C# (CSharp) IntelOrca.MemPatch AppProcess Beispiele

Programmiersprache: C# (CSharp)

Namespace / Paketname: IntelOrca.MemPatch

Klasse / Typ: AppProcess

Beispiele auf hotexamples.com: 6

C# (CSharp) IntelOrca.MemPatch AppProcess - 6 Beispiele gefunden. Dies sind die am besten bewerteten C# (CSharp) Beispiele für die IntelOrca.MemPatch.AppProcess, die aus Open Source-Projekten extrahiert wurden. Sie können Beispiele bewerten, um die Qualität der Beispiele zu verbessern.

Häufig verwendete Methoden

Anzeigen Verbergen

WriteBytes(7)

GetBytes(4)

AllocateMemory(2)

FreeMemory(2)

ResumeProcess(1)

SuspendProcess(1)

WriteInt32(1)

WriteInt8(1)

Beispiel #1

Datei anzeigen

        public static uint InjectCode(AppProcess process, uint address, int replacedInstructionSize, byte[] newCode)
        {
            if (replacedInstructionSize < 5)
            {
                throw new Exception("Replaced instruction size much be greater than 5.");
            }

            //Allocate the memory required
            uint allocatedMem = process.AllocateMemory((uint)(newCode.Length + replacedInstructionSize + JMPSize));

            //Write the new code in the allocated memory
            process.WriteBytes((int)allocatedMem, newCode);

            //Copy the old code
            CopyInstructions(process, address, allocatedMem + (uint)newCode.Length, replacedInstructionSize);

            //Write jump at the end of the allocated memory
            WriteJump(process, allocatedMem + (uint)newCode.Length + (uint)replacedInstructionSize, address + (uint)replacedInstructionSize);

            //Write jump address
            WriteJump(process, address, allocatedMem);

            //Write nops to be clean
            WriteNOPs(process, address + JMPSize, replacedInstructionSize - JMPSize);

            return(allocatedMem);
        }

Beispiel #2

Datei anzeigen

        public static void WriteNOPs(AppProcess process, uint address, int count)
        {
            if (count <= 0)
            {
                return;
            }

            byte[] nops = new byte[count];
            for (int i = 0; i < count; i++)
            {
                nops[i] = NOP;
            }

            process.WriteBytes((int)address, nops);
        }

Beispiel #3

Datei anzeigen

        public static uint DeinjectCode(AppProcess process, uint allocatedMem, uint address, int replacedInstructionSize, int newCodeLength)
        {
            if (replacedInstructionSize < 5)
            {
                throw new Exception("Replaced instruction size much be greater than 5.");
            }

            //Write original instructions
            CopyInstructions(process, allocatedMem + (uint)newCodeLength, address, replacedInstructionSize);

            //Free the allocated memory
            process.FreeMemory(allocatedMem);

            return(allocatedMem);
        }

Beispiel #4

Datei anzeigen

 public MemoryEditManager(AppProcess process)
 {
     mProcess = process;
 }

Beispiel #5

Datei anzeigen

 public static void CopyInstructions(AppProcess process, uint srcAddress, uint destAddress, int size)
 {
     byte[] instructions = process.GetBytes((int)srcAddress, size);
     process.WriteBytes((int)destAddress, instructions);
 }

Beispiel #6

Datei anzeigen

 public static void WriteJump(AppProcess process, uint srcAddress, uint destAddress)
 {
     process.WriteInt8((int)srcAddress, 0xE9);
     process.WriteInt32((int)srcAddress + 1, destAddress - srcAddress - JMPSize);
 }