public MemoryIO GetMetaBlock(out long position)
{
//Prepare
MemoryIO meta = null;
//Open?
bool open = io.Open;
if (!open)
{
io.OpenIO();
}
//Get Position
position = header.IndexOffset + header.IndexLength;
//Read
io.Position = position;
meta = new MemoryIO(io.In.ReadBytes(header.MetaLength));
//Close?
if (!open)
{
io.CloseIO();
}
//Return
return(meta);
}
private byte[] ReadFromRVA(uint rva, int size)
{
if (IsDynamic)
{
return(null);
}
ulong addr = _clrModule.ImageBase;
Debug.Assert(addr != 0);
if (addr == 0)
{
return(null);
}
var offs = RVAToAddressOffset(rva);
if (offs == null)
{
return(null);
}
addr += offs.Value;
byte[] data = new byte[size];
MemoryIO.ReadBytes(_processId, (IntPtr)_clrModule.ImageBase, data, out uint numOfRead);
data = data.Take((int)numOfRead).ToArray();
//var data = module.Process.CorProcess.ReadMemory(addr, size);
Debug.Assert(data != null && data.Length == size);
return(data);
}
private ImageSectionHeader[] GetOrCreateSectionHeaders()
{
var h = _sectionHeaders;
if (h != null)
{
return(h);
}
try
{
ulong addr = _clrModule.ImageBase;
if (addr == 0)
{
return(_sectionHeaders = ArrayAddIn.Empty <ImageSectionHeader>());
}
var data = new byte[0x1000];
//module.Process.CorProcess.ReadMemory(module.Address, data, 0, data.Length, out int sizeRead);
MemoryIO.ReadBytes(_processId, (IntPtr)_clrModule.ImageBase, data);
using (var peImage = new PEImage(data, !IsDynamic && IsInMemory ? ImageLayout.File : ImageLayout.Memory, true))
return(_sectionHeaders = peImage.ImageSectionHeaders.ToArray());
}
catch
{
Debug.Fail("Couldn't read section headers");
}
return(_sectionHeaders = ArrayAddIn.Empty <ImageSectionHeader>());
}
private bool TryFindVerilogMemPort(string ioName, MemoryIO memory, out IContainerIO foundIO)
{
foreach (MemPort port in memory.GetIOInOrder())
{
if (ioName.Contains(port.Name))
{
int portNameStart = ioName.IndexOf(port.Name);
string remaining = ioName.Substring(0, portNameStart);
string portPath = ioName.Substring(portNameStart);
if (TryFindIO(portPath, memory, false, out foundIO))
{
if (foundIO is ScalarIO)
{
return(true);
}
if (TryFindIO(remaining, foundIO, false, out var fullFoundIO))
{
if (fullFoundIO is not ScalarIO)
{
foundIO = null;
return(false);
}
foundIO = fullFoundIO;
return(true);
}
}
}
}
foundIO = null;
return(false);
}
public void Invoke()
{
int blockSize = 512;
Configuration.VolumeName = FilePath;
if (BytesPerSlice > int.MaxValue)
{
throw new CommandLineArgumentException("Argument to -s is too large.");
}
int bytesPerSlice = (int)BytesPerSlice;
Geometry g = new Geometry(bytesPerSlice, ReedSolomon.N, ReedSolomon.K, TrackCount);
Configuration.Geometry = g;
Configuration.FileSystemID = Guid.NewGuid();
Options options = Options.None;
if (doNotVerifyHashes)
{
options |= Options.DoNotVerifyClusterHashes;
}
if (doNotVerifySignatures)
{
options |= Options.DoNotVerifyClusterSignatures;
}
Configuration.Options = options;
CngKey encryptionKey = CryptoSettingsOptions.GetEncryptionKey();
CngKey decryptionKey = CryptoSettingsOptions.GetDecryptionKey();
CngKey signingKey = CryptoSettingsOptions.GetSigningKey();
Configuration.CryptoSettings = new CryptoSettings(decryptionKey, signingKey, encryptionKey);
long size = g.CalculateFileSystemSize(blockSize);
if (size > int.MaxValue)
{
throw new CommandLineArgumentException("File system size is too large.");
}
using (MemoryIO io = new MemoryIO((int)size, blockSize))
using (FileStream fio = new FileStream(FilePath, FileMode.Create, FileAccess.Write)) {
using (var f = FileSystem.Create(io)) { }
