wmi-1.3.16 from opsview.com
This commit is contained in:
Are Casilla
@@ -0,0 +1,5 @@
|
||||
- add service config options, esp. "interactive",
|
||||
- encryption of pipes (I hope it can be done using smb proto),
|
||||
- other psexec/beyondexec options
|
||||
- turn off line buffering of stdin on windows side (how???)
|
||||
- review/fix code :)
|
||||
@@ -0,0 +1,257 @@
|
||||
/*
|
||||
Copyright (C) Andrzej Hajda 2006
|
||||
Contact: andrzej.hajda@wp.pl
|
||||
License: GNU General Public License version 2
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
#include "libcli/libcli.h"
|
||||
#include "winexe.h"
|
||||
|
||||
void list_enqueue(struct list *l, const void *data, int size)
|
||||
{
|
||||
struct list_item *li =
|
||||
talloc_size(0, sizeof(struct list_item) + size);
|
||||
memcpy(li->data, data, size);
|
||||
li->size = size;
|
||||
li->next = 0;
|
||||
if (l->end)
|
||||
l->end->next = li;
|
||||
else
|
||||
l->begin = li;
|
||||
l->end = li;
|
||||
}
|
||||
|
||||
void list_dequeue(struct list *l)
|
||||
{
|
||||
struct list_item *li = l->begin;
|
||||
if (!li)
|
||||
return;
|
||||
l->begin = li->next;
|
||||
if (!l->begin)
|
||||
l->end = 0;
|
||||
talloc_free(li);
|
||||
}
|
||||
|
||||
static void async_read_recv(struct smbcli_request *req)
|
||||
{
|
||||
struct async_context *c = req->async.private;
|
||||
NTSTATUS status;
|
||||
|
||||
status = smb_raw_read_recv(req, c->io_read);
|
||||
c->rreq = NULL;
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
DEBUG(1,
|
||||
("ERROR: smb_raw_read_recv - %s\n",
|
||||
nt_errstr(status)));
|
||||
if (c->cb_error)
|
||||
c->cb_error(c->cb_ctx, ASYNC_READ_RECV, status);
|
||||
return;
|
||||
}
|
||||
|
||||
if (c->cb_read)
|
||||
c->cb_read(c->cb_ctx, c->buffer,
|
||||
c->io_read->readx.out.nread);
|
||||
|
||||
async_read(c);
|
||||
}
|
||||
|
||||
static void async_write_recv(struct smbcli_request *req)
|
||||
{
|
||||
struct async_context *c = req->async.private;
|
||||
NTSTATUS status;
|
||||
|
||||
status = smb_raw_write_recv(req, c->io_write);
|
||||
c->wreq = NULL;
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
DEBUG(1,
|
||||
("ERROR: smb_raw_write_recv - %s\n",
|
||||
nt_errstr(status)));
|
||||
talloc_free(c->io_write);
|
||||
c->io_write = 0;
|
||||
if (c->cb_error)
|
||||
c->cb_error(c->cb_ctx, ASYNC_WRITE_RECV, status);
|
||||
return;
|
||||
}
|
||||
if (c->wq.begin) {
|
||||
async_write(c, c->wq.begin->data, c->wq.begin->size);
|
||||
list_dequeue(&c->wq);
|
||||
}
|
||||
}
|
||||
|
||||
static void async_open_recv(struct smbcli_request *req)
|
||||
{
|
||||
struct async_context *c = req->async.private;
|
||||
NTSTATUS status;
|
||||
|
||||
DEBUG(1, ("IN: async_open_recv\n"));
|
||||
status = smb_raw_open_recv(req, c, c->io_open);
|
||||
c->rreq = NULL;
|
||||
if (NT_STATUS_IS_OK(status))
|
||||
#if 1
|
||||
c->fd = c->io_open->openx.out.file.fnum;
|
||||
#else
|
||||
c->fd = c->io_open->ntcreatex.out.file.fnum;
|
||||
#endif
|
||||
talloc_free(c->io_open);
|
||||
c->io_open = 0;
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
DEBUG(1,
|
||||
("ERROR: smb_raw_open_recv - %s\n",
|
||||
nt_errstr(status)));
|
||||
if (c->cb_error)
|
||||
c->cb_error(c->cb_ctx, ASYNC_OPEN_RECV, status);
|
||||
return;
|
||||
}
|
||||
if (c->cb_open)
|
||||
c->cb_open(c->cb_ctx);
|
||||
async_read(c);
|
||||
}
|
||||
|
||||
static void async_close_recv(struct smbcli_request *req)
|
||||
{
|
||||
struct async_context *c = req->async.private;
|
||||
NTSTATUS status;
|
||||
|
||||
status = smbcli_request_simple_recv(req);
