最近在老外网站上又发现了一些好东西。+ r2 i- F0 x0 F# Y/ m+ k0 ?
8 \% Y y( ?- [+ Q: I# R5 i
DLL注入利器Petools是一套关于DLL注入的工具集。/ a: `2 _7 o! G8 _9 u t
将在以后的高难度汉化中派上用处。: a' K r! r$ B2 {
% n1 f" P% R3 ]' M0 R3 S
原文
8 J% X* K8 R1 ~http://comrade.ownz.com/projects/petools.html
/ I+ `! m) {/ Z) _" e7 W: E
2 D/ ^7 l! Y' Q- r使用方法
2 o' B @. c/ O# xInject Tool: n, j0 H, F5 P
Inject is a tool that injects a DLL into a running process. Its command-line usage is as follows: 6 c3 {0 M9 P; V0 Y
0 o2 S2 f. [+ O: z5 F; I! ZInject C:\hook.dll into pid 1234: inject.exe 1234 C:\hook.dll - V8 e( k& w; m' @9 @; B
Inject C:\hook.dll into process notepad.exe (if multiple notepads are running, then whichever one is picked is undefined): inject.exe -p *notepad.exe C:\hook.dll
- Z; c3 Y( _1 k# R$ [8 J( XInject C:\hook.dll into running process C:\myprogram.exe: inject.exe -p C:\myprogram.exe C:\hook.dll
( e, v4 ~0 r+ i9 ]1 S. DInject C:\hook.dll into process with a window named "Untitled - Notepad": inject.exe -w "Untitled - Notepad" C:\hook.dll
+ R% J/ j b9 x0 dInject C:\hook.dll into process with a window class Notepad: inject.exe -c Notepad C:\hook.dll
+ i) s8 {+ q$ E' H# `- }Note that in all uses, you should specify the full path to the injected DLL. . H( W% f2 W1 i1 u
$ k/ N3 o, ]8 t- q/ v& q( qLoader Tool1 K2 |: ^! `0 ]' W
Loader is a tool that injects a DLL before launching a process. Its command-line usage is as follows: ) W2 z9 K5 q: P' u
+ t F; M9 R# f/ U2 |Load notepad.exe and inject C:\hook.dll into it: loader.exe notepad.exe C:\hook.dll ! ?" c4 [- Z/ I# k+ {& j' X" ]2 Y. c
Note that you should specify the full path to the injected DLL. ' m- e, l% h6 u; |0 N. O/ D. ]
( e0 l$ w# V, E4 y5 S; B1 h3 `Patch Tool. S; u2 |. I% j5 y9 p6 t( g8 r
Patch is a tool that adds a new section to the executable. The new section becomes the new entrypoint, and contains code to load a particular DLL, and then jump back to the original entrypoint. This can be used to create static patches that behave similar to the Loader tool.
) o! k! K+ {+ e c: yThe tool's command-line usage is as follows:
8 Q2 ?# ^! Q2 s. t! F/ I4 Y4 w T0 e0 z
Patch original.exe to load C:\hook.dll before execution; save the patched executable to patched.exe: patch.exe original.exe patched.exe C:\hook.dll ' B( W$ _) a- q2 L2 i. e
# I) {& ?. D" k9 w/ P3 s6 x+ N
Reimport Tool
' R7 ~& g0 K1 b4 C6 d9 F( cReimport is a tool that redirects certain entries of an executable's import table to another DLL. For example, running reimport.exe game.exe newgame.exe nocd.dll kernel32.dll::GetDriveTypeA kernel32.dll::CreateFileA kernel32.dll::GetVolumeInformation will create a copy of game.exe into newgame.exe, with the above 3 API functions rerouted to nocd.dll, instead of kernel32.dll. That means newgame.exe would import GetDriveTypeA, CreateFileA, and GetVolumeInformation from nocd.dll instead of kernel32.dll. |