最近在老外网站上又发现了一些好东西。
9 }, f9 S0 C7 l& ~0 d
' E. n: U; h9 u: eDLL注入利器Petools是一套关于DLL注入的工具集。
/ E9 _: \/ n% c/ O( n将在以后的高难度汉化中派上用处。
8 u$ q( Y. y, t" i$ h3 G6 o* K+ T6 G
原文
7 h+ V4 H+ q+ Y; M; U$ V2 Mhttp://comrade.ownz.com/projects/petools.html4 h# h! M* e7 C4 a
- k) }+ O+ T' A使用方法
, L% g! f& c" ?' \Inject Tool
; O7 d! ~& N5 ^" R3 JInject is a tool that injects a DLL into a running process. Its command-line usage is as follows: $ j$ d3 s0 {$ a! E+ T2 g! |& m, V
8 W2 Z; @) S* f! h: L# ]Inject C:\hook.dll into pid 1234: inject.exe 1234 C:\hook.dll
% _* ~+ K+ O6 F R8 K! uInject C:\hook.dll into process notepad.exe (if multiple notepads are running, then whichever one is picked is undefined): inject.exe -p *notepad.exe C:\hook.dll
* x3 I" c8 J* {% r# Z' qInject C:\hook.dll into running process C:\myprogram.exe: inject.exe -p C:\myprogram.exe C:\hook.dll ) S# M" r8 y3 T# }% M1 {
Inject C:\hook.dll into process with a window named "Untitled - Notepad": inject.exe -w "Untitled - Notepad" C:\hook.dll
! y3 F- H$ g' n+ G+ {7 _6 `; ~8 pInject C:\hook.dll into process with a window class Notepad: inject.exe -c Notepad C:\hook.dll
4 B' x. A5 l& D. Q6 ^Note that in all uses, you should specify the full path to the injected DLL.
# M6 g1 Q8 g" `8 K+ S! F2 a$ y3 {. D3 O6 c7 A3 K
Loader Tool7 {: |& p; c! S" @; w% V
Loader is a tool that injects a DLL before launching a process. Its command-line usage is as follows: 9 e# Q f+ {& r' j, [
* h% _4 b ?: ^1 Q7 Y
Load notepad.exe and inject C:\hook.dll into it: loader.exe notepad.exe C:\hook.dll % k: t& W3 O" g3 X
Note that you should specify the full path to the injected DLL. : c) q) @9 C l. P$ s
; i4 c3 Z, T( {: p; v7 fPatch Tool
4 p0 Y+ D a3 {$ S- h" fPatch is a tool that adds a new section to the executable. The new section becomes the new entrypoint, and contains code to load a particular DLL, and then jump back to the original entrypoint. This can be used to create static patches that behave similar to the Loader tool.7 s# x2 W0 [$ G) M5 u2 \7 Y% K2 {
The tool's command-line usage is as follows: 1 G W4 N8 h4 h7 s' ?0 N! B
% t( s# L6 W* fPatch original.exe to load C:\hook.dll before execution; save the patched executable to patched.exe: patch.exe original.exe patched.exe C:\hook.dll 7 c9 X1 x! o+ u+ d" x9 i
% ~4 j! [$ j* x! MReimport Tool
) W% E( n+ |: C; @Reimport is a tool that redirects certain entries of an executable's import table to another DLL. For example, running reimport.exe game.exe newgame.exe nocd.dll kernel32.dll::GetDriveTypeA kernel32.dll::CreateFileA kernel32.dll::GetVolumeInformation will create a copy of game.exe into newgame.exe, with the above 3 API functions rerouted to nocd.dll, instead of kernel32.dll. That means newgame.exe would import GetDriveTypeA, CreateFileA, and GetVolumeInformation from nocd.dll instead of kernel32.dll. |
发表于 2010-2-4 11:38
![【1115号】双子思维5:致命戏法ChinaAVG汉化版[1.35G]](data/attachment/forum/202409/13/185355ool5hoogw798k9z5.jpg)
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
收藏
分享
很美好
很差劲
