64,676
社区成员
发帖
与我相关
我的任务
分享
void CServerDlg::OnClientRecive(CONNID dwConnID, DWORD dwCommand, const BYTE* pData, int iLength)
{
try{
switch (dwCommand)
{
case 99999:
{
char *buff = new char[iLength+1];
memset(buff, 0, iLength +1);
memcpy(buff, pData, iLength);
SoftCloseByNickname(buff);
delete [] buff;
break;
}
case CMD_ASK_PWD:
{
//InsertLog("收到密钥请求");
//AfxMessageBox("收到密钥请求");
//生成密钥
string pwd = GenerateRandPwd();
tagClientPwd *pClientPwd = new tagClientPwd;
::memset(pClientPwd->szPwd, 0, 17);
pClientPwd->connId = dwConnID;
strcpy(pClientPwd->szPwd, pwd.c_str());
m_ptrClientPwd.AddTail(pClientPwd);
//发送密钥
std::string encoded_data = base64_encode(reinterpret_cast<const unsigned char*>(pwd.c_str()), pwd.size());
m_ClientServer.Send(dwConnID, CMD_PWD_RESULT, (BYTE*)encoded_data.c_str(), encoded_data.size());
}
break;
case CMD_FIND_WINDOW_TITLE:
{
//AfxMessageBox("找到窗口!");
tagHackToolCheck *buff = new tagHackToolCheck();
::memset(buff, 0, sizeof(tagHackToolCheck));
memcpy(buff, pData, iLength);
SYSTEMTIME str;
GetLocalTime(&str);
CString time;
time.Format("wglog\\窗口-%d-%d-%d.txt",str.wYear,str.wMonth,str.wDay);
FILE *fp = fopen(time, "at+");
if (fp)
{
SYSTEMTIME st;
GetLocalTime(&st);
CString output;
output.Format("%d-%d-%d %d:%d:%d [%s] 使用外挂-> %s \n", st.wYear, st.wMonth, st.wDay, st.wHour, st.wMinute, st.wSecond,buff->nickname,buff->flag);
fputs(output.GetBuffer(0), fp);
fclose(fp);
//m_editCtrl += CString("\n") + output;
//UpdateData( FALSE );
SoftCloseByNickname(buff->nickname);
ClearHeartInfo(buff->nickname);
}
delete buff;
break;
}
case CMD_FIND_PROCESS:
{
tagHackToolCheck *buff = new tagHackToolCheck();
::memset(buff, 0, sizeof(tagHackToolCheck));
memcpy(buff, pData, iLength);
SYSTEMTIME str;
GetLocalTime(&str);
CString time;
time.Format("wglog\\进程-%d-%d-%d.txt",str.wYear,str.wMonth,str.wDay);
FILE *fp = fopen(time, "at+");
if (fp)
{
SYSTEMTIME st;
GetLocalTime(&st);
CString output;
output.Format("%d-%d-%d %d:%d:%d [%s] 使用外挂-> %s \n", st.wYear, st.wMonth, st.wDay, st.wHour, st.wMinute, st.wSecond,buff->nickname,buff->flag);
//m_editCtrl += CString("\n") + output;
//UpdateData( FALSE );
fputs(output.GetBuffer(0), fp);
fclose(fp);
SoftCloseByNickname(buff->nickname);
ClearHeartInfo(buff->nickname);
}
delete buff;
break;
}
//这里是加密窗口关键词 有问题 先注释
/*
case CMD_ASK_WINDOW_KEYWORDS:
{
string pwd = "";
POSITION pos = m_ptrClientPwd.GetHeadPosition();
while (pos != NULL)
{
POSITION temp = pos;
tagClientPwd* pInfo = (tagClientPwd*)m_ptrClientPwd.GetNext(pos);
if (pInfo != NULL)
{
if (pInfo->connId == dwConnID)
{
pwd = pInfo->szPwd;
break;
}
}
}
if (pwd.empty())
{
return;
}
string windowKeywords;
FILE* fp = fopen("window.txt", "r");
if (fp)
{
char line[128];
memset(line, 0, 128);
while(!feof(fp))
{
fgets(line, 128, fp);
if (line[strlen(line)-1] == '\n'){
