private DSProcess(Process process, bool remastered) { this.process = process; Remastered = remastered; dsInterface = new DSInterface(process, remastered); int size = process.MainModule.ModuleMemorySize; DSInterface.AOBScanner scanner = dsInterface.GetAOBScanner(); if (remastered) { eventFlagPtr = scanner.Scan(DSOffsets.EventFlagsAOBR, 3); } else { eventFlagPtr = scanner.Scan(DSOffsets.EventFlagsAOB); eventFlagPtr = dsInterface.ReadIntPtr(eventFlagPtr + 1); } }
public AOBScanner(Process process, IntPtr handle, DSInterface dsInterface) { this.dsInterface = dsInterface; memRegions = new List<MEMORY_BASIC_INFORMATION>(); IntPtr memRegionAddr = process.MainModule.BaseAddress; IntPtr mainModuleEnd = process.MainModule.BaseAddress + process.MainModule.ModuleMemorySize; uint queryResult; do { MEMORY_BASIC_INFORMATION memInfo = new MEMORY_BASIC_INFORMATION(); queryResult = VirtualQueryEx(handle, memRegionAddr, out memInfo, (uint)Marshal.SizeOf(memInfo)); if (queryResult != 0) { if ((memInfo.State & MEM_COMMIT) != 0 && (memInfo.Protect & PAGE_GUARD) == 0 && (memInfo.Protect & PAGE_EXECUTE_ANY) != 0) memRegions.Add(memInfo); memRegionAddr = (IntPtr)((ulong)memInfo.BaseAddress.ToInt64() + memInfo.RegionSize); } } while (queryResult != 0 && memRegionAddr.ToInt64() < mainModuleEnd.ToInt64()); readMemory = new Dictionary<IntPtr, byte[]>(); foreach (MEMORY_BASIC_INFORMATION memRegion in memRegions) readMemory[memRegion.BaseAddress] = dsInterface.ReadBytes(memRegion.BaseAddress, (int)memRegion.RegionSize); }