fio.Write(io.Bytes, 0, (int)io.SizeBytes);
}
}
public Memory(string name, FIRIO inputType, ulong size, int readLatency, int writeLatency, ReadUnderWrite ruw, FirrtlNode defNode) : base(defNode)
{
if (!inputType.IsPassiveOfType <Input>())
{
throw new Exception("Input type must be a passive input type.");
}
this.Name = name;
this.InputType = inputType.Copy(this);
this.Size = size;
this.ReadLatency = readLatency;
this.WriteLatency = writeLatency;
this.RUW = ruw;
this.MemIO = new MemoryIO(this, name, new List <FIRIO>(), InputType, GetAddressWidth());
}
static void Main(string[] args)
{
uint processId;
Pointer pointer;
int value;
processId = (uint)Process.Start("Tutorial-i386.exe").Id;
Console.WriteLine("Go to \"Step 6\" then continue");
Console.ReadKey();
pointer = new Pointer("Tutorial-i386.exe", 0x1FD630, 0);
MemoryIO.ReadInt32(processId, pointer, out value);
Console.WriteLine($"Current value:{value}. Now we lock it");
while (true)
{
MemoryIO.WriteInt32(processId, pointer, 5000);
Thread.Sleep(1);
}
}
public static byte[] Copy(uint processId, IntPtr processHandle, IntPtr moduleHandle, bool is64)
{
byte[] buffer;
buffer = new byte[GetImageSize(processHandle, moduleHandle, is64)];
MemoryIO.EnumPages(processId, moduleHandle, pageInfo =>
{
int startOffset;
int endOffset;
startOffset = (int)((ulong)pageInfo.Address - (ulong)moduleHandle);
//以p为起点,远程进程中页面起点映射到buffer中的偏移
endOffset = startOffset + (int)pageInfo.Size;
//以p为起点,远程进程中页面终点映射到buffer中的偏移
fixed(byte *p = buffer)
if (startOffset < 0)
{
//页面前半部分超出buffer
ReadProcessMemory(processHandle, moduleHandle, p, (size_t)((ulong)pageInfo.Size - ((ulong)moduleHandle - (ulong)pageInfo.Address)), null);
return(true);
}
else
{
if (endOffset <= buffer.Length)
{
//整个页面都可以存入buffer
ReadProcessMemory(processHandle, pageInfo.Address, p + startOffset, pageInfo.Size, null);
return(true);
}
else
{
//页面后半部分/全部超出buffer
ReadProcessMemory(processHandle, pageInfo.Address, p + startOffset, pageInfo.Size - (endOffset - buffer.Length), null);
return(false);
}
}
});
return(buffer);
}
public void Invoke()
{
int blockSize = 512;
Options options = Options.None;
if (doNotVerifyHashes)
{
options |= Options.DoNotVerifyClusterHashes;
}
if (doNotVerifySignatures)
{
options |= Options.DoNotVerifyClusterSignatures;
}
Configuration.Options = options;
CngKey encryptionKey = CryptoSettingsOptions.GetEncryptionKey();
CngKey decryptionKey = CryptoSettingsOptions.GetDecryptionKey();
CngKey signingKey = CryptoSettingsOptions.GetSigningKey();
Configuration.CryptoSettings = new CryptoSettings(decryptionKey, signingKey, encryptionKey);
long size = new FileInfo(FilePath).Length;
using (MemoryIO io = new MemoryIO((int)size, blockSize))
using (FileStream fio = new FileStream(FilePath, FileMode.Open)) {
fio.Read(io.Bytes, 0, (int)io.SizeBytes);
using (var fs = FileSystem.Mount(io)) {
SRFSDokan d = new SRFSDokan(fs);
d.Mount("S:\\");
}
fio.Position = 0;
fio.Write(io.Bytes, 0, (int)io.SizeBytes);
}
}
/// <summary>
/// 枚举模块导出函数
/// </summary>
/// <param name="processHandle">进程句柄</param>
/// <param name="moduleHandle">模块句柄</param>
/// <param name="callback">回调函数</param>
/// <returns></returns>
internal static bool EnumFunctionsInternal(IntPtr processHandle, IntPtr moduleHandle, EnumFunctionsCallback callback)
{
int ntHeaderOffset;
bool is64;
int iedRVA;
IMAGE_EXPORT_DIRECTORY ied;
int[] nameOffsets;
string functionName;
short ordinal;
int addressOffset;
if (!MemoryIO.ReadInt32Internal(processHandle, moduleHandle + 0x3C, out ntHeaderOffset))
