设为首页收藏本站
开启辅助访问 切换到宽版

看流星社区

 找回密码
 注册账号
看流星社区»看流星社区 » 【编程技术】 其它编程技术 关于D3D注入受驱动保护的游戏 例如(DNF.exe)
返回列表 发新帖
查看: 2754|回复: 1

[Delphi] 关于D3D注入受驱动保护的游戏 例如(DNF.exe)

[复制链接]
恋爱的犀牛

该用户从未签到
发表于 2011-3-18 16:59:08 | 显示全部楼层 |阅读模式
目前我用的有2种方法 :   
  1:替换游戏要加载的DLL 来达到注入自己DLL ,有些游戏有MD5校验文件 无法替换游戏目录的DLL , 只能替换系统目录的文件、
  2:输入法注入,他游戏再怎么保护不可能不让打字吧! 自己写个输入法的IME文件 安装完给游戏发送个输入发消息
  (WM_INPUTLANGCHANGEREQUEST),让他切换到你自己安装的输入法!
  3:替换SPI文件 也是第一种方法 , 网络流传叫啥网络注入的!囧

  2. library d3d8thk;
  3. {这个编译出来的直接替换System32文件夹里的d3d8thk.dll}
  4. uses
  5. Windows;
  6. {$R *.res}
  7. var
  8. ModHandle: Cardinal;
  9. POldOsThunkD3dContextCreate: Pointer;
  10. POldOsThunkD3dContextDestroy: Pointer;
  11. POldOsThunkD3dContextDestroyAll: Pointer;
  12. POldOsThunkD3dDrawPrimitives2: Pointer;
  13. POldOsThunkD3dValidateTextureStageState: Pointer;
  14. POldOsThunkDdAddAttachedSurface: Pointer;
  15. POldOsThunkDdAlphaBlt: Pointer;
  16. POldOsThunkDdAttachSurface: Pointer;
  17. POldOsThunkDdBeginMoCompFrame: Pointer;
  18. POldOsThunkDdBlt: Pointer;
  19. POldOsThunkDdCanCreateD3DBuffer: Pointer;
  20. POldOsThunkDdCanCreateSurface: Pointer;
  21. POldOsThunkDdColorControl: Pointer;
  22. POldOsThunkDdCreateD3DBuffer: Pointer;
  23. POldOsThunkDdCreateDirectDrawObject: Pointer;
  24. POldOsThunkDdCreateMoComp: Pointer;
  25. POldOsThunkDdCreateSurface: Pointer;
  26. POldOsThunkDdCreateSurfaceEx: Pointer;
  27. POldOsThunkDdCreateSurfaceObject: Pointer;
  28. POldOsThunkDdDeleteDirectDrawObject: Pointer;
  29. POldOsThunkDdDeleteSurfaceObject: Pointer;
  30. POldOsThunkDdDestroyD3DBuffer: Pointer;
  31. POldOsThunkDdDestroyMoComp: Pointer;
  32. POldOsThunkDdDestroySurface: Pointer;
  33. POldOsThunkDdEndMoCompFrame: Pointer;
  34. POldOsThunkDdFlip: Pointer;
  35. POldOsThunkDdFlipToGDISurface: Pointer;
  36. POldOsThunkDdGetAvailDriverMemory: Pointer;
  37. POldOsThunkDdGetBltStatus: Pointer;
  38. POldOsThunkDdGetDC: Pointer;
  39. POldOsThunkDdGetDriverInfo: Pointer;
  40. POldOsThunkDdGetDriverState: Pointer;
  41. POldOsThunkDdGetDxHandle: Pointer;
  42. POldOsThunkDdGetFlipStatus: Pointer;
  43. POldOsThunkDdGetInternalMoCompInfo: Pointer;
  44. POldOsThunkDdGetMoCompBuffInfo: Pointer;
  45. POldOsThunkDdGetMoCompFormats: Pointer;
  46. POldOsThunkDdGetMoCompGuids: Pointer;
  47. POldOsThunkDdGetScanLine: Pointer;
  48. POldOsThunkDdLock: Pointer;
  49. POldOsThunkDdLockD3D: Pointer;
  50. POldOsThunkDdQueryDirectDrawObject: Pointer;
  51. POldOsThunkDdQueryMoCompStatus: Pointer;
  52. POldOsThunkDdReenableDirectDrawObject: Pointer;
