标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
6 V* {/ N3 m& T" N' o% V9 v/ @. V
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
; f' I) q4 \: z
----------------------------------------
- h! w2 a3 j, S5 C6 N' }
DTDY.h:
$ h, w- o9 W0 w
+ q# z* z* r4 N# w
#if _MSC_VER>1000
% Z; R% N' |6 {3 m
#pragma once
4 W/ Y5 j) h0 a# p
#endif //_MSC_VER>1000
# ]- L. w$ T4 M2 u- G8 p H1 p2 R. R- k
#include<windows.h>
+ M, q5 E: a/ B9 u
" D4 z2 X0 u! A6 C
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
4 T+ w2 a, P, \& O3 ~3 `9 E
class DTDY
8 z. G9 l2 h5 S1 P( s) s
{
1 ]$ F% k: ~ T" X% F
public:
: c' W" Q& j. y# I9 ]
DTDY();
( ~/ B/ ]: a- H' A$ a
virtual ~DTDY();
. c$ X Q) q4 D6 M" X/ [% [* ]. C
public:
3 N6 S% u/ Y- A: r7 t) i& b
static pGetModuleFileNameA MyGetModuleFileName;
3 h: a2 B; C+ B4 c
static BOOL FunInitiallization();
+ x9 I/ w) C3 e' `7 j
};
% \7 i, t6 ?5 N H! X+ ?, [
#endif
9 I h; B/ }6 ^1 p, d5 \
----------------------------------------
. O* P* H3 s3 e# w1 W v
( _. Q; \' f; r' r# w
DTDY.cpp:
# e: s" Q5 ?, c" j
& I- a- M2 u9 g2 `
#include "DTDY.h"
3 Q$ y7 t: W4 S: `
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
) T# s+ |4 P g4 q, i0 k
DTDY:TDY()
: G2 x( j: o/ U& P, \1 C
{
/ S# x' i: v2 Z( f/ A
}
6 L0 C' V" n. i, Q' ^. x* N
DTDY::~DTDY()
7 ^# B' B( U+ M5 L. A
{
* @3 Q* n# G @# s
}
[" z! r1 m: o% j
BOOL DTDY::FunInitiallization()
6 p! _% l" X: I% B9 L
{
! {% [7 G* R7 O1 Z) M, K- I
HMODULE hModule=LoadLibrary("kernel32.dll");
% P$ S: X, r: @) z* B
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
. v: Z- r& k% m O7 Y
if(!MyGetModuleFileName=) return FALSE;
) H. Q6 F G8 K* H
8 M3 z& j2 r/ x# K2 D# Q; I
return TRUE;
* a+ \/ L) a) D, s7 J9 f7 [) h
}
9 N/ }; |3 x. e/ j; e, ?
----------------------------------------
1 b4 C0 z) j4 [$ }5 u3 `0 L: t
svchost.cpp:
3 k$ N" ^9 H; W: r, K1 K+ y1 h
/ Q9 v3 P- j2 \* F" T
#include "DTDY.h"
9 I$ P5 p7 F9 Z6 J
' F0 Y& E( u9 ^1 u5 l$ V& t8 o1 i. @
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
0 s4 g' }* @& T- X
{
3 T% h# r3 h/ x/ u
switch(ul_reason_for_call)
) |2 ^( V$ x( Y8 S7 z) g
{
' w8 W1 _& _0 K7 n! ]% d, s
case DLL_PROCESS_ATTACH:
( e0 l! P% e5 d! w5 }: l8 ~! @
if(!DTDY::FunInitiallization()) return FALSE;
# s6 S# ]5 h5 H0 W
2 ?9 p7 r2 y I* }# ]: A1 i
break;
7 Y% `% E W2 ^# G$ J
}
' |( z; t& ]1 A4 l0 h/ t5 f
}
( Y! D4 [! p# d4 J$ J, R
6 [# ]4 s% {6 G$ E! I4 a- _' e
- v' i4 f! n0 M
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
- m9 c- z6 F3 ^2 n# [
改写为
( R {7 O u4 z0 ^' G
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
# Q( y% Q- U% N1 D5 `. F+ O
----------------------------------------
{+ H' G' v& P3 u3 _" L: ?4 p
KernelManager.cpp:
' ]( e h5 k- D1 l
& j, b1 @ W' @$ e- ]7 c
#include "../DTDY.h"
3 l" I! J2 R* }! A4 b9 I* K
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
% I' w- D$ h. z1 e" n5 c5 L
改写为
v2 F. d, q$ h8 |$ H8 G1 H
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
5 \0 }& m% f4 F0 V$ ^* j8 U* l) v
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
