private IntPtr ScanForRecordAddress()
{
try
{
if (!config.ScanType.ToLower().Equals("offset"))
{
ProgressBarForm progressBarForm = new ProgressBarForm();
progressBarForm.Show();
Point location = Location;
int x = location.X + Width / 2 - progressBarForm.Width / 2;
location = Location;
Point point = new Point(x, location.Y + 100);
progressBarForm.Location = point;
progressBarForm.Update();
Update();
if (config.BufferSize <= 0)
{
config.BufferSize = 1;
}
byte[] numArray = new byte[config.BufferSize * 1024];
firstRecordAddress = MemoryScanner.ScanRange(memory, (IntPtr)0, (IntPtr)int.MaxValue, config.ByteArray, numArray);
progressBarForm.Close();
}
else
{
firstRecordAddress = MemoryScanner.ScanModule(memory, config.Module, config.BaseAddress, config.ByteArray, config.MemoryRange);
}
}
catch (Exception exception)
{
MessageBox.Show(exception.Message);
}
return(this.firstRecordAddress);
}
public static IntPtr ScanModule(Memory memory, string moduleName, int baseAddress, byte[] target, int range)
{
IntPtr zero = IntPtr.Zero;
if (memory == null || target == null || string.IsNullOrEmpty(moduleName))
{
return(IntPtr.Zero);
}
ProcessModule processModule = memory.FindModule(moduleName);
if (processModule == null)
{
return(IntPtr.Zero);
}
IntPtr intPtr = (IntPtr)memory.ReadInt32(processModule.BaseAddress + baseAddress);
IntPtr intPtr1 = intPtr + range;
for (int i = intPtr.ToInt32(); i < intPtr1.ToInt32() - (int)target.Length; i++)
{
byte[] numArray = new byte[(int)target.Length];
try
{
memory.ReadMemory((IntPtr)i, numArray, (int)target.Length);
if (MemoryScanner.CompareByteArrays(target, numArray))
{
zero = (IntPtr)i;
return(zero);
}
}
catch (Exception exception)
{
}
}
return(zero);
}
public static IntPtr ScanRange(Memory memory, IntPtr startAddress, IntPtr endAddress, byte[] target, byte[] buffer)
{
Win32.MEMORY_BASIC_INFORMATION mEMORYBASICINFORMATION;
IntPtr intPtr;
IntPtr zero = IntPtr.Zero;
if (memory == null || target == null || target.Length == 0 || buffer.Length == 0)
{
return(IntPtr.Zero);
}
List <IntPtr> intPtrs = new List <IntPtr>();
long regionSize = (long)startAddress;
long num = (long)endAddress;
while (regionSize < num)
{
try
{
if (Win32.VirtualQueryEx(memory.Process.Handle, (IntPtr)regionSize, out mEMORYBASICINFORMATION, (uint)Marshal.SizeOf(typeof(Win32.MEMORY_BASIC_INFORMATION))) != 0 && (mEMORYBASICINFORMATION.Protect & 1) == 0 && (mEMORYBASICINFORMATION.Protect & 256) == 0 && mEMORYBASICINFORMATION.Protect != 0)
{
long regionSize1 = (long)mEMORYBASICINFORMATION.RegionSize;
int num1 = (regionSize1 < (long)((int)buffer.Length) ? (int)regionSize1 : (int)buffer.Length);
long num2 = regionSize + regionSize1;
for (long i = regionSize; i < num2 - (long)((int)target.Length); i = i + (long)num1)
{
if (i + (long)num1 > num2)
{
num1 = (int)(num2 - i);
}
memory.ReadMemory((IntPtr)i, buffer, num1);
int num3 = 0;
while (num3 < num1 - (int)target.Length)
{
if (!MemoryScanner.CompareByteArraySequences(buffer, target, num3))
{
num3++;
}
else
{
intPtrs.Add((IntPtr)(i + (long)num3));
intPtr = (IntPtr)(i + (long)num3);
return(intPtr);
}
}
}
}
regionSize = regionSize + (long)mEMORYBASICINFORMATION.RegionSize;
continue;
}
catch (Exception exception)
{
Console.WriteLine(exception.Message);
continue;
}
return(intPtr);
}
if (intPtrs.Count <= 0)
{
return(IntPtr.Zero);
}
return(intPtrs[0]);
}
public IntPtr TestScan(Memory memory, Configuration config)
{
return(MemoryScanner.ScanModule(memory, config.Module, config.BaseAddress, config.ByteArray, 65535));
}