Exemplo n.º 1
0
        //This returns an IntPtr of the address found from a byte pattern match.
        public static IntPtr ScanForPattern(Process p, byte[] pattern, string match, int offset, IntPtr startOffset = new IntPtr())
        {
            if (startOffset.ToInt32() == 0)
            {
                startOffset = p.MainModule.BaseAddress;
            }
            try
            {
                //TODO: We need to scan the entire memory (p.WorkingSet64) but that wont all fit in a C# app.
                //TODO: We'll need to loop through all the memory eventually...
                p.Refresh();
                var memSize = (p.PrivateMemorySize64 + p.WorkingSet64);

                IntPtr memoryBlockSize = (IntPtr)(long)(memSize / 64);
                IntPtr endOffset       = IntPtr.Subtract(memoryBlockSize, (int)startOffset);

                SigScan.Classes.SigScan _sigScan = new SigScan.Classes.SigScan();
                _sigScan.Process = p;

                _sigScan.Address = startOffset;
                _sigScan.Size    = (long)endOffset;

                IntPtr result = _sigScan.FindPattern(pattern, match, offset);

                //_sigScan.ResetRegion();
                IntPtr nextAddress  = IntPtr.Add(startOffset, (int)endOffset);
                bool   ShowProgress = false;
                if (PatchEditor.FormShowing)
                {
                    ShowProgress = true;
                }
                var patchForm = PatchEditor.ActiveForm;
                while (result == IntPtr.Zero && (int)nextAddress < memSize && PatchLoopRun)
                {
                    if (ShowProgress)
                    {
                        patchForm.Invoke(new MethodInvoker(delegate
                        {
                            PatchEditor.SetProgressBarValue((long)nextAddress, (long)startOffset, memSize);
                        }));
                    }
                    SigScan.Classes.SigScan _sigScan2 = new SigScan.Classes.SigScan();
                    _sigScan2.Process = p;

                    _sigScan2.Address = nextAddress;
                    _sigScan2.Size    = (long)endOffset;

                    result      = _sigScan2.FindPattern(pattern, match, offset);
                    nextAddress = IntPtr.Add(nextAddress, (int)endOffset);
                }
                return(result);
            }
            catch (Exception)
            {
                return(IntPtr.Zero);
            }
        }
Exemplo n.º 2
0
        private static IntPtr GetViewPortGame(IntPtr baseAddress, int length)
        {
            if (_gPViewPortGame == IntPtr.Zero)
            {
                SigScan.Classes.SigScan sigScan = new SigScan.Classes.SigScan(Process.GetCurrentProcess(), baseAddress, length);
                IntPtr matricesManagerInc       = sigScan.FindPattern(new byte[] { 0x48, 0x8B, 0x15, 0xFF, 0xFF, 0xFF, 0xFF, 0x48, 0x8D, 0x2D, 0xFF, 0xFF, 0xFF, 0xFF, 0x48, 0x8B, 0xCD }, "xxx????xxx????xxx", 0);
                if (matricesManagerInc != IntPtr.Zero)
                {
                    var offset = Marshal.PtrToStructure <int>(new IntPtr(matricesManagerInc.ToInt64() + 3));
                    var ptr    = new IntPtr(offset + matricesManagerInc.ToInt64() + 7);
                    _gPViewPortGame = new IntPtr(Marshal.PtrToStructure <long>(ptr));
                }
            }

            return(_gPViewPortGame);
        }
Exemplo n.º 3
0
        //This returns an IntPtr of the address found from a byte pattern match.
        public static IntPtr ScanForPattern(Process p, byte[] pattern, string match, int offset, IntPtr startOffset = new IntPtr())
        {
            if (startOffset.ToInt32() == 0)
            {
                startOffset = p.MainModule.BaseAddress;
            }
            try
            {
                //TODO: We need to scan the entire memory (p.WorkingSet64) but that wont all fit in a C# app. 
                //TODO: We'll need to loop through all the memory eventually...
                p.Refresh();
                var memSize = (p.PrivateMemorySize64 + p.WorkingSet64);

                IntPtr memoryBlockSize = (IntPtr)(long)(memSize / 64);
                IntPtr endOffset = IntPtr.Subtract(memoryBlockSize, (int)startOffset);

                SigScan.Classes.SigScan _sigScan = new SigScan.Classes.SigScan();
                _sigScan.Process = p;

                _sigScan.Address = startOffset;
                _sigScan.Size = (long)endOffset;

                IntPtr result = _sigScan.FindPattern(pattern, match, offset);

                //_sigScan.ResetRegion();
                IntPtr nextAddress = IntPtr.Add(startOffset, (int)endOffset);
                bool ShowProgress = false;
                if (PatchEditor.FormShowing)
                {
                    ShowProgress = true;
                }
                var patchForm = PatchEditor.ActiveForm;
                while (result == IntPtr.Zero && (int)nextAddress < memSize && PatchLoopRun)
                {
                    if (ShowProgress)
                    {
                        patchForm.Invoke(new MethodInvoker(delegate
                          {
                              PatchEditor.SetProgressBarValue((long)nextAddress, (long)startOffset, memSize);
                          }));
                    }
                    SigScan.Classes.SigScan _sigScan2 = new SigScan.Classes.SigScan();
                    _sigScan2.Process = p;

                    _sigScan2.Address = nextAddress;
                    _sigScan2.Size = (long)endOffset;

                    result = _sigScan2.FindPattern(pattern, match, offset);
                    nextAddress = IntPtr.Add(nextAddress, (int)endOffset);
                }
                return result;
            }
            catch (Exception)
            {
                return IntPtr.Zero;
            }
        }