Don't like ads? PRO users don't see any ads ;-)
Public Pastes
Guest

Untitled

By: a guest on May 22nd, 2012  |  syntax: None  |  size: 4.48 KB  |  hits: 20  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1.  
  2.        
  3.    
  4.  
  5. using System;
  6. using System.Collections.Generic;
  7. using System.Linq;
  8. using System.Text;
  9. using System.Runtime;
  10. using System.Runtime.InteropServices;
  11. using System.Diagnostics;
  12.  
  13. namespace ConsoleApplication18  
  14. {
  15.     class Program
  16.     {
  17.         static void Main(string[] args)
  18.         {
  19.  
  20.             memory test = new memory();
  21.             int bytesread;
  22.             IntPtr H = test.open("Connector");
  23.             Process handle = Process.GetCurrentProcess();
  24.             int connector = 0x00400000;
  25.             IntPtr pb = (IntPtr) connector + 0x0021B9A0;
  26.             pb = test.pointer(H, pb, 0x2B4);
  27.             pb = test.pointer(H, pb, 0x790);
  28.             pb = test.pointer(H, pb, 0xac);
  29.             pb = test.pointer(H, pb, 0x3c);
  30.             pb = test.pointer(H, pb, 0x20);
  31.             byte[] oldIP = test.ReadMemoryAtAdress(H, pb, 31, out bytesread);
  32.             string IP = Encoding.ASCII.GetString(oldIP);
  33.             Console.WriteLine(IP);
  34.             ASCIIEncoding enc = new System.Text.ASCIIEncoding();
  35.             string nip = "j";
  36.             byte[] newIP = new byte[31] { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
  37.             enc.GetBytes(nip).CopyTo(newIP, 0);
  38.             test.WriteMemoryAtAdress(H, pb,newIP);
  39.  
  40.             Console.Read();
  41.         }
  42.  
  43.      
  44.     }
  45.  
  46.  
  47.  
  48.     class memory
  49.     {
  50.         [DllImport("kernel32.dll")]
  51.         public static extern IntPtr OpenProcess(UInt32 dwDesiredAccess, Int32 bInheritHandle, UInt32 dwProcessId);
  52.  
  53.  
  54.         [DllImport("kernel32.dll")]
  55.         public static extern Int32 CloseHandle(IntPtr hObject);
  56.  
  57.  
  58.         [DllImport("kernel32.dll")]
  59.         public static extern Int32 ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [In, Out] byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesRead);
  60.  
  61.  
  62.         [DllImport("kernel32.dll")]
  63.         public static extern Int32 WriteProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [In, Out] byte[] buffer, UInt32 size, out IntPtr lpNumberOfBytesWritten);
  64.  
  65.         [Flags]
  66.         public enum ProcessAccessType
  67.         {
  68.             PROCESS_TERMINATE = (0x0001),
  69.             PROCESS_CREATE_THREAD = (0x0002),
  70.             PROCESS_SET_SESSIONID = (0x0004),
  71.             PROCESS_VM_OPERATION = (0x0008),
  72.             PROCESS_VM_READ = (0x0010),
  73.             PROCESS_VM_WRITE = (0x0020),
  74.             PROCESS_DUP_HANDLE = (0x0040),
  75.             PROCESS_CREATE_PROCESS = (0x0080),
  76.             PROCESS_SET_QUOTA = (0x0100),
  77.             PROCESS_SET_INFORMATION = (0x0200),
  78.             PROCESS_QUERY_INFORMATION = (0x0400)
  79.         }
  80.  
  81.         public IntPtr open(string Name)
  82.         {
  83.             System.Diagnostics.Process[] myProgrammInstances;
  84.             ProcessAccessType myAccessFlags;
  85.             IntPtr handleProcess;
  86.             handleProcess = IntPtr.Zero;
  87.             myProgrammInstances = System.Diagnostics.Process.GetProcessesByName(Name);
  88.             myAccessFlags = ProcessAccessType.PROCESS_VM_READ
  89.                            | ProcessAccessType.PROCESS_VM_WRITE
  90.                            | ProcessAccessType.PROCESS_VM_OPERATION;
  91.  
  92.             return handleProcess = OpenProcess((uint)myAccessFlags, 1, (uint)myProgrammInstances[0].Id);
  93.         }
  94.  
  95.         public int close(IntPtr H)
  96.         {
  97.             return CloseHandle(H);
  98.         }
  99.  
  100.         public byte[] ReadMemoryAtAdress(IntPtr H,IntPtr MemoryAddress, uint bytesToRead, out int bytesRead)
  101.         {
  102.            byte[] buffer = new byte[bytesToRead];
  103.            IntPtr ptrBytesRead;
  104.            ReadProcessMemory(H, MemoryAddress, buffer, bytesToRead, out ptrBytesRead);
  105.           bytesRead = ptrBytesRead.ToInt32();
  106.           return buffer;
  107.         }
  108.  
  109.         public int WriteMemoryAtAdress(IntPtr H, IntPtr MemoryAddress, byte[] bytesToWrite)
  110.          {
  111.              IntPtr ptrBytesWritten;
  112.        
  113.              WriteProcessMemory(H, MemoryAddress, bytesToWrite, (uint)bytesToWrite.Length, out ptrBytesWritten);
  114.              return ptrBytesWritten.ToInt32();
  115.          }
  116.  
  117.         public IntPtr pointer(IntPtr H, IntPtr pointer, int offset = 0)
  118.         {
  119.  
  120.             byte[] buffer = new byte[4];
  121.  
  122.             IntPtr ptrBytesRead;
  123.  
  124.             int add;
  125.             int bytesRead;
  126.             ReadProcessMemory(H, pointer, buffer, 4, out ptrBytesRead);
  127.             bytesRead = ptrBytesRead.ToInt32();
  128.             add = BitConverter.ToInt32(buffer, 0);
  129.             return (IntPtr) add + offset;
  130.         }
  131.  
  132.     }
  133. }
create a new version of this paste RAW Paste Data