//The memory scan method for the 32 bit values.
private void Int32Scaner(object int32Object)
{
//The difference of scan start point in all loops except first loop,
//that doesn't have any difference, is type's Bytes count minus 1.
int arraysDifference = Int32BytesCount - 1;
//Get the int value out of the object to look for it.
Int32 int32Value = (Int32)int32Object;
//Define a List object to hold the found memory addresses.
List<int> finalList = new List<int>();
//Open the pocess to read the memory.
reader.OpenProcess();
//Create a new instant of the ScanProgressEventArgs class to be used to raise the
//ScanProgressed event and pass the percentage of scan, during the scan progress.
ScanProgressChangedEventArgs scanProgressEventArgs;
//Calculate the size of memory to scan.
int memorySize = (int)((int)lastAddress - (int)baseAddress);
//If more that one block of memory is requered to be read,
if (memorySize >= ReadStackSize)
{
//Count of loops to read the memory blocks.
int loopsCount = memorySize / ReadStackSize;
//Look to see if there is any other bytes let after the loops.
int outOfBounds = memorySize % ReadStackSize;
//Set the currentAddress to first address.
int currentAddress = (int)baseAddress;
//This will be used to check if any bytes have been read from the memory.
int bytesReadSize;
//Set the size of the bytes blocks.
int bytesToRead = ReadStackSize;
//An array to hold the bytes read from the memory.
byte[] array;
//Progress percentage.
int progress;
for (int i = 0; i < loopsCount; i++)
{
//Calculte and set the progress percentage.
progress = (int)(((double)(currentAddress - (int)baseAddress) / (double)memorySize) * 100d);
//Prepare and set the ScanProgressed event and raise the event.
scanProgressEventArgs = new ScanProgressChangedEventArgs(progress);
ScanProgressChanged(this, scanProgressEventArgs);
//Read the bytes from the memory.
array = reader.ReadProcessMemory((IntPtr)currentAddress, (uint)bytesToRead, out bytesReadSize);
//If any byte is read from the memory (there has been any bytes in the memory block),
if (bytesReadSize > 0)
{
//Loop through the bytes one by one to look for the values.
for (int j = 0; j < array.Length - arraysDifference; j++)
{
//If any value is equal to what we are looking for,
if (BitConverter.ToInt32(array, j) == int32Value)
{
//add it's memory address to the finalList.
finalList.Add(j + (int)currentAddress);
}
}
}
//Move currentAddress after the block already scaned, but
//move it back some steps backward (as much as arraysDifference)
//to avoid loosing any values at the end of the array.
currentAddress += array.Length - arraysDifference;
//Set the size of the read block, bigger, to the steps backward.
//Set the size of the read block, to fit the back steps.
bytesToRead = ReadStackSize + arraysDifference;
}
//If there is any more bytes than the loops read,
if (outOfBounds > 0)
{
//Read the additional bytes.
byte[] outOfBoundsBytes = reader.ReadProcessMemory((IntPtr)currentAddress, (uint)((int)lastAddress - currentAddress), out bytesReadSize);
//If any byte is read from the memory (there has been any bytes in the memory block),
if (bytesReadSize > 0)
{
//Loop through the bytes one by one to look for the values.
for (int j = 0; j < outOfBoundsBytes.Length - arraysDifference; j++)
{
//If any value is equal to what we are looking for,
if (BitConverter.ToInt32(outOfBoundsBytes, j) == int32Value)
{
//add it's memory address to the finalList.
finalList.Add(j + (int)currentAddress);
}
}
}
}
}
//If the block could be read in just one read,
else
{
//Calculate the memory block's size.
int blockSize = memorySize % ReadStackSize;
//Set the currentAddress to first address.
int currentAddress = (int)baseAddress;
//Holds the count of bytes read from the memory.
int bytesReadSize;
//If the memory block can contain at least one 32 bit variable.
if (blockSize > Int32BytesCount)
{
//Read the bytes to the array.
byte[] array = reader.ReadProcessMemory((IntPtr)currentAddress, (uint)blockSize, out bytesReadSize);
//If any byte is read,
if (bytesReadSize > 0)
{
//Loop through the array to find the values.
for (int j = 0; j < array.Length - arraysDifference; j++)
{
//If any value equals the value we are looking for,
if (BitConverter.ToInt32(array, j) == int32Value)
{
//add it to the finalList.
finalList.Add(j + (int)currentAddress);
}
}
}
}
}
//Close the handle to the process to avoid process errors.
reader.CloseHandle();
//Prepare the ScanProgressed and set the progress percentage to 100% and raise the event.
scanProgressEventArgs = new ScanProgressChangedEventArgs(100);
ScanProgressChanged(this, scanProgressEventArgs);
//Prepare and raise the ScanCompleted event.
ScanCompletedEventArgs scanCompleteEventArgs = new ScanCompletedEventArgs(finalList.ToArray());
ScanCompleted(this, scanCompleteEventArgs);
}
//The memory scan method for the 64 bit values.
private void Int64Scaner(object int64Object)
{
//Get the long value out of the object to look for it.
Int64 int64Value = (Int64)int64Object;
//Define a List object to hold the found memory addresses.
List<int> finalList = new List<int>();
//Open the pocess to read the memory.
reader.OpenProcess();
//Create a new instant of the ScanProgressEventArgs class to be used to raise the
//ScanProgressed event and pass the percentage of scan, during the scan progress.
ScanProgressChangedEventArgs scanProgressEventArgs;
//Progress percentage.
int progress;
//This will be used to check if any bytes have been read from the memory.
int bytesReadSize;
//An array to hold the bytes read from the memory.
byte[] array;
for (int i = 0; i < addresses.Length; i++)
{
//Calculte and set the progress percentage.
progress = (int)(((double)i / (double)addresses.Length) * 100d);
//Prepare and set the ScanProgressed event and raise the event.
scanProgressEventArgs = new ScanProgressChangedEventArgs(progress);
ScanProgressChanged(this, scanProgressEventArgs);
//Read the bytes from the memory.
array = reader.ReadProcessMemory((IntPtr)addresses[i], Int64BytesCount, out bytesReadSize);
//If any byte is read from the memory (there has been any bytes in the memory block),
if (bytesReadSize > 0)
{
//If any value is equal to what we are looking for,
if (BitConverter.ToInt64(array, 0) == int64Value)
{
//add it's memory address to the finalList.
finalList.Add(addresses[i]);
}
}
}
//Close the handle to the process to avoid process errors.
reader.CloseHandle();
//Prepare the ScanProgressed and set the progress percentage to 100% and raise the event.
scanProgressEventArgs = new ScanProgressChangedEventArgs(100);
ScanProgressChanged(this, scanProgressEventArgs);
//Prepare and raise the ScanCompleted event.
ScanCompletedEventArgs scanCompleteEventArgs = new ScanCompletedEventArgs(finalList.ToArray());
ScanCompleted(this, scanCompleteEventArgs);
}