public SpiderControl(MainWindow mainWindow, TabItem tabItem) { if (SpiderSearch == null) { SpiderSearch = new SpiderSearch() { Aligned = false, Is64Bit = true, DataType = DataType.UTF16, Length = 2096, Levels = 2, Match = true, Name = "New Tab", Variance = 0, StringLength = 200, Alignment = 2 }; } _mainWindow = mainWindow; _tabItem = tabItem; Alignments = new List <int>(); Alignments.Add(1); Alignments.Add(2); Alignments.Add(4); Alignments.Add(8); DataTypes = new List <DataType>(); DataTypes.Add(DataType.Byte); DataTypes.Add(DataType.Int); DataTypes.Add(DataType.Long); DataTypes.Add(DataType.Float); DataTypes.Add(DataType.UInt); DataTypes.Add(DataType.UTF16); InitializeComponent(); }
public void Button_ReFilterValues_Click(object sender, RoutedEventArgs e) { var processes = Process.GetProcessesByName(_mainWindow.SelectedProcessName); if (!processes.Any()) { MessageBox.Show("Select a process"); return; } var process = processes.First(); var memory = new Memory(process.Id); try { SpiderSearch.Address = long.Parse(TextBox_Address.Text); SpiderSearch.Reload(memory); } finally { memory.Close(); } var results = SpiderSearch.Results.Where(o => TextBox_Value.Text != o.Current).ToList(); var dict = SpiderSearch.Results.ToDictionary(o => o.Id, o => o); foreach (var spiderResult in results) { dict.Remove(spiderResult.Id); } SpiderSearch.Results = dict.Values.ToList(); VisibleResults = SpiderSearch.Results.Take(200).ToList(); }
public void Button_ReloadValues_Click(object sender, RoutedEventArgs e) { var processes = Process.GetProcessesByName(_mainWindow.SelectedProcessName); if (!processes.Any()) { MessageBox.Show("Select a process"); return; } var process = processes.First(); var memory = new Memory(process.Id); try { SpiderSearch.Address = long.Parse(TextBox_Address.Text); SpiderSearch.Reload(memory); foreach (var visibleResult in VisibleResults) { visibleResult.CallPropertyChanged("Current"); visibleResult.CallPropertyChanged("Value"); } } finally { memory.Close(); } }
public SpiderControl(MainWindow mainWindow, TabItem tabItem, SpiderSearch search) : this(mainWindow, tabItem) { SpiderSearch = search; VisibleResults = SpiderSearch.Results.Take(1000).ToList(); }
private string CheckForMatchValue(byte[] data, int index, SpiderSearch request) { switch (request.DataType) { case DataType.UTF16: string stringValue = Encoding.Unicode.GetString(data, index, request.StringLength); int num = stringValue.IndexOf('\0'); stringValue = num > 0 ? stringValue.Substring(0, num) : stringValue; if (String.IsNullOrWhiteSpace(stringValue)) { return(null); } bool match = stringValue.StartsWith(request.StringValue); if (match || !request.Match) { return(stringValue); } break; case DataType.Byte: var byteValue = data[index]; if (byteValue == (byte)request.LongValue || !request.Match) { return(byteValue.ToString()); } break; case DataType.Int: var intValue = BitConverter.ToInt32(data, index); if (intValue == (int)request.LongValue || !request.Match) { return(intValue.ToString()); } break; case DataType.Long: var longValue = BitConverter.ToInt64(data, index); if (longValue == request.LongValue || !request.Match) { return(longValue.ToString()); } break; case DataType.Float: var floatValue = BitConverter.ToSingle(data, index); if (Math.Abs(floatValue - request.FloatValue) < .001 || !request.Match) { return(floatValue.ToString(CultureInfo.InvariantCulture)); } break; case DataType.UInt: var uIntValue = BitConverter.ToUInt32(data, index); if (uIntValue == (uint)request.LongValue || !request.Match) { return(uIntValue.ToString()); } break; } return(null); }
private void CheckNextLevel(int level, long startAddress, SpiderResult parentResult, SpiderSearch search, ConcurrentBag <SpiderResult> results, Memory memory) { var allData = memory.ReadBytes(startAddress, search.Length + search.ExtraRead); for (int index = 0; index < search.EndIncrement; index++) { var offset = index * search.Alignment; var addressToCheck = startAddress + offset; var match = CheckForMatchValue(allData, offset, search); if (match != null) { AddResult(level, parentResult, results, match, offset, addressToCheck); } if (!(level >= search.Levels)) { var nextResult = new SpiderResult(parentResult); nextResult.SetOffset(level, index * search.Alignment, addressToCheck); var nextLevel = level + 1; if (search.Is64Bit) { var pointer = BitConverter.ToInt64(allData, offset); if (pointer > 50000) { CheckNextLevel(nextLevel, pointer, nextResult, search, results, memory); } } else { var pointer = BitConverter.ToInt32(allData, offset); if (pointer > 50000) { CheckNextLevel(nextLevel, pointer, nextResult, search, results, memory); } } } } }