使用 DllImport 将 C# 转换为 Powershell
Converting C# into Powershell with DllImport involved
我最近一直在做一个小项目,看看我是否可以进行一些内存编辑以使用 PowerShell。我用 C# 编写了一个不需要管理权限的小脚本,当 运行 时,会在 Hill Climb Racing 中为您提供最大金币和钻石。
using System;
using System.Diagnostics;
using System.Runtime.InteropServices;
namespace HCRtest2
{
public class Programmmm
{
public static void Main()
{
[DllImport("kernel32.dll")]
static extern bool WriteProcessMemory(IntPtr hProcess, long lpBaseAddress, byte[] lpBuffer, uint nSize, out uint lpNumberOfBytesRead);
long BaseAddress;
IntPtr ProcessHandle;
Process process = Process.GetProcessesByName("HillClimbRacing")[0];
if (process.Handle.ToInt64() != 0L)
{
BaseAddress = process.MainModule.BaseAddress.ToInt64();
ProcessHandle = process.Handle;
uint num = 0U;
WriteProcessMemory(ProcessHandle, BaseAddress + 0x28CAD4, BitConverter.GetBytes(2147483647), 4U, out num);
WriteProcessMemory(ProcessHandle, BaseAddress + 0x28CAEC, BitConverter.GetBytes(2147483647), 4U, out num);
}
}
}
}
我现在的挑战是看看我是否能找到一种方法在我学校的笔记本电脑上执行这段代码,它没有管理员权限或无法打开未知的可执行文件,但它确实可以访问 PowerShell(非管理员的课程)。我一直在做大量研究,但找不到将此脚本移植到 PowerShell 的好方法。如果有人有任何好的想法请告诉我,因为这让我现在很紧张。
This website 提供有关如何在 powershell 会话中使用 c# 的答案。
$code = @"
using System;
namespace HelloWorld
{
public class Program
{
public static void Main(){
Console.WriteLine("Hello world!");
}
}
}
"@
Add-Type -TypeDefinition $code -Language CSharp
iex "[HelloWorld.Program]::Main()"
已经断断续续工作了几个月,但我发现所有东西都必须标记为 public 和静态,而且我还遗漏了一个需要制作的方法确保进程会被正确打开,这里是可以在 Powershell 中执行的工作代码。
$code = @"
using System;
using System.ComponentModel;
using System.Diagnostics;
using System.Runtime.InteropServices;
namespace HelloWorld
{
public class Program
{
public const int ProcessVMWrite = 0x0020;
public const int ProcessVMOperation = 0x0008;
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool WriteProcessMemory
(
IntPtr hProcess,
long lpBaseAddress,
byte[] lpBuffer,
int nSize,
out int lpNumberOfBytesRead
);
[DllImport("kernel32.dll")]
public static extern IntPtr OpenProcess
(
int dwDesiredAccess,
bool bInheritHandle,
int dwProcessId
);
public static IntPtr Handle;
public static long BaseAddress;
public static void Main(){
Process process = Process.GetProcessesByName("HillClimbRacing")[0];
Handle = OpenProcess(ProcessVMOperation | ProcessVMWrite, false, process.Id);
BaseAddress = process.MainModule.BaseAddress.ToInt64();
int thingy = 0;
WriteProcessMemory(Handle, BaseAddress + 0x28CAD4L, BitConverter.GetBytes(2147483647), 4, out thingy);
WriteProcessMemory(Handle, BaseAddress + 0x28CAECL, BitConverter.GetBytes(2147483647), 4, out thingy);
}
}
}
"@
Add-Type -TypeDefinition $code -Language CSharp
iex "[HelloWorld.Program]::Main()"
我最近一直在做一个小项目,看看我是否可以进行一些内存编辑以使用 PowerShell。我用 C# 编写了一个不需要管理权限的小脚本,当 运行 时,会在 Hill Climb Racing 中为您提供最大金币和钻石。
using System;
using System.Diagnostics;
using System.Runtime.InteropServices;
namespace HCRtest2
{
public class Programmmm
{
public static void Main()
{
[DllImport("kernel32.dll")]
static extern bool WriteProcessMemory(IntPtr hProcess, long lpBaseAddress, byte[] lpBuffer, uint nSize, out uint lpNumberOfBytesRead);
long BaseAddress;
IntPtr ProcessHandle;
Process process = Process.GetProcessesByName("HillClimbRacing")[0];
if (process.Handle.ToInt64() != 0L)
{
BaseAddress = process.MainModule.BaseAddress.ToInt64();
ProcessHandle = process.Handle;
uint num = 0U;
WriteProcessMemory(ProcessHandle, BaseAddress + 0x28CAD4, BitConverter.GetBytes(2147483647), 4U, out num);
WriteProcessMemory(ProcessHandle, BaseAddress + 0x28CAEC, BitConverter.GetBytes(2147483647), 4U, out num);
}
}
}
}
我现在的挑战是看看我是否能找到一种方法在我学校的笔记本电脑上执行这段代码,它没有管理员权限或无法打开未知的可执行文件,但它确实可以访问 PowerShell(非管理员的课程)。我一直在做大量研究,但找不到将此脚本移植到 PowerShell 的好方法。如果有人有任何好的想法请告诉我,因为这让我现在很紧张。
This website 提供有关如何在 powershell 会话中使用 c# 的答案。
$code = @"
using System;
namespace HelloWorld
{
public class Program
{
public static void Main(){
Console.WriteLine("Hello world!");
}
}
}
"@
Add-Type -TypeDefinition $code -Language CSharp
iex "[HelloWorld.Program]::Main()"
已经断断续续工作了几个月,但我发现所有东西都必须标记为 public 和静态,而且我还遗漏了一个需要制作的方法确保进程会被正确打开,这里是可以在 Powershell 中执行的工作代码。
$code = @"
using System;
using System.ComponentModel;
using System.Diagnostics;
using System.Runtime.InteropServices;
namespace HelloWorld
{
public class Program
{
public const int ProcessVMWrite = 0x0020;
public const int ProcessVMOperation = 0x0008;
[DllImport("kernel32.dll", SetLastError = true)]
public static extern bool WriteProcessMemory
(
IntPtr hProcess,
long lpBaseAddress,
byte[] lpBuffer,
int nSize,
out int lpNumberOfBytesRead
);
[DllImport("kernel32.dll")]
public static extern IntPtr OpenProcess
(
int dwDesiredAccess,
bool bInheritHandle,
int dwProcessId
);
public static IntPtr Handle;
public static long BaseAddress;
public static void Main(){
Process process = Process.GetProcessesByName("HillClimbRacing")[0];
Handle = OpenProcess(ProcessVMOperation | ProcessVMWrite, false, process.Id);
BaseAddress = process.MainModule.BaseAddress.ToInt64();
int thingy = 0;
WriteProcessMemory(Handle, BaseAddress + 0x28CAD4L, BitConverter.GetBytes(2147483647), 4, out thingy);
WriteProcessMemory(Handle, BaseAddress + 0x28CAECL, BitConverter.GetBytes(2147483647), 4, out thingy);
}
}
}
"@
Add-Type -TypeDefinition $code -Language CSharp
iex "[HelloWorld.Program]::Main()"