Z
zygs
Unregistered / Unconfirmed
GUEST, unregistred user!
关注
B
bbs-wqt
Unregistered / Unconfirmed
GUEST, unregistred user!
关注,学习
J
jiang_hf168
Unregistered / Unconfirmed
GUEST, unregistred user!
学习!
A
antic_ant
Unregistered / Unconfirmed
GUEST, unregistred user!
有钩子函数可以监控本机的键盘和鼠标的操作,网络上的不知道能不能实现
刘
刘李子
Unregistered / Unconfirmed
GUEST, unregistred user!
gz
S
sowine
Unregistered / Unconfirmed
GUEST, unregistred user!
给我发一份源码。
sowine@163.com
T
Tsir222
Unregistered / Unconfirmed
GUEST, unregistred user!
a
晓
晓风月
Unregistered / Unconfirmed
GUEST, unregistred user!
在VC中的函数:NetSessionEnum()
对应Delphi中的哪一个?怎样使用?
对应Delphi中的哪一个?怎样使用?
晓
晓风月
Unregistered / Unconfirmed
GUEST, unregistred user!
是不是WNetOpenEnum()
B
bowen_202
Unregistered / Unconfirmed
GUEST, unregistred user!
任职学习
H
hfghfghfg
Unregistered / Unconfirmed
GUEST, unregistred user!
delphi6自带的控件
TShellChangeNotifier
TShellChangeNotifier
太
太阳火
Unregistered / Unconfirmed
GUEST, unregistred user!
To Tsir222:你在瞎搅和什么。
http://www.cashfiesta.com/php/join.php?ref=Tsir222
~~~~~~~
这就是你的秘密吧
http://www.cashfiesta.com/php/join.php?ref=Tsir222
~~~~~~~
这就是你的秘密吧
C
chn2k
Unregistered / Unconfirmed
GUEST, unregistred user!
我已向“垃圾处理中心”
http://www.delphibbs.com/delphibbs/DispQ.asp?LID=1792076
举报Tsir222。
建议大家动员起来,群策群力,众志成城,把所有“典型”的、“非典型”垃圾帖统统赶走。
http://www.delphibbs.com/delphibbs/DispQ.asp?LID=1792076
举报Tsir222。
建议大家动员起来,群策群力,众志成城,把所有“典型”的、“非典型”垃圾帖统统赶走。
晓
晓风月
Unregistered / Unconfirmed
GUEST, unregistred user!
谢谢chn2k!Tsir222这样的人DFW绝对不能让他立脚!全体痛骂Tsir222这头猪!!!!!
J
jshyh
Unregistered / Unconfirmed
GUEST, unregistred user!
vc我知道
Y
yaya8163
Unregistered / Unconfirmed
GUEST, unregistred user!
[^]
晓
晓风月
Unregistered / Unconfirmed
GUEST, unregistred user!
借借那位的网站让我把现在做的东东上传,可供大家下载!这里先贴出部分代码!
再次强调,这还不是全部的,控件部分没有贴上来!
待全部完成后一起共享!!!!
unit MainU;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, dxBar, dxBarExtItems, dxPageControl, dxCntner, dxTL, dxDBCtrl,
dxDBGrid, Buttons, RzButton, RzPanel, ExtCtrls, RzSplit, dxDBTLCl,
dxGrClms, RzStatus, DirMon, StdCtrls, RzEdit, RzLabel, Mask, SnifferThread,
ipheader, ComCtrls, WinSock, RxNotify, RzLstBox;
type
TfrmMain = class(TForm)
dxBarManager1: TdxBarManager;
dxBarBtn: TdxBarButton;
dxBarSubItemFile: TdxBarSubItem;
dxBarSubItemView: TdxBarSubItem;
dxBarSubItemHelp: TdxBarSubItem;
dxBarBtnExit: TdxBarButton;
dxBarBtnHelp: TdxBarButton;
dxBarBtnAbout: TdxBarButton;
dxBarBtnTask: TdxBarButton;
dxBarBtnMonitorInfo: TdxBarButton;
dxBarBtnIPPackage: TdxBarButton;
dxBarLargeBtnScan: TdxBarLargeButton;
dxBarLargeBtnOption: TdxBarLargeButton;
dxBarLargeBtnLog: TdxBarLargeButton;
dxBarLargeBtnExit: TdxBarLargeButton;
dxBarLargeBtnHelp: TdxBarLargeButton;
dxPageControl1: TdxPageControl;
dxTabSheetTask: TdxTabSheet;
dxTabSheetMonitorLog: TdxTabSheet;
dxTabSheetIPPackage: TdxTabSheet;
dxTabSheetSystemLog: TdxTabSheet;
dxTabSheetStartComputer: TdxTabSheet;
RzSizePanel1: TRzSizePanel;
RzToolbarTask: TRzToolbar;
BtnNew: TRzToolbarButton;
BtnDelete: TRzToolbarButton;
dxDBGridTask: TdxDBGrid;
BtnProperties: TRzToolbarButton;
dxDBGridTaskColumnID: TdxDBGridColumn;
dxDBGridTaskColumnFolderName: TdxDBGridColumn;
dxDBGridTaskColumnSub: TdxDBGridCheckColumn;
dxDBGridTaskColumnBegTime: TdxDBGridTimeColumn;
dxDBGridTaskColumnEndTime: TdxDBGridTimeColumn;
dxDBGridTaskColumnActive: TdxDBGridCheckColumn;
