Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
80d46e9
commit 289a50b
Showing
1 changed file
with
52 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| # 外挂设计与分析 | ||
|
|
||
| ------ | ||
|
|
||
| > * 01一个简单的内存外挂 | ||
| > * 02从基址读取数据 | ||
| > * 03自动模拟操作功能 | ||
| > * 04简单DLL注入游戏 | ||
| > * 05简单DLL劫持 | ||
| > * 06瞄准辅助 | ||
| > * 07简单进程保护 | ||
|
|
||
| ------ | ||
| <br><br> | ||
|
|
||
| ## 01一个简单的内存外挂<br> | ||
| <br> | ||
| 通过C语言编写一个简单的外挂,通过API函数修改游戏数据,从而实现作弊功能 | ||
| <br><br><br><br><br><br> | ||
|
|
||
|
|
||
| ## 02从基址读取数据<br> | ||
| <br> | ||
| 通过C语言编写一个外挂,通过API函数获取游戏数据,从而实现作弊功能 | ||
| <br><br><br><br><br><br> | ||
|
|
||
|
|
||
| ## 03自动模拟操作功能<br> | ||
| <br> | ||
| 通过C语言编写一个外挂,通过API函数模拟进行连连看操作,实现自动进行游戏 | ||
| <br><br><br><br><br><br> | ||
|
|
||
| ## 04简单DLL注入游戏<br> | ||
| <br> | ||
| 通过C语言编写一个DLL文件和一个EXE文件,其中DLL包含作弊功能,运行EXE后将DLL注入游戏,使得游戏仅靠自身进程便可以实现作弊功能 | ||
| <br><br><br><br><br><br> | ||
|
|
||
| ## 05简单DLL劫持<br> | ||
| <br> | ||
| 通过C语言编写一个游戏要加载的系统DLL文件(lpk.dll),其中假DLL包含劫持功能和作弊功能且拥有相同的导出函数,将该假DLL放入游戏相同目录下,游戏打开时会自动加载该假DLL,使游戏直接包含作弊功能 | ||
| <br><br><br><br><br><br> | ||
|
|
||
| ## 06瞄准辅助<br> | ||
| <br> | ||
| 通过简单GDI绘图,使游戏窗口上出现设计好的辅助线作为准星,并且可手动调节准星的形状、大小、颜色等 | ||
| <br><br><br><br><br><br> | ||
|
|
||
| ## 07简单进程保护<br> | ||
| <br> | ||
| 通过编写简单的进程hook保护驱动并运行,分析如何解除驱动保护 | ||
| <br><br><br><br><br><br> |