admin/SimpleRemoter
1
0
Fork 0
mirror of https://github.com/yuanyuanxiang/SimpleRemoter.git synced 2026-01-21 23:13:08 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
0a36f7edda7f34f6e5f65198db1ad36a36bfb3ba
SimpleRemoter/client/ServiceWrapper.c

506 lines
15 KiB
C
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
#include "ServiceWrapper.h"
#include "SessionMonitor.h"
#include <stdio.h>
#ifndef Mprintf
#ifdef _DEBUG
#define Mprintf printf
#else
#define Mprintf(format, ...)
#endif
#endif
// 外部声明
extern BOOL RunAsAgent(BOOL block);
// 静态变量
BOOL g_ServiceDirectMode = FALSE;
static SERVICE_STATUS g_ServiceStatus;
static SERVICE_STATUS_HANDLE g_StatusHandle = NULL;
static HANDLE g_StopEvent = INVALID_HANDLE_VALUE;
// 前向声明
static void WINAPI ServiceMain(DWORD argc, LPTSTR* argv);
static void WINAPI ServiceCtrlHandler(DWORD ctrlCode);
static void ServiceWriteLog(const char* message);
// 日志函数
static void ServiceWriteLog(const char* message)
{
FILE* f;
SYSTEMTIME st;
f = fopen("C:\\GhostService.log", "a");
if (f) {
GetLocalTime(&st);
fprintf(f, "[%04d-%02d-%02d %02d:%02d:%02d] %s\n",
st.wYear, st.wMonth, st.wDay,
st.wHour, st.wMinute, st.wSecond,
message);
fclose(f);
}
}
BOOL ServiceWrapper_CheckStatus(BOOL* registered, BOOL* running,
char* exePath, size_t exePathSize)
{
SC_HANDLE hSCM = NULL;
SC_HANDLE hService = NULL;
BOOL result = FALSE;
SERVICE_STATUS_PROCESS ssp;
DWORD bytesNeeded = 0;
DWORD bufSize = 0;
LPQUERY_SERVICE_CONFIGA pConfig = NULL;
*registered = FALSE;
*running = FALSE;
if (exePath && exePathSize > 0) {
exePath[0] = '\0';
}
// 打开 SCM
hSCM = OpenSCManagerA(NULL, NULL, SC_MANAGER_CONNECT);
if (!hSCM) {
return FALSE;
}
// 打开服务
hService = OpenServiceA(
hSCM,
SERVICE_NAME,
SERVICE_QUERY_STATUS | SERVICE_QUERY_CONFIG);
if (!hService) {
CloseServiceHandle(hSCM);
return FALSE; // 未注册
}
*registered = TRUE;
result = TRUE;
// 获取服务状态
memset(&ssp, 0, sizeof(ssp));
if (QueryServiceStatusEx(
hService,
SC_STATUS_PROCESS_INFO,
(LPBYTE)&ssp,
sizeof(SERVICE_STATUS_PROCESS),
&bytesNeeded)) {
*running = (ssp.dwCurrentState == SERVICE_RUNNING);
}
// 获取 EXE 路径
if (exePath && exePathSize > 0) {
QueryServiceConfigA(hService, NULL, 0, &bufSize);
if (GetLastError() == ERROR_INSUFFICIENT_BUFFER) {
pConfig = (LPQUERY_SERVICE_CONFIGA)malloc(bufSize);
if (pConfig) {
if (QueryServiceConfigA(hService, pConfig, bufSize, &bufSize)) {
strncpy(exePath, pConfig->lpBinaryPathName, exePathSize - 1);
exePath[exePathSize - 1] = '\0';
}
free(pConfig);
}
}
}
CloseServiceHandle(hService);
CloseServiceHandle(hSCM);
return result;
}
int ServiceWrapper_StartSimple(void)
{
SC_HANDLE hSCM = NULL;
SC_HANDLE hService = NULL;
BOOL ok;
int err;
// 打开SCM
hSCM = OpenSCManagerA(NULL, NULL, SC_MANAGER_CONNECT);
if (!hSCM) {
return (int)GetLastError();
}
// 打开服务并启动
hService = OpenServiceA(hSCM, SERVICE_NAME, SERVICE_START);
if (!hService) {
err = (int)GetLastError();
CloseServiceHandle(hSCM);
return err;
}
// 启动服务
ok = StartServiceA(hService, 0, NULL);
err = ok ? ERROR_SUCCESS : (int)GetLastError();
