/// <summary>
/// Retrieves the handle (memory address) of where the module with a specified name is loaded in the target process.
/// </summary>
/// <param name="moduleName">The name of the module (including extension).</param>
/// <returns>0 if the operation fails, else an address.</returns>
public IntPtr GetModuleHandleFromName(string moduleName)
{
foreach (var module in Safety.TryGetModules(_process))
{
if (Path.GetFileName(module.ModulePath) == moduleName)
{
return(module.BaseAddress);
}
}
return(IntPtr.Zero);
}
/* One off construction functions. */
private Module GetKernel32InRemoteProcess(Process process)
{
foreach (Module module in Safety.TryGetModules(process))
{
if (Path.GetFileName(module.ModulePath).Equals("KERNEL32.DLL", StringComparison.InvariantCultureIgnoreCase))
{
return(module);
}
}
throw new ShellCodeGeneratorException("Failed to find Kernel32 in target process' modules.");
}
/// <summary>
/// Retrieves the handle (memory address) of where the module with a specified file path is loaded in the target process.
/// </summary>
/// <param name="modulePath">The absolute path of the module (including extension).</param>
/// <returns>0 if the operation fails, else an address.</returns>
public IntPtr GetModuleHandleFromPath(string modulePath)
{
string fullPath = Path.GetFullPath(modulePath);
foreach (var module in Safety.TryGetModules(_process))
{
if (Path.GetFullPath(module.ModulePath) == fullPath)
{
return(module.BaseAddress);
}
}
return(IntPtr.Zero);
}