阅读这篇有趣的文章后: http://www.codeproject.com/Articles/16541/Create-your-Proxy-DLLs-automatically
我决定尝试创建一个代理 dll 用于纯粹的研究目的。 :-)
我在 ws2_32.dll 上完成了所有步骤,这是我得到的代码:
#include <windows.h>
#include <stdio.h>
#pragma pack(1)
HINSTANCE hLThis = 0;
HINSTANCE hL = 0;
FARPROC p[182] = {0};
BOOL WINAPI DllMain(HINSTANCE hInst,DWORD reason,LPVOID)
{
//to get indication whether we were loaded
FILE* f;
fopen_s(&f, "C:\\load.txt", "a+");
fclose(f);
if (reason == DLL_PROCESS_ATTACH)
{
hLThis = hInst;
hL = LoadLibrary("ws2_32_.dll");
if (!hL) return false;
p[0] = GetProcAddress(hL,"FreeAddrInfoEx");
p[1] = GetProcAddress(hL,"FreeAddrInfoExW");
p[2] = GetProcAddress(hL,"FreeAddrInfoW");
p[3] = GetProcAddress(hL,"GetAddrInfoExA");
p[4] = GetProcAddress(hL,"GetAddrInfoExW");
p[5] = GetProcAddress(hL,"GetAddrInfoW");
p[6] = GetProcAddress(hL,"GetNameInfoW");
p[7] = GetProcAddress(hL,"InetNtopW");
p[8] = GetProcAddress(hL,"InetPtonW");
p[9] = GetProcAddress(hL,"SetAddrInfoExA");
p[10] = GetProcAddress(hL,"SetAddrInfoExW");
p[11] = GetProcAddress(hL,"WEP");
p[12] = GetProcAddress(hL,"WPUCompleteOverlappedRequest");
p[13] = GetProcAddress(hL,"WSAAccept");
p[14] = GetProcAddress(hL,"WSAAddressToStringA");
p[15] = GetProcAddress(hL,"WSAAddressToStringW");
p[16] = GetProcAddress(hL,"WSAAdvertiseProvider");
p[17] = GetProcAddress(hL,"WSAAsyncGetHostByAddr");
p[18] = GetProcAddress(hL,"WSAAsyncGetHostByName");
p[19] = GetProcAddress(hL,"WSAAsyncGetProtoByName");
p[20] = GetProcAddress(hL,"WSAAsyncGetProtoByNumber");
p[21] = GetProcAddress(hL,"WSAAsyncGetServByName");
p[22] = GetProcAddress(hL,"WSAAsyncGetServByPort");
p[23] = GetProcAddress(hL,"WSAAsyncSelect");
p[24] = GetProcAddress(hL,"WSACancelAsyncRequest");
p[25] = GetProcAddress(hL,"WSACancelBlockingCall");
p[26] = GetProcAddress(hL,"WSACleanup");
p[27] = GetProcAddress(hL,"WSACloseEvent");
p[28] = GetProcAddress(hL,"WSAConnect");
p[29] = GetProcAddress(hL,"WSAConnectByList");
p[30] = GetProcAddress(hL,"WSAConnectByNameA");
p[31] = GetProcAddress(hL,"WSAConnectByNameW");
p[32] = GetProcAddress(hL,"WSACreateEvent");
p[33] = GetProcAddress(hL,"WSADuplicateSocketA");
p[34] = GetProcAddress(hL,"WSADuplicateSocketW");
p[35] = GetProcAddress(hL,"WSAEnumNameSpaceProvidersA");
p[36] = GetProcAddress(hL,"WSAEnumNameSpaceProvidersExA");
p[37] = GetProcAddress(hL,"WSAEnumNameSpaceProvidersExW");
p[38] = GetProcAddress(hL,"WSAEnumNameSpaceProvidersW");
p[39] = GetProcAddress(hL,"WSAEnumNetworkEvents");
p[40] = GetProcAddress(hL,"WSAEnumProtocolsA");
p[41] = GetProcAddress(hL,"WSAEnumProtocolsW");
p[42] = GetProcAddress(hL,"WSAEventSelect");
p[43] = GetProcAddress(hL,"WSAGetLastError");
