EMO Style ForumPro - Hos Geldiniz
Giriş yap

Şifremi unuttum

Istatistikler
Toplam 202 kayıtlı kullanıcımız var
Son kaydolan kullanıcımız: AnthonyFurey3

Kullanıcılarımız toplam 1186 mesaj attılar bunda 862 konu
Tarıyıcı
 Kapı
 Indeks
 Üye Listesi
 Profil
 SSS
 Arama
Arama
 
 

Sonuç :
 


Rechercher çıkıntı araştırma

RSS akısı


Yahoo! 
MSN 
AOL 
Netvibes 
Bloglines 


Kimler hatta?
Toplam 1 kullanıcı online :: 0 Kayıtlı, 0 Gizli ve 1 Misafir

Yok

[ Bütün listeye bak ]


Sitede bugüne kadar en çok 92 kişi Paz Ağus. 28, 2016 6:58 am tarihinde online oldu.
En son konular
» İnternetten Para Kazandıran Oyun ! Ödeme Alt Limiti Yok ! DEV KONU
Cuma Ağus. 29, 2014 8:33 am tarafından Hello EMO

» goldenchase.net maden yaparak para kazanma
Cuma Ağus. 29, 2014 8:18 am tarafından Hello EMO

» etichal hacker görsel egitim seti
Çarş. Ağus. 06, 2014 4:57 am tarafından Hello EMO

» KO TBL Source C#
Ptsi Ara. 09, 2013 6:36 am tarafından Hello EMO

» x86 Registers
C.tesi Ağus. 24, 2013 5:02 am tarafından Hello EMO

» [Tutorial] Pegando Address, Pointers de WYD
Çarş. Tem. 10, 2013 7:25 am tarafından Hello EMO

» [Tutorial] Pegando Address, Pointers de CS Metodo²
Çarş. Tem. 10, 2013 7:23 am tarafından Hello EMO

» [Tutorial] Aprendendo basico deASM OLLYDBG
Çarş. Tem. 10, 2013 7:22 am tarafından Hello EMO

» Basic C# DLL injector
Ptsi Tem. 08, 2013 7:48 am tarafından Hello EMO

Reklam

[Source Code] C# WriteProcessMemory/ReadProcessMemory

Önceki başlık Sonraki başlık Aşağa gitmek

[Source Code] C# WriteProcessMemory/ReadProcessMemory

Mesaj tarafından EMO Bir Salı Mayıs 31, 2011 2:55 am

This is my private code that i've decided to give out as i don't hack as much anymore.

To use this you add the following namespace to your application

Code:
using ReadWriteMemory;
to make a instance of it you do
Code:
ProcessMemory Mem = new ProcessMemory(/*Process Name*/);
To make the ProcessMemory active add this after your InitilizeComponent()
Code:
If(!Mem.CheckProcess())
MessageBox.Show("Make sure your application is running or try running this as Admin");
else
Mem.StartProcess();
Code:
using System.Diagnostics;
using System****ntime.InteropServices;
using System;
using System.Windows.Forms;
using System.Media;
using System.Text;
using System.Threading;
namespace ReadWriteMemory
{
internal class ProcessMemory
{
// Fields
protected int BaseAddress;
protected Process[] MyProcess;
protected ProcessModule myProcessModule;
private const uint PAGE_EXECUTE = 16;
private const uint PAGE_EXECUTE_READ = 32;
private const uint PAGE_EXECUTE_READWRITE = 64;
private const uint PAGE_EXECUTE_WRITECOPY = 128;
private const uint PAGE_GUARD = 256;
private const uint PAGE_NOACCESS = 1;
private const uint PAGE_NOCACHE = 512;
private const uint PAGE_READONLY = 2;
private const uint PAGE_READWRITE = 4;
private const uint PAGE_WRITECOPY = 8;
private const uint PROCESS_ALL_ACCESS = 2035711;
protected int processHandle;
protected string ProcessName;

// Methods
public ProcessMemory(string pProcessName)
{
this.ProcessName = pProcessName;
}

public bool CheckProcess()
{
return (Process.GetProcessesByName(this.ProcessName).Length > 0);
}

