·¬¤§±M·~V115µLªk¨Ï¥Îì¦]¬O....
¯uªº³Q§Ú²q¤¤¤F...
µLªk¹LHS...ª`¤J¾¹ ¥½§ó·s....
¦bèè©ñ¾Ç ¦b®öº© §ä¨ì ·Ø¤j µoªº¤å¤F!
¥H¤U¬Oµ¹¦Ñ³¾ ¸³»s§@¥~±¾ªº¤H¬Ýªº..
- /* dr.cpp : Defines the entry point for the DLL application.
- *****¼s§iºô§}!!!!½Ð¦VªO¥DÀËÁ|!!!!*****: hi.baidu.com/maydayhuan
- */
- #include "stdafx.h"
- #include "resource.h"
- #include "windows.h"
- #include "tlhelp32.h"
- #include "iostream.h"
- #include "stdio.h"
- struct debuger0{
- DWORD addr;
- DWORD dr;
- DWORD caozuo;
- };
- LRESULT CALLBACK dlgx(HWND hDlg, UINT message, WPARAM wParam, LPARAM lParam);
- DWORD WINAPI ThreadProc( LPVOID lpParameter );
- DWORD WINAPI debugProc( LPVOID lpParameter );
- HINSTANCE hinst;
- DWORD lst[100];
- char mychar[50];
- void ck(WORD wID, WORD wNF);
- void* (__stdcall *AddVectoredExceptionHandlerx)(ULONG FirstHandler,void* VectoredHandler);
- HANDLE (__stdcall *OpenThread)(DWORD dwDesiredAccess, BOOL bInheritHandle,DWORD dwThreadId);
- debuger0 debuger1;
- void RefreshThreadList (DWORD dwOwnerPID)
- {
- HANDLE hThreadSnap = NULL;
- BOOL bRet = FALSE;
- THREADENTRY32 te32 = {0};
- int px=0;
- // Take a snapshot of all threads currently in the system.
- hThreadSnap = CreateToolhelp32Snapshot(TH32CS_SNAPTHREAD, 0);
- //if (hThreadSnap == INVALID_HANDLE_VALUE)
- // return ;
- te32.dwSize = sizeof(THREADENTRY32);
- if (Thread32First(hThreadSnap, &te32))
- {
- px=0;
- do
- {
- if (te32.th32OwnerProcessID == dwOwnerPID&&dwOwnerPID!=0)
- {
- lst[px]=te32.th32ThreadID;
- px++;
- }
- }
- while (Thread32Next(hThreadSnap, &te32));
- }
- // OutputDebugString(":¨ê·s线µ{");
- CloseHandle (hThreadSnap);
- }
- BOOL APIENTRY DllMain( HINSTANCE hModule,
- DWORD ul_reason_for_call,
- LPVOID lpReserved
- )
- {
- switch (ul_reason_for_call)
- {
- case DLL_PROCESS_ATTACH:
- CreateThread(NULL,255,ThreadProc,NULL,0,NULL);
- hinst=hModule;
- case DLL_THREAD_ATTACH:
- case DLL_THREAD_DETACH:
- case DLL_PROCESS_DETACH:
- break;
- }
- return TRUE;
- }
- void ck(HWND dlg,WORD id, WORD wm)
- {
- //////////////////////////////////////////////////////////////////////////
- if(id==IDC_CHECK1)
- {
- if(IsDlgButtonChecked(dlg,id))
- {
- debuger1.addr=0x0095AFD3;
- debuger1.caozuo=1;
- debuger1.dr=0;
- CreateThread(NULL,255,(LPTHREAD_START_ROUTINE)debugProc,NULL,0,NULL);
- }else
- {
- debuger1.addr=0x0095AFD3;
- debuger1.caozuo=0;
- debuger1.dr=0;
- CreateThread(NULL,255,(LPTHREAD_START_ROUTINE)debugProc,NULL,0,NULL);
- }
- }
- //////////////////////////////////////////////////////////////////////////
- }
- LRESULT CALLBACK dlgx(HWND hDlg, UINT message, WPARAM wParam, LPARAM lParam)
- {
- switch (message)
- {
- case WM_INITDIALOG:
- return TRUE;
- case WM_COMMAND:
- WORD wID = LOWORD( wParam );
- WORD wNF = HIWORD( wParam );
- if(wID==IDCANCEL)
- {
- TerminateProcess(GetCurrentProcess(),0);
- }
- if(wNF=BST_CHECKED)
- {
- ck(hDlg,wID,wNF);
