Ejemplo n.º 1
0
        public bool WriteByte(IntPtr address, byte value)
        {
            if (Handle == IntPtr.Zero || !_processUnlocked)
            {
                throw new InvalidHandle();
            }

            Logger.Debug($"attempt to write byte to {address.ToString("X8")}");

            byte[] bytesToWrite = { value };

            bool success = Pinvokes.WriteProcessMemory(Handle, address, bytesToWrite, 1, out _);

            if (success)
            {
                Logger.Debug("OK.. write byte");
            }
            else
            {
                int errCode = Marshal.GetLastWin32Error();
                Logger.Error($"ER.. write byte. code: {errCode}");
            }

            return(success);
        }
Ejemplo n.º 2
0
        public bool UnlockProcess(Process ra3Process, Pinvokes.ProcessAccessFlags flags)
        {
            LockProcess();

            Logger.Debug($"attempt to unlock process (open process). using pid {ra3Process.Id}");
            IntPtr tmpHandle = Pinvokes.OpenProcess(
                flags
                , false
                , ra3Process.Id
                );

            if (tmpHandle != IntPtr.Zero)
            {
                _processUnlocked = true;
                Handle           = tmpHandle;
                Ra3ProcessHandle.Add(tmpHandle, ra3Process);
                Logger.Debug("OK.. unlock process (open process)");
                return(true);
            }

            _processUnlocked = false;
            int errCode = Marshal.GetLastWin32Error();

            Logger.Error($"ER.. unlock process (open process). code: {errCode}");
            return(false);
        }
Ejemplo n.º 3
0
 public bool WriteBytes(Process proc, IntPtr address, byte [] buffer)
 {
     return(Pinvokes.WriteProcessMemory(
                GetHandle(proc,
                          PFlags.VirtualMemoryOperation |
                          PFlags.VirtualMemoryWrite), address, buffer, buffer.Length, out _));
 }
Ejemplo n.º 4
0
        public void CleanHandles()
        {
            foreach (var intPtr in _procIdHandle)
            {
                Pinvokes.CloseHandle(intPtr.Value);
            }

            _procIdHandle.Clear();
        }
Ejemplo n.º 5
0
        private IntPtr GetHandle(Process proc, PFlags accessFlags)
        {
            if (_procIdHandle.ContainsKey(new Tuple <int, PFlags>(proc.Id, accessFlags)))
            {
                var existingHandle = _procIdHandle[new Tuple <int, PFlags>(proc.Id, accessFlags)];
                Logger.Info($"Returned existing handle to PID \"{proc.Id}\": 0x{existingHandle.ToString("X8")}");
                return(existingHandle);
            }

            IntPtr handle = Pinvokes.OpenProcess(accessFlags, true, proc.Id);

            if (handle == IntPtr.Zero)
            {
                int errCode = Marshal.GetLastWin32Error();
                Logger.Error($"ER.. lock process (close handle). code: {errCode}");
            }

            Logger.Info($"Returned fresh handle to PID \"{proc.Id}\": 0x{handle.ToString("X8")}");

            _procIdHandle.Add(new Tuple <int, PFlags>(proc.Id, accessFlags), handle);
            return(handle);
        }
Ejemplo n.º 6
0
        public bool LockProcess()
        {
            if (Handle != IntPtr.Zero &&
                Ra3ProcessHandle.ContainsKey(Handle) &&
                Ra3ProcessHandle[Handle].HasExited == false)
            {
                Logger.Debug("attempt to lock process (close handle)");
                if (Pinvokes.CloseHandle(Handle))
                {
                    Ra3ProcessHandle.Remove(Handle);
                    Handle           = IntPtr.Zero;
                    _processUnlocked = false;
                    Logger.Debug("OK.. lock process (close handle)");
                }
                else
                {
                    int errCode = Marshal.GetLastWin32Error();
                    Logger.Error($"ER.. lock process (close handle). code: {errCode}");
                }
            }

            Logger.Debug("no process or handle found that could be closed");
            return(true);
        }