private static ClientSpy InitializeEnhancedClientSpy(Process process)
{
EnhancedClientAnalyzer analyzer = new EnhancedClientAnalyzer(process.MainModule.FileName);
// Keys
int timeDateStamp;
AddressAndRegisters sendKeys;
AddressAndRegisters receiveKeys;
// Detailed analysis if keys not found or version mismatch
RegistryKey key = Registry.LocalMachine.OpenSubKey(RegistryKey, true);
try
{
if (key == null || !TryGetKeys(key, out timeDateStamp, out sendKeys, out receiveKeys, "Enhanced") || analyzer.TimeDateStamp != timeDateStamp)
{
analyzer.Analyze();
if (analyzer.SpyInfo == null)
{
throw new SpyException("Error finding enhanced client keys");
}
else if (!analyzer.SpyInfo.FoundSend && !analyzer.SpyInfo.FoundReceive)
{
throw new SpyException("Cannot find send and receive enhanced client keys");
}
else if (!analyzer.SpyInfo.FoundSend)
{
throw new SpyException("Cannot find send enhanced client key");
}
else if (!analyzer.SpyInfo.FoundReceive)
{
throw new SpyException("Cannot find receive enhanced client key");
}
timeDateStamp = analyzer.TimeDateStamp;
sendKeys = new AddressAndRegisters((int)analyzer.SpyInfo.SendAddress, analyzer.SpyInfo.SendAddressRegister, analyzer.SpyInfo.SendLengthRegister);
receiveKeys = new AddressAndRegisters((int)analyzer.SpyInfo.ReceiveAddress, analyzer.SpyInfo.ReceiveAddressRegister, analyzer.SpyInfo.ReceiveLengthRegister);
// Save
if (key == null)
{
key = Registry.LocalMachine.CreateSubKey(RegistryKey, RegistryKeyPermissionCheck.ReadWriteSubTree);
}
SaveKeys(key, timeDateStamp, sendKeys, receiveKeys, "Enhanced");
}
}
finally
{
if (key != null)
{
key.Close();
}
}
// Client
return(new EnhancedClientSpy(sendKeys, receiveKeys));
}
private static void SaveKeys(RegistryKey key, int timeDateStamp, AddressAndRegisters sendKeys, AddressAndRegisters receiveKeys, string type)
{
if (key != null)
{
key.SetValue(type + TimeDateStamp, timeDateStamp, RegistryValueKind.DWord);
key.SetValue(type + SendAddress, sendKeys.Address, RegistryValueKind.DWord);
key.SetValue(type + SendAddressRegister, sendKeys.DataAddressRegister, RegistryValueKind.DWord);
key.SetValue(type + SendLengthRegister, sendKeys.DataLengthRegister, RegistryValueKind.DWord);
key.SetValue(type + ReceiveAddress, receiveKeys.Address, RegistryValueKind.DWord);
key.SetValue(type + ReceiveAddressRegister, receiveKeys.DataAddressRegister, RegistryValueKind.DWord);
key.SetValue(type + ReceiveLengthRegister, receiveKeys.DataLengthRegister, RegistryValueKind.DWord);
}
}
private static bool TryGetKeys(RegistryKey key, out int timeDateStamp, out AddressAndRegisters sendKeys, out AddressAndRegisters receiveKeys, string type)
{
timeDateStamp = 0;
sendKeys = null;
receiveKeys = null;
if (key != null)
{
int?timeDateStampValue = key.GetValue(type + TimeDateStamp) as int?;
if (timeDateStampValue != null)
{
timeDateStamp = (int)timeDateStampValue;
}
int?sendAddress = key.GetValue(type + SendAddress) as int?;
int?sendAddressRegister = key.GetValue(type + SendAddressRegister) as int?;
int?sendLengthRegister = key.GetValue(type + SendLengthRegister) as int?;
if (sendAddress != null && sendAddress != 0 &&
sendAddressRegister != null && sendAddressRegister != 0 &&
sendLengthRegister != null && sendLengthRegister != 0)
{
sendKeys = new AddressAndRegisters((int)sendAddress, (Register)sendAddressRegister, (Register)sendLengthRegister);
}
int?receiveAddress = key.GetValue(type + ReceiveAddress) as int?;
int?receiveAddressRegister = key.GetValue(type + ReceiveAddressRegister) as int?;
int?receiveLengthRegister = key.GetValue(type + ReceiveLengthRegister) as int?;
if (receiveAddress != null && receiveAddress != 0 &&
receiveLengthRegister != null && receiveLengthRegister != 0 &&
receiveLengthRegister != null && receiveLengthRegister != 0)
{
receiveKeys = new AddressAndRegisters((int)receiveAddress, (Register)receiveAddressRegister, (Register)receiveLengthRegister);
}
return(timeDateStamp != 0 && sendKeys != null && receiveKeys != null);
}
return(false);
}
/// <summary>
/// Constructs a new instance of EnhancedClientSpy.
