📄 网络攻击view.cpp
字号:
// 网络攻击View.cpp : implementation of the CMyView class
//
#include "stdafx.h"
#include "网络攻击.h"
#include "userdlg.h"
#include "网络攻击Doc.h"
#include "网络攻击View.h"
#include "madedlg.h"
#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif
/////////////////////////////////////////////////////////////////////////////
// CMyView
IMPLEMENT_DYNCREATE(CMyView, CFormView)
BEGIN_MESSAGE_MAP(CMyView, CFormView)
//{{AFX_MSG_MAP(CMyView)
ON_BN_CLICKED(IDC_scan, Onscan)
ON_COMMAND(ID_face, Onface)
ON_UPDATE_COMMAND_UI(ID_FILE_NEW, OnUpdateFileNew)
ON_UPDATE_COMMAND_UI(ID_face, OnUpdateface)
ON_BN_CLICKED(IDC_foldclose, Onfoldclose)
ON_BN_CLICKED(IDC_foldopen, Onfoldopen)
ON_BN_CLICKED(IDC_stop, Onstop)
ON_NOTIFY(NM_DBLCLK, IDC_TREE1, OnDblclkTree1)
ON_NOTIFY(IPN_FIELDCHANGED, IDC_IPADDRESS1, OnFieldchangedIpaddress1)
ON_COMMAND(ID_close, Onclose)
ON_COMMAND(ID_made, Onmade)
ON_COMMAND(ID_HELP, OnHelp)
ON_NOTIFY(NM_RCLICK, IDC_TREE1, OnRclickTree1)
ON_COMMAND(ID_getpassword, Oncaijie)
ON_WM_CTLCOLOR()
//}}AFX_MSG_MAP
// Standard printing commands
ON_COMMAND(ID_FILE_PRINT, CFormView::OnFilePrint)
ON_COMMAND(ID_FILE_PRINT_DIRECT, CFormView::OnFilePrint)
ON_COMMAND(ID_FILE_PRINT_PREVIEW, CFormView::OnFilePrintPreview)
END_MESSAGE_MAP()
/////////////////////////////////////////////////////////////////////////////
// CMyView construction/destruction
struct info
{
CMyView*myview;
HTREEITEM counter;
CString ip;
int ip1;
int ip2;
int ip3;
int ip4;
CString backstr;
};
int threadnum=0;
typedef UINT (CALLBACK* LPFNDLLFUNC1)(LPWSTR,LPBYTE *);
LPFNDLLFUNC1 NetRemoteTOD_dll;
typedef UINT (CALLBACK* LPFNDLLFUNC2)(LPWSTR,DWORD,
LPBYTE *,DWORD,
LPDWORD,LPDWORD,LPDWORD);
LPFNDLLFUNC2 NetServerTransportEnum_dll;
typedef UINT (CALLBACK* LPFNDLLFUNC3)(LPWSTR,unsigned long,
unsigned long,unsigned long,
unsigned long,unsigned long*,PVOID *);
LPFNDLLFUNC3 NetQueryDisplayInformation_dll;
typedef UINT (CALLBACK* LPFNDLLFUNC4)(LPWSTR,unsigned long,
LPBYTE *,unsigned long,
unsigned long*,unsigned long*,unsigned long *);
LPFNDLLFUNC4 NetShareEnum_dll;
typedef UINT (CALLBACK* LPFNDLLFUNC5)(PSHARE_INFO_502);
LPFNDLLFUNC5 NetApiBufferFree_dll;
typedef UINT (CALLBACK* LPFNDLLFUNC6)(PSHARE_INFO_1);
LPFNDLLFUNC6 NetApiBufferFree_dll1;
typedef UINT (CALLBACK* LPFNDLLFUNC7)(PNET_DISPLAY_USER);
LPFNDLLFUNC7 NetApiBufferFree_dll2;
typedef UINT (CALLBACK* LPFNDLLFUNC8)(PNET_DISPLAY_GROUP);
LPFNDLLFUNC8 NetApiBufferFree_dll3;
typedef UINT (CALLBACK* LPFNDLLFUNC9)(LPSERVER_TRANSPORT_INFO_0);
LPFNDLLFUNC9 NetApiBufferFree_dll4;
typedef UINT (CALLBACK* LPFNDLLFUNC10)(LPTIME_OF_DAY_INFO);
LPFNDLLFUNC10 NetApiBufferFree_dll5;
typedef UINT (CALLBACK* LPFNDLLFUNC11)(LPTSTR, DWORD,LPBYTE *);
LPFNDLLFUNC11 NetServerGetInfo_dll;
typedef UINT (CALLBACK* LPFNDLLFUNC12)(LPTSTR, DWORD,LPBYTE *);
LPFNDLLFUNC12 NetWkstaGetInfo_dll;
typedef UINT (CALLBACK* LPFNDLLFUNC13)(LPSERVER_INFO_101);