|
||||
talloc_free(c->io_close);
|
||||
c->io_close = 0;
|
||||
if (c->io_open) {
|
||||
talloc_free(c->io_open);
|
||||
c->io_open = 0;
|
||||
}
|
||||
if (c->io_read) {
|
||||
talloc_free(c->io_read);
|
||||
c->io_read = 0;
|
||||
}
|
||||
if (c->io_write) {
|
||||
talloc_free(c->io_write);
|
||||
c->io_write = 0;
|
||||
}
|
||||
if (c->cb_close)
|
||||
c->cb_close(c->cb_ctx);
|
||||
}
|
||||
|
||||
int async_read(struct async_context *c)
|
||||
{
|
||||
if (!c->io_read) {
|
||||
c->io_read = talloc(c->tree, union smb_read);
|
||||
c->io_read->readx.level = RAW_READ_READX;
|
||||
c->io_read->readx.in.file.fnum = c->fd;
|
||||
c->io_read->readx.in.offset = 0;
|
||||
c->io_read->readx.in.mincnt = sizeof(c->buffer);
|
||||
c->io_read->readx.in.maxcnt = sizeof(c->buffer);
|
||||
c->io_read->readx.in.remaining = 0;
|
||||
c->io_read->readx.in.read_for_execute = False;
|
||||
c->io_read->readx.out.data = (uint8_t *)c->buffer;
|
||||
}
|
||||
c->rreq = smb_raw_read_send(c->tree, c->io_read);
|
||||
if (!c->rreq) {
|
||||
if (c->cb_error)
|
||||
c->cb_error(c->cb_ctx, ASYNC_READ,
|
||||
NT_STATUS_NO_MEMORY);
|
||||
return 0;
|
||||
}
|
||||
c->rreq->transport->options.request_timeout = 0;
|
||||
c->rreq->async.fn = async_read_recv;
|
||||
c->rreq->async.private = c;
|
||||
return 1;
|
||||
}
|
||||
|
||||
int async_open(struct async_context *c, const char *fn, int open_mode)
|
||||
{
|
||||
DEBUG(1, ("IN: async_open(%s, %d)\n", fn, open_mode));
|
||||
c->io_open = talloc_zero(c, union smb_open);
|
||||
if (!c->io_open)
|
||||
goto failed;
|
||||
#if 1
|
||||
c->io_open->openx.level = RAW_OPEN_OPENX;
|
||||
c->io_open->openx.in.flags = 0;
|
||||
c->io_open->openx.in.open_mode = open_mode;
|
||||
c->io_open->openx.in.search_attrs =
|
||||
FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN;
|
||||
c->io_open->openx.in.file_attrs = 0;
|
||||
c->io_open->openx.in.write_time = 0;
|
||||
c->io_open->openx.in.open_func = 0;
|
||||
c->io_open->openx.in.size = 0;
|
||||
c->io_open->openx.in.timeout = 0;
|
||||
c->io_open->openx.in.fname = fn;
|
||||
#else
|
||||
c->io_open->ntcreatex.level = RAW_OPEN_NTCREATEX;
|
||||
c->io_open->ntcreatex.in.flags = NTCREATEX_FLAGS_EXTENDED;
|
||||
c->io_open->ntcreatex.in.access_mask = open_mode;
|
||||
c->io_open->ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN;
|
||||
c->io_open->ntcreatex.in.impersonation = impersonation;
|
||||
c->io_open->ntcreatex.in.create_options = NTCREATEX_OPTIONS_NON_DIRECTORY_FILE | NTCREATEX_OPTIONS_WRITE_THROUGH;
|
||||
c->io_open->ntcreatex.in.security_flags = NTCREATEX_SECURITY_DYNAMIC | NTCREATEX_SECURITY_ALL;
|
||||
c->io_open->ntcreatex.in.fname = fn;
|
||||
#endif
|
||||
c->rreq = smb_raw_open_send(c->tree, c->io_open);
|
||||
if (!c->rreq)
|
||||
goto failed;
|
||||
c->rreq->async.fn = async_open_recv;
|
||||
c->rreq->async.private = c;
|
||||
return 1;
|
||||
failed:
|
||||
DEBUG(1, ("ERROR: async_open\n"));
|
||||
talloc_free(c);
|
||||
return 0;
|
||||
}
|
||||
|
||||
int async_write(struct async_context *c, const void *buf, int len)
|
||||
{
|
||||
if (c->wreq) {
|
||||
list_enqueue(&c->wq, buf, len);
|
||||
return 0;
|
||||
}
|
||||
if (!c->io_write) {
|
||||
c->io_write = talloc_zero(c, union smb_write);
|
||||
if (!c->io_write)
|
||||
goto failed;
|
||||
c->io_write->write.level = RAW_WRITE_WRITE;
|
||||
c->io_write->write.in.remaining = 0;
|
||||
c->io_write->write.in.file.fnum = c->fd;
|
||||
c->io_write->write.in.offset = 0;
|
||||
}
|
||||
c->io_write->write.in.count = len;
|
||||
c->io_write->write.in.data = buf;
