alternative2dll.bat
来自「Cracker终结者——提供最优秀的软件保护技术」· Batch 代码 · 共 55 行
BAT
55 行
;@GOTO TRANSLATE
.586P
.MODEL FLAT, STDCALL
OPTION CASEMAP: NONE
INCLUDE WINDOWS.inc
UNICODE = TRUE
INCLUDE APIMACRO.mac
INCLUDE ApiHooks.inc
INCLUDELIB iKERNEL32.lib
INCLUDELIB iUSER32.lib
INCLUDELIB iApiHooks.lib
.DATA?
Exclude DWORD ?, ? ;null terminated by windows
;------------------------------------------------------------------
.CODE
DllMain:
CMP DWORD PTR [ESP+8], DLL_PROCESS_ATTACH
JNE @F
PUSH [ESP+4] ;hinstDLL
POP Exclude ;exclude me (my MessageBoxA)
iWin32i HookApi, sUSER32, sMessageBoxA, HOOK_ALL, ALL_MODULES,\
NULL, OFFSET NewMessageBoxA, OFFSET Exclude
@@:
MOV EAX, TRUE
RETN 12
;------------------------------------------------------------------
NewMessageBoxA PROC p1, p2, p3, p4
iWin32 MessageBoxA, p1, sUnhookMsg, p3, p4
RET
NewMessageBoxA ENDP
TEXTA UnhookMsg, <From DLL/0>
;names-------------------------------------------------------------
TEXT USER32, <USER32.dll/0>
TEXT MessageBoxA, <MessageBoxA/0>
;names-------------------------------------------------------------
END DllMain
:TRANSLATE
@ECHO OFF
ML /c /coff /nologo Alternative2DLL.bat
eLINK Alternative2DLL /nologo /DLL /OUT:Alternative.dll /SUBSYSTEM:WINDOWS /MERGE:.idata=.text /MERGE:.rdata=.text /SECTION:.text,EWR /IGNORE:4078,4086 /BASE:0X77300000
DEL Alternative2DLL.obj
PAUSE
CLS⌨️ 快捷键说明
复制代码Ctrl + C
搜索代码Ctrl + F
全屏模式F11
增大字号Ctrl + =
减小字号Ctrl + -
显示快捷键?