//C# read memory example
using System;
using ;
using ;
using ;
using ;
using ;
publicclass key
{
constuint PROCESS_ALL_ACCESS =0x001F0FFF;
constuint KEYEVENTF_EXTENDEDKEY =0x1;
constuint KEYEVENTF_KEYUP =0x2;
privatereadonlyint MOUSEEVENTF_LEFTDOWN =0x2;
privatereadonlyint MOUSEEVENTF_LEFTUP =0x4;
constuint KBC_KEY_CMD =0x64;
constuint KBC_KEY_DATA =0x60;
//The function that gets the form handle, the FindWindow function is used to return the window handle that matches the specified class name (ClassName) and window name (WindowTitle)
[DllImport("", CharSet = )]
publicstaticextern IntPtr FindWindow(
string lpClassName, // pointer to class name
string lpWindowName // pointer to window name
);
[DllImport("")]
privatestaticexternint GetWindowThreadProcessId(IntPtr id, int pid);
[DllImport("")]
privatestaticexternvoid CloseHandle
(
uint hObject //Handle to object
);
// Functions that read process memory
[DllImport("")]
staticexternbool ReadProcessMemory(uint hProcess, IntPtr lpBaseAddress,
IntPtr lpBuffer, uint nSize, refuint lpNumberOfBytesRead);
//The function to get the target process handle
[DllImport("")]
publicstaticexternuint OpenProcess(uint dwDesiredAccess, bool bInheritHandle, int dwProcessId);
//Mouse event statement
[DllImport("")]
staticexternbool setcursorpos(int x, int y);
[DllImport("")]
staticexternvoid mouse_event(mouseeventflag flags, int dx, int dy, uint data, UIntPtr extrainfo);
//Keyboard event statement
[DllImport("")]
staticexternbyte MapVirtualKey(byte wCode, int wMap);
[DllImport("")]
staticexternshort GetKeyState(int nVirtKey);
[DllImport("")]
staticexternvoid keybd_event(byte bVk, byte bScan, uint dwFlags, uint dwExtraInfo);
//Keyboard event declaration winio
[DllImport("")]
publicstaticexternbool InitializeWinIo();
[DllImport("")]
publicstaticexternbool GetPortVal(IntPtr wPortAddr, outint pdwPortVal, byte bSize);
[DllImport("")]
publicstaticexternbool SetPortVal(uint wPortAddr, IntPtr dwPortVal, byte bSize);
[DllImport("")]
publicstaticexternbyte MapPhysToLin(byte pbPhysAddr, uint dwPhysSize, IntPtr PhysicalMemoryHandle);
[DllImport("")]
publicstaticexternbool UnmapPhysicalMemory(IntPtr PhysicalMemoryHandle, byte pbLinAddr);
[DllImport("")]
publicstaticexternbool GetPhysLong(IntPtr pbPhysAddr, byte pdwPhysVal);
[DllImport("")]
publicstaticexternbool SetPhysLong(IntPtr pbPhysAddr, byte dwPhysVal);
[DllImport("")]
publicstaticexternvoid ShutdownWinIo();
///<summary>
/// Get the process pid
///</summary>
///<param name="name"></param>
///<returns></returns>
privateint pid(String name)
{
try
{
ObjectQuery oQuery =new ObjectQuery("select * from Win32_Process where Name='"+ name +"'");
ManagementObjectSearcher oSearcher =new ManagementObjectSearcher(oQuery);
ManagementObjectCollection oReturnCollection = ();
string pid ="";
string cmdLine;
StringBuilder sb =new StringBuilder();
foreach (ManagementObject oReturn in oReturnCollection)
{
pid = ("ProcessId").ToString();
//cmdLine = (string)("CommandLine");
//string pattern = "-ap \"(.*)\"";
//Regex regex = new Regex(pattern, );
// Match match = (cmdLine);
//string appPoolName = [1].ToString();
//(" PID: {0} AppPoolId:{1}\r\n", pid, appPoolName);
}
return Convert.ToInt32(pid);
}
catch (Exception ss)
{ return0; }
}
privateint pid(IntPtr id)
{
int pid =0;
pid = GetWindowThreadProcessId(id, pid);
return260;
}
///<summary>
/// Read memory value
///</summary>
///<param name="name">process id</param>
///<param name="dizhi">Read memory address</param>
///<returns></returns>
//public String getread(String QEC,String EC, IntPtr dizhi, uint size)
//{
// Byte bt = new Byte();
// IntPtr id=FindWindow(QEC, EC);
// uint hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, pid(id));
// IntPtr fanhui = new IntPtr();