BtnPrint: TRzToolbarButton;
BtnAccept: TRzToolbarButton;
dxTabSheetSystemOption: TdxTabSheet;
RzStatusBar1: TRzStatusBar;
RzClockStatus: TRzClockStatus;
RzStatusPane: TRzStatusPane;
RzStatusPane1: TRzStatusPane;
RzToolbarMonitorLog: TRzToolbar;
dxDBGridMonitorLog: TdxDBGrid;
dxDBGridMonitorLogColumnID: TdxDBGridColumn;
dxDBGridMonitorLogColumnKind: TdxDBGridColumn;
dxDBGridMonitorLogColumnComputer: TdxDBGridColumn;
dxDBGridMonitorLogColumnUser: TdxDBGridColumn;
dxDBGridMonitorLogColumnTime: TdxDBGridColumn;
dxDBGridMonitorLogColumnSucceed: TdxDBGridColumn;
dxDBGridMonitorLogColumnDesc: TdxDBGridMemoColumn;
BtnViewMoni: TRzToolbarButton;
BtnRefMoni: TRzToolbarButton;
BtnExcelMoniIfo: TRzToolbarButton;
dxTabSheet1: TdxTabSheet;
RzMemMonitLogs: TRzMemo;
DirMon: TDirMon;
RzToolbar1: TRzToolbar;
RzSizePanel2: TRzSizePanel;
BtnBlankBtnBegin: TRzToolbarButton;
BtnBlankBtnStop: TRzToolbarButton;
BtnBlankBtnClear: TRzToolbarButton;
BtnBlankButton3: TRzToolbarButton;
RzSrcipEdit: TRzEdit;
RzDestipEdit: TRzEdit;
RzLabel1: TRzLabel;
RzLabel2: TRzLabel;
RzLabel3: TRzLabel;
RzSizePanel3: TRzSizePanel;
ListView: TListView;
dxTabSheetComputerSession: TdxTabSheet;
RzToolbar2: TRzToolbar;
BtnViewComputerSession: TRzToolbarButton;
RzSizePanel4: TRzSizePanel;
RzSizePanel5: TRzSizePanel;
RzListBoxComputerSession: TRzListBox;
RzMemComputerSession: TRzMemo;
procedure FormShow(Sender: TObject);
procedure BtnAcceptClick(Sender: TObject);
procedure BtnRefMoniClick(Sender: TObject);
procedure BtnBlankBtnBeginClick(Sender: TObject);
procedure BtnBlankBtnStopClick(Sender: TObject);
procedure ListViewDblClick(Sender: TObject);
procedure BtnBlankBtnClearClick(Sender: TObject);
procedure FormCloseQuery(Sender: TObject; var CanClose: Boolean);
procedure DirMonCreated(Sender: TObject; FileName, FUserName: String);
procedure DirMonDeleted(Sender: TObject; FileName, FUserName: String);
procedure DirMonModified(Sender: TObject; FileName, FUserName: String);
procedure DirMonRenamed(Sender: TObject; fromFileName,
toFileName: String);
procedure FormClose(Sender: TObject; var Action: TCloseAction);
procedure BtnViewComputerSessionClick(Sender: TObject);
procedure RzMemComputerSessionKeyDown(Sender: TObject; var Key: Word;
Shift: TShiftState);
private
{ Private declarations }
ListThread: TSnifferThread;
public
{ Public declarations }
end;
var
frmMain: TfrmMain;
implementation
uses DMU, detail, HexDump;
{$R *.dfm}
procedure TfrmMain.FormShow(Sender: TObject);
begin
dxPageControl1.ActivePageIndex := 0;
DMfrm.LoadTask(0);
dmfrm.LoadMonitorLog(0);
dirMon.Active := True;
end;
procedure TfrmMain.BtnAcceptClick(Sender: TObject);
begin
DMfrm.LoadTask(0);
end;
procedure TfrmMain.BtnRefMoniClick(Sender: TObject);
begin
DMfrm.ADODstMonitorLog.Active := False;
DMfrm.ADODstMonitorLog.Active := True;
end;
procedure TfrmMain.BtnBlankBtnBeginClick(Sender: TObject);
var
i:integer;
begin
// 创建线程并设置需要过滤的IP
ListThread := TSnifferThread.Create(true);
ListThread.PackageList := listview;
if trim(RzSrcipEdit.Text)<>'' then ListThread.srcip :=inet_addr(pchar(RzSrcipEdit.text)) else ListThread.srcip :=0;
if trim(RzDestipEdit.Text)<>'' then ListThread.destip:=inet_addr(pchar(RzDestipEdit.text)) else ListThread.destip:=0;
ListThread.Resume;
BtnBlankBtnBegin.Enabled := false;
BtnBlankBtnStop.Enabled:=true;
end;