  53. POldOsThunkDdReleaseDC: Pointer;
  54. POldOsThunkDdRenderMoComp: Pointer;
  55. POldOsThunkDdResetVisrgn: Pointer;
  56. POldOsThunkDdSetColorKey: Pointer;
  57. POldOsThunkDdSetExclusiveMode: Pointer;
  58. POldOsThunkDdSetGammaRamp: Pointer;
  59. POldOsThunkDdSetOverlayPosition: Pointer;
  60. POldOsThunkDdUnattachSurface: Pointer;
  61. POldOsThunkDdUnlock: Pointer;
  62. POldOsThunkDdUnlockD3D: Pointer;
  63. POldOsThunkDdUpdateOverlay: Pointer;
  64. POldOsThunkDdWaitForVerticalBlank: Pointer;
  65. procedure OsThunkD3dContextCreate; asm jmp POldOsThunkD3dContextCreate end;
  66. procedure OsThunkD3dContextDestroy; asm jmp POldOsThunkD3dContextDestroy end;
  67. procedure OsThunkD3dContextDestroyAll; asm jmp POldOsThunkD3dContextDestroyAll end;
  68. procedure OsThunkD3dDrawPrimitives2; asm jmp POldOsThunkD3dDrawPrimitives2 end;
  69. procedure OsThunkD3dValidateTextureStageState; asm jmp POldOsThunkD3dValidateTextureStageState end;
  70. procedure OsThunkDdAddAttachedSurface; asm jmp POldOsThunkDdAddAttachedSurface end;
  71. procedure OsThunkDdAlphaBlt; asm jmp POldOsThunkDdAlphaBlt end;
  72. procedure OsThunkDdAttachSurface; asm jmp POldOsThunkDdAttachSurface end;
  73. procedure OsThunkDdBeginMoCompFrame; asm jmp POldOsThunkDdBeginMoCompFrame end;
  74. procedure OsThunkDdBlt; asm jmp POldOsThunkDdBlt end;
  75. procedure OsThunkDdCanCreateD3DBuffer; asm jmp POldOsThunkDdCanCreateD3DBuffer end;
  76. procedure OsThunkDdCanCreateSurface; asm jmp POldOsThunkDdCanCreateSurface end;
  77. procedure OsThunkDdColorControl; asm jmp POldOsThunkDdColorControl end;
  78. procedure OsThunkDdCreateD3DBuffer; asm jmp POldOsThunkDdCreateD3DBuffer end;
  79. procedure OsThunkDdCreateDirectDrawObject; asm jmp POldOsThunkDdCreateDirectDrawObject end;
  80. procedure OsThunkDdCreateMoComp; asm jmp POldOsThunkDdCreateMoComp end;
  81. procedure OsThunkDdCreateSurface; asm jmp POldOsThunkDdCreateSurface end;
  82. procedure OsThunkDdCreateSurfaceEx; asm jmp POldOsThunkDdCreateSurfaceEx end;
  83. procedure OsThunkDdCreateSurfaceObject; asm jmp POldOsThunkDdCreateSurfaceObject end;
  84. procedure OsThunkDdDeleteDirectDrawObject; asm jmp POldOsThunkDdDeleteDirectDrawObject end;
  85. procedure OsThunkDdDeleteSurfaceObject; asm jmp POldOsThunkDdDeleteSurfaceObject end;
  86. procedure OsThunkDdDestroyD3DBuffer; asm jmp POldOsThunkDdDestroyD3DBuffer end;
  87. procedure OsThunkDdDestroyMoComp; asm jmp POldOsThunkDdDestroyMoComp end;
  88. procedure OsThunkDdDestroySurface; asm jmp POldOsThunkDdDestroySurface end;