p[44] = GetProcAddress(hL,"WSAGetOverlappedResult");
p[45] = GetProcAddress(hL,"WSAGetQOSByName");
p[46] = GetProcAddress(hL,"WSAGetServiceClassInfoA");
p[47] = GetProcAddress(hL,"WSAGetServiceClassInfoW");
p[48] = GetProcAddress(hL,"WSAGetServiceClassNameByClassIdA");
p[49] = GetProcAddress(hL,"WSAGetServiceClassNameByClassIdW");
p[50] = GetProcAddress(hL,"WSAHtonl");
p[51] = GetProcAddress(hL,"WSAHtons");
p[52] = GetProcAddress(hL,"WSAInstallServiceClassA");
p[53] = GetProcAddress(hL,"WSAInstallServiceClassW");
p[54] = GetProcAddress(hL,"WSAIoctl");
p[55] = GetProcAddress(hL,"WSAIsBlocking");
p[56] = GetProcAddress(hL,"WSAJoinLeaf");
p[57] = GetProcAddress(hL,"WSALookupServiceBeginA");
p[58] = GetProcAddress(hL,"WSALookupServiceBeginW");
p[59] = GetProcAddress(hL,"WSALookupServiceEnd");
p[60] = GetProcAddress(hL,"WSALookupServiceNextA");
p[61] = GetProcAddress(hL,"WSALookupServiceNextW");
p[62] = GetProcAddress(hL,"WSANSPIoctl");
p[63] = GetProcAddress(hL,"WSANtohl");
p[64] = GetProcAddress(hL,"WSANtohs");
p[65] = GetProcAddress(hL,"WSAPoll");
p[66] = GetProcAddress(hL,"WSAProviderCompleteAsyncCall");
p[67] = GetProcAddress(hL,"WSAProviderConfigChange");
p[68] = GetProcAddress(hL,"WSARecv");
p[69] = GetProcAddress(hL,"WSARecvDisconnect");
p[70] = GetProcAddress(hL,"WSARecvFrom");
p[71] = GetProcAddress(hL,"WSARemoveServiceClass");
p[72] = GetProcAddress(hL,"WSAResetEvent");
p[73] = GetProcAddress(hL,"WSASend");
p[74] = GetProcAddress(hL,"WSASendDisconnect");
p[75] = GetProcAddress(hL,"WSASendMsg");
p[76] = GetProcAddress(hL,"WSASendTo");
p[77] = GetProcAddress(hL,"WSASetBlockingHook");
p[78] = GetProcAddress(hL,"WSASetEvent");
p[79] = GetProcAddress(hL,"WSASetLastError");
p[80] = GetProcAddress(hL,"WSASetServiceA");
p[81] = GetProcAddress(hL,"WSASetServiceW");
p[82] = GetProcAddress(hL,"WSASocketA");
p[83] = GetProcAddress(hL,"WSASocketW");
p[84] = GetProcAddress(hL,"WSAStartup");
p[85] = GetProcAddress(hL,"WSAStringToAddressA");
p[86] = GetProcAddress(hL,"WSAStringToAddressW");
p[87] = GetProcAddress(hL,"WSAUnadvertiseProvider");
p[88] = GetProcAddress(hL,"WSAUnhookBlockingHook");
p[89] = GetProcAddress(hL,"WSAWaitForMultipleEvents");
p[90] = GetProcAddress(hL,"WSApSetPostRoutine");
p[91] = GetProcAddress(hL,"WSCDeinstallProvider");
p[92] = GetProcAddress(hL,"WSCDeinstallProvider32");
p[93] = GetProcAddress(hL,"WSCEnableNSProvider");
p[94] = GetProcAddress(hL,"WSCEnableNSProvider32");
p[95] = GetProcAddress(hL,"WSCEnumNameSpaceProviders32");
p[96] = GetProcAddress(hL,"WSCEnumNameSpaceProvidersEx32");
p[97] = GetProcAddress(hL,"WSCEnumProtocols");