procedure TfrmMain.BtnBlankBtnStopClick(Sender: TObject);
begin
// ListThread.Suspend;
ListThread.Free;
BtnBlankBtnBegin.Enabled := True;
BtnBlankBtnStop.Enabled := False;
end;
//------------IPPackage用------------------
function signlab(i:integer):string;
begin
case i of
5:result:='URG';
4:result:='ACK';
3:result:='PSH';
2:result:='RST';
1:result:='SYN';
0:result:='FIN';
end;
end;
function getsign(i:byte):string; // 该函数用来获得TCP包的标志
var
j:byte;
temp:integer;
begin
j:=1;
result:='';
temp:=(2 shl 5);
if temp=0 then exit;
for j:=0 to 5 do
begin
if j=0 then temp:=1
else temp:=2 shl (j-1);
temp:=temp and i;
if temp<>0 then result:=result+signlab(j)+'+';
end;
delete(result,length(result),1);
end;
//---------------------------------------
procedure TfrmMain.ListViewDblClick(Sender: TObject);
var
HexDump: THexDump;
str:string;
pipheader
IP_Header;
tcpTCP_Hearder;
udpUDP_Header;
temp:byte;
begin
try
pipheader:=PIP_Header(ListView.Selected.Data);
with detailf do
begin
// 对IP头进行解析
detailmemo.Clear;
detailmemo.Lines.Add('--------------------------------------');
detailmemo.Lines.Add('IP包解析 ');
detailmemo.Lines.Add(' 抓包时间 : '+ListView.Selected.Caption);
detailmemo.Lines.Add(' 来源IP : '+ListView.Selected.SubItems[0]);
detailmemo.Lines.Add(' 目的IP : '+ListView.Selected.SubItems[1]);
detailmemo.Lines.Add(' 包类型 : '+ListView.Selected.SubItems[2]);
detailmemo.Lines.Add(' 包大小 : '+inttostr(ntohs(pipheader.ip_totallength)));
detailmemo.Lines.Add(' 包生成时间: '+inttostr(pipheader.ip_ttl));
detailmemo.Lines.Add(' 包标记 : '+inttostr(ntohs(pipheader.ip_id)));
detailmemo.Lines.Add(' 首部校验和: '+inttostr(pipheader.ip_checksum));
if pipheader.ip_protocol=IPPROTO_TCP then
begin
// 对TCP包进行解析
tcp:=PTCP_Hearder(integer(ListView.Selected.Data)+sizeof(TIP_Header));
detailmemo.Lines.Add('');
detailmemo.Lines.Add('--------------------------------------');
detailmemo.Lines.Add('TCP包解析 ');
detailmemo.Lines.Add(' 源端口 :'+inttostr(ntohs(tcp.src_portno)));
detailmemo.Lines.Add(' 目标端口 :'+inttostr(ntohs(tcp.dst_portno)));
detailmemo.Lines.Add(' 窗口大小 :'+inttostr(ntohs(tcp.Windows)));
detailmemo.Lines.Add(' TCP标志 :'+getsign(tcp.flag));
end
else if pipheader.ip_protocol=IPPROTO_UDP then
begin
// 对UDP包进行解析
udp:=PUDP_Header(integer(ListView.Selected.Data)+sizeof(TIP_Header));
detailmemo.Lines.Add('');
detailmemo.Lines.Add('--------------------------------------');
detailmemo.Lines.Add('UDP包解析 ');
detailmemo.Lines.Add(' 源端口 :'+inttostr(ntohs(udp.src_portno)));
detailmemo.Lines.Add(' 目标端口 :'+inttostr(ntohs(udp.dst_portno)));
detailmemo.Lines.Add(' 大小 :'+inttostr(ntohs(udp.udp_length)));
end;
// 以十六进制形式将包内数据显示出来
HexDump := CreateHexDump(TWinControl(NoteBook.Pages.Objects[0]));
HexDump.Address := ListView.selected.Data;
str:= ListView.Selected.SubItems[3];
HexDump.DataSize :=strtoint(str);
//HexDump.ShowAddress:=false;
show;
NoteBook.SetFocus;
refresh;
end;
except
ShowMessage('请选择要浏览的IP包记录!');
end;
end;
procedure TfrmMain.BtnBlankBtnClearClick(Sender: TObject);
var
i:integer;
begin
for i:=0 to ListView.Items.Count-1 do
freemem(ListView.Items.Data);
ListView.Items.Clear;
end;
procedure TfrmMain.FormCloseQuery(Sender: TObject; var CanClose: Boolean); //处理IPPackage页
var
i:integer;
begin
for i:=0 to ListView.Items.Count-1 do
freemem(ListView.Items.Data);
ListView.Items.Clear;
if BtnBlankBtnStop.Enabled then BtnBlankBtnStop.OnClick(nil);
