Read() public method

public Read ( Int32 addr, int len ) : byte[]
addr System.Int32
len int
return byte[]
Exemplo n.º 1
0
        internal void Inject()
        {
            Thread.Sleep(1000);
            while (true)
            {
                using (var mem = new ProcessMemory(CurrentProcess.Id))
                {
                    using (var notemem = new ProcessMemory(Process.GetCurrentProcess().Id))
                    {
                        if (mem.Is64Bit())
                        {
                            throw new NotSupportedException("lolclient is running in 64bit mode which is not supported");
                        }

                        var connect = new byte[_connectCc.Length];
                        _connectCc.CopyTo(connect, 0);
                        int jmpaddrloc = connect.Length - 4;

                        var   mod     = ProcessMemory.GetModule("ws2_32.dll");
                        Int32 reladdr = notemem.GetAddress(mod, "connect");
                        reladdr -= mod;

                        var lolmod = GetModuleAddress(CurrentProcess, mem, "ws2_32.dll");
                        if (lolmod == 0)
                        {
                            //throw new FileNotFoundException("Lolclient has not yet loaded ws2_32.dll");
                            Thread.Sleep(1000);
                            continue;
                        }
                        Int32 connectaddr = lolmod + reladdr;

                        var bytes = mem.Read(connectaddr, 5);
                        if (bytes[0] == 0xe9)
                        {
                            IsInjected = true;
                            throw new WarningException("Connect already redirected");
                        }
                        if (!bytes.SequenceEqual(_safeCheck))
                        {
                            bytes = mem.Read(connectaddr, 20);
                            throw new AccessViolationException(string.Format("Connect has unknown bytes [{0}]", Convert.ToBase64String(bytes)));
                        }

                        Int32 addr = mem.Alloc(_connectCc.Length);
                        BitConverter.GetBytes((connectaddr + 5) - (addr + connect.Length)).CopyTo(connect, jmpaddrloc);
                        mem.Write(addr, connect);

                        var jmp = new byte[5];
                        jmp[0] = 0xE9;
                        BitConverter.GetBytes(addr - (connectaddr + 5)).CopyTo(jmp, 1);
                        mem.Write(connectaddr, jmp);
                    }
                }
                IsInjected = true;
                break;
            }
        }
Exemplo n.º 2
0
        internal void Inject()
        {
            Thread.Sleep(1000);
            while (true)
            {
                using (var mem = new ProcessMemory(CurrentProcess.Id))
                {
                    using (var notemem = new ProcessMemory(Process.GetCurrentProcess().Id))
                    {
                        if (mem.Is64Bit())
                            throw new NotSupportedException("lolclient is running in 64bit mode which is not supported");

                        var connect = new byte[_connectCc.Length];
                        _connectCc.CopyTo(connect, 0);
                        int jmpaddrloc = connect.Length - 4;

                        var mod = ProcessMemory.GetModule("ws2_32.dll");
                        Int32 reladdr = notemem.GetAddress(mod, "connect");
                        reladdr -= mod;

                        var lolmod = GetModuleAddress(CurrentProcess, mem, "ws2_32.dll");
                        if (lolmod == 0)
                        {
                            //throw new FileNotFoundException("Lolclient has not yet loaded ws2_32.dll");
                            Thread.Sleep(1000);
                            continue;
                        }
                        Int32 connectaddr = lolmod + reladdr;

                        var bytes = mem.Read(connectaddr, 5);
                        if (bytes[0] == 0xe9)
                        {
                            IsInjected = true;
                            throw new WarningException("Connect already redirected");
                        }
                        if (!bytes.SequenceEqual(_safeCheck))
                        {
                            bytes = mem.Read(connectaddr, 20);
                            throw new AccessViolationException(string.Format("Connect has unknown bytes [{0}]", Convert.ToBase64String(bytes)));
                        }

                        Int32 addr = mem.Alloc(_connectCc.Length);
                        BitConverter.GetBytes((connectaddr + 5) - (addr + connect.Length)).CopyTo(connect, jmpaddrloc);
                        mem.Write(addr, connect);

                        var jmp = new byte[5];
                        jmp[0] = 0xE9;
                        BitConverter.GetBytes(addr - (connectaddr + 5)).CopyTo(jmp, 1);
                        mem.Write(connectaddr, jmp);
                    }
                }
                IsInjected = true;
                break;
            }
        }