// String gg = null;
// if (hProcess == 0)
// {
//// gg = ReadProcessMemory(hProcess, dizhi, fanhui, size, 0);
//// CloseHandle(hProcess);
// }
// return gg;
//}
public String getread(String jincheng, String EC, IntPtr dizhi, uint size)
{
byte[] vBuffer =newbyte[4];
IntPtr vBytesAddress = (vBuffer, 0); // Get the address of the buffer
uint vNumberOfBytesRead =0;
Byte bt =new Byte();
//IntPtr id = FindWindow(QEC, EC);
uint hProcess = OpenProcess(PROCESS_ALL_ACCESS, false, pid(jincheng));
//pid(0);
IntPtr fanhui =new IntPtr();
String gg =null;
//if (hProcess == 0)
//{
if (ReadProcessMemory(hProcess, dizhi, vBytesAddress, (uint), ref hProcess))
{
CloseHandle(hProcess);
}
else
{
CloseHandle(hProcess);
}
// }
int vInt = Marshal.ReadInt32(vBytesAddress);
return ();
}
///<summary>
/// Get keyboard status
///</summary>
///<param name="Key"></param>
///<returns></returns>
publicbool GetState(VirtualKeys Key)
{
return (GetKeyState((int)Key) ==1);
}
///<summary>
/// Send keyboard events
///</summary>
///<returns></returns>
publicvoid Send(VirtualKeys Key, bool State)
{
if (State != GetState(Key))
{
byte a = MapVirtualKey((byte)Key, 0);
keybd_event((byte)Key, MapVirtualKey((byte)Key, 0), 0, 0);
(1000);
keybd_event((byte)Key, MapVirtualKey((byte)Key, 0), KEYEVENTF_KEYUP, 0);
}
}
///<summary>
/// Initialize winio
///</summary>
publicvoid sendwinio()
{
if (InitializeWinIo())
{
KBCWait4IBE();
}
}
privatevoid KBCWait4IBE() //Waiting for the keyboard buffer to be empty
{
//int[] dwVal = new int[] { 0 };
int dwVal =0;
do
{
//This sentence means reading a byte from the &H64 port and putting the read data into the variable dwVal
//The usage of the GetPortVal function is the GetPortVal port number, which stores the variables that read out the data and the length of the read in
bool flag = GetPortVal((IntPtr)0x64, out dwVal, 1);
}
while ((dwVal &0x2) >0);
}
///<summary>
/// Press the analog keyboard
///</summary>
///<param name="vKeyCoad"></param>
publicvoid MykeyDown(int vKeyCoad)
{
int btScancode =0;
btScancode = MapVirtualKey((byte)vKeyCoad, 0);
// btScancode = vKeyCoad;
KBCWait4IBE(); // 'Before sending data, you should wait for the keyboard buffer to be empty
SetPortVal(KBC_KEY_CMD, (IntPtr)0xD2, 1);// 'Send keyboard write command
//SetPortVal function is used to write data to the port. Its usage is SetPortVal port number, the data to be written, the length of the data written
KBCWait4IBE();
SetPortVal(KBC_KEY_DATA, (IntPtr)0xe2, 1);// 'Write key information, press key
KBCWait4IBE(); // 'Before sending data, you should wait for the keyboard buffer to be empty
SetPortVal(KBC_KEY_CMD, (IntPtr)0xD2, 1);// 'Send keyboard write command
//SetPortVal function is used to write data to the port. Its usage is SetPortVal port number, the data to be written, the length of the data written
KBCWait4IBE();
SetPortVal(KBC_KEY_DATA, (IntPtr)btScancode, 1);// 'Write key information, press key
}
///<summary>
/// Simulate keyboard pop-up
///</summary>
///<param name="vKeyCoad"></param>
publicvoid MykeyUp(int vKeyCoad)
{
int btScancode =0;
btScancode = MapVirtualKey((byte)vKeyCoad, 0);
//btScancode = vKeyCoad;
KBCWait4IBE(); // 'Before sending data, you should wait for the keyboard buffer to be empty
SetPortVal(KBC_KEY_CMD, (IntPtr)0xD2, 1); //'Send keyboard write command
KBCWait4IBE();
SetPortVal(KBC_KEY_DATA, (IntPtr)0xe0, 1);// 'Write key information, release key
KBCWait4IBE(); // 'Before sending data, you should wait for the keyboard buffer to be empty
SetPortVal(KBC_KEY_CMD, (IntPtr)0xD2, 1); //'Send keyboard write command
KBCWait4IBE();
SetPortVal(KBC_KEY_DATA, (IntPtr)btScancode, 1);// 'Write key information, release key
}
///<summary>
/// Press the simulated mouse
///</summary>
///<param name="vKeyCoad"></param>
publicvoid MyMouseDown(int vKeyCoad)
{
int btScancode =0;
btScancode = MapVirtualKey((byte)vKeyCoad, 0);
//btScancode = vKeyCoad;
KBCWait4IBE(); // 'Before sending data, you should wait for the keyboard buffer to be empty
SetPortVal(KBC_KEY_CMD, (IntPtr)0xD3, 1);// 'Send keyboard write command
//SetPortVal function is used to write data to the port. Its usage is SetPortVal port number, the data to be written, the length of the data written
KBCWait4IBE();
SetPortVal(KBC_KEY_DATA, (IntPtr)(btScancode |0x80), 1);// 'Write key information, press key
}
///<summary>
/// Simulate mouse pop-up
///</summary>
///<param name="vKeyCoad"></param>
publicvoid MyMouseUp(int vKeyCoad)
{
int btScancode =0;
btScancode = MapVirtualKey((byte)vKeyCoad, 0);
// btScancode = vKeyCoad;
KBCWait4IBE(); // 'Before sending data, you should wait for the keyboard buffer to be empty
SetPortVal(KBC_KEY_CMD, (IntPtr)0xD3, 1); //'Send keyboard write command
KBCWait4IBE();
SetPortVal(KBC_KEY_DATA, (IntPtr)(btScancode |0x80), 1);// 'Write key information, release key
}
///<summary>
/// Send mouse event
///</summary>
///<returns></returns>
publicvoid SendMouse()
{
}
///<summary>
/// Mouse action enumeration
///</summary>
publicenum mouseeventflag : uint
{
move =0x0001,
leftdown =0x0002,
leftup =0x0004,
rightdown =0x0008,
rightup =0x0010,
middledown =0x0020,
middleup =0x0040,
xdown =0x0080,
xup =0x0100,
wheel =0x0800,
virtualdesk =0x4000,
absolute =0x8000
}
///<summary>
/// Keyboard action enumeration
///</summary>
publicenum VirtualKeys : byte
{
//VK_NUMLOCK = 0x90, //Number lock key
//VK_SCROLL = 0x91, //Scroll Lock
//VK_CAPITAL = 0x14, //Case lock
//VK_A = 62, //Keyboard A
VK_LBUTTON =1, //Left mouse button
VK_RBUTTON =2, //Right mouse button
VK_CANCEL =3, //Ctrl+Break (usually no processing is required)
VK_MBUTTON =4, //Middle mouse button
VK_BACK =8, //Backspace
VK_TAB =9, //Tab
VK_CLEAR =12, //Num Lock is closed with numeric keypad 5
VK_RETURN =13, //Enter (or another)
VK_SHIFT =16, //Shift (or another)
VK_CONTROL =17, //Ctrl (or another)
VK_MENU =18,//Alt (or another)
VK_PAUSE =19, //Pause
VK_CAPITAL =20, //Caps Lock
VK_ESCAPE =27, //Esc
VK_SPACE =32, //Spacebar
VK_PRIOR =33, //Page Up
VK_NEXT =34,//Page Down
VK_END =35, //End
VK_HOME =36,//Home
VK_LEFT =37, //Left arrow
VK_UP =38, //Up arrow
VK_RIGHT =39, //Right arrow
VK_DOWN =40, //Down arrow
VK_SELECT =41, //Optional
VK_PRINT =42, //Optional
VK_EXECUTE =43, //Optional
VK_SNAPSHOT =44,//Print Screen
VK_INSERT =45, //Insert
VK_DELETE =46, //Delete
VK_HELP =47, //Optional
VK_NUM0 =48, //0
VK_NUM1 =49, //1
VK_NUM2 =50, //2
VK_NUM3 =51, //3
VK_NUM4 =52, //4
VK_NUM5 =53, //5
VK_NUM6 =54, //6
VK_NUM7 =55, //7
VK_NUM8 =56, //8
VK_NUM9 =57, //9
VK_A =65, //A
VK_B =66, //B
VK_C =67, //C
VK_D =68, //D
VK_E =69, //E
VK_F =70, //F
VK_G =71, //G
VK_H =72, //H
VK_I =73, //I
VK_J =74, //J
VK_K =75, //K
VK_L =76, //L
VK_M =77, //M
VK_N =78, //N
VK_O =79, //O
VK_P =80, //P
VK_Q =81, //Q
VK_R =82, //R
VK_S =83, //S
VK_T =84, //T
VK_U =85, //U
VK_V =86, //V
VK_W =87, //W
VK_X =88, //X
VK_Y =89, //Y
VK_Z =90, //Z
VK_NUMPAD0 =96, //0
VK_NUMPAD1 =97, //1
VK_NUMPAD2 =98, //2
VK_NUMPAD3 =99, //3
VK_NUMPAD4 =100, //4
VK_NUMPAD5 =101, //5
VK_NUMPAD6 =102, //6
VK_NUMPAD7 =103, //7
VK_NUMPAD8 =104, //8
VK_NUMPAD9 =105, //9
VK_NULTIPLY =106, //* on the numeric keypad
VK_ADD =107,//+ on the numeric keypad
VK_SEPARATOR =108, //Optional
VK_SUBTRACT =109, //On the numeric keypad-
VK_DECIMAL =110,//On the numeric keypad.
VK_DIVIDE =111, //On the numeric keypad/
VK_F1 =112,
VK_F2 =113,
VK_F3 =114,
VK_F4 =115,
VK_F5 =116,
VK_F6 =117,
VK_F7 =118,
VK_F8 =119,
VK_F9 =120,
VK_F10 =121,
VK_F11 =122,
VK_F12 =123,
VK_NUMLOCK =144,//Num Lock
VK_SCROLL =145 // Scroll Lock
}
}