首页 > 系统相关 >使用Delphi编写DLL劫持内存补丁

使用Delphi编写DLL劫持内存补丁

时间:2023-07-28 18:33:26浏览次数:44  
标签:end Delphi 补丁 DLL asm ModHandle GetProcAddress jmp procedure

在有些破解程序时,不能暴力修改程序,修改后,程序就不能正常运行,因为很多程序启动时有自我的校验,但是当程序加载到内存后,在内存中修改相应的地方就可以达到破解的效果。那么怎样在不破坏程序的前提下,达到修改程序呢?

当一个可执行文件运行时,Windows加载器将可执行模块映射到进程的地址空间中,加载器分析可执行模块的输入表,并设法找出任何需要的DLL,并将它们映射到进程的地址空间中。由于输入表中只包含DLL名而没有它的路径名,因此加载程序必须在磁盘上搜索DLL文件。首先会尝试从当前程序所在的目录加载DLL,如果没找到,则在Windows系统目录查找,最后是在环境变量中列出的各个目录下查找。利用这个特点,先伪造一个系统同名的DLL,提供同样的输出表,每个输出函数转向真正的系统DLL。程序调用系统DLL时会先调用当前目录下伪造的DLL,完成相关功能后,再跳到系统DLL同名函数里执行。这个过程用个形象的词来描述就是系统DLL被劫持了。

我们常用的系统的DLL有:

lpk.dll、msimg32.dll、version.dll、winmm.dll、usp10.dll、uxtheme.dll 等

为了完成对软件的破解,需要按以下步骤进行:

1、首先分析要破解的软件(以ZY_Modbus_Slave_sim.exe为例)调用了那些系统的dll文件,可以使用微软出品的进程资源管理器procexp64 https://download.sysinternals.com/files/ProcessExplorer.zip

该软件调用了操作系统的uxtheme.dll文件

2、使用dllexp工具,分析出该系统untheme.dll的所有函数

将所有的函数名称保留出来,如下:

3、打开Delphi,创建一个Dll文件项目,项目名称修改保存为uxtheme,

根据每个函数名新建一个对应的指针,例如:

BeginBufferedAnimation 新建一个指针 PoldBeginBufferedAnimation: Pointer; 对应创建一个过程: procedure BeginBufferedAnimation;   asm jmp PoldBeginBufferedAnimation end; 即原程序调用BeginBufferedAnimation函数时,自动调用 PoldBeginBufferedAnimation 程序在启动时 将PoldBeginBufferedAnimation 指向原系统的 BeginBufferedAnimation函数 PoldBeginBufferedAnimation := GetProcAddress(ModHandle, 'BeginBufferedAnimation'); 这样就可以在dll运行时将所有的函数指向原系统的函数,同时可以在程序中加入自己的代码,到达不破坏原程序而进行内存修改程序的功能。 4、编程程序,生成untheme.dll文件 5、将untheme.dll文件拷贝到ZY_Modbus_Slave_sim.exe文件所在目录中,就可以完成内存补丁的破解工作。 ZY_Modbus_Slave_sim在启动调用untheme.dll时,自动调用执行同目录的这个文件。

其样例程序如下(其中使用定时器在工作,具体可不使用这种方法,具体情况具体分析了): 

