private static void *WriteMachineCode(void *processHandle, InjectionClrVersion clrVersion, string assemblyPath, string typeName, string methodName, string argument) { bool is64Bit; string clrVersionString; byte[] machineCode; void * pEnvironment; void * pCorBindToRuntimeEx; void * pCLRCreateInstance; if (!NativeProcess.Is64BitProcessInternal(processHandle, out is64Bit)) { return(null); } clrVersionString = clrVersion switch { InjectionClrVersion.V2 => CLR_V2, InjectionClrVersion.V4 => CLR_V4, _ => throw new ArgumentOutOfRangeException(nameof(clrVersion)), }; machineCode = GetMachineCodeTemplate(clrVersionString, assemblyPath, typeName, methodName, argument); pEnvironment = NativeProcess.AllocMemoryInternal(processHandle, 0x1000 + (argument is null ? 0 : (uint)argument.Length * 2 + 2), MemoryProtection.ExecuteReadWrite); if (pEnvironment == null) { return(null); } try { fixed(byte *p = machineCode) switch (clrVersion) { case InjectionClrVersion.V2: pCorBindToRuntimeEx = NativeModule.GetFunctionAddressInternal(processHandle, "mscoree.dll", "CorBindToRuntimeEx"); if (pCorBindToRuntimeEx == null) { return(null); } if (is64Bit) { WriteMachineCode64v2(p, (ulong)pEnvironment, (ulong)pCorBindToRuntimeEx); } else { WriteMachineCode32v2(p, (uint)pEnvironment, (uint)pCorBindToRuntimeEx); } break; case InjectionClrVersion.V4: pCLRCreateInstance = NativeModule.GetFunctionAddressInternal(processHandle, "mscoree.dll", "CLRCreateInstance"); if (pCLRCreateInstance == null) { return(null); } if (is64Bit) { WriteMachineCode64v4(p, (ulong)pEnvironment, (ulong)pCLRCreateInstance); } else { WriteMachineCode32v4(p, (uint)pEnvironment, (uint)pCLRCreateInstance); } break; } if (!NativeProcess.WriteBytesInternal(processHandle, pEnvironment, machineCode)) { return(null); } } catch { NativeProcess.FreeMemoryInternal(processHandle, pEnvironment); return(null); } return(pEnvironment); }
private static IntPtr WriteMachineCode(IntPtr processHandle, string clrVersion, string assemblyPath, string typeName, string methodName, string argument) { bool is64Bit; byte[] machineCode; IntPtr pEnvironment; IntPtr pCorBindToRuntimeEx; IntPtr pCLRCreateInstance; if (!NativeProcess.Is64BitProcessInternal(processHandle, out is64Bit)) { return(IntPtr.Zero); } machineCode = GetMachineCodeTemplate(clrVersion, assemblyPath, typeName, methodName, argument); pEnvironment = NativeProcess.AllocMemoryInternal(processHandle, 0x1000 + (argument == null ? 0 : (uint)argument.Length * 2 + 2), MemoryProtection.ExecuteReadWrite); if (pEnvironment == IntPtr.Zero) { return(IntPtr.Zero); } try { fixed(byte *p = machineCode) { switch (clrVersion) { case "v2.0.50727": pCorBindToRuntimeEx = NativeModule.GetFunctionAddressInternal(processHandle, "mscoree.dll", "CorBindToRuntimeEx"); if (pCorBindToRuntimeEx == IntPtr.Zero) { return(IntPtr.Zero); } if (is64Bit) { SetMachineCode64v2(p, (ulong)pEnvironment, (ulong)pCorBindToRuntimeEx); } else { SetMachineCode32v2(p, (uint)pEnvironment, (uint)pCorBindToRuntimeEx); } break; case "v4.0.30319": pCLRCreateInstance = NativeModule.GetFunctionAddressInternal(processHandle, "mscoree.dll", "CLRCreateInstance"); if (pCLRCreateInstance == IntPtr.Zero) { return(IntPtr.Zero); } if (is64Bit) { SetMachineCode64v4(p, (ulong)pEnvironment, (ulong)pCLRCreateInstance); } else { SetMachineCode32v4(p, (uint)pEnvironment, (uint)pCLRCreateInstance); } break; default: return(IntPtr.Zero); } } if (!NativeProcess.WriteBytesInternal(processHandle, pEnvironment, machineCode)) { return(IntPtr.Zero); } } catch { NativeProcess.FreeMemoryInternal(processHandle, pEnvironment); return(IntPtr.Zero); } return(pEnvironment); }