/// <summary>
/// Initializes core components.
/// </summary>
private void Initialize(Process process)
{
// get process info
Process = process;
ProcessHandle = Kernel32.OpenProcess(ProcessAccessFlags.All, false, (uint)Process.Id);
MainThreadId = User32.GetWindowThreadProcessId(Process.MainWindowHandle);
MainThreadHandle = Kernel32.OpenThread(ThreadAccessFlags.All, false, MainThreadId);
ModuleContext = new ModuleAddressContext(ImageBaseAddress, ProcessBaseAddress, (uint)Process.MainModule.ModuleMemorySize);
// look away! - get original image base address and build time from PE header - http://blogs.msdn.com/b/kstanton/archive/2004/03/31/105060.aspx
using (FileStream fs = new FileStream(Process.MainModule.FileName, FileMode.Open, FileAccess.Read, FileShare.ReadWrite))
using (BinaryReader br = new BinaryReader(fs))
{
fs.Position = Marshal.OffsetOf(typeof(ImageDosHeader), nameof(ImageDosHeader.e_lfanew)).ToInt32();
int ntHeaderOffset = br.ReadInt32();
int fileHeaderOffset = Marshal.OffsetOf(typeof(ImageNtHeaders32), nameof(ImageNtHeaders32.FileHeader)).ToInt32();
fs.Position = ntHeaderOffset + fileHeaderOffset + Marshal.OffsetOf(typeof(ImageFileHeader32), nameof(ImageFileHeader32.TimeDateStamp)).ToInt32();
Version = (GameVersion)br.ReadUInt32();
int fileHeaderSize = Marshal.SizeOf(typeof(ImageFileHeader32));
int imageBaseOffset = Marshal.OffsetOf(typeof(ImageOptionalHeader32), nameof(ImageOptionalHeader32.ImageBase)).ToInt32();
fs.Position = ntHeaderOffset + fileHeaderOffset + fileHeaderSize + imageBaseOffset;
ImageBaseAddress = br.ReadUInt32();
}
// initialize access to various sub-systems
Memory = new ProcessStream(ProcessHandle);
TlsAddress = GetTlsAddress(MainThreadHandle);
TagCache = new TagCache(this);
Addresses = new GameAddresses(this);
}
/// <summary>
/// Initializes core components.
/// </summary>
private void Initialize()
{
// get process info
Process = GetProcessByName(Name);
ProcessHandle = Kernel32.OpenProcess(ProcessAccessFlags.All, false, (uint)Process.Id);
MainThreadId = User32.GetWindowThreadProcessId(Process.MainWindowHandle);
MainThreadHandle = Kernel32.OpenThread(ThreadAccessFlags.All, false, MainThreadId);
// look away! - get original image base address and build time from PE header - http://blogs.msdn.com/b/kstanton/archive/2004/03/31/105060.aspx
using (FileStream fs = new FileStream(Process.MainModule.FileName, FileMode.Open, FileAccess.Read, FileShare.ReadWrite))
using (BinaryReader br = new BinaryReader(fs))
{
fs.Position = Marshal.OffsetOf(typeof(ImageDosHeader), nameof(ImageDosHeader.e_lfanew)).ToInt32();
int ntHeaderOffset = br.ReadInt32();
int fileHeaderOffset = Marshal.OffsetOf(typeof(ImageNtHeaders32), nameof(ImageNtHeaders32.FileHeader)).ToInt32();
fs.Position = ntHeaderOffset + fileHeaderOffset + Marshal.OffsetOf(typeof(ImageFileHeader32), nameof(ImageFileHeader32.TimeDateStamp)).ToInt32();
DateTime unixEpoch = new DateTime(1970, 1, 1);
BuildDate = unixEpoch + new TimeSpan(br.ReadUInt32() * TimeSpan.TicksPerSecond);
int fileHeaderSize = Marshal.SizeOf(typeof(ImageFileHeader32));
int imageBaseOffset = Marshal.OffsetOf(typeof(ImageOptionalHeader32), nameof(ImageOptionalHeader32.ImageBase)).ToInt32();
fs.Position = ntHeaderOffset + fileHeaderOffset + fileHeaderSize + imageBaseOffset;
ImageBaseAddress = br.ReadUInt32();
}
if (Version == GameVersion.Unknown)
throw new NotSupportedException("Unknown game version.");
// initialize access to various sub-systems
ProcessAddress.Initialize(ImageBaseAddress, ProcessBaseAddress);
Memory = new ProcessMemoryStream(ProcessHandle);
TlsAddress = GetTlsAddress(MainThreadHandle);
TagCache = new TagCache(this);
Addresses = new GameAddresses(this);
}
/// <summary>
/// Initializes core components.
/// </summary>
private void Initialize(Process process)
{
// get process info
Process = process;
ProcessHandle = Kernel32.OpenProcess(ProcessAccessFlags.All, false, (uint)Process.Id);
MainThreadId = User32.GetWindowThreadProcessId(Process.MainWindowHandle);
MainThreadHandle = Kernel32.OpenThread(ThreadAccessFlags.All, false, MainThreadId);
ModuleContext = new ModuleAddressContext(ImageBaseAddress, ProcessBaseAddress, (uint)Process.MainModule.ModuleMemorySize);
// look away! - get original image base address and build time from PE header - http://blogs.msdn.com/b/kstanton/archive/2004/03/31/105060.aspx
using (FileStream fs = new FileStream(Process.MainModule.FileName, FileMode.Open, FileAccess.Read, FileShare.ReadWrite))
using (BinaryReader br = new BinaryReader(fs))
{
fs.Position = Marshal.OffsetOf(typeof(ImageDosHeader), nameof(ImageDosHeader.e_lfanew)).ToInt32();
int ntHeaderOffset = br.ReadInt32();
int fileHeaderOffset = Marshal.OffsetOf(typeof(ImageNtHeaders32), nameof(ImageNtHeaders32.FileHeader)).ToInt32();
fs.Position = ntHeaderOffset + fileHeaderOffset + Marshal.OffsetOf(typeof(ImageFileHeader32), nameof(ImageFileHeader32.TimeDateStamp)).ToInt32();
Version = (GameVersion)br.ReadUInt32();
int fileHeaderSize = Marshal.SizeOf(typeof(ImageFileHeader32));
int imageBaseOffset = Marshal.OffsetOf(typeof(ImageOptionalHeader32), nameof(ImageOptionalHeader32.ImageBase)).ToInt32();
fs.Position = ntHeaderOffset + fileHeaderOffset + fileHeaderSize + imageBaseOffset;
ImageBaseAddress = br.ReadUInt32();
}
// initialize access to various sub-systems
Memory = new ProcessStream(ProcessHandle);
TlsAddress = GetTlsAddress(MainThreadHandle);
TagCache = new TagCache(this);
Addresses = new GameAddresses(this);
}