sigonasr2
/
BunnyMemoryChannelPointsClient
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add WinAPI Process Enumaration and module info

Browse Source 
Thanks sig. Seriously.
See notice.txt
master
Marenthyu 5 years ago
parent 4abff96fa3
commit 1708e8575e
6 changed files with 561 additions and 297 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 388
      src/de/marenthyu/memedit/bunny/BunnyMemoryManager.java
  2. 242
      src/de/marenthyu/memedit/util/Shared.java
  3. 64
      src/de/marenthyu/memedit/util/sig/Module.java
  4. 57
      src/de/marenthyu/memedit/util/sig/Psapi.java
  5. 104
      src/de/marenthyu/memedit/util/sig/PsapiTools.java
  6. 3
      src/de/marenthyu/memedit/util/sig/notice.txt

388
src/de/marenthyu/memedit/bunny/BunnyMemoryManager.java
Unescape View File

@ -1,194 +1,194 @@
package de.marenthyu.memedit.bunny;
import com.sun.jna.Memory;
import com.sun.jna.Pointer;
import de.marenthyu.twitch.pubsub.PubSubClient;
import de.marenthyu.twitch.pubsub.channelpoints.ChannelPointsRedemptionHandler;
import javax.swing.*;
import java.io.IOException;
import static de.marenthyu.memedit.bunny.BunnyConstants.*;
import static de.marenthyu.memedit.util.Shared.*;
public class BunnyMemoryManager {
static int RABI_BASE_SIZE;
public static Pointer bunnyProcess;
public static int bunnyPID;
public static void init() {
bunnyPID = getProcessId(RABI_TITLE);
System.out.println("[BUNNY] Bunny PID: " + bunnyPID);
bunnyProcess = openProcess(PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION, bunnyPID);
try {
RABI_BASE_SIZE = getBaseAddress("rabiribi.exe");
if (RABI_BASE_SIZE == 0) {
throw new IOException("Invalid Size Returned from Powershell");
}
} catch (NumberFormatException | IOException e) {
// e.printStackTrace();
System.out.println();
System.out.println("[BUNNY] Error getting the Module base address automatically, asking user.");
String userInput = JOptionPane.showInputDialog("Please Enter the base address of rabiribi.exe\n If you dare, please help me automate this. I am at the end of my knowledge. If you don't know how to do this, ask whoever linked you this software.");
try {
RABI_BASE_SIZE = Integer.decode(userInput);
} catch (Exception y) {
try {
RABI_BASE_SIZE = Integer.decode("0x" + userInput);
} catch (Exception ex) {
System.out.println("[BUNNY] You're stupid. I think. something went wrong.");
e.printStackTrace();
ex.printStackTrace();
System.exit(2);
}
}
}
if (bunnyPID == 0) {
System.err.println("[BUNNY] COULD NOT LOCATE PID FOR " + RABI_TITLE + " - PLEASE MAKE SURE THE GAME IS RUNNING AND ON THE SPECIFIED VERSION!");
System.exit(1);
}
}
public static void addSetHPHandler(PubSubClient pubSub) {
pubSub.addChannelPointsRedemptionHandler(new ChannelPointsRedemptionHandler("[BUNNY][HP]") {
@Override
public void matched(String input) {
try {
int newHeahlth = Integer.parseInt(input);
setHP(newHeahlth);
System.out.println("[BUNNY][HP] HP set to " + newHeahlth);
} catch (NumberFormatException e) {
System.err.println("[BUNNY][HP] Invalid Number.");
}
}
});
}