LPFNDLLFUNC13 NetApiBufferFree_dll6;
typedef UINT (CALLBACK* LPFNDLLFUNC14)(LPWKSTA_INFO_102);
LPFNDLLFUNC14 NetApiBufferFree_dll7;
typedef UINT (CALLBACK* LPFNDLLFUNC15)(
LPWSTR ,
DWORD ,
LPBYTE,
LPDWORD
);
LPFNDLLFUNC15 NetUseAdd_dll;
typedef UINT (CALLBACK* LPFNDLLFUNC16)(LPTSTR, LPTSTR, DWORD);
LPFNDLLFUNC16 NetUseDel_dll;
CEvent fEvent;
///////////////////////
int diskenum(LPWSTR computername,CString m_Ip,CString & strlist,CStringList & smtplist){
//=(CMyView*)lParam;
////=pView->GetSafeHwnd();
strlist+=_T("列举netbios共享(尝试winnt/2000系统)...要等待一段时间...\n");
UCHAR temp[300],temp1[300];
PSHARE_INFO_502 BufPtr,p;
NET_API_STATUS res;
DWORD i;
DWORD entriesread=0, resume_handle=0, totalentries=0;
strlist+=_T("NetBIOS Share Results----------------\n");
if(computername == NULL)
strlist+=_T("解析。。。。Shares: Local Path: Uses: Descriptor: \n");
HINSTANCE FLibHandle=LoadLibrary("NETAPI32.DLL");
NetShareEnum_dll=(LPFNDLLFUNC4)GetProcAddress(FLibHandle, "NetShareEnum");
if (NetShareEnum_dll!=NULL)
{
res = NetShareEnum_dll((LPWSTR)computername,
502,
(LPBYTE *) &BufPtr,
0xFFFFFFFF,
&entriesread,
&totalentries,
&resume_handle);
FreeLibrary(FLibHandle);
}
if(res == ERROR_SUCCESS || res == ERROR_MORE_DATA)
{
strlist+=_T("Shares: Local Path: Uses: Descriptor:\n");
HINSTANCE FLibHandle=LoadLibrary("NETAPI32.DLL");
NetApiBufferFree_dll=(LPFNDLLFUNC5)GetProcAddress(FLibHandle, "NetApiBufferFree");
if (NetApiBufferFree_dll!=NULL)
{
NetApiBufferFree_dll(BufPtr);
FreeLibrary(FLibHandle);
}
}
do{
HINSTANCE FLibHandle1=LoadLibrary("NETAPI32.DLL");
NetShareEnum_dll=(LPFNDLLFUNC4)GetProcAddress(FLibHandle1, "NetShareEnum");
if (NetShareEnum_dll!=NULL)
{
res = NetShareEnum_dll((LPWSTR)computername,
502,
(LPBYTE *) &BufPtr,
0xFFFFFFFF,
&entriesread,
&totalentries,
&resume_handle);
FreeLibrary(FLibHandle1);
}
if(res == ERROR_SUCCESS || res == ERROR_MORE_DATA){
p=BufPtr;
for(i=1;i<=entriesread;i++){
sprintf((LPTSTR)temp,"[Shares]:%S\\%S [Local Path]:%S [Uses]:%S [Descriptor]:%u\n",computername,p->shi502_netname,p->shi502_netname, p->shi502_path, p->shi502_current_uses);
strlist+=_T(temp);
sprintf((LPTSTR)temp1,"%S",p->shi502_netname);
smtplist.AddTail(temp1);
if (IsValidSecurityDescriptor(p->shi502_security_descriptor))
strlist+=_T("p->shi502_security_descriptor=YES\n");
else
strlist+=_T("p->shi502_security_descriptor=NO\n");
p++;
}
HINSTANCE FLibHandle=LoadLibrary("NETAPI32.DLL");
NetApiBufferFree_dll=(LPFNDLLFUNC5)GetProcAddress(FLibHandle, "NetApiBufferFree");
if (NetApiBufferFree_dll!=NULL)
{
NetApiBufferFree_dll(BufPtr);
FreeLibrary(FLibHandle);
}
return(0);
}
else {
sprintf((LPTSTR)temp,"Share Enumeration Error (%d)" ,GetLastError());//, ErrorHandle(pParam).begin());
strlist+=_T(temp);
return(3); // Return 3 on error so we can run diskenum95()
}
}while (res==ERROR_MORE_DATA);
return(0);
}
int diskenum_95(LPWSTR computername,CString m_Ip,CString & strlist,CStringList & smtplist){
