Took that advice, but it still has to search through the 64k buffer byte by byte. It runs much faster, but nowhere near 10 seconds.
Code:
public bool CheckBytes(int position, byte[] signature)
{
byte[] Validator = new byte[signature.Length];
for (int j = 0; j < signature.Length; j++)
Validator[j] = Buffer[j];
if(Validator == signature)
return true;
return false;
}
public bool CheckBytes(int position, string signature)
{
byte[] Validator = new byte[signature.Length];
System.Text.ASCIIEncoding enc = new System.Text.ASCIIEncoding();
for (int j = 0; j < signature.Length; j++)
Validator[j] = Buffer[j];
if (enc.GetString(Validator) == signature)
return true;
return false;
}
public int GetAddresses()
{
System.Text.ASCIIEncoding enc = new System.Text.ASCIIEncoding();
int bytesRead;
byte[] RawSigOne = {0x10, 0x41, 0xC4, 0x17, 0x14};
byte[] RawSigTwo = {0xEC, 0x0C, 0xCA, 0x00, 0x08};
for (int i = 0x00400000; i < 0x7FFFFFFF; i += 65536)
{
counter++;
Buffer = pReader.ReadProcessMemory((IntPtr)i, 65536, out bytesRead);
for (int j = 0; j < 65536; j++)
{
if (CheckBytes(j, RawSigOne))
AddressOne = i + j;
else if (CheckBytes(j, RawSigTwo))
AddressTwo = i + j;
else if (CheckBytes(j, "lueScreen"))
AddressThree = i + j;
}
}
return 0;
}
This ends up running through 32767 loops of 64k buffers, and it processes about 16 loops per second.
Edit: Oops. Wised up a bit. It was running the process 3 times when it only needed to run it once. The code is now:
Code:
public byte[] CheckBytes(int position)
{
byte[] Validator = new byte[5];
for (int j = 0; j < 5; j++)
Validator[j] = Buffer[j];
return Validator;
}
public int GetAddresses()
{
System.Text.ASCIIEncoding enc = new System.Text.ASCIIEncoding();
int bytesRead;
byte[] RawSigOne = {0x10, 0x41, 0xC4, 0x17, 0x14};
byte[] RawSigTwo = {0xEC, 0x0C, 0xCA, 0x00, 0x08};
for (int i = 0x00400000; i < 0x7FFFFFFF; i += 65536)
{
Buffer = pReader.ReadProcessMemory((IntPtr)i, 65536, out bytesRead);
for (int j = 0; j < 65536; j++)
{
byte[] CurrentArray = CheckBytes(j);
if (CurrentArray == RawSigOne)
TheAddress = i + j;
else if (CurrentArray == RawSigTwo)
AddressTwo = i + j;
else if (enc.GetString(CurrentArray) == "lueSc")
AddressThree = i + j;
}
}
return 0;
}
So now it runs 3 times faster, but still nowhere near 10 seconds.