标签:variant kill ps1 disable main 上网 eve png seconds
小编最近使用jsonView插件时,每次打开谷歌浏览器都会弹出下面的窗口,上网搜索,找到一个非常有效的方法。
一、新建一个文本文档
二、复制代码
1 <# : 2 @echo off 3 copy/b "%~f0" "%temp%\%~n0.ps1" >nul 4 powershell -Version 2 -ExecutionPolicy bypass -noprofile "%temp%\%~n0.ps1" "%cd% " "%~1" 5 del "%temp%\%~n0.ps1" 6 pause 7 exit /b 8 #> 9 param([string]$cwd=‘.‘, [string]$dll) 10 11 function main { 12 "Chrome ‘developer mode extensions‘ warning disabler v1.0.10.20170114`n" 13 $pathsDone = @{} 14 if ($dll -and (gi -literal $dll)) { 15 doPatch "DRAG‘n‘DROPPED" ((gi -literal $dll).directoryName + ‘\‘) 16 exit 17 } 18 doPatch CURRENT ((gi -literal $cwd).fullName + ‘\‘) 19 (‘HKLM‘, ‘HKCU‘) | %{ $hive = $_ 20 (‘‘, ‘\Wow6432Node‘) | %{ 21 $key = "${hive}:\SOFTWARE$_\Google\Update\Clients" 22 gci -ea silentlycontinue $key -r | gp | ?{ $_.CommandLine } | %{ 23 $path = $_.CommandLine -replace ‘"(.+?\\\d+\.\d+\.\d+\.\d+\\).+‘, ‘$1‘ 24 doPatch REGISTRY $path 25 } 26 } 27 } 28 } 29 function doPatch([string]$pathLabel, [string]$path) { 30 if ($pathsDone[$path.toLower()]) { return } 31 $dll = $path + "chrome.dll" 32 if (!(test-path -literal $dll)) { 33 return 34 } 35 "=======================" 36 "$pathLabel PATH $((gi -literal $dll).DirectoryName)" 37 "`tREADING Chrome.dll..." 38 $bytes = [IO.File]::ReadAllBytes($dll) 39 # process PE headers 40 $BC = [BitConverter] 41 $coff = $BC::ToUInt32($bytes,0x3C) + 4 42 $is64 = $BC::ToUInt16($bytes,$coff) -eq 0x8664 43 $opthdr = $coff+20 44 $codesize = $BC::ToUInt32($bytes,$opthdr+4) 45 $imagebase32 = $BC::ToUInt32($bytes,$opthdr+28) 46 # patch the flag in data section 47 $data = $BC::ToString($bytes,$codesize) 48 $flag = "ExtensionDeveloperModeWarning" 49 $stroffs = $data.IndexOf($BC::ToString($flag[1..99]))/3 - 1 50 if ($stroffs -lt 0) { 51 write-host -f red "`t$flag not found" 52 return 53 } 54 $stroffs += $codesize 55 if ($bytes[$stroffs] -eq 0) { 56 write-host -f darkgreen "`tALREADY PATCHED" 57 return 58 } 59 $exe = join-path (split-path $path) chrome.exe 60 $EA = $ErrorActionPreference 61 $ErrorActionPreference = ‘silentlyContinue‘ 62 while ((get-process chrome -module | ?{ $_.FileName -eq $exe })) { 63 forEach ($timeout in 15..0) { 64 write-host -n -b yellow -f black ` 65 "`rChrome is running and will be terminated in $timeout sec. " 66 write-host -n -b yellow -f darkyellow "Press ENTER to do it now. " 67 if ([console]::KeyAvailable) { 68 $key = $Host.UI.RawUI.ReadKey("AllowCtrlC,IncludeKeyDown,NoEcho") 69 if ($key.virtualKeyCode -eq 13) { break } 70 if ($key.virtualKeyCode -eq 27) { write-host; exit } 71 } 72 sleep 1 73 } 74 write-host 75 get-process chrome | ?{ 76 $_.MainWindowHandle.toInt64() -and ($_ | gps -file).FileName -eq $exe 77 } | %{ 78 "`tTrying to exit gracefully..." 79 if ($_.CloseMainWindow()) { 80 sleep 1 81 } 82 } 83 $killLabelShown = 0 84 get-process chrome | ?