Beispiel #1
0
        private static bool CheckToggleMemory(int addr, byte[] checkVal, IntPtr pHandle)
        {
            var tmp = new byte[checkVal.Length];

            if (ExternalMethods.ReadProcessMemory(pHandle, addr, tmp, tmp.Length, out var readCnt) && readCnt == tmp.Length && tmp.SequenceEqual(checkVal))
            {
                return(true);
            }
            return(false);
        }
Beispiel #2
0
        public void init(ExternalMethods exMeth, Variables.Variables vars, Executor ex)
        {
            ExMeth = exMeth;
            Vars   = vars;
            Ex     = ex;

            //add the methods
            ExMeth.Add(Ls, "ls", new string[] { "String" });
            ExMeth.Add(Cd, "cd", new string[] { "String" });
            ExMeth.Add(Start, "start", new string[] { "String" });
        }
Beispiel #3
0
        public static bool EnableFog(Process process)
        {
            var pHandle = ExternalMethods.OpenProcess(ExternalData.PROCESS_WM_READ |
                                                      ExternalData.PROCESS_WM_WRITE | ExternalData.PROCESS_VM_OPERATION, false, process.Id);

            if (IsFogDisabled(pHandle))
            {
                WriteFogCode(fogAddress12, jmpFog, pHandle);
                WriteFogCode(float512Address12, codeF512, pHandle);
                WriteFogCode(mapSkyDistanceAddress12, jmpMapSkyDistance, pHandle);
            }
            return(IsFogEnabled(pHandle));
        }
Beispiel #4
0
        public string GetFullPathFromWindows(string exeName, string domain, string userName)
        {
            if (exeName.Length >= MAX_PATH)
            {
                throw new ArgumentException($"The executable name '{exeName}' must have less than {MAX_PATH} characters.",
                                            nameof(exeName));
            }

            StringBuilder sb      = new StringBuilder(exeName, MAX_PATH);
            var           exePath = ExternalMethods.PathFindOnPath(sb, null) ? sb.ToString() : null;

            if (exePath != null)
            {
                return(exePath);
            }

            // Get User Environment Variable "Path"
            var envPathValue = new EnvironmentSettings().GetPathEnvironmentVariable(domain, userName);

            exePath = FindAppPath(envPathValue, exeName);
            if (!string.IsNullOrEmpty(exePath))
            {
                return(exePath);
            }

            // Get System Environment Variable "Path"
            envPathValue = Environment.GetEnvironmentVariable("Path");
            exePath      = FindAppPath(envPathValue, exeName);
            if (!string.IsNullOrEmpty(exePath))
            {
                return(exePath);
            }
            else
            {
                return(null);
            }
        }
Beispiel #5
0
 private static void WriteFogCode(int addr, byte[] setVal, IntPtr pHandle)
 {
     ExternalMethods.VirtualProtectEx(pHandle, addr, setVal.Length, ExternalData.PAGE_EXECUTE_READWRITE, out var oldProtect);
     ExternalMethods.WriteProcessMemory(pHandle, addr, setVal, setVal.Length, out _);
     ExternalMethods.VirtualProtectEx(pHandle, addr, setVal.Length, oldProtect, out _);
 }
Beispiel #6
0
 internal void Init(Executor ex, ExternalMethods exm, Variables.Variables vars)
 {
     Ex   = ex;
     ExM  = exm;
     Vars = vars;
 }