📄 phantom.dpr

📁 PhantOm,Ollydbg隐藏调试的辅助插件代码！
💻 DPR
📖 第 1 页 / 共 2 页
字号:
上一页 12
   Pluginwriteinttoini( HInstance , 'BLOCK', iRes);

   iRes := SendMessage(GetDlgItem( g_hwndOption , IDC_CHK_ChangeOllyDbgCaption ),
              BM_GETCHECK,0,0);
   Pluginwriteinttoini( HInstance , 'CAPTION', iRes);

   iRes := SendMessage(GetDlgItem( g_hwndOption , IDC_CHK_HookGetProcessTimes ),
              BM_GETCHECK,0,0);
   Pluginwriteinttoini( HInstance , 'GETTIMES', iRes);

   iRes := SendMessage(GetDlgItem( g_hwndOption , IDC_CHK_RemoveEPBreak ),
              BM_GETCHECK,0,0);
   Pluginwriteinttoini( HInstance , 'REMOVEEP', iRes);

   iRes := SendMessage(GetDlgItem( g_hwndOption , IDC_CHK_CustomHandlerExcept ),
              BM_GETCHECK,0,0);
   Pluginwriteinttoini( HInstance , 'HANDLE', iRes);

   iRes := SendMessage(GetDlgItem( g_hwndOption , IDC_CHK_HideOllyDbgWin ),
              BM_GETCHECK,0,0);
   Pluginwriteinttoini( HInstance , 'WINDOWS', iRes);

   iRes := SendMessage(GetDlgItem( g_hwndOption , IDC_CHK_LoadDriver ),
              BM_GETCHECK,0,0);
   Pluginwriteinttoini( HInstance , 'DRIVER', iRes);

   //添加程序调用:
   //......
end;

procedure  mg_InitCheckDlgBtn() ;
var
  dwRes : DWORD;
begin
  dwRes := Pluginreadintfromini( HInstance , 'VERSION' , 0 );
  g_dwPluginVer := dwRes;
  if( (g_dwPluginVer = 0) or (g_dwPluginVer <> $78) )then
  begin
    Addtolist( 0 ,0 ,'Status: Old version foun, all option were discarded!');
    Pluginwriteinttoini( HInstance , 'PEB'        , $0000);
    Pluginwriteinttoini( HInstance , 'GETCOUNT'   , $0000);
    Pluginwriteinttoini( HInstance , 'DRX'        , $0000);
    Pluginwriteinttoini( HInstance , 'SETCONTEXT' , $0000);
    Pluginwriteinttoini( HInstance , 'DEBSTRING'  , $0000);
    Pluginwriteinttoini( HInstance , 'WINVER'     , $0000);
    Pluginwriteinttoini( HInstance , 'GETTIMES'   , $0000);
    Pluginwriteinttoini( HInstance , 'REMOVEEP'   , $0000);
    Pluginwriteinttoini( HInstance , 'HANDLE'     , $0000);
    Pluginwriteinttoini( HInstance , 'WINDOWS'    , $0000);
    Pluginwriteinttoini( HInstance , 'DRIVER'     , $0000);
    Pluginwriteinttoini( HInstance , 'CAPTION'    , $0000);
    Pluginwriteinttoini( HInstance , 'RDTSC'      , $0000);
    Pluginwriteinttoini( HInstance , 'VERSION'    , $0078);
    Pluginwriteinttoini( HInstance , 'DELTARDTSC' , $8800);

    Exit;
  end;

  dwRes := Pluginreadintfromini( HInstance , 'PEB'            , $00);
  g_bHideFromPEB := dwRes;
  SendMessage(GetDlgItem( g_hwndOption , IDC_CHK_HideFromPEB ),
              BM_SETCHECK,dwRes,0);

  dwRes := Pluginreadintfromini( HInstance , 'DRX'           , $00);
  g_bProtectDRx := dwRes;
  SendMessage(GetDlgItem( g_hwndOption , IDC_CHK_ProtectDRx ),
              BM_SETCHECK,dwRes,0);

  dwRes := Pluginreadintfromini( HInstance , 'DRIVER'        , $00);
  g_bLoadDriver := dwRes;
  SendMessage(GetDlgItem( g_hwndOption , IDC_CHK_LoadDriver ),
              BM_SETCHECK,dwRes,0);

  dwRes := Pluginreadintfromini( HInstance , 'RDTSC'         , $00);
  g_bHookRDTSC  := dwRes;
  SendMessage(GetDlgItem( g_hwndOption , IDC_CHK_HookRDTSC ),
              BM_SETCHECK,dwRes,0);

  dwRes := Pluginreadintfromini( HInstance , 'SETCONTEXT'    , $00);
  g_bHookNtSetContextThread  := dwRes;
  SendMessage(GetDlgItem( g_hwndOption , IDC_CHK_HookNtSetContextThread ),
              BM_SETCHECK,dwRes,0);

  dwRes := Pluginreadintfromini( HInstance , 'DEBSTRING'     , $00);
  g_bPathODStringAndFPUBugs  := dwRes;
  SendMessage(GetDlgItem( g_hwndOption , IDC_CHK_PathODStringAndFPUBugs ),
              BM_SETCHECK,dwRes,0);

