/// <summary>
/// 失败返回-1
/// </summary>
/// <param name="ctx"></param>
/// <param name="aob"></param>
/// <returns></returns>
public static (long, long) Aobscan(long handle, byte[] aob, Func <long, bool> matchValidator, long blockToStart = 0)
{
long i = blockToStart;
while (i < long.MaxValue)
{
int flag = NativeFunctions.VirtualQueryEx(handle, i, out NativeFunctions.MEMORY_BASIC_INFORMATION mbi, NativeFunctions.MEMORY_BASIC_INFORMATION_SIZE);
if (flag != NativeFunctions.MEMORY_BASIC_INFORMATION_SIZE)
{
break;
}
if (mbi.RegionSize <= 0)
{
break;
}
if (mbi.State != (int)NativeFunctions.AllocationType.Commit)
{
i = mbi.BaseAddress + mbi.RegionSize;
continue;
}
Console.Write($"\rscanning {mbi.BaseAddress:x}...");
byte[] va = new byte[mbi.RegionSize];
NativeFunctions.ReadProcessMemory(handle, mbi.BaseAddress, va, mbi.RegionSize, 0);
long r = Memmem(va, mbi.RegionSize, aob, aob.Length, r => matchValidator(mbi.BaseAddress + r));
//long r = KMP.IndexOf(va, aob);
if (r >= 0)
{
return(mbi.BaseAddress + r, i);
}
i = mbi.BaseAddress + mbi.RegionSize;
}
return(-1, -1);
}