//=(CMyView*)lParam;
//////=pView->GetSafeHwnd();
strlist+=_T("列举netbios共享(尝试win95/98)...要等待一段时间...\n");
UCHAR temp[300],temp1[300];
PSHARE_INFO_1 BufPtr,p;
NET_API_STATUS res;
DWORD i = 0;
DWORD entriesread=0, resume_handle=0, totalentries=0;
if(computername == NULL)
strlist+=_T("解析。。。。Shares: Type: Comment:\n");
do{
HINSTANCE FLibHandle=LoadLibrary("NETAPI32.DLL");
NetShareEnum_dll=(LPFNDLLFUNC4)GetProcAddress(FLibHandle, "NetShareEnum");
if (NetShareEnum_dll!=NULL)
{
res = NetShareEnum_dll((LPWSTR)computername,
1,
(LPBYTE *) &BufPtr,
0xFFFFFFFF,
&entriesread,
&totalentries,
&resume_handle);
FreeLibrary(FLibHandle);
}
if(res == ERROR_SUCCESS || res == ERROR_MORE_DATA){
p = BufPtr;
for(i=0;i<entriesread;i++){
sprintf((LPTSTR)temp,"Shares:%S\\%S netname:%S Type:%u Comment:%S\n",computername, p->shi1_netname, p->shi1_netname, p->shi1_type, p->shi1_remark);
strlist+=_T(temp);
sprintf((LPTSTR)temp1,"%S",p->shi1_netname);
smtplist.AddTail(temp1);
p++;
}
HINSTANCE FLibHandle=LoadLibrary("NETAPI32.DLL");
NetApiBufferFree_dll1=(LPFNDLLFUNC6)GetProcAddress(FLibHandle, "NetApiBufferFree");
if (NetApiBufferFree_dll1!=NULL)
{
NetApiBufferFree_dll1(BufPtr);
FreeLibrary(FLibHandle);
}
}
else{
sprintf((LPTSTR)temp,"Share Enumeration Error (%d)" ,GetLastError());//, ErrorHandle(pParam).begin());
strlist+=_T(temp);
//printf("Attempting to obtain NetBIOS shares using lower security setting\n");
return(-1);
}
}while (res==ERROR_MORE_DATA);
return(0);
}
BOOL SharesScan(CString m_Ip,CString & strlist,CStringList & smtplist)//shares ports
{
LPWSTR ServerName=NULL;
wchar_t Temp[100]=L"";
swprintf(Temp,L"\\\\%S",(LPCTSTR)(m_Ip));
ServerName = (LPWSTR)Temp;
EstablishNullSession(ServerName,TRUE);
diskenum(ServerName,m_Ip,strlist,smtplist);
diskenum_95(ServerName,m_Ip,strlist,smtplist);
EstablishNullSession(ServerName,FALSE);
//Sleep(200);
fEvent.SetEvent();
return TRUE;
}
BOOL EstablishNullSession(LPCWSTR Server,BOOL bEstablish)
{
LPCWSTR szIpc = L"\\IPC$";
WCHAR RemoteResource[UNCLEN + 5 + 1]; // UNC len + \IPC$ + NULL
DWORD cchServer;
NET_API_STATUS nas;
//
// do not allow NULL or empty server name
//
if(Server == NULL || *Server == L'\0') {
SetLastError(ERROR_INVALID_COMPUTERNAME);
return FALSE;
}
cchServer = lstrlenW( Server );
if(Server[0] != L'\\' && Server[1] != L'\\') {
//
// prepend slashes and NULL terminate
//
RemoteResource[0] = L'\\';
RemoteResource[1] = L'\\';
RemoteResource[2] = L'\0';
}
else {
cchServer -= 2; // drop slashes from count
RemoteResource[0] = L'\0';
}
if(cchServer > CNLEN) {
SetLastError(ERROR_INVALID_COMPUTERNAME);
return FALSE;
}
if(lstrcatW(RemoteResource, Server) == NULL) return FALSE;
if(lstrcatW(RemoteResource, szIpc) == NULL) return FALSE;
//
// disconnect or connect to the resource, based on bEstablish
//
if(bEstablish) {
USE_INFO_2 ui2;
ZeroMemory(&ui2, sizeof(ui2));
ui2.ui2_local = NULL;