|
||||
struct smbcli_request *req =
|
||||
smb_raw_write_send(c->tree, c->io_write);
|
||||
if (!req)
|
||||
goto failed;
|
||||
req->async.fn = async_write_recv;
|
||||
req->async.private = c;
|
||||
return 1;
|
||||
failed:
|
||||
DEBUG(1, ("ERROR: async_write\n"));
|
||||
talloc_free(c->io_write);
|
||||
c->io_write = 0;
|
||||
return 0;
|
||||
}
|
||||
|
||||
int async_close(struct async_context *c)
|
||||
{
|
||||
if (c->rreq)
|
||||
smbcli_request_destroy(c->rreq);
|
||||
if (c->wreq)
|
||||
smbcli_request_destroy(c->wreq);
|
||||
c->rreq = c->wreq = NULL;
|
||||
c->io_close = talloc_zero(c, union smb_close);
|
||||
if (!c->io_close)
|
||||
goto failed;
|
||||
c->io_close->close.level = RAW_CLOSE_CLOSE;
|
||||
c->io_close->close.in.file.fnum = c->fd;
|
||||
c->io_close->close.in.write_time = 0;
|
||||
struct smbcli_request *req =
|
||||
smb_raw_close_send(c->tree, c->io_close);
|
||||
if (!req)
|
||||
goto failed;
|
||||
req->async.fn = async_close_recv;
|
||||
req->async.private = c;
|
||||
return 1;
|
||||
failed:
|
||||
DEBUG(1, ("ERROR: async_close\n"));
|
||||
talloc_free(c->io_close);
|
||||
c->io_close = 0;
|
||||
return 0;
|
||||
}
|
||||
@@ -0,0 +1,46 @@
|
||||
0.80 - 26/10/07 Added --interactive option.
|
||||
winexesvc is replaced only if version differs on more than last digit.
|
||||
0.77 - 11/10/07 Fixed bug causing winexe crash during service uninstallation.
|
||||
0.76 - 10/10/07 Service status is checked during service (un)installation.
|
||||
Corrected service installation code(case of deleted winexesvc.exe file).
|
||||
0.75 - 09/07/07 Added workaround for delayed pipe handle destruction(error 0x000000E7).
|
||||
Removed token handle leaks in case of error condition.
|
||||
0.74 - 04/07/07 Added version checking and automatic service reinstallation
|
||||
Pipe names now depends on ProcessID(should solve issue with unterminated winexe processes)
|
||||
0.73 - 29/06/07 Corrected bug in signal handling
|
||||
0.72 - 26/06/07 Added winexe INT/TERM signal handling
|
||||
0.71 - 22/05/07 Workarounds for win2003sp2 service (re)installation issues
|
||||
Removed token handle leaks in winexesvc
|
||||
0.7 - 25/07/06 Making code more pretty.
|
||||
By default commands run on user's account.
|
||||
Added --system - commands run on system account.
|
||||
Added --runas - any user can be impersonated(BEWARE: passwords are sent in clear text).
|
||||
Many changes in winexesvc.
|
||||
0.61 - 07/07/06 Fixed bug in svcctl.idl
|
||||
Changed types of 'dependencies' and 'password' params in CreateServiceW.
|
||||
0.6 - 07/07/06 svcctl.idl cosmetics
|
||||
Linux code style applied, semi automatic.
|
||||
Removed // style comments.
|
||||
Changed includes <xx.h> to <sys/xx.h>
|
||||
0.5 - 06/07/06 Cleaned up winexe/service code.
|
||||
Changed deps in winexe/config.mk.
|
||||
Renamed directory service to winexesvc.
|
||||
STDIN read corrected.
|
||||
async_write serialized - now server should receive input in correct order.
|
||||
0.4 - 02/07/06 Added dependencies in winexe/config.mk to auto rebuild service.
|
||||
Turned off timeouts - proces do not disconnect after 60sec.
|
||||
Added some debug messages.
|
||||
Removed small leaks in winexesvc.
|
||||
0.3 - 02/07/06 winexe is fully integrated with smb_build system. Now there is
|
||||
no need to separately compile winexe/service. I have also removed symlink
|
||||
to winexesvc_exe.c, should be cleaner.
|
||||
0.2 - 02/07/06 Now it works with NT - all pipes are created with security
|
||||
descriptor allowing admins to open it.