  1 library uxtheme;
  2 
  3 uses
  4   Winapi.Windows,
  5   Winapi.TlHelp32, Winapi.mmsystem,
  6   Winapi.PsAPI,
  7   System.SysUtils,
  8   System.Classes;
  9 {$R *.res}
 10 var
 11   ModHandle: Cardinal;
 12   CCID: DWORD;
 13   MMTimerID: Integer; // 定时器ID
 14 
 15 
 16   PoldBeginBufferedAnimation: Pointer;
 17   PoldBeginBufferedPaint: Pointer;
 18   PoldBeginPanningFeedback: Pointer;
 19   PoldBufferedPaintClear: Pointer;
 20   PoldBufferedPaintInit: Pointer;
 21   PoldBufferedPaintRenderAnimation: Pointer;
 22   PoldBufferedPaintSetAlpha: Pointer;
 23   PoldBufferedPaintStopAllAnimations: Pointer;
 24   PoldBufferedPaintUnInit: Pointer;
 25   PoldCloseThemeData: Pointer;
 26   PoldDllCanUnloadNow: Pointer;
 27   PoldDllGetActivationFactory: Pointer;
 28   PoldDllGetClassObject: Pointer;
 29   PoldDrawThemeBackground: Pointer;
 30   PoldDrawThemeBackgroundEx: Pointer;
 31   PoldDrawThemeEdge: Pointer;
 32   PoldDrawThemeIcon: Pointer;
 33   PoldDrawThemeParentBackground: Pointer;
 34   PoldDrawThemeParentBackgroundEx: Pointer;
 35   PoldDrawThemeText: Pointer;
 36   PoldDrawThemeTextEx: Pointer;
 37   PoldEnableThemeDialogTexture: Pointer;
 38   PoldEnableTheming: Pointer;
 39   PoldEndBufferedAnimation: Pointer;
 40   PoldEndBufferedPaint: Pointer;
 41   PoldEndPanningFeedback: Pointer;
 42   PoldGetBufferedPaintBits: Pointer;
 43   PoldGetBufferedPaintDC: Pointer;
 44   PoldGetBufferedPaintTargetDC: Pointer;
 45   PoldGetBufferedPaintTargetRect: Pointer;
 46   PoldGetColorFromPreference: Pointer;
 47   PoldGetCurrentThemeName: Pointer;
 48   PoldGetImmersiveColorFromColorSetEx: Pointer;
 49   PoldGetImmersiveUserColorSetPreference: Pointer;
 50   PoldGetThemeAnimationProperty: Pointer;
 51   PoldGetThemeAnimationTransform: Pointer;
 52   PoldGetThemeAppProperties: Pointer;
 53   PoldGetThemeBackgroundContentRect: Pointer;
 54   PoldGetThemeBackgroundExtent: Pointer;
 55   PoldGetThemeBackgroundRegion: Pointer;
 56   PoldGetThemeBitmap: Pointer;
 57   PoldGetThemeBool: Pointer;
 58   PoldGetThemeColor: Pointer;
 59   PoldGetThemeDocumentationProperty: Pointer;
 60   PoldGetThemeEnumValue: Pointer;
 61   PoldGetThemeFilename: Pointer;
 62   PoldGetThemeFont: Pointer;
 63   PoldGetThemeInt: Pointer;
 64   PoldGetThemeIntList: Pointer;
 65   PoldGetThemeMargins: Pointer;
 66   PoldGetThemeMetric: Pointer;
 67   PoldGetThemePartSize: Pointer;
 68   PoldGetThemePosition: Pointer;
 69   PoldGetThemePropertyOrigin: Pointer;
 70   PoldGetThemeRect: Pointer;
 71   PoldGetThemeStream: Pointer;
 72   PoldGetThemeString: Pointer;
 73   PoldGetThemeSysBool: Pointer;
 74   PoldGetThemeSysColor: Pointer;
 75   PoldGetThemeSysColorBrush: Pointer;
 76   PoldGetThemeSysFont: Pointer;
 77   PoldGetThemeSysInt: Pointer;
 78   PoldGetThemeSysSize: Pointer;
 79   PoldGetThemeSysString: Pointer;
 80   PoldGetThemeTextExtent: Pointer;
 81   PoldGetThemeTextMetrics: Pointer;
 82   PoldGetThemeTimingFunction: Pointer;
 83   PoldGetThemeTransitionDuration: Pointer;
 84   PoldGetUserColorPreference: Pointer;
 85   PoldGetWindowTheme: Pointer;
 86   PoldHitTestThemeBackground: Pointer;
 87   PoldIsAppThemed: Pointer;
 88   PoldIsCompositionActive: Pointer;
 89   PoldIsThemeActive: Pointer;
 90   PoldIsThemeBackgroundPartiallyTransparent: Pointer;
 91   PoldIsThemeDialogTextureEnabled: Pointer;
 92   PoldIsThemePartDefined: Pointer;
 93   PoldOpenThemeData: Pointer;
 94   PoldOpenThemeDataEx: Pointer;
 95   PoldOpenThemeDataForDpi: Pointer;
 96   PoldSetThemeAppProperties: Pointer;
 97   PoldSetWindowTheme: Pointer;
 98   PoldSetWindowThemeAttribute: Pointer;
 99   PoldThemeInitApiHook: Pointer;
100   PoldUpdatePanningFeedback: Pointer;
101 
102 
103 procedure BeginBufferedAnimation;
104 asm jmp PoldBeginBufferedAnimation
105 end;
106  
108 procedure BeginBufferedPaint;
109 asm jmp PoldBeginBufferedPaint
110 end;
111 procedure BeginPanningFeedback;
112 asm jmp PoldBeginPanningFeedback
113 end;
114 
115 
116 procedure BufferedPaintClear;
117 asm jmp PoldBufferedPaintClear
118 end;
119 
