C# (CSharp) SigmaTestLoader.CommonUtils NativeImport示例

编程语言: C# (CSharp)

命名空间/包名称: SigmaTestLoader.CommonUtils

类/类型: NativeImport

hotexamples.com的示例: 7

C# (CSharp) SigmaTestLoader.CommonUtils NativeImport - 已找到7个示例。这些是从开源项目中提取的最受好评的SigmaTestLoader.CommonUtils.NativeImport现实C# (CSharp)示例。您可以评价示例，以帮助我们提高示例质量。

常用方法

显示隐藏

CreateRemoteThread(2)

GetProcAddress(2)

LoadLibrary(2)

GetExitCodeThread(1)

IsWow64Process(1)

VirtualAllocEx(1)

WaitForSingleObject(1)

WriteProcessMemory(1)

示例#1

显示文件

        private bool WriteProcessMemory(IntPtr Pointer, byte[] BytesToWrite)
        {
            IntPtr nBytes;

            return(NativeImport.WriteProcessMemory(LoadedProcess.Handle, Pointer, BytesToWrite,
                                                   BytesToWrite.Length, out nBytes));
        }

示例#2

显示文件

        private IntPtr CallMethod(IntPtr ptr, IntPtr arg)
        {
            IntPtr hThreadId;
            var    hThread = NativeImport.CreateRemoteThread(LoadedProcess.Handle, IntPtr.Zero, 0,
                                                             ptr, arg, 0, out hThreadId);

            return(hThread);
        }

示例#3

显示文件

        internal void LoadAndCallMethod(string Library, string MethodName)
        {
            PerformValidationCheck(Library);

            var LoadedLibraryPTR            = Load(Library);
            var LibraryToLoadCurrentProcPTR = NativeImport.LoadLibrary(Library);
            var PTRToMethod = NativeImport.GetProcAddress(LibraryToLoadCurrentProcPTR, MethodName);

            CallMethod(PTRToMethod, IntPtr.Zero);
        }

示例#4

显示文件

        private int CallLoadLibraryA(IntPtr PointerToArg)
        {
            IntPtr hThreadId;
            var    hThread = NativeImport.CreateRemoteThread(LoadedProcess.Handle, IntPtr.Zero, 0, LoadLibraryPTR, PointerToArg, 0, out hThreadId);

            NativeImport.WaitForSingleObject(hThread, unchecked ((uint)-1));
            uint exitCode;

            NativeImport.GetExitCodeThread(hThread, out exitCode);
            return((int)exitCode);
        }

示例#5

显示文件

        internal Loader(string ProcessName)
        {
            try { LoadedProcess = Process.GetProcessesByName(ProcessName).First(); }
            catch (Exception)
            {
                Console.WriteLine($"Could Not Find Process: {ProcessName}");
                Console.Read();
                Environment.Exit(0);
            }

            Kernel32PTR    = NativeImport.LoadLibrary("kernel32");
            LoadLibraryPTR = NativeImport.GetProcAddress(Kernel32PTR, "LoadLibraryA");
        }

示例#6

显示文件

        private bool IsLoadedProcessX64()
        {
            if (!Environment.Is64BitOperatingSystem)
            {
                return(false);
            }

            bool isWow64;

            if (!NativeImport.IsWow64Process(LoadedProcess.Handle, out isWow64))
            {
                isWow64 = false;
            }

            return(!isWow64);
        }

示例#7

显示文件

 private IntPtr VirtualAllocEx(int size)
 {
     return(NativeImport.VirtualAllocEx(LoadedProcess.Handle, IntPtr.Zero, (IntPtr)size,
                                        Enums.AllocationType.Commit | Enums.AllocationType.Reserve,
                                        Enums.MemoryProtection.ExecuteReadWrite));
 }