// Component Events private void buttonConnect_Click(object sender, EventArgs e) { //if (this.NtrClient? == null) this.NtrClient? = new NtrClient(); if (this.NtrClient?.IsConnected ?? false) { this.NtrClient?.Disconnect(); } this.buttonConnect.Enabled = false; this.txtIpAddress.Enabled = false; this.NtrClient?.SetServer(txtIpAddress.Text, 8000); this.ReadMemoryType = ReadMemoryType.None; this.ReadNtrStringType = ReadNtrStringType.None; this.Config.IpAddress = txtIpAddress.Text; new Task(() => { int Retry = 0; LogLine("Trying to connect to {0}", txtIpAddress.Text); do { NtrClient.ConnectToServer(); } while (!NtrClient.IsConnected && ++Retry < 3); if (!NtrClient.IsConnected) { LogLine("Unable to connect. :("); EnableConnect(); } }).Start(); }
private void buttonEditorCreate_Click(object sender, EventArgs e) { new Task(() => { UInt32 Address = Convert.ToUInt32(txtEditorAddress.Text, 16); UInt32 Length = Convert.ToUInt32(txtEditorLength.Text, 16); if (!IsValidMemregion(Address, Length)) { LogLine("Invalid Address / Length. No valid memregions found!"); return; } if (cbPointer.Checked) { UInt32 PtrOffset = Convert.ToUInt32(txtEditorOffset.Text, 16); if (!WaitForReadMemory(Address, 4, GetPid())) { return; } Address = BitConverter.ToUInt32(this.ReadMemory, 0); Address += PtrOffset; } this.ReadMemoryType = ReadMemoryType.CreateEditorCode; this.NtrClient?.SendReadMemPacket(Address, Length, GetPid()); }).Start(); }
private void buttonDumpAll_Click(object sender, EventArgs e) { try { UInt32 Pid = GetPid(); if (Pid != 0xffffffff && cmbMemlayout.Items.Count > 0) { //(sender as Button).Enabled = false; this.ReadAllMemIndex = 0; // I'm sorry int LastMemEnd = Convert.ToInt32(this.cmbMemlayout.Items[cmbMemlayout.Items.Count - 1].ToString().Split(" | ", StringSplitOptions.RemoveEmptyEntries).ToArray()[1], 16); this.DumpData = new byte[LastMemEnd]; String mem0 = this.cmbMemlayout.Items[0].ToString(); String[] m = mem0.Split(" | ", StringSplitOptions.RemoveEmptyEntries).ToArray(); if (m.Length == 3) { UInt32 Start = Convert.ToUInt32(m[0], 16); UInt32 Size = Convert.ToUInt32(m[2], 16); // must be a valid memregion. No need to check it. this.ReadMemoryType = ReadMemoryType.DumpAllMemregions; this.NtrClient.SendReadMemPacket(Start, Size, Pid); } } } catch (Exception) { } }
// this will freeze the window application. Run in a separate thread/task private Boolean WaitForReadMemory(UInt32 Address, UInt32 Length, UInt32 Pid) { if (this.NtrClient == null) { LogLine("NtrClient is null"); return(false); } this.ReadMemoryType = ReadMemoryType.Wait; this.ReadMemory = null; this.NtrClient.SendReadMemPacket(Address, Length, Pid); LogLine("Send packet"); int RefreshRate = 100; int MaxRetry = 100; int CurrentRetry = 0; do { if (CurrentRetry == MaxRetry) { LogLine("Timed out. {0} tries @{1}ms (Total {2}ms)", CurrentRetry, RefreshRate, CurrentRetry * RefreshRate); return(false); } Thread.Sleep(RefreshRate); CurrentRetry++; } while (!NewReadMemory); NewReadMemory = false; //LogLine("Is RM null? {0}", ReadMemory == null); return(ReadMemory != null); }
private void buttonEditModeRead_Click(object sender, EventArgs e) { UInt32 Address = Convert.ToUInt32(txtEditModeAddress.Text, 16); UInt32 Length = GetEditModeLength(); if (!IsValidMemregion(Address, Length)) { LogLine("Invalid Address / Length. No valid memregions found!"); return; } this.ReadMemoryType = ReadMemoryType.EditMode; this.NtrClient?.SendReadMemPacket(Address, Length, GetPid()); }
private void buttonDumpMemoryFile_Click(object sender, EventArgs e) { UInt32 Address = Convert.ToUInt32(txtDumpMemAddrStart.Text, 16); UInt32 Length = Convert.ToUInt32(txtDumpMemAddrLength.Text, 16); if (!IsValidMemregion(Address, Length)) { LogLine("Invalid Address / Length. No valid memregions found!"); return; } this.ReadMemoryType = ReadMemoryType.DumpAsFile; this.NtrClient?.SendReadMemPacket(Address, Length, GetPid()); }
private void buttonDumpMemoryConsole_Click(object sender, EventArgs e) { UInt32 Address = Convert.ToUInt32(txtDumpMemAddrStart.Text, 16); UInt32 Length = Convert.ToUInt32(txtDumpMemAddrLength.Text, 16); if (Length > MAX_CONSOLE_DUMP) { Length = MAX_CONSOLE_DUMP; LogLine("Length exceeded 0x{0:X}, shortened to 0x{0:X}", MAX_CONSOLE_DUMP); } if (!IsValidMemregion(Address, Length)) { LogLine("Invalid Address / Length. No valid memregions found!"); return; } this.ReadMemoryType = ReadMemoryType.DumpAsConsole; this.NtrClient?.SendReadMemPacket(Address, Length, GetPid()); }
