来源:蜘蛛抓取(WebSpider)
时间:2018-08-21 10:03
标签:
ce修改器能改什么游戏
3DM自运营游戏推荐
命运守护夜
CopyRight(C)
All Right Reserved 京ICP证号 京网文(-207号
请输入手机号或论坛账号
请输入密码
社交账号登陆Xenos注入器2.2.0汉化版 支持X86 X64 支持内核注入 - 『逆向资源区』
- 吾爱破解 - LCG - LSG |安卓破解|病毒分析|破解软件|www.52pojie.cn
后使用快捷导航没有帐号?
只需一步,快速开始
请完成以下验证码
请完成以下验证码
查看: 21828|回复: 37
Xenos注入器2.2.0汉化版 支持X86 X64 支持内核注入
阅读权限25
Redesigned GUI and some more features
- Supports x86 and x64 processes and modules
- Kernel-mode injection feature (driver required)
- Manual map of kernel drivers (driver required)
- Injection of pure managed images without proxy dll
- Windows 7 cross-session and cross-desktop injection
- Injection into native processes (those having only ntdll loaded)
- Calling custom initialization routine after injection
- Unlinking module after injection
- Injection using thread hijacking
- Injection of x64 images into WOW64 process
- Image manual mapping
- Injection profiles
Manual map features:
- Relocations, import, delayed import, bound import
- Static TLS and TLS callbacks
- Security cookie
- Image manifests and SxS
- Make module visible to GetModuleHandle, GetProcAddress, etc.
- Support for exceptions in private memory under DEP
- C++/CLI images are supported (use 'Add loader reference' in this case)
Kernel manual map features are mostly identical to user-mode with few exceptions:
- No C++ exception handling support for x64 images (only SEH)
- No static TLS
- No native loader compatibility
- Limited dependency path resolving. Only API set schema, SxS, target executable directory and system directory
Supported OS: Win7 - Win10 x64
Additional notes:
Injector has 2 versions - x86 and x64. Apart from obvious features x86 version supports injection of x64 images into x64 x64 injector supports injection of x86 and x64 images into WOW64 processes. However this is only valid for native images. If you want to inject pure managed dll - use same injector version as your target process is.
Injection of x64 images into WOW64 process is totally unpredictable. If you want to do this I would recommend to use manual mapping with manual imports option, because native loader is more buggy than my implementation in this case (especially in windows 7).
Restrictions:
- You can't inject 32 bit image into x64 process
- Use x86 version to manually map 32 bit images and x86 version to map 64 bit images
- You can't manually map pure managed images, only native injection is supported for them
- May not work properly on x86 OS versions
- Kernel injection is only supported on x64 OSes and requires Driver Test signing mode.
Changelog
V2.2.0
- Command line options
- Separate x86/x64 profiles
- Pure IL exe manual mapping
- VS 2015 runtime
- Win10 RTM support
- Win10 build 9926 support
- Win8.1 bug fixes
- Fixed BSOD under win7 and win8.1 systems
- Major kernel manual map bug fixes
- Kernel logs
- Some logging
- Kernel manual map for user-mode dlls
- Process handle access rights escalation
- Injection image list
- Auto-injection
- Injection profiles
- Injection delay timers
- Kernel injection improvements - module unlinking and init routine invocation
- Win10 tech preview support
- ManuapMap: 'Hide mapped memory region' flag
- Manual map of system drivers
- Self-protection option (Tools -& Protect self)
- Improved injection into suspended process
- 'Close after injection' flag
- Kernel injection methods
- Various bug fixes
- Save/load last programm configuration
- Added command line for process launcher
- ManualMap: Discardable sections aren't mapped now (e.g. &.reloc&)
- Added module view
- Module unloading
- Fixed bug with remote memory deallocation after manual mapping
- Exception handler aren't created now if process has DEP turned off.
