C# Dll injector, VB.Net Dll injector -

-

i had made dll injector easy before, had windows 7, made in c# , c++, worked great! when try same codes in windows 8, seems doesn't inject dll in right way! :) dll not working...

(the code i'm trying public 1 <)

vb.net code:

private targetprocesshandle integer private pfnstartaddr integer private pszlibfileremote string private targetbuffersize integer  public const process_vm_read = &h10 public const th32cs_snapprocess = &h2 public const mem_commit = 4096 public const page_readwrite = 4   public const process_create_thread = (&h2) public const process_vm_operation = (&h8) public const process_vm_write = (&h20) dim dllfilename string public declare function readprocessmemory lib "kernel32" ( _ byval hprocess integer, _ byval lpbaseaddress integer, _ byval lpbuffer string, _ byval nsize integer, _ byref lpnumberofbyteswritten integer) integer  public declare function loadlibrary lib "kernel32" alias "loadlibrarya" ( _ byval lplibfilename string) integer  public declare function virtualallocex lib "kernel32" ( _ byval hprocess integer, _ byval lpaddress integer, _ byval dwsize integer, _ byval flallocationtype integer, _ byval flprotect integer) integer  public declare function writeprocessmemory lib "kernel32" ( _ byval hprocess integer, _ byval lpbaseaddress integer, _ byval lpbuffer string, _ byval nsize integer, _ byref lpnumberofbyteswritten integer) integer  public declare function getprocaddress lib "kernel32" ( _ byval hmodule integer, byval lpprocname string) integer  private declare function getmodulehandle lib "kernel32" alias "getmodulehandlea" ( _ byval lpmodulename string) integer  public declare function createremotethread lib "kernel32" ( _ byval hprocess integer, _ byval lpthreadattributes integer, _ byval dwstacksize integer, _ byval lpstartaddress integer, _ byval lpparameter integer, _ byval dwcreationflags integer, _ byref lpthreadid integer) integer  public declare function openprocess lib "kernel32" ( _ byval dwdesiredaccess integer, _ byval binherithandle integer, _ byval dwprocessid integer) integer  private declare function findwindow lib "user32" alias "findwindowa" ( _ byval lpclassname string, _ byval lpwindowname string) integer  private declare function closehandle lib "kernel32" alias "closehandle" ( _ byval hobject integer) integer   dim exename string = io.path.getfilenamewithoutextension(application.executablepath)  private sub inject()      try         timer1.stop()         dim targetprocess process() = process.getprocessesbyname(textbox1.text)         targetprocesshandle = openprocess(process_create_thread or process_vm_operation or process_vm_write, false, targetprocess(0).id)         pszlibfileremote = openfiledialog1.filename         pfnstartaddr = getprocaddress(getmodulehandle("kernel32"), "loadlibrarya")         targetbuffersize = 1 + len(pszlibfileremote)         dim rtn integer         dim loadlibparamadr integer         loadlibparamadr = virtualallocex(targetprocesshandle, 0, targetbuffersize, mem_commit, page_readwrite)         rtn = writeprocessmemory(targetprocesshandle, loadlibparamadr, pszlibfileremote, targetbuffersize, 0)         createremotethread(targetprocesshandle, 0, 0, pfnstartaddr, loadlibparamadr, 0, 0)         closehandle(targetprocesshandle)     catch ex exception         messagebox.show("ex:" + ex.tostring)     end try end sub

it giving error "system.entrypointnotfoundexception....." after changed this:

closehandle lib "kernel32" alias "closehandlea"

to this:

closehandle lib "kernel32" alias "closehandle"

it doesn't show error again, doesn't inject in right way!

for c# :

