alternativedll.bat
来自「Cracker终结者——提供最优秀的软件保护技术」· Batch 代码 · 共 63 行
BAT
63 行
;@GOTO TRANSLATE
.586P
.MODEL FLAT, STDCALL
OPTION CASEMAP: NONE
INCLUDE WINDOWS.inc
UNICODE = TRUE
INCLUDE APIMACRO.mac
INCLUDE ApiHooks.inc
INCLUDELIB iKERNEL32.lib
INCLUDELIB iUSER32.lib
INCLUDELIB iApiHooks.lib
.DATA?
Exclude DWORD ? ;null terminated automatically
;------------------------------------------------------------------
.CODE
DllMain:
CMP DWORD PTR [ESP+8], DLL_PROCESS_ATTACH
JNE @F
PUSH [ESP+4] ;hinstDLL
POP Exclude ;exclude me (my MessageBoxW)
iWin32 GetCurrentProcessId
iWin32i EstablishApiHooks, OFFSET Dynamic, EAX
@@:
MOV EAX, TRUE
RETN 12
;------------------------------------------------------------------
NewMessageBoxA PROC p1, p2, p3, p4
iWin32 MessageBoxA, p1, sUnhookMsg, p3, p4
RET
NewMessageBoxA ENDP
TEXTA UnhookMsg, <From DLL/0>
;names-------------------------------------------------------------
TEXTA USER32, <USER32.dll/0>
TEXTA MessageBoxA, <MessageBoxA/0>
BeginHooks Dynamic
API_HOOK <HOOKS_DYNAMIC, 0, 0, 0, Exclude, 0>
MkHook , USER32, MessageBoxA
EndHooks
;names-------------------------------------------------------------
END DllMain
:TRANSLATE
@ECHO OFF
ML /c /coff /nologo AlternativeDLL.bat
eLINK AlternativeDLL /nologo /DLL /OUT:Alternative.dll /SUBSYSTEM:WINDOWS /MERGE:.idata=.text /MERGE:.rdata=.text /SECTION:.text,EWR /IGNORE:4078,4086 /BASE:0X77300000
DEL AlternativeDLL.obj
PAUSE
CLS⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?