QQ截图29.png (39.95 KB, 下载次数: 22)
15:32 上传
Readme:
Some option explanations:
Process selection:
& & Existing - select existing process from the list
& & New - new process will be launched before injection
& & Manual launch - after pressing 'Inject' button, injector will wait for target process startup
& & List of images you want inject
& & Add - add new image to the list. Drag'n'drop is also supported
& & Remove - remove selected image
& & Clear - clear image list
Advanced options:
& & Injection type:
& && &&&Native inject - common approach using LoadLibraryW \ LdrLoadDll in newly created or existing thread
& && &&&Manual map - manual copying image data into target process memory without creating section object
& && &&&Kernel(New thread) - kernel mode ZwCreateThreadEx into LdrLoadDll. Uses driver
& && &&&Kernel(APC) - kernel mode APC into LdrLoadDll. Uses driver
& && &&&Kernel(Manual map) - kernel manual mapping. Uses driver
& & Native Loader options:
& && &&&Unlink module - after injection, unlink module from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, HashLinks and LdrpModuleBaseAddressIndex.
& && &&&Erase PE - after injection, erase PE headers
& && &&&Use existing thread - LoadLibrary and init routine will be executed in the context of random non-suspended thread.
& && && && &
& & Manual map options:
& && &&&Add loader reference - Insert module record into InMemoryOrderModuleList/LdrpModuleBaseAddressIndex and HashLinks. Used to make module functions (e.g. GetModuleHandle, GetProcAddress) work with manually mapped image.
& && &&&Manually resolve imports - Image import and delayed import dlls will be also manually mapped instead of being loaded using LdrLoadDll.
& && &&&Wipe headers - Erase module header information after injection. Also affects manually mapped imports.
& && &&&Ignore TLS - Don't process image static TLS data and call TLS callbacks.
& && &&&No exception support - Don't create custom exception handlers that enable out-of-image exception support under DEP.
& && &&&Conceal memory - Make image memory visible as PAGE_NO_ACESS to memory query functions
& & Command Line:
& && &&&Process command line arguments
& & Init routine:
& && &&&If you are injecting native (not pure IL) image, this is name of exported function that will be called after injection is done. This export is called as void ( __stdcall* )(wchar_t*) function.
& && &&&If you are injecting pure managed image, this is name of public method that will be executed using ICLRRuntimeHost::ExecuteInDefaultAppDomain.
& & Init argument:
& && &&&String that is passed into init routine
& & Close after injection:
& && &&&Close injector after successful injection
& & Inject delay:
& && &&&Delay before injection start
& & Inject interval:
& && &&&Delay between each image
& & Escalate handle access:
& && &&&Bypass handle acess filters. Driver is required
Menu options:
& & Profiles-&Load - load injection profile
& & Profiles-&Save - save current settings into profile
& & Tools-&Eject modules - open module ejection dialog
& & Tools-&Protect self - make injector process protected (driver required)
Command line options:
& & & & --load &profile_path& - start injector and load target profile specified by &profile_path&
& & & & --run &profile_path& - imeddiately execute profile specified by &profile_path& without GUI
& & & & & & & &
Kernel injection methods require system running in Test mode.Comon problems:
1. Access denied
Failed to load BlackBone driver:
{Access Denied}
A process has requested access to an object, but has not been granted those access rights.
If you are using account with admin rights - run program as Administrator. If you are using restricted user account - enable UAC and then run as Administrator.
2. Injection failed with error code 0xC0000225. Injector failed to resolve one or more dll dependencies. Make sure you have all required dlls and proper CRT libraries. In case of kernel manual mapping, dependencies should be placed near target process executable or in system32 (SysWOW64 for 32bit processes) folder.
_Mike@OC for his managed dll injection using AsmJit code
Petr Kobalicek - AsmJit project
Source code
Download link
(671.38 KB, 下载次数: 2156)
15:42 上传
点击文件名下载附件
下载积分: 吾爱币 -1 CB
Update version (v2.3.0) has been released.
Please see my queto at belows page.&
这注入器有点问题 不能强制注入&
热心值 +10
收下了,感谢楼主!!
谢谢@Thanks!
感谢发布原创作品,吾爱破解论坛因你更精彩.
谢谢@Thanks!
果断下载,期待楼主跟进后续版本汉化,谢谢.
谢谢@Thanks!
感谢发布原创作品,吾爱破解论坛因你更精彩.
