从程序集调用 DLL?迪斯。奥利德布格
我正在使用 Ollydbg 来反汇编程序。我需要做的是将代码注入程序并在某个点保存 EDX 值。我猜最简单的方法是创建一个带有单个函数的 dll,如下所示...
function WriteEAXValue(EAX: PChar): LongBool
然后将代码注入到程序中,以便它在需要时调用 DLL。
我认为我需要的是以下delphi代码的等价物,但是在汇编中,这样我就可以将其添加到程序中。有人可以帮助我吗?谢谢
type
TFunc = function (EAX: PChar): LongBool;
Var
A: THandle;
F: TFunc;
begin
A := LoadLibrary('C:\My_Dll.dll');
@F := GetProcAddress(A,'WriteEAXValue');
F('EAX');
FreeLibrary(A);
end.
I'm using Ollydbg to disasemble a program. What I need to do is inject code into the program and save an EDX value at a certain point. I'm guessing the easiest way would be for me to create a dll with a single function like so...
function WriteEAXValue(EAX: PChar): LongBool
and then inject code into the program so it calls the DLL when needed.
What I think I need is the equivelent of the following delphi code, but in assembly so I can add it into the program. Can someone help me? Thanks
type
TFunc = function (EAX: PChar): LongBool;
Var
A: THandle;
F: TFunc;
begin
A := LoadLibrary('C:\My_Dll.dll');
@F := GetProcAddress(A,'WriteEAXValue');
F('EAX');
FreeLibrary(A);
end.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
查找 Delphi 代码的汇编等效项非常简单。只需编译代码,运行它,然后在程序开始处放置一个断点,然后在 CPU 视图中查看它即可。这样你就可以得到完整的反汇编。
Finding the assembly equivalent of Delphi code is pretty simple. Just compile the code, run it, and put a breakpoint at the start of the procedure and view it in the CPU view. You'll get a full disassembly that way.