Fixed issue with searching.

Added find, read, and replace functionality to GTTest
wccrawford · Apr 17, 2011 · 48363ef · 48363ef
1 parent 36cc9e7
commit 48363ef
Show file tree

Hide file tree

Showing 2 changed files with 48 additions and 13 deletions.
diff --git a/GTLibrary/TrainProcess.cs b/GTLibrary/TrainProcess.cs
@@ -281,7 +281,7 @@ public static short CheckKey(int Key)
 			return (MEMORY_BASIC_INFORMATION[])locations.ToArray(typeof(MEMORY_BASIC_INFORMATION));
 		}
 
-		public IntPtr[] FindInMemory(byte[] Needle, long MinimumAddress=0, long MaximumAddress=0x7fffffff) {
+		public IntPtr[] FindInMemory(byte[] Needle, long MinimumAddress=0, long MaximumAddress=long.MaxValue) {
 			ArrayList Locations = new ArrayList();
 
 			MEMORY_BASIC_INFORMATION[] MemoryRegions = GetMemoryRegions();
@@ -300,28 +300,39 @@ public static short CheckKey(int Key)
 		}
 
 		public IntPtr[] FindInMemoryRegion(byte[] Needle, MEMORY_BASIC_INFORMATION MemoryRegion) {
-			ArrayList Locations = new ArrayList();
-
 			byte[] Memory = ReadMemoryRegion(MemoryRegion);
 
+			long[] ByteLocations = FindInBytes(Needle, Memory);
+
+			IntPtr[] Locations = new IntPtr[ByteLocations.LongLength];
+			for(long index = 0; index < ByteLocations.LongLength; index++) {
+				Locations[index] = (IntPtr)((long)MemoryRegion.BaseAddress+ByteLocations[index]);
+			}
+
+			return Locations;
+		}
+
+		public long[] FindInBytes(byte[] Needle, byte[] Bytes) {
+			ArrayList Locations = new ArrayList();
+
 			// Loop through each byte in the memory region and start searching,
 			// But don't bother with the bit at the end that's too short.
-			for(long indexMemory = 0; indexMemory < (Memory.Length-(Needle.Length-1)); indexMemory++) {
+			for(long indexBytes = 0; indexBytes < (Bytes.Length-(Needle.Length-1)); indexBytes++) {
 				// Check that each byte matches
 				bool Match = true;
 				for(long indexNeedle = 0; indexNeedle < Needle.Length; indexNeedle++) {
-					if(Memory[indexMemory+indexNeedle] != Needle[indexNeedle]) {
+					if(Bytes[indexBytes+indexNeedle] != Needle[indexNeedle]) {
 						Match = false;
 						break;
 					}
 				}
 
-				if(Match) {
-					Locations.Add((IntPtr)((long)MemoryRegion.BaseAddress+indexMemory));
+				if(Match == true) {
+					Locations.Add(indexBytes);
 				}
 			}
 
-			return (IntPtr[])Locations.ToArray(typeof(IntPtr));
+			return (long[])Locations.ToArray(typeof(long));
 		}
 
 		public byte[] ReadMemoryRegion(MEMORY_BASIC_INFORMATION MemoryRegion) {

diff --git a/GTTest/Program.cs b/GTTest/Program.cs
@@ -38,12 +38,36 @@ public static void Main(string[] args)
 
 			Console.WriteLine("Opened successfully!");
 
-			if(args.Length >= 2) {
-				byte[] memory = Conversion.HexToBytes(args[1]);
-				IntPtr[] Locations = targetProcess.FindInMemory(memory, 200000000, 300000000);
+			if(args.Length == 3) {
+				if(args[1] == "find") {
+					byte[] memory = Conversion.HexToBytes(args[2]);
+					IntPtr[] Locations = targetProcess.FindInMemory(memory, 0, long.MaxValue);
+
+					foreach(IntPtr Location in Locations) {
+						Console.WriteLine(Location);
+					}
+				}
 
-				foreach(IntPtr Location in Locations) {
-					Console.WriteLine(Location);
+				if(args[1] == "read") {
+					byte[] memory = targetProcess.ReadMemory((IntPtr)long.Parse(args[2]), 4);
+
+					foreach(byte byt in memory) {
+						Console.WriteLine(byt);
+					}
+				}
+			}
+
+			if (args.Length == 4) {
+				if(args[1] == "replace") {
+					byte[] oldBytes = Conversion.HexToBytes(args[2]);
+					byte[] newBytes = Conversion.HexToBytes(args[3]);
+
+					IntPtr[] Locations = targetProcess.FindInMemory(oldBytes);
+
+					foreach(IntPtr Location in Locations) {
+						Console.WriteLine(Location);
+						targetProcess.WriteMemory(Location, newBytes);
+					}
 				}
 			}