/// </summary>
public EnhancedClientSpy( AddressAndRegisters sendInfo, AddressAndRegisters receiveInfo )
: base(sendInfo, receiveInfo)
{
}
/// <summary>
/// Constructs a new instance of ClassicPacketSpy.
/// </summary>
/// <param name="debugProtectionAddress1">Debug protection address 1.</param>
/// <param name="debugProtectionAddress2">Debug protection address 2.</param>
public ClassicClientSpy( AddressAndRegisters sendInfo, AddressAndRegisters receiveInfo, uint debugProtectionAddress1, uint debugProtectionAddress2 )
: base(sendInfo, receiveInfo)
{
_DebugProtectionAddress1 = debugProtectionAddress1;
_DebugProtectionAddress2 = debugProtectionAddress2;
}
/// <summary>
/// Constructs a new instance of EnhancedClientSpy.
/// </summary>
public EnhancedClientSpy(AddressAndRegisters sendInfo, AddressAndRegisters receiveInfo) : base(sendInfo, receiveInfo)
{
}
private static ClientSpy InitializeClassicClientSpy(Process process)
{
ClassicClientAnalyzer analyzer = new ClassicClientAnalyzer(process.MainModule.FileName);
// Keys
int debugProtection1 = 0;
int debugProtection2 = 0;
int timeDateStamp;
AddressAndRegisters sendKeys;
AddressAndRegisters receiveKeys;
// Detailed analysis if keys not found or version mismatch
RegistryKey key = Registry.LocalMachine.OpenSubKey(RegistryKey, true);
try
{
if (key == null || !TryGetKeys(key, out timeDateStamp, out sendKeys, out receiveKeys, "Classic") || analyzer.TimeDateStamp != timeDateStamp)
{
analyzer.Analyze();
if (!analyzer.FoundDebugProtectionAddress1 || !analyzer.FoundDebugProtectionAddress2)
{
throw new SpyException("Cannot find debug protection");
}
else if (analyzer.SpyInfo == null)
{
throw new SpyException("Error finding classic client keys");
}
else if (!analyzer.SpyInfo.FoundSend && !analyzer.SpyInfo.FoundReceive)
{
throw new SpyException("Cannot find send and receive classic client keys");
}
else if (!analyzer.SpyInfo.FoundSend)
{
throw new SpyException("Cannot find send classic client key");
}
else if (!analyzer.SpyInfo.FoundReceive)
{
throw new SpyException("Cannot find receive classic client key");
}
timeDateStamp = analyzer.TimeDateStamp;
sendKeys = new AddressAndRegisters((int)analyzer.SpyInfo.SendAddress, analyzer.SpyInfo.SendAddressRegister, analyzer.SpyInfo.SendLengthRegister);
receiveKeys = new AddressAndRegisters((int)analyzer.SpyInfo.ReceiveAddress, analyzer.SpyInfo.ReceiveAddressRegister, analyzer.SpyInfo.ReceiveLengthRegister);
debugProtection1 = analyzer.DebugProtectionAddress1;
debugProtection2 = analyzer.DebugProtectionAddress2;
// Save
if (key == null)
{
key = Registry.LocalMachine.CreateSubKey(RegistryKey, RegistryKeyPermissionCheck.ReadWriteSubTree);
}
key.SetValue(DebugProtection1, debugProtection1);
key.SetValue(DebugProtection2, debugProtection2);
SaveKeys(key, timeDateStamp, sendKeys, receiveKeys, "Classic");
}
else if (key != null)
{
int?debugProtectionValue = key.GetValue(DebugProtection1) as int?;
if (debugProtectionValue != null)
{
debugProtection1 = (int)debugProtectionValue;
}
debugProtectionValue = key.GetValue(DebugProtection2) as int?;
if (debugProtectionValue is int)
{
debugProtection2 = (int)debugProtectionValue;
}
if (debugProtection1 == 0 || debugProtection2 == 0)
{
throw new SpyException("Cannot find debug protection");
}
}
}
finally
{
if (key != null)
{
key.Close();
}
}
// Client
return(new ClassicClientSpy(sendKeys, receiveKeys, (uint)debugProtection1, (uint)debugProtection2));
}
private static void SaveKeys( RegistryKey key, int timeDateStamp, AddressAndRegisters sendKeys, AddressAndRegisters receiveKeys, string type )
{
if ( key != null )
{
key.SetValue( type + TimeDateStamp, timeDateStamp, RegistryValueKind.DWord );
key.SetValue( type + SendAddress, sendKeys.Address, RegistryValueKind.DWord );
