标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
1 y$ q# l+ i: z2 [/ S
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
" t4 U7 \7 J/ l8 F" t: E
----------------------------------------
5 V; R8 G7 G% J1 R+ d
DTDY.h:
5 V" [, K% G4 G
9 O3 e* ~& }' p: F9 N2 @
#if _MSC_VER>1000
1 L# a3 b1 w: u% E
#pragma once
. U0 |& t3 u. t+ ~5 }1 ^4 T
#endif //_MSC_VER>1000
4 b: U: ^8 J# P
#include<windows.h>
+ d }- Y) D3 r" }+ d; b& W
% m( y$ L; A" B' q9 l4 `. ]& [
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
! T# o0 ~9 l7 P+ }9 e% A
class DTDY
% q9 D; g$ U# o' D
{
& r8 ^ e9 D' _* L
public:
7 p L: i# S- i' T: N8 }
DTDY();
" n5 B' |6 i# c
virtual ~DTDY();
& R- t4 x- V* B/ Z8 ^
public:
~- v; S! X. ~6 u- ^
static pGetModuleFileNameA MyGetModuleFileName;
! i( {9 N6 H+ ?. L( q
static BOOL FunInitiallization();
% V2 U; H3 y, s2 M5 z: B
};
2 R# c6 J$ y! j) B9 I$ y5 c
#endif
* ^8 b, u/ O" K4 c3 n
----------------------------------------
3 s+ U" C1 o( M2 E, X5 b" {
" }% a: t* E% x. \- v c
DTDY.cpp:
' P" |% s- S4 A. e) B
: K* ?6 q6 _: W' g$ ^
#include "DTDY.h"
. `% z3 I6 @3 N4 z) \9 \/ V$ v
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
4 f. i3 v$ b, x% Y
DTDY:TDY()
4 b2 F* j# h* O9 e
{
) D6 T- x1 Y# G& N4 s6 L7 L3 e, M
}
& F x! i H, D
DTDY::~DTDY()
( G* l6 u! G3 C8 Q( U3 e8 S$ K% W3 l
{
$ N: a( [9 _# j; A
}
: K) S ]/ I. B
BOOL DTDY::FunInitiallization()
% p4 }7 W k0 N9 i1 \
{
* E3 E2 \* j+ r' x2 b' q. G
HMODULE hModule=LoadLibrary("kernel32.dll");
; W9 l1 ~7 O, ~3 }( x
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
( s1 ]/ p/ ?6 C) [: C+ s' G( i$ r
if(!MyGetModuleFileName=) return FALSE;
( q5 T1 ^1 G# n! p- A1 |2 G
3 W& w, D5 n$ J r+ a& F0 S' ~7 E
return TRUE;
* J- W$ Q. _% p2 F, h+ ^
}
% G- `$ n' E! n* Y% h+ I' c
----------------------------------------
, i. w- W0 ^4 q
svchost.cpp:
% z) w- i# W. |4 F; u
5 {+ K7 k& C# j! ]0 g% i
#include "DTDY.h"
, t* s% a$ ~ V. d. t
- R1 K! w2 m, ~ p
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
! u8 o% R8 d7 e/ m& R* l! r) |
{
' u' @. k. |0 m2 l9 o
switch(ul_reason_for_call)
7 e' [* r( W( U% d9 W
{
5 W3 [# Q# k, v
case DLL_PROCESS_ATTACH:
- `7 F1 l @, M0 B7 _ J3 a" [
if(!DTDY::FunInitiallization()) return FALSE;
' g- U" j7 d# b& E, a$ V! {
4 n9 G" m3 T! c7 _& u
break;
% W+ o/ S! [1 v, |, ]9 g7 l# {) P
}
* d6 N& V- T! V/ W4 w1 g. G# g
}
( J8 u' y1 ~0 q9 C
/ P |" c( R; j' s+ }$ D' X* C
- I) ~: p" R0 G9 O+ Z$ _
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
. c* d( s' \+ W5 `6 [/ F; h4 [8 E
改写为
! a8 V% s( _2 h; n4 D/ {
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
7 ?" }8 E3 S/ [( R. H- W! B2 b
----------------------------------------
7 X& O, h8 Q7 y- B
KernelManager.cpp:
9 ?# c. r6 I1 D( n$ d' a
2 _& K; |$ G7 d* q" h1 r
#include "../DTDY.h"
2 m0 O9 e6 E- R: P/ I4 K$ D
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
' c) k/ v( D$ o8 S8 ~% H
改写为
3 W- W. \9 I8 I5 k! b$ `) {1 \
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
( i5 P" {7 C' E, m+ R3 ~
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