end;
procedure TfrmMain.DirMonCreated(Sender: TObject; FileName,
FUserName: String);
begin
RzMemMonitLogs.Lines.Add('CREATED '+FileName + ' 用户名:' + FUserName);
end;
procedure TfrmMain.DirMonDeleted(Sender: TObject; FileName,
FUserName: String);
begin
RzMemMonitLogs.Lines.Add('Deleted '+DirMon.Path + FileName + ' 用户名:' + FUserName);
end;
procedure TfrmMain.DirMonModified(Sender: TObject; FileName,
FUserName: String);
begin
RzMemMonitLogs.Lines.Add('Modified '+FileName + ' 用户名:' + FUserName);
end;
procedure TfrmMain.DirMonRenamed(Sender: TObject; fromFileName,
toFileName: String);
begin
RzMemMonitLogs.Lines.Add('Renamed von '+fromFileName+' in '+ToFileName);
end;
procedure TfrmMain.FormClose(Sender: TObject; var Action: TCloseAction);
begin
dirMon.Active:=False;
end;
//-------------------------------------连接到本机的机器信息---------------------------------------------------
procedure RunDosInMemo(DosApp:String;AMemo:TRzMemo; AListBox: TRzListBox);
const
ReadBuffer = 2400;
var
Security : TSecurityAttributes;
ReadPipe,WritePipe : THandle;
start : TStartUpInfo;
ProcessInfo : TProcessInformation;
Buffer : Pchar;
BytesRead : DWord;
Apprunning : DWord;
BufferTemp, Computers, Users, ComputerAndUser: string;
I: Integer;
begin
With Security do begin
nlength := SizeOf(TSecurityAttributes);
binherithandle := true;
lpsecuritydescriptor := nil;
end;
if Createpipe (ReadPipe, WritePipe,
@Security, 0) then begin
Buffer := AllocMem(ReadBuffer + 1);
FillChar(Start,Sizeof(Start),#0);
start.cb := SizeOf(start);
start.hStdOutput := WritePipe;
start.hStdInput := ReadPipe;
start.dwFlags := STARTF_USESTDHANDLES +
STARTF_USESHOWWINDOW;
start.wShowWindow := SW_HIDE;
if CreateProcess(nil,
PChar(DosApp),
@Security,
@Security,
true,
NORMAL_PRIORITY_CLASS,
nil,
nil,
start,
ProcessInfo)
then
begin
repeat
Apprunning := WaitForSingleObject(ProcessInfo.hProcess,100);
Application.ProcessMessages;
until (Apprunning <> WAIT_TIMEOUT);
Repeat
BytesRead := 0;
ReadFile(ReadPipe,Buffer[0],ReadBuffer,BytesRead,nil);
Buffer[BytesRead]:= #0;
OemToAnsi(Buffer,Buffer);
AMemo.Text := '';
AListBox.Clear;
AMemo.Text := String(Buffer);
until (BytesRead < ReadBuffer);
//-----------------------------
BufferTemp := AMemo.Text;
while Pos('//',BufferTemp) <> 0 do
begin
BufferTemp := Copy(BufferTemp,pos('//',BufferTemp),Length(BufferTemp)- pos('//',BufferTemp));
Computers := Copy(BufferTemp,1,pos(' ',BufferTemp));
BufferTemp := Copy(BufferTemp,pos(' ',BufferTemp),Length(BufferTemp)- pos(' ',BufferTemp));
Users := Copy(Trim(BufferTemp),1,pos(' ',Trim(BufferTemp)));
ComputerAndUser := Computers + ' ' + Users;
AListBox.AddItem(ComputerAndUser,TObject(0));
end;
//-----------------------------
end;
FreeMem(Buffer);
CloseHandle(ProcessInfo.hProcess);
CloseHandle(ProcessInfo.hThread);
CloseHandle(ReadPipe);
CloseHandle(WritePipe);
end;
end;
//---------------------------------------------------------------------------------------------------
procedure TfrmMain.BtnViewComputerSessionClick(Sender: TObject);
begin
RunDosInMemo('net session',RzMemComputerSession, RzListBoxComputerSession);
end;
procedure TfrmMain.RzMemComputerSessionKeyDown(Sender: TObject;
var Key: Word; Shift: TShiftState);
begin
if Key = VK_Return then
RunDosInMemo(RzMemComputerSession.Text,RzMemComputerSession,RzListBoxComputerSession);
end;
end.