[DllImport("kernel32.dll")]
public static extern bool CloseHandle(int hObject);
public string CutString(string mystring)
{
char[] chArray = mystring.ToCharArray();
string str = "";
for (int i = 0; i < mystring.Length; i++)
{
if ((chArray[i] == ' ') && (chArray[i + 1] == ' '))
{
return str;
}
if (chArray[i] == '\0')
{
return str;
}
str = str + chArray[i].ToString();
}
return mystring.TrimEnd(new char[] { '0' });
}

public int DllImageAddress(string dllname)
{
ProcessModuleCollection modules = this.MyProcess[0].Modules;

foreach (ProcessModule procmodule in modules)
{
if (dllname == procmodule.ModuleName)
{
return (int)procmodule.BaseAddress;
}
}
return -1;

}
[DllImport("user32.dll", EntryPoint = "FindWindow", SetLastError = true)]
public static extern int FindWindowByCaption(int ZeroOnly, string lpWindowName);
public int ImageAddress()
{
this.BaseAddress = 0;
this.myProcessModule = this.MyProcess[0].MainModule;
this.BaseAddress = (int)this.myProcessModule.BaseAddress;
return this.BaseAddress;


}

public int ImageAddress(int pOffset)
{
this.BaseAddress = 0;
this.myProcessModule = this.MyProcess[0].MainModule;
this.BaseAddress = (int)this.myProcessModule.BaseAddress;
return (pOffset + this.BaseAddress);
}
public string MyProcessName()
{
return this.ProcessName;
}

[DllImport("kernel32.dll")]
public static extern int OpenProcess(uint dwDesiredAccess, bool bInheritHandle, int dwProcessId);
public int Pointer(bool AddToImageAddress, int pOffset)
{
return this.ReadInt(this.ImageAddress(pOffset));
}

public int Pointer(string Module, int pOffset)
{
return this.ReadInt(this.DllImageAddress(Module) + pOffset);
}

public int Pointer(bool AddToImageAddress, int pOffset, int pOffset2)
{
//look at this shit, it doesnt even have a if statement
if (AddToImageAddress)
return (this.ReadInt(this.ImageAddress() + pOffset) + pOffset2);
else
return (this.ReadInt(pOffset) + pOffset2);
}

public int Pointer(string Module, int pOffset, int pOffset2)
{
return (this.ReadInt(this.DllImageAddress(Module) + pOffset) + pOffset2);
}

public int Pointer(bool AddToImageAddress, int pOffset, int pOffset2, int pOffset3)
{
return (this.ReadInt(this.ReadInt(this.ImageAddress(pOffset)) + pOffset2) + pOffset3);
}

public int Pointer(string Module, int pOffset, int pOffset2, int pOffset3)
{
return (this.ReadInt(this.ReadInt(this.DllImageAddress(Module) + pOffset) + pOffset2) + pOffset3);
}

public int Pointer(bool AddToImageAddress, int pOffset, int pOffset2, int pOffset3, int pOffset4)
{
return (this.ReadInt(this.ReadInt(this.ReadInt(this.ImageAddress(pOffset)) + pOffset2) + pOffset3) + pOffset4);
}

public int Pointer(string Module, int pOffset, int pOffset2, int pOffset3, int pOffset4)
{
return (this.ReadInt(this.ReadInt(this.ReadInt(this.DllImageAddress(Module) + pOffset) + pOffset2) + pOffset3) + pOffset4);
}

public int Pointer(bool AddToImageAddress, int pOffset, int pOffset2, int pOffset3, int pOffset4, int pOffset5)
{
return (this.ReadInt(this.ReadInt(this.ReadInt(this.ReadInt(this.ImageAddress(pOffset)) + pOffset2) + pOffset3) + pOffset4) + pOffset5);
}

public int Pointer(string Module, int pOffset, int pOffset2, int pOffset3, int pOffset4, int pOffset5)
{
return (this.ReadInt(this.ReadInt(this.ReadInt(this.ReadInt(this.DllImageAddress(Module) + pOffset) + pOffset2) + pOffset3) + pOffset4) + pOffset5);
}

public int Pointer(bool AddToImageAddress, int pOffset, int pOffset2, int pOffset3, int pOffset4, int pOffset5, int pOffset6)
{
return (this.ReadInt(this.ReadInt(this.ReadInt(this.ReadInt(this.ReadInt(this.ImageAddress(pOffset)) + pOffset2) + pOffset3) + pOffset4) + pOffset5) + pOffset6);
}

public int Pointer(string Module, int pOffset, int pOffset2, int pOffset3, int pOffset4, int pOffset5, int pOffset6)
{
return (this.ReadInt(this.ReadInt(this.ReadInt(this.ReadInt(this.ReadInt(this.DllImageAddress(Module) + pOffset) + pOffset2) + pOffset3) + pOffset4) + pOffset5) + pOffset6);
}

public byte ReadByte(int pOffset)
{
byte[] buffer = new byte[1];
ReadProcessMemory(this.processHandle, pOffset, buffer, 1, 0);
return buffer[0];
}

public byte ReadByte(bool AddToImageAddress, int pOffset)
{
byte[] buffer = new byte[1];
int lpBaseAddress = AddToImageAddress ? this.ImageAddress(pOffset) : pOffset;
ReadProcessMemory(this.processHandle, lpBaseAddress, buffer, 1, 0);
return buffer[0];
}

public byte ReadByte(string Module, int pOffset)
{
byte[] buffer = new byte[1];
ReadProcessMemory(this.processHandle, this.DllImageAddress(Module) + pOffset, buffer, 1, 0);
return buffer[0];
}

public float ReadFloat(int pOffset)
{
return BitConverter.ToSingle(this.ReadMem(pOffset, 4), 0);
}

public float ReadFloat(bool AddToImageAddress, int pOffset)
{
return BitConverter.ToSingle(this.ReadMem(pOffset, 4, AddToImageAddress), 0);
}

public float ReadFloat(string Module, int pOffset)
{
return BitConverter.ToSingle(this.ReadMem(this.DllImageAddress(Module) + pOffset, 4), 0);
}

public int ReadInt(int pOffset)
{
return BitConverter.ToInt32(this.ReadMem(pOffset, 4), 0);
}

public int ReadInt(bool AddToImageAddress, int pOffset)
{
return BitConverter.ToInt32(this.ReadMem(pOffset, 4, AddToImageAddress), 0);
}

public int ReadInt(string Module, int pOffset)
{
return BitConverter.ToInt32(this.ReadMem(this.DllImageAddress(Module) + pOffset, 4), 0);
}

public byte[] ReadMem(int pOffset, int pSize)
{
byte[] buffer = new byte[pSize];
ReadProcessMemory(this.processHandle, pOffset, buffer, pSize, 0);
return buffer;
}

public byte[] ReadMem(int pOffset, int pSize, bool AddToImageAddress)
{
byte[] buffer = new byte[pSize];
int lpBaseAddress = AddToImageAddress ? this.ImageAddress(pOffset) : pOffset;
ReadProcessMemory(this.processHandle, lpBaseAddress, buffer, pSize, 0);
return buffer;
}

[DllImport("kernel32.dll")]
public static extern bool ReadProcessMemory(int hProcess, int lpBaseAddress, byte[] buffer, int size, int lpNumberOfBytesRead);
public short ReadShort(int pOffset)
{
return BitConverter.ToInt16(this.ReadMem(pOffset, 2), 0);
}

public short ReadShort(bool AddToImageAddress, int pOffset)
{
return BitConverter.ToInt16(this.ReadMem(pOffset, 2, AddToImageAddress), 0);
}

public short ReadShort(string Module, int pOffset)
{
return BitConverter.ToInt16(this.ReadMem(this.DllImageAddress(Module) + pOffset, 2), 0);
}

public string ReadStringAscii(int pOffset, int pSize)
{
return this.CutString(Encoding.ASCII.GetString(this.ReadMem(pOffset, pSize)));
}

public string ReadStringAscii(bool AddToImageAddress, int pOffset, int pSize)
{
return this.CutString(Encoding.ASCII.GetString(this.ReadMem(pOffset, pSize, AddToImageAddress)));
}

public string ReadStringAscii(string Module, int pOffset, int pSize)
{
return this.CutString(Encoding.ASCII.GetString(this.ReadMem(this.DllImageAddress(Module) + pOffset, pSize)));
}

public string ReadStringUnicode(int pOffset, int pSize)
{
return this.CutString(Encoding.Unicode.GetString(this.ReadMem(pOffset, pSize)));
}

public string ReadStringUnicode(bool AddToImageAddress, int pOffset, int pSize)
{
return this.CutString(Encoding.Unicode.GetString(this.ReadMem(pOffset, pSize, AddToImageAddress)));
}

public string ReadStringUnicode(string Module, int pOffset, int pSize)
{
return this.CutString(Encoding.Unicode.GetString(this.ReadMem(this.DllImageAddress(Module) + pOffset, pSize)));
}

public uint ReadUInt(int pOffset)
{
return BitConverter.ToUInt32(this.ReadMem(pOffset, 4), 0);
}

public uint ReadUInt(bool AddToImageAddress, int pOffset)
{
return BitConverter.ToUInt32(this.ReadMem(pOffset, 4, AddToImageAddress), 0);
}

public uint ReadUInt(string Module, int pOffset)
{
return BitConverter.ToUInt32(this.ReadMem(this.DllImageAddress(Module) + pOffset, 4), 0);
}

public bool StartProcess()
{
if (this.ProcessName != "")
{
this.MyProcess = Process.GetProcessesByName(this.ProcessName);
if (this.MyProcess.Length == 0)
{
MessageBox.Show(this.ProcessName + " is not running or has not been found. Please check and try again", "Process Not Found", MessageBoxButtons.OK, MessageBoxIcon.Hand);
return false;
}
this.processHandle = OpenProcess(2035711, false, this.MyProcess[0].Id);
if (this.processHandle == 0)
{
MessageBox.Show(this.ProcessName + " is not running or has not been found. Please check and try again", "Process Not Found", MessageBoxButtons.OK, MessageBoxIcon.Hand);
return false;
}
return true;
}
MessageBox.Show("Define process name first!");
return false;
}

[DllImport("kernel32.dll")]
public static extern bool VirtualProtectEx(int hProcess, int lpAddress, int dwSize, uint flNewProtect, out uint lpflOldProtect);
public void WriteByte(int pOffset, byte pBytes)
{
this.WriteMem(pOffset, BitConverter.GetBytes((short)pBytes));
}

public void WriteByte(bool AddToImageAddress, int pOffset, byte pBytes)
{
this.WriteMem(pOffset, BitConverter.GetBytes((short)pBytes), AddToImageAddress);
}

public void WriteByte(string Module, int pOffset, byte pBytes)
{
this.WriteMem(this.DllImageAddress(Module) + pOffset, BitConverter.GetBytes((short)pBytes));
}

public void WriteDouble(int pOffset, double pBytes)
{
this.WriteMem(pOffset, BitConverter.GetBytes(pBytes));
}

public void WriteDouble(bool AddToImageAddress, int pOffset, double pBytes)
{
this.WriteMem(pOffset, BitConverter.GetBytes(pBytes), AddToImageAddress);
}

public void WriteDouble(string Module, int pOffset, double pBytes)
{
this.WriteMem(this.DllImageAddress(Module) + pOffset, BitConverter.GetBytes(pBytes));
}

public void WriteFloat(int pOffset, float pBytes)
{
this.WriteMem(pOffset, BitConverter.GetBytes(pBytes));
}

public void WriteFloat(bool AddToImageAddress, int pOffset, float pBytes)
{
this.WriteMem(pOffset, BitConverter.GetBytes(pBytes), AddToImageAddress);
}

public void WriteFloat(string Module, int pOffset, float pBytes)
{
this.WriteMem(this.DllImageAddress(Module) + pOffset, BitConverter.GetBytes(pBytes));
}

public void WriteInt(int pOffset, int pBytes)
{
this.WriteMem(pOffset, BitConverter.GetBytes(pBytes));
}

public void WriteInt(bool AddToImageAddress, int pOffset, int pBytes)
{
this.WriteMem(pOffset, BitConverter.GetBytes(pBytes), AddToImageAddress);
}

public void WriteInt(string Module, int pOffset, int pBytes)
{
this.WriteMem(this.DllImageAddress(Module) + pOffset, BitConverter.GetBytes(pBytes));
}

public void WriteMem(int pOffset, byte[] pBytes)
{
WriteProcessMemory(this.processHandle, pOffset, pBytes, pBytes.Length, 0);
}

public void WriteMem(int pOffset, byte[] pBytes, bool AddToImageAddress)
{
int lpBaseAddress = AddToImageAddress ? this.ImageAddress(pOffset) : pOffset;
WriteProcessMemory(this.processHandle, lpBaseAddress, pBytes, pBytes.Length, 0);
}

[DllImport("kernel32.dll")]
public static extern bool WriteProcessMemory(int hProcess, int lpBaseAddress, byte[] buffer, int size, int lpNumberOfBytesWritten);
public void WriteShort(int pOffset, short pBytes)
{
this.WriteMem(pOffset, BitConverter.GetBytes(pBytes));
}

public void WriteShort(bool AddToImageAddress, int pOffset, short pBytes)
{
this.WriteMem(pOffset, BitConverter.GetBytes(pBytes), AddToImageAddress);
}

public void WriteShort(string Module, int pOffset, short pBytes)
{
this.WriteMem(this.DllImageAddress(Module) + pOffset, BitConverter.GetBytes(pBytes));
}

public void WriteStringAscii(int pOffset, string pBytes)
{
this.WriteMem(pOffset, Encoding.ASCII.GetBytes(pBytes + "\0"));
}

public void WriteStringAscii(bool AddToImageAddress, int pOffset, string pBytes)
{
this.WriteMem(pOffset, Encoding.ASCII.GetBytes(pBytes + "\0"), AddToImageAddress);
}

public void WriteStringAscii(string Module, int pOffset, string pBytes)
{
this.WriteMem(this.DllImageAddress(Module) + pOffset, Encoding.ASCII.GetBytes(pBytes + "\0"));
}

public void WriteStringUnicode(int pOffset, string pBytes)
{
this.WriteMem(pOffset, Encoding.Unicode.GetBytes(pBytes + "\0"));
}

public void WriteStringUnicode(bool AddToImageAddress, int pOffset, string pBytes)
{
this.WriteMem(pOffset, Encoding.Unicode.GetBytes(pBytes + "\0"), AddToImageAddress);
}

public void WriteStringUnicode(string Module, int pOffset, string pBytes)
{
this.WriteMem(this.DllImageAddress(Module) + pOffset, Encoding.Unicode.GetBytes(pBytes + "\0"));
}

public void WriteUInt(int pOffset, uint pBytes)
{
this.WriteMem(pOffset, BitConverter.GetBytes(pBytes));
}

public void WriteUInt(bool AddToImageAddress, int pOffset, uint pBytes)
{
this.WriteMem(pOffset, BitConverter.GetBytes(pBytes), AddToImageAddress);
}

public void WriteUInt(string Module, int pOffset, uint pBytes)
{
this.WriteMem(this.DllImageAddress(Module) + pOffset, BitConverter.GetBytes(pBytes));
}

// Nested Types
[Flags]
public enum ProcessAccessFlags : uint
{
All = 2035711,
CreateThread = 2,
DupHandle = 64,
QueryInformation = 1024,
SetInformation = 512,
Synchronize = 1048576,
Terminate = 1,
VMOperation = 8,
VMRead = 16,
VMWrite = 32
}
}
}
avatar
EMO
EMO Team
EMO Team

Cinsiyet : Erkek
Burçlar : Yay
Yılan
Mesaj Sayısı : 184
Puan : 110693
Rep Puanı : 5
Doğum tarihi : 28/11/89
Kayıt tarihi : 18/05/11
Yaş : 27
Nerden : EMO world
İş/Hobiler : RCE Student / Game Hacking / Learn Beginner C#,C++,Delphi
Lakap : EMO

Kullanıcı profilini gör

Sayfa başına dön Aşağa gitmek

Önceki başlık Sonraki başlık Sayfa başına dön

- Similar topics

 
Bu forumun müsaadesi var:
Bu forumdaki mesajlara cevap veremezsiniz