Exemplos de HookSession.ReadMemory em C# (CSharp)

Linguagem de programação: C# (CSharp)

Classe / Tipo: HookSession

Método / Função: ReadMemory

Exemplos em hotexamples.com: 3

HookSession.ReadMemory em C# (CSharp) - 3 exemplos encontrados. Esses são os exemplos do mundo real mais bem avaliados de HookSession.ReadMemory em C# (CSharp) extraídos de projetos de código aberto. Você pode avaliar os exemplos para nos ajudar a melhorar a qualidade deles.

Métodos Frequentes

Exibir Ocultar

ReadMemory(3)

Connect(2)

Set(2)

GetProcAddress(1)

WriteMemory(1)

Métodos Frequentes

ReadMemory (3)

Connect (2)

Set (2)

GetProcAddress (1)

WriteMemory (1)

Relacionados

CX_TypeClass

Cell

ApplicationLogger

Get

NCOMSEntities

FiveStarRatingView

ServiceCategoryReceivingDTO

Directory_ParkWays

DbBuffer

WindsorFactory

Related in langs

test_lock (PHP)

checkCertificat (PHP)

bb_init_log (C++)

drawTracks (C++)

GetConfig (Go)

DisableVertexAttribArray (Go)

MOUNT.VOLUME_ID (Java)

Hyst (Java)

get_all_rejected_links (Python)

InfoWindow (Python)

Exemplo n.º 1

0

Exibir arquivo

Arquivo: Program.cs Projeto: xgame92/SpyGlass

private static void HookSessionOnHookTriggered(object sender, HookEventArgs e) { Console.WriteLine("--- [Hook callback] ---"); Console.WriteLine("[Registers]"); for (int i = 0; i < 9; i++) { var register = (RegisterX86)i; Console.WriteLine("{0}: {1:X8}", register.ToString().ToLowerInvariant(), e.Registers[i]); } var esp = (IntPtr)e.Registers[(int)RegisterX86.Esp]; Console.WriteLine("[Stack]"); var data = _hookSession.ReadMemory(esp, 4 * sizeof(int)); for (int i = 0; i < 4 * sizeof(int); i += sizeof(int)) { Console.WriteLine($"esp+{i:00}: {BitConverter.ToUInt32(data, i):X8}"); } Console.WriteLine("Changing esp+4 to 0x1234"); _hookSession.WriteMemory(esp + 4, BitConverter.GetBytes(0x1234)); Console.WriteLine("--- [End hook callback] ---"); }

Exemplo n.º 2

0

Exibir arquivo

Arquivo: Program.cs Projeto: xgame92/SpyGlass

private static void HookSessionOnHookTriggered(object sender, HookEventArgs e) { Console.WriteLine("MessageBoxA was called!"); var esp = (IntPtr)e.Registers[(int)RegisterX86.Esp]; var rawStackData = _hookSession.ReadMemory(esp, 5 * sizeof(uint)); var stackEntries = new uint[5]; for (int i = 0; i < stackEntries.Length; i++) { stackEntries[i] = BitConverter.ToUInt32(rawStackData, i * sizeof(int)); } var message = BytesToZeroTerminatedString(_hookSession.ReadMemory((IntPtr)stackEntries[2], 100)); var title = BytesToZeroTerminatedString(_hookSession.ReadMemory((IntPtr)stackEntries[3], 100)); Console.WriteLine("Arguments:"); Console.WriteLine($"- hWnd: {stackEntries[1]:X8}"); Console.WriteLine($"- lpText: \"{message}\""); Console.WriteLine($"- lpCaption: \"{title}\""); Console.WriteLine($"- uType: {stackEntries[4]:X8}"); }

Exemplo n.º 3

0

Exibir arquivo

public HookParameters Detect(HookSession session, IntPtr address) { var fixups = new List <ushort>(); // Longest x86 instruction possible is 15 bytes. We need 5 bytes at least for a call. // Therefore, in the worst case scenario, we need to read 4 + 15 bytes worth of instructions. var reader = new MemoryStreamReader(session.ReadMemory(address, 4 + 15)); var disassembler = new X86Disassembler(reader, address.ToInt64()); while (reader.Position - reader.StartPosition < 5) { var next = disassembler.ReadNextInstruction(); if (next.OpCode.Op1 == X86OpCodes.Jmp_Rel1632.Op1 || next.OpCode.Op1 == X86OpCodes.Call_Rel1632.Op1) { int offset = (int)(reader.Position - address.ToInt64() - 4); fixups.Add((ushort)offset); } } return(new HookParameters((int)reader.Position, fixups)); }