/* Call Shellcode */
public long GetProcAddress(long hModule, string functionName)
{
var getProcAddressParams = new GetProcAddressParams(hModule, WriteNullTerminatedASCIIString(functionName));
long lpParameter = (long)_circularBuffer.Add(ref getProcAddressParams);
IntPtr threadHandle = CreateRemoteThread(_targetProcess.Handle, IntPtr.Zero, UIntPtr.Zero, (IntPtr)_getProcAddressShellPtr, (IntPtr)lpParameter, CREATE_THREAD_FLAGS.RUN_IMMEDIATELY, out uint threadId);
WaitForSingleObject(threadHandle, uint.MaxValue);
_memory.Read((IntPtr)_getProcAddressReturnValuePtr, out long value);
return(value);
}
/// <summary>
/// Tests the "Add" functionality of the <see cref="MemoryBuffer"/>; including
/// the return of the correct pointer and CanItemFit.
/// </summary>
private unsafe void MemoryBufferAddGeneric(MemoryBuffer buffer, Process process)
{
// Setup test.
ExternalMemory externalMemory = new ExternalMemory(process);
// Disable item alignment.
var bufferHeader = buffer.Properties;
buffer.Properties = bufferHeader;
// Get remaining space, items to place.
int remainingBufferSpace = bufferHeader.Remaining;
int structSize = Struct.GetSize <RandomIntStruct>();
int itemsToFit = remainingBufferSpace / structSize;
// Generate array of random int structs.
RandomIntStruct[] randomIntStructs = new RandomIntStruct[itemsToFit];
for (int x = 0; x < itemsToFit; x++)
{
randomIntStructs[x] = RandomIntStruct.BuildRandomStruct();
}
// Fill the buffer and verify each item as it's added.
for (int x = 0; x < itemsToFit; x++)
{
IntPtr writeAddress = buffer.Add(ref randomIntStructs[x], false, 1);
// Read back and compare.
externalMemory.Read(writeAddress, out RandomIntStruct actual);
Assert.Equal(randomIntStructs[x], actual);
}
// Compare again, running the entire array this time.
IntPtr bufferStartPtr = bufferHeader.DataPointer;
for (int x = 0; x < itemsToFit; x++)
{
IntPtr readAddress = bufferStartPtr + (x * structSize);
// Read back and compare.
externalMemory.Read(readAddress, out RandomIntStruct actual);
Assert.Equal(randomIntStructs[x], actual);
}
// The array is full, calling CanItemFit should return false.
Assert.False(buffer.CanItemFit(ref randomIntStructs[0]));
// Likewise, calling Add should return IntPtr.Zero.
var randIntStr = RandomIntStruct.BuildRandomStruct();
Assert.Equal(IntPtr.Zero, buffer.Add(ref randIntStr, false, 1));
}
/// <summary>
/// Tests the "Add" functionality of the <see cref="MemoryBuffer"/>, with raw data;
/// including the return of the correct pointer and CanItemFit.
/// </summary>
private unsafe void MemoryBufferAddByteArray(MemoryBuffer buffer, Process process)
{
// Setup test.
ExternalMemory externalMemory = new ExternalMemory(process);
// Disable item alignment.
var bufferHeader = buffer.Properties;
buffer.Properties = bufferHeader;
// Get remaining space, items to place.
int remainingBufferSpace = bufferHeader.Remaining;
var randomByteArray = RandomByteArray.GenerateRandomByteArray(remainingBufferSpace);
byte[] rawArray = randomByteArray.Array;
// Fill the buffer with the whole array.
buffer.Add(rawArray, 1);
// Compare against the array written.
IntPtr bufferStartPtr = bufferHeader.DataPointer;
for (int x = 0; x < remainingBufferSpace; x++)
{
IntPtr readAddress = bufferStartPtr + x;
// Read back and compare.
externalMemory.Read(readAddress, out byte actual);
Assert.Equal(rawArray[x], actual);
}
// The array is full, calling CanItemFit should return false.
Assert.False(buffer.CanItemFit(sizeof(byte)));
// Likewise, calling Add should return IntPtr.Zero.
byte testByte = 55;
Assert.Equal(IntPtr.Zero, buffer.Add(ref testByte, false, 1));
}