感谢发布原创作品,吾爱破解论坛因你更精彩.
不做伸手党~
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
阅读权限40
Thank you _BaZzi.......
Update Version (v2.3.0) has been released on 26 August 2017. And formerly posted by DarthTon itself at UnknownCheat Forum.
Posted link here :
Changelog :
- Win10 Creators Update support
- Unified injection and manual mapping (injector -& target) : x86-&x86, x64-&x64, x86-&x64, x64-&x86
- Bug fixes, stability improvements
More detail, you can refers to the contents of packed binaries format (Xenos_2.3.0_[unknowncheats.me]_.7z)
Binaries :
Xenos_2.3.0_[unknowncheats.me] ...
Sources code :
Xenos-master.zip
Best regards,
14:55 上传
点击文件名下载附件
下载积分: 吾爱币 -1 CB
699.1 KB, 下载次数: 89, 下载积分: 吾爱币 -1 CB
14:57 上传
点击文件名下载附件
下载积分: 吾爱币 -1 CB
124.81 KB, 下载次数: 36, 下载积分: 吾爱币 -1 CB
鼓励转贴优秀软件安全工具和文档!
我很赞同!
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
阅读权限10
welcome yoza come back!!!Hope you have&&every nice day in 52pojie.
& && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && && & Best wishes!
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
阅读权限35
前排膜拜大牛
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
阅读权限100
前排支持大牛,求翻译工具介绍
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
阅读权限40
前排支持大牛,求翻译工具介绍
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
阅读权限25
前排占楼,看不懂
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
阅读权限25
强制注入是指什么
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
阅读权限30
前排支持大牛 z
这个是有源码的吗,能不能弄成支持XP的,我系统打不开。。
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
阅读权限35
后排支持大牛,求翻译工具介绍
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
阅读权限25
前排支持大牛 z
这个是有源码的吗,能不能弄成支持XP的,我系统打不开。。
源码中没有XP的驱动 编译了作用也不大
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
阅读权限30
@Apocalypse 强制注入是指什么
如果 dll是32位的 同时支持64位 这个注入器会提示无法注入
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
免责声明:吾爱破解所发布的一切破解补丁、注册机和注册信息及软件的解密分析文章仅限用于学习和研究目的;不得将上述内容用于商业或者非法用途,否则,一切后果请用户自负。本站信息来自网络,版权争议与本站无关。您必须在下载后的24个小时之内,从您的电脑中彻底删除上述内容。如果您喜欢该程序,请支持正版软件,购买注册,得到更好的正版服务。如有侵权请邮件与我们联系处理。
( 京ICP备号 | 京公网安备 87号 )
Powered by Discuz!
Comsenz Inc.Xenos注入器 支持X86 X64 支持内核注入 - 『逆向资源区』
- 吾爱破解 - LCG - LSG |安卓破解|病毒分析|破解软件|www.52pojie.cn
后使用快捷导航没有帐号?
只需一步,快速开始
请完成以下验证码
请完成以下验证码
查看: 13233|回复: 29
Xenos注入器 支持X86 X64 支持内核注入
阅读权限40
本帖最后由 cmc5410 于
19:19 编辑
- Supports x86 and x64 processes and modules
- Kernel mode injection
- Injection of pure managed images without proxy dll(code was partially stolen from _Mike@OC)
- Windows 7 cross-session and cross-desktop injection
- Injection into native processes (those having only ntdll loaded)
- Calling custom initialization routine after injection
- Unlinking module after injection
- Injection using thread hijacking
- Injection of x64 images into WOW64 process(read more in Additional notes section)
- Image manual mapping
Supported OS: Win7 - Win8.1 x64. Should also work on x86 OS versions but I haven't tested it much.Additional notes:
Injector has 2 versions - x86 and x64. Apart from obvious features x86 version supports injection of x64 images into x64 x64 injector supports injection of x86 and x64 images into WOW64 processes. However this is only valid for native images. If you want to inject pure managed dll - use same injector version as your target process is.
Injection of x64 images into WOW64 process is totally unpredictable. If you want to do this I would recommend to use manual mapping with manual imports option, because native loader is more buggy than my implementation in this case&&(especially in windows 7).
