API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 31st, 2015
216
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 5.04 KB | None | 0 0
raw download clone embed print report
  1. Option Strict On
  2.  
  3. Imports System.Runtime.InteropServices
  4. Imports System.Text
  5.  
  6. Module MemoryModule
  7. <DllImport("kernel32.dll")> _
  8. Private Function OpenProcess(ByVal dwDesiredAccess As UInteger, <MarshalAs(UnmanagedType.Bool)> ByVal bInheritHandle As Boolean, ByVal dwProcessId As Integer) As IntPtr
  9. End Function
  10.  
  11. <DllImport("kernel32.dll", SetLastError:=True)> _
  12. Private Function WriteProcessMemory(ByVal hProcess As IntPtr, ByVal lpBaseAddress As IntPtr, ByVal lpBuffer As Byte(), ByVal nSize As IntPtr, <Out()> ByRef lpNumberOfBytesWritten As IntPtr) As Boolean
  13. End Function
  14.  
  15. <DllImport("kernel32.dll", SetLastError:=True)> _
  16. Private Function ReadProcessMemory(ByVal hProcess As IntPtr, ByVal lpBaseAddress As IntPtr, <Out()> ByVal lpBuffer() As Byte, ByVal dwSize As IntPtr, ByRef lpNumberOfBytesRead As IntPtr) As Boolean
  17. End Function
  18.  
  19. <DllImport("kernel32.dll", SetLastError:=True)>
  20. Private Function CloseHandle(ByVal hObject As IntPtr) As <MarshalAs(UnmanagedType.Bool)> Boolean
  21. End Function
  22.  
  23. Private Const PROCESS_VM_WRITE As UInteger = &H20
  24. Private Const PROCESS_VM_READ As UInteger = &H10
  25. Private Const PROCESS_VM_OPERATION As UInteger = &H8
  26. Private Const TargetProcess As String = "iw5sp"
  27. Private ProcessHandle As IntPtr = IntPtr.Zero
  28. Private LastKnownPID As Integer = -1
  29.  
  30. Public Function ReadMemory(Of T)(ByVal address As Integer) As T
  31. Return ReadMemory(Of T)(address, 0, False)
  32. End Function
  33.  
  34. Public Function ReadMemory(ByVal address As Integer, ByVal length As Integer) As Byte()
  35. Return ReadMemory(Of Byte())(address, length, False)
  36. End Function
  37.  
  38. Private Function ProcessIDExists(ByVal pID As Integer) As Boolean
  39. For Each p As Process In Process.GetProcessesByName(TargetProcess)
  40. If p.ID = pID Then Return True
  41. Next
  42. Return False
  43. End Function
  44.  
  45. Private Function UpdateProcessHandle() As Boolean
  46. If LastKnownPID = -1 OrElse Not ProcessIDExists(LastKnownPID) Then
  47. If ProcessHandle <> IntPtr.Zero Then CloseHandle(ProcessHandle)
  48. Dim p() As Process = Process.GetProcessesByName(TargetProcess)
  49. If p.Length = 0 Then Return False
  50. LastKnownPID = p(0).Id
  51. ProcessHandle = OpenProcess(PROCESS_VM_READ Or PROCESS_VM_WRITE Or PROCESS_VM_OPERATION, False, p(0).Id)
  52. If ProcessHandle = IntPtr.Zero Then Return False
  53. End If
  54. Return True
  55. End Function
  56.  
  57. Public Function ReadMemory(Of T)(ByVal address As Integer, ByVal length As Integer, ByVal unicodeString As Boolean) As T
  58. Dim buffer() As Byte
  59. If GetType(T) Is GetType(String) Then
  60. If unicodeString Then buffer = New Byte(length * 2 - 1) {} Else buffer = New Byte(length - 1) {}
  61. ElseIf GetType(T) Is GetType(Byte()) Then
  62. buffer = New Byte(length - 1) {}
  63. Else
  64. buffer = New Byte(Marshal.SizeOf(GetType(T)) - 1) {}
  65. End If
  66. If Not UpdateProcessHandle() Then Return Nothing
  67. Dim success As Boolean = ReadProcessMemory(ProcessHandle, New IntPtr(address), buffer, New IntPtr(buffer.Length), IntPtr.Zero)
  68. If Not success Then Return Nothing
  69. If GetType(T) Is GetType(Byte()) Then Return CType(CType(buffer, Object), T)
  70. If GetType(T) Is GetType(String) Then
  71. If unicodeString Then Return CType(CType(Encoding.Unicode.GetString(buffer), Object), T)
  72. Return CType(CType(Encoding.ASCII.GetString(buffer), Object), T)
  73. End If
  74. Dim gcHandle As GCHandle = gcHandle.Alloc(buffer, GCHandleType.Pinned)
  75. Dim returnObject As T
  76. returnObject = CType(Marshal.PtrToStructure(gcHandle.AddrOfPinnedObject, GetType(T)), T)
  77. gcHandle.Free()
  78. Return returnObject
  79. End Function
  80.  
  81. Private Function GetObjectBytes(ByVal value As Object) As Byte()
  82. If value.GetType() Is GetType(Byte()) Then Return CType(value, Byte())
  83. Dim buffer(Marshal.SizeOf(value) - 1) As Byte
  84. Dim ptr As IntPtr = Marshal.AllocHGlobal(buffer.Length)
  85. Marshal.StructureToPtr(value, ptr, True)
  86. Marshal.Copy(ptr, buffer, 0, buffer.Length)
  87. Marshal.FreeHGlobal(ptr)
  88. Return buffer
  89. End Function
  90.  
  91. Public Function WriteMemory(ByVal address As Integer, ByVal value As Object) As Boolean
  92. Return WriteMemory(address, value, False)
  93. End Function
  94.  
  95. Public Function WriteMemory(ByVal address As Integer, ByVal value As Object, ByVal unicode As Boolean) As Boolean
  96. If Not UpdateProcessHandle() Then Return False
  97. Dim buffer() As Byte
  98. If TypeOf value Is String Then
  99. If unicode Then buffer = Encoding.Unicode.GetBytes(value.ToString()) Else buffer = Encoding.ASCII.GetBytes(value.ToString())
  100. Else
  101. buffer = GetObjectBytes(value)
  102. End If
  103. Dim result As Boolean = WriteProcessMemory(ProcessHandle, New IntPtr(address), buffer, New IntPtr(buffer.Length), IntPtr.Zero)
  104. Return result
  105. End Function
  106. End Module
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!