C# (CSharp) Binarysharp.MemoryManagement.Memory.RemoteAllocation Beispiele

Programmiersprache: C# (CSharp)

Klasse / Typ: Binarysharp.MemoryManagement.Memory.RemoteAllocation

Beispiele auf hotexamples.com: 2

C# (CSharp) Binarysharp.MemoryManagement.Memory.RemoteAllocation - 2 Beispiele gefunden. Dies sind die am besten bewerteten C# (CSharp) Beispiele für die Binarysharp.MemoryManagement.Memory.RemoteAllocation, die aus Open Source-Projekten extrahiert wurden. Sie können Beispiele bewerten, um die Qualität der Beispiele zu verbessern.

Beispiel #1

Datei anzeigen

        public void AttachToProcess()
        {
            var process = Process.GetProcessesByName(_ggprocname).FirstOrDefault();

            if (process == null)
            {
                throw new Exception("GG process not found!");
            }

            _memorySharp             = new MemorySharp(process);
            _nonRelativeScriptOffset = IntPtr.Add(_memorySharp.Modules.MainModule.BaseAddress, (int)_scriptOffset);
            _newmem     = _memorySharp.Memory.Allocate(128);
            _newmembase = _newmem.Information.AllocationBase;
            var originalCodeAOB = _memorySharp.Assembly.Assembler.Assemble("mov ebp,[ebp+0x0C]\n" + "test [edx],ebp\n" + String.Format("jmp 0x{0}", (_nonRelativeScriptOffset + 5).ToString("X8")), _newmembase);

            _originalCodeAOB = new byte[originalCodeAOB.Length + 20];
            originalCodeAOB.CopyTo(_originalCodeAOB, 0);
            _remoteCodeAOB = _memorySharp.Assembly.Assembler.Assemble(String.Format("mov ebp,[ebp+0x0C]\n" + "cmp edi,3\n" + "jne 0x{0}\n" + "mov ebp,[edx]\n" + "test [edx],ebp\n" + "jmp 0x{1}", IntPtr.Add(_newmembase, 0xA).ToString("X8"), (_nonRelativeScriptOffset.ToInt32() + 5).ToString("X8")), _newmembase);
            _memorySharp.Write <byte>(_newmembase, _originalCodeAOB, false);
        }

Beispiel #2

Datei anzeigen

Datei: ReversalTool.cs Projekt: separch/rev2-wakeup-tool

        public void AttachToProcess()
        {
            var process = Process.GetProcessesByName(_ggprocname).FirstOrDefault();

            if (process == null)
            {
                throw new Exception("GG process not found!");
            }

            _memorySharp             = new MemorySharp(process);
            _nonRelativeScriptOffset = IntPtr.Add(_memorySharp.Modules.MainModule.BaseAddress, (int)_scriptOffset);
            _newmem      = _memorySharp.Memory.Allocate(128);
            _newmembase  = _newmem.Information.AllocationBase;
            _flagmem     = _memorySharp.Memory.Allocate(128);
            _flagmembase = _flagmem.Information.AllocationBase;
            var remoteASMstring = String.Format("mov ebp,[eax+0x40]\n" + "mov ebp,[ebp+0x0C]\n" + "cmp edi,3\n" + "jne 0x{0}\n" + "cmp BYTE [0x{2}], 1\n" + "je 0x{3}\n" +
                                                "mov DWORD [0x{4}], 0x200\n" + "and DWORD [0x{4}], eax\n" + "cmp DWORD [0x{4}], 0x200\n" + "jne 0x{0}\n" + "mov DWORD [0x{4}], eax\n" + "mov BYTE [0x{2}], 1\n" + "jmp 0x{0}\n" +
                                                "cmp DWORD [0x{4}], eax\n" + "jne 0x{0}\n" + "cmp BYTE [0x{1}],0\n" + "jne 0x{0}\n" + "mov ebp,[edx]\n" + "mov BYTE [0x{1}], 1\n" + "jmp 0x{0}",
                                                (_nonRelativeScriptOffset.ToInt32() + 6).ToString("X8"), _flagmembase.ToString("X8"), IntPtr.Add(_flagmembase, 1).ToString("X8"), IntPtr.Add(_newmembase, 0x49).ToString("X8"), IntPtr.Add(_flagmembase, 4).ToString("X8"));

            _remoteCodeAOB = _memorySharp.Assembly.Assembler.Assemble(remoteASMstring, _newmembase);
            _memorySharp.Write <byte>(_newmembase, _remoteCodeAOB, false);
        }