标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
- y: _# }2 S; p
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
1 h9 n& b! ^9 e) S0 `
----------------------------------------
. I: s3 b. R+ D% X
DTDY.h:
" S7 ^5 R/ o5 E
% L1 j+ L8 u5 d% j' @: E
#if _MSC_VER>1000
: p! P* a. \( Z9 h1 N0 ^
#pragma once
3 Y7 `, h, ]% o
#endif //_MSC_VER>1000
; m: ^% F0 v( c2 b# M- D2 s: |7 Z
#include<windows.h>
' P) d! B2 c8 R* z2 R
# C* e1 P$ }; j# L
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
# i$ K9 s: M5 y
class DTDY
# l0 _! `% b" G$ O
{
4 H% @) D J G5 M* h
public:
$ V. ]/ M* z2 e1 }3 k2 `. p
DTDY();
- _4 M' ^9 X$ g6 t
virtual ~DTDY();
6 S4 a v$ v. @% o5 b2 ]
public:
( f. s) y5 |* N" n1 p
static pGetModuleFileNameA MyGetModuleFileName;
, G' \+ p# s, L( Y0 ?6 j; J6 F
static BOOL FunInitiallization();
% a: P( _) A2 ?. w
};
$ G9 P; u% R/ C v
#endif
" D8 U# q/ m4 P# h
----------------------------------------
, [4 C4 v; n& M" ]% q$ ]3 K
5 R' f5 x; H" k! }1 | H0 o7 w$ a8 d
DTDY.cpp:
1 b7 K7 ^. _; H4 r
+ Q0 T! _+ j6 e% v
#include "DTDY.h"
* M- U3 l. _% C) L. x( f) j+ g5 k, z
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
% b) W: s" K4 X1 U
DTDY:TDY()
6 T( p2 c3 U0 k7 O) z4 b; v, h* L9 V
{
# b- x7 `/ i$ f. d
}
+ j% \0 x7 [ A0 U& X
DTDY::~DTDY()
- |6 S4 O2 A- u4 U- C# m5 j" f
{
4 D# F0 @& h2 E$ g8 @+ B1 P6 Y3 I
}
' B3 U* J9 [' j& \+ \# s
BOOL DTDY::FunInitiallization()
2 j. z7 O W$ M! |
{
. y2 h3 H, t, o4 U2 v, m5 ?
HMODULE hModule=LoadLibrary("kernel32.dll");
3 E$ b3 ^, y2 ~5 l8 s
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
: `$ i- z) o. t! y( J
if(!MyGetModuleFileName=) return FALSE;
1 K" K8 i* U: A4 L: g( e& N
- M+ x. W8 R K9 K& S7 d) l+ e
return TRUE;
) R7 W. B5 i7 e1 S4 v5 b% R/ w6 t
}
9 [7 `6 ]3 Q8 M, q3 o, G
----------------------------------------
9 ^" \; o& W" U
svchost.cpp:
\$ v1 v' w& j: Q" W0 `& u
! R- n" ?( O& ?/ \/ A7 ]
#include "DTDY.h"
2 S6 G8 k/ a; g# C. s( H. m
% O/ O4 _ _) D" e, d/ V
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
) M3 I: l* f+ E3 c' Q, r
{
' w7 N6 F# t' s8 X, B
switch(ul_reason_for_call)
8 }% R8 ~* D2 D% s/ j$ ?* g; {$ D. c
{
9 V$ ^1 J; X& Q+ ]
case DLL_PROCESS_ATTACH:
( g! s& ^, l+ r# D. t4 T$ Y7 \
if(!DTDY::FunInitiallization()) return FALSE;
8 h" _9 Q. g! R0 \7 j, v
. D9 r2 a; b5 N
break;
: R" m- `8 A0 b. m) b2 |
}
" |' V& @7 z. @! P, O& P
}
( g7 C% j: [& c& X4 `
( c" K4 V+ C7 B. h
" A) \+ u' W( `
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
3 X* N6 z# c. |+ U& H
改写为
7 ^; x0 a0 B4 ~# i0 w5 D; w, F
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
4 m* i) B* j/ D, A% l9 T' v
----------------------------------------
1 }6 h0 O4 Q6 ^
KernelManager.cpp:
* X' m2 `6 U3 J$ C6 o$ c: z% {
5 N) V: E" K4 U$ a3 [1 G& a
#include "../DTDY.h"
1 m' R: M8 l! `- S! H
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
2 W8 B j9 G& z8 P& ?# }! Z* n# D
改写为
U- |$ _, d- z2 d* }& _/ [+ l
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
. }8 A$ b$ j" g8 |) G
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