再次强调,这还不是全部的,控件部分没有贴上来!
待全部完成后一起共享!!!!
unit MainU;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, dxBar, dxBarExtItems, dxPageControl, dxCntner, dxTL, dxDBCtrl,
dxDBGrid, Buttons, RzButton, RzPanel, ExtCtrls, RzSplit, dxDBTLCl,
dxGrClms, RzStatus, DirMon, StdCtrls, RzEdit, RzLabel, Mask, SnifferThread,
ipheader, ComCtrls, WinSock, RxNotify, RzLstBox;
type
TfrmMain = class(TForm)
dxBarManager1: TdxBarManager;
dxBarBtn: TdxBarButton;
dxBarSubItemFile: TdxBarSubItem;
dxBarSubItemView: TdxBarSubItem;
dxBarSubItemHelp: TdxBarSubItem;
dxBarBtnExit: TdxBarButton;
dxBarBtnHelp: TdxBarButton;
dxBarBtnAbout: TdxBarButton;
dxBarBtnTask: TdxBarButton;
dxBarBtnMonitorInfo: TdxBarButton;
dxBarBtnIPPackage: TdxBarButton;
dxBarLargeBtnScan: TdxBarLargeButton;
dxBarLargeBtnOption: TdxBarLargeButton;
dxBarLargeBtnLog: TdxBarLargeButton;
dxBarLargeBtnExit: TdxBarLargeButton;
dxBarLargeBtnHelp: TdxBarLargeButton;
dxPageControl1: TdxPageControl;
dxTabSheetTask: TdxTabSheet;
dxTabSheetMonitorLog: TdxTabSheet;
dxTabSheetIPPackage: TdxTabSheet;
dxTabSheetSystemLog: TdxTabSheet;
dxTabSheetStartComputer: TdxTabSheet;
RzSizePanel1: TRzSizePanel;
RzToolbarTask: TRzToolbar;
BtnNew: TRzToolbarButton;
BtnDelete: TRzToolbarButton;
dxDBGridTask: TdxDBGrid;
BtnProperties: TRzToolbarButton;
dxDBGridTaskColumnID: TdxDBGridColumn;
dxDBGridTaskColumnFolderName: TdxDBGridColumn;
dxDBGridTaskColumnSub: TdxDBGridCheckColumn;
dxDBGridTaskColumnBegTime: TdxDBGridTimeColumn;
dxDBGridTaskColumnEndTime: TdxDBGridTimeColumn;
dxDBGridTaskColumnActive: TdxDBGridCheckColumn;
BtnPrint: TRzToolbarButton;
BtnAccept: TRzToolbarButton;
dxTabSheetSystemOption: TdxTabSheet;
RzStatusBar1: TRzStatusBar;
RzClockStatus: TRzClockStatus;
RzStatusPane: TRzStatusPane;
RzStatusPane1: TRzStatusPane;
RzToolbarMonitorLog: TRzToolbar;
dxDBGridMonitorLog: TdxDBGrid;
dxDBGridMonitorLogColumnID: TdxDBGridColumn;
dxDBGridMonitorLogColumnKind: TdxDBGridColumn;
dxDBGridMonitorLogColumnComputer: TdxDBGridColumn;
dxDBGridMonitorLogColumnUser: TdxDBGridColumn;
dxDBGridMonitorLogColumnTime: TdxDBGridColumn;
dxDBGridMonitorLogColumnSucceed: TdxDBGridColumn;
dxDBGridMonitorLogColumnDesc: TdxDBGridMemoColumn;
BtnViewMoni: TRzToolbarButton;
BtnRefMoni: TRzToolbarButton;
BtnExcelMoniIfo: TRzToolbarButton;
dxTabSheet1: TdxTabSheet;
RzMemMonitLogs: TRzMemo;
DirMon: TDirMon;
RzToolbar1: TRzToolbar;
RzSizePanel2: TRzSizePanel;
BtnBlankBtnBegin: TRzToolbarButton;
BtnBlankBtnStop: TRzToolbarButton;
BtnBlankBtnClear: TRzToolbarButton;
BtnBlankButton3: TRzToolbarButton;
RzSrcipEdit: TRzEdit;
RzDestipEdit: TRzEdit;
RzLabel1: TRzLabel;
RzLabel2: TRzLabel;
RzLabel3: TRzLabel;
RzSizePanel3: TRzSizePanel;
ListView: TListView;
dxTabSheetComputerSession: TdxTabSheet;
RzToolbar2: TRzToolbar;
BtnViewComputerSession: TRzToolbarButton;
RzSizePanel4: TRzSizePanel;
RzSizePanel5: TRzSizePanel;
RzListBoxComputerSession: TRzListBox;
RzMemComputerSession: TRzMemo;
procedure FormShow(Sender: TObject);
