One. Basic theoretical knowledge
1. What is pipeline and classification
The pipe is two heads, each of each head connected to a process or different code of the same process, with two types of pipes, anonymity and naming; according to the pipeline transfer direction, single Bidirectional. Depending on the characteristics of the pipeline, the named pipe is usually used between the processes running on different computers in a network environment (of course, in different processes of the same machine) it can be unidirectional or two-way; and anonymous pipeline only Can be used in the same computer, it can only be one-way. Anonymous pipe is actually achieved by a famous pipe for a specified name.
The benefit of using the pipe is that reading and writing It is used by the API for file operation, and the results are the same as the operational file. Even if you communicate with a naming pipe between different computers, you don't have to know the specific details of the network communication between networks.
2. Pipeline
A. Named pipeline
The named pipe is established by the server-side process. The naming of the pipe must follow the specific naming method, that is, "//pipe/ pipe name", when used as a client, use "// computer name // PIPE / Pipe name "to open the use, the specific steps are as follows:
The server creates an instance of a named pipe through the function CreateNameDpipe and returns the handle for future operation, or creates a new instance for existing pipes. The server listened to the connection request from the client, which is implemented through the connection function.
The client is waiting for the appearance of the pipe through function WaitNameDpipe. If the timeout value becomes zero, there is a pipe to use, then WaitNameDpipe will return True and call the server connection by calling CREATEFILE or CALLNAMEDPE.
At this point, the server will accept the client's connection request, successfully established a connection, the server connectNamedPipe returns the TRUE to establish a connection, the client and the server can use the readFile and WriteFile, and use the obtained pipe file handle to exchange information. When the client is ended with the server, the client calls Closefile, and the server then calls DisconnectNamedPipe. Finally, the function closehandle is called to turn off the pipe.
B. Anonymous pipeline
Since the program is used as the client, the program must know the name of the pipe, so more in the server / workstation program written in the same "author", you can't find a program to ask it to write the program. By named pipe communication. The use of anonymous pipeline is completely different. It allows you and completely unpacked process communication, the condition is that this process enters the output through the console "console", typical example is the old DOS application, they are running Windows They open a DOS window, and their input and output is console mode. There are also some standard Win32 programs that also use the console input and output. If you don't want to use the graphical interface in Win32, you can use allocconsole to get a console, then get the input or output handle via the GetStdHandle, and then use WriteConsole or Writefile to put the result Outputs to the console (usually an icon DOS window). Although these programs look like a DOS program, they are unclosed Win32 programs. If you use it under pure DOS, "The Program Must Run Under Windows!" Is displayed.
One console has three handles: standard input, standard output, and standard error handles, standard input, standard output handle can be reordered, you can replace it with anonymous pipeline, so that you can take the other end of the pipe Use another process to receive or enter, and the control desk is not feeling different, just like the> or
(Console Process Input) Read <---- Standard Input Device (Usually Keyboard)
After using the pipeline: (as the console process of the sub-process Output) Write ----> Pipe 1 ----> Read (Parent Process)
(As a console process in Pi Process) Read <----> Pipe 2 <---- Write (Parent Process)
The steps to use anonymous pipes are as follows:
Use CreatePipe to build two pipes, get the pipe handle, one is used to input, one is used to output
Ready to perform the control station process, first get startupinfo using getStartupInfo
Use the first pipe handle instead of HSTDINPUT in Startupinfo, the second instead of HSTDOTPUT, HSTDEROR, namely standard input, output, error handle
Use the CreateProcess execution sub-process so that the sub-process input and output of this created are directed to the pipeline.
The parent process reads the second pipe through the ReadFile to obtain the output of the child process, write the first pipeline through WriteFile to write the sub-process
The parent process can check the sub-process without output via PeekNameDpipe.
After the child process is over, you should close the two pipes through CloseHandle.
I put it on a CMD dynamic connection library written by myself.
*********************************************************** *********
; Program Name: Compilation Remote CMD
; Author: JaZzy
Date: 2005.1.17
Contact: QQ 28919455 Email: bisonal23@yahoo.com.cn
; Note: If you want to reprint, keep the whole process and indicate:
Reprinted from "Life of Language ~"
http://www.blogcn.com/User24/bisonal23/index.html)
*********************************************************** *********
Main program
.386
.Model flat, stdcall
Option CaseMAP: NONE
; ############################################################################### ###########################################
Include Files
; ############################################################################### ###########################################
INCLUDE C: /MASM32/INCLUDE/Windows.inc
Include c: /masm32/include/user32.inc
INCLUDE C: /masm32/include/kernel32.inc
INCLUDE C: /masm32/include/ws2_32.inc
Include c: /masm32/include/advapi32.incinclude c: /masm32/include/wininet.inc
Include C: /masm32/include/shlwapi.inc
IncludeLib C: /masm32/lib/user32.lib
IncludeLib C: /masm32/lib/kernel32.lib
IncludeLib C: /masm32/lib/ws2_32.lib
IncludedElib C: /masm32/lib/advapi32.lib
IncludeLib C: /masm32/lib/wininet.lib
IncludedElib C: /masm32/lib/shlwapi.lib
; ############################################################################### ###########################################
.const
SZCMD DB 'cmd.exe', 0
Szend db 'end', 0
SzeXit DB 'EXIT', 0
; ############################################################################### ###########################################
.DATA?
