Issue when attempting to open the contents of a memory adress in the web browser

Question

I am currently trying to read from a memory address, then open its contents in a web browser (its contents is always a url.) I am currently attempting to do it like this:

public static void Main(string[] args)
{
    Process[] pname = Process.GetProcessesByName("t6mp");
    if (pname.Length == 0)
    {
        Console.WriteLine("Game not found. Please run your game then restart this program.");
        Console.ReadLine();
    }
    else
    {
        void ReadProcessMemory(object t6mp, int v1, byte[] url, int v2, ref int read)
        {
        }
        Console.WriteLine("Game found. Please go to the page where you can start a demo, then press enter to continue.");
        Console.ReadLine();
        Console.WriteLine("Please press enter to export");
        Console.ReadLine();

        var buffer = new byte[1];
        var sb     = new StringBuilder();
        var handle = Process.GetProcessesByName("t6mp")[0];
        int _bytesused = 200;

        for (var i = 0; i < _bytesused; i++)
        {
            ReadProcessMemory(handle, 0x2BDA932 + i, buffer, buffer.Length, ref _bytesused);
            if (buffer[0] != 0)
            {
                sb.Append(Encoding.ASCII.GetString(buffer));
                Process.Start(sb.ToString());
            }
            else
            {
                Console.WriteLine("Error has occured, please try again. Press enter to close program");
                Console.ReadLine();
                break;
            }
        }
    }
}

It is correctly recognizing when the process is open, and I am sure that the address exists (I have tried both 0x2BDA932 and 0x02BDA932) However, It always displays the error message, for some reason if (buffer[0] != 0) is always false. When I remove the if / else and just have it go straight to sb.Append(Encoding.ASCII.GetString(buffer)); Process.Start(sb.ToString());

It just crashes. Ideally, it would open the contents of the address in my browser, as it is a url. Any ideas?

Your `ReadProcessMemory` function is empty, what do you expect? — Kevin Gosse, Aug 19 '18 at 22:11
You probably meant to declare it like this: https://stackoverflow.com/a/34467499/869621 — Kevin Gosse, Aug 19 '18 at 22:13

score 0 · Answer 1 · answered Apr 23 '20 at 01:40

var buffer = new byte[1];

Your buffer is only 1 byte in length, your while loop is overflowing your buffer potentially leading to undefined behavior.

buffer.Length in your call to ReadProcessMemory

Length is 1, you're only reading 1 byte, this is why it's never 0.

You should define the array length using a fixed size like 2000 which should cover all possible scenarios, concerning URLS.

Here is my function for reading null terminated strings:

public static string ReadNullTerminatedString(IntPtr handle, IntPtr addr, int maxlength)
{
    var bytearray = new byte[maxlength];

    IntPtr bytesread = IntPtr.Zero;

    ReadProcessMemory(handle, addr, bytearray, maxlength, out bytesread);

    int nullterm = 0;
    while (nullterm < bytesread.ToInt64() && bytearray[nullterm] != 0)
    {
        nullterm++;
    }

    string s = Encoding.ASCII.GetString(bytearray, 0, nullterm);

    return s;
}

Issue when attempting to open the contents of a memory adress in the web browser

1 Answers1