public static void addFullHealHandler(PubSubClient pubSub) {
pubSub.addChannelPointsRedemptionHandler(new ChannelPointsRedemptionHandler("[BUNNY][FULLHEAL]") {
@Override
public void matched(String input) {
fullHeal();
System.out.println("[BUNNY][FULLHEAL] Healed fully!");
}
});
}
public static void addHealHandler(PubSubClient pubSub) {
pubSub.addChannelPointsRedemptionHandler(new ChannelPointsRedemptionHandler("[BUNNY][HEAL]") {
@Override
public void matched(String input) {
try {
int amount = Integer.parseInt(input);
heal(amount);
System.out.println("[BUNNY][HEAL] Healed by " + amount);
} catch (NumberFormatException e) {
System.err.println("[BUNNY][HEAL] Invalid Number.");
}
}
});
}
public static void addBadgeHandlers(PubSubClient pubSub) {
for (int i = 0;i < RABI_BADGES.length;i++) {
for (int j = 0;j<=2;j++) {
String type;
switch (j) {
case 0:
{
type = "DELETE";
break;
}
case 1: {
type = "UNLOCK";
break;
}
case 2: {
type = "EQUIP";
break;
}
default:
throw new IllegalStateException("Unexpected value: " + j);
}
final int finalJ = j;
final int finalI = i;
pubSub.addChannelPointsRedemptionHandler(new ChannelPointsRedemptionHandler("[BUNNY][BADGE][" + type + "][" + RABI_BADGES[finalI] + "]") {
@Override
public void matched(String input) {
switch (finalJ) {
case 0:
{
removeBadge(finalI);
break;
}
case 1: {
unluckAndUnequipBadge(finalI);
break;
}
case 2: {
equipBadge(finalI);
break;
}
default:
throw new IllegalStateException("Unexpected value: " + finalJ);
}
System.out.println("[BUNNY][BADGE][" + type + "][" + RABI_BADGES[finalI] + "] Badges changed!");
}
});
}
}
}
public static void setHP(int newHeahlth) {
System.out.println("[BUNNY] Got request to change HP - setting it to " + newHeahlth);
long dynAddress = findDynAddress(bunnyProcess, RABI_HEALTH_OFFSETS_IN_SAVBLOCK, RABI_BASE_SIZE + RABI_SAVBLOCK_OFFSET);
int curHealth = getCurHP();
System.out.println(String.format("[BUNNY] Old health read from memory was: %d, setting it to %d", curHealth, newHeahlth));
writeMemory(bunnyProcess, dynAddress, intToBytes(newHeahlth));
}
public static int getCurHP() {
long dynAddress = findDynAddress(bunnyProcess, RABI_HEALTH_OFFSETS_IN_SAVBLOCK, RABI_BASE_SIZE + RABI_SAVBLOCK_OFFSET);
Memory healthCurrentMem = readMemory(bunnyProcess, dynAddress, 4);
return healthCurrentMem.getInt(0);
}
public static int getMaxHP() {
long dynAddress = findDynAddress(bunnyProcess, RABI_MAX_HEALTH_OFFSETS_IN_SAVBLOCK, RABI_BASE_SIZE + RABI_SAVBLOCK_OFFSET);
Memory healthCurrentMem = readMemory(bunnyProcess, dynAddress, 4);
return healthCurrentMem.getInt(0);
}
public static void heal(int amount) {
setHP(getCurHP() + amount);
}
public static void fullHeal() {
setHP(getMaxHP());
}
public static void equipBadge(int badgeID) {
long dynAddress = findDynAddress(bunnyProcess, new int[]{badgeID * 4}, RABI_BASE_SIZE + RABI_BADGE_ARRAY_BASE_POINTER_OFFSET);
writeMemory(bunnyProcess, dynAddress, new byte[]{0x02});
}
public static void unluckAndUnequipBadge(int badgeID) {
long dynAddress = findDynAddress(bunnyProcess, new int[]{badgeID * 4}, RABI_BASE_SIZE + RABI_BADGE_ARRAY_BASE_POINTER_OFFSET);
writeMemory(bunnyProcess, dynAddress, new byte[]{0x01});
}
public static void removeBadge(int badgeID) {
long dynAddress = findDynAddress(bunnyProcess, new int[]{badgeID * 4}, RABI_BASE_SIZE + RABI_BADGE_ARRAY_BASE_POINTER_OFFSET);
writeMemory(bunnyProcess, dynAddress, new byte[]{0x00});
}
}
package de.marenthyu.memedit.bunny;
import com.sun.jna.Memory;
import com.sun.jna.Pointer;
import de.marenthyu.twitch.pubsub.PubSubClient;
import de.marenthyu.twitch.pubsub.channelpoints.ChannelPointsRedemptionHandler;
import javax.swing.*;
import java.io.IOException;
import static de.marenthyu.memedit.bunny.BunnyConstants.*;
import static de.marenthyu.memedit.util.Shared.*;
public class BunnyMemoryManager {
static int RABI_BASE_SIZE;
public static Pointer bunnyProcess;
public static int bunnyPID;
public static void init() {
bunnyPID = getProcessIdByWindowTitle(RABI_TITLE);
System.out.println("[BUNNY] Bunny PID: " + bunnyPID);
bunnyProcess = openProcess(PROCESS_VM_READ | PROCESS_VM_WRITE | PROCESS_VM_OPERATION, bunnyPID);
try {
RABI_BASE_SIZE = getBaseAddress("rabiribi.exe");
if (RABI_BASE_SIZE == 0) {
throw new IOException("Invalid Size Returned from Base Address Detection");
}
} catch (NumberFormatException | IOException e) {
// e.printStackTrace();
System.out.println();
System.out.println("[BUNNY] Error getting the Module base address automatically, asking user.");
String userInput = JOptionPane.showInputDialog("Please Enter the base address of rabiribi.exe\n Too bad this failed. Thanks sig for the actual implementation that works most of the time. If you don't know how to do this, ask whoever linked you this software.");
try {
RABI_BASE_SIZE = Integer.decode(userInput);
} catch (Exception y) {
try {
RABI_BASE_SIZE = Integer.decode("0x" + userInput);
} catch (Exception ex) {
System.out.println("[BUNNY] You're stupid. I think. something went wrong.");
e.printStackTrace();
ex.printStackTrace();
System.exit(2);
}
}
}
if (bunnyPID == 0) {
System.err.println("[BUNNY] COULD NOT LOCATE PID FOR " + RABI_TITLE + " - PLEASE MAKE SURE THE GAME IS RUNNING AND ON THE SPECIFIED VERSION!");
System.exit(1);
}
}
public static void addSetHPHandler(PubSubClient pubSub) {
pubSub.addChannelPointsRedemptionHandler(new ChannelPointsRedemptionHandler("[BUNNY][HP]") {
@Override
public void matched(String input) {
try {
int newHeahlth = Integer.parseInt(input);
setHP(newHeahlth);
System.out.println("[BUNNY][HP] HP set to " + newHeahlth);
} catch (NumberFormatException e) {
System.err.println("[BUNNY][HP] Invalid Number.");
}
}
});
}
public static void addFullHealHandler(PubSubClient pubSub) {
pubSub.addChannelPointsRedemptionHandler(new ChannelPointsRedemptionHandler("[BUNNY][FULLHEAL]") {
@Override
public void matched(String input) {
fullHeal();
System.out.println("[BUNNY][FULLHEAL] Healed fully!");
}
});
}
public static void addHealHandler(PubSubClient pubSub) {
pubSub.addChannelPointsRedemptionHandler(new ChannelPointsRedemptionHandler("[BUNNY][HEAL]") {
@Override
public void matched(String input) {
