C# (CSharp) WjeWar WriteMemory.WriteProcessMemory Exemples

Exemple #1

Fichier : DllInject.cs Projet : wuethan/wjewar

        public static bool inject(byte[] fileByte, string proName, string path, string dllname)
        {
            const UInt32 INFINITE = 0xFFFFFFFF;
            const Int32  PAGE_EXECUTE_READWRITE = 0x40;
            const Int32  MEM_COMMIT             = 0x1000;
            const Int32  MEM_RESERVE            = 0x2000;
            Int32        AllocBaseAddress;

            string dllPath = path + "\\" + dllname;

            if (!System.IO.File.Exists(dllPath))
            {
                FileManage.FileCreate(fileByte, path, dllname);
            }

            Process[] process = Process.GetProcessesByName(proName);
            IntPtr    hWnd    = process[0].Handle;

            int umstrcnt = Encoding.Default.GetByteCount(dllPath);

            AllocBaseAddress = VirtualAllocEx(hWnd, 0, umstrcnt, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);

            IntPtr AddrWM = Marshal.StringToHGlobalAnsi(dllPath);

            int  readSize;
            bool isWrite = WriteMemory.WriteProcessMemory(hWnd, AllocBaseAddress, (int)AddrWM, umstrcnt, out readSize);

            Marshal.FreeHGlobal(AddrWM);

            int loadaddr = GetProcAddress(GetModuleHandleA("kernel32.dll"), "LoadLibraryA");

            IntPtr ThreadHwnd = (IntPtr)CreateRemoteThread(hWnd, 0, 0, loadaddr, AllocBaseAddress, 0, 0);

            WaitForSingleObject(ThreadHwnd, INFINITE);

            return(true);
        }

Exemple #2

Fichier : DllInject.cs Projet : wuethan/wjewar

        public static bool ManaStart(string dllname, bool isMana)
        {
            bool   IsHaveFun = true;
            IntPtr Handle    = (IntPtr)0;
            string filePath  = "";
            int    baseaddress;
            int    temp = 0;
            int    Kernddr;
            int    yan;
            bool   ManaState = true;

            int dlllength;

            dlllength = dllname.Length + 1;

            Process[] process = Process.GetProcessesByName(War.ProcessName);

            Handle   = process[0].Handle;
            filePath = War.Path;

            baseaddress = VirtualAllocEx(Handle, 0, dlllength, 4096, 4);                   //申请内存空间

            WriteMemory.WriteProcessMemory(Handle, baseaddress, dllname, dlllength, temp); //写内存

            Kernddr = GetProcAddress(GetModuleHandleA("Kernel32"), "LoadLibraryA");        //取得loadlibarary在kernek32.dll地址

            yan = CreateRemoteThread(Handle, 0, 0, Kernddr, baseaddress, 0, temp);         //创建远程线程。

            if (yan != 0)
            {
                ManaState = true;
            }

            if (ManaState && isMana)
            {
                byte[] manaByte = WjeWar.Properties.Resources.mana;


                if (!System.IO.File.Exists(filePath + "\\" + dllname))
                {
                    System.IO.FileStream fs = new System.IO.FileStream(filePath + "\\" + dllname, System.IO.FileMode.Create, System.IO.FileAccess.ReadWrite);
                    fs.Write(manaByte, 0, manaByte.Length);
                    fs.Flush();
                    fs.Close();
                }

                IntPtr ManaDll = LoadLibrary(filePath + "\\" + dllname);

                if (ManaDll != IntPtr.Zero)
                {
                    IntPtr api = GetProcAddress(ManaDll, "HaveFun");
                    try
                    {
                        HaveFun HaveFun = (HaveFun)(Delegate)Marshal.GetDelegateForFunctionPointer(api, typeof(HaveFun));
                        IsHaveFun = HaveFun();
                    }
                    catch (Exception ex)
                    {
                        Console.WriteLine(ex.Message.ToString());
                    }
                }
            }

            return(IsHaveFun);
        }