Board logo

标题: [原创文章] 全局动态调用 [打印本页]
作者: ice_xke    时间: 2010-10-19 12:30     标题: 全局动态调用

全局动态调用笔记5 l- \+ A# N% D0 @
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h0 l; o2 z5 w5 }3 o, m* S
----------------------------------------* Q3 \8 a/ f7 u& q  X& W$ @; X* Y
DTDY.h:
0 k# \5 w% w5 U+ `
, X/ G; b7 X% ~! V#if _MSC_VER>1000
# I. o; N! h' @& k& k#pragma once
9 q: _8 j! \: i- {" N9 S" f* s#endif //_MSC_VER>10009 D: C4 }/ i9 p) r
#include<windows.h>" P7 O- ^5 J! }" O4 [
3 s7 T2 Q; T. i. g
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
) q( w+ l4 {5 U/ d: x, Jclass DTDY
  i% V. x4 p& c$ p  T{
- k/ g' I3 s. ^3 e# k. z7 x1 Ppublic:5 P% W% n6 E2 k8 A4 e
DTDY();3 d! z, n4 e3 F
virtual ~DTDY();5 ?) |9 x( M+ q. X. r, e
public:
9 {  u# L/ ?( _& V, Tstatic pGetModuleFileNameA MyGetModuleFileName;3 b% r2 i9 A* j* @
static BOOL FunInitiallization();. ^) j* q  e8 L7 k1 ^  R* G# ^
};
& d* _6 u6 W+ \& z' ~; y#endif
$ u$ f4 N! Q+ y/ i----------------------------------------
$ T1 o; C# B6 w. I$ y/ B% P
) Z$ e  a- Q+ ^2 ~DTDY.cpp:
/ c% V9 h  {0 x. k
. t5 s2 Z  C6 Y' _- e; }#include "DTDY.h"2 f! v/ |  x5 u! F) A
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
- d3 ^. ^9 B& HDTDY:TDY()
9 V' t3 e" V. _8 r* L$ o4 K{7 R: S- j7 L5 F0 P
}
  {" u+ Y7 x6 e! {DTDY::~DTDY()* L4 i' C& A5 p& @* p7 J
{
2 p! f0 U+ I- R, R. T4 H# f}
( _- `9 I3 d5 W2 jBOOL DTDY::FunInitiallization()" d9 x. H. h  T7 T) f. y1 Y$ V
{
  ~# n2 U$ g! g# T- f& tHMODULE hModule=LoadLibrary("kernel32.dll");
0 B! t: S  D9 G6 KMyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
1 V* d* V( P) p; wif(!MyGetModuleFileName=) return FALSE;) k: d" W9 J& Y2 g' n2 s

  V! T; B5 ^( J( R* ^: ?return TRUE;
( j; P6 W  m3 |) Y$ l}$ t7 T* B9 i' h
----------------------------------------
0 m; F3 j+ S: {svchost.cpp:
+ Z( l& W6 w2 n! r& d
1 D" u' u+ J& w6 a9 Z* u* e#include "DTDY.h") `8 K6 ?) t9 |  X# J2 A3 `
& q& P* V/ ]& f; G4 F
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
8 y. o! m. O$ G2 \! x{) X$ a$ P! g1 o4 b4 w& N
switch(ul_reason_for_call)
( t6 G9 q4 {+ o# X6 H{" c  j7 `: v  f6 O
case DLL_PROCESS_ATTACH:
& O# S* x) d, P/ U1 F5 {$ cif(!DTDY::FunInitiallization()) return FALSE;
& Q" T& K$ w0 ^0 F5 W& C5 f  B* m" R: p3 M0 y- B' m" \
break;
3 q' s% x- G8 E$ C}4 z" }+ Y3 b' l8 p
}- v$ G6 x5 E& [

1 C. h# K4 S0 j2 F8 Y% p% I/ p& D5 n; ^
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def2 k/ H$ T! c( A" K( [
改写为
1 Y0 x' K. o0 x/ {! QDTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));2 T8 d/ A2 n1 G& [) k. H' O
----------------------------------------/ s8 S$ J  N6 y3 G( T; e
KernelManager.cpp:. n, x8 |" S9 W" F  J9 w7 l
3 V$ r2 |! S' A0 b# @5 C
#include "../DTDY.h"
0 O- }6 T) I6 c0 ]  g# cGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
" f) N+ @5 H' q! h改写为% a; i( i, f) q+ k
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
; ]- m  C$ i" G0 _----------------------------------------



欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/) Powered by Discuz! 7.2