try {
int amount = Integer.parseInt(input);
heal(amount);
System.out.println("[BUNNY][HEAL] Healed by " + amount);
} catch (NumberFormatException e) {
System.err.println("[BUNNY][HEAL] Invalid Number.");
}
}
});
}
public static void addBadgeHandlers(PubSubClient pubSub) {
for (int i = 0;i < RABI_BADGES.length;i++) {
for (int j = 0;j<=2;j++) {
String type;
switch (j) {
case 0:
{
type = "DELETE";
break;
}
case 1: {
type = "UNLOCK";
break;
}
case 2: {
type = "EQUIP";
break;
}
default:
throw new IllegalStateException("Unexpected value: " + j);
}
final int finalJ = j;
final int finalI = i;
pubSub.addChannelPointsRedemptionHandler(new ChannelPointsRedemptionHandler("[BUNNY][BADGE][" + type + "][" + RABI_BADGES[finalI] + "]") {
@Override
public void matched(String input) {
switch (finalJ) {
case 0:
{
removeBadge(finalI);
break;
}
case 1: {
unluckAndUnequipBadge(finalI);
break;
}
case 2: {
equipBadge(finalI);
break;
}
default:
throw new IllegalStateException("Unexpected value: " + finalJ);
}
System.out.println("[BUNNY][BADGE][" + type + "][" + RABI_BADGES[finalI] + "] Badges changed!");
}
});
}
}
}
public static void setHP(int newHeahlth) {
System.out.println("[BUNNY] Got request to change HP - setting it to " + newHeahlth);
long dynAddress = findDynAddress(bunnyProcess, RABI_HEALTH_OFFSETS_IN_SAVBLOCK, RABI_BASE_SIZE + RABI_SAVBLOCK_OFFSET);
int curHealth = getCurHP();
System.out.println(String.format("[BUNNY] Old health read from memory was: %d, setting it to %d", curHealth, newHeahlth));
writeMemory(bunnyProcess, dynAddress, intToBytes(newHeahlth));
}
public static int getCurHP() {
long dynAddress = findDynAddress(bunnyProcess, RABI_HEALTH_OFFSETS_IN_SAVBLOCK, RABI_BASE_SIZE + RABI_SAVBLOCK_OFFSET);
Memory healthCurrentMem = readMemory(bunnyProcess, dynAddress, 4);
return healthCurrentMem.getInt(0);
}
public static int getMaxHP() {
long dynAddress = findDynAddress(bunnyProcess, RABI_MAX_HEALTH_OFFSETS_IN_SAVBLOCK, RABI_BASE_SIZE + RABI_SAVBLOCK_OFFSET);
Memory healthCurrentMem = readMemory(bunnyProcess, dynAddress, 4);
return healthCurrentMem.getInt(0);
}
public static void heal(int amount) {
setHP(getCurHP() + amount);
}
public static void fullHeal() {
setHP(getMaxHP());
}
public static void equipBadge(int badgeID) {
long dynAddress = findDynAddress(bunnyProcess, new int[]{badgeID * 4}, RABI_BASE_SIZE + RABI_BADGE_ARRAY_BASE_POINTER_OFFSET);
writeMemory(bunnyProcess, dynAddress, new byte[]{0x02});
}
public static void unluckAndUnequipBadge(int badgeID) {
long dynAddress = findDynAddress(bunnyProcess, new int[]{badgeID * 4}, RABI_BASE_SIZE + RABI_BADGE_ARRAY_BASE_POINTER_OFFSET);
writeMemory(bunnyProcess, dynAddress, new byte[]{0x01});
}
public static void removeBadge(int badgeID) {
long dynAddress = findDynAddress(bunnyProcess, new int[]{badgeID * 4}, RABI_BASE_SIZE + RABI_BADGE_ARRAY_BASE_POINTER_OFFSET);
writeMemory(bunnyProcess, dynAddress, new byte[]{0x00});
}
}

242
src/de/marenthyu/memedit/util/Shared.java
Unescape View File

@ -1,103 +1,139 @@
package de.marenthyu.memedit.util;
