最近在老外网站上又发现了一些好东西。1 |( g9 X: X! r1 i
* B. f/ z, A* ?$ DDLL注入利器Petools是一套关于DLL注入的工具集。
; X4 J1 X: k3 V+ l- l将在以后的高难度汉化中派上用处。
. M% y6 S9 W5 E9 K8 k* [
: d; p; f! n/ N原文
/ R4 J; K- A ~1 H6 j# S% J6 A% Q5 \http://comrade.ownz.com/projects/petools.html
$ M( Y# @' E) q- O5 F6 P" @- q' Z& z* {2 ~
: U v0 Y9 n3 P# v+ J- F# ^使用方法9 z1 o. _+ a1 c5 H9 \( Y
Inject Tool. \' i% q! m! P; w1 Y% e! b# O
Inject is a tool that injects a DLL into a running process. Its command-line usage is as follows: ; S1 m' V5 P+ x: ^2 ]
2 Z$ i3 A; t- S+ [8 N6 L
Inject C:\hook.dll into pid 1234: inject.exe 1234 C:\hook.dll 9 _! Z! j) y$ l% q" F! r
Inject C:\hook.dll into process notepad.exe (if multiple notepads are running, then whichever one is picked is undefined): inject.exe -p *notepad.exe C:\hook.dll : U% D, j& d( b! b
Inject C:\hook.dll into running process C:\myprogram.exe: inject.exe -p C:\myprogram.exe C:\hook.dll
( A9 F# h* K( I3 {Inject C:\hook.dll into process with a window named "Untitled - Notepad": inject.exe -w "Untitled - Notepad" C:\hook.dll
8 |; x' u, c$ V7 @ z# i" X; t3 OInject C:\hook.dll into process with a window class Notepad: inject.exe -c Notepad C:\hook.dll ' t. p, T9 @3 Z
Note that in all uses, you should specify the full path to the injected DLL. ( o9 L$ G0 q( U4 q! j( X
, C1 j' X! b9 c! [1 t5 |1 T
Loader Tool
: N9 u* _ ^ h4 S$ M' L- {$ G: j' T8 c( _Loader is a tool that injects a DLL before launching a process. Its command-line usage is as follows: 1 Q! _2 j. v! i; U- Z
$ S2 g, L, f1 P. G: Q
Load notepad.exe and inject C:\hook.dll into it: loader.exe notepad.exe C:\hook.dll
' p7 P. S3 r- g# \- [Note that you should specify the full path to the injected DLL.
3 E- {$ t) G; a6 |6 V' ~& l$ Y( p
3 `( D/ H' {: W$ VPatch Tool
, x9 }/ S9 p |' `1 l' ?Patch is a tool that adds a new section to the executable. The new section becomes the new entrypoint, and contains code to load a particular DLL, and then jump back to the original entrypoint. This can be used to create static patches that behave similar to the Loader tool.0 ]5 @- u2 Y* E
The tool's command-line usage is as follows:
* ^* W% H* o9 k( O
: S3 m9 {. F4 X6 R9 K, bPatch original.exe to load C:\hook.dll before execution; save the patched executable to patched.exe: patch.exe original.exe patched.exe C:\hook.dll
9 k! W$ ]2 e; T" Y9 ?8 b5 Q8 b! S& u/ l
Reimport Tool# l8 Q# _# d3 @, Z
Reimport is a tool that redirects certain entries of an executable's import table to another DLL. For example, running reimport.exe game.exe newgame.exe nocd.dll kernel32.dll::GetDriveTypeA kernel32.dll::CreateFileA kernel32.dll::GetVolumeInformation will create a copy of game.exe into newgame.exe, with the above 3 API functions rerouted to nocd.dll, instead of kernel32.dll. That means newgame.exe would import GetDriveTypeA, CreateFileA, and GetVolumeInformation from nocd.dll instead of kernel32.dll. |
发表于 2010-2-4 11:38
QQ好友和群
QQ空间
腾讯微博
腾讯朋友
收藏
分享
很美好
很差劲
