C# Class ShootBlues.KernelFunctionDisabler

Inheritance: IDisposable
显示文件 Open project: kg/shootblues

Public Properties

Property Type Description
DisabledFunctions byte[]>.Dictionary
Process System.Diagnostics.Process
ReplacementBytes byte[]

Public Methods

Method Description
DisableFunction ( string moduleName, string functionName ) : void
Dispose ( ) : void
EnableFunction ( string moduleName, string functionName ) : void
KernelFunctionDisabler ( Process process ) : System
ReplaceFunction ( string moduleName, string functionName, byte replacementBytes ) : void
SuspendProcess ( Process process ) : Finally

Protected Methods

Method Description
GetFunctionAddress ( string moduleName, string functionName ) : IntPtr
GetFunctionRegion ( string moduleName, string functionName, byte replacementBytes ) : RemoteMemoryRegion

Method Details

DisableFunction() public method

public DisableFunction ( string moduleName, string functionName ) : void
moduleName string
functionName string
return void

Dispose() public method

public Dispose ( ) : void
return void

EnableFunction() public method

public EnableFunction ( string moduleName, string functionName ) : void
moduleName string
functionName string
return void

GetFunctionAddress() protected method

protected GetFunctionAddress ( string moduleName, string functionName ) : IntPtr
moduleName string
functionName string
return System.IntPtr

GetFunctionRegion() protected method

protected GetFunctionRegion ( string moduleName, string functionName, byte replacementBytes ) : RemoteMemoryRegion
moduleName string
functionName string
replacementBytes byte
return RemoteMemoryRegion

KernelFunctionDisabler() public method

public KernelFunctionDisabler ( Process process ) : System
process System.Diagnostics.Process
return System

ReplaceFunction() public method

public ReplaceFunction ( string moduleName, string functionName, byte replacementBytes ) : void
moduleName string
functionName string
replacementBytes byte
return void

SuspendProcess() public static method

public static SuspendProcess ( Process process ) : Finally
process System.Diagnostics.Process
return Finally

Property Details

DisabledFunctions public_oe property

public Dictionary,byte[]> DisabledFunctions
return byte[]>.Dictionary

Process public_oe property

public Process,System.Diagnostics Process
return System.Diagnostics.Process

ReplacementBytes public_oe static_oe property

public static byte[] ReplacementBytes
return byte[]