p[98] = GetProcAddress(hL,"WSCEnumProtocols32");
p[99] = GetProcAddress(hL,"WSCGetApplicationCategory");
p[100] = GetProcAddress(hL,"WSCGetProviderInfo");
p[101] = GetProcAddress(hL,"WSCGetProviderInfo32");
p[102] = GetProcAddress(hL,"WSCGetProviderPath");
p[103] = GetProcAddress(hL,"WSCGetProviderPath32");
p[104] = GetProcAddress(hL,"WSCInstallNameSpace");
p[105] = GetProcAddress(hL,"WSCInstallNameSpace32");
p[106] = GetProcAddress(hL,"WSCInstallNameSpaceEx");
p[107] = GetProcAddress(hL,"WSCInstallNameSpaceEx32");
p[108] = GetProcAddress(hL,"WSCInstallProvider");
p[109] = GetProcAddress(hL,"WSCInstallProvider64_32");
p[110] = GetProcAddress(hL,"WSCInstallProviderAndChains64_32");
p[111] = GetProcAddress(hL,"WSCSetApplicationCategory");
p[112] = GetProcAddress(hL,"WSCSetProviderInfo");
p[113] = GetProcAddress(hL,"WSCSetProviderInfo32");
p[114] = GetProcAddress(hL,"WSCUnInstallNameSpace");
p[115] = GetProcAddress(hL,"WSCUnInstallNameSpace32");
p[116] = GetProcAddress(hL,"WSCUpdateProvider");
p[117] = GetProcAddress(hL,"WSCUpdateProvider32");
p[118] = GetProcAddress(hL,"WSCWriteNameSpaceOrder");
p[119] = GetProcAddress(hL,"WSCWriteNameSpaceOrder32");
p[120] = GetProcAddress(hL,"WSCWriteProviderOrder");
p[121] = GetProcAddress(hL,"WSCWriteProviderOrder32");
p[122] = GetProcAddress(hL,"WahCloseApcHelper");
p[123] = GetProcAddress(hL,"WahCloseHandleHelper");
p[124] = GetProcAddress(hL,"WahCloseNotificationHandleHelper");
p[125] = GetProcAddress(hL,"WahCloseSocketHandle");
p[126] = GetProcAddress(hL,"WahCloseThread");
p[127] = GetProcAddress(hL,"WahCompleteRequest");
p[128] = GetProcAddress(hL,"WahCreateHandleContextTable");
p[129] = GetProcAddress(hL,"WahCreateNotificationHandle");
p[130] = GetProcAddress(hL,"WahCreateSocketHandle");
p[131] = GetProcAddress(hL,"WahDestroyHandleContextTable");
p[132] = GetProcAddress(hL,"WahDisableNonIFSHandleSupport");
p[133] = GetProcAddress(hL,"WahEnableNonIFSHandleSupport");
p[134] = GetProcAddress(hL,"WahEnumerateHandleContexts");
p[135] = GetProcAddress(hL,"WahInsertHandleContext");
p[136] = GetProcAddress(hL,"WahNotifyAllProcesses");
p[137] = GetProcAddress(hL,"WahOpenApcHelper");
p[138] = GetProcAddress(hL,"WahOpenCurrentThread");
p[139] = GetProcAddress(hL,"WahOpenHandleHelper");
p[140] = GetProcAddress(hL,"WahOpenNotificationHandleHelper");
p[141] = GetProcAddress(hL,"WahQueueUserApc");
p[142] = GetProcAddress(hL,"WahReferenceContextByHandle");
p[143] = GetProcAddress(hL,"WahRemoveHandleContext");
p[144] = GetProcAddress(hL,"WahWaitForNotification");
p[145] = GetProcAddress(hL,"WahWriteLSPEvent");
p[146] = GetProcAddress(hL,"__WSAFDIsSet");