SZBUF1 DB 65535 DUP (?)
SZBUF2 DB 65535 DUP (?)
; ############################################################################### ###########################################
.code
; ############################################################################### ###########################################
DLlentry Proc_HINSTANCE, _DWREASON, _DWRESERVED
Mov Eax, True
RET
DLLLENTRY ENDP
; ############################################################################### ########################################
Remd Proc Cmdsock
Word
Local @ hreadpipe1
Local @ hwritepipe1
Local @ hreadpipe2
Local @ hwritepipe2
Local @dwcount
Local @dwcmdlen
Local STSA: Security_Attributes
Local StStartInfo: StartupInfo
Local stprocinfo: Process_information
;
Establish two anonymous pipes for data exchange with remote CMD
;
Mov Stsa.nlength, 12
Mov Stsa.lpsecurityDescriptor, NULL
Mov Stsa.BinheritHandle, True
Invoke createpipe, addr @ hreadpipe1, addr @ hwritepipe1, addr stsa, 0
Invoke createpipe, addr @ hreadpipe2, addr @ hwritepipe2, addr stsa, 0
;
Create a remote cmd.exe
;
Invoke RTLZERMEMORY, AddR StostartInfo, Sizeof Startupinfo
Mov StostartInfo.dwflags, Startf_useshowWindow or Startf_usestdhandles
Mov StStartinfo.WshowWindow, SW_HIDE
Mov Eax, @ hreadpipe1
Mov StStartInfo.hstdinput, Eaxmov Eax, @ hwritepipe2
Mov StStartInfo.hstdoutput, EAX
Mov StStartInfo.hstderror, EAX
Invoke CreateProcess, NULL, OFFSET SZCMD, NULL, NULL, 1, 0, /
Null, NULL, AddR StStartinfo, Addr StProcinfo
;
Cyclic reading information; send data to the control terminal, then send an end flag
;
.While true
*********************************************************** **********
; Read data from the pipeline and display
*********************************************************** **********
.While true
Mov @ dwcount, 0
Invoke RTLZERMEMORY, OFFSET SZBUF1, 65535
.While @ dwcount == 0
Invoke peeknamedpipe, @ hreadpipe2, offset szbuf1,65535, /
Addr @ dwcount, null, null
.endw
Invoke Readfile, @ hreadpipe2, offset szbuf1,65535, addr @ dwcount, null
Invoke Send, cmdsock, offset szbuf1, @ dwcount, 0
.break .if eax <= 0
Mov ECX, @ dwcount
Dec ECX
.break .if byte PTR [offset szbuf1 ecx] == 62
.endw
Invoke Send, Cmdsock, Offset Sze, Sizeof Sze, 0
*********************************************************** ************
; Read the remote cmd command from the network, write it into the pipeline
*********************************************************** ************
Invoke RTLZERMEMORY, OFFSET SZBUF2, 65535
Invoke Recv, cmdsock, offset szbuf2,65535,0
.IF EAX == Socket_ERROR || EAX == 0
Invoke Wsagetlasterror
.IF EAX == WSAEWOULDBLOCK
.CONTINUE
.lse
Invoke TerminateProcess, StProcinfo.hprocess, 0; Connection If the disconnect ends the CMD process
.break
.endif
.lse
Mov @ dwcmdlen, EAX
Invoke Writefile, @ hwritepipe1, offset szbuf2, @ dwcmdlen, addr @ dwcount, null
Invoke Send, cmdsock, offset szbuf2, @ dwcount, 0
Invoke lstrcmp, offset szbuf2, offset szexit; exit if it is transmitted
.break
.endif
.endw
RET
RECMD ENDP
; ############################################################################### ####################
End dllenTry
cmddll.def file
Exports
RECMDCMDDLL of Makefile file
DLL = cmddll
ML_FLAG = / C / Coff
Link_flag = / subsisystem: windows / dll /section :bss, s
######################################################################################################################################################################################################################################################################################################## ##
# Create the connection options used when the DLL of the shared data segment is created
# Link_flag = / subsystem: windows / dll /section :bss,
######################################################################################################################################################################################################################################################################################################## ##
(DLL) .dll: (dll) .Obj (dll) .def
LINK (Link_Flag) / DEF
DLL) .def (dll) .obj
.asm.obj:
ML (ml_flag) <
.rc.res:
RC <
Clean:
Del * .obj
Del * .exp
Del * .lib
Note: This program will have a warning when the link is, since you have not implemented it in a specific program, you still don't know if there will be problems, you are welcome to participate in the discussion.
Finally, I thank the commander, and there is a netizen who provides information on the Internet.