procedure BtnAcceptClick(Sender: TObject);
procedure BtnRefMoniClick(Sender: TObject);
procedure BtnBlankBtnBeginClick(Sender: TObject);
procedure BtnBlankBtnStopClick(Sender: TObject);
procedure ListViewDblClick(Sender: TObject);
procedure BtnBlankBtnClearClick(Sender: TObject);
procedure FormCloseQuery(Sender: TObject; var CanClose: Boolean);
procedure DirMonCreated(Sender: TObject; FileName, FUserName: String);
procedure DirMonDeleted(Sender: TObject; FileName, FUserName: String);
procedure DirMonModified(Sender: TObject; FileName, FUserName: String);
procedure DirMonRenamed(Sender: TObject; fromFileName,
toFileName: String);
procedure FormClose(Sender: TObject; var Action: TCloseAction);
procedure BtnViewComputerSessionClick(Sender: TObject);
procedure RzMemComputerSessionKeyDown(Sender: TObject; var Key: Word;
Shift: TShiftState);
private
{ Private declarations }
ListThread: TSnifferThread;
public
{ Public declarations }
end;
var
frmMain: TfrmMain;
implementation
uses DMU, detail, HexDump;
{$R *.dfm}
procedure TfrmMain.FormShow(Sender: TObject);
begin
dxPageControl1.ActivePageIndex := 0;
DMfrm.LoadTask(0);
dmfrm.LoadMonitorLog(0);
dirMon.Active := True;
end;
procedure TfrmMain.BtnAcceptClick(Sender: TObject);
begin
DMfrm.LoadTask(0);
end;
procedure TfrmMain.BtnRefMoniClick(Sender: TObject);
begin
DMfrm.ADODstMonitorLog.Active := False;
DMfrm.ADODstMonitorLog.Active := True;
end;
procedure TfrmMain.BtnBlankBtnBeginClick(Sender: TObject);
var
i:integer;
begin
// 创建线程并设置需要过滤的IP
ListThread := TSnifferThread.Create(true);
ListThread.PackageList := listview;
if trim(RzSrcipEdit.Text)<>'' then ListThread.srcip :=inet_addr(pchar(RzSrcipEdit.text)) else ListThread.srcip :=0;
if trim(RzDestipEdit.Text)<>'' then ListThread.destip:=inet_addr(pchar(RzDestipEdit.text)) else ListThread.destip:=0;
ListThread.Resume;
BtnBlankBtnBegin.Enabled := false;
BtnBlankBtnStop.Enabled:=true;
end;
procedure TfrmMain.BtnBlankBtnStopClick(Sender: TObject);
begin
// ListThread.Suspend;
ListThread.Free;
BtnBlankBtnBegin.Enabled := True;
BtnBlankBtnStop.Enabled := False;
end;
//------------IPPackage用------------------
function signlab(i:integer):string;
begin
case i of
5:result:='URG';
4:result:='ACK';
3:result:='PSH';
2:result:='RST';
1:result:='SYN';
0:result:='FIN';
end;
end;
function getsign(i:byte):string; // 该函数用来获得TCP包的标志
var
j:byte;
temp:integer;
begin
j:=1;
result:='';
temp:=(2 shl 5);
if temp=0 then exit;
for j:=0 to 5 do
begin
if j=0 then temp:=1
else temp:=2 shl (j-1);
temp:=temp and i;
if temp<>0 then result:=result+signlab(j)+'+';
end;
delete(result,length(result),1);
end;
//---------------------------------------
procedure TfrmMain.ListViewDblClick(Sender: TObject);
var
HexDump: THexDump;
str:string;
pipheader
IP_Header;tcp
TCP_Hearder;udp
UDP_Header;temp:byte;
begin
try
pipheader:=PIP_Header(ListView.Selected.Data);
with detailf do
begin
// 对IP头进行解析
detailmemo.Clear;
