search

JamesMenetrey / MemorySharp

A C# based memory editing library targeting Windows applications, offering various functions to extract and inject data and codes into remote processes to allow interoperability.
Other
634 stars 135 forks source link

Bugs report! #1

Open CreateAndInject opened 11 years ago

CreateAndInject commented 11 years ago

1.window.Mouse.MoveTo(0, 0); If the "window" is a child control, mouse can not move correctly!

2.If an application has 2+ top level windows, WindowFactory.RemoteWindows can not collect all! Maybe should support "TopLevelWindows" property, and "MainWindow" is just the first visible one in collections.

3.Why don't support a "Parent" property in RemoteWindow?

4. public string ReadString(IntPtr address, Encoding encoding, bool isRelative = true, int maxLength = 0x200) { string str = encoding.GetString(this.ReadBytes(address, maxLength, isRelative)); int index = str.IndexOf('\0'); return str.Substring(0, index);

==>

return index==-1?str:str.Substring(0,index);//If don't find "\0" in maxLength, just return it. }

5. var sharp = new MemorySharp(Process.GetCurrentProcess()); sharp["kernel32"]["MessageBoxW"].Execute(0, "Hey", "Title", 0); this code contains so many errors (1) kernel32 => user32 (2)sharp["user32"]["MessageBoxW"].Execute(0, "Hey", "Title", 0); will throw an exception. should: sharp["user32"]["MessageBoxW"].Execute(CallingConventions.Stdcall,0, "Hey", "Title", 0); (3)MessageBoxW can not work normally, MessageBoxA can. (4)sharp["user32"]["MessageBoxA"].Execute(CallingConventions.Stdcall,0, "汉字", "Title", 0); If the string contains non-latin character, such as Chinese, this code can not work correctly. I must do it like this:

//my process (1).sharp["user32"]["MessageBoxA"].Execute(CallingConventions.Stdcall, 0, Marshal.StringToHGlobalAnsi("汉字"), "Title", 0); (2).sharp["user32"]["MessageBoxW"].Execute(CallingConventions.Stdcall, 0, Marshal.StringToHGlobalUni("汉字"), Marshal.StringToHGlobalUni("Title"), 0);

//remote process (3). var bytes = Encoding.GetEncoding("gb2312").GetBytes("汉字"); Array.Resize(ref bytes, bytes.Length + 1); RemoteAllocation ra = ms.Memory.Allocate(bytes.Length); ra.Write(bytes); sharp["user32"]["MessageBoxA"].Execute(CallingConventions.Stdcall, 0, ra.BaseAddress, "Title", 1);

I think MemorySharp should support: RemoteAllocation/Inptr Write/WriteString (data) { } not need pass in address as paramter and the method will alloc proper size and return the address.(like Marshal.StringToHGlobalAnsi)

JamesMenetrey commented 11 years ago

Hi CreateAndInject,

Thanks for your report.

The support for this ticket is now handled on the official forum: http://binarysharp.com/topic/21-bugs-report/

Cheers, ZenLulz

ghost commented 8 years ago

Suggestion - handle null on dispose.

    public virtual void Dispose()
    {
        // Raise the event OnDispose
        if (OnDispose != null)
            OnDispose(this, new EventArgs());

        // Dispose all factories
        Factories?.ForEach(factory => factory.Dispose());   <-- Handle null Factories

        // Close the process handle
        Handle?.Close();                            <-- Handle null process

        // Avoid the finalizer
        GC.SuppressFinalize(this);
    }
JamesMenetrey commented 8 years ago

Enhance the string encoding interoperability.

JamesMenetrey commented 8 years ago

Hey!

Some updates on this bug.

Point 4 fixed in the develop branch. The point 5 is going to be addressed with this enhancement. I fixed the example in the README.

I keep you informed about the windows issues.

lolp1 commented 8 years ago

Perhaps you could check the some unique thing to the first window int he collection (the real "main window") and if it does not match the main window returned by the native api (due to it being the the last active toplevel window, return the other window? If I understand the issue right..