最近在老外网站上又发现了一些好东西。5 D5 Q( @* u6 G4 M* T
. o2 t4 o; K6 P( S0 e5 sDLL注入利器Petools是一套关于DLL注入的工具集。
$ r4 ~ c; W' B9 d& T将在以后的高难度汉化中派上用处。
9 x% R r& N; z9 r& F. x! w
3 h0 ?2 z' p& M- } m; U9 j原文1 Y6 U$ V& u8 v6 Q" o" b p: J: X4 }
http://comrade.ownz.com/projects/petools.html
( k+ Y1 H8 z7 A. J" R
* o# m9 O8 T" z0 B使用方法
/ P: p2 j+ i4 x6 ^. tInject Tool# | |7 s1 F5 h8 a5 f
Inject is a tool that injects a DLL into a running process. Its command-line usage is as follows:
6 o- m' W, b/ n& h# q
# w' M0 A8 w KInject C:\hook.dll into pid 1234: inject.exe 1234 C:\hook.dll
/ U9 g& z0 b k8 H; r7 x' q1 LInject C:\hook.dll into process notepad.exe (if multiple notepads are running, then whichever one is picked is undefined): inject.exe -p *notepad.exe C:\hook.dll
! n$ Q! {7 t5 ^6 H- ~9 i) bInject C:\hook.dll into running process C:\myprogram.exe: inject.exe -p C:\myprogram.exe C:\hook.dll
& _. _% a& ^+ y# m/ E, r+ }Inject C:\hook.dll into process with a window named "Untitled - Notepad": inject.exe -w "Untitled - Notepad" C:\hook.dll 8 {: H6 E( \3 Y' _: z
Inject C:\hook.dll into process with a window class Notepad: inject.exe -c Notepad C:\hook.dll : y0 |/ u$ f' g1 e5 r' C/ p4 K2 N# ~
Note that in all uses, you should specify the full path to the injected DLL.
" b; o& N( N; B
; w U3 H! N# B" hLoader Tool1 Q2 I5 a0 ?4 X2 B; }
Loader is a tool that injects a DLL before launching a process. Its command-line usage is as follows:
/ J) V! J4 ~/ ]7 l" p& m) ^/ Z/ V& @: n( n/ T! D
Load notepad.exe and inject C:\hook.dll into it: loader.exe notepad.exe C:\hook.dll 8 Z$ {. v& u1 H+ v3 y$ @# m
Note that you should specify the full path to the injected DLL. 5 J9 m- L6 L0 R( B* r& d; M1 t
# A( v2 n( I1 x y; W7 |Patch Tool
% s% n0 o" ]/ n& bPatch is a tool that adds a new section to the executable. The new section becomes the new entrypoint, and contains code to load a particular DLL, and then jump back to the original entrypoint. This can be used to create static patches that behave similar to the Loader tool.9 O1 Q5 w; K2 w/ _# T, G7 I( j+ N) c: x
The tool's command-line usage is as follows:
3 T0 R; L6 b' A, l; S. S9 R4 N5 |; g, m
Patch original.exe to load C:\hook.dll before execution; save the patched executable to patched.exe: patch.exe original.exe patched.exe C:\hook.dll
' d- z9 y" M# r; H% N8 ]0 h/ T' U' f1 T, _3 R O) V9 A
Reimport Tool
2 J! }, N! D; W$ ~Reimport is a tool that redirects certain entries of an executable's import table to another DLL. For example, running reimport.exe game.exe newgame.exe nocd.dll kernel32.dll::GetDriveTypeA kernel32.dll::CreateFileA kernel32.dll::GetVolumeInformation will create a copy of game.exe into newgame.exe, with the above 3 API functions rerouted to nocd.dll, instead of kernel32.dll. That means newgame.exe would import GetDriveTypeA, CreateFileA, and GetVolumeInformation from nocd.dll instead of kernel32.dll. |