Reading from Halo's memory in 40 lines of C#
| using System; | |
| using System.Diagnostics; | |
| using System.Runtime.InteropServices; | |
| // define struct | |
| [StructLayout(LayoutKind.Sequential)] public struct IndexHeaderStruct { | |
| public uint MemoryOffset; | |
| public uint MapID; | |
| public uint TagCount; | |
| public uint VerticieCount; | |
| public uint VerticieOffset; | |
| public uint IndicieCount; | |
| public uint IndicieOffset; | |
| public uint ModelDataLength; | |
| private uint Buffer; | |
| } | |
| // open Halo | |
| [DllImport("kernel32.dll")] public static extern IntPtr OpenProcess(UInt32 dwDesiredAccess, [MarshalAs(UnmanagedType.Bool)] bool bInheritHandle, int dwProcessId); | |
| const uint ProcessAllAccess = 0x1F0FFF; | |
| var processesByName = Process.GetProcessesByName("halo"); | |
| var processId = OpenProcess(ProcessAllAccess, false, processesByName[0].Id); | |
| // read memory | |
| [DllImport("kernel32.dll", SetLastError = true)] public static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, [Out] byte[] lpBuffer, int dwSize, out int lpNumberOfBytesRead); | |
| var buf = new byte[256]; | |
| int bytesWritten; | |
| ReadProcessMemory(processId, (IntPtr)0x40440000, buf, 256, out bytesWritten); | |
| // cast to struct | |
| var pinnedIndexHeader = GCHandle.Alloc(buf, GCHandleType.Pinned); | |
| var addrOfIndexHeader = pinnedIndexHeader.AddrOfPinnedObject(); | |
| var indexHeaderStruct = (IndexHeaderStruct)Marshal.PtrToStructure(addrOfIndexHeader, typeof(IndexHeaderStruct)); | |
| Array.ForEach(indexHeaderStruct.GetType().GetFields(), (field) => { | |
| Console.WriteLine(string.Format("{0}: {1}", field.Name, field.GetValue(indexHeaderStruct))); | |
| }); | |
| pinnedIndexHeader.Free(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This comment has been minimized.
ChadSki commentedJul 10, 2015
I ran this file as-is using ScriptCS. Otherwise you may copy+paste this as-needed into a full C# project.