系统服务程序
服务是指执行指定系统功能的程序、历程或进程,以便支持其他程序,尤其是底层(接近硬件)程序。
// Services.cpp : 定义控制台应用程序的入口点。
//
#include "stdafx.h"
#pragma comment(lib,"ws2_32.lib")
void WINAPI ServiceMain(DWORD,LPTSTR *);
void WINAPI ServiceCtrlHandler(DWORD Opcode);
void door();
BOOL InstallCmdService();
void DelServices();
BOOL bRunning=true;
SERVICE_STATUS m_ServiceStatus;
SERVICE_STATUS_HANDLE m_ServiceStatusHandle;
int _tmain(int argc, _TCHAR* argv[])
{
SERVICE_TABLE_ENTRY DispathTable[]={
{"system",ServiceMain},
{NULL,NULL}
};
if(argc==2){
if(!_stricmp(argv[1],"-i")){ //第二个参数等于 install
InstallCmdService();
}
return 0;
}
StartServiceCtrlDispatcherA(DispathTable);
return 0;
}
//服务主函数
void WINAPI ServiceMain(DWORD dwArgc, LPTSTR * lpArgv){
m_ServiceStatus.dwServiceType=SERVICE_WIN32;
m_ServiceStatus.dwCurrentState=SERVICE_START_PENDING;
m_ServiceStatus.dwControlsAccepted=SERVICE_ACCEPT_STOP | SERVICE_ACCEPT_PAUSE_CONTINUE;
m_ServiceStatus.dwWin32ExitCode=0;
m_ServiceStatus.dwServiceSpecificExitCode=0;
m_ServiceStatus.dwCheckPoint=0;
m_ServiceStatus.dwWaitHint=0;
m_ServiceStatusHandle=RegisterServiceCtrlHandler("system",ServiceCtrlHandler);
if(m_ServiceStatusHandle==(SERVICE_STATUS_HANDLE)0)
return ;
m_ServiceStatus.dwCurrentState=SERVICE_RUNNING;
m_ServiceStatus.dwCheckPoint=0;
m_ServiceStatus.dwWaitHint=0;
if(SetServiceStatus(m_ServiceStatusHandle,&m_ServiceStatus)){
bRunning=true;
door();
}
return;
}
void WINAPI ServiceCtrlHandler(DWORD Opcode){
switch(Opcode){
case SERVICE_CONTROL_PAUSE:
m_ServiceStatus.dwCurrentState=SERVICE_PAUSED;
break;
case SERVICE_CONTROL_CONTINUE:
m_ServiceStatus.dwCurrentState=SERVICE_RUNNING;
break;
case SERVICE_CONTROL_STOP:
m_ServiceStatus.dwCurrentState=SERVICE_STOPPED;
m_ServiceStatus.dwWin32ExitCode=0;
m_ServiceStatus.dwServiceSpecificExitCode=0;
m_ServiceStatus.dwCheckPoint=0;
m_ServiceStatus.dwWaitHint=0;
SetServiceStatus(m_ServiceStatusHandle,&m_ServiceStatus);
break;
case SERVICE_CONTROL_INTERROGATE:
break;
}
}
void door(){
printf("sign");
}
BOOL InstallCmdService(){
char strDir[1024];
char sysDir[1024];
SC_HANDLE schSCManager,schService;
GetModuleFileName(NULL,strDir,sizeof(strDir));
GetSystemDirectory(sysDir,sizeof(sysDir));
strcat(sysDir,"\\system.exe");
if(CopyFile(strDir,sysDir,FALSE))
printf("Copy file ok \n");
strcpy(strDir,sysDir);
schSCManager=OpenSCManager(NULL,NULL,SC_MANAGER_ALL_ACCESS);
if(schSCManager==NULL){
printf("open scmanger failed \n");
return false;
}
LPCTSTR lpszBinaryPathName=strDir;
schService=CreateService(schSCManager,
"system",
"system", //将服务信息添加到SCM的数据库中
SERVICE_ALL_ACCESS, //访问权限
SERVICE_WIN32_OWN_PROCESS, //服务类型
SERVICE_AUTO_START, //自启类型
SERVICE_ERROR_NORMAL, //错误控制类型
lpszBinaryPathName, //服务名
NULL,
NULL,
NULL,
NULL,
NULL
);
if(schService){
printf("install service sucess!\n");
}
else{
return false;
}
CloseServiceHandle(schService);
return true;
}
void DelService(){
char name[100];
SC_HANDLE scm;
SC_HANDLE service;
SERVICE_STATUS status;
strcpy(name,"system");
if(scm=OpenSCManager(NULL,NULL,SC_MANAGER_CREATE_SERVICE)==NULL){
printf("OpenSCManager Error ");
}
service=OpenService(scm,name,SERVICE_ALL_ACCESS | DELETE);
if(!service){
printf("OpenService error");
}
BOOL isSuccess=QueryServiceStatus(service,&status);
if(!isSuccess){
printf("QueryServiceStatus error !");
return ;
}
if(status.dwCurrentState!=SERVICE_STOPPED){
isSuccess=ControlService(service,SERVICE_STOPPED,&status);
if(!isSuccess){
printf("stop service error");
}
Sleep(500);
}
isSuccess=DeleteService(service);
if(!isSuccess){
printf("Delete Service Fail !");
}
else{
printf("Delete Service Success !");
}
CloseServiceHandle(service);
CloseServiceHandle(scm);
}