line[strlen(line)-1] = '\0';
}
if (line[strlen(line)-1] == '\r'){
line[strlen(line)-1] = '\0';
}
windowKeywords += line + string(",");
}
fclose(fp);
}
windowKeywords[windowKeywords.size()-1] = '\0';
//m_editCtrl += CString("\n窗口关键字:") + windowKeywords.c_str();
//UpdateData( FALSE );
//CString str;
//str.Format("%d", windowKeywords.size());
//AfxMessageBox(str);
AES aes((unsigned char*)pwd.c_str());
char *buff = new char[1024];
::memset(buff, 0, 1024);
memcpy(buff, (char*)windowKeywords.c_str(), windowKeywords.size());
buff = (char *)aes.encode(buff, 1024);
std::string encoded_data = base64_encode(reinterpret_cast<const unsigned char*>(buff), 1024);
//AfxMessageBox(encoded_data.c_str());
byte * sendbuff = new byte[encoded_data.size()+1];
memset(sendbuff, 0,encoded_data.size()+1);
memcpy(sendbuff, encoded_data.c_str(), encoded_data.size());
m_ClientServer.Send(dwConnID, CMD_WINDOW_DATA, sendbuff, encoded_data.size());
//BOOL bRet = m_ClientServer.Send(dwConnID, CMD_WINDOW_DATA, sendbuff, windowKeywords.size());
//if (!bRet)
//{
// AfxMessageBox("窗口关键字发送失败!");
//}
delete [] sendbuff;
delete [] buff;
break;
}
*/
case CMD_ASK_WINDOW_KEYWORDS:
{
string windowKeywords;
FILE* fp = fopen("window.txt", "r");
if (fp)
{
char line[128];
memset(line, 0, 128);
while(!feof(fp))
{
fgets(line, 128, fp);
if (line[strlen(line)-1] == '\n'){
line[strlen(line)-1] = '\0';
}
if (line[strlen(line)-1] == '\r'){
line[strlen(line)-1] = '\0';
}
windowKeywords += line + string(",");
}
fclose(fp);
}
windowKeywords[windowKeywords.size()-1] = '\0';
//m_editCtrl += CString("\n窗口关键字:") + windowKeywords.c_str();
//UpdateData( FALSE );
windowKeywords = base64_encode((unsigned char *)windowKeywords.c_str(), windowKeywords.length());//加密
byte * sendbuff = new byte[windowKeywords.size()];
memset(sendbuff, 0,windowKeywords.size());
memcpy(sendbuff, windowKeywords.c_str(), windowKeywords.size());
m_ClientServer.Send(dwConnID, CMD_WINDOW_DATA, sendbuff, windowKeywords.size());
//BOOL bRet = m_ClientServer.Send(dwConnID, CMD_WINDOW_DATA, sendbuff, windowKeywords.size());
//if (!bRet)
//{
// AfxMessageBox("窗口关键字发送失败!");
//}
delete [] sendbuff;
break;
}
case CMD_ASK_PROCESS_KEYWORDS:
{
string processKeywords;
FILE* fp = fopen("process.txt", "r");
if (fp)
{
char line[128];
memset(line, 0, 128);
while(!feof(fp))
{
fgets(line, 128, fp);
if (line[strlen(line)-1] == '\n'){
line[strlen(line)-1] = '\0';
}
if (line[strlen(line)-1] == '\r'){
line[strlen(line)-1] = '\0';
}
processKeywords += line + string(",");
}
fclose(fp);
}
processKeywords[processKeywords.size()-1] = '\0';
//m_editCtrl += CString("\n进程关键字:") + processKeywords.c_str();
//UpdateData( FALSE );
processKeywords = base64_encode((unsigned char *)processKeywords.c_str(), processKeywords.length());//加密
byte * sendbuff = new byte[processKeywords.size()];
