public void PersistHandleMap(HandleEntryMap source, string fileName) { byte[] bytesToCompress = Encoding.UTF8.GetBytes(JsonConvert.SerializeObject(source)); using (FileStream fileToCompress = File.Create(fileName)) using (GZipStream compressionStream = new GZipStream(fileToCompress, CompressionMode.Compress)) { compressionStream.Write(bytesToCompress, 0, bytesToCompress.Length); } }
public List <HandleTableEntry> Run() { List <HandleTableEntry> results = new List <HandleTableEntry>(); // first let's see if it already exists string filename = "handles_" + _pid.ToString() + ".gz"; FileInfo cachedFile = new FileInfo(_dataProvider.CacheFolder + "\\" + filename); if (cachedFile.Exists && !_dataProvider.IsLive) { HandleEntryMap hem = RetrieveHandleMap(cachedFile); if (hem != null) { _handleEntryMap = hem; return(_handleEntryMap.HandleRecords); } } try { Debug.WriteLine("Handle Table Address: 0x" + _handleTableAddress.ToString("X")); HandleTable ht = new HandleTable(_profile, _dataProvider, _handleTableAddress); List <HandleTableEntry> records = EnumerateHandles(ht.TableStartAddress, ht.Level); foreach (HandleTableEntry e in records) { ulong pa = _dataProvider.ActiveAddressSpace.vtop(e.ObjectPointer); if (pa == 0) { continue; } results.Add(e); } } catch (Exception) { return(null); } if (!_dataProvider.IsLive && results.Count > 0) { _handleEntryMap = new HandleEntryMap(); _handleEntryMap.HandleRecords = results; PersistHandleMap(_handleEntryMap, _dataProvider.CacheFolder + "\\" + filename); } return(results); }