关于OD 插件开发的相关api请到网上查阅,这里只给出一个简单基础的例子。
1、新建一个dll工程。
2、创建一个对话框,如图
3、资源文件头如下:
//{{NO_DEPENDENCIES}} // Microsoft Visual C++ generated include file. // Used by odplugin1.rc // #define IDD_TEST 101 #define IDC_EDIT1 1001 #define IDC_BUTTON1 1002 #define IDC_QUIT 1002 // Next default values for new objects // #ifdef APSTUDIO_INVOKED #ifndef APSTUDIO_READONLY_SYMBOLS #define _APS_NEXT_RESOURCE_VALUE 102 #define _APS_NEXT_COMMAND_VALUE 40001 #define _APS_NEXT_CONTROL_VALUE 1003 #define _APS_NEXT_SYMED_VALUE 101 #endif #endif
4、程序代码如下;
// dllmain.cpp : Defines the entry point for the DLL application. #include "stdafx.h" #include <windows.h> #include "resource.h" #include "Plugin.h" #pragma comment(lib,"Ollydbg.lib") #pragma comment(lib, "user32.lib") //#pragma comment(lib, "Gdi32.lib") //global variant static char g_szPluginName[] = "Matrix"; static HWND g_hWndMain = NULL; //保存OD主窗口句柄 static HINSTANCE g_hModule = NULL; //保存dll句柄 static char g_szMatrixClass[32]; ////////////////////////////////////////////////////////////////////////// //回调函数 LRESULT CALLBACK DlgOptionProc(HWND hWnd, UINT uMsg, WPARAM wParam, LPARAM lParam) { int AutoDisable; int SleepTime; char textbuffer[8]; if (uMsg == WM_INITDIALOG) { SetDlgItemText(hWnd,IDC_EDIT1,L"just a test"); } else if( uMsg == WM_CLOSE) EndDialog(hWnd, 0); else if( uMsg == WM_COMMAND) { // just do nothing if (wParam==(UINT)IDC_QUIT) EndDialog(hWnd, 0); } else return FALSE; return TRUE; } BOOL APIENTRY DllMain( HMODULE hModule, DWORD ul_reason_for_call, LPVOID lpReserved ) { switch (ul_reason_for_call) { case DLL_PROCESS_ATTACH: { g_hModule = hModule; break; } case DLL_THREAD_ATTACH: case DLL_THREAD_DETACH: case DLL_PROCESS_DETACH: break; } return TRUE; } extc int _export cdecl ODBG_Plugindata(char shortname[32]) { strcpy(shortname, g_szPluginName); return PLUGIN_VERSION; } extc int _export cdecl ODBG_Plugininit(int ollydbgversion,HWND hw, ulong *features) { int nRetCode; if(ollydbgversion < PLUGIN_VERSION) return -1; g_hWndMain = hw; //保存ollydbg主窗口句柄 nRetCode = Registerpluginclass( g_szMatrixClass, NULL, g_hModule, DlgOptionProc); if (nRetCode < 0) return -1; Addtolist(0, 0, "Matrix! v1.0"); Addtolist(0, -1, "Copyright(C) 2014 Matrix"); return 0; } extc int _export cdecl ODBG_Pluginmenu(int origin,char data[4096],void *item) { if(origin == PM_MAIN) { strcpy(data, "0 MatrixMain | 1 About"); return 1; } return 0; } extc void _export cdecl ODBG_Pluginaction(int origin,int action,void *item) { if(origin == PM_MAIN) { switch(action) { case 0: //这里的索引0 对应strcpy(data, "0 Matrix | 1 About");中的0 DialogBox(g_hModule, MAKEINTRESOURCE(IDD_TEST), g_hWndMain, (DLGPROC)DlgOptionProc); //创建对话框 break; case 1: MessageBoxA( g_hWndMain, " Write by Matrix ", g_szPluginName, MB_OK); break; } } } extc void _export cdecl ODBG_Plugindestroy(void) { Unregisterpluginclass(g_szMatrixClass); }
原文地址:http://blog.csdn.net/hjxyshell/article/details/39137021