Code:
using System;
using System.Collections.Generic;
using System.Diagnostics;
using System.Runtime.InteropServices;
namespace Zoom
{
internal class Mem
{
private static IntPtr pHandle;
private static string WindowName = "League of Legends";
public static IntPtr FindProcess()
{
try
{
pHandle = Process.GetProcessesByName(WindowName)[0].Handle;
return pHandle;
}
catch
{
return IntPtr.Zero;
}
}
public static int GetBaseAddress() =>
Process.GetProcessesByName(WindowName)[0].MainModule.BaseAddress.ToInt32();
[DllImport("kernel32.dll")]
private static extern int ReadProcessMemory(IntPtr Handle, int Address, byte[] buffer, int Size, int BytesRead = 0);
public static void WriteByteArray(int Address, int BytesWritten, int Array)
{
WriteProcessMemory(FindProcess(), Address, BitConverter.GetBytes(Array), BytesWritten, 0);
}
public static void WriteFloat(int Address, float Value)
{
WriteProcessMemory(FindProcess(), Address, BitConverter.GetBytes(Value), 4, 0);
}
[DllImport("kernel32.dll")]
private static extern int WriteProcessMemory(IntPtr Handle, int Address, byte[] buffer, int Size, int BytesWritten = 0);
}
class Program
{
static void Main(string[] args)
{
int sig;
PatternScan scan = new PatternScan();
sig = scan.FindPattern(new byte[] { 0, 0, 0x16, 0x44, 0, 0, 0x7a, 0x44, 0, 160, 12, 0x45, 0xcd, 0xcc, 0x4c, 0x3e }, "xxxxxxxxxxxxxxxx").ToInt32();
if (sig != 0)
{
sig -= 0x10;
}
Mem.WriteFloat(sig, /* -> */ 1000); //<- inc for higher zoom
}
}
public class PatternScan
{
private byte[] buffer;
private int EXEBaseAddress;
public IntPtr FindPattern(byte[] Pattern, string Mask)
{
if (Mask.Length != Pattern.Length)
{
return IntPtr.Zero;
}
try
{
this.MemoryRegion = new List<MEMORY_BASIC_INFORMATION>();
this.MemInfo(Mem.FindProcess());
for (int i = 0; i < this.MemoryRegion.Count; i++)
{
if (((int)this.MemoryRegion[i].BaseAddress) > Mem.GetBaseAddress())
{
this.EXEBaseAddress = i;
break;
}
}
for (int j = this.EXEBaseAddress; j < this.MemoryRegion.Count; j++)
{
this.buffer = new byte[this.MemoryRegion[j].RegionSize];
ReadProcessMemory(Mem.FindProcess(), this.MemoryRegion[j].BaseAddress, this.buffer, this.MemoryRegion[j].RegionSize, 0);
for (int k = 0; k < (this.buffer.Length - Mask.Length); k++)
{
if (this.MaskCheck(k, Pattern, Mask))
{
return new IntPtr(((int)this.MemoryRegion[j].BaseAddress) + (k + Mask.Length));
}
}
}
return IntPtr.Zero;
}
catch (Exception)
{
return IntPtr.Zero;
}
}
private bool MaskCheck(int SigSize, byte[] Pattern, string Mask)
{
for (int i = 0; i < Pattern.Length; i++)
{
if (((Mask[i] != '?') && (Mask[i] == 'x')) && (Pattern[i] != this.buffer[SigSize + i]))
{
return false;
}
}
return true;
}
protected void MemInfo(IntPtr pHandle)
{
IntPtr lpAddress = new IntPtr();
while (true)
{
MEMORY_BASIC_INFORMATION lpBuffer = new MEMORY_BASIC_INFORMATION();
if (VirtualQueryEx(pHandle, lpAddress, out lpBuffer, Marshal.SizeOf(lpBuffer)) == 0)
{
return;
}
if (((lpBuffer.State & 0x1000) != 0) && ((lpBuffer.Protect & 0x100) == 0))
{
this.MemoryRegion.Add(lpBuffer);
}
lpAddress = new IntPtr(lpBuffer.BaseAddress.ToInt32() + ((int)lpBuffer.RegionSize));
}
}
[DllImport("kernel32.dll")]
protected static extern bool ReadProcessMemory(IntPtr hProcess, IntPtr lpBaseAddress, byte[] buffer, uint size, int lpNumberOfBytesRead);
[DllImport("kernel32.dll")]
protected static extern int VirtualQueryEx(IntPtr hProcess, IntPtr lpAddress, out MEMORY_BASIC_INFORMATION lpBuffer, int dwLength);
protected List<MEMORY_BASIC_INFORMATION> MemoryRegion { get; set; }
[StructLayout(LayoutKind.Sequential)]
protected struct MEMORY_BASIC_INFORMATION
{
public IntPtr BaseAddress;
public IntPtr AllocationBase;
public uint AllocationProtect;
public uint RegionSize;
public uint State;
public uint Protect;
public uint Type;
}
}
}