[dllimport("kernel32")]     public static extern intptr createremotethread(       intptr hprocess,       intptr lpthreadattributes,       uint dwstacksize,       uintptr lpstartaddress, // raw pointer remote process       intptr lpparameter,       uint dwcreationflags,       out intptr lpthreadid     );      [dllimport("kernel32.dll")]     public static extern intptr openprocess(         uint32 dwdesiredaccess,         int32 binherithandle,         int32 dwprocessid         );      [dllimport("kernel32.dll")]     public static extern int32 closehandle(     intptr hobject     );      [dllimport("kernel32.dll", setlasterror = true, exactspelling = true)]     static extern bool virtualfreeex(         intptr hprocess,          intptr lpaddress,         uintptr dwsize,          uint dwfreetype         );      [dllimport("kernel32.dll", charset = charset.ansi, exactspelling = true)]     public static extern uintptr getprocaddress(         intptr hmodule,          string procname         );      [dllimport("kernel32.dll", setlasterror = true, exactspelling = true)]     static extern intptr virtualallocex(         intptr hprocess,          intptr lpaddress,         uint dwsize,          uint flallocationtype,          uint flprotect         );      [dllimport("kernel32.dll")]     static extern bool writeprocessmemory(         intptr hprocess,         intptr lpbaseaddress,         string lpbuffer,         uintptr nsize,         out intptr lpnumberofbyteswritten     );      [dllimport("kernel32.dll", charset = charset.auto)]     public static extern intptr getmodulehandle(         string lpmodulename         );      [dllimport("kernel32", setlasterror = true, exactspelling = true)]     internal static extern int32 waitforsingleobject(         intptr handle,          int32 milliseconds         );      public int32 getprocessid(string proc)     {         process[] proclist;         proclist = process.getprocessesbyname(proc);         return proclist[0].id;     }      public void injectdll(intptr hprocess, string strdllname)     {         intptr bytesout;          // length of string containing dll file name +1 byte padding         int32 lenwrite = strdllname.length + 1;         // allocate memory within virtual address space of target process         intptr allocmem = (intptr)virtualallocex(hprocess, (intptr)null, (uint)lenwrite, 0x1000, 0x40); //allocation pour writeprocessmemory          // write dll file name allocated memory in target process         writeprocessmemory(hprocess, allocmem, strdllname, (uintptr)lenwrite, out bytesout);         // function pointer "injector"         uintptr injector = (uintptr)getprocaddress( getmodulehandle("kernel32.dll"), "loadlibrarya");          if (injector == null)         {             messagebox.show(" injector error! \n ");             // return failed             return;         }          // create thread in target process, , store handle in hthread         intptr hthread = (intptr)createremotethread(hprocess, (intptr)null, 0, injector, allocmem, 0, out bytesout);         // make sure thread handle valid         if ( hthread == null )         {             //incorrect thread handle ... return failed             messagebox.show(" hthread [ 1 ] error! \n ");             return;         }         // time-out 10 seconds...         int result = waitforsingleobject(hthread, 10 * 1000);         // check whether thread timed out...         if (result == 0x00000080l || result == 0x00000102l || result == 0xffffffff)         {             /* thread timed out... */             messagebox.show(" hthread [ 2 ] error! \n ");             // make sure thread handle valid before closing... prevents crashes.             if (hthread != null)             {                 //close thread in target process                 closehandle(hthread);             }             return;         }         // sleep thread 1 second         thread.sleep(1000);         // clear allocated space ( allocmem )         virtualfreeex(hprocess, allocmem, (uintptr)0, 0x8000);         // make sure thread handle valid before closing... prevents crashes.         if (hthread != null)         {             //close thread in target process             closehandle(hthread);         }         // return succeeded         return;     }      private void button1_click(object sender, eventargs e)     {         string strdllname = "c:\\test.dll";          string strprocessname = "notepad";           int32 procid = getprocessid(strprocessname);         if (procid >= 0)         {             intptr hprocess = (intptr)openprocess(0x1f0fff, 1,procid);             if (hprocess == null)             {                 messagebox.show("openprocess() failed!");                 return;             }             else                 injectdll(hprocess, strdllname);         }     }

it doesn't give me errors, doesn't inject in right way!

