标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
+ n* @, f- J3 t" X4 x7 @. \3 M I
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
6 b+ p, `2 L" x! X; [, y3 `
----------------------------------------
' k1 Z" X+ a* F' O; [% m# a8 W
DTDY.h:
. n0 R A% d3 e2 g W" {$ H) e: y n) \
$ B4 k* d. \; M6 w& O- V# U1 e8 M) ]
#if _MSC_VER>1000
% L( t; O- Q5 z N& N; W( L' |- Q/ p
#pragma once
+ V6 M# S7 U% F! H4 T
#endif //_MSC_VER>1000
* P- V$ k/ Q( |) J
#include<windows.h>
, B! [8 b" k4 S2 R( L# V
6 G; t M3 w+ `1 ~
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
4 _+ R7 T. x+ H0 D* \' [6 Z- f
class DTDY
4 J4 c7 t9 F, R2 ?/ f [
{
' \( G( I# T3 ~! d6 E% u
public:
. d0 `# X- @; g E) N9 q
DTDY();
* F- L- W5 y4 G+ M4 ~# w
virtual ~DTDY();
5 V7 z' _" \5 x: b- E5 [
public:
% E' P6 h2 j( {
static pGetModuleFileNameA MyGetModuleFileName;
+ I$ M G! d- ]! N
static BOOL FunInitiallization();
1 j, T% ]* P! t& O$ g
};
! F* N" N; ~* N9 U* H
#endif
, h: z7 \- d/ x h W
----------------------------------------
9 ~5 t$ }& [8 U, ?
+ T7 v) f+ }( p, O. w* y! p
DTDY.cpp:
8 @; Z8 i; _' H" S; n) L
, S' x! a3 |9 V& R5 Y4 `$ s6 @
#include "DTDY.h"
$ l5 Q6 N3 w' n" m' k4 h& e
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
+ c0 B U- h2 w. w* |( l
DTDY:TDY()
/ k" P9 e5 }' ^9 }
{
. p) T; i, Q& _ h' a! M
}
6 b& w! i+ K0 K9 W
DTDY::~DTDY()
2 h2 i5 g' ^5 t9 k" I7 W
{
% S1 M$ ~' R5 M7 |+ ]3 _7 A
}
w9 g+ B2 ?: o9 w
BOOL DTDY::FunInitiallization()
. P% O6 |! \7 R# u* P6 H
{
1 u1 d1 P& n9 E' L) J
HMODULE hModule=LoadLibrary("kernel32.dll");
" ~6 Y9 Q+ F9 c1 h9 Q! _$ q
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
: C2 o/ C2 u, H3 h! w: ^( O
if(!MyGetModuleFileName=) return FALSE;
5 F( d! \2 w6 z: k0 b" q) G q
: q3 B5 }; d* m; F
return TRUE;
6 _1 i) Q _4 p, v# b
}
0 v2 U! x* } V& Q9 d3 e0 i
----------------------------------------
9 ~; A' x5 V( q+ C- ?& ]% `
svchost.cpp:
3 }) p, f" ~* B6 [) ~; u# q$ {. v C6 L
/ H4 J& V4 U2 w1 t, t( ^; F
#include "DTDY.h"
m! \) Q% |& E
% ?' W3 N6 I4 D# ] b( S8 u9 ?
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
- v3 D# m, s$ H* S& }, @- n
{
7 Y' k5 o, q j% `% B7 q! p
switch(ul_reason_for_call)
`- ~2 r- {$ g8 @# M. V
{
) C1 k l- z% }; z) L0 R% V6 K# t; C
case DLL_PROCESS_ATTACH:
4 ~& k. s( o. j! Z6 a% p( y
if(!DTDY::FunInitiallization()) return FALSE;
! H1 B1 V9 s8 {2 |8 n! K% Q( R/ F
% U, x6 Q i7 q8 K
break;
$ ?6 M- S/ W& Y0 {
}
' G# w+ v% G. N7 i& _5 L
}
# u% n3 y( _# g& H) A
* Y$ t( d9 P; ^/ G
. [4 C- z1 r* P2 b* s
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
8 h2 g) a1 d* m- I+ }" P
改写为
, V- |5 u% _% H* s
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
1 B- G [ W/ r7 R R
----------------------------------------
7 b; q! | z0 P, W5 _
KernelManager.cpp:
% ^0 X. r* m1 O$ b7 f6 J4 S4 r
. J j: N$ f8 a
#include "../DTDY.h"
7 \9 M3 e: U# o# Z1 z+ c
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
) V' s" B$ r/ l. K [
改写为
( r X2 |7 T$ _( M7 M0 J+ s
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
2 \$ j2 g+ @' a* X
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