|
||||
Added options --reinstall/--uninstall.
|
||||
Added error messages, cleaned debug messages(-d 1).
|
||||
Some code cleaning.
|
||||
Added 'precompiled' winexe/service/winexesvc_exe.c, for users without
|
||||
crosscompiler or windows compile enironment.
|
||||
0.1 - 01/07/06 In winexe dir added link to winexe/service/winexesvc_exe.c,
|
||||
I am not sure if patch utility supports it.
|
||||
0.0 - 30/06/06 Initial release
|
||||
@@ -0,0 +1,19 @@
|
||||
#################################
|
||||
# Start BINARY winexe
|
||||
[BINARY::winexe]
|
||||
INSTALLDIR = BINDIR
|
||||
OBJ_FILES = \
|
||||
winexe.o \
|
||||
service.o \
|
||||
async.o \
|
||||
winexesvc/winexesvc_exe.o
|
||||
PRIVATE_DEPENDENCIES = \
|
||||
POPT_SAMBA \
|
||||
POPT_CREDENTIALS \
|
||||
LIBPOPT \
|
||||
RPC_NDR_SVCCTL
|
||||
# End BINARY winexe
|
||||
#################################
|
||||
|
||||
winexe/winexesvc/winexesvc_exe.c: winexe/winexesvc/winexesvc.c
|
||||
@$(MAKE) -C winexe/winexesvc
|
||||
@@ -0,0 +1,356 @@
|
||||
/*
|
||||
Copyright (C) Andrzej Hajda 2006
|
||||
Contact: andrzej.hajda@wp.pl
|
||||
License: GNU General Public License version 2
|
||||
*/
|
||||
|
||||
|
||||
#include "includes.h"
|
||||
#include "lib/cmdline/popt_common.h"
|
||||
#include "librpc/rpc/dcerpc.h"
|
||||
#include "librpc/gen_ndr/ndr_svcctl_c.h"
|
||||
#include "librpc/gen_ndr/ndr_security.h"
|
||||
#define SERVICE_ALL_ACCESS (0xF01FF)
|
||||
#define SERVICE_WIN32_OWN_PROCESS (0x00000010)
|
||||
#define SERVICE_DEMAND_START (0x00000003)
|
||||
#define SERVICE_ERROR_NORMAL (0x00000001)
|
||||
#define SERVICE_CONTROL_STOP (0x00000001)
|
||||
#define NT_STATUS_SERVICE_DOES_NOT_EXIST NT_STATUS(0x00000424)
|
||||
#include "system/filesys.h"
|
||||
#include "libcli/libcli.h"
|
||||
#include "libcli/smb_composite/smb_composite.h"
|
||||
#include "lib/util/util.h"
|
||||
|
||||
#include "winexe.h"
|
||||
|
||||
#define NT_ERR(status, lvl, args...) if (!NT_STATUS_IS_OK(status)) { DEBUG(lvl,("ERROR: " args)); DEBUG(lvl,(". %s.\n", nt_errstr(status))); return status; }
|
||||
#define NT_RES(status, werr) (NT_STATUS_IS_OK(status) ? werror_to_ntstatus(werr) : status)
|
||||
|
||||
NTSTATUS svc_pipe_connect(struct dcerpc_pipe **psvc_pipe,
|
||||
const char *hostname,
|
||||
struct cli_credentials *credentials)
|
||||
{
|
||||
NTSTATUS status;
|
||||
char *binding;
|
||||
|
||||
asprintf(&binding, "ncacn_np:%s%s", hostname, DEBUGLVL(9)?"[print]":"");
|
||||
status =
|
||||
dcerpc_pipe_connect(NULL, psvc_pipe, binding,
|
||||
&dcerpc_table_svcctl, credentials, NULL);
|
||||
free(binding);
|
||||
return status;
|
||||
}
|
||||
|
||||
NTSTATUS svc_OpenSCManager(struct dcerpc_pipe * svc_pipe,
|
||||
const char *hostname,
|
||||
struct policy_handle * pscm_handle)
|
||||
{
|
||||
NTSTATUS status;
|
||||
struct svcctl_OpenSCManagerW r;
|
||||
|
||||
r.in.MachineName = hostname;
|
||||
r.in.DatabaseName = NULL;
|
||||
r.in.access_mask = SEC_FLAG_MAXIMUM_ALLOWED;
|
||||
r.out.handle = pscm_handle;
|
||||
status = dcerpc_svcctl_OpenSCManagerW(svc_pipe, NULL, &r);
|
||||
return NT_RES(status, r.out.result);
|
||||
}
|
||||
|
||||
NTSTATUS svc_OpenService(struct dcerpc_pipe * svc_pipe,
|
||||
struct policy_handle * pscm_handle,
|
||||
const char *ServiceName,
