using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.IO;
using System.Runtime.InteropServices;
using System.Text;

namespace gtaivtest {
    class ProcessMemory {
        public IntPtr openedHandle;
        private Process m_process;
        public UInt32 MainModuleAddress {
            get { return (UInt32)m_process.MainModule.BaseAddress.ToInt32(); }
        }

        [DllImport("kernel32.dll")]
        static extern IntPtr OpenProcess(UInt32 dwDesiredAccess, bool bInheritHandle, int dwProcessId);

        public bool Open(Process process) {
            m_process = process;
            if(process.HandleCount > 0) {
                openedHandle = OpenProcess(0x1F0FFF, true, process.Id);
                return true;
            } else return false;

        }

        [DllImport("kernel32.dll")]
        static extern Int32 ReadProcessMemory(IntPtr OpenedHandle, IntPtr lpBaseAddress, byte[] lpBuffer, UInt32 size, out IntPtr lpNumberOfBytesRead);

        private byte[] MemoryRead(IntPtr OpenedHandle, IntPtr BaseAddress, UInt32 Size, ref IntPtr Bytes) {
            byte[] buffer = new byte[Size];
            ReadProcessMemory(OpenedHandle, BaseAddress, buffer, Size, out Bytes);
            return buffer;
        }

        public UInt32 ReadU32(UInt32 address) {
            IntPtr bytes = new IntPtr();
            byte[] outp = MemoryRead(openedHandle, (IntPtr)address, sizeof(UInt32), ref bytes);

            return BitConverter.ToUInt32(outp, 0);
        }

        public float ReadF32(UInt32 address) {
            IntPtr bytes = new IntPtr();
            byte[] outp = MemoryRead(openedHandle, (IntPtr)address, sizeof(float), ref bytes);

            return BitConverter.ToSingle(outp, 0);
        }

        [DllImport("kernel32.dll")]
        static extern Int32 CloseHandle(IntPtr hObject);

        public int Close() {
            int rtn;
            rtn = CloseHandle(openedHandle);
            return rtn;
        }
    }
    class Program {
        //0x9D2D80 : int __cdecl createObject(int modelID, float x, float y, float z, int* handle, int flags)
        delegate int createObject(int modelID, float x, float y, float z, out IntPtr handle, int flags);

        static void Main(string[] args) {

            Process process = Process.GetProcessesByName("gtaiv")[0];

            ProcessMemory memory = new ProcessMemory();
            if(memory.Open(process) == false) {
                Console.WriteLine("Failed to open GTA4");
                return;
            }

            IntPtr handle = IntPtr.Zero;
            createObject createObj = Marshal.GetDelegateForFunctionPointer((IntPtr)(memory.MainModuleAddress + 0x9D2D80), typeof(createObject)) as createObject;
			
            int retValue = createObj(0x18F25AC7, 120, 830, 15, out handle, 1); //AccessViolationException: "Attempted to read or write protected memory. This is often an indication that other memory is corrupt."
            memory.Close();
        }
    }
}