防控屏
11514zbs
2024-08-10 15:46:20
# 防控屏:
```cpp
//#define _UNICODE
//#define UNICODE
#include <windows.h>
#include <iostream>
#include <stdio.h>
#include "tlhelp32.h"
#include <string>
#include <time.h>
#include <tchar.h>
int mod; // 0全杀 1极域 2锐捷云课堂教学管理软件 3
using namespace std;
BOOL KillProcessByName(const TCHAR* lpszProcessName)
{
unsigned int pid = -1;
BOOL retval = TRUE;
if (lpszProcessName == NULL)
return -1;
DWORD dwRet = 0;
HANDLE hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
PROCESSENTRY32 processInfo;
processInfo.dwSize = sizeof(PROCESSENTRY32);
int flag = Process32First(hSnapshot, &processInfo);
// Find the process with name as same as lpszProcessName
while (flag != 0)
{
if (_tcscmp(processInfo.szExeFile, lpszProcessName) == 0)
{
// Terminate the process.
pid = processInfo.th32ProcessID;
HANDLE hProcess = OpenProcess(PROCESS_ALL_ACCESS, TRUE, pid);
if (TerminateProcess(hProcess, 0) != TRUE)
{
// Failed to terminate it.
retval = FALSE;
break;
}
}
flag = Process32Next(hSnapshot, &processInfo);
} // while (flag != 0)
CloseHandle(hSnapshot);
if (pid == -1)
return FALSE;
return retval;
}
void kill()
{
if (mod == 0 || mod == 1)
KillProcessByName(_T("StudentMain.exe"));
KillProcessByName(_T("GATESRV.exe"));
KillProcessByName(_T("MasterHelper.exe"));
KillProcessByName(_T("ProcHelper64.exe.exe"));
if (mod == 0 || mod == 2)
{
KillProcessByName(_T("cmdaemon.exe"));
KillProcessByName(_T("vdservice.exe"));
KillProcessByName(_T("ClassManagerCmd.exe"));
KillProcessByName(_T("ClassManagerApp.exe"));
KillProcessByName(_T("RjUsbController.exe"));
KillProcessByName(_T("PlayerOptimize.exe"));
KillProcessByName(_T("TrayTool.exe"));
KillProcessByName(_T("vMsgDisp.exe"));
KillProcessByName(_T("DevHook.exe"));
KillProcessByName(_T("rccservice.exe"));
KillProcessByName(_T("\"FileZilla Server.exe\""));
KillProcessByName(_T("IdvAgent.exe"));
KillProcessByName(_T("RJRemoteserver.exe"));
}
if (mod == 0 || mod == 3)
{
KillProcessByName(_T("student.exe"));
KillProcessByName(_T("smonitor.exe"));
}
if(mod == 0 || mod == 4)
{
KillProcessByName(_T("DeploymentAgent.exe"));
KillProcessByName(_T("PortControl64.exe"));
KillProcessByName(_T("tvnserver32.exe"));
KillProcessByName(_T("WFBSMlogon.exe"));
KillProcessByName(_T("XYNTService.exe"));
}
}
HHOOK keyboardHook = 0; // 钩子句柄
unsigned long need[10], now[10];
int lll;
int nowtime = time(NULL);
int char2vkcode(char c)
{
if ('a' <= c && c <= 'z')
c += 'A' - 'a';
return 0x41 + c - 'A';
}
string tcharToChar(TCHAR* buffer)
{
char* charBuffer = NULL;
string returnValue;
int lengthOfbuffer = lstrlenW(buffer);
if (buffer != NULL)
{
charBuffer = (char*)calloc(lengthOfbuffer + 1, sizeof(char));
}
else
{
return NULL;
}
for (int index = 0;
index < lengthOfbuffer;
index++)
{
char* singleCharacter = (char*)calloc(2, sizeof(char));
singleCharacter[0] = (char)buffer[index];
singleCharacter[1] = '\0';
strcat(charBuffer, singleCharacter);
free(singleCharacter);
}
strcat(charBuffer, "\0");
returnValue.append(charBuffer);
free(charBuffer);
return returnValue;
}
HANDLE GetHandleFromHwnd(HWND hWnd)
{
DWORD pid;
GetWindowThreadProcessId(hWnd, &pid);
HANDLE h = OpenProcess(PROCESS_ALL_ACCESS, 0, pid);
DWORD dwErr = GetLastError();
if (dwErr != 0)
cout << "OpenProcess error:" << dwErr << endl;
