public static IntPtr GetPointerAddress(Process mainProcess, IntPtr baseAddress, Int64[] offsets) { ProcessMemoryReader reader = new ProcessMemoryReader(); reader.ReadProcess = mainProcess; reader.OpenProcess(); IntPtr curAdd = (IntPtr)ReadIntPtrAddress(reader, baseAddress); for (int i = 0; i < offsets.Length - 1; ++i) { curAdd = (IntPtr)ReadIntPtrAddress(reader, (IntPtr)((Int64)curAdd + offsets[i])); } curAdd = (IntPtr)((Int64)curAdd + offsets[offsets.Length - 1]); reader.CloseHandle(); return(curAdd); }
void ScanComplete() { ProcessMemoryReader reader = new ProcessMemoryReader(); reader.ReadProcess = mainProcess; UInt64 readSize = 4 * 4 * 4; byte[] readBuffer = new byte[readSize]; reader.OpenProcess(); Stopwatch sw = new Stopwatch(); sw.Start(); StartSending(); double frameDT = 0; while (!IsStopped) { try { //temp /* * //Loop until the StopWatch has exceeded updateDelay. This uses up all of the CPU time on this thread! * while (true) * { * frameDT = sw.Elapsed.TotalSeconds; * if (frameDT >= (updateDelay / 1000.0f)) * break; * }*/ //Instead; sleep by the remaining amount. This releases CPU time to the system. double lrSleepMS = (updateDelay - sw.Elapsed.TotalMilliseconds); if (lrSleepMS < 0) { //We overran! } else { if (lrSleepMS < 1f) { lrSleepMS = 1f; //do not allow strangling of the CPU } Thread.Sleep((int)lrSleepMS); } frameDT += sw.Elapsed.TotalSeconds;//this should hopefully just be exactly updateDelay * 1000 sw.Restart(); Int64 byteReadSize; reader.ReadProcessMemory((IntPtr)memoryAddress, readSize, out byteReadSize, readBuffer); if (byteReadSize == 0) { continue; } float[] floats = new float[4 * 4]; Buffer.BlockCopy(readBuffer, 0, floats, 0, readBuffer.Length); Matrix4x4 transform = new Matrix4x4(floats[0], floats[1], floats[2], floats[3] , floats[4], floats[5], floats[6], floats[7] , floats[8], floats[9], floats[10], floats[11] , floats[12], floats[13], floats[14], floats[15]); if (ProcessTransform(transform, (float)frameDT)) { //success! - reset DT frameDT = 0; } else { //duplicate data from WF - keep frameDT and accumlate } //debug // TrackedValues.Add((float)filteredData.gforce_longitudinal); updateDelay = (double)ui.SleepTime;//push this into the base class (todo, this not like this) } catch (Exception e) { Thread.Sleep(1000); } } reader.CloseHandle(); Console.WriteLine("Ending WreckFest Telemetry Provider"); StopSending(); // Thread.CurrentThread.Join();//this seems to crash everything Console.WriteLine("Closing WreckFest Telemetry Provider"); }
private void ByteArrayScanner(object _parameters) { ScanThreadParams parameters = (ScanThreadParams)_parameters; byte[] bytes = (byte[])parameters.target; int bytesCount = bytes.Length; //The difference of scan start point in all loops except first loop, //that doesn't have any difference, is type's Bytes count minus 1. int arraysDifference = bytesCount - 1; //prealloc buffer byte[] buffer = new byte[ReadStackSize + arraysDifference]; //Define a List object to hold the found memory addresses. List <Int64> finalList = new List <Int64>(); //Open the pocess to read the memory. reader.OpenProcess(); //Create a new instant of the ScanProgressEventArgs class to be used to raise the //ScanProgressed event and pass the percentage of scan, during the scan progress. ScanProgressChangedEventArgs scanProgressEventArgs; Int64 MaxAddress = (Int64)lastAddress;//last as in 'final' not as in 'previous' Int64 address = (Int64)startAddress; Int64 totalScanned = 0; do { uint infoSize = (uint)Marshal.SizeOf(typeof(ProcessMemoryReader.ProcessMemoryReaderApi.MEMORY_BASIC_INFORMATION64)); ProcessMemoryReader.ProcessMemoryReaderApi.MEMORY_BASIC_INFORMATION64 m = new ProcessMemoryReader.ProcessMemoryReaderApi.MEMORY_BASIC_INFORMATION64(); int result = ProcessMemoryReader.ProcessMemoryReaderApi.VirtualQueryEx(reader.ReadProcess.Handle, (IntPtr)address, out m, infoSize); if (result != infoSize) { int lastError = Marshal.GetLastWin32Error(); break; } // Console.WriteLine("{0}-{1} : {2} bytes {3}", m.BaseAddress.ToString("X"), ((uint)m.BaseAddress + (uint)m.RegionSize - 1).ToString("X"), m.RegionSize, m.State == (int)ProcessMemoryReader.ProcessMemoryReaderApi.InfoState.MEM_COMMIT ? "COMMIT" : "FREE"); //Start and end of this sub-scan startAddress = (IntPtr)(Int64)address;// m.BaseAddress; lastAddress = (IntPtr)((Int64)address + (Int64)m.RegionSize); //m.BaseAddress doesn't appear to be set, and baseAddress is a member of this class address = (Int64)m.BaseAddress + (Int64)m.RegionSize;//A better name is 'StartAddress' /* * if (!(m.State == (int)ProcessMemoryReader.ProcessMemoryReaderApi.InfoState.MEM_COMMIT && * (m.Type == (int)ProcessMemoryReader.ProcessMemoryReaderApi.InfoType.MEM_MAPPED || m.Type == (int)ProcessMemoryReader.ProcessMemoryReaderApi.InfoType.MEM_PRIVATE))) * continue; * */ if (m.State != (int)ProcessMemoryReader.ProcessMemoryReaderApi.InfoState.MEM_COMMIT) { continue; } totalScanned += (Int64)m.RegionSize; //Calculate the size of memory to scan. Int64 memorySize = (Int64)((Int64)lastAddress - (Int64)startAddress); bool found = false; //If more that one block of memory is requered to be read, if (memorySize >= ReadStackSize) { //Count of loops to read the memory blocks. Int64 loopsCount = memorySize / ReadStackSize; //Look to see if there is any other bytes let after the loops. Int64 outOfBounds = memorySize % ReadStackSize; if (outOfBounds != 0) { loopsCount++; } //Set the currentAddress to first address. Int64 currentAddress = (Int64)startAddress; //This will be used to check if any bytes have been read from the memory. Int64 bytesReadSize; //Set the size of the bytes blocks. Int64 bytesToRead = ReadStackSize; //An array to hold the bytes read from the memory. byte[] array; //Progress percentage. int progress; for (Int64 i = 0; i < loopsCount; i++) { if (found) { break; } //Calculate and set the progress percentage. progress = (int)(((double)(currentAddress - (Int64)startAddress) / (double)memorySize) * 100d); //Prepare and set the ScanProgressed event and raise the event. scanProgressEventArgs = new ScanProgressChangedEventArgs(progress, currentAddress); ScanProgressChanged(this, scanProgressEventArgs); //Read the bytes from the memory. reader.ReadProcessMemory((IntPtr)currentAddress, (UInt64)((i == loopsCount - 1) && outOfBounds != 0 ? outOfBounds : bytesToRead), out bytesReadSize, buffer); array = buffer; //If any byte is read from the memory (there has been any bytes in the memory block), if (bytesReadSize > 0) { //Loop through the bytes one by one to look for the values. for (Int64 j = 0; j < array.Length - arraysDifference; j++) { int matches = 0; for (Int64 b = 0; b < bytes.Length && (j + b) < array.Length - arraysDifference; b++) { if (bytes[b] != array[j + b]) { found = false; break; } else { matches++; } } if (matches == bytes.Length) { Debug.WriteLine("Found string: " + System.Text.Encoding.ASCII.GetString(array, (int)j, bytes.Length).Replace(Convert.ToChar(0x0).ToString(), " ")); finalList.Add(j + (Int64)currentAddress); Debug.Flush(); found = true; j += matches - 1; if (finalList.Count >= parameters.maxResults && parameters.maxResults != -1) { break; } } } } //Move currentAddress after the block already scaned, but //move it back some steps backward (as much as arraysDifference) //to avoid loosing any values at the end of the array. currentAddress += array.Length - arraysDifference; //Set the size of the read block, bigger, to the steps backward. //Set the size of the read block, to fit the back steps. bytesToRead = ReadStackSize + arraysDifference; if (found == true && finalList.Count >= parameters.maxResults && parameters.maxResults != -1) { break; } } /* * //If there is any more bytes than the loops read, * if (!found && outOfBounds > 0) * { * //Read the additional bytes. * reader.ReadProcessMemory((IntPtr)currentAddress, (UInt64)((Int64)lastAddress - currentAddress), out bytesReadSize, buffer); * byte[] outOfBoundsBytes = buffer; * * //If any byte is read from the memory (there has been any bytes in the memory block), * if (bytesReadSize > 0) * { * //Loop through the bytes one by one to look for the values. * for (Int64 j = 0; j < outOfBoundsBytes.Length - arraysDifference; j++) * { * int matches = 0; * for (Int64 b = 0; b < bytes.Length && (j + b) < outOfBoundsBytes.Length - arraysDifference; b++) * { * if (bytes[b] != outOfBoundsBytes[j + b]) * { * found = false; * break; * } * else * { * matches++; * } * } * * if (matches == bytes.Length) * { * finalList.Add(j + currentAddress); * j = j + b; * } * * } * } * } */ } //If the block could be read in just one read, else { //Calculate the memory block's size. Int64 blockSize = memorySize % ReadStackSize; //Set the currentAddress to first address. Int64 currentAddress = (Int64)startAddress; //Holds the count of bytes read from the memory. Int64 bytesReadSize; //If the memory block can contain at least one 64 bit variable. if (blockSize > bytesCount) { //Read the bytes to the array. reader.ReadProcessMemory((IntPtr)currentAddress, (UInt64)blockSize, out bytesReadSize, buffer); byte[] array = buffer; //If any byte is read, if (bytesReadSize > 0) { //Loop through the array to find the values. for (int j = 0; j < array.Length - arraysDifference; j++) { int matches = 0; for (int b = 0; b < bytes.Length && (j + b) < array.Length - arraysDifference; b++) { if (bytes[b] != array[j + b]) { found = false; break; } else { matches++; } } if (matches == bytes.Length) { Debug.WriteLine("Found string: " + System.Text.Encoding.ASCII.GetString(array, j, bytes.Length)); finalList.Add(j + currentAddress); Debug.Flush(); found = true; j += matches - 1; if (finalList.Count >= parameters.maxResults && parameters.maxResults != -1) { break; } } } } } } if (found == true && finalList.Count >= parameters.maxResults && parameters.maxResults != -1) { break; } } while (address <= MaxAddress); Console.WriteLine("Total Bytes Scanned = " + totalScanned); //Close the handle to the process to avoid process errors. reader.CloseHandle(); //Prepare the ScanProgressed and set the progress percentage to 100% and raise the event. scanProgressEventArgs = new ScanProgressChangedEventArgs(100, 0); ScanProgressChanged(this, scanProgressEventArgs); //Prepare and raise the ScanCompleted event. ScanCompletedEventArgs scanCompleteEventArgs = new ScanCompletedEventArgs(finalList.ToArray()); ScanCompleted(this, scanCompleteEventArgs); }
void ReadTelemetry() { ProcessMemoryReader reader = new ProcessMemoryReader(); reader.ReadProcess = mainProcess; UInt64 readSize = 4 * 4 * 4; byte[] readBuffer = new byte[readSize]; reader.OpenProcess(); StartSending(); Stopwatch sw = new Stopwatch(); sw.Start(); //read and process while (!IsStopped) { try { //dis is super accurate for timing float frameDT = 0; while (true) { frameDT = (float)sw.Elapsed.TotalSeconds; if (frameDT >= (updateDelay / 1000.0f)) { break; } } sw.Restart(); if (droppedSampleCount >= 100) { FindMatrixPointerAddress(); droppedSampleCount = 0; //Debug.WriteLine("Finding Pointer"); } Int64 byteReadSize; reader.ReadProcessMemory((IntPtr)matrixAddress, readSize, out byteReadSize, readBuffer); if (byteReadSize == 0) { FindMatrixPointerAddress(); droppedSampleCount = 0; //Debug.WriteLine("Finding Pointer"); continue; } float[] floats = new float[4 * 4]; Buffer.BlockCopy(readBuffer, 0, floats, 0, readBuffer.Length); Matrix4x4 trans = new Matrix4x4( floats[2], floats[1], floats[0], 0.0f , floats[6], floats[5], floats[4], 0.0f , floats[10], floats[9], floats[8], 0.0f , floats[14], floats[13], floats[12], 1.0f); ProcessSquadronsData(trans, frameDT); } catch (Exception e) { Thread.Sleep(1000); } } reader.CloseHandle(); StopSending(); Thread.CurrentThread.Join(); }
