C# Scan for Memory Address Efficiently -
i've written memory editor class can read , write memory, need scan program's memory, , find list of memory addresses contain memory i'm searching for.
this memory editor class.
class memoryeditor { public const uint delete = 0x00010000; public const uint read_control = 0x00020000; public const uint write_dac = 0x00040000; public const uint write_owner = 0x00080000; public const uint synchronize = 0x00100000; public const uint end = 0xfff; public const uint process_all_access = (delete | read_control | write_dac | write_owner | synchronize | end); public process targetedprocess; [dllimport("kernel32.dll")] public static extern int openprocess(uint dwdesiredaccess, bool binherithandle, int dwprocessid); [dllimport("kernel32.dll")] public static extern bool readprocessmemory(int hprocess, int lpbaseaddress, byte[] buffer, int size, int lpnumberofbytesread); [dllimport("kernel32.dll")] public static extern bool writeprocessmemory(int hprocess, int lpbaseaddress, byte[] buffer, int size, int lpnumberofbyteswritten); public process targetprocess(string name, int index = 0) { return (targetedprocess = process.getprocessesbyname(name)[index]); } public int gethandle(process proc, uint access = process_all_access) { return openprocess(access, false, proc.id); } public byte[] getbytesfromstring(string str) { return encoding.unicode.getbytes(str); } public string getstringfrombytes(byte[] bytearr) { return encoding.unicode.getstring(bytearr); } public int makehex(string str) { return (int.parse(str, system.globalization.numberstyles.hexnumber)); } public byte[] readmemory(int address, int processsize) { byte[] buffer = new byte[processsize]; readprocessmemory(gethandle(targetedprocess), address, buffer, processsize, 0); return buffer; } public list<int> getaddress(byte[] memory, int index = 0) { list<int> buf = new list<int>(); (int = 0; < int.maxvalue; i++) if (readmemory(makehex(i.tostring()), 1) == memory) buf.add(i); return buf; } public void writememory(int address, byte[] processbytes) { writeprocessmemory(gethandle(targetedprocess), address, processbytes, processbytes.length, 0); } public int getobjectsize(object testobject) { binaryformatter bf = new binaryformatter(); memorystream ms = new memorystream(); byte[] array; bf.serialize(ms, testobject); array = ms.toarray(); return array.length; } } and here function try find memory addresses
public list<int> getaddress(byte[] memory, int index = 0) { list<int> buf = new list<int>(); (int = 0; < int.maxvalue; i++) if (readmemory(makehex(i.tostring()), 1) == memory) buf.add(i); return buf; } it lags extremely badly, , i'm targeting notepad. when scan memory in cheat engine, finds immediately, without lag. program scans 0, max value of int, cheat engine 0 max value of long, don't know i'm doing wrong.
any way can efficiently?
there several problems see right away.
1. you're reading one byte @ time:
readmemory(makehex(i.tostring()), 1) i'm not certain, assume call readprocessmemory requires system call execute, , doing every byte going 1 source of slowdown. instead, should read size of "block" , scan through block in process. (doing 1 page @ time may efficient.)
2. why in world doing of conversions back-and-forth strings?!
public int makehex(string str) { return (int.parse(str, system.globalization.numberstyles.hexnumber)); } .... (int = 0; < int.maxvalue; i++) if (readmemory(makehex(i.tostring()), 1) == memory) every iteration of loop, you're converting i string (the default, decimal - not hex), , passing makehex parses (as hex, always) integer. what's point of this? pass integer! these conversions can expensive.
<pedantic>by way, name "makehex" doesn't make sense - it's going from hex, , making integer.</pedantic>
Comments
Post a Comment