  89. procedure OsThunkDdEndMoCompFrame; asm jmp POldOsThunkDdEndMoCompFrame end;
  90. procedure OsThunkDdFlip; asm jmp POldOsThunkDdFlip end;
  91. procedure OsThunkDdFlipToGDISurface; asm jmp POldOsThunkDdFlipToGDISurface end;
  92. procedure OsThunkDdGetAvailDriverMemory; asm jmp POldOsThunkDdGetAvailDriverMemory end;
  93. procedure OsThunkDdGetBltStatus; asm jmp POldOsThunkDdGetBltStatus end;
  94. procedure OsThunkDdGetDC; asm jmp POldOsThunkDdGetDC end;
  95. procedure OsThunkDdGetDriverInfo; asm jmp POldOsThunkDdGetDriverInfo end;
  96. procedure OsThunkDdGetDriverState; asm jmp POldOsThunkDdGetDriverState end;
  97. procedure OsThunkDdGetDxHandle; asm jmp POldOsThunkDdGetDxHandle end;
  98. procedure OsThunkDdGetFlipStatus; asm jmp POldOsThunkDdGetFlipStatus end;
  99. procedure OsThunkDdGetInternalMoCompInfo; asm jmp POldOsThunkDdGetInternalMoCompInfo end;
  100. procedure OsThunkDdGetMoCompBuffInfo; asm jmp POldOsThunkDdGetMoCompBuffInfo end;
  101. procedure OsThunkDdGetMoCompFormats; asm jmp POldOsThunkDdGetMoCompFormats end;
  102. procedure OsThunkDdGetMoCompGuids; asm jmp POldOsThunkDdGetMoCompGuids end;
  103. procedure OsThunkDdGetScanLine; asm jmp POldOsThunkDdGetScanLine end;
  104. procedure OsThunkDdLock; asm jmp POldOsThunkDdLock end;
  105. procedure OsThunkDdLockD3D; asm jmp POldOsThunkDdLockD3D end;
  106. procedure OsThunkDdQueryDirectDrawObject; asm jmp POldOsThunkDdQueryDirectDrawObject end;
  107. procedure OsThunkDdQueryMoCompStatus; asm jmp POldOsThunkDdQueryMoCompStatus end;
  108. procedure OsThunkDdReenableDirectDrawObject; asm jmp POldOsThunkDdReenableDirectDrawObject end;
  109. procedure OsThunkDdReleaseDC; asm jmp POldOsThunkDdReleaseDC end;
  110. procedure OsThunkDdRenderMoComp; asm jmp POldOsThunkDdRenderMoComp end;
  111. procedure OsThunkDdResetVisrgn; asm jmp POldOsThunkDdResetVisrgn end;
  112. procedure OsThunkDdSetColorKey; asm jmp POldOsThunkDdSetColorKey end;
  113. procedure OsThunkDdSetExclusiveMode; asm jmp POldOsThunkDdSetExclusiveMode end;
  114. procedure OsThunkDdSetGammaRamp; asm jmp POldOsThunkDdSetGammaRamp end;
  115. procedure OsThunkDdSetOverlayPosition; asm jmp POldOsThunkDdSetOverlayPosition end;
  116. procedure OsThunkDdUnattachSurface; asm jmp POldOsThunkDdUnattachSurface end;
  117. procedure OsThunkDdUnlock; asm jmp POldOsThunkDdUnlock end;
  118. procedure OsThunkDdUnlockD3D; asm jmp POldOsThunkDdUnlockD3D end;
  119. procedure OsThunkDdUpdateOverlay; asm jmp POldOsThunkDdUpdateOverlay end;