List <long> NarrowMemoryAddresses(long[] addresses) { if (addresses == null || addresses.Length == 0) { return(null); } List <long> returnList = new List <long>(); ProcessMemoryReader reader = new ProcessMemoryReader(); reader.ReadProcess = mainProcess; UInt64 readSize = ((4 * 4 * 4) * 3) + ((4 * 4 * 6) * 2); byte[] readBuffer = new byte[readSize]; reader.OpenProcess(); float[] floats = new float[4 * 4]; foreach (long address in addresses) { Int64 byteReadSize; reader.ReadProcessMemory((IntPtr)address, readSize, out byteReadSize, readBuffer); if (byteReadSize == 0) { continue; } Buffer.BlockCopy(readBuffer, 0, floats, 0, (4 * 4 * 4)); Vector3 r = new Vector3(floats[0], floats[1], floats[2]); Vector3 u = new Vector3(floats[4], floats[5], floats[6]); Vector3 f = new Vector3(floats[8], floats[9], floats[10]); float rl = r.Length(); float ul = u.Length(); float fl = f.Length(); float minVal = 0.9f; float maxVal = 1.1f; if (rl >= minVal && rl <= maxVal && ul >= minVal && ul <= maxVal && fl >= minVal && fl <= maxVal) { byte[] a = readBuffer.Take((4 * 4 * 4)).ToArray(); byte[] b = readBuffer.Skip((4 * 4 * 4) + (4 * 4 * 6)).Take((4 * 4 * 4)).ToArray(); byte[] c = readBuffer.Skip(((4 * 4 * 4) + (4 * 4 * 6)) * 2).Take((4 * 4 * 4)).ToArray(); if (ArraysEqual(a, b)) { if (ArraysEqual(a, c)) { returnList.Add(address); } } } } reader.CloseHandle(); return(returnList); }
void ReadTelemetry() { ProcessMemoryReader reader = new ProcessMemoryReader(); reader.ReadProcess = mainProcess; UInt64 wheelGroupReadSize = (UInt64)Marshal.SizeOf(typeof(WRCWheelGroupData)); byte[] wheelGroupReadBuffer = new byte[wheelGroupReadSize]; reader.OpenProcess(); StartSending(); Stopwatch sw = new Stopwatch(); sw.Start(); //read and process while (!IsStopped) { try { //dis is super accurate for timing double frameDT = 0; while (true) { frameDT = sw.Elapsed.TotalSeconds; if (frameDT >= (updateDelay / 1000.0f)) { break; } } sw.Restart(); // mainProcess.Suspend(); if (droppedSampleCount >= 100) { FindWheelGroupPointerAddress(); droppedSampleCount = 0; Debug.WriteLine("Finding Pointer"); } Int64 byteReadSize; reader.ReadProcessMemory((IntPtr)wheelGroupMemoryAddress, wheelGroupReadSize, out byteReadSize, wheelGroupReadBuffer); // mainProcess.Resume(); if (byteReadSize == 0) { FindWheelGroupPointerAddress(); droppedSampleCount = 0; Debug.WriteLine("Finding Pointer"); continue; } var alloc = GCHandle.Alloc(wheelGroupReadBuffer, GCHandleType.Pinned); wheelsGroupData = (WRCWheelGroupData)Marshal.PtrToStructure(alloc.AddrOfPinnedObject(), typeof(WRCWheelGroupData)); alloc.Free(); ProcessWRCData((float)frameDT); } catch (Exception e) { Thread.Sleep(1000); } } reader.CloseHandle(); StopSending(); Thread.CurrentThread.Join(); }
void ScanComplete() { ProcessMemoryReader reader = new ProcessMemoryReader(); reader.ReadProcess = mainProcess; UInt64 readSize = 4 * 4 * 4; byte[] readBuffer = new byte[readSize]; reader.OpenProcess(); Stopwatch sw = new Stopwatch(); sw.Start(); StartSending(); while (!IsStopped) { try { double frameDT = 0; while (true) { frameDT = sw.Elapsed.TotalSeconds; if (frameDT >= (updateDelay / 1000.0f)) { break; } } sw.Restart(); Int64 byteReadSize; reader.ReadProcessMemory((IntPtr)memoryAddress, readSize, out byteReadSize, readBuffer); if (byteReadSize == 0) { continue; } float[] floats = new float[4 * 4]; Buffer.BlockCopy(readBuffer, 0, floats, 0, readBuffer.Length); Matrix4x4 transform = new Matrix4x4(floats[0], floats[1], floats[2], floats[3] , floats[4], floats[5], floats[6], floats[7] , floats[8], floats[9], floats[10], floats[11] , floats[12], floats[13], floats[14], floats[15]); ProcessTransform(transform, (float)frameDT); } catch (Exception e) { Thread.Sleep(1000); } } reader.CloseHandle(); StopSending(); Thread.CurrentThread.Join(); }