最近在老外网站上又发现了一些好东西。
9 c+ b/ k7 M. a
|* f. F# M$ U3 n% r0 uDLL注入利器Petools是一套关于DLL注入的工具集。
0 s9 n8 p( @5 N将在以后的高难度汉化中派上用处。5 u. F+ g8 z' D+ E
, U, I: l; U+ _4 v: D3 |; a- |$ `/ \原文
v7 F' N8 `: t; ^: shttp://comrade.ownz.com/projects/petools.html
& e& I4 l- {& p& R2 E% \$ T7 M9 K
# R( I! B. Z; a- d- ?9 Y使用方法( ?: w0 J% W! {
Inject Tool
c* L3 o+ l; i6 @( ?' iInject is a tool that injects a DLL into a running process. Its command-line usage is as follows:
) i6 _1 D4 ]% c2 ^3 Z$ o
8 S2 D2 w A0 V. v: fInject C:\hook.dll into pid 1234: inject.exe 1234 C:\hook.dll ) H* ~. w6 J4 I5 o2 }
Inject C:\hook.dll into process notepad.exe (if multiple notepads are running, then whichever one is picked is undefined): inject.exe -p *notepad.exe C:\hook.dll
! n5 K: C% h' D- |# xInject C:\hook.dll into running process C:\myprogram.exe: inject.exe -p C:\myprogram.exe C:\hook.dll & ^6 ~( r: j3 h. f! I/ G
Inject C:\hook.dll into process with a window named "Untitled - Notepad": inject.exe -w "Untitled - Notepad" C:\hook.dll 5 l: z$ u- A, m4 _
Inject C:\hook.dll into process with a window class Notepad: inject.exe -c Notepad C:\hook.dll
% ~! y! ]/ I2 tNote that in all uses, you should specify the full path to the injected DLL. $ R- G: E5 j1 U( ]' U0 }: R
* c$ _# Y: @: c6 e' B
Loader Tool
$ R. E/ N s+ x' \3 b KLoader is a tool that injects a DLL before launching a process. Its command-line usage is as follows: ! X* H( O" V2 _$ |
1 L0 p% C: b0 r$ b( n
Load notepad.exe and inject C:\hook.dll into it: loader.exe notepad.exe C:\hook.dll
, U; c" t- V& Y8 `( U6 W5 ENote that you should specify the full path to the injected DLL.
, W# u* P. y& I% h* i0 V( a* X% ^6 s9 ^3 O, H
Patch Tool
x" I4 l' K( C9 G+ U9 ZPatch is a tool that adds a new section to the executable. The new section becomes the new entrypoint, and contains code to load a particular DLL, and then jump back to the original entrypoint. This can be used to create static patches that behave similar to the Loader tool.
9 p; a8 J' j* m. V7 v# i/ |4 DThe tool's command-line usage is as follows:
2 ]/ ^5 L; Q' j# U6 J1 Q$ E; m0 {" F8 S& t/ {. ], _
Patch original.exe to load C:\hook.dll before execution; save the patched executable to patched.exe: patch.exe original.exe patched.exe C:\hook.dll / }- H- X; f s9 v' K
8 a0 C7 l; ^; U$ UReimport Tool8 `2 x( j x- B; B" f, P
Reimport is a tool that redirects certain entries of an executable's import table to another DLL. For example, running reimport.exe game.exe newgame.exe nocd.dll kernel32.dll::GetDriveTypeA kernel32.dll::CreateFileA kernel32.dll::GetVolumeInformation will create a copy of game.exe into newgame.exe, with the above 3 API functions rerouted to nocd.dll, instead of kernel32.dll. That means newgame.exe would import GetDriveTypeA, CreateFileA, and GetVolumeInformation from nocd.dll instead of kernel32.dll. |
发表于 2010-2-4 11:38
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
收藏
分享
很美好
很差劲
