示例#1
0
 private void GatherModules()
 {
     modules = new Dictionary <string, ModuleEntry>();
     foreach (var module in process.GetModules())
     {
         modules[module.Path.ToLowerInvariant()] = module;
     }
 }
示例#2
0
        private Program(string[] args)
        {
            executableName = args[0];

            using (var snap = new Toolhelp32Snapshot(Toolhelp32SnapshotFlags.Process)) {
                var procEntry = snap.GetProcesses().FirstOrDefault(p => p.Executable == executableName);

                if (procEntry is null)
                {
                    throw new ProcessNotFoundException();
                }

                process = procEntry.Open(ProcessAccessRights.VMOperation | ProcessAccessRights.VMRead | ProcessAccessRights.Synchronize | ProcessAccessRights.QueryInformation);
            }
            ModuleEntry mainModule = process.GetModules().First(m => m.Name == executableName);

            string pdbPath = mainModule.Path.Replace(".exe", ".pdb");

            resolver = new SymbolResolver();
            resolver.AddPdb(pdbPath, mainModule.BaseAddress);
            memoryReader = new LiveProcessMemoryAccessor(process);
        }