thanks much! :)

what happens?
if remote process crashes should not use getprocaddress since remote api address may different. can different example when injecting process hooked using eat hooking , remote 1 isn't, not have meaningful @ address got local getprocaddress. different when both processes hooked using eat hooking, since hook implementations cause more random or entirely random locations.
i had similar sitation crashes occurred under windows 8, not in earlier versions.

one solution reading eat table of remote process , getting address there.

related code follows

using system; using system.collections.generic; using system.linq; using system.text; using system.diagnostics; using system.runtime.interopservices; using system.componentmodel; using system.reflection; using system.io; using system.threading; using microsoft.win32.safehandles; using system.runtime.compilerservices; using system.security;  namespace injection {     public static class remote_eat_reader     {          public static intptr? getprocessmodulehandle(int processid, string modulename)          {             intptr snapshot = intptr.zero;              try             {                 //http://pastebin.com/bzd1jdmh                 snapshot = createtoolhelp32snapshot(snapshotflags.module | snapshotflags.module32, processid);                  moduleentry32 mod = new moduleentry32() { dwsize = moduleentry32.sizeof };                  if (!module32first(snapshot, ref mod))                     return null;                   string searchstring = modulename.tolowerinvariant();                                  {                     if (mod.szmodule.tolowerinvariant() == searchstring)                         return mod.modbaseaddr;                 }                 while (module32next(snapshot, ref mod));                  return intptr.zero;             }                         {                 if (snapshot != intptr.zero)                     closehandle(snapshot);             }         }           public static intptr? getprocessprocaddress(intptr hprocess, int processid, string modulename, string procname)            {             intptr? modulehandle = getprocessmodulehandle(processid, modulename);              if (!modulehandle.hasvalue)                 return null;                //code adapted http://alter.org.ua/en/docs/nt_kernel/procaddr/index3.php               uintptr hmodcaller = new uintptr(unchecked((ulong)modulehandle.value.toint64()));               //http://stackoverflow.com/questions/769537/hook-loadlibrary-call-from-managed-code              //parse dos header             uintptr dos_header_ptr = hmodcaller;             if (dos_header_ptr == uintptr.zero)                 return null;              image_dos_header dos_header;             if (!readprocessmemory(hprocess, dos_header_ptr, out dos_header, image_dos_header.sizeof, intptr.zero))                 return null;              if (dos_header.e_magic != image_dos_signature)                 return null; //not dos program                image_data_directory[] datadirectory;             if (intptr.size == 4)             {                 //parse nt header                 uintptr nt_header_ptr = new uintptr((uint)dos_header.e_lfanew + hmodcaller.touint32());                 if (nt_header_ptr == uintptr.zero)                     return null;                  image_nt_headers32 nt_header;                 if (!readprocessmemory(hprocess, nt_header_ptr, out nt_header, image_nt_headers32.sizeof, intptr.zero))                     return null;                  if (nt_header.signature != image_nt_signature)                     return null; //not windows program                   //http://newgre.net/ncodehook                 //if (ntheaders.fileheader.characteristics & image_file_dll)                 //  throw std::runtime_error("error while setting image base address: not image base of executable");                   //optional header (pretty not optional)                 image_optional_header32 optional_header = nt_header.optionalheader32;                 if (optional_header.magic != image_nt_optional_hdr32_magic)                          return null; //no optional header                   datadirectory = optional_header.datadirectory;             }             else    //if (intptr.size == 4)             {                 //parse nt header                 uintptr nt_header_ptr = new uintptr((uint)dos_header.e_lfanew + hmodcaller.touint64());                 if (nt_header_ptr == uintptr.zero)                     return null;                  image_nt_headers64 nt_header;                 if (!readprocessmemory(hprocess, nt_header_ptr, out nt_header, image_nt_headers64.sizeof, intptr.zero))                     return null;                  if (nt_header.signature != image_nt_signature)                     return null; //not windows program                   //http://newgre.net/ncodehook                 //if (ntheaders.fileheader.characteristics & image_file_dll)                 //  throw std::runtime_error("error while setting image base address: not image base of executable");                   //optional header (pretty not optional)                 image_optional_header64 optional_header = nt_header.optionalheader64;                 if (optional_header.magic != image_nt_optional_hdr64_magic)                          return null; //no optional header                   datadirectory = optional_header.datadirectory;              }    //if (intptr.size == 4)                //http://stackoverflow.com/questions/3430718/thunk-table-in-import-address-table , http://forums.codeguru.com/showthread.php?512610-resolved-api-hooking , http://svn.coderepos.org/share/lang/objective-cplusplus/i3/trunk/tmp/dwmedit/apihook.cc             directoryentries entryindex = directoryentries.image_directory_entry_export;                 uint size = datadirectory[(int)entryindex].size;              if (size == 0)                 return null; //no import table              uint virtualaddress = datadirectory[(int)entryindex].virtualaddress;              //http://newgre.net/ncodehook             if (virtualaddress == 0)                 return null; //no import directory               uintptr pexports_ptr = new uintptr((ulong)virtualaddress + hmodcaller.touint64());             if (pexports_ptr == uintptr.zero)                 return null;              image_export_directory pexports;             if (!readprocessmemory(hprocess, pexports_ptr,                 out pexports, image_export_directory.sizeof, intptr.zero))             {                 return null;             }               uintptr functions_ptr = new uintptr(hmodcaller.touint64() + (ulong)pexports.addressoffunctions);             uintptr ordinals_ptr = new uintptr(hmodcaller.touint64() + (ulong)pexports.addressofnameordinals);             uintptr names_ptr = new uintptr(hmodcaller.touint64() + (ulong)pexports.addressofnames);              uint max_name = pexports.numberofnames;             uint max_func = pexports.numberoffunctions;              uint max_ordinal = max_name;                   uint[] functions = new uint[max_func];             if (!readprocessmemory(hprocess, functions_ptr, functions, (int)max_func * sizeof(uint), intptr.zero))             {                 return null;             }              ushort[] ordinals = new ushort[max_ordinal];             if (!readprocessmemory(hprocess, ordinals_ptr, ordinals, (int)max_ordinal * sizeof(ushort), intptr.zero))             {                 return null;             }              uint[] names = new uint[max_name];             if (!readprocessmemory(hprocess, names_ptr, names, (int)max_name * sizeof(uint), intptr.zero))             {                 return null;             }                (uint = 0; < max_ordinal; i++)                 {                 uint ord = ordinals[i];                 if (i >= max_name || ord >= max_func)                 {                     return null;                 }                  if (functions[ord] < virtualaddress || functions[ord] >= virtualaddress + size)                 {                     uintptr name_ptr = new uintptr(hmodcaller.touint64() + (ulong)names[i]);                      if (name_ptr != uintptr.zero)                     {                         byte[] name_buf = new byte[procname.length + 1];    //nb! +1 terminating 0                         if (!readprocessmemory(hprocess, name_ptr, name_buf, name_buf.length, intptr.zero))                         {                             continue;                         }                          if (name_buf[name_buf.length - 1] == 0)     //check partial name not end terminating 0                         {                             string name = encoding.ascii.getstring(name_buf, 0, name_buf.length - 1);   //nb! buf length - 1                              if (name == procname)                             {                                 var pfunctionaddress1 = new uintptr(hmodcaller.touint64() + (ulong)functions[ord]);                                  return new intptr(unchecked((long)pfunctionaddress1.touint64()));                             }                         }                     }   //if (name_ptr != uintptr.zero)                 }   //if (functions[ord] < virtualaddress || functions[ord] >= virtualaddress + size)             }   //for (uint = 0; < pexports.addressofnames; i++)              return null;          }   //static intptr? getprocessprocaddress(int procid, string modulename, string procname)          #region pe structs          private const uint image_dos_signature = 0x5a4d;      // mz         private const uint image_os2_signature = 0x454e;      // ne         private const uint image_os2_signature_le = 0x454c;      // le         private const