Able to read memory from dll files and print to terminal

components/CS_loadDLL/.gitignore

@@ -0,0 +1,226 @@
+# The following command works for downloading when using Git for Windows:
+# curl -LOf http://gist.githubusercontent.com/kmorcinek/2710267/raw/.gitignore
+#
+# Download this file using PowerShell v3 under Windows with the following comand:
+# Invoke-WebRequest https://gist.githubusercontent.com/kmorcinek/2710267/raw/ -OutFile .gitignore
+#
+# or wget:
+# wget --no-check-certificate http://gist.githubusercontent.com/kmorcinek/2710267/raw/.gitignore
+
+# User-specific files
+*.suo
+*.user
+*.sln.docstates
+
+# Build results
+[Dd]ebug/
+[Rr]elease/
+x64/
+[Bb]in/
+[Oo]bj/
+# build folder is nowadays used for build scripts and should not be ignored
+#build/
+
+# NuGet Packages
+*.nupkg
+# The packages folder can be ignored because of Package Restore
+**/packages/*
+# except build/, which is used as an MSBuild target.
+!**/packages/build/
+# Uncomment if necessary however generally it will be regenerated when needed
+#!**/packages/repositories.config
+
+# MSTest test Results
+[Tt]est[Rr]esult*/
+[Bb]uild[Ll]og.*
+
+*_i.c
+*_p.c
+*.ilk
+*.meta
+*.obj
+*.pch
+*.pdb
+*.pgc
+*.pgd
+*.rsp
+*.sbr
+*.tlb
+*.tli
+*.tlh
+*.tmp
+*.tmp_proj
+*.log
+*.vspscc
+*.vssscc
+.builds
+*.pidb
+*.scc
+
+# Visual C++ cache files
+ipch/
+*.aps
+*.ncb
+*.opensdf
+*.sdf
+*.cachefile
+
+# Visual Studio profiler
+*.psess
+*.vsp
+*.vspx
+
+# Guidance Automation Toolkit
+*.gpState
+
+# ReSharper is a .NET coding add-in
+_ReSharper*/
+*.[Rr]e[Ss]harper
+
+# TeamCity is a build add-in
+_TeamCity*
+
+# DotCover is a Code Coverage Tool
+*.dotCover
+
+# NCrunch
+*.ncrunch*
+.*crunch*.local.xml
+
+# Installshield output folder
+[Ee]xpress/
+
+# DocProject is a documentation generator add-in
+DocProject/buildhelp/
+DocProject/Help/*.HxT
+DocProject/Help/*.HxC
+DocProject/Help/*.hhc
+DocProject/Help/*.hhk
+DocProject/Help/*.hhp
+DocProject/Help/Html2
+DocProject/Help/html
+
+# Click-Once directory
+publish/
+
+# Publish Web Output
+*.Publish.xml
+
+# Windows Azure Build Output
+csx
+*.build.csdef
+
+# Windows Store app package directory
+AppPackages/
+
+# Others
+*.Cache
+ClientBin/
+[Ss]tyle[Cc]op.*
+~$*
+*~
+*.dbmdl
+*.[Pp]ublish.xml
+*.pfx
+*.publishsettings
+modulesbin/
+tempbin/
+
+# EPiServer Site file (VPP)
+AppData/
+
+# RIA/Silverlight projects
+Generated_Code/
+
+# Backup & report files from converting an old project file to a newer
+# Visual Studio version. Backup files are not needed, because we have git ;-)
+_UpgradeReport_Files/
+Backup*/
+UpgradeLog*.XML
+UpgradeLog*.htm
+
+# vim
+*.txt~
+*.swp
+*.swo
+
+# Temp files when opening LibreOffice on ubuntu
+.~lock.*
+
+# svn
+.svn
+
+# CVS - Source Control
+**/CVS/
+
+# Remainings from resolving conflicts in Source Control
+*.orig
+
+# SQL Server files
+**/App_Data/*.mdf
+**/App_Data/*.ldf
+**/App_Data/*.sdf
+
+
+#LightSwitch generated files
+GeneratedArtifacts/
+_Pvt_Extensions/
+ModelManifest.xml
+
+# =========================
+# Windows detritus
+# =========================
+
+# Windows image file caches
+Thumbs.db
+ehthumbs.db
+
+# Folder config file
+Desktop.ini
+
+# Recycle Bin used on file shares
+$RECYCLE.BIN/
+
+# OS generated files #
+Icon?
+
+# Mac desktop service store files
+.DS_Store
+
+# SASS Compiler cache
+.sass-cache
+
+# Visual Studio 2014 CTP
+**/*.sln.ide
+
+# Visual Studio temp something
+.vs/
+
+# dotnet stuff
+project.lock.json
+
+# VS 2015+
+*.vc.vc.opendb
+*.vc.db
+
+# Rider
+.idea/
+
+# Visual Studio Code
+.vscode/
+
+# Output folder used by Webpack or other FE stuff
+**/node_modules/*
+**/wwwroot/*
+
+# SpecFlow specific
+*.feature.cs
+*.feature.xlsx.*
+*.Specs_*.html
+
+# UWP Projects
+AppPackages/
+
+#####
+# End of core ignore list, below put you custom 'per project' settings (patterns or path)
+#####

