最近在老外网站上又发现了一些好东西。$ @5 W" A* A4 ]: n, q; M c/ A
* J/ V3 @3 {0 u4 s7 u
DLL注入利器Petools是一套关于DLL注入的工具集。" I" \7 |4 Z5 l0 j# D
将在以后的高难度汉化中派上用处。# t; {8 X4 Q6 [* D
9 Q. v& F3 Q9 v
原文3 R! g" }4 F& [( B
http://comrade.ownz.com/projects/petools.html+ |9 L1 n& \) n0 r: H5 ?1 [- Y% I5 U' x
- }: c4 K1 W# n3 G4 A+ v* D& W& }) y使用方法
9 [. O. I: {$ Z2 _. C. f* YInject Tool$ p( U/ e( Z5 G. Y+ x8 i& B7 x
Inject is a tool that injects a DLL into a running process. Its command-line usage is as follows:
) D! k" W& V. @$ \& b! E- n; v; ?4 n( x; u
Inject C:\hook.dll into pid 1234: inject.exe 1234 C:\hook.dll - ]* U7 F/ n \/ o7 a& \7 k
Inject C:\hook.dll into process notepad.exe (if multiple notepads are running, then whichever one is picked is undefined): inject.exe -p *notepad.exe C:\hook.dll
- b; _# @& p0 @0 \: VInject C:\hook.dll into running process C:\myprogram.exe: inject.exe -p C:\myprogram.exe C:\hook.dll
6 `$ W, m/ g% X& l' l7 QInject C:\hook.dll into process with a window named "Untitled - Notepad": inject.exe -w "Untitled - Notepad" C:\hook.dll
) B) s, y) F1 v' }, k7 B S9 hInject C:\hook.dll into process with a window class Notepad: inject.exe -c Notepad C:\hook.dll # \! d: f2 v; E
Note that in all uses, you should specify the full path to the injected DLL.
* R2 Y l; r6 E6 Z y0 s& N' g& @2 @. `" [2 v0 O
Loader Tool
& t1 s& G B3 l* DLoader is a tool that injects a DLL before launching a process. Its command-line usage is as follows: # `( P0 H7 a/ l g: _
2 {# S! Y7 M1 D5 y% t: z
Load notepad.exe and inject C:\hook.dll into it: loader.exe notepad.exe C:\hook.dll 5 D. W- D8 O; B z! K
Note that you should specify the full path to the injected DLL. 5 i2 ?1 _' h+ r5 x3 q
/ i' f9 t. D; S) S# fPatch Tool
2 Q0 D0 U# D% W; S' B& A, aPatch is a tool that adds a new section to the executable. The new section becomes the new entrypoint, and contains code to load a particular DLL, and then jump back to the original entrypoint. This can be used to create static patches that behave similar to the Loader tool.
; H h" I; V1 B. P" cThe tool's command-line usage is as follows:
& r8 `. M( s1 Y/ U, Y% u) [2 K; p+ b# k& F/ N* r( ]
Patch original.exe to load C:\hook.dll before execution; save the patched executable to patched.exe: patch.exe original.exe patched.exe C:\hook.dll % n9 A. ~/ I/ I" a* ~
" k* P2 l# f3 j' B( B+ qReimport Tool/ u4 E. k3 W2 w
Reimport is a tool that redirects certain entries of an executable's import table to another DLL. For example, running reimport.exe game.exe newgame.exe nocd.dll kernel32.dll::GetDriveTypeA kernel32.dll::CreateFileA kernel32.dll::GetVolumeInformation will create a copy of game.exe into newgame.exe, with the above 3 API functions rerouted to nocd.dll, instead of kernel32.dll. That means newgame.exe would import GetDriveTypeA, CreateFileA, and GetVolumeInformation from nocd.dll instead of kernel32.dll. |