private void HandleReadMemory(byte[] Buffer) { ReadMemoryType Rmt = this.ReadMemoryType; this.ReadMemoryType = ReadMemoryType.None; this.ReadMemory = Buffer; if (Rmt == ReadMemoryType.None) { LogLine("HRM: " + ByteArrayToHexString(Buffer)); } else if (Rmt == ReadMemoryType.Wait) { // kind of messy, but it works - for now this.NewReadMemory = true; LogLine("HRM: " + ByteArrayToHexString(Buffer)); } if (Rmt == ReadMemoryType.DumpAsFile) { new DirectoryInfo("Dump").Create(); File.WriteAllBytes("Dump\\" + txtDumpMemFilename.Text, Buffer); LogLine("Saved 0x{0:X} bytes to {1}", Buffer.Length, txtDumpMemFilename.Text); } else if (Rmt == ReadMemoryType.DumpAsConsole) { LogLine(ByteArrayToHexString(Buffer)); } else if (Rmt == ReadMemoryType.CreateCode) { List <byte> byteCode = new List <byte>(); UInt32 Address = Convert.ToUInt32(txtBaseAddress.Text, 16); UInt32 Length = Convert.ToUInt32(txtBaseLength.Text, 16); if (String.IsNullOrEmpty(GetProcessName())) { LogLine("Process name is null or empty. WHY?!??"); return; } //byteCode.AddRange(Encoding.ASCII.GetBytes("BASE")); // magic //byteCode.AddRange(BitConverter.GetBytes(Address)); //byteCode.AddRange(BitConverter.GetBytes(GetProcessName().Length)); //byteCode.AddRange(Encoding.ASCII.GetBytes(GetProcessName())); ////byte[] DataBuffer = Compression.Compress(Buffer, COMPRESSION_MODE); //byteCode.AddRange(BitConverter.GetBytes(Buffer.Length)); //byteCode.AddRange(Buffer); //String Base64 = Convert.ToBase64String(Compression.Compress(byteCode.ToArray(), COMPRESSION_MODE)); String Base64 = ToBase64Code(Address, GetProcessName(), Buffer); this.txtBaseCode.TryInvoke(new Action(() => { this.txtBaseCode.Text = Base64; })); } else if (Rmt == ReadMemoryType.CreateEditorCode) { List <byte> byteCode = new List <byte>(); UInt32 Address = Convert.ToUInt32(txtEditorAddress.Text, 16); UInt32 Length = Convert.ToUInt32(txtEditorLength.Text, 16); UInt32 PtrOffset = cbPointer.Checked ? Convert.ToUInt32(txtEditorOffset.Text, 16) : 0xffffffffu; String Base64 = ToBase64Code(Address, GetProcessName(), Buffer, PtrOffset); this.txtEditorBase.TryInvoke(new Action(() => { this.txtEditorBase.Text = Base64; })); this.txtEditorByte.TryInvoke(new Action(() => this.txtEditorByte.Text = ByteArrayToHexString(Buffer))); } else if (Rmt == ReadMemoryType.EditMode) { UInt32 l = GetEditModeLength(); if (Buffer.Length != GetEditModeLength()) { LogLine("Expected {0:X}, received {1:X} bytes", GetEditModeLength(), Buffer.Length); return; } //LogLine(ByteArrayToHexString(Buffer)); Boolean IsLittleEndian = cbEditModeLittleEndian.Checked; if (!IsLittleEndian) { Buffer = Buffer.Reverse().ToArray(); } UInt32 Hex = 0u; for (int i = 0; i < Buffer.Length && i < 4; i++) { Hex |= (uint)(Buffer[i] << (int)((l - 1) * 8 - (8 * i))); } txtEditModeHex.TryInvoke(new Action(() => { String k = Convert.ToString(Hex, 16).ToUpper().PadLeft(8, '0'); txtEditModeHex.Text = k; })); txtEditModeDecimal.TryInvoke(new Action(() => { txtEditModeDecimal.Text = Hex.ToString(); })); } else if (Rmt == ReadMemoryType.DumpAllMemregions) { // add 00 padding this.ReadAllMemIndex++; LogLine("Current Index: {0}", ReadAllMemIndex); this.cmbMemlayout.TryInvoke(new Action(() => { if (this.ReadAllMemIndex < this.cmbMemlayout.Items.Count) { String pMem = this.cmbMemlayout.Items[this.ReadAllMemIndex - 1].ToString(); UInt32 pMemStart = Convert.ToUInt32(pMem.Split(" | ", StringSplitOptions.RemoveEmptyEntries).ToArray()[0], 16); UInt32 pMemEnd = Convert.ToUInt32(pMem.Split(" | ", StringSplitOptions.RemoveEmptyEntries).ToArray()[1], 16); String mem0 = this.cmbMemlayout.Items[this.ReadAllMemIndex].ToString(); LogLine("Memregion: {0}", mem0); String[] m = mem0.Split(" | ", StringSplitOptions.RemoveEmptyEntries).ToArray(); if (m.Length == 3) { UInt32 Start = Convert.ToUInt32(m[0], 16); UInt32 Size = Convert.ToUInt32(m[2], 16); // must be a valid memregion. No need to check it. Buffer.CopyTo(DumpData, (int)pMemStart); LogLine("Added padding... {0:X08} => {1:X08} = {2:X08}", pMemEnd, Start, Start - pMemEnd); // this.ReadMemoryType = ReadMemoryType.DumpAllMemregions; this.NtrClient.SendReadMemPacket(Start, Size, GetPid()); } } else { new Task(() => { LogLine("Now writing file..."); FileInfo k = new FileInfo("Dump\\" + txtDumpAll.Text); k.Directory.Create(); File.WriteAllBytes(k.FullName, DumpData.ToArray()); LogLine("Wrote file: {0}", k.FullName); DumpData = null; }).Start(); } })); } }