{
return(false);
}
if (!Process32.Is64BitProcessInternal(processHandle, out is64))
{
return(false);
}
if (is64)
{
if (!MemoryIO.ReadInt32Internal(processHandle, moduleHandle + ntHeaderOffset + 0x88, out iedRVA))
{
return(false);
}
}
else
{
if (!MemoryIO.ReadInt32Internal(processHandle, moduleHandle + ntHeaderOffset + 0x78, out iedRVA))
{
return(false);
}
}
if (!ReadProcessMemory(processHandle, moduleHandle + iedRVA, &ied, (size_t)40, null))
{
return(false);
}
if (ied.NumberOfNames == 0)
{
//无按名称导出函数
return(true);
}
nameOffsets = new int[ied.NumberOfNames];
fixed(void *p = &nameOffsets[0])
if (!ReadProcessMemory(processHandle, moduleHandle + (int)ied.AddressOfNames, p, (size_t)(ied.NumberOfNames * 4), null))
return(false);
for (int i = 0; i < ied.NumberOfNames; i++)
{
if (!MemoryIO.ReadStringInternal(processHandle, moduleHandle + nameOffsets[i], out functionName, 40, false, Encoding.ASCII))
{
return(false);
}
if (!MemoryIO.ReadInt16Internal(processHandle, moduleHandle + ((int)ied.AddressOfNameOrdinals + i * 2), out ordinal))
{
return(false);
}
if (!MemoryIO.ReadInt32Internal(processHandle, moduleHandle + ((int)ied.AddressOfFunctions + ordinal * 4), out addressOffset))
{
return(false);
}
if (!callback(moduleHandle + addressOffset, functionName, ordinal))
{
return(true);
}
}
return(true);
}
/// <summary>
/// 获取远程进程函数地址
/// </summary>
/// <param name="processHandle">进程句柄</param>
/// <param name="moduleName">模块名</param>
/// <param name="functionName">函数名</param>
/// <returns></returns>
internal static IntPtr GetProcAddressInternal(IntPtr processHandle, string moduleName, string functionName)
{
IntPtr moduleHandle;
int ntHeaderOffset;
bool is64;
int iedRVA;
IMAGE_EXPORT_DIRECTORY ied;
int[] nameOffsets;
string name;
short ordinal;
int addressOffset;
moduleHandle = GetHandleInternal(processHandle, false, moduleName);
if (moduleHandle == IntPtr.Zero)
{
return(IntPtr.Zero);
}
if (!MemoryIO.ReadInt32Internal(processHandle, moduleHandle + 0x3C, out ntHeaderOffset))
{
return(IntPtr.Zero);
}
if (!Process32.Is64BitProcessInternal(processHandle, out is64))
{
return(IntPtr.Zero);
}
if (is64)
{
if (!MemoryIO.ReadInt32Internal(processHandle, moduleHandle + ntHeaderOffset + 0x88, out iedRVA))
{
return(IntPtr.Zero);
}
}
else
{
if (!MemoryIO.ReadInt32Internal(processHandle, moduleHandle + ntHeaderOffset + 0x78, out iedRVA))
{
return(IntPtr.Zero);
}
}
if (!ReadProcessMemory(processHandle, moduleHandle + iedRVA, &ied, (size_t)40, null))
{
return(IntPtr.Zero);
}
nameOffsets = new int[ied.NumberOfNames];
fixed(void *p = &nameOffsets[0])
if (!ReadProcessMemory(processHandle, moduleHandle + (int)ied.AddressOfNames, p, (size_t)(ied.NumberOfNames * 4), null))
return(IntPtr.Zero);
for (int i = 0; i < ied.NumberOfNames; i++)
{
if (!MemoryIO.ReadStringInternal(processHandle, moduleHandle + nameOffsets[i], out name, 40, false, Encoding.ASCII))
{
return(IntPtr.Zero);
}
if (name == functionName)
{
if (!MemoryIO.ReadInt16Internal(processHandle, moduleHandle + (int)ied.AddressOfNameOrdinals + i * 2, out ordinal))
{
return(IntPtr.Zero);
}
if (!MemoryIO.ReadInt32Internal(processHandle, moduleHandle + (int)ied.AddressOfFunctions + ordinal * 4, out addressOffset))
{
return(IntPtr.Zero);
}
return(moduleHandle + addressOffset);
}
}
return(IntPtr.Zero);
}
/// <summary>
/// 杀死函数,让函数不执行任何动作
/// </summary>
/// <param name="entry">函数入口地址</param>
/// <returns></returns>
public static bool Kill(IntPtr entry)
{
return(MemoryIO.WriteByteInternal(CURRENT_PROCESS, entry, 0xC3));
}