120 
121 procedure BufferedPaintInit;
122 asm jmp PoldBufferedPaintInit
123 end;
124 
125 
126 procedure BufferedPaintRenderAnimation;
127 asm jmp PoldBufferedPaintRenderAnimation
128 end;
129 
130 
131 procedure BufferedPaintSetAlpha;
132 asm jmp PoldBufferedPaintSetAlpha
133 end;
134 
135 
136 procedure BufferedPaintStopAllAnimations;
137 asm jmp PoldBufferedPaintStopAllAnimations
138 end;
139 
140 
141 procedure BufferedPaintUnInit;
142 asm jmp PoldBufferedPaintUnInit
143 end;
144 
145 
146 procedure CloseThemeData;
147 asm jmp PoldCloseThemeData
148 end;
149 
150 
151 procedure DllCanUnloadNow;
152 asm jmp PoldDllCanUnloadNow
153 end;
154 
155 
156 procedure DllGetActivationFactory;
157 asm jmp PoldDllGetActivationFactory
158 end;
159 
160 
161 procedure DllGetClassObject;
162 asm jmp PoldDllGetClassObject
163 end;
164 
165 
166 procedure DrawThemeBackground;
167 asm jmp PoldDrawThemeBackground
168 end;
169 
170 
171 procedure DrawThemeBackgroundEx;
172 asm jmp PoldDrawThemeBackgroundEx
173 end;
174 procedure DrawThemeEdge;
175 asm jmp PoldDrawThemeEdge
176 end;
177 
178 
179 procedure DrawThemeIcon;
180 asm jmp PoldDrawThemeIcon
181 end;
182 
183 
184 procedure DrawThemeParentBackground;
185 asm jmp PoldDrawThemeParentBackground
186 end;
187 
188 
189 procedure DrawThemeParentBackgroundEx;
190 asm jmp PoldDrawThemeParentBackgroundEx
191 end;
192 
193 
194 procedure DrawThemeText;
195 asm jmp PoldDrawThemeText
196 end;
197 
198 
199 procedure DrawThemeTextEx;
200 asm jmp PoldDrawThemeTextEx
201 end;
202 procedure EnableThemeDialogTexture;
203 asm jmp PoldEnableThemeDialogTexture
204 end;
205 
206 
207 procedure EnableTheming;
208 asm jmp PoldEnableTheming
209 end;
210 
211 
212 procedure EndBufferedAnimation;
213 asm jmp PoldEndBufferedAnimation
214 end;
215 
216 
217 procedure EndBufferedPaint;
218 asm jmp PoldEndBufferedPaint
219 end;
220 
221 
222 procedure EndPanningFeedback;
223 asm jmp PoldEndPanningFeedback
224 end;
225 
226 
227 procedure GetBufferedPaintBits;
228 asm jmp PoldGetBufferedPaintBits
229 end;
230 
231 
232 procedure GetBufferedPaintDC;
233 asm jmp PoldGetBufferedPaintDC
234 end;
235 procedure GetBufferedPaintTargetDC;
236 asm jmp PoldGetBufferedPaintTargetDC
237 end;
238 procedure GetBufferedPaintTargetRect;
239 asm jmp PoldGetBufferedPaintTargetRect
240 end;
241 
242 
243 procedure GetColorFromPreference;
244 asm jmp PoldGetColorFromPreference
245 end;
246 
247 
248 procedure GetCurrentThemeName;
249 asm jmp PoldGetCurrentThemeName
250 end;
251 procedure GetImmersiveColorFromColorSetEx;
252 asm jmp PoldGetImmersiveColorFromColorSetEx
253 end;
254 procedure GetImmersiveUserColorSetPreference;
255 asm jmp PoldGetImmersiveUserColorSetPreference
256 end;
257 
258 
259 procedure GetThemeAnimationProperty;
260 asm jmp PoldGetThemeAnimationProperty
261 end;
262 
263 
264 procedure GetThemeAnimationTransform;
265 asm jmp PoldGetThemeAnimationTransform
266 end;
267 procedure GetThemeAppProperties;
268 asm jmp PoldGetThemeAppProperties
269 end;
270 
271 
272 procedure GetThemeBackgroundContentRect;
273 asm jmp PoldGetThemeBackgroundContentRect
274 end;
275 
276 
277 procedure GetThemeBackgroundExtent;
278 asm jmp PoldGetThemeBackgroundExtent
279 end;
280 
281 
282 procedure GetThemeBackgroundRegion;
283 asm jmp PoldGetThemeBackgroundRegion
284 end;
285 procedure GetThemeBitmap;
286 asm jmp PoldGetThemeBitmap
287 end;
288 
289 
290 procedure GetThemeBool;
291 asm jmp PoldGetThemeBool
292 end;
293 
294 
295 procedure GetThemeColor;
296 asm jmp PoldGetThemeColor
297 end;
298 
299 
300 procedure GetThemeDocumentationProperty;
301 asm jmp PoldGetThemeDocumentationProperty
302 end;
303 
304 
305 procedure GetThemeEnumValue;
306 asm jmp PoldGetThemeEnumValue
307 end;
308 
309 
310 procedure GetThemeFilename;
311 asm jmp PoldGetThemeFilename
312 end;
313 
314 
315 procedure GetThemeFont;
316 asm jmp PoldGetThemeFont
317 end;
318 procedure GetThemeInt;
319 asm jmp PoldGetThemeInt
320 end;
321 procedure GetThemeIntList;
322 asm jmp PoldGetThemeIntList
323 end;
324 procedure GetThemeMargins;
325 asm jmp PoldGetThemeMargins
326 end;
327 
328 
329 procedure GetThemeMetric;
330 asm jmp PoldGetThemeMetric
331 end;
332 
333 
334 procedure GetThemePartSize;
335 asm jmp PoldGetThemePartSize
336 end;
337 
338 
339 procedure GetThemePosition;
340 asm jmp PoldGetThemePosition
341 end;
342 
343 
344 procedure GetThemePropertyOrigin;
345 asm jmp PoldGetThemePropertyOrigin
346 end;
347 
348 
349 procedure GetThemeRect;
350 asm jmp PoldGetThemeRect
351 end;
352 
353 
354 procedure GetThemeStream;
355 asm jmp PoldGetThemeStream
356 end;
357 
358 
359 procedure GetThemeString;
360 asm jmp PoldGetThemeString
361 end;
362 
363 
364 procedure GetThemeSysBool;
365 asm jmp PoldGetThemeSysBool
366 end;
367 
368 
369 procedure GetThemeSysColor;
370 asm jmp PoldGetThemeSysColor
371 end;
372 
373 
374 procedure GetThemeSysColorBrush;
375 asm jmp PoldGetThemeSysColorBrush
376 end;
377 
378 
379 procedure GetThemeSysFont;
380 asm jmp PoldGetThemeSysFont
381 end;
382 
383 
384 procedure GetThemeSysInt;
385 asm jmp PoldGetThemeSysInt
386 end;
387 
388 
389 procedure GetThemeSysSize;
390 asm jmp PoldGetThemeSysSize
391 end;
392 
393 
394 procedure GetThemeSysString;
395 asm jmp PoldGetThemeSysString
396 end;
397 
398 
399 procedure GetThemeTextExtent;
400 asm jmp PoldGetThemeTextExtent
401 end;
402 
403 
404 procedure GetThemeTextMetrics;
405 asm jmp PoldGetThemeTextMetrics
406 end;
407 
408 
409 procedure GetThemeTimingFunction;
410 asm jmp PoldGetThemeTimingFunction
411 end;
412 
413 
414 procedure GetThemeTransitionDuration;
415 asm jmp PoldGetThemeTransitionDuration
416 end;
417 procedure GetUserColorPreference;
418 asm jmp PoldGetUserColorPreference
419 end;
420 procedure GetWindowTheme;
421 asm jmp PoldGetWindowTheme
422 end;
423 
424 
425 procedure HitTestThemeBackground;
426 asm jmp PoldHitTestThemeBackground
427 end;
428 
429 
430 procedure IsAppThemed;
431 asm jmp PoldIsAppThemed
432 end;
433 
434 
435 procedure IsCompositionActive;
436 asm jmp PoldIsCompositionActive
437 end;
438 
439 
440 procedure IsThemeActive;
441 asm jmp PoldIsThemeActive
442 end;
443 
444 
445 procedure IsThemeBackgroundPartiallyTransparent;
446 asm jmp PoldIsThemeBackgroundPartiallyTransparent
447 end;
448 
449 
450 procedure IsThemeDialogTextureEnabled;
451 asm jmp PoldIsThemeDialogTextureEnabled
452 end;
453 
454 
455 procedure IsThemePartDefined;
456 asm jmp PoldIsThemePartDefined
457 end;
458 
459 
460 procedure OpenThemeData;
461 asm jmp PoldOpenThemeData
462 end;
463 procedure OpenThemeDataEx;
464 asm jmp PoldOpenThemeDataEx
465 end;
466 
467 
468 procedure OpenThemeDataForDpi;
469 asm jmp PoldOpenThemeDataForDpi
470 end;
471 
472 
473 procedure SetThemeAppProperties;
474 asm jmp PoldSetThemeAppProperties
475 end;
476 procedure SetWindowTheme;
477 asm jmp PoldSetWindowTheme
478 end;
479 
480 
481 procedure SetWindowThemeAttribute;
482 asm jmp PoldSetWindowThemeAttribute
483 end;
484 
485 
486 procedure ThemeInitApiHook;
487 asm jmp PoldThemeInitApiHook
488 end;
489 
490 
491 procedure UpdatePanningFeedback;
492 asm jmp PoldUpdatePanningFeedback
493 end;
494 
495 
496 function AdjustProcessPrivilege(ProcessHandle: THandle; Token_Name: PChar): Boolean;  //提权函数
497 var
498   // Token: Cardinal;
499   TokenHandle: NativeUint;
500   TokenPri: _TOKEN_PRIVILEGES;
501   ProcessDest: int64;
502   l: DWORD;
503 begin
504   Result := False;
505   // if OpenProcessToken(ProcessHandle, TOKEN_Adjust_Privileges, Token) then
506   if OpenProcessToken(ProcessHandle, TOKEN_Adjust_Privileges, TokenHandle) then
507   begin
508     if LookupPrivilegeValue(nil, Token_Name, ProcessDest) then
509     begin
510       TokenPri.PrivilegeCount := 1;
511       TokenPri.Privileges[0].Attributes := SE_PRIVILEGE_ENABLED;
512       TokenPri.Privileges[0].Luid := ProcessDest;
513       l := 0;
514       // 更新进程令牌,成功返回TRUE
515       if AdjustTokenPrivileges(TokenHandle, False, TokenPri, SizeOf(TokenPri), nil, l) then
516         Result := True;
517     end;
518   end;
519 end;
520  
