关于OD 插件开发的相关api请到网上查阅,这里只给出一个简单基础的例子。
1、新建一个dll工程。
2、创建一个对话框,如图
3、资源文件头如下:
//{{NO_DEPENDENCIES}}
// Microsoft Visual C++ generated include file.
// Used by odplugin1.rc
//
#define IDD_TEST 101
#define IDC_EDIT1 1001
#define IDC_BUTTON1 1002
#define IDC_QUIT 1002
// Next default values for new objects
//
#ifdef APSTUDIO_INVOKED
#ifndef APSTUDIO_READONLY_SYMBOLS
#define _APS_NEXT_RESOURCE_VALUE 102
#define _APS_NEXT_COMMAND_VALUE 40001
#define _APS_NEXT_CONTROL_VALUE 1003
#define _APS_NEXT_SYMED_VALUE 101
#endif
#endif
4、程序代码如下;
// dllmain.cpp : Defines the entry point for the DLL application.
#include "stdafx.h"
#include <windows.h>
#include "resource.h"
#include "Plugin.h"
#pragma comment(lib,"Ollydbg.lib")
#pragma comment(lib, "user32.lib")
//#pragma comment(lib, "Gdi32.lib")
//global variant
static char g_szPluginName[] = "Matrix";
static HWND g_hWndMain = NULL; //保存OD主窗口句柄
static HINSTANCE g_hModule = NULL; //保存dll句柄
static char g_szMatrixClass[32];
//
//回调函数
LRESULT CALLBACK DlgOptionProc(HWND hWnd, UINT uMsg, WPARAM wParam, LPARAM lParam)
{
int AutoDisable;
int SleepTime;
char textbuffer[8];
if (uMsg == WM_INITDIALOG)
{
SetDlgItemText(hWnd,IDC_EDIT1,L"just a test");
}
else if( uMsg == WM_CLOSE)
EndDialog(hWnd, 0);
else if( uMsg == WM_COMMAND)
{
// just do nothing
if (wParam==(UINT)IDC_QUIT)
EndDialog(hWnd, 0);
}
else
return FALSE;
return TRUE;
}
BOOL APIENTRY DllMain( HMODULE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
{
g_hModule = hModule;
break;
}
case DLL_THREAD_ATTACH:
case DLL_THREAD_DETACH:
case DLL_PROCESS_DETACH:
break;
}
return TRUE;
}
extc int _export cdecl ODBG_Plugindata(char shortname[32])
{
strcpy(shortname, g_szPluginName);
return PLUGIN_VERSION;
}
extc int _export cdecl ODBG_Plugininit(int ollydbgversion,HWND hw, ulong *features)
{
int nRetCode;
if(ollydbgversion < PLUGIN_VERSION)
return -1;
g_hWndMain = hw; //保存ollydbg主窗口句柄
nRetCode = Registerpluginclass(
g_szMatrixClass,
NULL,
g_hModule,
DlgOptionProc);
if (nRetCode < 0)
return -1;
Addtolist(0, 0, "Matrix! v1.0");
Addtolist(0, -1, "Copyright(C) 2014 Matrix");
return 0;
}
extc int _export cdecl ODBG_Pluginmenu(int origin,char data[4096],void *item)
{
if(origin == PM_MAIN)
{
strcpy(data, "0 MatrixMain | 1 About");
return 1;
}
return 0;
}
extc void _export cdecl ODBG_Pluginaction(int origin,int action,void *item)
{
if(origin == PM_MAIN)
{
switch(action)
{
case 0: //这里的索引0 对应strcpy(data, "0 Matrix | 1 About");中的0
DialogBox(g_hModule, MAKEINTRESOURCE(IDD_TEST), g_hWndMain, (DLGPROC)DlgOptionProc); //创建对话框
break;
case 1:
MessageBoxA(
g_hWndMain,
" Write by Matrix ",
g_szPluginName,
MB_OK);
break;
}
}
}
extc void _export cdecl ODBG_Plugindestroy(void)
{
Unregisterpluginclass(g_szMatrixClass);
}
最后将生成的dll放到 od的plugin目录下即可