uint image_vxd_signature = 0x454c;      // le         private const uint image_nt_signature = 0x00004550;  // pe00          private const uint image_nt_optional_hdr32_magic = 0x10b;         private const uint image_nt_optional_hdr64_magic = 0x20b;          private enum directoryentries         {             image_directory_entry_export = 0,   // export directory             image_directory_entry_import = 1,   // import directory             image_directory_entry_resource = 2,   // resource directory             image_directory_entry_exception = 3,   // exception directory             image_directory_entry_security = 4,   // security directory             image_directory_entry_basereloc = 5,   // base relocation table             image_directory_entry_debug = 6,   // debug directory             //      image_directory_entry_copyright       7,   // (x86 usage)             image_directory_entry_architecture = 7,   // architecture specific data             image_directory_entry_globalptr = 8,   // rva of gp             image_directory_entry_tls = 9,   // tls directory             image_directory_entry_load_config = 10,   // load configuration directory             image_directory_entry_bound_import = 11,   // bound import directory in headers             image_directory_entry_iat = 12,   // import address table             image_directory_entry_delay_import = 13,   // delay load import descriptors             image_directory_entry_com_descriptor = 14,   // com runtime descriptor          }   //private enum directoryentries            //code taken http://www.sergeyakopov.com/2010/11/reading-pe-format-using-data-marshaling-in-net          [structlayout(layoutkind.sequential)]         public struct image_dos_header         {             public static int sizeof = marshal.sizeof(typeof(image_dos_header));              public uint16 e_magic;             public uint16 e_cblp;             public uint16 e_cp;             public uint16 e_crlc;             public uint16 e_cparhdr;             public uint16 e_minalloc;             public uint16 e_maxalloc;             public uint16 e_ss;             public uint16 e_sp;             public uint16 e_csum;             public uint16 e_ip;             public uint16 e_cs;             public uint16 e_lfarlc;             public uint16 e_ovno;             [marshalas(unmanagedtype.byvalarray, sizeconst = 4)]             public uint16[] e_res1;             public uint16 e_oemid;             public uint16 e_oeminfo;             [marshalas(unmanagedtype.byvalarray, sizeconst = 10)]             public uint16[] e_res2;             public uint32 e_lfanew;         }          [structlayout(layoutkind.sequential)]         public struct image_nt_headers32         {             public static int sizeof = marshal.sizeof(typeof(image_nt_headers32));              public uint32 signature;             public image_file_header fileheader;             public image_optional_header32 optionalheader32;         }          [structlayout(layoutkind.sequential)]         public struct image_nt_headers64         {             public static int sizeof = marshal.sizeof(typeof(image_nt_headers64));              public uint32 signature;             public image_file_header fileheader;             public image_optional_header64 optionalheader64;         }          [structlayout(layoutkind.sequential)]         public struct image_file_header         {             public uint16 machine;             public uint16 numberofsections;             public uint32 timedatestamp;             public uint32 pointertosymboltable;             public uint32 numberofsymbols;             public uint16 sizeofoptionalheader;             public uint16 characteristics;         }          [structlayout(layoutkind.sequential)]         public struct image_optional_header32         {             public uint16 magic;             public byte majorlinkerversion;             public byte minorlinkerversion;             public uint32 sizeofcode;             public uint32 sizeofinitializeddata;             public uint32 sizeofuninitializeddata;             public uint32 addressofentrypoint;             public uint32 baseofcode;             public uint32 baseofdata;             public uint32 imagebase;             public uint32 sectionalignment;             public uint32 filealignment;             public uint16 majoroperatingsystemversion;             public uint16 minoroperatingsystemversion;             public uint16 majorimageversion;             public uint16 minorimageversion;             public uint16 majorsubsystemversion;             public uint16 minorsubsystemversion;             public uint32 win32versionvalue;             public uint32 sizeofimage;             public uint32 sizeofheaders;             public uint32 checksum;             public uint16 subsystem;             public uint16 dllcharacteristics;             public