[转载]Adding Functionality to Windows Binaries
<p>原始连接:<a href="http://www.craigheffner.com/win_mod.html">[url]http://www.craigheffner.com/win_mod.html[/url]</a></p><div id="wrap"><div id="header"></div><div id="content"><div id="corner"></div><div id="header_img"></div><div id="right_img"></div><div id="inside_content"><div id="corner2"></div><h1>Custom Windows EXEs</h1><div class="paragraph"><p>In this multipart tutorial, I will be presenting several ways in which you can add functionality to closed source Windows executables through DLLs, PE header modification, and good old assembly code. It is suggested that you read the tutorials sequentially, as each tutorial builds off of the information covered in the previous tutorials: <br /><br />[~] <a href="tute/tute1.html">Part 1</a> - Detour notepad's execution flow and add a call to the MessageBeep API.<br />[~] <a href="tute/tute2.html">Part 2</a> - Modify notepad's PE headers and add a backdoor via reverse shellcode.<br />[~] <a href="tute/tute3.html">Part 3</a> - Write a custom DLL and modify notepad's PE headers to load it.<br />[~] <a href="tute/tute4_intro.html">Part 4</a> - Add plugin functionality to notepad, allowing the easy addition of multiple<br /> DLL files</p><div id="wrap"><div id="header"></div><div id="content"><div id="corner"></div><div id="header_img"></div><div id="right_img"></div><div id="inside_content"><div id="corner2"></div><h1>Notepad Plugins</h1><div class="paragraph"><p>This part of the tutorial will be divided into several sub-sections as some of the material has not previously been covered. It is assumed that you are familiar with the applications and techniques presented in the previous sections of this tutorial, as any steps which are related to previous sections are not covered in detail. The objectives for adding plugin functionality are: <br /><br />1) Add a 'Plugins' menu option which will hold the options for each plugin.<br />2) Enumerate all DLL files in a certian folder, then load them and run a predefined function<br /> in each. <br />3) Intercept WM_COMMAND messages and allow each plugin to process the message <br /> to determine if its option has been selected.<br />4) Allow plugins to specify if they want notepad to furthur process the WM_COMMAND<br /> message or not.<br /><br />[~] <a href="tute4_1.html">Section A</a> - Modify the menu bar via import functions.<br />[~] <a href="tute4_2.html">Section B</a> - Calling the imported function at the right place.<br />[~] <a href="tute4_3.html">Section C</a> - Writing the primary DLL.<br />[~] <a href="tute4_4.html">Section D</a> - Writing a plugin DLL.<br /><br /><br />The binaries and source code can be downloaded <a href="notepad-ex.zip">here</a>. </p></div></div></div></div></div></div></div></div>页:
[1]