import com.sun.jna.Memory;
import com.sun.jna.Native;
import com.sun.jna.Pointer;
import com.sun.jna.ptr.IntByReference;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
public class Shared {
static Kernel32 kernel32 = Native.load("kernel32", Kernel32.class);
static User32 user32 = Native.load("user32", User32.class);
public static int PROCESS_VM_READ = 0x0010;
public static int PROCESS_VM_WRITE = 0x0020;
public static int PROCESS_VM_OPERATION = 0x0008;
public static int getProcessId(String window) {
IntByReference pid = new IntByReference(0);
user32.GetWindowThreadProcessId(user32.FindWindowA(null, window), pid);
return pid.getValue();
}
public static Pointer openProcess(int permissions, int pid) {
Pointer process = kernel32.OpenProcess(permissions, true, pid);
return process;
}
public static long findDynAddress(Pointer process, int[] offsets, long baseAddress) {
long pointer = baseAddress;
int size = 4;
Memory pTemp = new Memory(size);
long pointerAddress = 0;
// System.out.println("initial pointerAddress: " + String.format("0x%X", pointer));
for (int i = 0; i < offsets.length; i++) {
if (i == 0) {
kernel32.ReadProcessMemory(process, pointer, pTemp, size, null);
}
pointerAddress = ((pTemp.getInt(0) + offsets[i]));
// System.out.println("Current pointerAddress: " + String.format("0x%X", pointerAddress));
if (i != offsets.length - 1)
kernel32.ReadProcessMemory(process, pointerAddress, pTemp, size, null);
}
return pointerAddress;
}
public static Memory readMemory(Pointer process, long address, int bytesToRead) {
IntByReference read = new IntByReference(0);
Memory output = new Memory(bytesToRead);
kernel32.ReadProcessMemory(process, address, output, bytesToRead, read);
return output;
}
public static void writeMemory(Pointer process, long address, byte[] data) {
int size = data.length;
Memory toWrite = new Memory(size);
for (int i = 0; i < size; i++) {
toWrite.setByte(i, data[i]);
}
boolean b = kernel32.WriteProcessMemory(process, address, toWrite, size, null);
}
public static byte[] intToBytes(final int data) {
return new byte[]{
(byte) ((data >> 0) & 0xff),
(byte) ((data >> 8) & 0xff),
(byte) ((data >> 16) & 0xff),
(byte) ((data >> 24) & 0xff)
};
}
public static int getBaseAddress(String executableName) throws IOException {
String command = "powershell.exe \"$modules = Get-Process " + executableName.split("\\.")[0] + " -Module; $modules[0].BaseAddress;\"";
// Executing the command
Process powerShellProcess = Runtime.getRuntime().exec(command);
// Getting the results
powerShellProcess.getOutputStream().close();
String line;
BufferedReader stdout = new BufferedReader(new InputStreamReader(
powerShellProcess.getInputStream()));
StringBuilder output = new StringBuilder();
while ((line = stdout.readLine()) != null) {
output.append(line);
}
stdout.close();
return Integer.parseInt(output.toString());
}
}
package de.marenthyu.memedit.util;
import com.sun.jna.Memory;
import com.sun.jna.Native;
import com.sun.jna.Pointer;
import com.sun.jna.platform.win32.WinNT;
import com.sun.jna.ptr.IntByReference;
import de.marenthyu.memedit.util.sig.Module;
import de.marenthyu.memedit.util.sig.PsapiTools;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.util.List;
public class Shared {
static Kernel32 kernel32 = Native.load("kernel32", Kernel32.class);
static User32 user32 = Native.load("user32", User32.class);
final static int PROCESS_PERMISSIONS = WinNT.PROCESS_QUERY_INFORMATION | WinNT.PROCESS_VM_READ;
public static int PROCESS_VM_READ = 0x0010;
public static int PROCESS_VM_WRITE = 0x0020;
public static int PROCESS_VM_OPERATION = 0x0008;
public static int getProcessIdByWindowTitle(String window) {
IntByReference pid = new IntByReference(0);
user32.GetWindowThreadProcessId(user32.FindWindowA(null, window), pid);
return pid.getValue();
}
public static Pointer openProcess(int permissions, int pid) {
Pointer process = kernel32.OpenProcess(permissions, true, pid);
return process;
}
public static long findDynAddress(Pointer process, int[] offsets, long baseAddress) {
long pointer = baseAddress;
int size = 4;
Memory pTemp = new Memory(size);
long pointerAddress = 0;
// System.out.println("initial pointerAddress: " + String.format("0x%X", pointer));
for (int i = 0; i < offsets.length; i++) {
if (i == 0) {
kernel32.ReadProcessMemory(process, pointer, pTemp, size, null);
}
pointerAddress = ((pTemp.getInt(0) + offsets[i]));
// System.out.println("Current pointerAddress: " + String.format("0x%X", pointerAddress));
if (i != offsets.length - 1)
kernel32.ReadProcessMemory(process, pointerAddress, pTemp, size, null);
}
return pointerAddress;
}
public static Memory readMemory(Pointer process, long address, int bytesToRead) {
IntByReference read = new IntByReference(0);
Memory output = new Memory(bytesToRead);
kernel32.ReadProcessMemory(process, address, output, bytesToRead, read);
return output;
}
public static void writeMemory(Pointer process, long address, byte[] data) {
int size = data.length;
Memory toWrite = new Memory(size);
for (int i = 0; i < size; i++) {
toWrite.setByte(i, data[i]);
}
boolean b = kernel32.WriteProcessMemory(process, address, toWrite, size, null);
}
public static byte[] intToBytes(final int data) {
return new byte[]{
(byte) ((data >> 0) & 0xff),
(byte) ((data >> 8) & 0xff),
(byte) ((data >> 16) & 0xff),
(byte) ((data >> 24) & 0xff)
};
}
public static int getBaseAddress(String executableName) {
List<Integer> pids = null;
try {
pids = PsapiTools.getInstance().enumProcesses();
} catch (Exception e) {
e.printStackTrace();
return 0;
}
for (Integer pid : pids) {
WinNT.HANDLE process = com.sun.jna.platform.win32.Kernel32.INSTANCE.OpenProcess(PROCESS_PERMISSIONS, true, pid);
List<Module> hModules;
try {
hModules = PsapiTools.getInstance().EnumProcessModules(process);
for (Module m : hModules) {
//System.out.println(m.getFileName()+":"+m.getEntryPoint());
if (m.getFileName().contains(executableName)) {
return (int) Pointer.nativeValue(m.getLpBaseOfDll().getPointer());
}
}
} catch (Exception e) {
e.printStackTrace();
}
}
return 0;
}
@Deprecated
// Kept for historical reasons. Thanks sig.
