public void Hook(IntPtr toHook, IntPtr ourFunc, int len, bool _64bit = true)
{
int oldProtect;
MemoryApi.VirtualProtectEx(ProcessHandle, toHook, len, MemoryApi.PAGE_READWRITE, out oldProtect);
var emptyBytes = new byte[len];
for (int i = 0; i < len; i++)
{
emptyBytes[i] = 0x90;
}
WriteBytes(toHook, emptyBytes);
byte[] byte_jump_delta = BitConverter.GetBytes((ulong)ourFunc - (ulong)toHook - (ulong)5);
byte[] managedArray = new byte[5];
managedArray[0] = 0xE9;
for (int i = 0; i < 4; i++)
{
managedArray[i + 1] = byte_jump_delta[i];
}
WriteBytes(toHook, managedArray);
MemoryApi.VirtualProtectEx(ProcessHandle, toHook, len, oldProtect, out oldProtect);
}
public void WriteBytes(IntPtr MemoryAddress, byte[] Buffer)
{
int oldProtect;
MemoryApi.VirtualProtectEx(ProcessHandle, (IntPtr)MemoryAddress, Buffer.Length, MemoryApi.PAGE_READWRITE, out oldProtect);
IntPtr ptrBytesWritten;
MemoryApi.WriteProcessMemory(ProcessHandle, MemoryAddress, Buffer, Buffer.Length, out ptrBytesWritten);
int oldProtect2;
MemoryApi.VirtualProtectEx(ProcessHandle, (IntPtr)MemoryAddress, Buffer.Length, oldProtect, out oldProtect2);
}
public byte[] ReadBytes(IntPtr _lpBaseAddress, int size)
{
byte[] Buffer = new byte[size];
IntPtr ByteRead;
//int oldProtect;
//MemoryApi.VirtualProtectEx(ProcessHandle, _lpBaseAddress, size, MemoryApi.PAGE_READONLY, out oldProtect);
MemoryApi.ReadProcessMemory(ProcessHandle, _lpBaseAddress, Buffer, size, out ByteRead);
//int oldProtect2;
//MemoryApi.VirtualProtectEx(ProcessHandle, _lpBaseAddress, size, oldProtect,out oldProtect2);
return(Buffer);
}
// Get Process for work
public Memory(string _ProcessName)
{
Process[] Processes = Process.GetProcessesByName(_ProcessName);
if (Processes.Length > 0)
{
process = Processes[0];
BaseModule = process.MainModule.BaseAddress;
ProcessID = process.Id;
ProcessName = _ProcessName;
is64Bit = _ProcessName != "TESV";
ProcessHandle = MemoryApi.OpenProcess(MemoryApi.PROCESS_VM_READ | MemoryApi.PROCESS_VM_WRITE | MemoryApi.PROCESS_VM_OPERATION, false, ProcessID);
}
}
public IntPtr AllocateMemory(int size, IntPtr nearThisAddr)
{
MemoryApi.MEMORY_BASIC_INFORMATION mbi;
while (MemoryApi.VirtualQueryEx(ProcessHandle, nearThisAddr, out mbi, (uint)Marshal.SizeOf(typeof(MemoryApi.MEMORY_BASIC_INFORMATION))) != 0)
{
Console.WriteLine(mbi.BaseAddress.ToString("X"));
if (mbi.State == MemoryApi.MEM_FREE)
{
IntPtr addr = MemoryApi.VirtualAllocEx(ProcessHandle, mbi.BaseAddress, size, AllocationType.Commit | AllocationType.Reserve, MemoryProtection.ExecuteReadWrite);
if ((ulong)addr != 0)
{
return(addr);
}
}
nearThisAddr = (IntPtr)((ulong)nearThisAddr - (ulong)0x10000);
}
return(new IntPtr());
}
public IntPtr AllocateMemory(int size)
{
return(MemoryApi.VirtualAllocEx(ProcessHandle, new IntPtr(), size, AllocationType.Commit | AllocationType.Reserve, MemoryProtection.ExecuteReadWrite));
}