📄 remoteadminservice.cpp
字号:
_T("\\\\.\\pipe\\")REMOTE_ADMIN_PIPE,
PIPE_ACCESS_DUPLEX,
PIPE_TYPE_MESSAGE | PIPE_WAIT,
PIPE_UNLIMITED_INSTANCES,
0,
0,
(DWORD)-1,
&SecAttrib);
if (hPipe != NULL)
{
// Waiting for client to connect to this pipe
::ConnectNamedPipe(hPipe, NULL);
::_beginthread(RemoteAdminThreadProc, 0, (void*)hPipe);
}
}
}
void RemoteAdminThreadProc(void* pParam)
{
// Increment instance counter
::InterlockedIncrement(&lServicePipeInstanceCount);
SECURITY_ATTRIBUTES SecAttrib = {0};
SECURITY_DESCRIPTOR SecDesc;
InitializeSecurityDescriptor(&SecDesc, SECURITY_DESCRIPTOR_REVISION);
SetSecurityDescriptorDacl(&SecDesc, TRUE, NULL, TRUE);
SecAttrib.nLength = sizeof(SECURITY_ATTRIBUTES);
SecAttrib.lpSecurityDescriptor = &SecDesc;
SecAttrib.bInheritHandle = TRUE;
HANDLE hPipeProcessInfo = INVALID_HANDLE_VALUE;
HANDLE hPipeProcessKill = INVALID_HANDLE_VALUE;
HANDLE hPipeProcessExecute = INVALID_HANDLE_VALUE;
HANDLE hPipeSysShutDown = INVALID_HANDLE_VALUE;
// Create communication pipe for writing the process information
hPipeProcessInfo = ::CreateNamedPipe(
_T("\\\\.\\pipe\\")REMOTE_ADMIN_PROCESS_INFO_PIPE,
PIPE_ACCESS_DUPLEX,
PIPE_TYPE_MESSAGE | PIPE_WAIT,
PIPE_UNLIMITED_INSTANCES,
1024,
1024,
(DWORD)-1,
&SecAttrib
);
// Create communication pipe for receiving which process to execute
hPipeProcessExecute = ::CreateNamedPipe(
_T("\\\\.\\pipe\\")REMOTE_ADMIN_PROCESS_EXECUTE_PIPE,
PIPE_ACCESS_DUPLEX,
PIPE_TYPE_MESSAGE | PIPE_WAIT,
PIPE_UNLIMITED_INSTANCES,
1024,
1024,
(DWORD)-1,
&SecAttrib
);
// Create communication pipe for receiving which process to kill
hPipeProcessKill = ::CreateNamedPipe(
_T("\\\\.\\pipe\\")REMOTE_ADMIN_PROCESS_KILL_PIPE,
PIPE_ACCESS_DUPLEX,
PIPE_TYPE_MESSAGE | PIPE_WAIT,
PIPE_UNLIMITED_INSTANCES,
1024,
1024,
(DWORD)-1,
&SecAttrib
);
// Create communication pipe for initiating system shutdown
hPipeSysShutDown = ::CreateNamedPipe(
_T("\\\\.\\pipe\\")REMOTE_ADMIN_SYS_SHUTDOWN_PIPE,
PIPE_ACCESS_DUPLEX,
PIPE_TYPE_MESSAGE | PIPE_WAIT,
PIPE_UNLIMITED_INSTANCES,
1024,
1024,
(DWORD)-1,
&SecAttrib
);
::ConnectNamedPipe(hPipeProcessInfo, NULL);
::ConnectNamedPipe(hPipeProcessExecute, NULL);
::ConnectNamedPipe(hPipeProcessKill, NULL);
::ConnectNamedPipe(hPipeSysShutDown, NULL);
::_beginthread(RemoteAdminProcessInfoThread, 0, hPipeProcessInfo);
::_beginthread(RemoteAdminExecuteProcessThread, 0, hPipeProcessExecute);
::_beginthread(RemoteAdminKillProcessThread, 0, hPipeProcessKill);
::_beginthread(RemoteAdminSysShutdownThread, 0, hPipeSysShutDown);
::Sleep(10000);
// No more drama of of keeping the pipe waiting
// SCommand cmd;
HANDLE hPipe = reinterpret_cast<HANDLE>(pParam);
// DWORD dwRead;
//}//
/* for(;;)
{
if (!::ReadFile(hPipe, &cmd, sizeof(SCommand), &dwRead, NULL ) || dwRead == 0)
{
goto cleanup;
}
else
{
if (cmd.m_bThreadExit == TRUE)
{
goto cleanup;
}
}
}
cleanup:
*/
::DisconnectNamedPipe(hPipe);
::CloseHandle(hPipe);
// Decrement instance counter
::InterlockedDecrement(&lServicePipeInstanceCount);
// If this was the last client, let's stop ourself
if (lServicePipeInstanceCount == 0)
{
::SetEvent(hStopServiceEvent);
}
}