CloseServiceHandle(hService);
CloseServiceHandle(hSCM);
return err;
}
int ServiceWrapper_Run(void)
{
DWORD err;
char buffer[256];
SERVICE_TABLE_ENTRY ServiceTable[2];
ServiceTable[0].lpServiceName = (LPSTR)SERVICE_NAME;
ServiceTable[0].lpServiceProc = (LPSERVICE_MAIN_FUNCTION)ServiceMain;
ServiceTable[1].lpServiceName = NULL;
ServiceTable[1].lpServiceProc = NULL;
ServiceWriteLog("========================================");
ServiceWriteLog("ServiceWrapper_Run() called");
if (StartServiceCtrlDispatcher(ServiceTable) == FALSE) {
err = GetLastError();
sprintf(buffer, "StartServiceCtrlDispatcher failed: %d", (int)err);
ServiceWriteLog(buffer);
return (int)err;
}
return ERROR_SUCCESS;
}
static void WINAPI ServiceMain(DWORD argc, LPTSTR* argv)
{
HANDLE hThread;
(void)argc;
(void)argv;
ServiceWriteLog("ServiceMain() called");
g_StatusHandle = RegisterServiceCtrlHandler(
SERVICE_NAME,
ServiceCtrlHandler
);
if (g_StatusHandle == NULL) {
ServiceWriteLog("RegisterServiceCtrlHandler failed");
return;
}
ZeroMemory(&g_ServiceStatus, sizeof(g_ServiceStatus));
g_ServiceStatus.dwServiceType = SERVICE_WIN32_OWN_PROCESS;
g_ServiceStatus.dwCurrentState = SERVICE_START_PENDING;
g_ServiceStatus.dwControlsAccepted = 0;
g_ServiceStatus.dwWin32ExitCode = 0;
g_ServiceStatus.dwServiceSpecificExitCode = 0;
g_ServiceStatus.dwCheckPoint = 0;
g_ServiceStatus.dwWaitHint = 0;
SetServiceStatus(g_StatusHandle, &g_ServiceStatus);
g_StopEvent = CreateEvent(NULL, TRUE, FALSE, NULL);
if (g_StopEvent == NULL) {
ServiceWriteLog("CreateEvent failed");
g_ServiceStatus.dwCurrentState = SERVICE_STOPPED;
g_ServiceStatus.dwWin32ExitCode = GetLastError();
SetServiceStatus(g_StatusHandle, &g_ServiceStatus);
return;
}
g_ServiceStatus.dwControlsAccepted = SERVICE_ACCEPT_STOP;
g_ServiceStatus.dwCurrentState = SERVICE_RUNNING;
g_ServiceStatus.dwWin32ExitCode = 0;
g_ServiceStatus.dwCheckPoint = 0;
SetServiceStatus(g_StatusHandle, &g_ServiceStatus);
ServiceWriteLog("Service is now running");
hThread = CreateThread(NULL, 0, ServiceWrapper_WorkerThread, NULL, 0, NULL);
if (hThread) {
WaitForSingleObject(hThread, INFINITE);
CloseHandle(hThread);
}
CloseHandle(g_StopEvent);
g_ServiceStatus.dwControlsAccepted = 0;
g_ServiceStatus.dwCurrentState = SERVICE_STOPPED;
g_ServiceStatus.dwWin32ExitCode = 0;
g_ServiceStatus.dwCheckPoint = 3;
SetServiceStatus(g_StatusHandle, &g_ServiceStatus);
ServiceWriteLog("Service stopped");
}
static void WINAPI ServiceCtrlHandler(DWORD ctrlCode)
{
switch (ctrlCode) {
case SERVICE_CONTROL_STOP:
ServiceWriteLog("SERVICE_CONTROL_STOP received");
if (g_ServiceStatus.dwCurrentState != SERVICE_RUNNING)
break;
g_ServiceStatus.dwControlsAccepted = 0;
g_ServiceStatus.dwCurrentState = SERVICE_STOP_PENDING;
g_ServiceStatus.dwWin32ExitCode = 0;
g_ServiceStatus.dwCheckPoint = 4;
g_ServiceStatus.dwWaitHint = 0;
SetServiceStatus(g_StatusHandle, &g_ServiceStatus);
SetEvent(g_StopEvent);
break;
case SERVICE_CONTROL_INTERROGATE:
SetServiceStatus(g_StatusHandle, &g_ServiceStatus);
break;
default:
break;
}
}
// 服务工作线程
