Exemplo n.º 1
0
        protected void API_WriteProcessMemory(Address adr, byte[] val)
        {
            uint oldProtection = APIProxy.VirtualProtectEx(handle, adr, val.Length, (uint)APIProxy.MemoryProtection.PAGE_EXECUTE_READ_WRITE);

            APIProxy.WriteProcessMemory(handle, adr, val);
            APIProxy.VirtualProtectEx(handle, adr, val.Length, oldProtection);
        }
Exemplo n.º 2
0
        protected byte[] API_ReadProcessMemory(Address adr, int size)
        {
            uint oldProtection = APIProxy.VirtualProtectEx(handle, adr, size, (uint)APIProxy.MemoryProtection.PAGE_EXECUTE_READ_WRITE);

            byte[] buffer = APIProxy.ReadProcessMemory(handle, adr, size);
            APIProxy.VirtualProtectEx(handle, adr, size, oldProtection);
            return(buffer);
        }
Exemplo n.º 3
0
 public void UnfreezeProcess()
 {
     foreach (ProcessThread pt in managedProcess.Threads)
     {
         Handle cHandle = Handle.Zero();
         cHandle = Handle.GetThreadHandle((uint)pt.Id, APIProxy.ThreadAccessFlags.THREAD_SUSPEND_RESUME);
         APIProxy.ResumeThread(cHandle);
     }
 }
Exemplo n.º 4
0
 public void FreeMemoryRegion(MemoryRegion region, APIProxy.FreeType freeType)
 {
     if (freeType == APIProxy.FreeType.Release)
     {
         APIProxy.VirtualFreeEx(handle, region.start, 0, freeType);
     }
     else
     {
         APIProxy.VirtualFreeEx(handle, region.start, region.lenght, freeType);
     }
 }
Exemplo n.º 5
0
        public void InjectDll(string libraryPath)
        {
            MemoryRegion pathRegion = APIProxy.VirtualAllocEx(handle, Address.Zero(), libraryPath.Length, APIProxy.AllocationType.Reserve | APIProxy.AllocationType.Commit, APIProxy.MemoryProtection.PAGE_EXECUTE_READ_WRITE);

            APIProxy.WriteProcessMemory(handle, pathRegion.start, Encoding.ASCII.GetBytes(libraryPath));
            Handle  kernelLibraryHandle = Handle.GetModuleHandle("Kernel32.dll");
            Address loadLibraryAddress  = APIProxy.GetProcedureAddress(kernelLibraryHandle, "LoadLibraryA");
            Handle  threadHandle        = APIProxy.CreateRemoteThread(handle, Address.Zero(), 0, loadLibraryAddress, pathRegion.start, 0, 0);

            FreeMemoryRegion(pathRegion, APIProxy.FreeType.Release);
            threadHandle.Close();
        }
Exemplo n.º 6
0
 public uint ChangeProtection(APIProxy.MemoryProtection newProtection, int sizeOfVariable)
 {
     return(APIProxy.VirtualProtectEx(callback.GetHandle(), GetAddress(), sizeOfVariable, (uint)newProtection));
 }
Exemplo n.º 7
0
 public void Close()
 {
     APIProxy.CloseHandle(this);
 }
Exemplo n.º 8
0
 public static Handle GetModuleHandle(string moduleName)
 {
     return(APIProxy.GetModuleHandle(moduleName));
 }
Exemplo n.º 9
0
 public static Handle GetThreadHandle(uint threadID, APIProxy.ThreadAccessFlags access)
 {
     return(APIProxy.OpenThread(access, threadID));
 }
Exemplo n.º 10
0
        public static Handle GetProcessHandle(string name, APIProxy.ProcessAccessFlags access)
        {
            Process proc = ProcessInterface.FindProcess(name);

            return(APIProxy.OpenProcess(access, proc.Id));
        }
Exemplo n.º 11
0
        public MemoryRegion AllocateMemory(int size, APIProxy.AllocationType allocationType = APIProxy.AllocationType.Reserve | APIProxy.AllocationType.Commit, APIProxy.MemoryProtection memoryProtection = APIProxy.MemoryProtection.PAGE_EXECUTE_READ_WRITE)
        {
            MemoryRegion allocation = APIProxy.VirtualAllocEx(handle, Address.Zero(), size, allocationType, memoryProtection);

            return(allocation);
        }