  120. procedure OsThunkDdWaitForVerticalBlank; asm jmp POldOsThunkDdWaitForVerticalBlank end;
  121. procedure MyCode();
  122. begin
  123.   //这里写你的代码
  124. end;
  125. exports
  126. OsThunkD3dContextCreate,
  127. OsThunkD3dContextDestroy,
  128. OsThunkD3dContextDestroyAll,
  129. OsThunkD3dDrawPrimitives2,
  130. OsThunkD3dValidateTextureStageState,
  131. OsThunkDdAddAttachedSurface,
  132. OsThunkDdAlphaBlt,
  133. OsThunkDdAttachSurface,
  134. OsThunkDdBeginMoCompFrame,
  135. OsThunkDdBlt,
  136. OsThunkDdCanCreateD3DBuffer,
  137. OsThunkDdCanCreateSurface,
  138. OsThunkDdColorControl,
  139. OsThunkDdCreateD3DBuffer,
  140. OsThunkDdCreateDirectDrawObject,
  141. OsThunkDdCreateMoComp,
  142. OsThunkDdCreateSurface,
  143. OsThunkDdCreateSurfaceEx,
  144. OsThunkDdCreateSurfaceObject,
  145. OsThunkDdDeleteDirectDrawObject,
  146. OsThunkDdDeleteSurfaceObject,
  147. OsThunkDdDestroyD3DBuffer,
  148. OsThunkDdDestroyMoComp,
  149. OsThunkDdDestroySurface,
  150. OsThunkDdEndMoCompFrame,
  151. OsThunkDdFlip,
  152. OsThunkDdFlipToGDISurface,
  153. OsThunkDdGetAvailDriverMemory,
  154. OsThunkDdGetBltStatus,
  155. OsThunkDdGetDC,
  156. OsThunkDdGetDriverInfo,
  157. OsThunkDdGetDriverState,
  158. OsThunkDdGetDxHandle,
  159. OsThunkDdGetFlipStatus,
  160. OsThunkDdGetInternalMoCompInfo,
  161. OsThunkDdGetMoCompBuffInfo,
  162. OsThunkDdGetMoCompFormats,
  163. OsThunkDdGetMoCompGuids,
  164. OsThunkDdGetScanLine,
  165. OsThunkDdLock,
  166. OsThunkDdLockD3D,
  167. OsThunkDdQueryDirectDrawObject,
  168. OsThunkDdQueryMoCompStatus,
  169. OsThunkDdReenableDirectDrawObject,
  170. OsThunkDdReleaseDC,
  171. OsThunkDdRenderMoComp,
  172. OsThunkDdResetVisrgn,
  173. OsThunkDdSetColorKey,
  174. OsThunkDdSetExclusiveMode,
  175. OsThunkDdSetGammaRamp,
  176. OsThunkDdSetOverlayPosition,
  177. OsThunkDdUnattachSurface,
  178. OsThunkDdUnlock,
  179. OsThunkDdUnlockD3D,
  180. OsThunkDdUpdateOverlay,
  181. OsThunkDdWaitForVerticalBlank;
  182. begin
  183. ModHandle:= LoadLibrary('C:\WINDOWS\DRT.DLL');  //这里是原来的 d3d8thk.dll 假设你施放到了C:\WINDOWS\DRT.DLL
  184. if ModHandle > 0 then
  185. begin
  186. POldOsThunkD3dContextCreate:= GetProcAddress(ModHandle, 'OsThunkD3dContextCreate');
  187. POldOsThunkD3dContextDestroy:= GetProcAddress(ModHandle, 'OsThunkD3dContextDestroy');
  188. POldOsThunkD3dContextDestroyAll:= GetProcAddress(ModHandle, 'OsThunkD3dContextDestroyAll');
  189. POldOsThunkD3dDrawPrimitives2:= GetProcAddress(ModHandle, 'OsThunkD3dDrawPrimitives2');
