一个REVERSEME练习的完成思路
原贴下载地址:https://www.chinapyg.com/viewthread.php?tid=5170&extra=page%3D1具体要求如下文介绍:
CaptREsReMe1
============
- Injecting your Dll into the target at runtime -
This is my first ReverseMe and I hope you'll like it.
GOAL:
-----
You must insert a MenuItem called "Detour" into the menu of the
ReverseMe. When clicking this MenuItem, it should call a function inside
a Dll that you will have to code yourself. This function should show the
RunDialog-box (like the one in the Windows "Start"-menu.... Hint: call by
Ordinal in Shell32.dll). When executed, the RunDialog should show the Icon
of the ReverseMe. You MUST do this by pushing the handle of the Icon to the
call of your function inside your DLL. The OK-button of the RunDialog must
be disabled when the RunDialog opens (and enabled when entering something in
the editbox of the dialog). Afterwards the code-execution will have to
return
to the ReverseMe without exiting the program.
And now the fun part of it all............
RESTRICTIONS:
-------------
All of the patches that you apply will have to be done AT RUNTIME
(hint: WriteProcessMemory). So, you will have to leave the ReverseMe
itself totally unpatched/unchanged.
Send me an Email if you have any questions or want to have my solution....
[email protected]
Thanx:
------
Special thanks to Iczelion for supplying the skeletons on his site.
翻译一下,呵呵~~~~~~~~
主要要求有二:
1、在REVERSEME窗口中加入一个新的菜单
2、这个新加菜单的功能为调用系统自带的运行对话框,并且把REVERSEME的图标显示在对话框里。
解决思路:
其实要求中已经给出了提示,只要实现就可以了,要注意读题啊,呵呵~~~~~~~~
1、应用钩子,将DLL注入到REVERSEME进程空间中。
2、将REVERSEME的窗口过程子类化,调用DLL中的新的过程,实现新加菜单的功能。
3、以序数方式调用SHELL32。DLL中的未公开的函数,调用系统运行对话框(运行对话框的输出序号为61)。
具体的技术在论坛或网上都可找到资料。。。。。。。。。。。。。。。
[ 本帖最后由 caterpilla 于 2006-6-17 14:17 编辑 ] 老兄,搞定了?
这可是新知识呀。。。
+++++++++++++++++==
报告楼主!程序运行不了。。。
[ 本帖最后由 野猫III 于 2006-6-18 18:37 编辑 ] 原帖由 野猫III 于 2006-6-18 18:30 发表
老兄,搞定了?
这可是新知识呀。。。
+++++++++++++++++==
报告楼主!程序运行不了。。。
需要把原始的REVERSEME下载下来,然后再安装这个LOADER,是动态修改原程序运行的。 英语水平不错吗/:good /:017
页:
[1]