/// <summary>
/// 杀死函数,让函数不执行任何动作
/// </summary>
/// <param name="moduleName">模块名</param>
/// <param name="apiName">函数名</param>
/// <returns></returns>
public static bool Kill(string moduleName, string apiName)
{
if (string.IsNullOrEmpty(moduleName) || string.IsNullOrEmpty(apiName))
{
throw new ArgumentNullException();
}
return(Kill(Module32.GetProcAddressInternal(moduleName, apiName)));
}
private void RefreshFunctionList()
{
ListViewItem listViewItem;
lvwFunctions.Items.Clear();
Module32.EnumFunctions(_processId, _moduleHandle, (IntPtr pFunction, string functionName, short ordinal) => {
listViewItem = new ListViewItem(functionName);
listViewItem.SubItems.Add("0x" + pFunction.ToString(Cache.Is64BitProcess ? "X16" : "X8"));
listViewItem.SubItems.Add(ordinal.ToString());
lvwFunctions.Items.Add(listViewItem);
return(true);
});
lvwFunctions.AutoResizeColumns(false);
}
static void Main(string[] args)
{
var list = (new int[0]).Select(dummy => new { moduleHandle = default(IntPtr), moduleName = default(string), pFunction = default(IntPtr), functionName = default(string), ordinal = default(short) }).ToList();
Module32.EnumModules(Process32.GetCurrentProcessId(), (IntPtr moduleHandle, string moduleName, string filePath) =>
{
list.Clear();
Module32.EnumFunctions(Process32.GetCurrentProcessId(), moduleHandle, (IntPtr pFunction, string functionName, short ordinal) =>
{
list.Add(new { moduleHandle, moduleName, pFunction, functionName, ordinal });
return(true);
});
list = list.OrderBy(item => item.moduleName).ToList();
list.ForEach(item => Console.WriteLine($"MH:{item.moduleHandle.ToString("X16")} MN:{item.moduleName} PF:{item.pFunction.ToString("X16")} FN:{item.functionName} OD:{item.ordinal.ToString()}"));
return(true);
});
Console.ReadKey();
}