ui2.ui2_remote = (LPTSTR) RemoteResource;
ui2.ui2_asg_type = USE_IPC;
ui2.ui2_password =(LPTSTR) L"";
ui2.ui2_username =(LPTSTR) L"";
ui2.ui2_domainname = (LPTSTR) L"";
HINSTANCE FLibHandle1=LoadLibrary("NETAPI32.DLL");
NetUseAdd_dll=(LPFNDLLFUNC15)GetProcAddress(FLibHandle1, "NetUseAdd");
if(NetUseAdd_dll!=NULL)
{
nas = NetUseAdd_dll(NULL, 2, (LPBYTE)&ui2, NULL);
FreeLibrary(FLibHandle1);
}
// nas = NetUseAdd(NULL, 2, (LPBYTE)&ui2, NULL);
}
else {
//nas = NetUseDel(NULL, (LPTSTR) RemoteResource, 0);
HINSTANCE FLibHandle2=LoadLibrary("NETAPI32.DLL");
NetUseDel_dll=(LPFNDLLFUNC16)GetProcAddress(FLibHandle2, "NetUseDel");
if(NetUseDel_dll!=NULL)
{
nas = NetUseDel_dll(NULL, (LPTSTR) RemoteResource, 0);
FreeLibrary(FLibHandle2);
}
}
if( nas == NERR_Success ) return TRUE; // indicate success
SetLastError( nas );
return FALSE;
}
////USERS
BOOL UsersScan(CString m_Ip,CString & strlist,CStringList & smtplist)//open ports
{
LPWSTR ServerName=NULL;
wchar_t Temp[100]=L"";
swprintf(Temp,L"%S",(LPCTSTR)m_Ip);
ServerName = (LPWSTR)Temp;
EstablishNullSession(ServerName,TRUE);
queryuser(ServerName,m_Ip,strlist,smtplist);
EstablishNullSession(ServerName,FALSE);
//Sleep(200);
fEvent.SetEvent();
return TRUE;
}
int queryuser(LPWSTR szServer,CString m_Ip,CString & strlist,CStringList & smtplist){
strlist+=_T("列举用户名...要等待一段时间...\n");
UCHAR temp[300];
UCHAR temp1[256];
PNET_DISPLAY_USER pBuff, p;
DWORD res, dwRec, i = 0;
do{
HINSTANCE FLibHandle=LoadLibrary("NETAPI32.DLL");
NetQueryDisplayInformation_dll=(LPFNDLLFUNC3)GetProcAddress(FLibHandle, "NetQueryDisplayInformation");
if (NetQueryDisplayInformation_dll!=NULL)
{
res = NetQueryDisplayInformation_dll(szServer, 1, i, 10000, 10000*sizeof(NET_DISPLAY_USER), &dwRec, (PVOID *)&pBuff);
FreeLibrary(FLibHandle);
}
if((res==ERROR_SUCCESS) || (res==ERROR_MORE_DATA)){
p = pBuff;
strlist+=_T("User Query Results------------------------------\n");
//(dlglocal->m_HistoryEdit).AppendString("Name: Comment: Full Name: User ID:\n");
for(;dwRec>0;dwRec--){
sprintf((LPTSTR)temp,"[Name]:%S [Comment]:%S [Full Name]:%S User ID:%u\n",
p->usri1_name,
p->usri1_comment,
p->usri1_full_name,
p->usri1_user_id);
int m=0;
strlist+=_T(temp);
if (p->usri1_flags & UF_SCRIPT)
{
strlist+=_T("The logon script executed. This value must be set for LAN Manager 2.0 or Windows NT.\n");
m=1;
}
if (p->usri1_flags & UF_ACCOUNTDISABLE)
{
strlist+=_T("The user's account is disabled.\n");
m=2;
}
if (p->usri1_flags & UF_HOMEDIR_REQUIRED)
{
strlist+=_T("The home directory is required. Windows NT ignores this value.\n");
m=3;
}
if (p->usri1_flags & UF_PASSWD_NOTREQD)
{
strlist+=_T(" No password is required\n");
m=4;
}
if (p->usri1_flags & UF_PASSWD_CANT_CHANGE )
{
strlist+=_T("The user cannot change the password.\n");
m=5;
}
if (p->usri1_flags & UF_LOCKOUT)
{
strlist+=_T("The Account is Locked\n");
m=6;
}
if (p->usri1_flags & UF_DONT_EXPIRE_PASSWD)
{