components/CS_loadDLL/Program.cs

@@ -0,0 +1,82 @@
+// dotnet build ; dotnet run
+
+using System;
+using System.Diagnostics;
+using System.Runtime.InteropServices;
+
+class Program
+{    
+    [DllImport("kernel32.dll")]
+    public static extern IntPtr OpenProcess(int dwDesiredAccess, bool bInheritHandle, int dwProcessId);
+
+    [DllImport("kernel32.dll", SetLastError = true)]
+    public static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] lpBuffer, uint nSize, out int lpNumberOfBytesRead);
+
+    [DllImport("kernel32.dll")]
+    public static extern bool CloseHandle(IntPtr hObject);
+
+    const int PROCESS_VM_READ = 0x0010;
+    const int PROCESS_QUERY_INFORMATION = 0x0400;
+
+    // given "hl2" it will find the process ID for Counter Strike Source
+    static int getProcessID(string targetProcessName) {
+        Process[] processMain = Process.GetProcessesByName(targetProcessName);
+
+        if (processMain.Length == 0) {
+            Console.WriteLine($"{targetProcessName}.exe wasn't found.");
+            return -1;
+        }
+        Console.WriteLine($"Process ID: {processMain[0].Id}, Process Name: {processMain[0].ProcessName}.exe"); // assume there is only 1 process
+        return processMain[0].Id;
+    }
+
+    // If a dll is loaded from steamapps, check if it is the modulo from the function parameter
+    static int getModuleBaseAddress(int processID, string moduleName) {
+        Process process = Process.GetProcessById(processID);
+        foreach (ProcessModule module in process.Modules) {
+            if (module.FileName.Contains("steamapps") && module.ModuleName.EndsWith(moduleName, StringComparison.OrdinalIgnoreCase)) {
+                Console.WriteLine($"name = {module.FileName}, Base Address = 0x{module.BaseAddress.ToString("x")}");
+                return module.BaseAddress.ToInt32();
+            }
+        }
+        Console.WriteLine($"{moduleName} wasn't found.");
+        return 0;
+    }
+
+    static (bool, int) ReadMemory32(int processID, int address) {
+        IntPtr hProcess = OpenProcess(PROCESS_VM_READ | PROCESS_QUERY_INFORMATION, false, processID);
+        byte[] buffer = new byte[4];
+        int bytesRead;
+
+        if (ReadProcessMemory(hProcess, (IntPtr)address, buffer, (uint)buffer.Length, out bytesRead) && bytesRead == buffer.Length) {
+            int playerPointer = BitConverter.ToInt32(buffer, 0);
+            CloseHandle(hProcess);
+            return (true, playerPointer);
+        }
+        Console.WriteLine($"Failed to read memory on ProcessID: {processID} at address {address.ToString("x")}");
+        CloseHandle(hProcess);
+        return (false, 0);
+    }
+
+    static void Main(string[] args)
+    {
+        int CSS_id = getProcessID("hl2");
+        if (CSS_id == -1) { return; }
+
+        // Get location of Client.dll
+        int clientDllBaseAddress = getModuleBaseAddress(CSS_id, "client.dll");
+        if (clientDllBaseAddress == 0) { return; }
+
+        // Read player pointer location
+        int playerPointerLocation = clientDllBaseAddress + 0x4C88E8;
+        var infoFromRead = ReadMemory32(CSS_id, playerPointerLocation);
+        if (infoFromRead.Item1 == false) { return; }
+        Console.WriteLine($"Player Pointer Location: 0x{playerPointerLocation.ToString("x")}, Player Pointer: 0x{infoFromRead.Item2.ToString("x")}");
+
+        // Read health as a test
+        int healthAddress = infoFromRead.Item2 + 0x0094;
+        var healthFromRead = ReadMemory32(CSS_id, healthAddress);
+        if (healthFromRead.Item1 == false) { return; }
+        Console.WriteLine($"Health Address: 0x{healthAddress.ToString("x")}, Health: {healthFromRead.Item2}");
+    }
+}

components/CS_loadDLL/runner.csproj

@@ -0,0 +1,10 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>net8.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+  </PropertyGroup>
+
+</Project>