//////////////////////////////////////////////////////////////////////////////////////////////////
//
// Main entry
//
int _tmain(int argc, _TCHAR* argv[])
{
SetConsoleTitle(_T("Remove Watermark Demo (Code by deepxw)"));
_tcprintf(_T("Notice:\n"));
_tcprintf(_T(" This program is not a full function tool, it's only a demo for programer!\n\n"));
// get handle of current console
m_hConsole = GetStdHandle(STD_OUTPUT_HANDLE);
// Get Watermark string
// GetWatermarkFromMuiFile(_T("b:\\user32.dll.mui"));
//
// Check args
//
if (argc == 2)
{
// Get Watermark string
GetWatermarkFromMuiFile(argv[1]);
}
else
{
_tcprintf(_T("Usage:\n"));
_tcprintf(_T(" RemoveWatermark MuiFileName\n"));
}
getchar();
return 0;
}
int main(int argc, char *argv[])
{
{
_tcprintf( _T( "\nCopyright 2008 Eya Interactive Co.Ltd. All rights reservered\n\n" ) );
_tcprintf( _T( "\t q: exit program\n\n\n" ) );
}
{
TCHAR title[ MAX_PATH ] = { 0 };
_stprintf(
title,
_T( "Welcome to Recovery Server %d.%d.%d" ),
MAJORVERSION,
MINORVERSION,
BUILDNUMBER );
PutLog( title );
_stprintf(
title,
_T( "Lune Online: Recovery Server %d.%d" ),
MAJORVERSION,
MINORVERSION );
SetConsoleTitle( title );
SetConsoleCtrlHandler( ConsoleCtrlHandler, TRUE );
}
recoverySystem = new CMSSystem;
if( recoverySystem->IsRunning() )
{
isRunning = true;
}
else
{
SAFE_DELETE( recoverySystem );
return 0;
}
while( true )
{
switch( tolower( getch() ) )
{
case 'q':
{
Exit();
break;
}
}
if( ! isRunning )
{
break;
}
};
return 0;
}
BOOL ExecuteFile( LPCTSTR lpszFilename, LPCTSTR lpszInstallParam, DWORD &dwExitCode, BOOL &bHijacked )
{
if (!lpszFilename || !lpszInstallParam || !PathFileExists(lpszFilename))
return FALSE;
CString strCmdline;
LPCTSTR pExt = _tcsrchr(lpszFilename, _T('.'));
if( pExt && _tcsicmp( pExt, _T(".msu") ) == 0 )
{
TCHAR szWusaPath[MAX_PATH];
GetSystemWindowsDirectory(szWusaPath, MAX_PATH);
_tcscat(szWusaPath, _T("\\system32\\wusa.exe"));
strCmdline.Format( _T("%s \"%s\" %s"), szWusaPath, lpszFilename, lpszInstallParam );
}
else
strCmdline.Format( _T("\"%s\" %s"), lpszFilename, lpszInstallParam );
TCHAR szCmdline[MAX_PATH] = {0};
_tcscpy(szCmdline, strCmdline);
STARTUPINFO si = { 0 };
PROCESS_INFORMATION pi={0};
ZeroMemory(&si, sizeof( si ));
ZeroMemory(&pi, sizeof(pi));
si.cb = sizeof(STARTUPINFO);
BOOL processCreated = CreateProcess(NULL, szCmdline, NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi);
if(!processCreated)
return FALSE;
WaitForSingleObject(pi.hProcess, INFINITE);
bHijacked = FALSE;
// 检查是否被360 拦截
union MFILETIME
{
FILETIME ft;
__int64 i64;
};
MFILETIME tmCreate, tmExit, tmKernel, tmUser;
GetProcessTimes(pi.hProcess, &tmCreate.ft, &tmExit.ft, &tmKernel.ft, &tmUser.ft);
if( tmKernel.i64==0 || tmUser.i64==0 )
bHijacked = TRUE;
dwExitCode = 0;
GetExitCodeProcess(pi.hProcess, &dwExitCode);
CloseHandle(pi.hProcess);
CloseHandle(pi.hThread);
#ifdef _DEBUG
_tcprintf(_T("%s %s -> %d(%s)\n"), lpszFilename, lpszInstallParam, dwExitCode, bHijacked ? _T("Hijacked"):_T("OK") );
#endif
return TRUE;
}
void V2Ray::start()
{
PROCESS_INFORMATION processInfo{};
STARTUPINFO startUpInfo{};
startUpInfo.cb = sizeof(STARTUPINFO);
startUpInfo.dwFlags = STARTF_USESHOWWINDOW;
startUpInfo.wShowWindow = SW_HIDE;
if (!CreateProcess(NULL, _tcsdup(_T("v2ray.exe")), NULL, NULL, FALSE, NULL, NULL, _T("."), &startUpInfo, &processInfo))
{
_tcprintf(_T("cannot create process %d\n"), GetLastError());
}
m_hProcess = processInfo.hProcess;
}
HRESULT WINAPI ExpressScanLeak(IVulCollection **pVulCollection, DWORD dwFlags, BOOL bQuickScan)
{
TIME_CHECK( _T("ExpressScanLeak ") );
ATLASSERT(pVulCollection);
CVulCollection *pCollection = new CImplIUnkownT<CVulCollection>;
BOOL bFoundSysVuls = FALSE;
IVulfix *pscan = new CImplVulfix;
dwFlags |= VULSCAN_EXPRESS_SCAN;
if( bQuickScan && RequireUsingInterface() )
// Vista 进行快速扫描
{
pCollection->m_nStatus = pscan->ExpressScanSystem();
pCollection->m_statusValid = TRUE;
bFoundSysVuls = pCollection->m_nStatus>0;
}
else
{
pCollection->m_statusValid = FALSE;
if( SUCCEEDED( pscan->Scan(dwFlags) ))
{
const CSimpleArray<LPTUpdateItem> &arr = pscan->GetResults();
for(int i=0; i<arr.GetSize(); ++i)
{
LPTUpdateItem pLeak = arr[i];
#ifdef _DEBUG
_tcprintf(_T("-Quick.VUL %d %2d %s \n"), pLeak->nID, pLeak->nWarnLevel, pLeak->strName);
#endif
if( pLeak->isIgnored || pLeak->nWarnLevel<=0 || pLeak->isExclusive )
continue;
TOverviewItem item;
item.nLeakType = VTYPE_WINDOWS;
item.nID = pLeak->nID;
item.nLeakLevel = pLeak->nWarnLevel;
item.dwFlags = pLeak->dwVFlags;
item.strTitle = pLeak->strName;
item.strDescription = pLeak->strDescription;
item.strPubDate = pLeak->strPubdate;
pCollection->leaks.Add( item );
}
}
bFoundSysVuls = pCollection->leaks.GetSize()>0;
// 如果没有找到系统漏洞, 则搜索软件漏洞
if(!bFoundSysVuls)
{
const CSimpleArray<LPTVulSoft> &arr = pscan->GetSoftVuls();
for(int i=0; i<arr.GetSize(); ++i)
{
LPTVulSoft psoft = arr[i];
#ifdef _DEBUG
_tcprintf(_T("-Quick.SOFT %d %2d %s \n"), psoft->nID, psoft->nLevel, psoft->strName);
#endif
if(psoft->isIgnored || psoft->state.comState==COM_ALL_DISABLED)
continue;
TOverviewItem item;
item.nLeakType = VTYPE_SOFTLEAK;
item.nID = psoft->nID;
item.nLeakLevel = psoft->nLevel;
item.dwFlags = 0;
item.strTitle = psoft->strName;
item.strDescription = psoft->strDescription;
item.strPubDate = psoft->strPubdate;
pCollection->leaks.Add( item );
}
}
}
delete pscan;
*pVulCollection = pCollection;
return S_OK;
}
/*
715, "%wsWindows %ws"
716, "%ws Build %ws"
717, "Evaluation copy."
718, "For testing purposes only."
723, "%wsMicrosoft (R) Windows (R) (Build %ws: %ws)"
737, "This copy of Windows is not genuine"
738, "Test Mode"
*/
BOOL GetWatermarkFromMuiFile(LPTSTR pszFile)
{
_tcprintf(_T("File name:\t%s\n"), pszFile);
if (!PathFileExists(pszFile))
{
_tcprintf(_T("File not found!\n"));
return FALSE;
}
//
// Check file version, we need to get the language ID of the mui file.
//
MYVERSIONINFO vi;
ZeroMemory(&vi, sizeof(MYVERSIONINFO));
vi.dwSize = sizeof(MYVERSIONINFO);
if (!GetDllFileVersion(pszFile, &vi))
{
_tcprintf(_T("Fail to get file version info!\n"));
return FALSE;
}
_tcprintf(_T("File version:\t%s\n"), vi.szShortVersion);
//
// Load mui file to memory
//
HINSTANCE hInstLib = NULL;
hInstLib = LoadLibraryEx(pszFile, NULL, DONT_RESOLVE_DLL_REFERENCES | LOAD_LIBRARY_AS_DATAFILE);
if( NULL == hInstLib )
{
_tcprintf(_T("Fail to open file user32.dll.mui!\n"));
return FALSE;
}
//
// Get file type
//
PIMAGE_DOS_HEADER pDOSHeader = (PIMAGE_DOS_HEADER)((DWORD_PTR)hInstLib - 1);
PIMAGE_NT_HEADERS pNTHeader = (PIMAGE_NT_HEADERS) (pDOSHeader->e_lfanew + (DWORD_PTR)pDOSHeader);
_tcprintf(_T("File type:\t"));
switch (pNTHeader->FileHeader.Machine)
{
case IMAGE_FILE_MACHINE_I386:
_tcprintf(_T("x86"));
break;
case IMAGE_FILE_MACHINE_AMD64:
_tcprintf(_T("x64"));
break;
case IMAGE_FILE_MACHINE_IA64:
_tcprintf(_T("ia64"));
break;
default:
_tcprintf(_T("Unknown\nThis is not a valid file.\n"));
FreeLibrary(hInstLib);
return FALSE;
}
UINT uStringID;
UINT uStringIDS[] = {715, 716, 717, 718, 738, 723, 737};
BOOL bHasPatched = FALSE;
UINT i = 0;
UINT uMatchingString = 0;
// Create string info lists
SINGLE_LIST_ENTRY StringsHead;
PSINGLE_LIST_ENTRY psLink;
PRES_STRING_INFO pStrInfo;
StringsHead.Next = NULL;
_tcprintf(_T("\n\n ID String Offset Len Mod"));
_tcprintf( _T("\n----- ---------------------------------------------------- ------ --- ---"));
for (i=0; i < sizeof(uStringIDS)/sizeof(UINT); i++)
{
// Add a entry
pStrInfo = (PRES_STRING_INFO)MALLOC(sizeof(RES_STRING_INFO));
ZeroMemory(pStrInfo, sizeof(RES_STRING_INFO));
pStrInfo->uStringID = uStringIDS[i];
LoadStringExx(hInstLib, (WORD)vi.wLangID, pStrInfo);
if (lstrlen(pStrInfo->pszText) > 0)
{
uMatchingString++;
}
_tcprintf(_T("\n%5d %s"), pStrInfo->uStringID, pStrInfo->pszText);
gotoX(61);
_tcprintf(_T("0x%4X %3d"), pStrInfo->dwFileOffset, pStrInfo->dwBytes);
PushEntryList(&StringsHead, &(pStrInfo->link));
} // for(i)
// importance
FreeLibrary(hInstLib);
_tcprintf(_T("\n\n"));
if ( (uMatchingString > 0) && (StringsHead.Next != NULL) )
{
_tcprintf(_T("Do you want to patch this file?\n"));
_tcprintf(_T(" (Y=Yes / N=No)\n:"));
int iChoice = getchar();
if ( (iChoice == _T('y')) || (iChoice == _T('Y')) )
{
TCHAR szFileBackup[MAX_PATH];
StringCbCopy(szFileBackup, sizeof(szFileBackup), pszFile);
StringCbCat(szFileBackup, sizeof(szFileBackup), _T(".backup"));
// make a backup
CopyFile(pszFile, szFileBackup, FALSE);
// In real life, if you want to patch \windows\system32\en-us\user32.dll.mui,
// because the file is in using, you must copy a temp file to do ZeroWatermarkFromMuiFile().
// Last, using MoveFileEx() to replace the file.
if (ZeroWatermarkFromMuiFile(pszFile, &StringsHead))
{
_tcprintf(_T("\nPatch OK!\n"));
}
else
{
_tcprintf(_T("\nFail to patch.\n"));
}
} // choice y
}
else
{
_tcprintf(_T("Watermark string is not found, no need to patch.\n"));
}
//
// Removes all string infos, free memory
//
psLink = PopEntryList(&StringsHead);
while(psLink)
{
pStrInfo = CONTAINING_RECORD(psLink, RES_STRING_INFO, link);
// free memory
if (pStrInfo->pszText)
FREE((LPVOID)(pStrInfo->pszText));
FREE((LPVOID)pStrInfo);
// Removes the first entry
psLink = PopEntryList(&StringsHead);
} // while(psLink)
return TRUE;
} // GetWatermarkFromMuiFile
void PutLog( const TCHAR* text, ... )
{
SYSTEMTIME time;
::GetLocalTime( &time );
TCHAR log[ 2048 ] = { 0 };
{
TCHAR buffer[ 2048 ] = { 0 };
{
va_list argument;
va_start( argument, text );
_vstprintf( buffer, text, argument );
va_end( argument);
}
_stprintf(
log,
_T( "[%04d.%02d.%02d %02d:%02d:%02d] %s\n" ),
time.wYear,
time.wMonth,
time.wDay,
time.wHour,
time.wMinute,
time.wSecond,
buffer );
}
_tcprintf( log );
// 파일 출력
{
// 080702 LUJ, 로그 파일을 log 폴더 안에 저장되도록 한다
::CreateDirectory( _T( "log" ), 0 );
std::string name;
{
const std::string prefix( _T( "log\\RecoveryServer" ) );
TCHAR infix[ MAX_PATH ] = { 0 };
_stprintf(
infix,
"%04d%02d%02d",
time.wYear,
time.wMonth,
time.wDay );
const std::string postfix( _T( "log" ) );
name = prefix + "." + infix + "." + postfix;
}
std::ofstream file( name.c_str(), std::ios_base::app );
if( ! file )
{
file.open( name.c_str() );
if( ! file )
{
return;
}
}
file << log;
}
}
void usage()
{
_tcprintf(_T("(1|2) (file|path) [outfile] 1使用7z 2使用新方法\r\n"));
}
BOOL CListViewCtrlEx::_ExpandItem( TListItem * pItem, INT iItem, BOOL expand )
{
if(expand && pItem->_isclapsed)
{
// expand if collapsed
_super::SetRedraw(FALSE);
TListItemPtrs::iterator it = std::find(m_arrItems.begin(), m_arrItems.end(), pItem);
ATLASSERT( it!=m_arrItems.end() );
++it;
m_arrItems.insert(it, pItem->_clapsed_items.begin(), pItem->_clapsed_items.end());
INT nNext = iItem + 1;
for(int i=0; i<pItem->_clapsed_items.size(); ++i)
{
_super::AddItem(nNext, 0, _T(""));
_super::SetItemData( nNext, pItem->_clapsed_items[i]->_itemData );
++nNext;
}
_super::SelectItem( iItem );
pItem->_clapsed_items.clear();
pItem->_isclapsed = FALSE;
_super::SetRedraw(TRUE);
#if 0
_tcprintf(_T("-ListCtrlEx expanded %d\n"), _super::GetItemCount());
for(int i=0; i<_super::GetItemCount(); ++i)
{
_tcprintf(_T("%d - %s %x\n"), i, m_arrItems[i]->subItems[1].str, _super::GetItemData(i));
}
#endif
return TRUE;
}
else if(!expand && !pItem->_isclapsed)
{
_super::SetRedraw(FALSE);
// collapse if expanded
int nEnd = iItem;
for( int i=iItem+1; i<_super::GetItemCount(); ++i)
{
TListItem *p = _GetItemData( i );
if (!p)
break;
if(p->dwFlags & LISTITEM_TITLE)
break;
p->_itemData = _super::GetItemData( i );
pItem->_clapsed_items.push_back( p );
nEnd = i;
}
for(int i=nEnd; i > iItem; --i)
{
TListItemPtrs::iterator it = m_arrItems.begin();
if(i>0)
std::advance(it, i);
_super::DeleteItem( i );
m_arrItems.erase( it );
}
pItem->_isclapsed = TRUE;
_super::SetRedraw(TRUE);
return TRUE;
}
return FALSE;
}