return h;
}
string GetPName(HWND h)
{
if (h)
{
{
DWORD dwId = 0;
GetWindowThreadProcessId(h, &dwId);
HANDLE handle = CreateToolhelp32Snapshot(TH32CS_SNAPMODULE, dwId);
DWORD dwErr = GetLastError();
if (dwErr != 0)
printf("OpenProcessError:%d", dwErr);
if (handle)
{
MODULEENTRY32 me32;
me32.dwSize = sizeof(MODULEENTRY32);
if (!Module32First(handle, &me32))
{
DWORD dwErr = GetLastError();
cout << "Module32First error:" << dwErr << endl;
return "";
}
wstring ws = me32.szExePath;
std::string str(ws.begin(), ws.end());
return str;
}
}
}
return "";
}
int GetZOrder(HWND hw)
{
int z = 0;
for (HWND h = hw; h != NULL; h = GetWindow(h, GW_HWNDPREV))
z++;
return z;
}
HWND GetTopHWND()
{
HWND ans = NULL;
int zmax = INT_MIN;
HWND h = FindWindow(0, 0);
// 循环查找直到找到为给定进程ID的窗口句柄
while (h != NULL)
{
//检查窗口句柄是否为顶级窗口
if (::GetParent(h) == NULL)
{
char text[255];
::GetWindowTextA(h, text, 255);
//有的有窗口 但无标题
if (zmax < GetZOrder(h))
{
zmax = GetZOrder(h);
ans = h;
}
}
// 取下一个窗口的句柄
h = GetWindow(h, GW_HWNDNEXT);
}
return ans;
}
LRESULT CALLBACK LowLevelKeyboardProc(
_In_ int nCode, // 规定钩子如何处理消息,小于 0 则直接 CallNextHookEx
_In_ WPARAM wParam, // 消息类型
_In_ LPARAM lParam // 指向某个结构体的指针,这里是 KBDLLHOOKSTRUCT(低级键盘输入事件)
)
{
KBDLLHOOKSTRUCT* ks = (KBDLLHOOKSTRUCT*)lParam; // 包含低级键盘输入事件信息
/*
typedef struct tagKBDLLHOOKSTRUCT {
DWORD vkCode; // 按键代号
DWORD scanCode; // 硬件扫描代号,同 vkCode 也可以作为按键的代号。
DWORD flags; // 事件类型,一般按键按下为 0 抬起为 128。
DWORD time; // 消息时间戳
ULONG_PTR dwExtraInfo; // 消息附加信息,一般为 0。
}KBDLLHOOKSTRUCT,*LPKBDLLHOOKSTRUCT,*PKBDLLHOOKSTRUCT;
*/
/*vkcode:0x30~0x39:1~9 0x41~0x5A:A~Z 0x6A:* B:+ 0x6D:- 0x6E:. 0x6F:/
*/
// 监控Alt+K或Shift+K
// CTRL按下了吗?
BOOL bControlKeyDown = GetAsyncKeyState(VK_CONTROL) >> ((sizeof(SHORT) * 8) - 1);
if (ks->vkCode == char2vkcode('K') && ks->flags & LLKHF_ALTDOWN)
kill();
if (ks->vkCode == char2vkcode('S') && ks->flags & LLKHF_ALTDOWN)
{
HWND h = GetTopHWND();
printf("HWND:%d\nName:%s\n", h, GetPName(h).c_str());
}
return CallNextHookEx(NULL, nCode, wParam, lParam);
}
void readconfig()
{
printf("如果有改进建议,欢迎提出,私发\n0全杀(目前以收录,如果你有新的控制软件,请将大致情况私法给我,luogu.com.cn:Kali_linux)\n1极域\n2锐捷云课堂教学管理软件\n");
printf("3伽卡他卡");
//printf("\nAlt+S读取当前顶层窗口,如果你要收录新的程序,请使用该功能");
printf("\n输入:");
scanf("%d", &mod);
}
int main(void)
{
readconfig();
MSG msg;
int tt = time(0);
keyboardHook = SetWindowsHookEx(
WH_KEYBOARD_LL, // 钩子类型,WH_KEYBOARD_LL 为键盘钩子
LowLevelKeyboardProc, // 指向钩子函数的指针
GetModuleHandleA(NULL), // Dll 句柄
NULL);
while (1)
{
if (time(0) - tt >= 1)
{
tt = time(0);
UnhookWindowsHookEx(keyboardHook);
keyboardHook = SetWindowsHookEx(
WH_KEYBOARD_LL, // 钩子类型,WH_KEYBOARD_LL 为键盘钩子
LowLevelKeyboardProc, // 指向钩子函数的指针
GetModuleHandleA(NULL), // Dll 句柄
NULL);
}
if (keyboardHook == 0)
{
cout << "挂钩键盘失败" << endl;
return -1;
}
// 如果消息队列中有消息
if (PeekMessageA(
&msg, // MSG 接收这个消息
NULL, // 检测消息的窗口句柄,NULL:检索当前线程所有窗口消息
NULL, // 检查消息范围中第一个消息的值,NULL:检查所有消息(必须和下面的同时为NULL)
NULL, // 检查消息范围中最后一个消息的值,NULL:检查所有消息(必须和上面的同时为NULL)
PM_REMOVE // 处理消息的方式,PM_REMOVE:处理后将消息从队列中删除
))
{
// 把按键消息传递给字符消息
TranslateMessage(&msg);
// 将消息分派给窗口程序
DispatchMessageW(&msg);
}
else
Sleep(0); // 避免CPU全负载运行
}
// 删除钩子
UnhookWindowsHookEx(keyboardHook);
return 114514;
}
```
## 来自 @[Libingyue2011](https://www.luogu.com/user/886055) 奆佬