如何判断打开文件的方法 [英] How to tell what method opens a file

问题描述

有什么方法可以告诉您哪种方法打开了文件?我正在使用C#，并试图覆盖使用的方法.我将DLL注入了下来，并且可以从程序本身内部运行代码，但是我一直期望的方法未用于打开文件.

注意:我挂接的进程不是我的进程.我无法控制它使用什么方法打开文件.我所能做的就是覆盖打开文件命令，以将其强制为共享状态.

更多信息:
依赖项转储可以在这里找到:http://pastebin.com/CCkpWuq4

尽管最初加载的库的列表为:
wsock32.dll
kernel32.dll
user32.dll
shell32.dll
comctl32.dll
ole32.dll
oleaut.dll
version.dll
gdi32.dll
advapi32.dll
winmm.dll
msacm32.dll

Is there any way to tell what method has opened a file? I am using C#, and am trying to override the method used. I have the DLL injection down, and can run code from within the program itself, but the method I had been expecting was not used to open the file.

Note: The process I am hooking is not my process. I have no control of what method it uses to open the file. All I can do is override the open file command to force it into a shared state.

More Info:
A dump of dependencies can be found here: http://pastebin.com/CCkpWuq4

Though the list of initially loaded Libraries is:
wsock32.dll
kernel32.dll
user32.dll
shell32.dll
comctl32.dll
ole32.dll
oleaut.dll
version.dll
gdi32.dll
advapi32.dll
winmm.dll
msacm32.dll

推荐答案

阅读所用库的文档.致电/发送电子邮件给您正在使用的图书馆的服务台.使用诸如 JustDecompile [

Read the documentation of the library you are using. Call/email the support desk of the library you are using. Use a tool such as JustDecompile[^] to decompile and read the code of each Method. Try all overridable Methods until you get the right one (the Method you want may not even be overridable). Make a random guess. At least tell us which library you are using (if it is something we might know) so we might be able to tell you.
Pick one! ;)

目标是.Net程序集吗? (如果不是，为什么标记问题C#?)如果是这样，则几乎可以肯定是使用File.Open或FileStream(如果它是读/写文件).如果不是，则可能会使用fopen–如果不是.Net，您将无法覆盖任何内容.

您最好使用反编译器，找到文件访问代码并更改原始文件中的共享参数.可能会破坏许可协议，但是如果作者不再对游戏没兴趣，那就没关系了.

Is the target a .Net Assembly? (If not, why tag the question C#?) If so, it is almost certainly using File.Open, or FileStream, if it is a read/write file. If not, it will likely be using fopen – and if it''s not .Net you aren''t going to be able to override anything.

You may well be best off using a decompiler, finding the file access code and changing the sharing argument in the original. That probably breaks the licence agreement but if the author is no longer interested in the game that probably doesn''t matter.

不幸的是，尝试和错误.

我一直希望在句柄中找到一个简单的方法标识符，或者也许是一个更简单的方法.

Trial and error, unfortunately.

I had been hoping for an easy method identifier in the handle, or maybe an easier way.

这篇关于如何判断打开文件的方法的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！