DWORD WINAPI ServiceWrapper_WorkerThread(LPVOID lpParam)
{
SessionMonitor monitor;
int heartbeatCount = 0;
char buf[128];
(void)lpParam; // 未使用参数
if (g_ServiceDirectMode) {
// 直接模式在服务进程中运行SYSTEM权限
ServiceWriteLog("Running in DIRECT mode (SYSTEM)");
RunAsAgent(FALSE);
WaitForSingleObject(g_StopEvent, INFINITE);
return ERROR_SUCCESS;
}
ServiceWriteLog("========================================");
ServiceWriteLog("Worker thread started");
ServiceWriteLog("Service will launch agent in user sessions");
// 初始化会话监控器
SessionMonitor_Init(&monitor);
if (!SessionMonitor_Start(&monitor)) {
ServiceWriteLog("ERROR: Failed to start session monitor");
SessionMonitor_Cleanup(&monitor);
return ERROR_SERVICE_SPECIFIC_ERROR;
}
ServiceWriteLog("Session monitor started successfully");
ServiceWriteLog("Agent will be launched automatically");
// 主循环,只等待停止信号
// SessionMonitor 会在后台自动:
// 1. 监控会话
// 2. 在用户会话中启动 agent.exe
// 3. 监视代理进程,如果退出自动重启
while (WaitForSingleObject(g_StopEvent, 10000) != WAIT_OBJECT_0) {
heartbeatCount++;
if (heartbeatCount % 6 == 0) { // 每60秒记录一次
sprintf(buf, "Service heartbeat - uptime: %d minutes", heartbeatCount);
ServiceWriteLog(buf);
}
}
ServiceWriteLog("Stop signal received");
ServiceWriteLog("Stopping session monitor...");
SessionMonitor_Stop(&monitor);
SessionMonitor_Cleanup(&monitor);
ServiceWriteLog("Worker thread exiting");
ServiceWriteLog("========================================");
return ERROR_SUCCESS;
}
void ServiceWrapper_Install(void)
{
SC_HANDLE schSCManager;
SC_HANDLE schService;
char szPath[MAX_PATH];
SERVICE_DESCRIPTION sd;
SERVICE_STATUS status;
DWORD err;
schSCManager = OpenSCManager(
NULL,
NULL,
SC_MANAGER_ALL_ACCESS
);
if (schSCManager == NULL) {
Mprintf("ERROR: OpenSCManager failed (%d)\n", (int)GetLastError());
Mprintf("Please run as Administrator\n");
return;
}
if (!GetModuleFileName(NULL, szPath, MAX_PATH)) {
Mprintf("ERROR: GetModuleFileName failed (%d)\n", (int)GetLastError());
CloseServiceHandle(schSCManager);
return;
}
Mprintf("Installing service...\n");
Mprintf("Executable path: %s\n", szPath);
schService = CreateService(
schSCManager,
SERVICE_NAME,
SERVICE_DISPLAY,
SERVICE_ALL_ACCESS,
SERVICE_WIN32_OWN_PROCESS,
SERVICE_AUTO_START,
SERVICE_ERROR_NORMAL,
szPath,
NULL, NULL, NULL, NULL, NULL
);
if (schService == NULL) {
err = GetLastError();
if (err == ERROR_SERVICE_EXISTS) {
Mprintf("INFO: Service already exists\n");
// 打开已存在的服务
schService = OpenService(schSCManager, SERVICE_NAME, SERVICE_ALL_ACCESS);
if (schService) {
Mprintf("SUCCESS: Service is already installed\n");
CloseServiceHandle(schService);
}
} else if (err == ERROR_ACCESS_DENIED) {
Mprintf("ERROR: Access denied. Please run as Administrator\n");
} else {
Mprintf("ERROR: CreateService failed (%d)\n", (int)err);
}
CloseServiceHandle(schSCManager);
return;
}
Mprintf("SUCCESS: Service created successfully\n");
// 设置服务描述
sd.lpDescription = (LPSTR)SERVICE_DESC;
if (ChangeServiceConfig2(schService, SERVICE_CONFIG_DESCRIPTION, &sd)) {
Mprintf("SUCCESS: Service description set\n");
}