Restrictions:
- You can't inject 32 bit image into x64 process
- Use x86 version to manually map 32 bit images and x86 version to map 64 bit images
- You can't manually map pure managed images, only native injection is supported for them
- May not work properly on x86 OS versions
- Kernel injection is only supported on x64 OSes and requires Driver Test signing mode.
内核注入 只支持x64&&需要驱动测试签名模式
- Kernel injection methods
- Various bug fixes
xenos_j.jpg (28.59 KB, 下载次数: 8)
19:17 上传
Injection type:
Native inject - common approach using LoadLibraryW \ LdrLoadDll in newly created or existing thread
Manual map - manual copying image data into target process memory without creating section object
Kernel(New thread) - kernel mode CreateThread into LdrLoadDll. Uses driver
kernel(APC) - kernel mode APC into LdrLoadDll. Uses driver
Process selection:
Either select existing non-protected process or select executable (by pressing 'New' button) that would be launched before injecting into it.
Command Line:
Process arguments
Full-qualified path to image you want inject. Drag'n'drop is also supported.
Init routine:
If you are injecting native (not pure IL) image, this is name of exported function that will be called after injection is done. This export is called as void ( __stdcall* )(wchar_t*) function.
If you are injecting pure managed image, this is name of public method that will be executed using ICLRRuntimeHost::ExecuteInDefaultAppDomain.
Init argument:
String that is passed into init routine
Native Loader options:
Unlink module - after injection, unlink module from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, HashLinks and LdrpModuleBaseAddressIndex.
Context thread:
New thread - LoadLibrary and init routine will be executed in new thread.
Any other selection - LoadLibrary and init routine will be executed in the context of selected thread.
Manual map options:
Add loader reference - Insert module record into InMemoryOrderModuleList/LdrpModuleBaseAddressIndex and HashLinks. Used to make module functions (e.g. GetModuleHandle, GetProcAddress) work with manually mapped image.
Manually resolve imports - Image import and delayed import dlls will be also manually mapped instead of being loaded using LdrLoadDll.
Wipe headers - Erase module header information after injection. Also affects manually mapped imports.
Ignore TLS - Don't process image static TLS data and call TLS callbacks.
No exception support - Don't create custom exception handlers that enable out-of-image exception support under DEP.
(450.47 KB, 下载次数: 460)
19:18 上传
点击文件名下载附件
下载积分: 吾爱币 -1 CB
怒刷存在感!
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
头像被屏蔽
提示: 作者被禁止或删除 内容自动屏蔽
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
阅读权限10
这个干嘛用的啊。。注入apk可以改属性么。?
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
头像被屏蔽
提示: 作者被禁止或删除 内容自动屏蔽
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
阅读权限20
360杀了...
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
阅读权限35
怒刷存在感,求理睬!
荔枝微博相册下载助手V2.1破解版
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
阅读权限10
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
阅读权限10
能否汉化一下 真心看不懂啊!
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
阅读权限10
这工具不错,开源的吗
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
阅读权限25
如果发布的是汉化版就更完美了
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
阅读权限35
英文看不懂.还得找度娘翻译去~
发帖求助前要善用【】功能,那里可能会有你要找的答案;如果你在论坛求助问题,并且已经从坛友或者管理的回复中解决了问题,请把帖子分类或者标题加上【已解决】;如何回报帮助你解决问题的坛友,一个好办法就是给对方加【热心】,加分不会扣除自己的积分,做一个热心并受欢迎的人!
免责声明:吾爱破解所发布的一切破解补丁、注册机和注册信息及软件的解密分析文章仅限用于学习和研究目的;不得将上述内容用于商业或者非法用途,否则,一切后果请用户自负。本站信息来自网络,版权争议与本站无关。您必须在下载后的24个小时之内,从您的电脑中彻底删除上述内容。如果您喜欢该程序,请支持正版软件,购买注册,得到更好的正版服务。如有侵权请邮件与我们联系处理。
( 京ICP备号 | 京公网安备 87号 )
Powered by Discuz!
Comsenz Inc.
