Module MemoryModule<DllImport("kernel32.dll")> _Private Function OpenProcess

1. Module MemoryModule
2. <DllImport("kernel32.dll")> _
3. Private Function OpenProcess(ByVal dwDesiredAccess As UInteger, <MarshalAs(UnmanagedType.Bool)> ByVal bInheritHandle As Boolean, ByVal dwProcessId As Integer) As IntPtr
4. End Function
5.  
6. <DllImport("kernel32.dll", SetLastError:=True)> _
7. Private Function WriteProcessMemory(ByVal hProcess As IntPtr, ByVal lpBaseAddress As IntPtr, ByVal lpBuffer As Byte(), ByVal nSize As IntPtr, <Out()> ByRef lpNumberOfBytesWritten As IntPtr) As Boolean
8. End Function
9.  
10. <DllImport("kernel32.dll", SetLastError:=True)> _
11. Private Function ReadProcessMemory(ByVal hProcess As IntPtr, ByVal lpBaseAddress As IntPtr, <Out()> ByVal lpBuffer() As Byte, ByVal dwSize As IntPtr, ByRef lpNumberOfBytesRead As IntPtr) As Boolean
12. End Function
13.  
14. <DllImport("kernel32.dll", SetLastError:=True)>
15. Private Function CloseHandle(ByVal hObject As IntPtr) As <MarshalAs(UnmanagedType.Bool)> Boolean
16. End Function
17.  
18. Private Const PROCESS_VM_WRITE As UInteger = &H20
19. Private Const PROCESS_VM_READ As UInteger = &H10
20. Private Const PROCESS_VM_OPERATION As UInteger = &H8
21. Private TargetProcess As String = "TClient"
22. Private ProcessHandle As IntPtr = IntPtr.Zero
23. Private LastKnownPID As Integer = -1
24.  
25. Private Function ProcessIDExists(ByVal pID As Integer) As Boolean
26. For Each p As Process In Process.GetProcessesByName(TargetProcess)
27. If p.ID = pID Then Return True
28. Next
29. Return False
30. End Function
31.  
32. Public Sub SetProcessName(ByVal processName As String)
33. TargetProcess = processName
34. If ProcessHandle <> IntPtr.Zero Then CloseHandle(ProcessHandle)
35. LastKnownPID = -1
36. ProcessHandle = IntPtr.Zero
37. End Sub
38.  
39. Public Function GetCurrentProcessName() As String
40. Return TargetProcess
41. End Function
42.  
43. Public Function UpdateProcessHandle() As Boolean
44. If LastKnownPID = -1 OrElse Not ProcessIDExists(LastKnownPID) Then
45. If ProcessHandle <> IntPtr.Zero Then CloseHandle(ProcessHandle)
46. Dim p() As Process = Process.GetProcessesByName(TargetProcess)
47. If p.Length = 0 Then Return False
48. LastKnownPID = p(0).Id
49. ProcessHandle = OpenProcess(PROCESS_VM_READ Or PROCESS_VM_WRITE Or PROCESS_VM_OPERATION, False, p(0).Id)
50. If ProcessHandle = IntPtr.Zero Then Return False
51. End If
52. Return True
53. End Function
54.  
55. Public Function ReadMemory(Of T)(ByVal address As Object) As T
56. Return ReadMemory(Of T)(CLng(address))
57. End Function
58.  
59. Public Function ReadMemory(Of T)(ByVal address As Integer) As T
60. Return ReadMemory(Of T)(New IntPtr(address), 0, False)
61. End Function
62.  
63. Public Function ReadMemory(Of T)(ByVal address As Long) As T
64. Return ReadMemory(Of T)(New IntPtr(address), 0, False)
65. End Function
66.  
67. Public Function ReadMemory(Of T)(ByVal address As IntPtr) As T
68. Return ReadMemory(Of T)(address, 0, False)
69. End Function
70.  
71. Public Function ReadMemory(ByVal address As IntPtr, ByVal length As Integer) As Byte()
72. Return ReadMemory(Of Byte())(address, length, False)
73. End Function
74.  
75. Public Function ReadMemory(ByVal address As Integer, ByVal length As Integer) As Byte()
76. Return ReadMemory(Of Byte())(New IntPtr(address), length, False)
77. End Function
78.  
79. Public Function ReadMemory(ByVal address As Long, ByVal length As Integer) As Byte()
80. Return ReadMemory(Of Byte())(New IntPtr(address), length, False)
81. End Function
82.  
83. Public Function ReadMemory(Of T)(ByVal address As IntPtr, ByVal length As Integer, ByVal unicodeString As Boolean) As T
84. Dim buffer() As Byte
85. If GetType(T) Is GetType(String) Then
86. If unicodeString Then buffer = New Byte(length * 2 - 1) {} Else buffer = New Byte(length - 1) {}
87. ElseIf GetType(T) Is GetType(Byte()) Then
88. buffer = New Byte(length - 1) {}
89. Else
90. buffer = New Byte(Marshal.SizeOf(GetType(T)) - 1) {}
91. End If
92. If Not UpdateProcessHandle() Then Return Nothing
93. Dim success As Boolean = ReadProcessMemory(ProcessHandle, address, buffer, New IntPtr(buffer.Length), IntPtr.Zero)
94. If Not success Then Return Nothing
95. If GetType(T) Is GetType(Byte()) Then Return CType(CType(buffer, Object), T)
96. If GetType(T) Is GetType(String) Then
97. If unicodeString Then Return CType(CType(Encoding.Unicode.GetString(buffer), Object), T)
98. Return CType(CType(Encoding.ASCII.GetString(buffer), Object), T)
99. End If
100. Dim gcHandle As GCHandle = gcHandle.Alloc(buffer, GCHandleType.Pinned)
101. Dim returnObject As T = CType(Marshal.PtrToStructure(gcHandle.AddrOfPinnedObject, GetType(T)), T)
102. gcHandle.Free()
103. Return returnObject
104. End Function
105.  
