using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.IO;
using System.Runtime.InteropServices;
using System.Text;
namespace gtaivtest {
class ProcessMemory {
public IntPtr openedHandle;
private Process m_process;
public UInt32 MainModuleAddress {
get { return (UInt32)m_process.MainModule.BaseAddress.ToInt32(); }
}
[DllImport("kernel32.dll")]
static extern IntPtr OpenProcess(UInt32 dwDesiredAccess, bool bInheritHandle, int dwProcessId);
public bool Open(Process process) {
m_process = process;
if(process.HandleCount > 0) {
openedHandle = OpenProcess(0x1F0FFF, true, process.Id);
return true;
} else return false;
}
[DllImport("kernel32.dll")]
static extern Int32 ReadProcessMemory(IntPtr OpenedHandle, IntPtr lpBaseAddress, byte[] lpBuffer, UInt32 size, out IntPtr lpNumberOfBytesRead);
private byte[] MemoryRead(IntPtr OpenedHandle, IntPtr BaseAddress, UInt32 Size, ref IntPtr Bytes) {
byte[] buffer = new byte[Size];
ReadProcessMemory(OpenedHandle, BaseAddress, buffer, Size, out Bytes);
return buffer;
}
public UInt32 ReadU32(UInt32 address) {
IntPtr bytes = new IntPtr();
byte[] outp = MemoryRead(openedHandle, (IntPtr)address, sizeof(UInt32), ref bytes);
return BitConverter.ToUInt32(outp, 0);
}
public float ReadF32(UInt32 address) {
IntPtr bytes = new IntPtr();
byte[] outp = MemoryRead(openedHandle, (IntPtr)address, sizeof(float), ref bytes);
return BitConverter.ToSingle(outp, 0);
}
[DllImport("kernel32.dll")]
static extern Int32 CloseHandle(IntPtr hObject);
public int Close() {
int rtn;
rtn = CloseHandle(openedHandle);
return rtn;
}
}
class Program {
//0x9D2D80 : int __cdecl createObject(int modelID, float x, float y, float z, int* handle, int flags)
delegate int createObject(int modelID, float x, float y, float z, out IntPtr handle, int flags);
static void Main(string[] args) {
Process process = Process.GetProcessesByName("gtaiv")[0];
ProcessMemory memory = new ProcessMemory();
if(memory.Open(process) == false) {
Console.WriteLine("Failed to open GTA4");
return;
}
IntPtr handle = IntPtr.Zero;
createObject createObj = Marshal.GetDelegateForFunctionPointer((IntPtr)(memory.MainModuleAddress + 0x9D2D80), typeof(createObject)) as createObject;
int retValue = createObj(0x18F25AC7, 120, 830, 15, out handle, 1); //AccessViolationException: "Attempted to read or write protected memory. This is often an indication that other memory is corrupt."
memory.Close();
}
}
}