  190. POldOsThunkD3dValidateTextureStageState:= GetProcAddress(ModHandle, 'OsThunkD3dValidateTextureStageState');
  191. POldOsThunkDdAddAttachedSurface:= GetProcAddress(ModHandle, 'OsThunkDdAddAttachedSurface');
  192. POldOsThunkDdAlphaBlt:= GetProcAddress(ModHandle, 'OsThunkDdAlphaBlt');
  193. POldOsThunkDdAttachSurface:= GetProcAddress(ModHandle, 'OsThunkDdAttachSurface');
  194. POldOsThunkDdBeginMoCompFrame:= GetProcAddress(ModHandle, 'OsThunkDdBeginMoCompFrame');
  195. POldOsThunkDdBlt:= GetProcAddress(ModHandle, 'OsThunkDdBlt');
  196. POldOsThunkDdCanCreateD3DBuffer:= GetProcAddress(ModHandle, 'OsThunkDdCanCreateD3DBuffer');
  197. POldOsThunkDdCanCreateSurface:= GetProcAddress(ModHandle, 'OsThunkDdCanCreateSurface');
  198. POldOsThunkDdColorControl:= GetProcAddress(ModHandle, 'OsThunkDdColorControl');
  199. POldOsThunkDdCreateD3DBuffer:= GetProcAddress(ModHandle, 'OsThunkDdCreateD3DBuffer');
  200. POldOsThunkDdCreateDirectDrawObject:= GetProcAddress(ModHandle, 'OsThunkDdCreateDirectDrawObject');
  201. POldOsThunkDdCreateMoComp:= GetProcAddress(ModHandle, 'OsThunkDdCreateMoComp');
  202. POldOsThunkDdCreateSurface:= GetProcAddress(ModHandle, 'OsThunkDdCreateSurface');
  203. POldOsThunkDdCreateSurfaceEx:= GetProcAddress(ModHandle, 'OsThunkDdCreateSurfaceEx');
  204. POldOsThunkDdCreateSurfaceObject:= GetProcAddress(ModHandle, 'OsThunkDdCreateSurfaceObject');
  205. POldOsThunkDdDeleteDirectDrawObject:= GetProcAddress(ModHandle, 'OsThunkDdDeleteDirectDrawObject');
  206. POldOsThunkDdDeleteSurfaceObject:= GetProcAddress(ModHandle, 'OsThunkDdDeleteSurfaceObject');
  207. POldOsThunkDdDestroyD3DBuffer:= GetProcAddress(ModHandle, 'OsThunkDdDestroyD3DBuffer');
  208. POldOsThunkDdDestroyMoComp:= GetProcAddress(ModHandle, 'OsThunkDdDestroyMoComp');
  209. POldOsThunkDdDestroySurface:= GetProcAddress(ModHandle, 'OsThunkDdDestroySurface');
  210. POldOsThunkDdEndMoCompFrame:= GetProcAddress(ModHandle, 'OsThunkDdEndMoCompFrame');
  211. POldOsThunkDdFlip:= GetProcAddress(ModHandle, 'OsThunkDdFlip');
  212. POldOsThunkDdFlipToGDISurface:= GetProcAddress(ModHandle, 'OsThunkDdFlipToGDISurface');
  213. POldOsThunkDdGetAvailDriverMemory:= GetProcAddress(ModHandle, 'OsThunkDdGetAvailDriverMemory');
  214. POldOsThunkDdGetBltStatus:= GetProcAddress(ModHandle, 'OsThunkDdGetBltStatus');
  215. POldOsThunkDdGetDC:= GetProcAddress(ModHandle, 'OsThunkDdGetDC');
  216. POldOsThunkDdGetDriverInfo:= GetProcAddress(ModHandle, 'OsThunkDdGetDriverInfo');
  217. POldOsThunkDdGetDriverState:= GetProcAddress(ModHandle, 'OsThunkDdGetDriverState');
