private void ContiniousScan(Process process)
{
Dictionary <string, byte> MemoryDictionary = new Dictionary <string, byte>();
Stopwatch stopwatch = new Stopwatch();
stopwatch.Restart();
SYSTEM_INFO msi = new SYSTEM_INFO();
Kernel32.GetSystemInfo(ref msi);
MEMORY_BASIC_INFORMATION mbi = new MEMORY_BASIC_INFORMATION();
IntPtr maxApplicationAddress = msi.lpMaximumApplicationAddress;
IntPtr minApplicationAddress = msi.lpMinimumApplicationAddress;
IntPtr ProcHandle = process.Handle;
int bytesRead = 0;
bool LoopScanning = true;
Dictionary <string, byte> oldDictionary = new Dictionary <string, byte>();
while (LoopScanning)
{
MemoryDictionary.Clear();
minApplicationAddress = msi.lpMinimumApplicationAddress;
while ((long)minApplicationAddress < (long)maxApplicationAddress)
{
Kernel32.VirtualQueryEx(ProcHandle, minApplicationAddress, out mbi, (uint)Marshal.SizeOf(typeof(MEMORY_BASIC_INFORMATION)));
if (mbi.Protect == Kernel32.PAGE_READWRITE && mbi.State == Kernel32.MEM_COMMIT)
{
byte[] buffer = new byte[mbi.RegionSize];
Kernel32.ReadProcessMemory((int)ProcHandle, mbi.BaseAddress, buffer, mbi.RegionSize, ref bytesRead);
for (int x = 0; x < mbi.RegionSize; x++)
{
MemoryDictionary.Add(string.Format("0x{0}", (mbi.BaseAddress + x).ToString("X16")), buffer[x]);
}
}
minApplicationAddress = new IntPtr(((long)minApplicationAddress + mbi.RegionSize));
}
if (oldDictionary.Count != 0)
{
List <MemorryValue> memvals = CheckDictionaries(oldDictionary, MemoryDictionary);
if (memvals.Count > 0)
{
MemoryChanged.Invoke(memvals);
}
}
oldDictionary = new Dictionary <string, byte>(MemoryDictionary);
}
}
private void run(object o, DoWorkEventArgs args)
{
ProcessStarted?.Invoke(this, EventArgs.Empty);
while (!_stopCalled)
{
lock (_config)
{
foreach (var rule in _config.Rules)
{
IntPtr address = new IntPtr(_baseMemoryOffset + rule.MemoryOffset64);
var bytes = _process.ReadArray <byte>(address, rule.NumBytes);
if (rule.Bytes == null)
{
rule.Bytes = bytes;
continue;
}
else
{
IChangedDataContainer changedBytes;
if (isBytesChangedAccordingToRule(bytes, rule, out changedBytes))
{
rule.Bytes = bytes;
OnLog(rule, "You");
MemoryChanged?.Invoke(this, new MemoryChangedEventArgs(rule, changedBytes));
}
else
{
rule.Bytes = bytes;
}
}
}
}
Thread.Sleep(_pollIntervall);
//Update config if request has been made
if (_nextConfig != null)
{
_config = _nextConfig;
_nextConfig = null;
}
}
}
public void Write(ushort address, byte value)
{
var block = RedirectionTable[address];
if (block != null && block.CanWrite)
{
block.Device.Write(block.BlockId, (ushort)(address - block.StartAddress), value);
}
Debug.WriteLine($"[{address:X4}] <- {value:X2}");
if (address < LowWaterMark)
{
LowWaterMark = address;
}
if (address > HighWaterMark)
{
HighWaterMark = address;
}
MemoryChanged?.Invoke(this, new MemoryChangedEventArgs(address, value));
EvaluateBreakpoints(address, value);
}
private void OnMemoryChanged(long memoryLocation, long value)
{
MemoryChanged.SafeTrigger(this, new MemoryChangedEventArgs(memoryLocation, value));
}
public static void OnMemoryChanged()
{
MemoryChanged?.Invoke();
}