uint32 sizeofstackreserve;             public uint32 sizeofstackcommit;             public uint32 sizeofheapreserve;             public uint32 sizeofheapcommit;             public uint32 loaderflags;             public uint32 numberofrvaandsizes;             [marshalas(unmanagedtype.byvalarray, sizeconst = 16)]             public image_data_directory[] datadirectory;         }          [structlayout(layoutkind.sequential)]         public struct image_optional_header64         {             public uint16 magic;             public byte majorlinkerversion;             public byte minorlinkerversion;             public uint32 sizeofcode;             public uint32 sizeofinitializeddata;             public uint32 sizeofuninitializeddata;             public uint32 addressofentrypoint;             public uint32 baseofcode;             public uint64 imagebase;             public uint32 sectionalignment;             public uint32 filealignment;             public uint16 majoroperatingsystemversion;             public uint16 minoroperatingsystemversion;             public uint16 majorimageversion;             public uint16 minorimageversion;             public uint16 majorsubsystemversion;             public uint16 minorsubsystemversion;             public uint32 win32versionvalue;             public uint32 sizeofimage;             public uint32 sizeofheaders;             public uint32 checksum;             public uint16 subsystem;             public uint16 dllcharacteristics;             public uint64 sizeofstackreserve;             public uint64 sizeofstackcommit;             public uint64 sizeofheapreserve;             public uint64 sizeofheapcommit;             public uint32 loaderflags;             public uint32 numberofrvaandsizes;             [marshalas(unmanagedtype.byvalarray, sizeconst = 16)]             public image_data_directory[] datadirectory;         }          [structlayout(layoutkind.sequential)]         public struct image_data_directory         {             public uint32 virtualaddress;             public uint32 size;         }           [structlayout(layoutkind.sequential)]         public struct imgdelaydescr         {             public static uint sizeof = (uint)marshal.sizeof(typeof(imgdelaydescr));              public uint grattrs;        // attributes             public uint rvadllname;     // rva dll name             public uint rvahmod;        // rva of module handle             public uint rvaiat;         // rva of iat             public uint rvaint;         // rva of int             public uint rvaboundiat;    // rva of optional bound iat             public uint rvaunloadiat;   // rva of optional copy of original iat             public uint dwtimestamp;    // 0 if not bound,             // o.w. date/time stamp of dll bound (old bind)         } //imgdelaydescr, * pimgdelaydescr;           //http://www.gamedev.net/topic/409936-advanced-c-native-dll-image-import-reading/         [structlayout(layoutkind.explicit)]         public struct image_import_descriptor         {             public static uint sizeof = (uint)marshal.sizeof(typeof(image_import_descriptor));              #region union             /// <summary>             /// csharp doesnt support unions, can emulated field offset 0             /// </summary>             [fieldoffset(0)]             public uint characteristics;            // 0 terminating null import descriptor             [fieldoffset(0)]             public uint originalfirstthunk;         // rva original unbound iat (pimage_thunk_data)             #endregion              [fieldoffset(4)]             public uint timedatestamp;             [fieldoffset(8)]             public uint forwarderchain;             [fieldoffset(12)]             public uint name;             [fieldoffset(16)]             public uint firstthunk;         }          //http://pinvoke.net/default.aspx/structures/image_export_directory.html         [structlayout(layoutkind.sequential)]         public struct image_export_directory         {             public static uint sizeof = (uint)marshal.sizeof(typeof(image_export_directory));              public uint32 characteristics;             public uint32 timedatestamp;             public uint16 majorversion;             public uint16 minorversion;             public uint32 name;             public uint32 base;             public uint32 numberoffunctions;             public uint32 numberofnames;             public uint32 addressoffunctions;     // rva base of image             public uint32 addressofnames;     // rva base of image             public uint32 addressofnameordinals;  // rva base of image         }           [structlayout(layoutkind.sequential)]         public struct image_thunk_data                 {             public static uint sizeof = (uint)marshal.sizeof(typeof(image_thunk_data));              public intptr forwarderstring;      // pbyte              public intptr function;             // pdword             public intptr ordinal;             public intptr addressofdata;        // pimage_import_by_name         }            #endregion            [dllimport("kernel32.dll", setlasterror = true)]         static public extern bool closehandle(intptr hhandle);          [dllimport("kernel32.dll")]         static extern bool module32first(intptr hsnapshot, ref moduleentry32 lpme);          [dllimport("kernel32.dll")]         static extern bool module32next(intptr hsnapshot, ref moduleentry32 lpme);          [dllimport("kernel32.dll", setlasterror = true)]         static public extern intptr createtoolhelp32snapshot(snapshotflags dwflags, int th32processid);          public const short invalid_handle_value = -1;          [flags]         public enum snapshotflags : uint         {             heaplist = 0x00000001,             process = 0x00000002,             thread = 0x00000004,             module = 0x00000008,             module32 = 0x00000010,             inherit = 0x80000000,             = 0x0000001f         }          public struct moduleentry32         {             public static uint sizeof = (uint)marshal.sizeof(typeof(moduleentry32));              //http://pastebin.com/bzd1jdmh             private const int max_path = 255;             internal uint dwsize;                 internal uint th32moduleid;             internal uint th32processid;             internal uint glblcntusage;             internal uint proccntusage;             internal intptr modbaseaddr;             internal uint modbasesize;             internal intptr hmodule;             [marshalas(unmanagedtype.byvaltstr, sizeconst = max_path + 1)]             internal string szmodule;             [marshalas(unmanagedtype.byvaltstr, sizeconst = max_path + 5)]             internal string szexepath;         }            [dllimport("kernel32.dll", setlasterror = true, exactspelling = true)]         private static extern bool readprocessmemory(intptr hprocess, intptr baseaddress, [out] byte[] buffer, int size, out intptr numbytesread);            [dllimport("kernel32.dll", setlasterror = true, exactspelling = true)]         private static extern bool readprocessmemory(intptr hprocess, intptr baseaddress, [out] byte[] buffer, int size, intptr numbytesread);          [dllimport("kernel32.dll", setlasterror = true, exactspelling = true)]         private static extern bool readprocessmemory(intptr hprocess, uintptr baseaddress, [out] byte[] buffer, int size, intptr numbytesread);          [dllimport("kernel32.dll", setlasterror = true, exactspelling = true)]         private static extern bool readprocessmemory(intptr hprocess, uintptr baseaddress, [out] uint[] buffer, int size, intptr numbytesread);          [dllimport("kernel32.dll", setlasterror = true, exactspelling = true)]         private static extern bool readprocessmemory(intptr hprocess, uintptr baseaddress, [out] ushort[] buffer, int size, intptr numbytesread);          [dllimport("kernel32.dll", setlasterror = true, exactspelling = true)]         private static extern bool readprocessmemory(intptr hprocess, intptr baseaddress, out intptr buffer, int size, intptr numbytesread);          [dllimport("kernel32.dll", setlasterror = true, exactspelling = true)]         private static extern bool readprocessmemory(intptr hprocess, uintptr baseaddress, out image_dos_header buffer, int size, intptr numbytesread);          [dllimport("kernel32.dll", setlasterror = true, exactspelling = true)]         private static extern bool readprocessmemory(intptr hprocess, uintptr baseaddress, out image_nt_headers32 buffer, int size, intptr numbytesread);          [dllimport("kernel32.dll", setlasterror = true, exactspelling = true)]         private static extern bool readprocessmemory(intptr hprocess, uintptr baseaddress, out image_nt_headers64 buffer, int size, intptr numbytesread);          [dllimport("kernel32.dll", setlasterror = true, exactspelling = true)]         private static extern bool readprocessmemory(intptr hprocess, uintptr baseaddress, out imgdelaydescr buffer, uint size, intptr numbytesread);          [dllimport("kernel32.dll", setlasterror = true, exactspelling = true)]         private static extern bool readprocessmemory(intptr hprocess, uintptr baseaddress, out image_thunk_data buffer, uint size, intptr numbytesread);             [dllimport("kernel32.dll", setlasterror = true, exactspelling = true)]         private static extern bool readprocessmemory(intptr hprocess, uintptr baseaddress, out image_import_descriptor buffer, uint size, intptr numbytesread);             [dllimport("kernel32.dll", setlasterror = true, exactspelling = true)]         private static extern bool readprocessmemory(intptr hprocess, uintptr baseaddress, out image_export_directory buffer, uint size, intptr numbytesread);           } }

