Foreword
This is not a technical article, because things do it a week ago, now I have forgotten it, and I don't want to open the debugger at all, look at the assembly code full screen, I feel particularly tired. - Because I don't understand :(
Now only probably talk about the process and modification process - telling someone to tell your own harvest always feeling very well - let us first see a picture:
If you are used to foxmail, you will find different places immediately, that is, there are 3 TOP X under the option menu, which is what I changed.
Maybe you dismissed: this is difficult to use Reshacker to get a minute!
You are right, I am using Reshacker, but this is not the key, because Reshacker is just resources, how to respond to the incident is the problem we have to face!
Let me talk about why you have to add these top x.
I didn't install anti-virus software. I used the foxmail4.2 that I didn't filter the function of spam. Therefore, I have to open remote management before collecting the email, see the letter, and manually confirm that the garbage letter (I don't believe the machine filter. ). Foxmail's default is 1, that is, you can only look at the header, I have changed to 5, but this is static, it is fixed, if you can choose "freedom" from the menu, this is my start Previous idea.
I took this for two days, and the menu spent a day. After finishing, I would like to add a function: breaking through the account password limit. Do this event for a long time. After the transformation of Foxmail If the account is added, if you forget the password to enter my mobile phone number, how much is my mobile phone number?嘿嘿. Still change the menu, because it is to respond to the event.
tool
No source code, some source code only use delphi :)
The debugger is less than, I use:
Ollydgb
Static disassembly, no way to compile, don't understand, you have to compile annotation is barely to understand, so you have to use:
Ded
In addition, the Lordpe is used to change the segment attributes. Increase the section with TOPO (Lordpe can also be added, but I will not use). There is also a 16-bit editor UltraEdit32. I later found that I can change it directly with OD. These tools really use it more, the more gains ~~
Think
If you write the POP3 program, you must know that the message header is TOP XXX, XX command, the first parameter is the mail ID, the second is the number of rows, we have to change the second parameter. The whole command is a string, and Foxmail sent it to the POP3 server, and the server sent the letter content.
This value is fixed in the program, and we can change this value in the menu event. In addition, the menu is hooked after clicking. If the program is written by Delphi 7, this event is very good, change the resources, the D7 menu item has set a radio and AutoCheck, you will change yourself. Foxmail is written in D5, this event can only be done himself.
process
It's so simple, how is the key to do, right?
Sorry, I don't plan to put the code all, because I don't want to repeat this process, tell the memory -
Add menu event
Delphi's event If you are generated by the editor, you can find XXXClick these strings, you can find a new menu, point it to new events, these new events are named. The association of menus and events is placed in an event address table in Delphi. However, this table is usually rushed, and does not enter new events, so move it to other address space. How to move?
Here is an article, specifically telling this, I refer to this article:
http://bbs.peiy.com/showthread.php?s=&threadid=1872&highlight=delphi
Move the original event to the new position to change the number of incident items, add 3 in the original value to the new TOP 1, TOP5, TOP 10, in the table, add 3 Events, they pointed to a new code space.
(I am sorry that it is very general here)
Positioning TOP value
After processing the association of the menu event, you will write the code to write the code.
The comparison "formal" method is to use the debugger tracking, simply a point in the OD search string "TOP". I remember that there is a space behind TOP. If you don't have, you are miserable, TOP is the reserved word of Delphi Visual control, and you have to distinguish it carefully.
After finding TOP, look down, soon, you can see "1" of the character. After getting the address of this character, you can make it easy to change into another value with the MOV command.
Insert code
If the space is not enough, it is necessary to add a section and set to be readable and writable. This knowledge is found to see the article about PEDIY. Code is rough to this:
XXXXXX1X MOV BYTE PTR [xxxx], 31 // Character 1, TOP1 event points to this XXXXXXX MOV BYTE PTR [xxxx 1], 20 // Later, empty XXXXXXXX RET // Don't consider changing the menu to hook the problem, so First return XXXXX2X MOV BYTE PTR [XXXX], 35 // Character 5, TOP5 event points to this XXXXXXX MOV BYTE PTR [XXXX 1], 20 xxxxxxx ket xxxxxx3X MOV BYTE PTR [xxxx], 31 // Character 1, TOP10 The event points to this XXXXXXXM BYTE PTR [xxxx 1], 30 // Character 0, XXXXXXX RET
Hit the menu
Write the above code, the function of the menu is actually already, but I still don't hook after the menu, this seems uncomfortable. First use Reshacker to set these three menu items to the same group and is a radio type. Finally, our code will automatically remove the hook. Key or code, we say the code.
If we write in Delphi, we point to the same function to the same function, then a statement, such as: Procedure Top1click (Sender: TOBJECT); Begin (Sender As TMenuItem) .checked: = true;
I can use this idea in the assembly, but how to write it? Sender seems to be very good, EAX is still ECX, as Tmenuitem is very troublesome, my approach is to write a simple project with D7, and then get the address of this function, get the code of this function, However, the assembly code of D7 and D5 is a bit different, so we must take a signature. Take this signature to find the search. After searching, it is necessary to fight 3 times to get the real entrance address, so you can write The above features are coming. Change EXE
In OD debugging, if the code is wrong, it may cause the program to terminate, so remember to take the code COPY, once it needs to be restarted, the recovery is also easy. After debugging, you write the changed place to the exe file. I will write down the machine code for the first time, copy it to the notepad, and then open EXE with the UE, one by one. It's really painful, it's also wrong! Later I saw the OD directly there was the function of Copy to Execute File. Right-click menu in the code area can be found.
postscript
It is time to finish here, but it doesn't make it clear at all. Forget it, or look at the EXE I have changed: http://bbs.pediy.com/upload/files/foxmail.part1.rar_31574.rarhttp: //bbs.pediy.com/upload/files/foxmail.part2.rar_31619 .rar This is not a complete package, you can run directly, but the interface you see is English. I use version 4.2, I don't have a problem directly. If you use a high version, it is best to make a backup.
