最近在老外网站上又发现了一些好东西。/ ?* _, e8 ?) ?0 f) J
; `: O% l% {. u# e: j/ ^DLL注入利器Petools是一套关于DLL注入的工具集。
E3 u( @- H8 C* f& T7 U0 w+ y将在以后的高难度汉化中派上用处。
% m% h8 D; N. X4 i+ o+ O4 o" T; y2 {# ?- f- B2 q7 {# l8 m
原文2 ]* R) u; E# M e* ]6 [
http://comrade.ownz.com/projects/petools.html" d8 @ v5 a' b9 ]7 W2 T
- {1 B9 M4 B& M+ P6 |
使用方法& S% ]5 P o- j
Inject Tool
( c k. E; B8 m/ QInject is a tool that injects a DLL into a running process. Its command-line usage is as follows:
. ~5 K$ R& q7 b+ b* R9 l4 m. K. T/ C1 u1 R
Inject C:\hook.dll into pid 1234: inject.exe 1234 C:\hook.dll
% b5 Z4 T8 F" N3 |Inject C:\hook.dll into process notepad.exe (if multiple notepads are running, then whichever one is picked is undefined): inject.exe -p *notepad.exe C:\hook.dll
0 `, c, l# |" j+ h5 [9 qInject C:\hook.dll into running process C:\myprogram.exe: inject.exe -p C:\myprogram.exe C:\hook.dll
( Z# c( A: _4 F4 Q v- [& E ?Inject C:\hook.dll into process with a window named "Untitled - Notepad": inject.exe -w "Untitled - Notepad" C:\hook.dll
$ d% t, e- \$ GInject C:\hook.dll into process with a window class Notepad: inject.exe -c Notepad C:\hook.dll / N4 k+ D# i) o
Note that in all uses, you should specify the full path to the injected DLL. Z9 P9 n! B1 q
& S( E Y* e% q8 X. @Loader Tool. O5 d+ M, t* L) Q t) y; e
Loader is a tool that injects a DLL before launching a process. Its command-line usage is as follows:
' U5 b2 S8 m3 w3 C# ]9 I4 E3 ^) d1 F" p5 u, C& {; p, u
Load notepad.exe and inject C:\hook.dll into it: loader.exe notepad.exe C:\hook.dll
( D: }9 `! ^- c5 u9 K4 m! n2 \Note that you should specify the full path to the injected DLL.
5 n9 J9 l8 R* K* K
6 e- `& ^3 I4 M: ~" h8 G. H& hPatch Tool5 `$ p1 q$ }9 D! F. i# x J
Patch is a tool that adds a new section to the executable. The new section becomes the new entrypoint, and contains code to load a particular DLL, and then jump back to the original entrypoint. This can be used to create static patches that behave similar to the Loader tool.
! i! @5 `4 _% w- B: R5 y/ E& H& tThe tool's command-line usage is as follows: + H7 T0 d8 C( \+ u- K8 b2 z
' R: V0 q9 u8 n4 ZPatch original.exe to load C:\hook.dll before execution; save the patched executable to patched.exe: patch.exe original.exe patched.exe C:\hook.dll ) _& }; {# z5 j% @
7 ?# L( d. {; Y/ O* X" sReimport Tool( T0 F% Q/ G; M( K O9 I
Reimport is a tool that redirects certain entries of an executable's import table to another DLL. For example, running reimport.exe game.exe newgame.exe nocd.dll kernel32.dll::GetDriveTypeA kernel32.dll::CreateFileA kernel32.dll::GetVolumeInformation will create a copy of game.exe into newgame.exe, with the above 3 API functions rerouted to nocd.dll, instead of kernel32.dll. That means newgame.exe would import GetDriveTypeA, CreateFileA, and GetVolumeInformation from nocd.dll instead of kernel32.dll. |
发表于 2010-2-4 11:38
![【1126号】书籍旅行者3:哥特式故事ChinaAVG汉化版[858MB]](data/attachment/forum/202411/08/185805cvi1r0xgixdpzif6.jpg)
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
收藏
分享
很美好
很差劲
