论坛: 编程破解 标题: nt服务程序求解!!!急啊!! 复制本贴地址    
作者: ilovepeace [ilovepeace]    论坛用户   登录
搭建了一个nt服务框架,做成类。但服务注册成功后,不能运行。StartServiceCtrlDispatcher()函数和StartService()函数调用都返回0值,最奇怪的就是用getlasterror()取得的错误代码都是3435973836
代码如下,请高手指点:

// Service.cpp: implementation of the CService class.
//
//////////////////////////////////////////////////////////////////////

#include "stdafx.h"
#include "NtService.h"
#include "Service.h"

#ifdef _DEBUG
#undef THIS_FILE
static char THIS_FILE[]=__FILE__;
#define new DEBUG_NEW
#endif

//////////////////////////////////////////////////////////////////////
// Construction/Destruction
//////////////////////////////////////////////////////////////////////
SERVICE_STATUS_HANDLE hServiceStatus;
SC_HANDLE scm,svc;
SERVICE_STATUS serviceStatus;
DWORD WINAPI SpyService(LPVOID lparam);  

CService::CService()
{

}

CService::~CService()
{

}

void WINAPI CService::BeginSrv(DWORD Opcode)
{
 switch(Opcode)
 {
 case SERVICE_CONTROL_STOP:
  serviceStatus.dwCurrentState =SERVICE_STOPPED;
  SetServiceStatus (hServiceStatus,&serviceStatus);
  break;
 case SERVICE_CONTROL_CONTINUE:
  serviceStatus.dwCurrentState = SERVICE_RUNNING;
  SetServiceStatus (hServiceStatus,&serviceStatus);
  break;
 case SERVICE_CONTROL_PAUSE:
  serviceStatus.dwCurrentState = SERVICE_PAUSED;
  SetServiceStatus (hServiceStatus,&serviceStatus);
  break;
  
 case SERVICE_CONTROL_INTERROGATE:
  break;
 default:
 break;
 }
 
 //SetServiceStatus (hServiceStatus,&serviceStatus);
}

void CService::Init_Service_Table_Entry()
{
 SERVICE_TABLE_ENTRY ste[2];
 ste[0].lpServiceName="ntservice";//Service Name
 ste[0].lpServiceProc=ServiceMain; //service function Name
 
 // the last one must be NULL
 ste[1].lpServiceName=NULL;
 ste[1].lpServiceProc=NULL;
 InstallService();
 if(StartServiceCtrlDispatcher(ste)==FALSE)
 {   
 DWORD Error=GetLastError();
 AfxMessageBox("调用SCM出错!");
     //return;
 }
 
 return;
 
}

void WINAPI CService::ServiceMain(DWORD dwArgc, LPTSTR *lpszArgv)
{
 serviceStatus.dwServiceType = SERVICE_WIN32;
 serviceStatus.dwCurrentState = SERVICE_START_PENDING;
 serviceStatus.dwControlsAccepted = SERVICE_ACCEPT_STOP|SERVICE_ACCEPT_PAUSE_CONTINUE;
 serviceStatus.dwServiceSpecificExitCode = 0;
 serviceStatus.dwWin32ExitCode = 0;
 serviceStatus.dwCheckPoint = 0;
 serviceStatus.dwWaitHint = 0;
 
 RegisterServiceCtrlHandler("ntservice",BeginSrv);
 serviceStatus.dwCurrentState = SERVICE_RUNNING;
 serviceStatus.dwCheckPoint = 0;
 serviceStatus.dwWaitHint = 0;
 SetServiceStatus(hServiceStatus,&serviceStatus);
 //serviceStatus.dwCurrentState = SERVICE_RUNNING;
 //serviceStatus.dwCheckPoint = 0;
 //serviceStatus.dwWaitHint = 0;
 //SetServiceStatus(hServiceStatus,&serviceStatus); //set service status
 HANDLE hThread=CreateThread(NULL,0,SpyService,NULL,0,NULL);
 return;
}
void CService::InstallService()  
{
SC_HANDLE        schSCManager;
SC_HANDLE        schService;
char             lpCurrentPath[MAX_PATH];
char             lpImagePath[MAX_PATH];
char             *lpHostName;
    WIN32_FIND_DATA  FileData;
HANDLE           hSearch;
DWORD            dwErrorCode;
SERVICE_STATUS   InstallServiceStatus;