key.SetValue( type + SendAddressRegister, sendKeys.DataAddressRegister, RegistryValueKind.DWord );
key.SetValue( type + SendLengthRegister, sendKeys.DataLengthRegister, RegistryValueKind.DWord );
key.SetValue( type + ReceiveAddress, receiveKeys.Address, RegistryValueKind.DWord );
key.SetValue( type + ReceiveAddressRegister, receiveKeys.DataAddressRegister, RegistryValueKind.DWord );
key.SetValue( type + ReceiveLengthRegister, receiveKeys.DataLengthRegister, RegistryValueKind.DWord );
}
}
private static bool TryGetKeys( RegistryKey key, out int timeDateStamp, out AddressAndRegisters sendKeys, out AddressAndRegisters receiveKeys, string type )
{
timeDateStamp = 0;
sendKeys = null;
receiveKeys = null;
if ( key != null )
{
int? timeDateStampValue = key.GetValue( type + TimeDateStamp ) as int?;
if ( timeDateStampValue != null )
timeDateStamp = (int) timeDateStampValue;
int? sendAddress = key.GetValue( type + SendAddress ) as int?;
int? sendAddressRegister = key.GetValue( type + SendAddressRegister ) as int?;
int? sendLengthRegister = key.GetValue( type + SendLengthRegister ) as int?;
if ( sendAddress != null && sendAddress != 0 &&
sendAddressRegister != null && sendAddressRegister != 0 &&
sendLengthRegister != null && sendLengthRegister != 0 )
sendKeys = new AddressAndRegisters( (int) sendAddress, (Register) sendAddressRegister, (Register) sendLengthRegister );
int? receiveAddress = key.GetValue( type + ReceiveAddress ) as int?;
int? receiveAddressRegister = key.GetValue( type + ReceiveAddressRegister ) as int?;
int? receiveLengthRegister = key.GetValue( type + ReceiveLengthRegister ) as int?;
if ( receiveAddress != null && receiveAddress != 0 &&
receiveLengthRegister != null && receiveLengthRegister != 0 &&
receiveLengthRegister != null && receiveLengthRegister != 0 )
receiveKeys = new AddressAndRegisters( (int) receiveAddress, (Register) receiveAddressRegister, (Register) receiveLengthRegister );
return timeDateStamp != 0 && sendKeys != null && receiveKeys != null;
}
return false;
}
private static ClientSpy InitializeEnhancedClientSpy( Process process )
{
EnhancedClientAnalyzer analyzer = new EnhancedClientAnalyzer( process.MainModule.FileName );
// Keys
int timeDateStamp;
AddressAndRegisters sendKeys;
AddressAndRegisters receiveKeys;
// Detailed analysis if keys not found or version mismatch
RegistryKey key = Registry.LocalMachine.OpenSubKey( RegistryKey, true );
try
{
if ( key == null || !TryGetKeys( key, out timeDateStamp, out sendKeys, out receiveKeys, "Enhanced" ) || analyzer.TimeDateStamp != timeDateStamp )
{
analyzer.Analyze();
if ( analyzer.SpyInfo == null )
throw new SpyException( "Error finding enhanced client keys" );
else if ( !analyzer.SpyInfo.FoundSend && !analyzer.SpyInfo.FoundReceive )
throw new SpyException( "Cannot find send and receive enhanced client keys" );
else if ( !analyzer.SpyInfo.FoundSend )
throw new SpyException( "Cannot find send enhanced client key" );
else if ( !analyzer.SpyInfo.FoundReceive )
throw new SpyException( "Cannot find receive enhanced client key" );
timeDateStamp = analyzer.TimeDateStamp;
sendKeys = new AddressAndRegisters( (int) analyzer.SpyInfo.SendAddress, analyzer.SpyInfo.SendAddressRegister, analyzer.SpyInfo.SendLengthRegister );
receiveKeys = new AddressAndRegisters( (int) analyzer.SpyInfo.ReceiveAddress, analyzer.SpyInfo.ReceiveAddressRegister, analyzer.SpyInfo.ReceiveLengthRegister );
// Save
if ( key == null )
key = Registry.LocalMachine.CreateSubKey( RegistryKey, RegistryKeyPermissionCheck.ReadWriteSubTree );
SaveKeys( key, timeDateStamp, sendKeys, receiveKeys, "Enhanced" );
}
}
finally
{
if ( key != null )
key.Close();
}
// Client
return new EnhancedClientSpy( sendKeys, receiveKeys );
}