memset(sendbuff, 0, processKeywords.size());
memcpy(sendbuff, processKeywords.c_str(), processKeywords.size());
m_ClientServer.Send(dwConnID, CMD_PROCESS_DATA, sendbuff, processKeywords.size());
delete [] sendbuff;
break;
}
case CMD_ASK_DLL_KEYWORDS:
{
string dllKeywords;
FILE* fp = fopen("dll.txt", "r");
if (fp)
{
char line[128];
memset(line, 0, 128);
while(!feof(fp))
{
fgets(line, 128, fp);
if (line[strlen(line)-1] == '\n'){
line[strlen(line)-1] = '\0';
}
if (line[strlen(line)-1] == '\r'){
line[strlen(line)-1] = '\0';
}
dllKeywords += line + string(",");
}
fclose(fp);
}
dllKeywords[dllKeywords.size()-1] = '\0';
//m_editCtrl += CString("\n进程关键字:") + processKeywords.c_str();
//UpdateData( FALSE );
dllKeywords = base64_encode((unsigned char *)dllKeywords.c_str(), dllKeywords.length());//加密
byte * sendbuff = new byte[dllKeywords.size()];
memset(sendbuff, 0, dllKeywords.size());
memcpy(sendbuff, dllKeywords.c_str(), dllKeywords.size());
m_ClientServer.Send(dwConnID, CMD_DLL_DATA, sendbuff, dllKeywords.size());
delete [] sendbuff;
break;
}
case CMD_FIND_DLLINJECT:
{
tagDllInjectCheckReult *buff = new tagDllInjectCheckReult();
::memset(buff, 0, sizeof(tagDllInjectCheckReult));
memcpy(buff, pData, iLength);
SYSTEMTIME str;
GetLocalTime(&str);
CString time;
time.Format("wglog\\DLL-%d-%d-%d.txt",str.wYear,str.wMonth,str.wDay);
FILE *fp = fopen(time, "at+");
if (fp)
{
SYSTEMTIME st;
GetLocalTime(&st);
CString output;
output.Format("%d-%d-%d %d:%d:%d [%s] 使用DLL注入-> %s \n", st.wYear, st.wMonth, st.wDay, st.wHour, st.wMinute, st.wSecond,buff->nickname,buff->dllPath);
//m_editCtrl += CString("\n") + output;
//UpdateData( FALSE );
fputs(output.GetBuffer(0), fp);
fclose(fp);
SoftCloseByNickname(buff->nickname);
ClearHeartInfo(buff->nickname);
}
delete buff;
break;
}
case CMD_HEARTBEAT:
{
// AfxMessageBox("收到心跳包");
// InsertLog("收到心跳包");
string pwd = "";
POSITION pos = m_ptrClientPwd.GetHeadPosition();
while (pos != NULL)
{
POSITION temp = pos;
tagClientPwd* pInfo = (tagClientPwd*)m_ptrClientPwd.GetNext(pos);
if (pInfo != NULL)
{
if (pInfo->connId == dwConnID)
{
pwd = pInfo->szPwd;
break;
}
}
}
if (pwd.empty())
{
return;
}
// 加密数据
char *pPwdData = new char[iLength-128+1];
memset(pPwdData, 0, iLength-128+1);
memcpy(pPwdData, pData, iLength-128);
pPwdData[iLength-128] = '\0';
// 角色名
char *pNickname = new char[128];
memset(pNickname, 0, 128);
memcpy(pNickname, pData+iLength-128, 128);
// 校验心跳包
AES aes((unsigned char*)pwd.c_str());
char *buff = new char[1024];
::memset(buff, 0, 1024);
memcpy(buff, (char*)pwd.c_str(), pwd.size());
buff = (char *)aes.encode(buff, 1024);
std::string encoded_data = base64_encode(reinterpret_cast<const unsigned char*>(buff), 1024);
if (CString(pPwdData).Trim() == CString(encoded_data.c_str()).Trim())
{
POSITION pos = m_ptrClientHeartLog.GetHeadPosition()