|
||||
struct policy_handle * psvc_handle)
|
||||
{
|
||||
NTSTATUS status;
|
||||
struct svcctl_OpenServiceW r;
|
||||
|
||||
r.in.scmanager_handle = pscm_handle;
|
||||
r.in.ServiceName = ServiceName;
|
||||
r.in.access_mask = SERVICE_ALL_ACCESS;
|
||||
r.out.handle = psvc_handle;
|
||||
status = dcerpc_svcctl_OpenServiceW(svc_pipe, NULL, &r);
|
||||
return NT_RES(status, r.out.result);
|
||||
}
|
||||
|
||||
NTSTATUS svc_CreateService(struct dcerpc_pipe * svc_pipe,
|
||||
struct policy_handle * pscm_handle,
|
||||
const char *ServiceName,
|
||||
uint32_t type,
|
||||
const char *binary_path,
|
||||
struct policy_handle * psvc_handle)
|
||||
{
|
||||
NTSTATUS status;
|
||||
struct svcctl_CreateServiceW r;
|
||||
|
||||
r.in.scmanager_handle = pscm_handle;
|
||||
r.in.service_name = ServiceName;
|
||||
r.in.display_name = NULL;
|
||||
r.in.desired_access = SERVICE_ALL_ACCESS;
|
||||
r.in.type = type;
|
||||
r.in.start_type = SERVICE_DEMAND_START;
|
||||
r.in.error_control = SERVICE_ERROR_NORMAL;
|
||||
r.in.binary_path = binary_path;
|
||||
r.in.load_order_group = NULL;
|
||||
r.in.tag_id = NULL;
|
||||
r.in.dependencies = NULL;
|
||||
r.in.dependencies_size = 0;
|
||||
r.in.service_start_name = NULL;
|
||||
r.in.password = NULL;
|
||||
r.in.password_size = 0;
|
||||
r.out.handle = psvc_handle;
|
||||
r.out.tag_id = NULL;
|
||||
status = dcerpc_svcctl_CreateServiceW(svc_pipe, NULL, &r);
|
||||
return NT_RES(status, r.out.result);
|
||||
}
|
||||
|
||||
NTSTATUS svc_ChangeServiceConfig(struct dcerpc_pipe * svc_pipe,
|
||||
struct policy_handle * psvc_handle,
|
||||
uint32_t type,
|
||||
const char *binary_path)
|
||||
{
|
||||
NTSTATUS status;
|
||||
struct svcctl_ChangeServiceConfigW r;
|
||||
|
||||
r.in.handle = psvc_handle;
|
||||
r.in.type = type;
|
||||
r.in.start_type = SERVICE_NO_CHANGE;
|
||||
r.in.error_control = SERVICE_NO_CHANGE;
|
||||
r.in.binary_path = binary_path;
|
||||
r.in.load_order_group = NULL;
|
||||
r.in.tag_id = NULL;
|
||||
r.in.dependencies = NULL;
|
||||
r.in.dependencies_size = 0;
|
||||
r.in.service_start_name = NULL;
|
||||
r.in.password = NULL;
|
||||
r.in.password_size = 0;
|
||||
r.in.display_name = NULL;
|
||||
r.out.tag_id = NULL;
|
||||
status = dcerpc_svcctl_ChangeServiceConfigW(svc_pipe, NULL, &r);
|
||||
return NT_RES(status, r.out.result);
|
||||
}
|
||||
|
||||
NTSTATUS svc_StartService(struct dcerpc_pipe * svc_pipe,
|
||||
struct policy_handle * psvc_handle)
|
||||
{
|
||||
NTSTATUS status;
|
||||
struct svcctl_StartServiceW r;
|
||||
|
||||
r.in.handle = psvc_handle;
|
||||
r.in.NumArgs = 0;
|
||||
r.in.Arguments = NULL;
|
||||
status = dcerpc_svcctl_StartServiceW(svc_pipe, NULL, &r);
|
||||
return NT_RES(status, r.out.result);
|
||||
}
|
||||
|
||||
NTSTATUS svc_ControlService(struct dcerpc_pipe * svc_pipe,
|
||||
struct policy_handle * psvc_handle,
|
||||
int control, struct SERVICE_STATUS * sstatus)
|
||||
{
|
||||
NTSTATUS status;
|
||||
struct svcctl_ControlService r;
|
||||
|
||||
r.in.handle = psvc_handle;
|
||||
r.in.control = control;
|
||||
r.out.status = sstatus;
|
||||
status = dcerpc_svcctl_ControlService(svc_pipe, NULL, &r);
|
||||
return NT_RES(status, r.out.result);
|
||||
}
|
||||
|
||||
NTSTATUS svc_QueryServiceStatus(struct dcerpc_pipe * svc_pipe,