  218. POldOsThunkDdGetDxHandle:= GetProcAddress(ModHandle, 'OsThunkDdGetDxHandle');
  219. POldOsThunkDdGetFlipStatus:= GetProcAddress(ModHandle, 'OsThunkDdGetFlipStatus');
  220. POldOsThunkDdGetInternalMoCompInfo:= GetProcAddress(ModHandle, 'OsThunkDdGetInternalMoCompInfo');
  221. POldOsThunkDdGetMoCompBuffInfo:= GetProcAddress(ModHandle, 'OsThunkDdGetMoCompBuffInfo');
  222. POldOsThunkDdGetMoCompFormats:= GetProcAddress(ModHandle, 'OsThunkDdGetMoCompFormats');
  223. POldOsThunkDdGetMoCompGuids:= GetProcAddress(ModHandle, 'OsThunkDdGetMoCompGuids');
  224. POldOsThunkDdGetScanLine:= GetProcAddress(ModHandle, 'OsThunkDdGetScanLine');
  225. POldOsThunkDdLock:= GetProcAddress(ModHandle, 'OsThunkDdLock');
  226. POldOsThunkDdLockD3D:= GetProcAddress(ModHandle, 'OsThunkDdLockD3D');
  227. POldOsThunkDdQueryDirectDrawObject:= GetProcAddress(ModHandle, 'OsThunkDdQueryDirectDrawObject');
  228. POldOsThunkDdQueryMoCompStatus:= GetProcAddress(ModHandle, 'OsThunkDdQueryMoCompStatus');
  229. POldOsThunkDdReenableDirectDrawObject:= GetProcAddress(ModHandle, 'OsThunkDdReenableDirectDrawObject');
  230. POldOsThunkDdReleaseDC:= GetProcAddress(ModHandle, 'OsThunkDdReleaseDC');
  231. POldOsThunkDdRenderMoComp:= GetProcAddress(ModHandle, 'OsThunkDdRenderMoComp');
  232. POldOsThunkDdResetVisrgn:= GetProcAddress(ModHandle, 'OsThunkDdResetVisrgn');
  233. POldOsThunkDdSetColorKey:= GetProcAddress(ModHandle, 'OsThunkDdSetColorKey');
  234. POldOsThunkDdSetExclusiveMode:= GetProcAddress(ModHandle, 'OsThunkDdSetExclusiveMode');
  235. POldOsThunkDdSetGammaRamp:= GetProcAddress(ModHandle, 'OsThunkDdSetGammaRamp');
  236. POldOsThunkDdSetOverlayPosition:= GetProcAddress(ModHandle, 'OsThunkDdSetOverlayPosition');
  237. POldOsThunkDdUnattachSurface:= GetProcAddress(ModHandle, 'OsThunkDdUnattachSurface');
  238. POldOsThunkDdUnlock:= GetProcAddress(ModHandle, 'OsThunkDdUnlock');
  239. POldOsThunkDdUnlockD3D:= GetProcAddress(ModHandle, 'OsThunkDdUnlockD3D');
  240. POldOsThunkDdUpdateOverlay:= GetProcAddress(ModHandle, 'OsThunkDdUpdateOverlay');
  241. POldOsThunkDdWaitForVerticalBlank:= GetProcAddress(ModHandle, 'OsThunkDdWaitForVerticalBlank');
  242. end;
  243. MyCode;      //加载完原DLL函数然后执行我们自定义代码
  244. end.
复制代码
回复

举报

制造末日

该用户从未签到
发表于 2011-3-22 13:03:27 | 显示全部楼层
没看懂。。
回复 支持 反对

举报

返回列表 发新帖
点击按钮快速添加回复内容: 支持 高兴 激动 给力 加油 苦寻 生气 回帖 路过 感恩
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册账号

本版积分规则

小黑屋|手机版|Archiver|看流星社区 |网站地图

GMT+8, 2024-4-20 17:05

Powered by Kanliuxing X3.4

© 2010-2019 kanliuxing.com

快速回复 返回顶部 返回列表