{ 85 ($_ | gps -file | select -expand FileName) -eq $exe 86 } | %{ 87 if (!$killLabelShown++) { 88 "`tTerminating background chrome processes..." 89 } 90 stop-process $_ -force 91 } 92 sleep -milliseconds 200 93 } 94 $ErrorActionPreference = $EA 95 $bytes[$stroffs] = 0 96 "`tPATCHED $flag flag" 97 # patch the channel restriction code for stable/beta 98 $code = $BC::ToString($bytes,0,$codesize) 99 $rxChannel = ‘83-F8-(?:03-7D|02-7F)‘ 100 # old code: cmp eax,3; jge ... 101 # new code: cmp eax,2; jg ... 102 $chanpos = 0 103 try { 104 if ($is64) { 105 $pos = 0 106 $rx = [regex]"$rxChannel-.{1,100}-48-8D" 107 do { 108 $m = $rx.match($code,$pos) 109 if (!$m.success) { break } 110 $chanpos = $m.index/3 + 2 111 $pos = $m.index + $m.length + 1 112 $offs = $BC::ToUInt32($bytes,$pos/3+1) 113 $diff = $pos/3+5+$offs - $stroffs 114 } until ($diff -ge 0 -and $diff -le 4096 -and $diff % 256 -eq 0) 115 if (!$m.success) { 116 $rx = [regex]"84-C0.{18,48}($rxChannel)-.{30,60}84-C0" 117 $m = $rx.matches($code) 118 if ($m.count -ne 1) { throw } 119 $chanpos = $m[0].groups[1].index/3 + 2 120 } 121 } else { 122 $flagOffs = [uint32]$stroffs + [uint32]$imagebase32 123 $flagOffsStr = $BC::ToString($BC::GetBytes($flagOffs)) 124 $variants = "(?<channel>$rxChannel-.{1,100})-68-(?<flag>`$1-.{6}`$2)", 125 "68-(?<flag>`$1-.{6}`$2).{300,500}E8.{12,32}(?<channel>$rxChannel)", 126 "E8.{12,32}(?<channel>$rxChannel).{300,500}68-(?<flag>`$1-.{6}`$2)" 127 forEach ($variant in $variants) { 128 $pattern = $flagOffsStr -replace ‘^(..)-.{6}(..)‘, $variant 129 "`tLooking for $($pattern -replace ‘\?<.+?>‘, ‘‘)..." 130 $minDiff = 65536 131 foreach ($m in [regex]::matches($code, $pattern)) { 132 $maybeFlagOffs = $BC::toUInt32($bytes, $m.groups[‘flag‘].index/3) 133 $diff = [Math]::abs($maybeFlagOffs - $flagOffs) 134 if ($diff % 256 -eq 0 -and $diff -lt $minDiff) { 135 $minDiff = $diff 136 $chanpos = $m.groups[‘channel‘].index/3 + 2 137 } 138 } 139 } 140 if (!$chanpos) { throw } 141 } 142 } catch { 143 write-host -f red "`tUnable to find the channel code, try updating me" 144 write-host -f red "`thttp://stackoverflow.com/a/30361260" 145 return 146 } 147 $bytes[$chanpos] = 9 148 "`tPATCHED Chrome release channel restriction" 149 150 "`tWriting to a temporary dll..." 151 [IO.File]::WriteAllBytes("$dll.new",$bytes) 152 153 "`tBacking up the original dll..." 154 move -literal $dll "$dll.bak" -force 155 156 "`tRenaming the temporary dll as the original dll..." 157 move -literal "$dll.new" $dll -force 158 159 $pathsDone[$path.toLower()] = $true 160 write-host -f green "`tDONE.`n" 161 [GC]::Collect() 162 } 163 164 main
三、命名脚本文件chrome.bat
四、出现问题
1.将Chrome.bat文件放到路径下:C:\Windows\System32\WindowsPowerShell\v1.0
2.双击运行即可。
【Chrome插件】去掉因使用jsonView插件的弹出窗口"请停用以开发者模式运行的扩展程序"
标签:variant kill ps1 disable main 上网 eve png seconds
原文地址:https://www.cnblogs.com/fenghaoyue-66/p/10028026.html