
435 // }
436 // if (_bytesRead > 0)
437 // {
438 // foreach (byte b in buffer)
439 // {
440 // buffer_list.Add(b);
441 // }
442 // _MemoryAddress += (uint)buffer.Length;
443 // }
444 //}
445 //bytesRead = buffer_list.Count;
446 //Buffer.BlockCopy(buffer_list.ToArray(), 0, data, 0, (int)bytesToRead);
447 }
448 catch (SEHException ex)
449 {
450 logger.Error.WriteLine("ReadProcessMemory() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
451 logger.Error.WriteLine(ex.ToString());
452 throw ex;
453 }
454 catch (Exception ex)
455 {
456 logger.Error.WriteLine("ReadProcessMemory(): Exception");
457 logger.Error.WriteLine(ex.ToString());
458 throw ex;
459 }
460 }
461 #endregion
462 #endregion
463
464 #region IMemoryWriter Members
465 #region public void WriteProcessMemory(uint MemoryAddress, byte[] bytesToWrite, out int bytesWritten)
466 public void WriteProcessMemory(long MemoryAddress, byte[] bytesToWrite, out ulong bytesWritten)
467 {
468 ulong _bytesWritten = 0;
469 WriteProcessMemory((ulong)MemoryAddress, bytesToWrite, out _bytesWritten);
470 bytesWritten = (ulong)_bytesWritten;
471 }
472 public void WriteProcessMemory(ulong MemoryAddress, byte[] bytesToWrite, out ulong bytesWritten)
473 {
474 try
475 {
476 //uint _bytesWritten = 0;
477 ulong _MemoryAddress = MemoryAddress;
478
479 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)MemoryAddress, bytesToWrite.Length))
480 {
481 mem.Write(0, bytesToWrite);
482 }
483
484 //for (int i = 0; i < bytesToWrite.Length; i++)
485 //{
486 // UIntPtr _ptrBytesWritten = UIntPtr.Zero;
487 // byte[] buffer = new byte[] { bytesToWrite[i] };
488 // ProcessMemoryReaderApi.WriteProcessMemory(handle, (IntPtr)_MemoryAddress, buffer, (uint)buffer.Length, out _ptrBytesWritten);
489 // _MemoryAddress++;
490 // _bytesWritten++;
491 //}
492 //bytesWritten = _bytesWritten;
493 bytesWritten = (uint)bytesToWrite.Length;
494 }
495 catch (SEHException ex)
496 {
497 logger.Error.WriteLine("WriteProcessMemory() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
498 logger.Error.WriteLine(ex.ToString());
499 throw ex;
500 }
501 catch (Exception ex)
502 {
503
504 logger.Error.WriteLine("WriteProcessMemory() Exception");
505 logger.Error.WriteLine(ex.ToString());
506 bytesWritten = 0;
507 throw ex;
508 }
509 }
510 #endregion
511 #endregion
512
513 #region IFileWriter Members
514 #region public bool WriteProcessMemoryToFile(string filename, uint MemoryAddress, uint bytesToRead, out int bytesRead)
515 public bool WriteProcessMemoryToFile(string filename, ulong MemoryAddress, ulong bytesToRead, out ulong bytesRead)
516 {
517 //logger.Info.WriteLine("Dumping memory (0x{0:x8}-0x{1:x8}) from pid=({3}) to file {2}", MemoryAddress, MemoryAddress + bytesToRead, filename, string.Format("0x{0:x4} {1}.exe", ppid.Id, ppid.ProcessName));
518 bytesRead = 0;
519 uint byte_alignment = 102400;
520 ulong address = MemoryAddress;
521 ulong _bytesToRead = bytesToRead;
522 byte[] buffer = new byte[] { };
523 try
524 {
525 FileInfo fi = new FileInfo(filename);
526 if (fi.Exists)
527 fi.Delete();
528 using (FileStream fs = new FileStream(filename, FileMode.CreateNew, FileAccess.ReadWrite, FileShare.ReadWrite))
529 {
530 BinaryWriter bw = new BinaryWriter(fs);
531 //foreach (byte b in data) { bw.Write(b); }
532
533 for (ulong i = 0; i <= bytesToRead; )
534 {
535 if (_bytesToRead < byte_alignment)
536 {
537 _bytesToRead = bytesToRead;
538 buffer = new byte[_bytesToRead];
539 }
540 else
541 {
