public int ReadMultiLevelPointer(int MemoryAddress, uint bytesToRead, Int32[] offsetList)
{
IntPtr procHandle = ProcessMemoryReaderApi.OpenProcess(ProcessMemoryReaderApi.PROCESS_VM_READ | ProcessMemoryReaderApi.PROCESS_VM_WRITE | ProcessMemoryReaderApi.PROCESS_VM_OPERATION, 1, (uint)m_ReadProcess.Id);
IntPtr pointer = (IntPtr)0x0;
//IF THE PROCESS isnt available we return nothing
if (procHandle == IntPtr.Zero)
{
return(0);
}
byte[] btBuffer = new byte[bytesToRead];
IntPtr lpOutStorage = IntPtr.Zero;
int pointerAddy = MemoryAddress;
//int pointerTemp = 0;
for (int i = 0; i < (offsetList.Length); i++)
{
if (i == 0)
{
ProcessMemoryReaderApi.ReadProcessMemory(procHandle, (IntPtr)(pointerAddy), btBuffer, (uint)btBuffer.Length, out lpOutStorage);
}
pointerAddy = (BitConverter.ToInt32(btBuffer, 0) + offsetList[i]);
//string pointerAddyHEX = pointerAddy.ToString("X");
ProcessMemoryReaderApi.ReadProcessMemory(procHandle, (IntPtr)(pointerAddy), btBuffer, (uint)btBuffer.Length, out lpOutStorage);
}
return(pointerAddy);
}
public void CloseHandle()
{
if (ProcessMemoryReaderApi.CloseHandle(this.m_hProcess) == 0)
{
throw new Exception("CloseHandle failed");
}
}
public void WriteProcessMemory(IntPtr MemoryAddress, byte[] bytesToWrite, out int bytesWritten)
{
IntPtr ptrBytesWritten;
ProcessMemoryReaderApi.WriteProcessMemory(m_hProcess, MemoryAddress, bytesToWrite, (uint)bytesToWrite.Length, out ptrBytesWritten);
bytesWritten = ptrBytesWritten.ToInt32();
}
public void OpenProcess()
{
// m_hProcess = ProcessMemoryReaderApi.OpenProcess(ProcessMemoryReaderApi.PROCESS_VM_READ, 1, (uint)m_ReadProcess.Id);
ProcessMemoryReaderApi.ProcessAccessType access;
access = ProcessMemoryReaderApi.ProcessAccessType.PROCESS_VM_READ
| ProcessMemoryReaderApi.ProcessAccessType.PROCESS_VM_WRITE
| ProcessMemoryReaderApi.ProcessAccessType.PROCESS_VM_OPERATION;
m_hProcess = ProcessMemoryReaderApi.OpenProcess((uint)access, 1, (uint)m_ReadProcess.Id);
}
public byte[] ReadProcessMemory(IntPtr MemoryAddress, uint bytesToRead, out int bytesReaded)
{
IntPtr ptr;
byte[] buffer = new byte[bytesToRead];
ProcessMemoryReaderApi.ReadProcessMemory(this.m_hProcess, MemoryAddress, buffer, bytesToRead, out ptr);
bytesReaded = ptr.ToInt32();
return(buffer);
}
public void CloseHandle()
{
int iRetValue;
iRetValue = ProcessMemoryReaderApi.CloseHandle(m_hProcess);
if (iRetValue == 0)
{
throw new Exception("CloseHandle failed");
}
}
public byte[] ReadAMem(IntPtr MemoryAddress, uint bytesToRead, out int bytesReaded)
{
byte[] buffer = new byte[bytesToRead];
IntPtr ptrBytesReaded;
ProcessMemoryReaderApi.ReadProcessMemory(m_hProcess, MemoryAddress, buffer, bytesToRead, out ptrBytesReaded);
bytesReaded = ptrBytesReaded.ToInt32();
return(buffer);
}
public static IntPtr FindDMAAddy(IntPtr hProc, IntPtr ptr, int[] offsets)
{
var buffer = new byte[IntPtr.Size];
foreach (int i in offsets)
{
ProcessMemoryReaderApi.ReadProcessMemory(hProc, ptr, buffer, (uint)buffer.Length, out var read);
ptr = (IntPtr.Size == 4)
? IntPtr.Add(new IntPtr(BitConverter.ToInt32(buffer, 0)), i)
: ptr = IntPtr.Add(new IntPtr(BitConverter.ToInt64(buffer, 0)), i);
}
return(ptr);
}
public int ReadMem(int MemoryAddress, uint bytesToRead, out byte[] buffer)
{
IntPtr procHandle = ProcessMemoryReaderApi.OpenProcess(ProcessMemoryReaderApi.PROCESS_VM_READ | ProcessMemoryReaderApi.PROCESS_VM_WRITE | ProcessMemoryReaderApi.PROCESS_VM_OPERATION, 1, (uint)m_ReadProcess.Id);
if (procHandle == IntPtr.Zero)
{
buffer = new byte[0];
return(0);
}
buffer = new byte[bytesToRead];
IntPtr ptrBytesReaded;
ProcessMemoryReaderApi.ReadProcessMemory(procHandle, (IntPtr)MemoryAddress, buffer, bytesToRead, out ptrBytesReaded);
ProcessMemoryReaderApi.CloseHandle(procHandle);
return(ptrBytesReaded.ToInt32());
}
public int WriteMem(int MemoryAddress, byte[] buf)
{
IntPtr procHandle = ProcessMemoryReaderApi.OpenProcess(ProcessMemoryReaderApi.PROCESS_VM_READ | ProcessMemoryReaderApi.PROCESS_VM_WRITE | ProcessMemoryReaderApi.PROCESS_VM_OPERATION, 1, (uint)m_ReadProcess.Id);
if (procHandle == IntPtr.Zero)
{
return(0);
}
uint oldProtect;
ProcessMemoryReaderApi.VirtualProtectEx(procHandle, (IntPtr)MemoryAddress, (uint)buf.Length, ProcessMemoryReaderApi.PAGE_READWRITE, out oldProtect);
IntPtr ptrBytesWritten;
ProcessMemoryReaderApi.WriteProcessMemory(procHandle, (IntPtr)MemoryAddress, buf, (uint)buf.Length, out ptrBytesWritten);
ProcessMemoryReaderApi.CloseHandle(procHandle);
return(ptrBytesWritten.ToInt32());
}
public void OpenProcess()
{
m_hProcess = ProcessMemoryReaderApi.OpenProcess(ProcessMemoryReaderApi.PROCESS_VM_READ, 1, (uint)m_ReadProcess.Id);
}
public void OpenProcess()
{
m_hProcess = ProcessMemoryReaderApi.OpenProcess(ProcessMemoryReaderApi.PROCESS_VM_READ | ProcessMemoryReaderApi.PROCESS_VM_WRITE | ProcessMemoryReaderApi.PROCESS_VM_OPERATION, 1, (uint)m_ReadProcess.Id);
}
public void OpenProcess()
{
this.m_hProcess = ProcessMemoryReaderApi.OpenProcess(0x10, 1, (uint)this.m_ReadProcess.Id);
}