How to implment a correct Aob Scan with reload.memory & reload.memory.SigScan ?

[MichaelVanHouHei]

I wanted to implement aob scan to a remote process by reload lib , is there any example code that I can tried to implement?
my steps is using OpenProcess GET handle->GET Regions by VirtualQueryEx Look for writtable | excutable -> Save Region base address and size -> using reloaded.Memory.SigScan to get the offset -> region BaseAddress + offset

[Sewer56]

You seem to be pretty much there.

Read in the regions you obtained VirtualQueryEx using Reloaded.Memory, like the way it is done here.

Reloaded.Memory.SigScan/Reloaded.Memory.Sigscan/Scanner.cs

Lines 70 to 75 in 35063d0

	var externalProcess = new ExternalMemory(process);
	var data = externalProcess.ReadRaw((nuint)(nint)module.BaseAddress, module.ModuleMemorySize);
	_gcHandle = GCHandle.Alloc(data, GCHandleType.Pinned);
	_dataPtr = (byte*)_gcHandle.Value.AddrOfPinnedObject();
	_dataLength = data.Length;

And pass the pointer and length to the constructor as needed.

Just be aware, length is limited to 2GiB; I built this thing to originally scan code in EXE files only.