public static int getBaseAddressPowerShell(String executableName) throws IOException {
String command = "powershell.exe \"$modules = Get-Process " + executableName.split("\\.")[0] + " -Module; $modules[0].BaseAddress;\"";
// Executing the command
Process powerShellProcess = Runtime.getRuntime().exec(command);
// Getting the results
powerShellProcess.getOutputStream().close();
String line;
BufferedReader stdout = new BufferedReader(new InputStreamReader(
powerShellProcess.getInputStream()));
StringBuilder output = new StringBuilder();
while ((line = stdout.readLine()) != null) {
output.append(line);
}
stdout.close();
return Integer.parseInt(output.toString());
}
}

64
src/de/marenthyu/memedit/util/sig/Module.java
Unescape View File

@ -0,0 +1,64 @@
package de.marenthyu.memedit.util.sig;
import com.sun.jna.platform.win32.WinDef.HMODULE;
import com.sun.jna.platform.win32.WinNT.HANDLE;
import de.marenthyu.memedit.util.sig.Psapi.LPMODULEINFO;
public class Module {
private HANDLE hProcess;
private HMODULE hModule;
private HANDLE lpBaseOfDll = null;
private int SizeOfImage = 0;
private HANDLE EntryPoint = null;
private PsapiTools psapi = PsapiTools.getInstance();
protected Module() {
}
public Module(HANDLE hProcess, HMODULE hModule) {
this.hProcess = hProcess;
this.hModule = hModule;
}
public HMODULE getPointer() {
return hModule;
}
public String getFileName() {
return psapi.GetModuleFileNameExA(hProcess, hModule);
}
public String getBaseName() {
return psapi.GetModuleBaseNameA(hProcess, hModule);
}
private void GetModuleInformation() {
if (lpBaseOfDll == null) {
try {
LPMODULEINFO x = psapi.GetModuleInformation(hProcess, hModule);
lpBaseOfDll = x.lpBaseOfDll;
SizeOfImage = x.SizeOfImage;
EntryPoint = x.EntryPoint;
} catch (Exception e) {
e.printStackTrace();
}
}
}
public HANDLE getLpBaseOfDll() {
GetModuleInformation();
return lpBaseOfDll;
}
public int getSizeOfImage() {
GetModuleInformation();
return SizeOfImage;
}
public HANDLE getEntryPoint() {
GetModuleInformation();
return EntryPoint;
}
}

57
src/de/marenthyu/memedit/util/sig/Psapi.java
Unescape View File

@ -0,0 +1,57 @@
package de.marenthyu.memedit.util.sig;
import com.sun.jna.Native;
import com.sun.jna.Structure;
import com.sun.jna.platform.win32.WinDef.HMODULE;
import com.sun.jna.platform.win32.WinNT.HANDLE;
import com.sun.jna.ptr.IntByReference;
import com.sun.jna.win32.StdCallLibrary;
import java.util.Arrays;
import java.util.List;
public interface Psapi extends StdCallLibrary {
Psapi INSTANCE = Native.load("Psapi", Psapi.class);
/*
* http://msdn.microsoft.com/en-us/library/ms682629(VS.85).aspx
*/
boolean EnumProcesses(int[] pProcessIds, int cb, IntByReference pBytesReturned);
/*
* http://msdn.microsoft.com/en-us/library/ms682631(VS.85).aspx
*/
boolean EnumProcessModules(HANDLE hProcess, HMODULE[] lphModule, int cb, IntByReference lpcbNeededs);
boolean EnumProcessModulesEx(HANDLE hProcess, HMODULE[] lphModule, int cb, IntByReference lpcbNeededs, int flags);
/*
* http://msdn.microsoft.com/en-us/library/ms683198(VS.85).aspx
*/
int GetModuleFileNameExA(HANDLE hProcess, HMODULE hModule, byte[] lpImageFileName, int nSize);
int GetModuleBaseNameA(HANDLE hProcess, HMODULE hModule, byte[] lpImageFileName, int nSize);
/*
* http://msdn.microsoft.com/en-us/library/ms684229(VS.85).aspx
*/
public static class LPMODULEINFO extends Structure {
public HANDLE lpBaseOfDll;
public int SizeOfImage;
public HANDLE EntryPoint;
@Override
protected List getFieldOrder() {
return Arrays.asList(new String[] { "lpBaseOfDll", "SizeOfImage", "EntryPoint"});
}
}
/*
* http://msdn.microsoft.com/en-us/library/ms683201(VS.85).aspx