521 function GetCCID: Boolean;
522 var
523   sProc: PROCESSENTRY32;
524   hSnap: DWORD;
525   ok, fd: BOOL;
526   FdTxt: string;
527   FindNum: Integer;
528 begin
529   sProc.dwSize := SizeOf(sProc);
530   hSnap := CreateToolHelp32Snapshot(TH32CS_SNAPPROCESS, 0);
531   Result := False;
532   ok := Process32First(hSnap, sProc);
533   FindNum := 0;
534   while ok do
535   begin
536     FdTxt := uppercase(sProc.szExeFile); //获取执行文件的名称
537     if FdTxt = 'ZY_MODBUS_SLAVE_SIM.EXE' then
538     begin
539       CCID := sProc.th32ProcessID;   //获取执行文件的hid值
540       Result := True;
541       Inc(FindNum);
542       timeKillEvent(MMTimerID); //发现要破解的进程后,关闭定时执行
543     end;
544     ok := Process32Next(hSnap, sProc);  //寻找下一个进程文件
545     if FindNum >= 1 then
546       Break;
547   end;
548   CloseHandle(hSnap);
549 end;
550 
551 
552 Procedure inject_LicenseService;
553 var
554   h, hModel: THandle;
555   tt2: NativeUint;
556   CrGold: byte;  //要替换的字符
557   GoldA: Integer; //要破解的内存补丁地址
558   pPMC: PPROCESS_MEMORY_COUNTERS;
559   pPMCSize, ProcessPriority: Cardinal;
560   n: DWORD;
561  
562 begin
563   if GetCCID then
564   begin
565     h := OpenProcess(PROCESS_ALL_ACCESS, False, CCID);
566     if h = 0 then
567     begin
568       // GetLastError;
569       //不能打开线程OpenProcess
570       exit;
571     end;
572     // 从开始执行移动到每秒执行
573     pPMCSize := SizeOf(PROCESS_MEMORY_COUNTERS);
574     GetMem(pPMC, pPMCSize);
575     pPMC.cb := pPMCSize;
576     if GetProcessMemoryInfo(h, pPMC, pPMCSize) then
577     begin
578       // 根据进程句柄找到模块句柄
579       ENumProcessModules(h, @hModel, SizeOf(hModel), n);
580       GoldA:= 4270327; // 内存地址 004128f7 转换成10进制  //要破解的内存补丁地址
581       CrGold := 235; // 004128f7 的字符替换成'EB'
582       WriteProcessMemory(h, ptr(GoldA), @CrGold, 1, tt2); //写入内存
583       CloseHandle(h);
584       exit;
585     end;
586   end;
587 end;
588 
589 
590 procedure TimerProc(uTimerID, uMessage: UINT; dwUser, dw1, dw2: DWORD); stdcall;
591 begin
592   // 业务代码
593   inject_LicenseService; // 定时执行
594 end;
595 // 主程序开始.............................
596 exports
597   BeginBufferedAnimation,
598   BeginBufferedPaint,
599   BeginPanningFeedback,
600   BufferedPaintClear,
601   BufferedPaintInit,
602   BufferedPaintRenderAnimation,
603   BufferedPaintSetAlpha,
604   BufferedPaintStopAllAnimations,
605   BufferedPaintUnInit,
606   CloseThemeData,
607   DllCanUnloadNow,
608   DllGetActivationFactory,
609   DllGetClassObject,
610   DrawThemeBackground,
611   DrawThemeBackgroundEx,
612   DrawThemeEdge,
613   DrawThemeIcon,
614   DrawThemeParentBackground,
615   DrawThemeParentBackgroundEx,
616   DrawThemeText,
617   DrawThemeTextEx,
618   EnableThemeDialogTexture,
619   EnableTheming,
620   EndBufferedAnimation,
621   EndBufferedPaint,
622   EndPanningFeedback,
623   GetBufferedPaintBits,
624   GetBufferedPaintDC,
625   GetBufferedPaintTargetDC,
626   GetBufferedPaintTargetRect,
627   GetColorFromPreference,
628   GetCurrentThemeName,
629   GetImmersiveColorFromColorSetEx,
630   GetImmersiveUserColorSetPreference,
631   GetThemeAnimationProperty,
632   GetThemeAnimationTransform,
633   GetThemeAppProperties,
634   GetThemeBackgroundContentRect,
635   GetThemeBackgroundExtent,
636   GetThemeBackgroundRegion,
637   GetThemeBitmap,
638   GetThemeBool,
639   GetThemeColor,
640   GetThemeDocumentationProperty,
641   GetThemeEnumValue,
642   GetThemeFilename,
643   GetThemeFont,
644   GetThemeInt,
645   GetThemeIntList,
646   GetThemeMargins,
647   GetThemeMetric,
648   GetThemePartSize,
649   GetThemePosition,
650   GetThemePropertyOrigin,
651   GetThemeRect,
652   GetThemeStream,
653   GetThemeString,
654   GetThemeSysBool,
655   GetThemeSysColor,
656   GetThemeSysColorBrush,
657   GetThemeSysFont,
658   GetThemeSysInt,
659   GetThemeSysSize,
660   GetThemeSysString,
661   GetThemeTextExtent,
662   GetThemeTextMetrics,
663   GetThemeTimingFunction,
664   GetThemeTransitionDuration,
665   GetUserColorPreference,
666   GetWindowTheme,
667   HitTestThemeBackground,
668   IsAppThemed,
669   IsCompositionActive,
