最近在老外网站上又发现了一些好东西。2 w$ p$ o+ p @$ N0 B$ X5 {
% j# Z' w3 k" c
DLL注入利器Petools是一套关于DLL注入的工具集。
4 u4 T ~' L, ]: B将在以后的高难度汉化中派上用处。
4 G' I: I, n+ |7 F7 \: c) r
6 w: k- l4 Q# B8 d2 \$ F$ @( _" C原文- Z9 i- d9 `8 R7 A
http://comrade.ownz.com/projects/petools.html
) o, N: p `' b. L3 r. V
6 s t# ?( j" V( H6 ^7 N9 Z3 y使用方法3 V& o' K5 H1 @, C; i: d
Inject Tool# l& V o3 k) a# S0 A. n) H8 b0 o. z9 G
Inject is a tool that injects a DLL into a running process. Its command-line usage is as follows: 1 c( @) Q1 F4 Q. n7 Y/ h7 n
7 y5 E: o# u' a1 \2 y: C! wInject C:\hook.dll into pid 1234: inject.exe 1234 C:\hook.dll
% a3 S9 }; J) p( @7 _ PInject C:\hook.dll into process notepad.exe (if multiple notepads are running, then whichever one is picked is undefined): inject.exe -p *notepad.exe C:\hook.dll
& q1 L$ J8 p1 K+ K. H+ |Inject C:\hook.dll into running process C:\myprogram.exe: inject.exe -p C:\myprogram.exe C:\hook.dll
- {6 ]; J* h. Q5 Z* {4 j6 ^Inject C:\hook.dll into process with a window named "Untitled - Notepad": inject.exe -w "Untitled - Notepad" C:\hook.dll
. o; j; Y, f/ p) b3 V9 f5 XInject C:\hook.dll into process with a window class Notepad: inject.exe -c Notepad C:\hook.dll . K8 @2 C7 [. Y
Note that in all uses, you should specify the full path to the injected DLL.
+ N% O3 n6 K. b+ P6 L, Y- d# Q
3 A2 A* V/ h& z* r3 yLoader Tool
) G! U, M3 o; n H2 QLoader is a tool that injects a DLL before launching a process. Its command-line usage is as follows: : N4 V8 @1 u6 W# b8 `" N! u& X
# r' {2 G% h6 R- {5 J
Load notepad.exe and inject C:\hook.dll into it: loader.exe notepad.exe C:\hook.dll / i5 ^ Q* V: }0 V/ }( Q3 T" d
Note that you should specify the full path to the injected DLL. 6 ?1 B, H1 Z7 w+ c4 _: e& X a6 z& T
5 r! X4 w' U+ S) w9 A/ H( {Patch Tool! ^3 O' o1 P& K6 E/ Z- r4 b
Patch is a tool that adds a new section to the executable. The new section becomes the new entrypoint, and contains code to load a particular DLL, and then jump back to the original entrypoint. This can be used to create static patches that behave similar to the Loader tool.
# P3 ]2 e1 u4 `; _; OThe tool's command-line usage is as follows:
& P% F F( Q! v1 w$ s# x& p
; H* _ _7 L7 T) x+ Y- o2 ^Patch original.exe to load C:\hook.dll before execution; save the patched executable to patched.exe: patch.exe original.exe patched.exe C:\hook.dll
( L8 K* ^; V0 u9 V/ o7 | ^1 ^, U/ F5 b" Q% i7 R" {* r% l. R
Reimport Tool+ j! I+ W* E; @ G
Reimport is a tool that redirects certain entries of an executable's import table to another DLL. For example, running reimport.exe game.exe newgame.exe nocd.dll kernel32.dll::GetDriveTypeA kernel32.dll::CreateFileA kernel32.dll::GetVolumeInformation will create a copy of game.exe into newgame.exe, with the above 3 API functions rerouted to nocd.dll, instead of kernel32.dll. That means newgame.exe would import GetDriveTypeA, CreateFileA, and GetVolumeInformation from nocd.dll instead of kernel32.dll. |
发表于 2010-2-4 11:38
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
收藏
分享
很美好
很差劲