Comments

Post a Comment

Popular posts from this blog

javascript - Karma not able to start PhantomJS on Windows - Error: spawn UNKNOWN -

-
i lost "unknown" error: karma.conf.js: frameworks: ['mocha', 'should'], plugins: ['karma-mocha', 'karma-should', 'karma-phantomjs-launcher'], ... browsers: ['phantomjs'], error: 23 07 2015 14:35:37.691:warn [karma]: no captured browser, open http://localhost:9876/ 23 07 2015 14:35:37.701:info [karma]: karma v0.13.3 server started @ http://localhost:9876/ 23 07 2015 14:35:37.707:info [launcher]: starting browser phantomjs 23 07 2015 14:35:37.738:error [karma]: { [error: spawn unknown] code: 'unknown', errno: 'unknown', syscall: 'spawn' } error: spawn unknown @ exports._errnoexception (util.js:749:11) @ childprocess.spawn (child_process.js:1093:11) @ exports.spawn (child_process.js:933:9) @ object._execcommand (c:\users\jinga4x\git\mdl-sample-project\node_modules\karma\lib\launchers\process.js:63:21) @ object._start (c:\users\jinga4x\git\md...
Read more

Nuget pack csproj using nuspec -

-
i want create nuget package contains specified in nuspec file, still version csproj. in order use token have pack like: nuget pack myproj.csproj but when adds dependencies , creates unwanted folder in nuget package. nuspec file is: <?xml version="1.0" encoding="utf-8"?> <package xmlns="http://schemas.microsoft.com/packaging/2011/08/nuspec.xsd"> <metadata> <id>test</id> <version>$version$</version> <title>test</title> <authors>test</authors> <owners>test</owners> <requirelicenseacceptance>false</requirelicenseacceptance> <description>test</description> <summary>test</summary> <releasenotes>test</releasenotes> <copyright>test</copyright> </metadata> <files> <file src="bin\debug\*.dll" target="lib\net45" /> <file s...
Read more

c# - Display ASPX Popup control in RowDeleteing Event (ASPX Gridview) -

-
i have aspxgridview includes new , delete button. delete button includs gv_rowdeleting event. want show aspxpopupcontrol (id="pupconfirm"). want user have confirm password delete item. tried: protected void gv_rowdeleting(object sender, devexpress.web.data.aspxdatadeletingeventargs e) { pupconfirm.showonpageload = true; } but nothing happened. please me. !!! you can create template column javascript prompt confirmation. <itemtemplate> <asp:linkbutton id="btndelete" runat="server" text="delete" commandname="delete" onclientclick="javascript:if(!confirm('are sure want delete record?')){return false;}"> </asp:linkbutton> </itemtemplate>
Read more