670   IsThemeActive,
671   IsThemeBackgroundPartiallyTransparent,
672   IsThemeDialogTextureEnabled,
673   IsThemePartDefined,
674   OpenThemeData,
675   OpenThemeDataEx,
676   OpenThemeDataForDpi,
677   SetThemeAppProperties,
678   SetWindowTheme,
679   SetWindowThemeAttribute,
680   ThemeInitApiHook,
681   UpdatePanningFeedback;
682 const
683 {$IF Defined(CPUX86)}
684   xpath = 'system32';
685 {$ELSEIF Defined(CPUX64)}
686   xpath = 'SysWOW64';
687 {$IFEND}
688 begin
689   ModHandle := LoadLibrary('C:\WINDOWS\' + xpath + '\uxtheme.dll');
690   if ModHandle > 0 then
691   begin
692     PoldBeginBufferedAnimation := GetProcAddress(ModHandle, 'BeginBufferedAnimation');
693     PoldBeginBufferedPaint := GetProcAddress(ModHandle, 'BeginBufferedPaint');
694     PoldBeginPanningFeedback := GetProcAddress(ModHandle, 'BeginPanningFeedback');
695     PoldBufferedPaintClear := GetProcAddress(ModHandle, 'BufferedPaintClear');
696     PoldBufferedPaintInit := GetProcAddress(ModHandle, 'BufferedPaintInit');
697     PoldBufferedPaintRenderAnimation := GetProcAddress(ModHandle, 'BufferedPaintRenderAnimation');
698     PoldBufferedPaintSetAlpha := GetProcAddress(ModHandle, 'BufferedPaintSetAlpha');
699     PoldBufferedPaintStopAllAnimations := GetProcAddress(ModHandle, 'BufferedPaintStopAllAnimations');
700     PoldBufferedPaintUnInit := GetProcAddress(ModHandle, 'BufferedPaintUnInit');
701     PoldCloseThemeData := GetProcAddress(ModHandle, 'CloseThemeData');
702     PoldDllCanUnloadNow := GetProcAddress(ModHandle, 'DllCanUnloadNow');
703     PoldDllGetActivationFactory := GetProcAddress(ModHandle, 'DllGetActivationFactory');
704     PoldDllGetClassObject := GetProcAddress(ModHandle, 'DllGetClassObject');
705     PoldDrawThemeBackground := GetProcAddress(ModHandle, 'DrawThemeBackground');
706     PoldDrawThemeBackgroundEx := GetProcAddress(ModHandle, 'DrawThemeBackgroundEx');
707     PoldDrawThemeEdge := GetProcAddress(ModHandle, 'DrawThemeEdge');
708     PoldDrawThemeIcon := GetProcAddress(ModHandle, 'DrawThemeIcon');
709     PoldDrawThemeParentBackground := GetProcAddress(ModHandle, 'DrawThemeParentBackground');
710     PoldDrawThemeParentBackgroundEx := GetProcAddress(ModHandle, 'DrawThemeParentBackgroundEx');
711     PoldDrawThemeText := GetProcAddress(ModHandle, 'DrawThemeText');
712     PoldDrawThemeTextEx := GetProcAddress(ModHandle, 'DrawThemeTextEx');
713     PoldEnableThemeDialogTexture := GetProcAddress(ModHandle, 'EnableThemeDialogTexture');
714     PoldEnableTheming := GetProcAddress(ModHandle, 'EnableTheming');
715     PoldEndBufferedAnimation := GetProcAddress(ModHandle, 'EndBufferedAnimation');
716     PoldEndBufferedPaint := GetProcAddress(ModHandle, 'EndBufferedPaint');
717     PoldEndPanningFeedback := GetProcAddress(ModHandle, 'EndPanningFeedback');
718     PoldGetBufferedPaintBits := GetProcAddress(ModHandle, 'GetBufferedPaintBits');
719     PoldGetBufferedPaintDC := GetProcAddress(ModHandle, 'GetBufferedPaintDC');
720     PoldGetBufferedPaintTargetDC := GetProcAddress(ModHandle, 'GetBufferedPaintTargetDC');
721     PoldGetBufferedPaintTargetRect := GetProcAddress(ModHandle, 'GetBufferedPaintTargetRect');
722     PoldGetColorFromPreference := GetProcAddress(ModHandle, 'GetColorFromPreference');
723     PoldGetCurrentThemeName := GetProcAddress(ModHandle, 'GetCurrentThemeName');
724     PoldGetImmersiveColorFromColorSetEx := GetProcAddress(ModHandle, 'GetImmersiveColorFromColorSetEx');
725     PoldGetImmersiveUserColorSetPreference := GetProcAddress(ModHandle, 'GetImmersiveUserColorSetPreference');
726     PoldGetThemeAnimationProperty := GetProcAddress(ModHandle, 'GetThemeAnimationProperty');
727     PoldGetThemeAnimationTransform := GetProcAddress(ModHandle, 'GetThemeAnimationTransform');
728     PoldGetThemeAppProperties := GetProcAddress(ModHandle, 'GetThemeAppProperties');
729     PoldGetThemeBackgroundContentRect := GetProcAddress(ModHandle, 'GetThemeBackgroundContentRect');
730     PoldGetThemeBackgroundExtent := GetProcAddress(ModHandle, 'GetThemeBackgroundExtent');
