最近在老外网站上又发现了一些好东西。
+ [ B' F8 t' S0 l, y: q, z+ j$ N
0 o% f1 T6 |+ d8 k0 t) C5 S& VDLL注入利器Petools是一套关于DLL注入的工具集。
- R8 Z7 u$ q; x: L; }: f" v" }% @将在以后的高难度汉化中派上用处。
' \* r4 O. k- a7 u7 Y
l D ^* N6 Z0 z6 T# y2 a" Y; d原文1 k* I2 i: w, v7 [! G
http://comrade.ownz.com/projects/petools.html
8 }3 f+ a2 f, ^: A, V% D; G2 V% I/ h0 Z
使用方法
) r' L4 E' `( L9 CInject Tool4 E' c- O- g% d8 P- e. x
Inject is a tool that injects a DLL into a running process. Its command-line usage is as follows:
2 h+ S7 \) U2 i' F
" v M, B. N7 O4 g) G FInject C:\hook.dll into pid 1234: inject.exe 1234 C:\hook.dll 7 q+ i- q9 q- v$ N, d
Inject C:\hook.dll into process notepad.exe (if multiple notepads are running, then whichever one is picked is undefined): inject.exe -p *notepad.exe C:\hook.dll
, L2 m. a$ |- N3 }! eInject C:\hook.dll into running process C:\myprogram.exe: inject.exe -p C:\myprogram.exe C:\hook.dll ( W% x9 s6 q/ T2 u4 b P4 q/ }
Inject C:\hook.dll into process with a window named "Untitled - Notepad": inject.exe -w "Untitled - Notepad" C:\hook.dll ' [4 k7 x5 I4 D
Inject C:\hook.dll into process with a window class Notepad: inject.exe -c Notepad C:\hook.dll - e1 o) B3 u6 N0 {' |/ a
Note that in all uses, you should specify the full path to the injected DLL. % P( u9 u7 J2 \% Q/ q- E3 {6 N6 `
: ?6 w+ h/ A, [+ l& ILoader Tool' {; X7 j* u+ \9 x# N
Loader is a tool that injects a DLL before launching a process. Its command-line usage is as follows:
' w4 N- T4 ?5 _& U0 D% V+ p7 \9 A. {( R- @, @, g; }- p9 @
Load notepad.exe and inject C:\hook.dll into it: loader.exe notepad.exe C:\hook.dll
D! } @6 s9 J1 \9 eNote that you should specify the full path to the injected DLL. ! n7 W/ B: p( l! O
+ K# u+ O2 K9 p; o( e3 ~
Patch Tool. ~$ G# e; Z7 |
Patch is a tool that adds a new section to the executable. The new section becomes the new entrypoint, and contains code to load a particular DLL, and then jump back to the original entrypoint. This can be used to create static patches that behave similar to the Loader tool.# K8 G3 | n2 h6 b/ t/ q! |! U
The tool's command-line usage is as follows:
5 c7 x. m* ~" r' f. ?! A1 g: J' {4 \% N( o5 L& J3 E; j# Z
Patch original.exe to load C:\hook.dll before execution; save the patched executable to patched.exe: patch.exe original.exe patched.exe C:\hook.dll
' L6 q! ]: M" w. W& h5 {, ~ @1 }- s
Reimport Tool8 } c0 r& w7 C6 D
Reimport is a tool that redirects certain entries of an executable's import table to another DLL. For example, running reimport.exe game.exe newgame.exe nocd.dll kernel32.dll::GetDriveTypeA kernel32.dll::CreateFileA kernel32.dll::GetVolumeInformation will create a copy of game.exe into newgame.exe, with the above 3 API functions rerouted to nocd.dll, instead of kernel32.dll. That means newgame.exe would import GetDriveTypeA, CreateFileA, and GetVolumeInformation from nocd.dll instead of kernel32.dll. |
发表于 2010-2-4 11:38
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
收藏
分享
很美好
很差劲