detailmemo.Lines.Add('--------------------------------------');
detailmemo.Lines.Add('IP包解析 ');
detailmemo.Lines.Add(' 抓包时间 : '+ListView.Selected.Caption);
detailmemo.Lines.Add(' 来源IP : '+ListView.Selected.SubItems[0]);
detailmemo.Lines.Add(' 目的IP : '+ListView.Selected.SubItems[1]);
detailmemo.Lines.Add(' 包类型 : '+ListView.Selected.SubItems[2]);
detailmemo.Lines.Add(' 包大小 : '+inttostr(ntohs(pipheader.ip_totallength)));
detailmemo.Lines.Add(' 包生成时间: '+inttostr(pipheader.ip_ttl));
detailmemo.Lines.Add(' 包标记 : '+inttostr(ntohs(pipheader.ip_id)));
detailmemo.Lines.Add(' 首部校验和: '+inttostr(pipheader.ip_checksum));
if pipheader.ip_protocol=IPPROTO_TCP then
begin
// 对TCP包进行解析
tcp:=PTCP_Hearder(integer(ListView.Selected.Data)+sizeof(TIP_Header));
detailmemo.Lines.Add('');
detailmemo.Lines.Add('--------------------------------------');
detailmemo.Lines.Add('TCP包解析 ');
detailmemo.Lines.Add(' 源端口 :'+inttostr(ntohs(tcp.src_portno)));
detailmemo.Lines.Add(' 目标端口 :'+inttostr(ntohs(tcp.dst_portno)));
detailmemo.Lines.Add(' 窗口大小 :'+inttostr(ntohs(tcp.Windows)));
detailmemo.Lines.Add(' TCP标志 :'+getsign(tcp.flag));
end
else if pipheader.ip_protocol=IPPROTO_UDP then
begin
// 对UDP包进行解析
udp:=PUDP_Header(integer(ListView.Selected.Data)+sizeof(TIP_Header));
detailmemo.Lines.Add('');
detailmemo.Lines.Add('--------------------------------------');
detailmemo.Lines.Add('UDP包解析 ');
detailmemo.Lines.Add(' 源端口 :'+inttostr(ntohs(udp.src_portno)));
detailmemo.Lines.Add(' 目标端口 :'+inttostr(ntohs(udp.dst_portno)));
detailmemo.Lines.Add(' 大小 :'+inttostr(ntohs(udp.udp_length)));
end;
// 以十六进制形式将包内数据显示出来
HexDump := CreateHexDump(TWinControl(NoteBook.Pages.Objects[0]));
HexDump.Address := ListView.selected.Data;
str:= ListView.Selected.SubItems[3];
HexDump.DataSize :=strtoint(str);
//HexDump.ShowAddress:=false;
show;
NoteBook.SetFocus;
refresh;
end;
except
ShowMessage('请选择要浏览的IP包记录!');
end;
end;
procedure TfrmMain.BtnBlankBtnClearClick(Sender: TObject);
var
i:integer;
begin
for i:=0 to ListView.Items.Count-1 do
freemem(ListView.Items.Data);
ListView.Items.Clear;
end;
procedure TfrmMain.FormCloseQuery(Sender: TObject; var CanClose: Boolean); //处理IPPackage页
var
i:integer;
begin
for i:=0 to ListView.Items.Count-1 do
freemem(ListView.Items.Data);
ListView.Items.Clear;
if BtnBlankBtnStop.Enabled then BtnBlankBtnStop.OnClick(nil);
end;
procedure TfrmMain.DirMonCreated(Sender: TObject; FileName,
FUserName: String);
begin
RzMemMonitLogs.Lines.Add('CREATED '+FileName + ' 用户名:' + FUserName);
end;
procedure TfrmMain.DirMonDeleted(Sender: TObject; FileName,
FUserName: String);
begin
RzMemMonitLogs.Lines.Add('Deleted '+DirMon.Path + FileName + ' 用户名:' + FUserName);
end;
procedure TfrmMain.DirMonModified(Sender: TObject; FileName,
FUserName: String);
begin
RzMemMonitLogs.Lines.Add('Modified '+FileName + ' 用户名:' + FUserName);
end;
procedure TfrmMain.DirMonRenamed(Sender: TObject; fromFileName,
toFileName: String);
begin
RzMemMonitLogs.Lines.Add('Renamed von '+fromFileName+' in '+ToFileName);
