最近在老外网站上又发现了一些好东西。& S0 W5 n5 Z% H$ L
3 _* G$ r1 v" t% M
DLL注入利器Petools是一套关于DLL注入的工具集。
: u/ B' b) P, }, r& _3 a% T将在以后的高难度汉化中派上用处。
* p J+ t& s/ N. T4 Y( L( Y; C1 o; D
原文/ g! T: T m& a% X8 t0 ?) f, }
http://comrade.ownz.com/projects/petools.html, H6 a* X3 B# Q% K: G' ~7 U, _
! s9 p! y5 K3 I% E8 X( r! E! v0 S
使用方法
5 @! y- b% d7 H& A OInject Tool
# m: f: F" {! P3 PInject is a tool that injects a DLL into a running process. Its command-line usage is as follows: * h2 I! N7 y: y7 L: H F+ }
?3 z4 M" I) YInject C:\hook.dll into pid 1234: inject.exe 1234 C:\hook.dll
/ [. m' ^5 T7 a, A+ R! ?Inject C:\hook.dll into process notepad.exe (if multiple notepads are running, then whichever one is picked is undefined): inject.exe -p *notepad.exe C:\hook.dll
% [- Y0 g' ^3 v" m5 B) L) QInject C:\hook.dll into running process C:\myprogram.exe: inject.exe -p C:\myprogram.exe C:\hook.dll " ]# G0 R2 G% A! T2 T& \8 A* ^( u
Inject C:\hook.dll into process with a window named "Untitled - Notepad": inject.exe -w "Untitled - Notepad" C:\hook.dll : k: {7 p+ I9 m5 | L
Inject C:\hook.dll into process with a window class Notepad: inject.exe -c Notepad C:\hook.dll
n7 U3 v5 Y% vNote that in all uses, you should specify the full path to the injected DLL. % \ O8 p s1 M; P: H2 p& p( Z
! x2 [) Z" G+ u8 CLoader Tool- U# R) y' S. X8 x" l# ~
Loader is a tool that injects a DLL before launching a process. Its command-line usage is as follows: B! ?! b4 e( v2 s
$ i- M1 U$ _, ~, j2 YLoad notepad.exe and inject C:\hook.dll into it: loader.exe notepad.exe C:\hook.dll - H E( _2 N' q: C8 [6 X
Note that you should specify the full path to the injected DLL.
; c4 G; y* F7 E
; {& n- o @; F) Q# s: YPatch Tool
& Q" Y" Q4 k( tPatch is a tool that adds a new section to the executable. The new section becomes the new entrypoint, and contains code to load a particular DLL, and then jump back to the original entrypoint. This can be used to create static patches that behave similar to the Loader tool.
, z! L; d! I2 u1 f/ b5 L1 kThe tool's command-line usage is as follows: " `: @1 \% U6 l8 y1 A' O2 j
: E' H6 v5 J5 l |% PPatch original.exe to load C:\hook.dll before execution; save the patched executable to patched.exe: patch.exe original.exe patched.exe C:\hook.dll ! O9 ]) d/ h& S
R; h& I# j5 w; ]0 d% aReimport Tool
- [# R% E- u+ ^7 SReimport is a tool that redirects certain entries of an executable's import table to another DLL. For example, running reimport.exe game.exe newgame.exe nocd.dll kernel32.dll::GetDriveTypeA kernel32.dll::CreateFileA kernel32.dll::GetVolumeInformation will create a copy of game.exe into newgame.exe, with the above 3 API functions rerouted to nocd.dll, instead of kernel32.dll. That means newgame.exe would import GetDriveTypeA, CreateFileA, and GetVolumeInformation from nocd.dll instead of kernel32.dll. |