542 _bytesToRead = byte_alignment;
543 buffer = new byte[byte_alignment];
544 }
545 ReadProcessMemory(address, _bytesToRead, out bytesRead, out buffer);
546 bw.Write(buffer);
547 bw.Flush();
548
549 if (_bytesToRead < byte_alignment)
550 {
551 i += _bytesToRead;
552 address += (ulong)_bytesToRead;
553 }
554 else
555 {
556 i += byte_alignment;
557 address += (ulong)byte_alignment;
558 }
559
560
561 }
562 bw.Close();
563 }
564 logger.Info.WriteLine("Succefully dumped memory (0x{0:x8}-0x{1:x8}) from pid=({3}) to file {2}", MemoryAddress, MemoryAddress + bytesToRead, filename, string.Format("0x{0:x4} {1}.exe", ReadProcess.Id, ReadProcess.ProcessName));
565 return true;
566 }
567 catch (SEHException ex)
568 {
569 logger.Error.WriteLine("WriteProcessMemoryToFile() SEHException was thrown: (0x{0:x8}) - {1}", ex.ErrorCode, ex.Message);
570 logger.Error.WriteLine(ex.ToString());
571 throw ex;
572 }
573 catch (OutOfMemoryException ex)
574 {
575 logger.Error.WriteLine("WriteProcessMemoryToFile(): Exception");
576 logger.Error.WriteLine(ex.ToString());
577 }
578 catch (Exception ex)
579 {
580 logger.Error.WriteLine("WriteProcessMemoryToFile(): Exception");
581 logger.Error.WriteLine(ex.ToString());
582 throw ex;
583 }
584 return false;
585 }
586 #endregion
587 #endregion
588
589 #region IPatchMemory members
590 #region public virtual bool PatchMemory(uint address, byte value)
591 public virtual bool PatchMemory(ulong address, byte value)
592 {
593 byte[] bitData = BitConverter.GetBytes(value);
594 //UIntPtr ptrBytesWritten;
595 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
596 {
597 mem.Write(0, bitData);
598 }
599 //ProcessMemoryReaderApi.WriteProcessMemory(handle, (IntPtr)address, bitData, (uint)bitData.Length, out ptrBytesWritten);
600 //if (ptrBytesWritten.ToUInt32() == 0)
601 // return false;
602 byte check = 0;
603 ReadMemory(address, out check);
604 if (check == value) return true;
605 return false;
606 }
607 #endregion
608 #region public virtual bool PatchMemory(uint address, sbyte value)
609 public virtual bool PatchMemory(ulong address, sbyte value)
610 {
611 byte[] bitData = BitConverter.GetBytes(value);
612 //UIntPtr ptrBytesWritten;
613 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
614 {
615 mem.Write(0, bitData);
616 }
617 //ProcessMemoryReaderApi.WriteProcessMemory(handle, (IntPtr)address, bitData, (uint)bitData.Length, out ptrBytesWritten);
618 //if (ptrBytesWritten.ToUInt32() == 0)
619 // return false;
620 sbyte check = 0;
621 ReadMemory(address, out check);
622 if (check == value) return true;
623 return false;
624 }
625 #endregion
626 #region public virtual bool PatchMemory(uint address, ushort value)
627 public virtual bool PatchMemory(ulong address, ushort value)
628 {
629 byte[] bitData = BitConverter.GetBytes(value);
630 //UIntPtr ptrBytesWritten;
631 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
632 {
633 mem.Write(0, bitData);
634 }
635 //if (ptrBytesWritten.ToUInt32() == 0)
636 // return false;
637 ushort check = 0;
638 ReadMemory(address, out check);
639 if (check == value) return true;
640 return false;
641 }
642 #endregion
643 #region public virtual bool PatchMemory(uint address, short value)
644 public virtual bool PatchMemory(ulong address, short value)
645 {
646 byte[] bitData = BitConverter.GetBytes(value);
647 //UIntPtr ptrBytesWritten;
648 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
649 {
650 mem.Write(0, bitData);
651 }
652 //if (ptrBytesWritten.ToUInt32() == 0)
