public bool WriteProcessMemory(UIntPtr address, byte[] buffer, bool absoluteAddressing = false)
{
int numOfBytes = 0;
if (!absoluteAddressing)
{
address = new UIntPtr(address.ToUInt32() & ~0x80000000U);
}
IntPtr processAddress = absoluteAddressing ? new IntPtr((long)address.ToUInt64()) :
new IntPtr((long)ConvertAddressEndianess(new UIntPtr(address.ToUInt32() + (ulong)ProcessMemoryOffset.ToInt64()), buffer.Length));
// Safety bounds check
if (processAddress.ToInt64() < ProcessMemoryOffset.ToInt64())
{
return(false);
}
if (processAddress.ToInt64() + buffer.Length >= ProcessMemoryOffset.ToInt64() + Config.RamSize)
{
return(false);
}
return(Kernal32NativeMethods.ProcessWriteMemory(_processHandle, processAddress,
buffer, (IntPtr)buffer.Length, ref numOfBytes));
}
public bool ReadProcessMemory(int address, byte[] buffer, bool absoluteAddressing = false)
{
if (_process == null)
{
return(false);
}
int numOfBytes = 0;
return(Kernal32NativeMethods.ProcessReadMemory(_processHandle, absoluteAddressing ? new IntPtr(address) : new IntPtr(address + ProcessMemoryOffset.ToInt64()),
buffer, (IntPtr)buffer.Length, ref numOfBytes));
}
public void Resume()
{
if (!IsSuspended || _process == null)
{
return;
}
// Resume all threads
Kernal32NativeMethods.ResumeProcess(_process);
IsSuspended = false;
OnStatusChanged?.Invoke(this, new EventArgs());
}
public void Suspend()
{
if (IsSuspended || _process == null)
{
return;
}
_lastUpdateBeforePausing = true;
Kernal32NativeMethods.SuspendProcess(_process);
IsSuspended = true;
OnStatusChanged?.Invoke(this, new EventArgs());
}
public static void SuspendProcess(Process process)
{
// Pause all threads
foreach (ProcessThread pT in process.Threads)
{
IntPtr pOpenThread = Kernal32NativeMethods.OpenThread(Kernal32NativeMethods.ThreadAccess.SUSPEND_RESUME, false, (uint)pT.Id);
if (pOpenThread == IntPtr.Zero)
{
continue;
}
Kernal32NativeMethods.SuspendThread(pOpenThread);
Kernal32NativeMethods.CloseHandle(pOpenThread);
}
}
public static void ResumeProcess(Process process)
{
// Resume all threads
foreach (ProcessThread pT in process.Threads)
{
IntPtr pOpenThread = Kernal32NativeMethods.OpenThread(Kernal32NativeMethods.ThreadAccess.SUSPEND_RESUME, false, (uint)pT.Id);
if (pOpenThread == IntPtr.Zero)
{
continue;
}
int suspendCount = 0;
do
{
suspendCount = Kernal32NativeMethods.ResumeThread(pOpenThread);
} while (suspendCount > 0);
Kernal32NativeMethods.CloseHandle(pOpenThread);
}
}
public static bool ProcessReadMemory(IntPtr hProcess,
IntPtr lpBaseAddress, byte[] lpBuffer, IntPtr dwSize, ref int lpNumberOfBytesRead)
{
return(Kernal32NativeMethods.ReadProcessMemory(hProcess, lpBaseAddress, lpBuffer, dwSize, ref lpNumberOfBytesRead));
}
public bool SwitchProcess(Process newProcess, Emulator emulator)
{
lock (_enableLocker)
{
IsEnabled = false;
}
// Make sure old process is running
if (IsSuspended)
{
Resume();
}
// Close old process
Kernal32NativeMethods.CloseProcess(_processHandle);
// Disconnect events
if (_process != null)
{
_process.Exited -= ProcessClosed;
}
// Find DLL offset if needed
IntPtr dllOffset = new IntPtr();
bool dllSuccess = true;
if (emulator != null && emulator.Dll != null)
{
var dll = newProcess.Modules.Cast <ProcessModule>()
.FirstOrDefault(d => d.ModuleName == emulator.Dll);
if (dll == null)
{
dllSuccess = false;
}
else
{
dllOffset = dll.BaseAddress;
}
}
// Make sure the new process has a value and that all DLLs where found
if (newProcess == null || emulator == null || !dllSuccess)
{
_processHandle = new IntPtr();
_process = null;
_emulator = null;
_ramStart = new IntPtr();
OnStatusChanged?.Invoke(this, new EventArgs());
return(false);
}
// Open and set new process
_process = newProcess;
_emulator = emulator;
_ramStart = new IntPtr(_emulator.RamStart + dllOffset.ToInt64());
_processHandle = Kernal32NativeMethods.ProcessGetHandleFromId(0x0838, false, _process.Id);
if ((int)_processHandle == 0)
{
OnStatusChanged?.Invoke(this, new EventArgs());
return(false);
}
try
{
_process.EnableRaisingEvents = true;
}
catch (Exception)
{
return(false);
}
_process.Exited += ProcessClosed;
IsSuspended = false;
IsClosed = false;
lock (_enableLocker)
{
IsEnabled = true;
}
OnStatusChanged?.Invoke(this, new EventArgs());
return(true);
}