更改windows api调用的返回值 [英] Changing return value of windows api call
问题描述
有一个应用程序使用GetFileVersion api来检索exe文件的产品版本。我想改变那个api的返回值。我无法从文件更改产品版本,因为我不应该修改它。我不需要实际更改返回值,我可以更改文件名参数或类似的东西。我试过这些:
- 使用函数挂钩,失败,太复杂,
- 使用代理dll进行winapi调用,失败,再过于复杂,
- 使用反汇编程序和修补参数值,失败。
任何简单的想法?
谢谢
Hi,
There is an application which uses GetFileVersion api to retrive product version of an exe file. I want to change the return value from that api. I can't change product version from file because i shouldn't modify it. I don't need to change the return value actually, i can change file name parameter or something like that. I've tried these:
- Using function hooking, failed, too complicated,
- Using proxy dll for winapi calls, failed, again too complicated,
- Using dissassembler and patching parameter value, failed.
Any easy ideas?
Thanks
推荐答案
你所描述的内容听起来就像你有2个应用程序:其中有一个GetFileVersion()调用(这是你的程序?),它查看第二个.exe文件,程序#1从#2中提取信息。可用的解决方案是修改app#2中的信息或修改app#1中的逻辑。如果app#1是您的文件,答案很简单。如果没有,我会去拆解代码并修补你想要的任何逻辑。
一种让这更容易的方法就是自己编写一个程序转换语言(本机而不是IL),转储生成的汇编代码并将其插入app#1 ...
What you are describing sounds like you have 2 applications: One that has a GetFileVersion() call in it (is this your program?), which looks at the second .exe file, and program #1 extracts the information from #2. The possible solutions available to you are modify the info in app #2 or modify the logic in app #1. If app #1 is your file, the answer is straightforward. If not, I would go with disassembling the code and patching whatever logic you want in it.
A way to make this easier is to write your own program in a high level language (native not IL), dump the generated assembly code and insert that into app #1...
查看最简单的方法是有一个内部调用此函数的包装器函数然后返回符合您要求的值。但是如果你想修改使用GetFileVersion功能的现有代码,这可能不是最佳选择。
See the easiest way would be to have a wrapper funtion which internally calls this funciton and then returns a value that meets your requirement. But this may not be best option if you are looking to modify existing code which usages GetFileVersion funtions.
谢谢你们,
首先,它不是要破解东西。
我尝试了一些复杂的东西,我想也许有一种更容易的方法。似乎没有。实际上我在装配和逆向工程方面并不差,我会试一试。
再次感谢
Thanks guys,
First it's not about cracking stuff.
I've tried some complicated stuff and i thought maybe there is a easier way to do it. It seems there is not. I'm not that bad at assembly and reverse engineering actually, i will give it a shot.
Thanks again
这篇关于更改windows api调用的返回值的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