*/
boolean GetModuleInformation(HANDLE hProcess, HMODULE hModule, LPMODULEINFO lpmodinfo, int cb);
}

104
src/de/marenthyu/memedit/util/sig/PsapiTools.java
Unescape View File

@ -0,0 +1,104 @@
package de.marenthyu.memedit.util.sig;
import com.sun.jna.Native;
import com.sun.jna.platform.win32.Kernel32;
import com.sun.jna.platform.win32.WinDef.HMODULE;
import com.sun.jna.platform.win32.WinNT.HANDLE;
import com.sun.jna.ptr.IntByReference;
import de.marenthyu.memedit.util.sig.Psapi.LPMODULEINFO;
import java.util.LinkedList;
import java.util.List;
public class PsapiTools {
private static PsapiTools INSTANCE=null;
private static Psapi psapi = Psapi.INSTANCE;
private static Kernel32 k32 = Kernel32.INSTANCE;
private PsapiTools(){}
public static PsapiTools getInstance(){
if (INSTANCE==null)
INSTANCE=new PsapiTools();
return INSTANCE;
}
public List<Integer> enumProcesses() throws Exception{
List<Integer> list = new LinkedList<Integer>();
int[] pProcessIds = new int[1024];
IntByReference pBytesReturned = new IntByReference();
boolean success = psapi.EnumProcesses(pProcessIds, pProcessIds.length*Integer.SIZE/8, pBytesReturned);
if (!success){
int err=k32.GetLastError();
throw new Exception("EnumProcesses failed. Error: "+err);
}
int size = (pBytesReturned.getValue()/(Integer.SIZE/8));
for (int i=0;i<size;i++)
list.add(pProcessIds[i]);
return list;
}
public List<Module> EnumProcessModules(HANDLE hProcess) throws Exception{
List<Module> list = new LinkedList<Module>();
HMODULE[] lphModule = new HMODULE[1024];
IntByReference lpcbNeededs= new IntByReference();
boolean success = psapi.EnumProcessModules(hProcess, lphModule, lphModule.length, lpcbNeededs);
if (!success){
int err=k32.GetLastError();
if (err!=6 && err!=299) {
throw new Exception("EnumProcessModules failed. Error: "+err);
}
}
for (int i = 0; i < lpcbNeededs.getValue()/4; i++) {
list.add(new Module(hProcess, lphModule[i]));
}
return list;
}
public List<Module> EnumProcessModulesEx(HANDLE hProcess, int flags) throws Exception{
List<Module> list = new LinkedList<Module>();
HMODULE[] lphModule = new HMODULE[1024];
IntByReference lpcbNeededs= new IntByReference();
boolean success = psapi.EnumProcessModulesEx(hProcess, lphModule, lphModule.length, lpcbNeededs, flags);
if (!success){
int err=k32.GetLastError();
throw new Exception("EnumProcessModules failed. Error: "+err);
}
for (int i = 0; i < lpcbNeededs.getValue()/4; i++) {
list.add(new Module(hProcess, lphModule[i]));
}
return list;
}
public String GetModuleFileNameExA(HANDLE hProcess, HMODULE hModule){
byte[] lpImageFileName= new byte[256];
psapi.GetModuleFileNameExA(hProcess, hModule, lpImageFileName, 256);
return Native.toString(lpImageFileName);
}
public String GetModuleBaseNameA(HANDLE hProcess, HMODULE hModule){
byte[] lpImageFileName= new byte[256];
psapi.GetModuleBaseNameA(hProcess, hModule, lpImageFileName, 256);
return Native.toString(lpImageFileName);
}
public LPMODULEINFO GetModuleInformation(HANDLE hProcess, HMODULE hModule) throws Exception{
LPMODULEINFO lpmodinfo = new LPMODULEINFO();
boolean success = psapi.GetModuleInformation(hProcess, hModule, lpmodinfo, lpmodinfo.size());
if (!success){
int err=k32.GetLastError();
throw new Exception("GetModuleInformation failed. Error: "+err);
}
return lpmodinfo;
}
}

3
src/de/marenthyu/memedit/util/sig/notice.txt
Unescape View File

@ -0,0 +1,3 @@
Thank you to https://github.com/sigonasr2/sigIRCv2 for providing the classes in this package.
No LICENSE was attached to the project at the time of writing. Credit to the original author.
Write Preview
Loading…
Cancel
Save