private static ClientSpy InitializeClassicClientSpy( Process process )
{
ClassicClientAnalyzer analyzer = new ClassicClientAnalyzer( process.MainModule.FileName );
// Keys
int debugProtection1 = 0;
int debugProtection2 = 0;
int timeDateStamp;
AddressAndRegisters sendKeys;
AddressAndRegisters receiveKeys;
// Detailed analysis if keys not found or version mismatch
RegistryKey key = Registry.LocalMachine.OpenSubKey( RegistryKey, true );
try
{
if ( key == null || !TryGetKeys( key, out timeDateStamp, out sendKeys, out receiveKeys, "Classic" ) || analyzer.TimeDateStamp != timeDateStamp )
{
analyzer.Analyze();
if ( !analyzer.FoundDebugProtectionAddress1 || !analyzer.FoundDebugProtectionAddress2 )
throw new SpyException( "Cannot find debug protection" );
else if ( analyzer.SpyInfo == null )
throw new SpyException( "Error finding classic client keys" );
else if ( !analyzer.SpyInfo.FoundSend && !analyzer.SpyInfo.FoundReceive )
throw new SpyException( "Cannot find send and receive classic client keys" );
else if ( !analyzer.SpyInfo.FoundSend )
throw new SpyException( "Cannot find send classic client key" );
else if ( !analyzer.SpyInfo.FoundReceive )
throw new SpyException( "Cannot find receive classic client key" );
timeDateStamp = analyzer.TimeDateStamp;
sendKeys = new AddressAndRegisters( (int) analyzer.SpyInfo.SendAddress, analyzer.SpyInfo.SendAddressRegister, analyzer.SpyInfo.SendLengthRegister );
receiveKeys = new AddressAndRegisters( (int) analyzer.SpyInfo.ReceiveAddress, analyzer.SpyInfo.ReceiveAddressRegister, analyzer.SpyInfo.ReceiveLengthRegister );
debugProtection1 = analyzer.DebugProtectionAddress1;
debugProtection2 = analyzer.DebugProtectionAddress2;
// Save
if ( key == null )
key = Registry.LocalMachine.CreateSubKey( RegistryKey, RegistryKeyPermissionCheck.ReadWriteSubTree );
key.SetValue( DebugProtection1, debugProtection1 );
key.SetValue( DebugProtection2, debugProtection2 );
SaveKeys( key, timeDateStamp, sendKeys, receiveKeys, "Classic" );
}
else if ( key != null )
{
int? debugProtectionValue = key.GetValue( DebugProtection1 ) as int?;
if ( debugProtectionValue != null )
debugProtection1 = (int) debugProtectionValue;
debugProtectionValue = key.GetValue( DebugProtection2 ) as int?;
if ( debugProtectionValue is int )
debugProtection2 = (int) debugProtectionValue;
if ( debugProtection1 == 0 || debugProtection2 == 0 )
throw new SpyException( "Cannot find debug protection" );
}
}
finally
{
if ( key != null )
key.Close();
}
// Client
return new ClassicClientSpy( sendKeys, receiveKeys, (uint) debugProtection1, (uint) debugProtection2 );
}
/// <summary>
/// Constructs a new instance of ClassicPacketSpy.
/// </summary>
/// <param name="sendKeys">Client send info.</param>
/// <param name="receiveKeys">Client receive info.</param>
public ClientSpy( AddressAndRegisters sendKeys, AddressAndRegisters receiveKeys )
{
_SendKeys = sendKeys;
_ReceiveKeys = receiveKeys;
}
/// <summary>
/// Constructs a new instance of ClassicPacketSpy.
/// </summary>
/// <param name="sendKeys">Client send info.</param>
/// <param name="receiveKeys">Client receive info.</param>
public ClientSpy(AddressAndRegisters sendKeys, AddressAndRegisters receiveKeys)
{
_SendKeys = sendKeys;
_ReceiveKeys = receiveKeys;
}
/// <summary>
/// Constructs a new instance of ClassicPacketSpy.
/// </summary>
/// <param name="debugProtectionAddress1">Debug protection address 1.</param>
/// <param name="debugProtectionAddress2">Debug protection address 2.</param>
public ClassicClientSpy(AddressAndRegisters sendInfo, AddressAndRegisters receiveInfo, uint debugProtectionAddress1, uint debugProtectionAddress2) : base(sendInfo, receiveInfo)
{
_DebugProtectionAddress1 = debugProtectionAddress1;
_DebugProtectionAddress2 = debugProtectionAddress2;
}