void RemoteAdminProcessInfoThread(void* pParam)
{
// Increment instance counter
::InterlockedIncrement(&lServicePipeInstanceCount);
HANDLE hPipe = reinterpret_cast<HANDLE>(pParam);
SCommand cmd = {0};
// Waiting for client to connect to this pipe
// ::ConnectNamedPipe(hPipe, NULL);
DWORD dwWritten = 0;
DWORD dwRead = 0;
POSITION pos = NULL;
for (;;)
{
if (!::ReadFile(hPipe, &cmd, sizeof(SCommand), &dwRead, NULL ) || dwRead == 0)
{
goto cleanup;
}
else
{
if (cmd.m_bThreadExit == TRUE)
{
goto cleanup;
}
}
::EnterCriticalSection(&g_CriticalSection);
int iProcessCount = pilProcessInfoList.GetCount();
if (!::WriteFile(hPipe, &iProcessCount, sizeof(int), &dwWritten, NULL) || dwWritten == 0 )
{
goto cleanup;
}
for (int i = 0; i < iProcessCount; ++i)
{
pos = pilProcessInfoList.FindIndex(i);
if (pos != NULL)
{
//PROCESSENTRY32* pPe = pilProcessInfoList.GetAt(pos);
SProcessInfo* pPi = pilProcessInfoList.GetAt(pos);
//if (!::WriteFile(hPipe, pPe, sizeof(PROCESSENTRY32), &dwWritten, NULL) || dwWritten == 0 )
if (!::WriteFile(hPipe, pPi, sizeof(SProcessInfo), &dwWritten, NULL) || dwWritten == 0 )
{
goto cleanup;
}
}
}
::LeaveCriticalSection(&g_CriticalSection);
::Sleep(100);
}
cleanup:
::DisconnectNamedPipe(hPipe);
::CloseHandle(hPipe);
// Decrement instance counter
::InterlockedDecrement(&lServicePipeInstanceCount);
// If this was the last client, let's stop ourself
if (lServicePipeInstanceCount == 0)
{
::SetEvent(hStopServiceEvent);
}
_endthread();
}
void RemoteAdminExecuteProcessThread(void* pParam)
{
// Increment instance counter
InterlockedIncrement(&lServicePipeInstanceCount);
HANDLE hPipe = reinterpret_cast<HANDLE>(pParam);
SCommand cmd = {0};
SExecuteCommand ExeCmd = {0};
// Waiting for client to connect to this pipe
// ::ConnectNamedPipe(hPipe, NULL);
DWORD dwWritten = 0;
DWORD dwRead = 0;
POSITION pos = NULL;
for (;;)
{
// Read whether to continue this thread?
if (!::ReadFile(hPipe, &cmd, sizeof(SCommand), &dwRead, NULL ) || dwRead == 0)
{
goto cleanup;
}
else
{
if (cmd.m_bThreadExit == TRUE)
{
goto cleanup;
}
}
// Read the process path
if (!::ReadFile(hPipe, &ExeCmd, sizeof(SExecuteCommand), &dwRead, NULL ) || dwRead == 0)
{
goto cleanup;
}
else
{
DWORD dwWritten = 0;
BOOL bCouldStartProcess = ::StartInteractiveClientProcess(ExeCmd.m_szUsername, ExeCmd.m_szDomain, ExeCmd.m_szPassword, ExeCmd.m_szProcessPath);
if (bCouldStartProcess)
{
TCHAR szMessage[_MAX_PATH] = _T("");
BOOL bOk = ::WriteFile(hPipe, szMessage, sizeof(szMessage), &dwWritten, NULL);
}
else
{
TCHAR szMessage[_MAX_PATH] = _T("Requested process started on remote machine");
BOOL bOk = ::WriteFile(hPipe, szMessage, sizeof(szMessage), &dwWritten, NULL);
}
}
}
cleanup:
::DisconnectNamedPipe(hPipe);
::CloseHandle(hPipe);
// Decrement instance counter
::InterlockedDecrement(&lServicePipeInstanceCount);
// If this was the last client, let's stop ourself
if (lServicePipeInstanceCount == 0)
{
::SetEvent(hStopServiceEvent);
}
_endthread();
}
void RemoteAdminKillProcessThread(void* pParam)
{
// Increment instance counter
InterlockedIncrement(&lServicePipeInstanceCount);