p[147] = GetProcAddress(hL,"accept");
p[148] = GetProcAddress(hL,"bind");
p[149] = GetProcAddress(hL,"closesocket");
p[150] = GetProcAddress(hL,"connect");
p[151] = GetProcAddress(hL,"freeaddrinfo");
p[152] = GetProcAddress(hL,"getaddrinfo");
p[153] = GetProcAddress(hL,"gethostbyaddr");
p[154] = GetProcAddress(hL,"gethostbyname");
p[155] = GetProcAddress(hL,"gethostname");
p[156] = GetProcAddress(hL,"getnameinfo");
p[157] = GetProcAddress(hL,"getpeername");
p[158] = GetProcAddress(hL,"getprotobyname");
p[159] = GetProcAddress(hL,"getprotobynumber");
p[160] = GetProcAddress(hL,"getservbyname");
p[161] = GetProcAddress(hL,"getservbyport");
p[162] = GetProcAddress(hL,"getsockname");
p[163] = GetProcAddress(hL,"getsockopt");
p[164] = GetProcAddress(hL,"htonl");
p[165] = GetProcAddress(hL,"htons");
p[166] = GetProcAddress(hL,"inet_addr");
p[167] = GetProcAddress(hL,"inet_ntoa");
p[168] = GetProcAddress(hL,"inet_ntop");
p[169] = GetProcAddress(hL,"inet_pton");
p[170] = GetProcAddress(hL,"ioctlsocket");
p[171] = GetProcAddress(hL,"listen");
p[172] = GetProcAddress(hL,"ntohl");
p[173] = GetProcAddress(hL,"ntohs");
p[174] = GetProcAddress(hL,"recv");
p[175] = GetProcAddress(hL,"recvfrom");
p[176] = GetProcAddress(hL,"select");
p[177] = GetProcAddress(hL,"send");
p[178] = GetProcAddress(hL,"sendto");
p[179] = GetProcAddress(hL,"setsockopt");
p[180] = GetProcAddress(hL,"shutdown");
p[181] = GetProcAddress(hL,"socket");
}
if (reason == DLL_PROCESS_DETACH)
{
FreeLibrary(hL);
}
return 1;
}
// FreeAddrInfoEx
extern "C" __declspec(naked) void __stdcall __E__0__()
{
__asm
{
jmp p[0*4];
}
}
// FreeAddrInfoExW
extern "C" __declspec(naked) void __stdcall __E__1__()
{
__asm
{
jmp p[1*4];
}
}
// FreeAddrInfoW
extern "C" __declspec(naked) void __stdcall __E__2__()
{
__asm
{
jmp p[2*4];
}
}
// GetAddrInfoExA
extern "C" __declspec(naked) void __stdcall __E__3__()
{
__asm
{
jmp p[3*4];
}
}
// GetAddrInfoExW
extern "C" __declspec(naked) void __stdcall __E__4__()
{
__asm
{
jmp p[4*4];
}
}
...
我编译了它(使用 .def 文件)并得到了一个新的 proxy.dll 文件。 :-)
到目前为止一切顺利。现在,在我的 VBox win7 x64 上,我将原来的 ws2_32.dll 重命名为 ws2_32_.dll,将我的 proxy.dll 放在 C:\\Windows\\System32\\ 并将其重命名为 ws2_32.dll。由于 premmisions 问题,我使用 live-cd linux 完成了所有这些。
如您所见,代理加载了 ws2_32_.dll,所以我们应该没问题。
但是,当系统从启动返回时,每个使用 ws2_32.dll 的程序都会抛出错误,并且永远不会创建文件 C:\\load.txt。
我不知道文章中的那个人做了什么让它起作用。我在谷歌上读到你需要将 proxy.dll 放在与你想要运行代理 dll 的程序相同的目录中,但我正在寻找一个全局的解决方案。
也许是校验和问题?我读到 Microsoft 在其系统 PE 上使用了一些 secret 校验和。
谢谢,gfgqtmakia。
最佳答案
移动到 32 位,现在它可以工作了。
还有:
.dll 才能运行。 ( Dependency Walker ).dll。这比重新启动进入 Linux 更快。关于windows - 是否可以用代理 dll 替换系统 dll?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/13475993/
类classAprivatedeffooputs:fooendpublicdefbarputs:barendprivatedefzimputs:zimendprotecteddefdibputs:dibendendA的实例a=A.new测试a.foorescueputs:faila.barrescueputs:faila.zimrescueputs:faila.dibrescueputs:faila.gazrescueputs:fail测试输出failbarfailfailfail.发送测试[:foo,:bar,:zim,:dib,:gaz].each{|m|a.send(m)resc
我需要在客户计算机上运行Ruby应用程序。通常需要几天才能完成(复制大备份文件)。问题是如果启用sleep,它会中断应用程序。否则,计算机将持续运行数周,直到我下次访问为止。有什么方法可以防止执行期间休眠并让Windows在执行后休眠吗?欢迎任何疯狂的想法;-) 最佳答案 Here建议使用SetThreadExecutionStateWinAPI函数,使应用程序能够通知系统它正在使用中,从而防止系统在应用程序运行时进入休眠状态或关闭显示。像这样的东西:require'Win32API'ES_AWAYMODE_REQUIRED=0x0
给定这段代码defcreate@upgrades=User.update_all(["role=?","upgraded"],:id=>params[:upgrade])redirect_toadmin_upgrades_path,:notice=>"Successfullyupgradeduser."end我如何在该操作中实际验证它们是否已保存或未重定向到适当的页面和消息? 最佳答案 在Rails3中,update_all不返回任何有意义的信息,除了已更新的记录数(这可能取决于您的DBMS是否返回该信息)。http://ar.ru
使用带有Rails插件的vim,您可以创建一个迁移文件,然后一次性打开该文件吗?textmate也可以这样吗? 最佳答案 你可以使用rails.vim然后做类似的事情::Rgeneratemigratonadd_foo_to_bar插件将打开迁移生成的文件,这正是您想要的。我不能代表textmate。 关于ruby-使用VimRails,您可以创建一个新的迁移文件并一次性打开它吗?,我们在StackOverflow上找到一个类似的问题: https://sta
查看Ruby的CSV库的文档,我非常确定这是可能且简单的。我只需要使用Ruby删除CSV文件的前三列,但我没有成功运行它。 最佳答案 csv_table=CSV.read(file_path_in,:headers=>true)csv_table.delete("header_name")csv_table.to_csv#=>ThenewCSVinstringformat检查CSV::Table文档:http://ruby-doc.org/stdlib-1.9.2/libdoc/csv/rdoc/CSV/Table.html
在我的应用程序中,我需要能够找到所有数字子字符串,然后扫描每个子字符串,找到第一个匹配范围(例如5到15之间)的子字符串,并将该实例替换为另一个字符串“X”。我的测试字符串s="1foo100bar10gee1"我的初始模式是1个或多个数字的任何字符串,例如,re=Regexp.new(/\d+/)matches=s.scan(re)给出["1","100","10","1"]如果我想用“X”替换第N个匹配项,并且只替换第N个匹配项,我该怎么做?例如,如果我想替换第三个匹配项“10”(匹配项[2]),我不能只说s[matches[2]]="X"因为它做了两次替换“1fooX0barXg
这个问题在这里已经有了答案:Checktoseeifanarrayisalreadysorted?(8个答案)关闭9年前。我只是想知道是否有办法检查数组是否在增加?这是我的解决方案,但我正在寻找更漂亮的方法:n=-1@arr.flatten.each{|e|returnfalseife
我发现ActiveRecord::Base.transaction在复杂方法中非常有效。我想知道是否可以在如下事务中从AWSS3上传/删除文件:S3Object.transactiondo#writeintofiles#raiseanexceptionend引发异常后,每个操作都应在S3上回滚。S3Object这可能吗?? 最佳答案 虽然S3API具有批量删除功能,但它不支持事务,因为每个删除操作都可以独立于其他操作成功/失败。该API不提供任何批量上传功能(通过PUT或POST),因此每个上传操作都是通过一个独立的API调用完成的
我正在尝试用ruby中的gsub函数替换字符串中的某些单词,但有时效果很好,在某些情况下会出现此错误?这种格式有什么问题吗NoMethodError(undefinedmethod`gsub!'fornil:NilClass):模型.rbclassTest"replacethisID1",WAY=>"replacethisID2andID3",DELTA=>"replacethisID4"}end另一个模型.rbclassCheck 最佳答案 啊,我找到了!gsub!是一个非常奇怪的方法。首先,它替换了字符串,所以它实际上修改了
我有一个包含多个键的散列和一个字符串,该字符串不包含散列中的任何键或包含一个键。h={"k1"=>"v1","k2"=>"v2","k3"=>"v3"}s="thisisanexamplestringthatmightoccurwithakeysomewhereinthestringk1(withspecialcharacterslike(^&*$#@!^&&*))"检查s是否包含h中的任何键的最佳方法是什么,如果包含,则返回它包含的键的值?例如,对于上面的h和s的例子,输出应该是v1。编辑:只有字符串是用户定义的。哈希将始终相同。 最佳答案