end;
procedure TfrmMain.FormClose(Sender: TObject; var Action: TCloseAction);
begin
dirMon.Active:=False;
end;
//-------------------------------------连接到本机的机器信息---------------------------------------------------
procedure RunDosInMemo(DosApp:String;AMemo:TRzMemo; AListBox: TRzListBox);
const
ReadBuffer = 2400;
var
Security : TSecurityAttributes;
ReadPipe,WritePipe : THandle;
start : TStartUpInfo;
ProcessInfo : TProcessInformation;
Buffer : Pchar;
BytesRead : DWord;
Apprunning : DWord;
BufferTemp, Computers, Users, ComputerAndUser: string;
I: Integer;
begin
With Security do begin
nlength := SizeOf(TSecurityAttributes);
binherithandle := true;
lpsecuritydescriptor := nil;
end;
if Createpipe (ReadPipe, WritePipe,
@Security, 0) then begin
Buffer := AllocMem(ReadBuffer + 1);
FillChar(Start,Sizeof(Start),#0);
start.cb := SizeOf(start);
start.hStdOutput := WritePipe;
start.hStdInput := ReadPipe;
start.dwFlags := STARTF_USESTDHANDLES +
STARTF_USESHOWWINDOW;
start.wShowWindow := SW_HIDE;
if CreateProcess(nil,
PChar(DosApp),
@Security,
@Security,
true,
NORMAL_PRIORITY_CLASS,
nil,
nil,
start,
ProcessInfo)
then
begin
repeat
Apprunning := WaitForSingleObject(ProcessInfo.hProcess,100);
Application.ProcessMessages;
until (Apprunning <> WAIT_TIMEOUT);
Repeat
BytesRead := 0;
ReadFile(ReadPipe,Buffer[0],ReadBuffer,BytesRead,nil);
Buffer[BytesRead]:= #0;
OemToAnsi(Buffer,Buffer);
AMemo.Text := '';
AListBox.Clear;
AMemo.Text := String(Buffer);
until (BytesRead < ReadBuffer);
//-----------------------------
BufferTemp := AMemo.Text;
while Pos('//',BufferTemp) <> 0 do
begin
BufferTemp := Copy(BufferTemp,pos('//',BufferTemp),Length(BufferTemp)- pos('//',BufferTemp));
Computers := Copy(BufferTemp,1,pos(' ',BufferTemp));
BufferTemp := Copy(BufferTemp,pos(' ',BufferTemp),Length(BufferTemp)- pos(' ',BufferTemp));
Users := Copy(Trim(BufferTemp),1,pos(' ',Trim(BufferTemp)));
ComputerAndUser := Computers + ' ' + Users;
AListBox.AddItem(ComputerAndUser,TObject(0));
end;
//-----------------------------
end;
FreeMem(Buffer);
CloseHandle(ProcessInfo.hProcess);
CloseHandle(ProcessInfo.hThread);
CloseHandle(ReadPipe);
CloseHandle(WritePipe);
end;
end;
//---------------------------------------------------------------------------------------------------
procedure TfrmMain.BtnViewComputerSessionClick(Sender: TObject);
begin
RunDosInMemo('net session',RzMemComputerSession, RzListBoxComputerSession);
end;
procedure TfrmMain.RzMemComputerSessionKeyDown(Sender: TObject;
var Key: Word; Shift: TShiftState);
begin
if Key = VK_Return then
RunDosInMemo(RzMemComputerSession.Text,RzMemComputerSession,RzListBoxComputerSession);
end;
end.
G
gps
Unregistered / Unconfirmed
GUEST, unregistred user!
兄弟能给我一份源码吗?
谢谢
Email:Gpsma@163.com
谢谢
Email:Gpsma@163.com
爱
爱元元的哥哥
Unregistered / Unconfirmed
GUEST, unregistred user!
驱动级的东西,用Delphi无法实现!
D
d_uuu
Unregistered / Unconfirmed
GUEST, unregistred user!
关注
gaston@163.com
gaston@163.com