#include
#include
//读缓冲区
HANDLE m_hReadPipeHandle = NULL;
//写缓冲区
HANDLE m_hWritePipeHandle = NULL;
HANDLE m_hReadPipeShell = NULL;
HANDLE m_hWritePipeShell = NULL;
DWORD WINAPI ReadPipeThread(LPVOID lparam)
{
unsigned long BytesRead = 0;
char ReadBuff[1024];
DWORD TotalBytesAvail;
while (1)
{
Sleep(100);
//检查管道是否有数据
while (PeekNamedPipe(m_hReadPipeHandle, ReadBuff, sizeof(ReadBuff), &BytesRead, &TotalBytesAvail, NULL))
{
if (BytesRead <= 0)
break;
memset(ReadBuff, 0, sizeof(ReadBuff));
LPBYTE lpBuffer = (LPBYTE)LocalAlloc(LPTR, TotalBytesAvail);
//读取管道数据
ReadFile(m_hReadPipeHandle, lpBuffer, TotalBytesAvail, &BytesRead, NULL);
//把读到的数据发送当前窗口
puts((char *)lpBuffer);
LocalFree(lpBuffer);
//主控端的处理函数
}
}
return 0;
}
void main()
{
SECURITY_ATTRIBUTES sa = { 0 };
STARTUPINFO si = { 0 };
PROCESS_INFORMATION pi = { 0 };
char strShellPath[MAX_PATH] = { 0 };
sa.nLength = sizeof(sa);
sa.lpSecurityDescriptor = NULL;
sa.bInheritHandle = TRUE;
//创建管道
if (!CreatePipe(&m_hReadPipeHandle, &m_hWritePipeShell, &sa, 0))
{
if (m_hReadPipeHandle != NULL) CloseHandle(m_hReadPipeHandle);
if (m_hWritePipeShell != NULL) CloseHandle(m_hWritePipeShell);
return;
}
if (!CreatePipe(&m_hReadPipeShell, &m_hWritePipeHandle, &sa, 0))
{
if (m_hWritePipeHandle != NULL) CloseHandle(m_hWritePipeHandle);
if (m_hReadPipeShell != NULL) CloseHandle(m_hReadPipeShell);
return;
}
memset((void*)&si, 0, sizeof(si));
memset((void*)&pi, 0, sizeof(pi));
GetStartupInfo(&si);
si.cb = sizeof(STARTUPINFO);
//标志wShowWindow,hStdInput,hStdOutput成员
si.dwFlags = STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW;
si.wShowWindow = SW_HIDE;//隐藏
si.hStdInput = m_hReadPipeShell;//写入
si.hStdOutput = si.hStdError = m_hWritePipeShell; //写出
GetSystemDirectory(strShellPath, MAX_PATH);
//strcat(strShellPath, "\\cmd.exe");//cmd 命令执行
strcat(strShellPath, "\\WindowsPowerShell\\v1.0\\powershell.exe");
//创建cmd 进入 并指定管道 继承父进程
if (!CreateProcess(strShellPath, NULL, NULL, NULL, TRUE,
NORMAL_PRIORITY_CLASS, NULL, NULL, &si, &pi))
{
CloseHandle(m_hReadPipeHandle);
CloseHandle(m_hWritePipeHandle);
CloseHandle(m_hReadPipeShell);
CloseHandle(m_hWritePipeShell);
return;
}
HANDLE m_hProcessHandle = pi.hProcess;
HANDLE m_hThreadHandle = pi.hThread;
//接收消息
HANDLE m_hThreadRead = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)ReadPipeThread, NULL, 0, NULL);
while (true)
{
DWORD TotalBytesAvail;
char buffer[1024];
unsigned long ByteWrite;
scanf_s("%s", buffer, 1024);
int szlen = strlen(buffer);
buffer[szlen] = '\n';
buffer[szlen + 1] = '\0';
WriteFile(m_hWritePipeHandle, (LPCVOID)buffer, strlen(buffer), &ByteWrite, NULL);
}
return ;
}