// 立即启动服务
Mprintf("Starting service...\n");
if (StartService(schService, 0, NULL)) {
Mprintf("SUCCESS: Service started successfully\n");
// 等待服务启动
Sleep(2000);
// 检查服务状态
if (QueryServiceStatus(schService, &status)) {
if (status.dwCurrentState == SERVICE_RUNNING) {
Mprintf("SUCCESS: Service is running\n");
} else {
Mprintf("WARNING: Service state: %d\n", (int)status.dwCurrentState);
}
}
} else {
err = GetLastError();
if (err == ERROR_SERVICE_ALREADY_RUNNING) {
Mprintf("INFO: Service is already running\n");
} else {
Mprintf("WARNING: StartService failed (%d)\n", (int)err);
Mprintf("You can start it manually using: net start %s\n", SERVICE_NAME);
}
}
CloseServiceHandle(schService);
CloseServiceHandle(schSCManager);
Mprintf("\n=== Installation Complete ===\n");
Mprintf("Service installed successfully!\n");
Mprintf("\n");
Mprintf("IMPORTANT: This is a single-executable design.\n");
Mprintf("The service will launch '%s -agent' in user sessions.\n", szPath);
Mprintf("\n");
Mprintf("Logs will be written to:\n");
Mprintf(" - C:\\GhostService.log (service logs)\n");
Mprintf(" - C:\\SessionMonitor.log (session monitor logs)\n");
Mprintf("\n");
Mprintf("Commands:\n");
Mprintf(" To verify: sc query %s\n", SERVICE_NAME);
Mprintf(" To start: net start %s\n", SERVICE_NAME);
Mprintf(" To stop: net stop %s\n", SERVICE_NAME);
}
void ServiceWrapper_Uninstall(void)
{
SC_HANDLE schSCManager;
SC_HANDLE schService;
SERVICE_STATUS status;
int waitCount;
DWORD err;
schSCManager = OpenSCManager(
NULL,
NULL,
SC_MANAGER_ALL_ACCESS
);
if (schSCManager == NULL) {
Mprintf("ERROR: OpenSCManager failed (%d)\n", (int)GetLastError());
Mprintf("Please run as Administrator\n");
return;
}
schService = OpenService(
schSCManager,
SERVICE_NAME,
SERVICE_STOP | DELETE
);
if (schService == NULL) {
Mprintf("ERROR: OpenService failed (%d)\n", (int)GetLastError());
Mprintf("Service may not be installed\n");
CloseServiceHandle(schSCManager);
return;
}
Mprintf("Stopping service...\n");
if (ControlService(schService, SERVICE_CONTROL_STOP, &status)) {
Mprintf("Waiting for service to stop");
Sleep(1000);
waitCount = 0;
while (QueryServiceStatus(schService, &status) && waitCount < 30) {
if (status.dwCurrentState == SERVICE_STOP_PENDING) {
Mprintf(".");
Sleep(1000);
waitCount++;
} else {
break;
}
}
Mprintf("\n");
if (status.dwCurrentState == SERVICE_STOPPED) {
Mprintf("SUCCESS: Service stopped\n");
} else {
Mprintf("WARNING: Service may not have stopped completely\n");
}
} else {
err = GetLastError();
if (err == ERROR_SERVICE_NOT_ACTIVE) {
Mprintf("INFO: Service was not running\n");
} else {
Mprintf("WARNING: Failed to stop service (%d)\n", (int)err);
}
}
Mprintf("Deleting service...\n");
if (DeleteService(schService)) {
Mprintf("SUCCESS: Service uninstalled successfully\n");
} else {
Mprintf("ERROR: DeleteService failed (%d)\n", (int)GetLastError());
}
CloseServiceHandle(schService);
CloseServiceHandle(schSCManager);
Mprintf("\n=== Uninstallation Complete ===\n");
}
Reference in New Issue View Git Blame Copy Permalink