public static bool ExcuteRemoteFunction(int processId, IntPtr lpFuncAddress, byte[] param)
{
var hndProc = ProcessAPI.OpenProcess(
ProcessAPI.ProcessAccessFlags.CreateThread | ProcessAPI.ProcessAccessFlags.VirtualMemoryOperation |
ProcessAPI.ProcessAccessFlags.VirtualMemoryRead | ProcessAPI.ProcessAccessFlags.VirtualMemoryWrite
| ProcessAPI.ProcessAccessFlags.QueryInformation
, true, processId);
if (hndProc == IntPtr.Zero)
{
return(false);
}
var lpAddress = MemoryAPI.VirtualAllocEx(hndProc, (IntPtr)null, (IntPtr)param.Length, (0x1000 | 0x2000), 0X40);
if (lpAddress == IntPtr.Zero)
{
ProcessAPI.CloseHandle(hndProc);
return(false);
}
if (MemoryAPI.WriteProcessMemory(hndProc, lpAddress, param, (uint)param.Length, 0) == 0)
{
ProcessAPI.CloseHandle(hndProc);
return(false);
}
if (ProcessAPI.CreateRemoteThread(hndProc, (IntPtr)null, IntPtr.Zero, lpFuncAddress, lpAddress, 0, (IntPtr)null) == IntPtr.Zero)
{
ProcessAPI.CloseHandle(hndProc);
return(false);
}
return(true);
}
public static IntPtr CopyToRemoteMemory(IntPtr hndProc, byte[] data)
{
var lpAddress = MemoryAPI.VirtualAllocEx(hndProc, (IntPtr)null, (IntPtr)data.Length, (0x1000 | 0x2000), 0X40);
if (lpAddress == IntPtr.Zero)
{
return(IntPtr.Zero);
}
if (MemoryAPI.WriteProcessMemory(hndProc, lpAddress, data, (uint)data.Length, 0) == 0)
{
return(IntPtr.Zero);
}
return(lpAddress);
}