一种破dll内存补丁的办法
#import "kernel32.dll"intGetCurrentProcess();
intWriteProcessMemory(int handle, int address, int& buffer[], int size, int& written);
intGetModuleHandleA(string module);
intLoadLibraryA(string module);
#import
int ProcessPatch(string module, int address, int byte)
{
int mem;
int out;
mem = byte;
int hproc = GetCurrentProcess();
int hmod = GetModuleHandleA(module);
int addr = address + hmod;
int result = WriteProcessMemory(hproc, addr, mem, 1, out);
return (result);
}
LoadLibraryA("experts\libraries\Fusion.dll");
ProcessPatch("Fusion.dll", 0x6d37, 0xeb);
ProcessPatch("Fusion.dll", 0x6d38, 0x11);
ProcessPatch("Fusion.dll", 0x6e37, 0xeb);
ProcessPatch("Fusion.dll", 0x6e38, 0x11);
ProcessPatch("Fusion.dll", 0x6f3d, 0xeb);
ProcessPatch("Fusion.dll", 0x6f3e, 0x11);
ProcessPatch("Fusion.dll", 0x723d, 0xeb);
ProcessPatch("Fusion.dll", 0x723e, 0x11);
ProcessPatch("Fusion.dll", 0x7376, 0xeb);
ProcessPatch("Fusion.dll", 0x7377, 0x11);
ProcessPatch("Fusion.dll", 0x412c4, 1);
ProcessPatch("Fusion.dll", 0x412c8, 0);
ProcessPatch("Fusion.dll", 0x412c9, 0x40);
ProcessPatch("Fusion.dll", 0x412ca, 0);
ProcessPatch("Fusion.dll", 0x412cb, 0);
谢谢分享
页:
[1]