[Tutorial] AOB Scanner C# / Array of byte Scanner em C#

Ir em baixo

[Tutorial] AOB Scanner C# / Array of byte Scanner em C#

Mensagem por uNreal em 1/11/2018, 01:44

Crédito: ?
Modulo:
Código:
public class AOBScan
{
    protected uint ProcessID;
    public AOBScan(uint ProcessID)
    {
        this.ProcessID = ProcessID;
    }

    [DllImport("kernel32.dll")]
    protected static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] buffer, uint size, int lpNumberOfBytesRead);
    [DllImport("kernel32.dll")]
    protected static extern int VirtualQueryEx(IntPtr hProcess, IntPtr lpAddress, out MEMORY_BASIC_INFORMATION lpBuffer, int dwLength);

    [StructLayout(LayoutKind.Sequential)]
    protected struct MEMORY_BASIC_INFORMATION
    {
        public IntPtr BaseAddress;
        public IntPtr AllocationBase;
        public uint AllocationProtect;
        public uint RegionSize;
        public uint State;
        public uint Protect;
        public uint Type;
    }

    protected List<MEMORY_BASIC_INFORMATION> MemoryRegion { get; set; }

    protected void MemInfo(IntPtr pHandle)
    {
        IntPtr Addy = new IntPtr();
        while (true)
        {
            MEMORY_BASIC_INFORMATION MemInfo = new MEMORY_BASIC_INFORMATION();
            int MemDump = VirtualQueryEx(pHandle, Addy, out  MemInfo, Marshal.SizeOf(MemInfo));
            if (MemDump == 0) break;
            if ((MemInfo.State & 0x1000) != 0 && (MemInfo.Protect & 0x100) == 0)
                MemoryRegion.Add(MemInfo);
            Addy = new IntPtr(MemInfo.BaseAddress.ToInt32() + (int)MemInfo.RegionSize);
        }
    }
    protected IntPtr Scan(byte[] sIn, byte[] sFor)
    {
        int[] sBytes = new int[256]; int Pool = 0;
        int End = sFor.Length - 1;
        for (int i = 0; i < 256; i++)
            sBytes[i] = sFor.Length;
        for (int i = 0; i < End; i++)
            sBytes[sFor[i]] = End - i;
        while (Pool <= sIn.Length - sFor.Length)
        {
            for (int i = End; sIn[Pool + i] == sFor[i]; i--)
                if (i == 0) return new IntPtr(Pool);
            Pool += sBytes[sIn[Pool + End]];
        }
        return IntPtr.Zero;
    }
    public IntPtr AobScan(byte[] Pattern)
    {
        Process Game = Process.GetProcessById((int)this.ProcessID);
        if (Game.Id == 0) return IntPtr.Zero;
        MemoryRegion = new List<MEMORY_BASIC_INFORMATION>();
        MemInfo(Game.Handle);
        for (int i = 0; i < MemoryRegion.Count; i++)
        {
            byte[] buff = new byte[MemoryRegion[i].RegionSize];
            ReadProcessMemory(Game.Handle, MemoryRegion[i].BaseAddress, buff, MemoryRegion[i].RegionSize, 0);

            IntPtr Result = Scan(buff, Pattern);
            if (Result != IntPtr.Zero)
                return new IntPtr(MemoryRegion[i].BaseAddress.ToInt32() + Result.ToInt32());
        }
        return IntPtr.Zero;
    }
}

Como Usar:
Código:
AOBScan = newscan = new aobscan(process.id);
int adress = (int can.AobScan(new byte[] {  0xEB, 0x88, 0xA8, 0xA8, 0x08, 0xCC, 0xFC , 0xCC, 0x89 };
MessageBox.Show(address.ToString("X"));
avatar
uNreal
ADM
ADM


Voltar ao Topo Ir em baixo

Voltar ao Topo


 
Permissão deste fórum:
Você não pode responder aos tópicos neste fórum