public void CreateRemoteThread() { // Arrange var handle = MemoryCore.OpenProcess(ProcessAccessFlags.AllAccess, Resources.ProcessTest.Id); // Act var thread = ThreadCore.CreateRemoteThread(handle, new IntPtr(1), IntPtr.Zero, ThreadCreationFlags.Suspended); var threadId = HandleManipulator.HandleToThreadId(thread); // Assert Assert.IsFalse(thread.IsInvalid); Assert.IsTrue(Resources.ProcessTest.Threads.Cast <ProcessThread>().Any(t => t.Id == threadId)); }
public void AllocateFree() { // Arrange var handle = MemoryCore.OpenProcess(ProcessAccessFlags.AllAccess, Resources.ProcessTest.Id); // Act try { var address = MemoryCore.Allocate(handle, 1); MemoryCore.Free(handle, address); } catch (Win32Exception ex) { Assert.Fail(ex.Message); } }
/// <summary> /// Initializes a new instance of the <see cref="MemorySharp"/> class. /// </summary> /// <param name="process">Process to open.</param> public MemorySharp(Process process) { // Save the reference of the process Native = process; // Open the process with all rights Handle = MemoryCore.OpenProcess(ProcessAccessFlags.AllAccess, process.Id); // Initialize the PEB Peb = new ManagedPeb(this, ManagedPeb.FindPeb(Handle)); // Create instances of the factories Factories = new List <IFactory>(); Factories.AddRange( new IFactory[] { Assembly = new AssemblyFactory(this), Memory = new MemoryFactory(this), Modules = new ModuleFactory(this), Threads = new ThreadFactory(this), Windows = new WindowFactory(this) }); }
public void VirtualProtectExWriteReadBytes() { // Arrange var handle = MemoryCore.OpenProcess(ProcessAccessFlags.AllAccess, Resources.ProcessTest.Id); var expected = new byte[] { 0x90, 0x90, 0x90, 0x90, 0x90 }; var memory = new IntPtr(0x00400000); // Act try { MemoryCore.ChangeProtection(handle, memory, 5, MemoryProtectionFlags.ExecuteReadWrite); MemoryCore.WriteBytes(handle, memory, expected); var actual = MemoryCore.ReadBytes(handle, memory, 5); // Assert CollectionAssert.AreEqual(expected, actual, "The collections are not equal."); } catch (Win32Exception ex) { Assert.Fail(ex.Message); } }