731     PoldGetThemeBackgroundRegion := GetProcAddress(ModHandle, 'GetThemeBackgroundRegion');
732     PoldGetThemeBitmap := GetProcAddress(ModHandle, 'GetThemeBitmap');
733     PoldGetThemeBool := GetProcAddress(ModHandle, 'GetThemeBool');
734     PoldGetThemeColor := GetProcAddress(ModHandle, 'GetThemeColor');
735     PoldGetThemeDocumentationProperty := GetProcAddress(ModHandle, 'GetThemeDocumentationProperty');
736     PoldGetThemeEnumValue := GetProcAddress(ModHandle, 'GetThemeEnumValue');
737     PoldGetThemeFilename := GetProcAddress(ModHandle, 'GetThemeFilename');
738     PoldGetThemeFont := GetProcAddress(ModHandle, 'GetThemeFont');
739     PoldGetThemeInt := GetProcAddress(ModHandle, 'GetThemeInt');
740     PoldGetThemeIntList := GetProcAddress(ModHandle, 'GetThemeIntList');
741     PoldGetThemeMargins := GetProcAddress(ModHandle, 'GetThemeMargins');
742     PoldGetThemeMetric := GetProcAddress(ModHandle, 'GetThemeMetric');
743     PoldGetThemePartSize := GetProcAddress(ModHandle, 'GetThemePartSize');
744     PoldGetThemePosition := GetProcAddress(ModHandle, 'GetThemePosition');
745     PoldGetThemePropertyOrigin := GetProcAddress(ModHandle, 'GetThemePropertyOrigin');
746     PoldGetThemeRect := GetProcAddress(ModHandle, 'GetThemeRect');
747     PoldGetThemeStream := GetProcAddress(ModHandle, 'GetThemeStream');
748     PoldGetThemeString := GetProcAddress(ModHandle, 'GetThemeString');
749     PoldGetThemeSysBool := GetProcAddress(ModHandle, 'GetThemeSysBool');
750     PoldGetThemeSysColor := GetProcAddress(ModHandle, 'GetThemeSysColor');
751     PoldGetThemeSysColorBrush := GetProcAddress(ModHandle, 'GetThemeSysColorBrush');
752     PoldGetThemeSysFont := GetProcAddress(ModHandle, 'GetThemeSysFont');
753     PoldGetThemeSysInt := GetProcAddress(ModHandle, 'GetThemeSysInt');
754     PoldGetThemeSysSize := GetProcAddress(ModHandle, 'GetThemeSysSize');
755     PoldGetThemeSysString := GetProcAddress(ModHandle, 'GetThemeSysString');
756     PoldGetThemeTextExtent := GetProcAddress(ModHandle, 'GetThemeTextExtent');
757     PoldGetThemeTextMetrics := GetProcAddress(ModHandle, 'GetThemeTextMetrics');
758     PoldGetThemeTimingFunction := GetProcAddress(ModHandle, 'GetThemeTimingFunction');
759     PoldGetThemeTransitionDuration := GetProcAddress(ModHandle, 'GetThemeTransitionDuration');
760     PoldGetUserColorPreference := GetProcAddress(ModHandle, 'GetUserColorPreference');
761     PoldGetWindowTheme := GetProcAddress(ModHandle, 'GetWindowTheme');
762     PoldHitTestThemeBackground := GetProcAddress(ModHandle, 'HitTestThemeBackground');
763     PoldIsAppThemed := GetProcAddress(ModHandle, 'IsAppThemed');
764     PoldIsCompositionActive := GetProcAddress(ModHandle, 'IsCompositionActive');
765     PoldIsThemeActive := GetProcAddress(ModHandle, 'IsThemeActive');
766     PoldIsThemeBackgroundPartiallyTransparent := GetProcAddress(ModHandle, 'IsThemeBackgroundPartiallyTransparent');
767     PoldIsThemeDialogTextureEnabled := GetProcAddress(ModHandle, 'IsThemeDialogTextureEnabled');
768     PoldIsThemePartDefined := GetProcAddress(ModHandle, 'IsThemePartDefined');
769     PoldOpenThemeData := GetProcAddress(ModHandle, 'OpenThemeData');
770     PoldOpenThemeDataEx := GetProcAddress(ModHandle, 'OpenThemeDataEx');
771     PoldOpenThemeDataForDpi := GetProcAddress(ModHandle, 'OpenThemeDataForDpi');
772     PoldSetThemeAppProperties := GetProcAddress(ModHandle, 'SetThemeAppProperties');
773     PoldSetWindowTheme := GetProcAddress(ModHandle, 'SetWindowTheme');
774     PoldSetWindowThemeAttribute := GetProcAddress(ModHandle, 'SetWindowThemeAttribute');
775     PoldThemeInitApiHook := GetProcAddress(ModHandle, 'ThemeInitApiHook');
776     PoldUpdatePanningFeedback := GetProcAddress(ModHandle, 'UpdatePanningFeedback');
777   end;
778   begin
779     // 添加自己的补丁内容!
780     AdjustProcessPrivilege(GetCurrentProcess, 'SeDebugPrivilege'); // 提升权限
781     MMTimerID := timeSetEvent(500, 0, @TimerProc, 0, TIME_PERIODIC); // 启动定时器,定时执行TimerProc函数
782   end;
783 end.

 

标签:end,Delphi,补丁,DLL,asm,ModHandle,GetProcAddress,jmp,procedure
From: https://www.cnblogs.com/blockke/p/17588654.html

相关文章

  • C#与C++动态链接库DLL参数互传
    C#与C++动态链接库DLL参数互传一、C#中导入C++动态链接库二、C#传入字符串参数三、C++传出字符串参数四、C++传出vector一、C#中导入C++动态链接库从界面程序开发的角度来说,C#语言效率较C++高,且通过WPF开发出的程序界面更为美观,但在开发实际项目中有时不可避免的需要使用C++程序库......
  • C#动态调用C/C++的DLL
    C#调用C/C++的dll有两种方式,下边就写一下两种不同方式的调用方法。1.DllImport方式[DllImport("CalcDll")]publicexternintAdd(inta,intb);其中CalcDll为C++动态库,Add为动态库中的方法,使用DllImport引入需要加载的DLL,使用关键字extern修饰C++库中的方法,之后正常调用即可。......
  • C#调用C/C++动态库dll异常:对 PInvoke 函数调用导致堆栈不对称问题
    C#调用C/C++动态库dll异常:对PInvoke函数调用导致堆栈不对称问题雨渡石桥已于2023-02-2112:04:29修改973收藏1文章标签:windowsc++c#版权结论:如果你是用C#调用C的动态库,如果出现“对PInvoke函数调用导致堆栈不对称问题”,建议优先调整CallingConvention的值,建议改为Ca......
  • 传奇服务端Gom引擎补丁不显示外观的解决办法
    gom引擎的服务端出线了打好补丁安装好显示还是透明,这种情况是安装目录出现了问题。 第一步确定一下版本补丁的安装路径。 一种就是常见的安装方法,X:\热血传奇\data\这种就是最常见的,很多人往往就塞这里面去。 一种就是Gom引擎的版本安装方式:因为很多版本制作者命名自己的补丁文......
  • 内网环境windows server 2012r2系统怎样手动安装cab更新补丁
    在内网部署了几台winserver2012r2服务器,由于是纯内网,要求和互联网物理隔离,内网的服务器更新补丁成了一个问题,在互联网上没有找到单独的集成补丁包,去微软官方手动下载再去更新费时费力,便想到使用以下方法进行。1、使用互联网台式机安装一台虚拟机,虚拟机要求和内网服务器使用相......
  • Delphi 的 DBGrid 中的下拉列表和查找字段编程方法
    数据网格是非常流行的数据输入和显示形式,像大家熟悉的Excel、VFP 中的功能强大的BROWS 等,为广大程序员乐于采用。在用 Delphi 开发数据库应用系统时,利用数据网格DBGrid 输入数据时,有些字段只允许某几个固定的字符串,像档案案卷的保管期限,只有“永久”、“长期”和“短期”三种......
  • Delphi中的Sender:TObject对象解析
     Delphi中的Sender:TObject1、Sender介绍Sender的类型是Tobject,是Tobject的派生类。Sender是一个TObject类型的参数,它告诉Delphi哪个控件接收这个事件并调用相应的处理过程。例如:procedureTForm1.Button1Click(Sender:TObject);begin//end;当点击BUTTON1时,会......
  • 【报错修复】HRESULT: 0x80070057 The library hostfxr.dll was found, but loading i
    我写了一个winform程序,拷贝到win7系统上,提示需要下载.net给的链接是https://aka.ms/dotnet-core-applaunch?missing_runtime=true&arch=x64&rid=win7-x64&apphost_version=5.0.3&gui=true这台win7上不了网我用win10下载了这个链接的桌面运行时windowsdesktop-runtime-5.0......
  • ChemDraw 20 Mac完美激活破解版(附激活补丁)
    ChemDraw20破解版是mac电脑上一款功能强大的化学绘图软件,可以精确分析各种化学实验,能够制作不同的3D模型帮助用户们进行分析。此外,软件还能够绘制各种化学结构图以及写出各种化学反应式轻松的帮助我们来获得相对应的数据信息,可以预测化合物属性、光谱数据、IUPAC命名以及计算......
  • python使用ctypes调用gcc编译的dll之ctypes的使用
    简介ctypes是Python的外部函数库。它提供了与C兼容的数据类型,并允许调用C或C++编译后的DLL或共享库中的函数。可使用该模块以纯Python形式对这些库进行封装。本例中代码基于window系统,python为64位3.9.12,如需在liunx上使用请参考上篇博客1、代码的基础结构如下1.1新......