|
||||
struct policy_handle * psvc_handle,
|
||||
struct SERVICE_STATUS * sstatus)
|
||||
{
|
||||
NTSTATUS status;
|
||||
struct svcctl_QueryServiceStatus r;
|
||||
|
||||
r.in.handle = psvc_handle;
|
||||
r.out.status = sstatus;
|
||||
status = dcerpc_svcctl_QueryServiceStatus(svc_pipe, NULL, &r);
|
||||
return NT_RES(status, r.out.result);
|
||||
}
|
||||
|
||||
NTSTATUS svc_DeleteService(struct dcerpc_pipe * svc_pipe,
|
||||
struct policy_handle * psvc_handle)
|
||||
{
|
||||
NTSTATUS status;
|
||||
struct svcctl_DeleteService r;
|
||||
|
||||
r.in.handle = psvc_handle;
|
||||
status = dcerpc_svcctl_DeleteService(svc_pipe, NULL, &r);
|
||||
return NT_RES(status, r.out.result);
|
||||
}
|
||||
|
||||
NTSTATUS svc_CloseServiceHandle(struct dcerpc_pipe * svc_pipe,
|
||||
struct policy_handle * psvc_handle)
|
||||
{
|
||||
NTSTATUS status;
|
||||
struct svcctl_CloseServiceHandle r;
|
||||
|
||||
r.in.handle = psvc_handle;
|
||||
r.out.handle = psvc_handle;
|
||||
status = dcerpc_svcctl_CloseServiceHandle(svc_pipe, NULL, &r);
|
||||
return status;
|
||||
}
|
||||
|
||||
NTSTATUS svc_UploadService(const char *hostname,
|
||||
struct cli_credentials * credentials, int force)
|
||||
{
|
||||
struct smb_composite_savefile *io;
|
||||
struct smbcli_state *cli;
|
||||
NTSTATUS status;
|
||||
|
||||
status =
|
||||
smbcli_full_connection(NULL, &cli, hostname, "ADMIN$", NULL,
|
||||
credentials, NULL);
|
||||
NT_ERR(status, 1, "Failed to open ADMIN$ share");
|
||||
if (!force) {
|
||||
int fd = smbcli_open(cli->tree, "winexesvc.exe", O_RDONLY, DENY_NONE);
|
||||
if (fd >= 0) {
|
||||
smbcli_close(cli->tree, fd);
|
||||
return status;
|
||||
}
|
||||
} else {
|
||||
smbcli_unlink(cli->tree, "winexesvc.exe");
|
||||
}
|
||||
io = talloc_zero(cli->tree, struct smb_composite_savefile);
|
||||
io->in.fname = "winexesvc.exe";
|
||||
io->in.data = winexesvc_exe;
|
||||
io->in.size = winexesvc_exe_len;
|
||||
status = smb_composite_savefile(cli->tree, io);
|
||||
NT_ERR(status, 1, "Failed to save ADMIN$/%s", io->in.fname);
|
||||
talloc_free(io);
|
||||
smbcli_tdis(cli);
|
||||
return status;
|
||||
}
|
||||
|
||||
/* Start, Creates, Install service if necccesary */
|
||||
NTSTATUS svc_install(const char *hostname,
|
||||
struct cli_credentials * credentials, int flags)
|
||||
{
|
||||
NTSTATUS status;
|
||||
struct dcerpc_pipe *svc_pipe;
|
||||
struct policy_handle scm_handle;
|
||||
struct policy_handle svc_handle;
|
||||
int need_start;
|
||||
|
||||
status = svc_pipe_connect(&svc_pipe, hostname, credentials);
|
||||
NT_ERR(status, 1, "Cannot connect to svcctl pipe");
|
||||
status = svc_UploadService(hostname, credentials, flags & SVC_FORCE_UPLOAD);
|
||||
NT_ERR(status, 1, "UploadService failed");
|
||||
status = svc_OpenSCManager(svc_pipe, hostname, &scm_handle);
|
||||
NT_ERR(status, 1, "OpenSCManager failed");
|
||||
status = svc_OpenService(svc_pipe, &scm_handle, "winexesvc",
|
||||
&svc_handle);
|
||||
if (NT_STATUS_EQUAL(status, NT_STATUS_SERVICE_DOES_NOT_EXIST)) {
|
||||
status =
|
||||
svc_CreateService(svc_pipe, &scm_handle, "winexesvc",
|
||||
SERVICE_WIN32_OWN_PROCESS |
|
||||
(flags & SVC_INTERACTIVE ? SERVICE_INTERACTIVE_PROCESS : 0),
|
||||
"winexesvc.exe", &svc_handle);