HANDLE hPipe = reinterpret_cast<HANDLE>(pParam);
SCommand cmd = {0};
// Waiting for client to connect to this pipe
// ::ConnectNamedPipe(hPipe, NULL);
DWORD dwWritten = 0;
DWORD dwRead = 0;
TCHAR* szProcessIDToBeKilled[10];
for (;;)
{
if (!::ReadFile(hPipe, &cmd, sizeof(SCommand), &dwRead, NULL ) || dwRead == 0)
{
goto cleanup;
}
else
{
if (cmd.m_bThreadExit == TRUE)
{
goto cleanup;
}
}
// Read the process path
if (!::ReadFile(hPipe, &szProcessIDToBeKilled, sizeof(szProcessIDToBeKilled), &dwRead, NULL ) || dwRead == 0)
{
goto cleanup;
}
else
{
BOOL bOk = FALSE;
TCHAR szMessage[_MAX_PATH] = _T("");
DWORD dwWritten = 0;
DWORD dwProcessIDToBeKilled = ::atoi((const char*)szProcessIDToBeKilled);
HANDLE hProcessToBeKilled = ::OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwProcessIDToBeKilled);
if (hProcessToBeKilled != NULL)
{
bOk = ::TerminateProcess(hProcessToBeKilled, 0);
if (bOk)
{
::strcpy(szMessage, _T(""));
bOk = ::WriteFile(hPipe, szMessage, sizeof(szMessage), &dwWritten, NULL);
}
else
{
::strcpy(szMessage, _T("Requested process started n remote machine"));
bOk = ::WriteFile(hPipe, szMessage, sizeof(szMessage), &dwWritten, NULL);
}
}
else
{
::strcpy(szMessage, _T("Requested process started on remote machine"));
bOk = ::WriteFile(hPipe, szMessage, sizeof(szMessage), &dwWritten, NULL);
}
}
}
cleanup:
::DisconnectNamedPipe(hPipe);
::CloseHandle(hPipe);
// Decrement instance counter
::InterlockedDecrement(&lServicePipeInstanceCount);
// If this was the last client, let's stop ourself
if (lServicePipeInstanceCount == 0)
{
::SetEvent(hStopServiceEvent);
}
_endthread();
}
void RemoteAdminSysShutdownThread(void* pParam)
{
// Increment instance counter
::InterlockedIncrement(&lServicePipeInstanceCount);
HANDLE hPipe = reinterpret_cast<HANDLE>(pParam);
SCommand cmd = {0};
SSysShutDownInfo shutdowninfo;
DWORD dwWritten = 0;
DWORD dwRead = 0;
TCHAR szMessage[_MAX_PATH] = _T("");
for(;;)
{
// Read for thread exit
if (!::ReadFile(hPipe, &cmd, sizeof(SCommand), &dwRead, NULL ) || dwRead == 0)
{
goto cleanup;
}
else
{
if (cmd.m_bThreadExit == TRUE)
{
goto cleanup;
}
}
// Read for system shutdown
if (!::ReadFile(hPipe, &shutdowninfo, sizeof(SSysShutDownInfo), &dwRead, NULL ) || dwRead == 0)
{
goto cleanup;
}
else
{
if (shutdowninfo.bShutDown)
{
//BOOL bResult = ::InitiateSystemShutdown(NULL, NULL, 30, FALSE, shutdowninfo.bReboot);
BOOL bResult = ::SystemShutdown(NULL, shutdowninfo.bReboot, shutdowninfo.iTimeToShutDown);
if (bResult)
{
::strcpy(szMessage, _T(""));
BOOL bOk = ::WriteFile(hPipe, szMessage, sizeof(szMessage), &dwWritten, NULL);
}
else
{
CString strFailureMessage = ::FormatLastError();
::strcpy(szMessage, strFailureMessage.GetBuffer(0));
BOOL bOk = ::WriteFile(hPipe, szMessage, sizeof(szMessage), &dwWritten, NULL);
}
}
else
{
BOOL bResult = ::PreventSystemShutdown();
if (bResult)
{
::strcpy(szMessage, _T(""));
BOOL bOk = ::WriteFile(hPipe, szMessage, sizeof(szMessage), &dwWritten, NULL);
}
else
{
CString strFailureMessage = ::FormatLastError();
::strcpy(szMessage, strFailureMessage.GetBuffer(0));
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -