From Collaborative RCE Tool Library
Comrade's PE Tools
| Tool name: | Comrade's PE Tools |
|
||
|---|---|---|---|---|
| Author: | Comrade | |||
| Website: | http://comrade.ownz.com/projects/petools.html | |||
| Current version: | ||||
| Last updated: | July 31, 2008 | |||
| Direct D/L link: | Locally archived copy | |||
| License type: | Free / Open Source | |||
| Description: | * Inject Tool Inject is a tool that injects a DLL into a running process. Its command-line usage is as follows: 1. Inject C:\hook.dll into pid 1234: inject.exe 1234 C:\hook.dll 2. Inject C:\hook.dll into process notepad.exe (if multiple notepads are running, then whichever one is picked is undefined): inject.exe -p *notepad.exe C:\hook.dll 3. Inject C:\hook.dll into running process C:\myprogram.exe: inject.exe -p C:\myprogram.exe C:\hook.dll 4. Inject C:\hook.dll into process with a window named "Untitled - Notepad": inject.exe -w "Untitled - Notepad" C:\hook.dll 5. Inject C:\hook.dll into process with a window class Notepad: inject.exe -c Notepad C:\hook.dll Note that in all uses, you should specify the full path to the injected DLL. * Loader Tool Loader is a tool that injects a DLL before launching a process. Its command-line usage is as follows: 1. Load notepad.exe and inject C:\hook.dll into it: loader.exe notepad.exe C:\hook.dll Note that you should specify the full path to the injected DLL. * Patch Tool Patch is a tool that adds a new section to the executable. The new section becomes the new entrypoint, and contains code to load a particular DLL, and then jump back to the original entrypoint. This can be used to create static patches that behave similar to the Loader tool. The tool's command-line usage is as follows: 1. Patch original.exe to load C:\hook.dll before execution; save the patched executable to patched.exe: patch.exe original.exe patched.exe C:\hook.dll * Reimport Tool Reimport is a tool that redirects certain entries of an executable's import table to another DLL. For example, running reimport.exe game.exe newgame.exe nocd.dll kernel32.dll::GetDriveTypeA kernel32.dll::CreateFileA kernel32.dll::GetVolumeInformation will create a copy of game.exe into newgame.exe, with the above 3 API functions rerouted to nocd.dll, instead of kernel32.dll. That means newgame.exe would import GetDriveTypeA, CreateFileA, and GetVolumeInformation from nocd.dll instead of kernel32.dll. |
|||
| Related URLs: | No related URLs have been submitted for this tool yet | |||
Feed containing all updates for this tool.
(please also edit it if you think it fits well in some additional category, since this can also be controlled)
You are welcome to add your own useful notes about this tool, for others to see!