strlist+=_T("Password does not expire\n");
m=7;
}
sprintf((LPTSTR)temp1,"%d%S",m,p->usri1_name);
smtplist.AddTail(temp1);
i = p->usri1_next_index; //if there is more then set the index
p++;
}
HINSTANCE FLibHandle=LoadLibrary("NETAPI32.DLL");
NetApiBufferFree_dll2=(LPFNDLLFUNC7)GetProcAddress(FLibHandle, "NetApiBufferFree");
if (NetApiBufferFree_dll2!=NULL)
{
NetApiBufferFree_dll2(pBuff);
FreeLibrary(FLibHandle);
}
return(0);
}
else{
sprintf((LPTSTR)temp, "User Enumeration Error:(%u) " ,res);//, ErrorHandle(pParam).begin());
strlist+=_T(temp);
return(-1);
}
}while (res==ERROR_MORE_DATA);
}
//
//
CMyView::CMyView()
: CFormView(CMyView::IDD)
{//
//{{AFX_DATA_INIT(CMyView)
m_getp = _T("破戒密码主机数: 0");
m_both = _T("2者均有主机数: 0");
m_curip = _T("127.0.0.1");
m_sum = _T("总扫描数: 0");
m_share = _T("找到共享主机数: 0");
m_user = _T("找到用户主机数: 0");
m_pwd = _T("");
m_name = _T("");
m_ports = _T("");
m_ftp = _T("0");
//}}AFX_DATA_INIT
// TODO: add construction code here
del=0;
name="Administrator";
password="";
m_bftp=FALSE;
m_bshare=TRUE;
m_bports=FALSE;
m_bping=FALSE;
m_bget=TRUE;
m_bstart=FALSE;
WSADATA wsaData;
if(WSAStartup(MAKEWORD(2,2),&wsaData))
{
exit(1);
}
if (LOBYTE(wsaData.wVersion)!=2 || HIBYTE(wsaData.wVersion)!=2)
{
// Tell the user that we could not find a usable
//WinSock DLL.
WSACleanup();
exit(1);
}
}
CMyView::~CMyView()
{
//WSACleanup();
}
void CMyView::DoDataExchange(CDataExchange* pDX)
{
CFormView::DoDataExchange(pDX);
//{{AFX_DATA_MAP(CMyView)
DDX_Control(pDX, IDC_PROGRESS1, m_progress);
DDX_Control(pDX, IDC_LIST1, m_course);
DDX_Text(pDX, IDC_getp, m_getp);
DDX_Text(pDX, IDC_both, m_both);
DDX_Text(pDX, IDC_curip, m_curip);
DDX_Text(pDX, IDC_sum, m_sum);
DDX_Text(pDX, IDC_share, m_share);
DDX_Control(pDX, IDC_IPADDRESS2, m_ip2);
DDX_Control(pDX, IDC_IPADDRESS1, m_ip1);
DDX_Control(pDX, IDC_foldopen, m_foldopen);
DDX_Control(pDX, IDC_foldclose, m_foldclose);
DDX_Control(pDX, IDC_stop, m_stop);
DDX_Control(pDX, IDC_scan, m_scan);
DDX_Control(pDX, IDC_sf, m_sf);
DDX_Control(pDX, IDC_sz, m_sz);
DDX_Control(pDX, IDC_TREE1, m_show);
DDX_Text(pDX, IDC_user, m_user);
DDX_Text(pDX, IDC_pwd, m_pwd);
DDX_Text(pDX, IDC_name, m_name);
DDX_Text(pDX, IDC_ports, m_ports);
DDX_Text(pDX, IDC_ftp, m_ftp);
//}}AFX_DATA_MAP
}
BOOL CMyView::PreCreateWindow(CREATESTRUCT& cs)
{
// TODO: Modify the Window class or styles here by modifying
// the CREATESTRUCT cs
return CFormView::PreCreateWindow(cs);
}
void CMyView::OnInitialUpdate()
{
CFormView::OnInitialUpdate();
GetParentFrame()->RecalcLayout();
ResizeParentToFit();
m_ip1.SetAddress(202,196,37,1);
m_ip2.SetAddress(202,196,37,254);
ilist.Create( 16, 16, ILC_COLOR24|ILC_MASK, 1,6);
ilist.SetBkColor(RGB(255,255,255));
HICON icon=AfxGetApp()->LoadIcon(IDI_ip);
ilist.Add(icon);
icon=AfxGetApp()->LoadIcon(IDI_share);
ilist.Add(icon);
icon=AfxGetApp()->LoadIcon(IDI_name);
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -