-
Notifications
You must be signed in to change notification settings - Fork 2
/
MemProc.h
156 lines (103 loc) · 2.85 KB
/
MemProc.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
// --- Author : Moreau Cyril - Spl3en - Credits to gimmeamilk (http://www.youtube.com/watch?v=YRPMdb1YMS8)
// --- File : MemProc.h
// --- Date : 2013-03-04-22.14.43
// --- Version : 1.0
#ifndef MemProc_H_INCLUDED
#define MemProc_H_INCLUDED
// ---------- Includes ------------
#include <stdlib.h>
#include "MemChunk.h"
#include "BbQueue/BbQueue.h"
#include "Win32Tools/Win32Tools.h"
#include "Console/Console.h"
// ---------- Defines -------------
// ------ Struct declaration -------
typedef enum {
SEARCH_TYPE_BYTES = -1,
SEARCH_TYPE_INTEGER,
SEARCH_TYPE_FLOAT,
SEARCH_TYPE_STRING,
} SearchType;
typedef
struct _MemProc
{
BbQueue *memchunks;
HANDLE proc;
HWND hwnd;
SearchType stype;
int mask_len;
int pid;
char *window_name;
char *process_name;
DWORD base_addr;
DWORD default_baseaddr;
} MemProc;
typedef struct _MemBlock
{
void *data;
DWORD addr;
int size;
MemType type;
char to_update;
} MemBlock;
typedef struct ImageSectionInfo
{
char SectionName[IMAGE_SIZEOF_SHORT_NAME];
char *SectionAddress;
int SectionSize;
} ImageSectionInfo;
// --------- Constructors ---------
MemProc *
memproc_new (char *process_name, char *window_name);
MemBlock *
memblock_new (void *data, DWORD addr, int size, MemType type);
// ----------- Functions ------------
void
memproc_debug (MemProc *mp);
void
memproc_full_debug (MemProc *mp);
void
memproc_search (MemProc *mp, unsigned char *pattern, char *mask, void (*pre_search)(MemChunk *, float prct), SearchType stype);
void
memproc_update (MemProc *mp, BbQueue *memblocks);
void
memproc_dump (MemProc *mp, int start, int end);
void
memproc_dump_sections (MemProc *mp, int start, int nbSections);
void
memproc_dump_details (MemProc *mp, int start, int end, int nbSections, int (*boolean_function) (MEMORY_BASIC_INFORMATION *, void *), void *arg);
int
memproc_is_dumped (MemProc *mp);
bool
memproc_refresh_handle (MemProc *mp);
BbQueue *
memproc_get_res (MemProc *mp);
void
memproc_search_float (MemProc *mp, float value, void (*pre_search)(MemChunk *, float prct));
void
memproc_search_integer (MemProc *mp, int value, void (*pre_search)(MemChunk *, float prct));
void
memproc_search_text (MemProc *mp, char *text, char *mask, void (*pre_search)(MemChunk *, float prct));
void
memproc_search_changed (MemProc *mp, void (*pre_search)(MemChunk *, float prct));
void
memblock_read_from_memory (MemProc *mp, MemBlock *mem);
void
memproc_set_absolute_addr (MemProc *mp, DWORD *addr);
void
memproc_set_default_baseaddr (MemProc *mp, int default_baseaddr);
void
memblock_debug (MemBlock *mb);
bool
memproc_detected (MemProc *mp);
// Directly in the process
DWORD
mem_search (DWORD start, DWORD size, unsigned char *pattern, char *mask);
// --------- Destructors ----------
void
memproc_clear (MemProc *memproc);
void
memproc_free (MemProc *memproc);
void
memblock_free (MemBlock *m);
#endif // MemProc_INCLUDED