    GetSystemDirectory(lpImagePath,MAX_PATH);
strcat(lpImagePath,"\\ntservice.exe");
    lpHostName=NULL;



hSearch=FindFirstFile(lpImagePath,&FileData);
if(hSearch==INVALID_HANDLE_VALUE)
{
GetModuleFileName(NULL,lpCurrentPath,MAX_PATH);
if(CopyFile(lpCurrentPath,lpImagePath,FALSE)==0) 
{
AfxMessageBox("Copy file error!");
      return ;
}
    else
{
    AfxMessageBox("Copy file Success !");
}
}
else
{
AfxMessageBox("File already Exists !");
FindClose(hSearch);
}

schSCManager=OpenSCManager(lpHostName,NULL,SC_MANAGER_ALL_ACCESS);
    if(schSCManager==NULL)
{
AfxMessageBox("Open Service Control Manager Database Failure !");
return ;
}
    else
AfxMessageBox("Open Service Control Manager Database success !");

schService=CreateService(schSCManager,"ntservice","ntservice",SERVICE_ALL_ACCESS,
                     SERVICE_WIN32_OWN_PROCESS,SERVICE_AUTO_START,
 SERVICE_ERROR_IGNORE,"ntservice.exe",NULL,NULL,NULL,NULL,NULL); 
if(schService==NULL)
{
dwErrorCode=GetLastError();
if(dwErrorCode!=ERROR_SERVICE_EXISTS)
{
       AfxMessageBox("Creating service Failure !");
CloseServiceHandle(schSCManager);
        return ;
}
else
{
    AfxMessageBox("service already Exists !");
schService=OpenService(schSCManager,"ntservice",SERVICE_START);
if(schService==NULL)
{
AfxMessageBox("Opening Service .... Failure !");
CloseServiceHandle(schSCManager);
return ;
}
}
}
else
{
AfxMessageBox("Creating service Success !");
}
    

 StartService(schService,0,NULL);                        


while(QueryServiceStatus(schService,&InstallServiceStatus)!=0)           
{
if(InstallServiceStatus.dwCurrentState==SERVICE_START_PENDING)
{

}
else
{
break;
}
}
if(InstallServiceStatus.dwCurrentState!=SERVICE_RUNNING)
{
        AfxMessageBox("running Failure !");                       
}
else
{
AfxMessageBox("Success !");
}

CloseServiceHandle(schSCManager);
CloseServiceHandle(schService);
return ;
}

void CService::RemoveService() 
{
SC_HANDLE        schSCManager;
SC_HANDLE        schService;
char             lpImagePath[MAX_PATH];
char             *lpHostName;
    WIN32_FIND_DATA  FileData;
SERVICE_STATUS   RemoveServiceStatus;
HANDLE           hSearch;
DWORD            dwErrorCode;


GetSystemDirectory(lpImagePath,MAX_PATH);
strcat(lpImagePath,"\\ntservice.exe");
        lpHostName=NULL;


        schSCManager=OpenSCManager(lpHostName,NULL,SC_MANAGER_ALL_ACCESS);
        if(schSCManager==NULL)
{

AfxMessageBox("Open SCM fail!");
return ;
}

schService=OpenService(schSCManager,"ntservice",SERVICE_ALL_ACCESS);
if(schService==NULL) 
{
    
dwErrorCode=GetLastError();
if(dwErrorCode==1060)
{
AfxMessageBox("no Exists !");
}
else
{
AfxMessageBox("Failure !");
}
CloseServiceHandle(schSCManager);
}
else
{

      if(QueryServiceStatus(schService,&RemoveServiceStatus)!=0)
{
        if(RemoveServiceStatus.dwCurrentState==SERVICE_STOPPED)
{
          AfxMessageBox("service already Stopped !"); 
}
      else
{

      if(ControlService(schService,SERVICE_CONTROL_STOP,&RemoveServiceStatus)!=0)
{
       while(RemoveServiceStatus.dwCurrentState==SERVICE_STOP_PENDING)         
{
     Sleep(10);
     QueryServiceStatus(schService,&RemoveServiceStatus);
}
       if(RemoveServiceStatus.dwCurrentState==SERVICE_STOPPED)
{
       AfxMessageBox("Service stop Success !");
}
       else
{
    AfxMessageBox("Service stop Failure !");
}
}
else
{
AfxMessageBox("Failure !");          
}
}
}
     else
{
     AfxMessageBox("Query Failure !");
}

          
       if(DeleteService(schService)==0)
{
       AfxMessageBox("delete service Failure !");   
}
      else
{
       AfxMessageBox("delete service Success !");
}
}

CloseServiceHandle(schSCManager);        
CloseServiceHandle(schService);


hSearch=FindFirstFile(lpImagePath,&FileData);
if(hSearch==INVALID_HANDLE_VALUE)
{
AfxMessageBox("file no Exists !");
}
else
{
if(DeleteFile(lpImagePath)==0)
{
AfxMessageBox("delete file Failure !");               
}
else
{
AfxMessageBox("delete file Success !");
}
FindClose(hSearch);
}

return ;
}

DWORD WINAPI SpyService(LPVOID lparam)  
{
AfxMessageBox("New thread is beginning!");
return 0;
}

地主 发表时间: 07/14 14:05

论坛: 编程破解

20CN网络安全小组版权所有
Copyright © 2000-2010 20CN Security Group. All Rights Reserved.
论坛程序编写:NetDemon

粤ICP备05087286号