using System.Diagnostics;
using System.Drawing.Imaging;
using System.Runtime.InteropServices;
using System.Runtime.Serialization.Formatters.Binary;
using System.Windows.Forms;

namespace mspaintcap
{
    public partial class Form1 : Form
    {
        [DllImport("kernel32.dll")]
        public static extern int OpenProcess(uint dwDesiredAccess, bool bInheritHandle, int dwProcessId);

        [DllImport("kernel32.dll")]
        public static extern bool ReadProcessMemory(int hProcess, Int64 lpBaseAddress, byte[] buffer, int size, int lpNumberOfBytesRead);

        // https://blog.sweetchip.kr/265
        public uint DELETE = 0x00010000;
        public uint READ_CONTROL = 0x00020000;
        public uint WRITE_DAC = 0x00040000;
        public uint WRITE_OWNER = 0x00080000;
        public uint SYNCHRONIZE = 0x00100000;
        public uint END = 0xFFF;

        Process[] p;

        public Form1()
        {
            InitializeComponent();
        }

        private void Form1_Load(object sender, EventArgs e)
        {

        }

        private void buttonFind_Click(object sender, EventArgs e)
        {
            try
            {
                p = Process.GetProcessesByName("mspaint");                
            }
            catch { textBox1.Text = "error"; }        

            int processHandle = OpenProcess((DELETE | READ_CONTROL | WRITE_DAC | WRITE_OWNER | SYNCHRONIZE | END), false, p[0].Id);
            textBox1.Text = processHandle.ToString();

            //var buf = ReadMemory(0x02312AAF0930, 65536*16, processHandle);
            var ImageBytes = ReadMemory(0x02312AAF0930, 1376 * 824 * 4, processHandle);

            //File.WriteAllBytes("a.raw", buf);

            Bitmap output = new Bitmap(1376, 824, PixelFormat.Format32bppArgb);
            Rectangle rect = new Rectangle(0, 0, output.Width, output.Height);
            BitmapData bmpData = output.LockBits(rect, ImageLockMode.ReadWrite, output.PixelFormat);
            IntPtr ptr = bmpData.Scan0;
            Marshal.Copy(ImageBytes, 0, ptr, ImageBytes.Length);
            output.UnlockBits(bmpData);

            for (int i = 0; i < ImageBytes.Length; i += 4)
            {
                byte R = ImageBytes[i];
                byte G = ImageBytes[i + 1];
                byte B = ImageBytes[i + 2];
                byte A = ImageBytes[i + 3];
                ImageBytes[i] = B;
                ImageBytes[i + 1] = G;
                ImageBytes[i + 2] = R;
                ImageBytes[i + 3] = A;                
            }


            Bitmap output2 = new Bitmap(64, 64, PixelFormat.Format32bppArgb);
            for (int y = 0; y < 64; y++)
            {
                for (int x = 0; x < 64; x++)
                {
                    output2.SetPixel(x, y, Color.Red);
                }
            }
            pictureBox1.Image = output2;

            pictureBox1.Refresh();


        }

        public static byte[] ReadMemory(Int64 adress, int processSize, int processHandle)

        {

            byte[] buffer = new byte[processSize];

            ReadProcessMemory(processHandle, adress, buffer, processSize, 0);

            return buffer;

        }

    }
} 3.145.119.199 |