- }
- break;
- }
- return 0;
- }
- LONG WINAPI GPTUnhandledExceptionFilter(PEXCEPTION_POINTERS pExceptionInfo)
- {
- if(pExceptionInfo->ExceptionRecord->ExceptionCode==0x80000004)
- {
- if(pExceptionInfo->ExceptionRecord->ExceptionAddress==(PVOID)0x0095AFD3)
- {
- pExceptionInfo->ContextRecord->Eip=(DWORD)0x0095c475;
- return EXCEPTION_CONTINUE_EXECUTION;
- }
- }
- return EXCEPTION_CONTINUE_SEARCH ;
- }
- DWORD WINAPI ThreadProc(
- LPVOID lpParameter // thread data
- )
- {
- HINSTANCE slib=LoadLibrary("kernel32.dll");
- *(FARPROC*) &AddVectoredExceptionHandlerx=GetProcAddress(slib,"AddVectoredExceptionHandler");
- *(FARPROC*) &OpenThread=GetProcAddress(slib,"OpenThread");
- AddVectoredExceptionHandlerx(1,GPTUnhandledExceptionFilter);
- RefreshThreadList(GetCurrentProcessId());
- //设¸m键盘钩¤l
- DialogBox(hinst,(LPCTSTR)IDD_DIALOG1,NULL,(DLGPROC)dlgx);
- return 1;
- }
- DWORD WINAPI debugProc(LPVOID lpParameter )
- {
- if(debuger1.caozuo==1)
- {
- //¥´开
- RefreshThreadList(GetCurrentProcessId());
- for(int i=0;i<100;i++)
- {
- if(lst==0)
- {
- break;
- }
- if(lst!=GetCurrentThreadId())
- {
- HANDLE thd=OpenThread(THREAD_ALL_ACCESS,true,lst);
- SuspendThread(thd);
- CONTEXT con;
- con.ContextFlags=CONTEXT_CONTROL|CONTEXT_DEBUG_REGISTERS;
- GetThreadContext(thd,&con);
- if(debuger1.dr==0)
- {
- con.Dr0=debuger1.addr;
- con.Dr7=con.Dr7|0x3;
- }
- if(debuger1.dr==1)
- {
- con.Dr1=debuger1.addr;
- con.Dr7=con.Dr7|0xc;
- }
- if(debuger1.dr==2)
- {
- con.Dr2=debuger1.addr;
- con.Dr7=con.Dr7|0x30;
- }
- if(debuger1.dr==3)
- {
- con.Dr3=debuger1.addr;
- con.Dr7=con.Dr7|0xc0;
- }
- con.ContextFlags= CONTEXT_CONTROL|CONTEXT_DEBUG_REGISTERS;
- SetThreadContext(thd,&con);
- ResumeThread(thd);
- }
- }
- }else
- {
- //关闭
- //¥´开
- RefreshThreadList(GetCurrentProcessId());
- for(int i=0;i<100;i++)
- {
- if(lst==0)
- {
- break;
- }
- if(lst!=GetCurrentThreadId())
- {
- HANDLE thd=OpenThread(THREAD_ALL_ACCESS,true,lst);
- SuspendThread(thd);
- CONTEXT con;
- con.ContextFlags=CONTEXT_CONTROL|CONTEXT_DEBUG_REGISTERS;
- GetThreadContext(thd,&con);
- if(debuger1.dr==0)
- {
- con.Dr0=debuger1.addr;
- con.Dr7=con.Dr7&~0x3;
- }
- if(debuger1.dr==1)
- {
- con.Dr1=debuger1.addr;
- con.Dr7=con.Dr7&~0xc;
- }
- if(debuger1.dr==2)
- {
- con.Dr2=debuger1.addr;
- con.Dr7=con.Dr7&~0x30;
- }
- if(debuger1.dr==3)
- {
- con.Dr3=debuger1.addr;
- con.Dr7=con.Dr7&~0xc0;
- }
- con.ContextFlags= CONTEXT_CONTROL|CONTEXT_DEBUG_REGISTERS;
- SetThreadContext(thd,&con);
- ResumeThread(thd);
- }
- }
- }
- debuger1.addr=0;
- debuger1.caozuo=0;
- debuger1.dr=0;
- return true;
- }
½Æ»s¥N½X
¥i¹L¥Ø«eHS ³]¸mµw¥óÂ_ÂI DR0-DR3¡C¦n¤F,¸ÓÀ³¹ï°ª¦Ò¤F¡C
¶â..·Q»¡ÂI¤°麽©O¡A§Ú¦ôpICS¤]®t¤£¦hn«ô«ô¤F ¦hÓµwÂ_¤]µL®t.
¥H¤W¬O¥Ñ ®öº© ¬y¥X
¦¹¥Ñ ¥~±¾¤Ñ°ó ¤À¨É
§Úª¾¹D¤j®a¤£À´ §Ú¤]¤£À´ ¥uª¾¹D ¹L´X¤Ñ ´N¦³¥~±¾¥i¥H¥Î¤F
¦]¬° ³o¬O·sªºª`¤J¾¹ªºdll.
¤Í«H¥hªº¦Û¤vºCºC¬ã¨s§a~!
|