653 // return false;
654 short check = 0;
655 ReadMemory(address, out check);
656 if (check == value) return true;
657 return false;
658 }
659 #endregion
660 #region public virtual bool PatchMemory(uint address, uint value)
661 public virtual bool PatchMemory(ulong address, uint value)
662 {
663 byte[] bitData = BitConverter.GetBytes(value);
664 //UIntPtr ptrBytesWritten;
665 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
666 {
667 mem.Write(0, bitData);
668 }
669 //if (ptrBytesWritten.ToUInt32() == 0)
670 // return false;
671 uint check = 0;
672 ReadMemory(address, out check);
673 if (check == value) return true;
674 return false;
675 }
676 #endregion
677 #region public virtual bool PatchMemory(uint address, int value)
678 public virtual bool PatchMemory(ulong address, int value)
679 {
680 byte[] bitData = BitConverter.GetBytes(value);
681 //UIntPtr ptrBytesWritten;
682 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
683 {
684 mem.Write(0, bitData);
685 }
686 //if (ptrBytesWritten.ToUInt32() == 0)
687 // return false;
688 int check = 0;
689 ReadMemory(address, out check);
690 if (check == value) return true;
691 return false;
692 }
693 #endregion
694 #region public virtual bool PatchMemory(uint address, ulong value)
695 public virtual bool PatchMemory(ulong address, ulong value)
696 {
697 byte[] bitData = BitConverter.GetBytes(value);
698 //UIntPtr ptrBytesWritten;
699 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
700 {
701 mem.Write(0, bitData);
702 }
703 //if (ptrBytesWritten.ToUInt32() == 0)
704 // return false;
705 ulong check = 0;
706 ReadMemory(address, out check);
707 if (check == value) return true;
708 return false;
709 }
710 #endregion
711 #region public virtual bool PatchMemory(uint address, long value)
712 public virtual bool PatchMemory(ulong address, long value)
713 {
714 byte[] bitData = BitConverter.GetBytes(value);
715 //UIntPtr ptrBytesWritten;
716 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, bitData.Length))
717 {
718 mem.Write(0, bitData);
719 }
720 //if (ptrBytesWritten.ToUInt32() == 0)
721 // return false;
722 long check = 0;
723 ReadMemory(address, out check);
724 if (check == value) return true;
725 return false;
726 }
727 #endregion
728 #endregion
729
730 #region IReadMemory members
731 #region public virtual bool ReadMemory(uint address, out byte value)
732 public virtual bool ReadMemory(ulong address, out byte value)
733 {
734 value = 0;
735 try
736 {
737 //int bytesRead;
738 uint size = sizeof(byte);
739 byte[] bitData = new byte[size];
740 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
741 {
742 bitData = mem.Read(0, (int)size);
743 }
744 //if (bytesRead == 0)
745 // return false;
746 value = bitData[0];
747 return true;
748 }
749 catch
750 {
751 value = 0x00;
752 return false;
753 }
754 }
755 #endregion
756 #region public virtual bool ReadMemory(uint address, out sbyte value)
757 public virtual bool ReadMemory(ulong address, out sbyte value)
758 {
759 value = 0;
760 try
761 {
762 //int bytesRead;
763 uint size = sizeof(sbyte);
764 byte[] bitData = new byte[size];
765 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
766 {
767 bitData = mem.Read(0, (int)size);
768 }
769 //if (bytesRead == 0)
770 // return false;
771 value = Convert.ToSByte(bitData[0]);
772 return true;
773 }
774 catch
775 {
776 value = 0x00;
777 return false;
778 }
779 }
780 #endregion
781 #region public virtual bool ReadMemory(uint address, out ushort value)
782 public virtual bool ReadMemory(ulong address, out ushort value)
783 {
784 value = 0;
785 try
786 {
787 //int bytesRead;
788 uint size = sizeof(ushort);
789 byte[] bitData = new byte[size];
790 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
791 {
792 bitData = mem.Read(0, (int)size);
793 }
794 //if (bytesRead == 0)
795 // return false;
796 value = BitConverter.ToUInt16(bitData, 0);
797 return true;
798 }
799 catch
800 {
801 value = 0x00;
802 return false;
803 }
804 }
805 #endregion
806 #region public virtual bool ReadMemory(uint address, out short value)
807 public virtual bool ReadMemory(ulong address, out short value)
808 {
809 value = 0;
810 try
811 {
812 //int bytesRead;
813 uint size = sizeof(short);
814 byte[] bitData = new byte[size];
815 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
816 {
817 bitData = mem.Read(0, (int)size);
818 }
819 //if (bytesRead == 0)
820 // return false;
821 value = BitConverter.ToInt16(bitData, 0);
822 return true;
823 }
824 catch
825 {
826 value = 0x00;
827 return false;
828 }
829 }
830 #endregion
831 #region public virtual bool ReadMemory(uint address, out uint value)
832 public virtual bool ReadMemory(ulong address, out uint value)
833 {
834 value = 0;
835 try
836 {
837 //int bytesRead;
838 uint size = sizeof(uint);
839 byte[] bitData = new byte[size];
840 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
841 {
842 bitData = mem.Read(0, (int)size);
843 }
844 //if (bytesRead == 0)
845 // return false;
846 value = BitConverter.ToUInt32(bitData, 0);
847 return true;
848 }
849 catch
850 {
851 value = 0x00;
852 return false;
853 }
854 }
855 #endregion
856 #region public virtual bool ReadMemory(uint address, out int value)
857 public virtual bool ReadMemory(ulong address, out int value)
858 {
859 value = 0;
860 try
861 {
862 //int bytesRead;
863 uint size = sizeof(int);
864 byte[] bitData = new byte[size];
865 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
866 {
867 bitData = mem.Read(0, (int)size);
868 }
869 //if (bytesRead == 0)
870 // return false;
871 value = BitConverter.ToInt32(bitData, 0);
872 return true;
873 }
874 catch
875 {
876 value = 0x00;
877 return false;
878 }
879 }
880 #endregion
881 #region public virtual bool ReadMemory(uint address, out ulong value)
882 public virtual bool ReadMemory(ulong address, out ulong value)
883 {
884 value = 0;
885 try
886 {
887 //int bytesRead;
888 uint size = sizeof(ulong);
889 byte[] bitData = new byte[size];
890 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
891 {
892 bitData = mem.Read(0, (int)size);
893 }
894 //if (bytesRead == 0)
895 // return false;
896 value = BitConverter.ToUInt64(bitData, 0);
897 return true;
898 }
899 catch
900 {
901 value = 0x00;
902 return false;
903 }
904 }
905 #endregion
906 #region public virtual bool ReadMemory(uint address, out long value)
907 public virtual bool ReadMemory(ulong address, out long value)
908 {
909 value = 0;
910 try
911 {
912 // int bytesRead;
913 uint size = sizeof(long);
914 byte[] bitData = new byte[size];
915 using (ProcessMemoryChunk mem = new ProcessMemoryChunk(m_ReadProcess, (IntPtr)address, (int)size))
916 {
917 bitData = mem.Read(0, (int)size);
918 }
919 //if (bytesRead == 0)
920 // return false;
921 value = BitConverter.ToInt64(bitData, 0);
922 return true;
923 }
924 catch
925 {
926 value = 0x00;
927 return false;
928 }
929 }
930 #endregion
931 #endregion
932 }
933 #endregion
934 }

  ViewVC Help
Powered by ViewVC 1.1.22