ZpPatch.dll源码
[color=#b000b0].486[/color][color=#b000b0].model[/color] [color=#b000b0]flat[/color],[color=#b000b0]stdcall[/color]
[color=#b000b0]option[/color] [color=#b000b0]casemap[/color]:[color=#b000b0]none[/color]
[color=#008000]; Include file[/color]
[color=#b000b0]include[/color] zp.inc
[color=#b000b0]include[/color] windows.inc
[color=#b000b0]include[/color] kernel32.inc
[color=#b000b0]includelib[/color] kernel32.lib
[color=#b000b0].data[/color]
Bak [color=#b000b0]db[/color] [color=#808080]'abcdef'[/color]
hAddr [color=#b000b0]dd[/color] ?
dwOld [color=#b000b0]dd[/color] ?
dwNew [color=#b000b0]dd[/color] ?
[color=#b000b0].const[/color]
szDllName [color=#b000b0]db[/color] [color=#808080]'user32.dll'[/color],0
szAPIName [color=#b000b0]db[/color] [color=#808080]'DialogBoxIndirectParamA'[/color],0
[color=#b000b0].code[/color]
DllEntry [color=#b000b0]proc[/color] hInst:HINSTANCE, reason:[color=#b000b0]DWORD[/color], reserved1:[color=#b000b0]DWORD[/color]
[color=#0000D0]mov[/color] [color=#FF0000]eax[/color], hInst
[color=#0000D0]mov[/color] hInstance, [color=#FF0000]eax[/color]
[color=#b000b0].if[/color] reason==DLL_PROCESS_ATTACH
[color=#0000D0]pushad[/color]
[color=#0000D0]call[/color] Load
[color=#0000D0]popad[/color]
[color=#b000b0].endif[/color]
[color=#0000D0]mov[/color] [color=#FF0000]eax[/color], [color=#b000b0]TRUE[/color]
[color=#0000D0]ret[/color]
DllEntry [color=#b000b0]Endp[/color]
[color=#008000]; hook api[/color]
HookAPI [color=#b000b0]proc[/color]
[color=#0000D0]pushad[/color]
[color=#0000D0]mov[/color] [color=#FF0000]edi[/color],[color=#b000b0]offset[/color] Bak
[color=#0000D0]mov[/color] [color=#FF0000]ecx[/color],5
[color=#0000D0]rep[/color] [color=#0000D0]movsb[/color]
[color=#b000b0]invoke[/color]
[color=#000080]VirtualProtect[/color],hAddr,6,dwOld,[color=#b000b0]addr[/color] dwNew
[color=#0000D0]popad[/color]
[color=#0000D0]mov[/color] [color=#FF0000]eax[/color],232CH
[color=#0000D0]ret[/color] 14H
[color=#0000D0]ret[/color]
HookAPI [color=#b000b0]endp[/color]
[color=#008000];导出函数[/color]
Load [color=#b000b0]proc[/color]
[color=#b000b0]invoke[/color]
[color=#000080]LoadLibrary[/color],[color=#b000b0]offset[/color] szDllName
[color=#b000b0]invoke[/color]
[color=#000080]GetProcAddress[/color],[color=#FF0000]eax[/color],[color=#b000b0]offset[/color] szAPIName
[color=#0000D0]mov[/color] hAddr,[color=#FF0000]eax[/color]
[color=#b000b0]invoke[/color]
[color=#000080]VirtualProtect[/color],hAddr,6,PAGE_EXECUTE_READWRITE,[color=#b000b0]addr[/color] dwOld
[color=#0000D0]mov[/color] [color=#FF0000]edi[/color],[color=#b000b0]offset[/color] Bak
[color=#0000D0]mov[/color] [color=#FF0000]esi[/color],hAddr
[color=#0000D0]mov[/color] [color=#FF0000]ecx[/color],5
[color=#0000D0]rep[/color] [color=#0000D0]movsb[/color]
[color=#0000D0]mov[/color] [color=#FF0000]edi[/color],hAddr
[color=#0000D0]mov[/color] [color=#FF0000]eax[/color],[color=#b000b0]offset[/color] HookAPI
[color=#0000D0]sub[/color] [color=#FF0000]eax[/color],[color=#FF0000]edi[/color]
[color=#0000D0]sub[/color] [color=#FF0000]eax[/color],5
[color=#0000D0]mov[/color] [color=#b000b0]byte[/color] [color=#b000b0]ptr[/color] [color=#FF0000]ds[/color]:[[color=#FF0000]edi[/color]],0E9H
[color=#0000D0]mov[/color] [color=#b000b0]dword[/color] [color=#b000b0]ptr[/color] [color=#FF0000]ds[/color]:[[color=#FF0000]edi[/color]+1],[color=#FF0000]eax[/color]
[color=#0000D0]ret[/color]
Load [color=#b000b0]endp[/color]
[color=#b000b0]End[/color] DllEntry
最后修改文件的导入表,添加ZpPatch.dll;最后Patch掉ZP的文件校验就OK。
支持一下。