|
||||
NT_ERR(status, 1, "CreateService failed");
|
||||
} else if (NT_STATUS_IS_OK(status) && !(flags & SVC_IGNORE_INTERACTIVE)) {
|
||||
struct SERVICE_STATUS s;
|
||||
int what, want;
|
||||
status = svc_QueryServiceStatus(svc_pipe, &svc_handle, &s);
|
||||
NT_ERR(status, 1, "QueryServiceStatus failed");
|
||||
what = s.type & SERVICE_INTERACTIVE_PROCESS;
|
||||
want = flags & SVC_INTERACTIVE;
|
||||
if ((what && !want) || (!what && want)) {
|
||||
need_start = 1;
|
||||
if (s.state != SERVICE_STOPPED) {
|
||||
status = svc_ControlService(svc_pipe, &svc_handle,
|
||||
SERVICE_CONTROL_STOP, &s);
|
||||
NT_ERR(status, 1, "StopService failed");
|
||||
}
|
||||
status = svc_ChangeServiceConfig(svc_pipe, &svc_handle,
|
||||
SERVICE_WIN32_OWN_PROCESS |
|
||||
(want ? SERVICE_INTERACTIVE_PROCESS : 0),
|
||||
NULL);
|
||||
NT_ERR(status, 1, "ChangeServiceConfig failed");
|
||||
do {
|
||||
msleep(100);
|
||||
status = svc_QueryServiceStatus(svc_pipe, &svc_handle, &s);
|
||||
NT_ERR(status, 1, "QueryServiceStatus failed");
|
||||
} while (s.state == SERVICE_STOP_PENDING);
|
||||
}
|
||||
} else {
|
||||
NT_ERR(status, 1, "OpenService failed");
|
||||
}
|
||||
if ((flags & SVC_IGNORE_INTERACTIVE) || need_start) {
|
||||
status = svc_StartService(svc_pipe, &svc_handle);
|
||||
NT_ERR(status, 1, "StartService failed");
|
||||
}
|
||||
{
|
||||
struct SERVICE_STATUS s;
|
||||
do {
|
||||
msleep(100);
|
||||
status = svc_QueryServiceStatus(svc_pipe, &svc_handle, &s);
|
||||
NT_ERR(status, 1, "QueryServiceStatus failed");
|
||||
} while (s.state == SERVICE_START_PENDING);
|
||||
if (s.state != SERVICE_RUNNING) {
|
||||
DEBUG(0, ("Service cannot start, status=0x%08X\n", s.state));
|
||||
return NT_STATUS_UNSUCCESSFUL;
|
||||
}
|
||||
}
|
||||
svc_CloseServiceHandle(svc_pipe, &svc_handle);
|
||||
svc_CloseServiceHandle(svc_pipe, &scm_handle);
|
||||
talloc_free(svc_pipe);
|
||||
return status;
|
||||
}
|
||||
|
||||
NTSTATUS svc_uninstall(const char *hostname,
|
||||
struct cli_credentials * credentials)
|
||||
{
|
||||
NTSTATUS status;
|
||||
struct dcerpc_pipe *svc_pipe;
|
||||
struct policy_handle scm_handle;
|
||||
struct policy_handle svc_handle;
|
||||
struct SERVICE_STATUS svc_status;
|
||||
|
||||
status = svc_pipe_connect(&svc_pipe, hostname, credentials);
|
||||
NT_ERR(status, 1, "Cannot connect to svcctl pipe");
|
||||
status = svc_OpenSCManager(svc_pipe, hostname, &scm_handle);
|
||||
NT_ERR(status, 1, "OpenSCManager failed");
|
||||
status =
|
||||
svc_OpenService(svc_pipe, &scm_handle, "winexesvc",
|
||||
&svc_handle);
|
||||
NT_ERR(status, 1, "OpenService failed");
|
||||
DEBUG(1, ("OpenService - %s\n", nt_errstr(status)));
|
||||
if (NT_STATUS_IS_OK(status)) {
|
||||
status =
|
||||
svc_ControlService(svc_pipe, &svc_handle,
|
||||
SERVICE_CONTROL_STOP, &svc_status);
|
||||
{
|
||||
struct SERVICE_STATUS s;
|
||||
do {
|
||||
msleep(100);
|
||||
status = svc_QueryServiceStatus(svc_pipe, &svc_handle, &s);
|
||||
NT_ERR(status, 1, "QueryServiceStatus failed");
|
||||
} while (s.state == SERVICE_STOP_PENDING);
|
||||
if (s.state != SERVICE_STOPPED) {
|
||||
DEBUG(0, ("Service cannot stop, status=0x%08X\n", s.state));
|
||||
return NT_STATUS_UNSUCCESSFUL;
|
||||
}
|
||||
}
|
||||
