Beispiel #1
1
 public static bool LoadModules(IntPtr hProcess, ListModules ModuleType)
 {
     //Initialize parameters for EPM
     uint cbNeeded = 0;
     Psapi.EnumProcessModulesEx(hProcess, IntPtr.Zero, 0, out cbNeeded, ModuleType);
     long ArraySize = cbNeeded / IntPtr.Size;
     IntPtr[] hModules = new IntPtr[ArraySize];
     GCHandle GCh = GCHandle.Alloc(hModules, GCHandleType.Pinned); // Don't forget to free this later
     IntPtr lphModules = GCh.AddrOfPinnedObject();
     uint cb = cbNeeded;
     Psapi.EnumProcessModulesEx(hProcess, lphModules, cb, out cbNeeded, ModuleType);
     for (int i = 0; i < ArraySize; i++)
     {
         MODULE_INFO ModInfo = new MODULE_INFO();
         System.Text.StringBuilder lpFileName = new System.Text.StringBuilder(256);
         System.Text.StringBuilder lpModuleBaseName = new System.Text.StringBuilder(32);
         Psapi.GetModuleFileNameExW(hProcess, hModules[i], lpFileName, (uint)(lpFileName.Capacity));
         Psapi.GetModuleInformation(hProcess, hModules[i], out ModInfo, (uint)(Marshal.SizeOf(ModInfo)));
         Psapi.GetModuleBaseNameW(hProcess, hModules[i], lpModuleBaseName, (uint)(lpModuleBaseName.Capacity));
         DbgHelp.SymLoadModuleEx(hProcess, IntPtr.Zero, lpFileName.ToString(), lpModuleBaseName.ToString(),
         ModInfo.lpBaseOfDll, (int)ModInfo.SizeOfImage, IntPtr.Zero, 0);
     }
     GCh.Free();
     return false;
 }
Beispiel #2
0
 public static extern bool GetModuleInformation(IntPtr hProcess, IntPtr hModule, out MODULE_INFO lpModInfo, uint cb);