106. Private Function GetObjectBytes(ByVal value As Object) As Byte()
107. If value.GetType() Is GetType(Byte()) Then Return CType(value, Byte())
108. Dim buffer(Marshal.SizeOf(value) - 1) As Byte
109. Dim ptr As IntPtr = Marshal.AllocHGlobal(buffer.Length)
110. Marshal.StructureToPtr(value, ptr, True)
111. Marshal.Copy(ptr, buffer, 0, buffer.Length)
112. Marshal.FreeHGlobal(ptr)
113. Return buffer
114. End Function
115.  
116. Public Function WriteMemory(Of T)(ByVal address As Object, ByVal value As T) As Boolean
117. Return WriteMemory(CLng(address), value)
118. End Function
119.  
120. Public Function WriteMemory(Of T)(ByVal address As Object, ByVal value As Object) As Boolean
121. Return WriteMemory(CLng(address), CType(value, T))
122. End Function
123.  
124. Public Function WriteMemory(Of T)(ByVal address As Integer, ByVal value As T) As Boolean
125. Return WriteMemory(New IntPtr(address), value)
126. End Function
127.  
128. Public Function WriteMemory(Of T)(ByVal address As Integer, ByVal value As Object) As Boolean
129. Return WriteMemory(address, CType(value, T))
130. End Function
131.  
132. Public Function WriteMemory(Of T)(ByVal address As Long, ByVal value As T) As Boolean
133. Return WriteMemory(New IntPtr(address), value)
134. End Function
135.  
136. Public Function WriteMemory(Of T)(ByVal address As Long, ByVal value As Object) As Boolean
137. Return WriteMemory(address, CType(value, T))
138. End Function
139.  
140. Public Function WriteMemory(Of T)(ByVal address As IntPtr, ByVal value As T) As Boolean
141. Return WriteMemory(address, value, False)
142. End Function
143.  
144. Public Function WriteMemory(Of T)(ByVal address As IntPtr, ByVal value As Object) As Boolean
145. Return WriteMemory(address, CType(value, T), False)
146. End Function
147.  
148. Public Function WriteMemory(Of T)(ByVal address As Object, ByVal value As T, ByVal unicode As Boolean) As Boolean
149. Return WriteMemory(CLng(address), value, unicode)
150. End Function
151.  
152. Public Function WriteMemory(Of T)(ByVal address As Integer, ByVal value As T, ByVal unicode As Boolean) As Boolean
153. Return WriteMemory(New IntPtr(address), value, unicode)
154. End Function
155.  
156. Public Function WriteMemory(Of T)(ByVal address As Long, ByVal value As T, ByVal unicode As Boolean) As Boolean
157. Return WriteMemory(New IntPtr(address), value, unicode)
158. End Function
159.  
160. Public Function WriteMemory(Of T)(ByVal address As IntPtr, ByVal value As T, ByVal unicode As Boolean) As Boolean
161. If Not UpdateProcessHandle() Then Return False
162. Dim buffer() As Byte
163. If TypeOf value Is String Then
164. If unicode Then buffer = Encoding.Unicode.GetBytes(value.ToString()) Else buffer = Encoding.ASCII.GetBytes(value.ToString())
165. Else
166. buffer = GetObjectBytes(value)
167. End If
168. Dim result As Boolean = WriteProcessMemory(ProcessHandle, address, buffer, New IntPtr(buffer.Length), IntPtr.Zero)
169. Return result
170. End Function
171.  
172. Public Function FindAddress(ByVal BaseAddress As IntPtr, ByVal StaticPointer As IntPtr, ByVal Offsets() As IntPtr) As IntPtr
173. ' Create a buffer that is 4 bytes on a 32-bit system or 8 bytes on a 64-bit system.
174. Dim tmp(IntPtr.Size - 1) As Byte
175. Dim Address As IntPtr = BaseAddress
176. ' We must check for 32-bit vs 64-bit.
177. If IntPtr.Size = 4 Then
178. Address = New IntPtr(Address.ToInt32 + StaticPointer.ToInt32)
179. Else
180. Address = New IntPtr(Address.ToInt64 + StaticPointer.ToInt64)
181. End If
182. ' Loop through each offset to find the address
183. For i As Integer = 0 To Offsets.Length - 1
184. ReadProcessMemory(ProcessHandle, Address, tmp, IntPtr.Size, 0)
185. If IntPtr.Size = 4 Then
186. Address = BitConverter.ToInt32(tmp, 0) + Offsets(i).ToInt32()
187. Else
188. Address = BitConverter.ToInt64(tmp, 0) + Offsets(i).ToInt64()
189. End If
190. Next
191. Return Address
192. End Function
193.  
194. End Module