/// <summary>
/// 读内存整数型
/// </summary>
/// <param name="ProcessID">进程ID,-1为自进程</param>
/// <param name="Address">地址 无符号整数型</param>
/// <returns>返回读取值,失败返回-1</returns>
public static int ReadMemInt(int ProcessID, uint Address)
{
//声明变量
int a = 0;
byte[] temp = new byte[4];
IntPtr handle = new IntPtr();
if (ProcessID == -1) //-1读取自进程
{
handle = ProcessAPI.GetCurrentProcess();
}
else
{
handle = ProcessAPI.OpenProcess(ReadWriteAPI.PROCESS_ALL_ACCESS, false, ProcessID); //获取句柄
}
a = ReadWriteAPI.ReadProcessMemory(handle, Address, temp, 4, 0);
ProcessAPI.CloseHandle(handle); //关闭对象
if (a == 0)
{
return(-1); //读取失败返回-1
}
else
{
return(BitConverter.ToInt32(temp, 0));
}
}
/// <summary>
/// 写内存字节集
/// </summary>
/// <param name="ProcessID">进程ID,-1为自进程</param>
/// <param name="Address">地址 无符号整数型</param>
/// <param name="Data">写入数据 字节数组型</param>
/// <param name="Size">写入长度 0为完整长度</param>
/// <returns>返回是否成功</returns>
public static bool WriteMemByteArray(int ProcessID, uint Address, byte[] Data, int Size)
{
//声明变量
int a = 0;
IntPtr handle = new IntPtr();
if (ProcessID == -1) //-1为自进程
{
handle = ProcessAPI.GetCurrentProcess();
}
else
{
handle = ProcessAPI.OpenProcess(ReadWriteAPI.PROCESS_ALL_ACCESS, false, ProcessID); //获取句柄
}
if (Size == 0)
{
a = ReadWriteAPI.WriteProcessMemory(handle, Address, Data, Data.Length, 0);
}
else
{
a = ReadWriteAPI.WriteProcessMemory(handle, Address, Data, Size, 0);
}
ProcessAPI.CloseHandle(handle); //关闭对象
if (a == 0) //返回bool型
{
return(false);
}
else
{
return(true);
}
}
/// <summary>
/// 读内存整数型2
/// </summary>
/// <param name="ProcessID">进程ID</param>
/// <param name="Address">地址</param>
/// <param name="Offsets">偏移量 整数数组</param>
/// <returns>返回读取值,失败返回-1</returns>
public static int ReadMemInt2(int ProcessID, uint Address, uint[] Offsets)
{
//声明变量
int t_data = 0;
uint t_add = Address;
IntPtr handle = new IntPtr();
if (ProcessID == -1) //-1读取自进程
{
handle = ProcessAPI.GetCurrentProcess();
}
else
{
handle = ProcessAPI.OpenProcess(ReadWriteAPI.PROCESS_ALL_ACCESS, false, ProcessID); //获取句柄
}
for (int i = 0; i < Offsets.Length; i++)
{
t_data = ReadMemInt(ProcessID, t_add);
t_add = (uint)t_data + Offsets[i];
}
t_data = ReadMemInt(ProcessID, t_add);
ProcessAPI.CloseHandle(handle); //关闭对象
if (t_data == 0)
{
return(-1); //失败返回-1
}
else
{
return(t_data);
}
}
/// <summary>
/// 写内存整数型
/// </summary>
/// <param name="ProcessID">进程ID,-1为自进程</param>
/// <param name="Address">地址 无符号整数型</param>
/// <param name="Data">写入数据</param>
/// <returns>返回是否成功</returns>
public static bool WriteMemInt(int ProcessID, uint Address, int Data)
{
//声明变量
int a = 0;
IntPtr handle = new IntPtr();
byte[] temp = new byte[4];
temp = BitConverter.GetBytes(Data);
if (ProcessID == -1) //-1为自进程
{
handle = ProcessAPI.GetCurrentProcess();
}
else
{
handle = ProcessAPI.OpenProcess(ReadWriteAPI.PROCESS_ALL_ACCESS, false, ProcessID); //获取句柄
}
a = ReadWriteAPI.WriteProcessMemory(handle, Address, temp, 4, 0);
ProcessAPI.CloseHandle(handle); //关闭对象
if (a == 0) //返回bool型
{
return(false);
}
else
{
return(true);
}
}
/// <summary>
/// 读内存字节集
/// </summary>
/// <param name="ProcessID">进程ID,-1为自进程</param>
/// <param name="Address">地址 无符号整数型</param>
/// <param name="Size">读取长度 0为智能读取</param>
/// <returns>返回字节数组,失败返回空字节集</returns>
public static byte[] ReadMemByteArray(int ProcessID, uint Address, int Size)
{
//声明变量
int a, t_size = 0;
IntPtr handle = new IntPtr();
ReadWriteAPI.MemAttribute mematt = new ReadWriteAPI.MemAttribute();
t_size = Size;
if (ProcessID == -1) //-1读取自进程
{
handle = ProcessAPI.GetCurrentProcess();
}
else
{
handle = ProcessAPI.OpenProcess(ReadWriteAPI.PROCESS_ALL_ACCESS, false, ProcessID); //获取句柄
}
if (t_size == 0) //大小为0智能读取
{
ReadWriteAPI.VirtualQueryEx(handle, Address, mematt, 28);
t_size = mematt.Size + mematt.RegBaseAdd - (int)Address;
}
byte[] temp = new byte[t_size];
a = ReadWriteAPI.ReadProcessMemory(handle, Address, temp, t_size, 0);
ProcessAPI.CloseHandle(handle); //关闭对象
if (a != 0)
{
return(temp);
}
else
{
byte[] falsedata = new byte[1]; //失败返回空字节集
return(falsedata);
}
}