/// <summary>Close access to the process and release the handle</summary>
public void Close()
{
if (m_hpid == IntPtr.Zero)
{
return;
}
ProcessMemoryReaderApi.CloseHandle(m_hpid);
m_hpid = IntPtr.Zero;
}
private bool GetModuleInfo(uint PID, string ModuleName, out MODULEENTRY32 ModuleInfo)
{
ModuleInfo = default(MODULEENTRY32);
//Take a snapshot of the module list
IntPtr hModuleList = CreateToolhelp32Snapshot(SnapshotFlags.Module | SnapshotFlags.Module32, PID);
if (hModuleList == IntPtr.Zero)
{
return(false);
}
try
{
MODULEENTRY32 me32 = new MODULEENTRY32();
me32.dwSize = (uint)Marshal.SizeOf(typeof(MODULEENTRY32));
//Set cursor at the start and grab the info
if (!Module32First(hModuleList, ref me32))
{
return(false);
}
ProcessModuleCollection progMods = System.Diagnostics.Process.GetProcessById((int)m_pid).Modules;
foreach (ProcessModule module in progMods)
{
if (module.ModuleName == ReadProcess.MainModule.ModuleName)
{
ModuleInfo = me32;
return(true);
}
Module32Next(hModuleList, ref me32);
}
}
finally
{
//gets fired even if return is used
ProcessMemoryReaderApi.CloseHandle(hModuleList);
}
return(false);
}
private static IntPtr GetModuleBase(uint PID, string ModuleName)
{
//Take a snapshot of the module list
IntPtr hModuleList = CreateToolhelp32Snapshot(SnapshotFlags.Module | SnapshotFlags.Module32, PID);
if (hModuleList == IntPtr.Zero)
{
return(IntPtr.Zero);
}
try
{
MODULEENTRY32 me32 = new MODULEENTRY32();
me32.dwSize = (uint)Marshal.SizeOf(typeof(MODULEENTRY32));
//Set cursor at the start and grab the info
if (!Module32First(hModuleList, ref me32))
{
return(IntPtr.Zero);
}
//If the module matches our target, use its baseaddress. Otherwise, grab the next module in the list
do
{
if (me32.szModule == ModuleName)
{
return(me32.modBaseAddr);
}
} while (Module32Next(hModuleList, ref me32));
}
finally
{
//gets fired even if return is used
ProcessMemoryReaderApi.CloseHandle(hModuleList);
}
return(IntPtr.Zero);
}
