1:C # common APIs for plug-ins.
2:
3:UsingSystem;
4:UsingSystem. Collections. Generic;
5:UsingSystem. text;
6:UsingSystem. runtime. interopservices;// This Must Be
7:
8:NamespaceWindowsapplication1
9:{
10:ClassWIN32API
11:{
12:Public Const IntOpen_process_all= 2035711;
13:Public Const IntPage_readwrite = 4;
14:Public Const IntProcess_create_thread = 2;
15:Public Const IntProcess_heap_entry_busy = 4;
16:Public Const IntProcess_vm_operation = 8;
17:Public Const IntProcess_vm_read = 256;
18:Public Const IntProcess_vm_write = 32;
19:
20:Private Const IntPage_execute_readwrite = 0x4;
21:Private Const IntMem_commit = 4096;
22:Private Const IntMem_release = 0x8000;
23:Private Const IntMem_decommit = 0X4000;
24:Private Const IntProcess_all_access = 0x1f0fff;
25:
26:
27:
28:
29:// Find the form
30:[Dllimport ("User32.dll", Entrypoint ="Findwindow")]
31:Public Extern StaticIntptr findwindow (
32:StringLpclassname,
33:StringLpwindowname
34:);
35:
36:// Obtain the target Process Handle Function
37:[Dllimport ("User32.dll")]
38:Public Extern Static IntGetwindowthreadprocessid (
39:IntHwnd,
40:Ref IntLpdwprocessid
41:);
42:[Dllimport ("User32.dll")]
43:Public Extern Static IntGetwindowthreadprocessid (
44:Intptr hwnd,
45:Ref IntLpdwprocessid
46:);
47:
48:// Open the process
49:[Dllimport ("Kernel32.dll")]
50:Public Extern Static IntOpenProcess (
51:IntDwdesiredaccess,
52:IntBinherithandle,
53:IntDwprocessid
54:);
55:[Dllimport ("Kernel32.dll")]
56:Public Extern StaticIntptr OpenProcess (
57:UintDwdesiredaccess,
58:IntBinherithandle,
59:UintDwprocessid
60:);
61:
62:// Close the handle Function
63:[Dllimport ("Kernel32.dll", Entrypoint ="Closehandle")]
64:Public Static Extern IntClosehandle (
65:IntHobject
66:);
67:
68:// READ memory
69:[Dllimport ("Kernel32.dll")]
70:Public Static ExternInt32 readprocessmemory (
71:Intptr hprocess,
72:Intptr lpbaseaddress,
73:[In, out]Byte[] Buffer,
74:IntSize,
75:OutIntptr lpnumberofbyteswritten
76:);
77:[Dllimport ("Kernel32.dll")]
78:Public Static ExternInt32 readprocessmemory (
79:IntHprocess,
80:IntLpbaseaddress,
81:Ref IntBuffer,
82:// Byte [] buffer,
83:IntSize,
84:IntLpnumberofbyteswritten
85:);
86:[Dllimport ("Kernel32.dll")]
87:Public Static ExternInt32 readprocessmemory (
88:IntHprocess,
89:IntLpbaseaddress,
90:Byte[] Buffer,
91:IntSize,
92:IntLpnumberofbyteswritten
93:);
94:
95:// Write memory
96:[Dllimport ("Kernel32.dll")]
97:Public Static ExternInt32 writeprocessmemory (
98:Intptr hprocess,
99:Intptr lpbaseaddress,
100:[In, out]Byte[] Buffer,
101:IntSize,
102:OutIntptr lpnumberofbyteswritten
103:);
104:
105:[Dllimport ("Kernel32.dll")]
106:Public Static ExternInt32 writeprocessmemory (
107:IntHprocess,
108:IntLpbaseaddress,
109:Byte[] Buffer,
110:IntSize,
111:IntLpnumberofbyteswritten
112:);
113:
114:// Create a thread
115:[Dllimport ("Kernel32", Entrypoint ="Createremotethread")]
116:Public Static Extern IntCreateremotethread (
117:IntHprocess,
118:IntLpthreadattributes,
119:IntDwstacksize,
120:IntLpstartaddress,
121:IntLpparameter,
122:IntDwcreationflags,
123:Ref IntLpthreadid
124:);
125:
126:// Open the memory space of the specified process
127:[Dllimport ("Kernel32.dll")]
128:Public Static ExternSystem. int32 virtualallocex (
129:System. intptr hprocess,
130:System. int32 lpaddress,
131:System. int32 dwsize,
132:System. int16 flallocationtype,
133:System. int16 flprotect
134:);
135:
136:[Dllimport ("Kernel32.dll")]
137:Public Static ExternSystem. int32 virtualallocex (
138:IntHprocess,
139:IntLpaddress,
140:IntDwsize,
141:IntFlallocationtype,
142:IntFlprotect
143:);
144:
145:// Release memory space
146:[Dllimport ("Kernel32.dll")]
147:Public Static ExternSystem. int32 virtualfreeex (
148:IntHprocess,
149:IntLpaddress,
150:IntDwsize,
151:IntFlallocationtype
152:);
153:}
154:}
Original address: original