  dwRes := Pluginreadintfromini( HInstance , 'BLOCK'         , $00);
  g_bHookBlockInput  := dwRes;
  SendMessage(GetDlgItem( g_hwndOption , IDC_CHK_HookBlockInput ),
              BM_SETCHECK,dwRes,0);

  dwRes := Pluginreadintfromini( HInstance , 'GETCOUNT'      , $00);
  g_bHookGetTickCount  := dwRes;
  SendMessage(GetDlgItem( g_hwndOption , IDC_CHK_HookGetTickCount ),
              BM_SETCHECK,dwRes,0);

  dwRes := Pluginreadintfromini( HInstance , 'GETTIMES'      , $00);
  g_bHookGetProcessTimes  := dwRes;
  SendMessage(GetDlgItem( g_hwndOption , IDC_CHK_HookGetProcessTimes ),
              BM_SETCHECK,dwRes,0);

  dwRes := Pluginreadintfromini( HInstance , 'REMOVEEP'       , $00);
  g_bRemoveEPBreak  := dwRes;
  SendMessage(GetDlgItem( g_hwndOption , IDC_CHK_RemoveEPBreak ),
              BM_SETCHECK,dwRes,0);

  dwRes := Pluginreadintfromini( HInstance , 'HANDLE'         , $00);
  g_bCustomHandlerExcept := dwRes;
  SendMessage(GetDlgItem( g_hwndOption , IDC_CHK_CustomHandlerExcept ),
              BM_SETCHECK,dwRes,0);

  dwRes := Pluginreadintfromini( HInstance , 'WINDOWS'        , $00);
  g_bHideOllyDbgWin := dwRes;
  SendMessage(GetDlgItem( g_hwndOption , IDC_CHK_HideOllyDbgWin ),
              BM_SETCHECK,dwRes,0);

  dwRes := Pluginreadintfromini( HInstance , 'CAPTION'        , $00);
  g_bChangeOllyDbgCaption  := dwRes;
  SendMessage(GetDlgItem( g_hwndOption , IDC_CHK_ChangeOllyDbgCaption ),
              BM_SETCHECK,dwRes,0);

  dwRes := Pluginreadintfromini( HInstance , 'DELTARDTSC'        , $00);
  g_dwDELTARDTSC  := dwRes;
end;

//--------------------------------------------------------------------------------------------------------
//
function  _lpOptinDlgProc( hdlg :HWND ; msg :UINT ; wParam :WPARAM ;lParam :LPARAM):LRESULT;stdcall;
var
  revar : Integer;
begin
  revar := 0;
  case msg of
  WM_COMMAND:
    begin
      if( wParam = IDC_BTN_SAVE ) then
      begin
      mg_SaveCheckDlgBtn();
      end;
    end;
  WM_INITDIALOG:
    begin
      g_hwndOption := hdlg;
    end;
  WM_SHOWWINDOW:
    begin
    mg_InitCheckDlgBtn();
    end;
  WM_DESTROY,
  WM_CLOSE:
    begin
      if( g_bRunOptionLog <> 1 ) then
      begin
      mg_SaveCheckDlgBtn();
      end;
    end;
  end;
  Result := revar;
end;


//--------------------------------------------------------------------------------------------------------
//
procedure ODBG_Pluginaction(origin: Integer; action: Integer; pItem: Pointer); cdecl;
var
  ptmpname : string;
begin
  ptmpname := '';
  if (origin = PM_MAIN) then
  begin
    case action of
      0:
      begin
      //ptmpname :=  Windows.MakeIntResource(#01);
      CreateDialog( HInstance , Windows.MakeIntResource(#01) ,Plugingetvalue( VAL_HWMAIN ),@_lpOptinDlgProc);
      end;
      1:
      begin
      MessageBox(g_hwndOlly ,       'PhantOm 1.20 本程序为逆向而来,并无其他,只供学习研究用,请勿它用!'+
                              #10 + '感谢原作者~! -By EasyStudy',
                    'About PhantOm ',MB_OK or MB_ICONASTERISK);
      end;
    end;
  end;
end;


//--------------------------------------------------------------------------------------------------------
//
exports
  ODBG_Plugindata   name '_ODBG_Plugindata',
  ODBG_Plugininit   name '_ODBG_Plugininit',
  ODBG_Pluginmenu   name '_ODBG_Pluginmenu',
  ODBG_Pluginaction name '_ODBG_Pluginaction';

//--------------------------------------------------------------------------------------------------------
//
procedure DLLExit(dwReason: DWORD);
begin
  case dwReason of  DLL_PROCESS_ATTACH:
    begin
    mg_GetTickCount();

    g_hmodNTDLL := GetModuleHandle('ntdll.dll');
    g_hmodKERNEL:= GetModuleHandle('Kernel32.dll');

    g_procRtlRaiseException   := GetProcAddress( g_hmodNTDLL , 'RtlRaiseException');
    g_procDbgBreakPoint := GetProcAddress( g_hmodNTDLL , 'DbgBreakPoint');
    end;
  end;

  {
  DLL_PROCESS_DETACH:
  begin

  end;
  }
  Exit;
end;

//--------------------------------------------------------------------------------------------------------
//
var
  ss:String;
begin
// Initialize code here
    ss := '';   //原始中是有不初始化变量的习惯T_T
    DllProc := @DLLExit;
    DllProc(1);
    Exit;
//g_hmodOlly := GetModuleHandle(nil);
end.
上一页 12
⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -