svr code

#include <iostream>
#include <sstream>
#include <string>
#include <windows.h>
#include <TlHelp32.h>

using namespace std;

/* run this program using the console pauser or add your own getch, system("pause") or input loop */
static const string strServiceName="GameMonitorService";
static SERVICE_STATUS_HANDLE ServiceStatusHandle;
static HANDLE hEvent = NULL;
static HANDLE hThread = NULL;

void Log(const string&  rawmsg)
{   
    // DWORD msglen = 4096;
    // char msg[msglen];
   //  memset(msg, 0, msglen);
    
     stringstream loginfo;
     SYSTEMTIME p;
     GetLocalTime(&p);
    
     loginfo<<p.wYear<<"-"<<p.wMonth<<"-"<<p.wDay<<" "<<p.wHour<<":"<<p.wMinute<<":"<<p.wSecond<<":"<<p.wMilliseconds<<"@Thread:"<<GetCurrentThreadId()<<"@"<<rawmsg.c_str()<<endl;
    
     string strlog = loginfo.str();
    
     //sprintf(msg, "%d-%d-%d %d:%d:%d:%d@%s\r\n", p.wYear, p.wMonth, p.wDay, p.wHour, p.wMinute, p.wSecond, p.wMilliseconds, rawmsg.c_str());

     FILE* gLogFile = fopen("log.txt", "a+");
     fputs(strlog.c_str(), gLogFile);
     fclose(gLogFile);
}

DWORD WINAPI MonitorFunction(LPVOID lpParam)
{
 
 
 while (true)
 {
   //
  
   HANDLE hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);//获取进程快照 
   if(hProcessSnap == INVALID_HANDLE_VALUE)
   {
  Log("CreateToolhelp32Snapshot Error!...");
  continue;

   } 
  
 PROCESSENTRY32 pe32; 
     pe32.dwSize = sizeof(pe32);
    
   BOOL bResult =Process32First(hProcessSnap, &pe32); 
   int num(0); 
    while(bResult)  
    { 
         //string name = string(pe32.szExeFile);
        char temp[300];
       // WideCharToMultiByte(CP_ACP, 0, pe32.szExeFile, -1, temp, sizeof(temp), NULL, NULL);
         string name = string(pe32.szExeFile);
        int id = pe32.th32ProcessID; 
        stringstream processInfo;
         processInfo << "[" << ++num << "] : " <<"Process Name:"
            << name << "  " << "ProcessID:" << id<< endl; 
           
             string strProcess = processInfo.str();
            Log(strProcess.c_str());
    //    _nameID.insert(pair<string, int>(name, id)); //字典存储 
         bResult = Process32Next(hProcessSnap,&pe32); 
    }
   
 // Log("Test...");
   Sleep(250);
 }

 return 0;
}

void WINAPI GameMonitorHandler(DWORD dwControl)
{
 switch(dwControl)
 {
 case SERVICE_CONTROL_STOP:
//等待后门程序的停止
 SERVICE_STATUS ServiceStatus;
   ServiceStatus.dwCurrentState = SERVICE_STOP_PENDING;
  ServiceStatus.dwCheckPoint   = 0;
   ServiceStatus.dwWaitHint     = 0;
 
 SetServiceStatus(ServiceStatusHandle, &ServiceStatus);
 //设时间为激发状态，等待下一个事件的到来
 SetEvent(hEvent);
  
 ServiceStatus.dwCurrentState = SERVICE_STOP;
 ServiceStatus.dwCheckPoint   = 0;
 ServiceStatus.dwWaitHint     = 0;
 //停止
 SetServiceStatus(ServiceStatusHandle, &ServiceStatus);
 break;
 
 default:
  break;
 }
}

VOID WINAPI ServiceMain(DWORD argc,LPTSTR *argv)
{
    DWORD dwThreadId;  //存放线程ID
    cout<<"Enter ServiceMain OK!"<<endl;
    Log("Enter ServiceMain OK!");
 //通过RegisterServiceCtrlHandler()与服务控制程序建立一个通信的协议。
 //BDHandler()是我们的服务控制程序，它被可以被用来开始，暂停，恢复，停止服务等控制操作
 if (!(ServiceStatusHandle = RegisterServiceCtrlHandler((LPSTR)strServiceName.c_str(),  GameMonitorHandler)))
 {
                              cout<<"RegisterServiceCtrlHandler error!"<<endl;
                               Log("RegisterServiceCtrlHandler error!!");
                               return;
                               }
                               else
                               {
                                   cout<<"RegisterServiceCtrlHandler OK!"<<endl;
                                   Log("RegisterServiceCtrlHandler OK!!");
                                   }
 SERVICE_STATUS ServiceStatus;
 //表示该服务私有
  ServiceStatus.dwServiceType  = SERVICE_WIN32_OWN_PROCESS;
 //初始化服务，正在开始
 ServiceStatus.dwCurrentState  = SERVICE_START_PENDING; //
 //服务可以接受的请求，这里我们只接受停止服务请求和暂停恢复请求
  ServiceStatus.dwControlsAccepted  = SERVICE_ACCEPT_STOP
                      | SERVICE_ACCEPT_PAUSE_CONTINUE;
 //下面几个一般我们不大关心，全为0
  ServiceStatus.dwServiceSpecificExitCode = 0;
  ServiceStatus.dwWin32ExitCode        = 0;
  ServiceStatus.dwCheckPoint            = 0;
  ServiceStatus.dwWaitHint              = 0;
 //必须调用SetServiceStatus()来响应服务控制程序的每次请求通知
 SetServiceStatus(ServiceStatusHandle, &ServiceStatus);
Log("SetServiceStatus OK!!");
 //开始运行服务
  ServiceStatus.dwCurrentState = SERVICE_RUNNING;
  ServiceStatus.dwCheckPoint   = 0;
  ServiceStatus.dwWaitHint     = 0;

  SetServiceStatus(ServiceStatusHandle, &ServiceStatus);
 //我们用一个事件对象来控制服务的同步
  if (!(hEvent=CreateEvent(NULL, FALSE, FALSE, NULL)))
   return;
Log("CreateEvent OK!!");
  ServiceStatus.dwCurrentState = SERVICE_START_PENDING;
  ServiceStatus.dwCheckPoint   = 0;
  ServiceStatus.dwWaitHint     = 0;

  SetServiceStatus(ServiceStatusHandle, &ServiceStatus);
    //开线程来启动我们的后门程序
  if (!(hThread=CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)MonitorFunction, (LPVOID)0, 0, &dwThreadId)))
 
Log("CreateThread OK!!");
 ServiceStatus.dwCurrentState = SERVICE_RUNNING;
 ServiceStatus.dwCheckPoint   = 0;
 ServiceStatus.dwWaitHint     = 0;
 
 WaitForSingleObject(hEvent, INFINITE);

 CloseHandle(hThread);
 ExitThread(dwThreadId);
 CloseHandle(hEvent);

  return;
}

int main(int argc, TCHAR *argv[])
{
    // If command-line parameter is "install", install the service.
    // Otherwise, the service is probably being started by the SCM.

  //  if( lstrcmpi( argv[1], TEXT("install")) == 0 )
  //  {
      //  SvcInstall();
    //    return;
  //  }

    // TO_DO: Add any additional services for the process to this table.
    SERVICE_TABLE_ENTRY DispatchTable[] =
    {
        { "GameMonitorService", (LPSERVICE_MAIN_FUNCTION) ServiceMain },
        { NULL, NULL }
    };
 
    // This call returns when the service has stopped.
    // The process should simply terminate when the call returns.

    if (!StartServiceCtrlDispatcher( DispatchTable ))
    {
       // SvcReportEvent(TEXT("StartServiceCtrlDispatcher"));
        cout<<"error!"<<GetLastError()<<endl;
       
    }
}

转载于:https://my.oschina.net/u/3428739/blog/1579919