我是個驅動新手,最近學習破解多開。經過一個通宵的百度和摸索,簡單的多開kugou用以下程式碼可以了。
MyNtCreateMutant( OUT PHANDLE MutantHandle, IN ACCESS_MASK DesiredAccess, IN POBJECT_ATTRIBUTES ObjectAttributes, IN BOOLEAN InitialOwner ) { NTSTATUS nStatus; UNICODE_STRING DestinationString,DestinationString2; WCHAR WC_MyId; RtlInitUnicodeString(&DestinationString, L"Kugoo7"); //MSangoClientNew RtlInitUnicodeString(&DestinationString2, L"Kugou7MainFormMutex"); if (ObjectAttributes && RtlEqualUnicodeString(&DestinationString, ObjectAttributes->ObjectName, 0)) { KdPrint(("Kugoo7\n")); ULONG MyId = (ULONG)PsGetCurrentProcessId(); KdPrint(("PsGetCurrentProcessId = %u\r\n",MyId)); UNICODE_STRING UnicodeString2={0}; UnicodeString2.Buffer = (PWSTR)ExAllocatePool(PagedPool,1024); UnicodeString2.MaximumLength = 1024; nStatus = RtlIntegerToUnicodeString(MyId,10,&UnicodeString2); if ( NT_SUCCESS(nStatus)) { KdPrint(("轉換字串成功! 結果:%wZ\n",&UnicodeString2)); RtlCopyUnicodeString(ObjectAttributes->ObjectName,&UnicodeString2); return g_pfnCreateMutant(MutantHandle,DesiredAccess,ObjectAttributes,InitialOwner); }else { KdPrint(("轉換字串 失敗!\n")); return STATUS_SUCCESS; } } return g_pfnCreateMutant(MutantHandle,DesiredAccess,ObjectAttributes,InitialOwner); }