执行前解析 STARTUPINFO hStdInput

Question

我正在尝试使用 C++ 编写一个简单的远程 shell，并且希望能够在执行命令之前解析命令，我的问题是 hStdInput 直接从 WSASocket 句柄获取输入，因此它会自动执行命令远程机器，有没有办法解析 hStdInput 并采取相应的行动？或者换一种方式？

这是一个代码sn-p：

sinfo.dwFlags = (STARTF_USESTDHANDLES | STARTF_USESHOWWINDOW);
sinfo.hStdInput = sinfo.hStdOutput = sinfo.hStdError = (HANDLE)mySocket;
CreateProcess(NULL, Process, NULL, NULL, TRUE, 0, NULL, NULL, &sinfo, &pinfo);
WaitForSingleObject(pinfo.hProcess, INFINITE);
CloseHandle(pinfo.hProcess);
CloseHandle(pinfo.hThread);

Answer 1

您可以使用CreatePipe 创建连接到子进程的匿名管道，而不是直接将套接字连接到它。

HANDLE read_pipe, write_pipe;
SECURITY_ATTRIBUTES sa;
sa.nLength = sizeof(SECURITY_ATTRIBUTES);
sa.lpSecurityDescriptor = NULL;
sa.bInheritHandle = TRUE;
CreatePipe(&read_pipe, &write_pipe, &sa, 0);

sinfo.hStdInput = read_pipe;
sinfo.hStdOutput = sinfo.hStdError = (HANDLE)mySocket;

CreateProcess(NULL, Process, NULL, NULL, TRUE, 0, NULL, NULL, &sinfo, &pinfo);
HANDLE handles[2] = {pinfo.hProcess, mySocket};

char buffer[1024];
while(true) {
    DWORD wfmo = WaitForMultipleObjects(2, handles, FALSE, INFINITE);
    if(wfmo == WAIT_OBJECT_0) {
        // process died
        break;
    } else if(wfmo == WAIT_OBJECT_0+1) {
        // read socket and write to write_pipe
        DWORD NumberOfBytesRead;
        DWORD NumberOfBytesWritten;
        if(ReadFile(mySocket, buffer, 1024, &NumberOfBytesRead, NULL)) {
            char* bptr = buffer;
            while(NumberOfBytesRead) {
                if(WriteFile(write_pipe, bptr, NumberOfBytesRead, &NumberOfBytesWritten, NULL)) {
                    bptr += NumberOfBytesWritten;
                    NumberOfBytesRead -= NumberOfBytesWritten;
                } else {
                    // write failed
                }
            }
        } else {
            // read failed
        } 
    }
}