DEBUG(1, ("StopService - %s\n", nt_errstr(status)));
|
||||
status = svc_DeleteService(svc_pipe, &svc_handle);
|
||||
DEBUG(1, ("DeleteService - %s\n", nt_errstr(status)));
|
||||
status = svc_CloseServiceHandle(svc_pipe, &svc_handle);
|
||||
DEBUG(1, ("CloseServiceHandle - %s\n", nt_errstr(status)));
|
||||
}
|
||||
svc_CloseServiceHandle(svc_pipe, &scm_handle);
|
||||
DEBUG(1, ("CloseSCMHandle - %s\n", nt_errstr(status)));
|
||||
|
||||
struct smbcli_state *cli;
|
||||
status =
|
||||
smbcli_full_connection(NULL, &cli, hostname, "ADMIN$", NULL,
|
||||
credentials, NULL);
|
||||
NT_ERR(status, 1, "Failed to open ADMIN$ share");
|
||||
/* Give winexesvc some time to exit */
|
||||
msleep(300);
|
||||
status = smbcli_unlink(cli->tree, "winexesvc.exe");
|
||||
DEBUG(1, ("Delete winexesvc.exe - %s\n", nt_errstr(status)));
|
||||
status = smbcli_tdis(cli);
|
||||
DEBUG(1, ("Closing ADMIN$ - %s\n", nt_errstr(status)));
|
||||
return status;
|
||||
}
|
||||
@@ -0,0 +1,350 @@
|
||||
/*
|
||||
Copyright (C) Andrzej Hajda 2006
|
||||
Contact: andrzej.hajda@wp.pl
|
||||
License: GNU General Public License version 2
|
||||
*/
|
||||
|
||||
#include "includes.h"
|
||||
#include "lib/cmdline/popt_common.h"
|
||||
#include "librpc/rpc/dcerpc.h"
|
||||
#include "librpc/gen_ndr/ndr_svcctl_c.h"
|
||||
#include "librpc/gen_ndr/ndr_security.h"
|
||||
#include "libcli/libcli.h"
|
||||
#include "lib/events/events.h"
|
||||
|
||||
#include "winexe.h"
|
||||
#include "winexesvc/shared.h"
|
||||
|
||||
#include <sys/fcntl.h>
|
||||
#include <sys/unistd.h>
|
||||
#include <sys/termios.h>
|
||||
#include <signal.h>
|
||||
|
||||
struct program_args {
|
||||
char *hostname;
|
||||
char *cmd;
|
||||
struct cli_credentials *credentials;
|
||||
int reinstall;
|
||||
int uninstall;
|
||||
int system;
|
||||
char *runas;
|
||||
int interactive;
|
||||
};
|
||||
|
||||
int abort_requested = 0;
|
||||
|
||||
void parse_args(int argc, char *argv[], struct program_args *pmyargs)
|
||||
{
|
||||
poptContext pc;
|
||||
int opt, i;
|
||||
|
||||
int argc_new;
|
||||
char **argv_new;
|
||||
|
||||
struct poptOption long_options[] = {
|
||||
POPT_AUTOHELP
|
||||
POPT_COMMON_SAMBA
|
||||
POPT_COMMON_CONNECTION
|
||||
POPT_COMMON_CREDENTIALS
|
||||
POPT_COMMON_VERSION
|
||||
{"uninstall", 0, POPT_ARG_NONE, &pmyargs->uninstall, 0,
|
||||
"Uninstall winexe service after remote execution", NULL},
|
||||
{"reinstall", 0, POPT_ARG_NONE, &pmyargs->reinstall, 0,
|
||||
"Reinstall winexe service before remote execution", NULL},
|
||||
{"system", 0, POPT_ARG_NONE, &pmyargs->system, 0,
|
||||
"Use SYSTEM account" , NULL},
|
||||
{"runas", 0, POPT_ARG_STRING, &pmyargs->runas, 0,
|
||||
"Run as user (BEWARE: password is sent in cleartext over net)" , "[DOMAIN\\]USERNAME%PASSWORD"},
|
||||
{"interactive", 0, POPT_ARG_INT, &pmyargs->interactive, 0,
|
||||
"Desktop interaction: 0 - disallow, 1 - allow. If you allow use also --system switch (Win requirement). Vista do not support this option.", NULL},
|
||||
POPT_TABLEEND
|
||||
};
|
||||
|
||||
pc = poptGetContext(argv[0], argc, (const char **) argv,
|
||||
long_options, 0);
|
||||
|
||||
poptSetOtherOptionHelp(pc, "//host command");
|
||||
|
||||
while ((opt = poptGetNextOpt(pc)) != -1) {
|
||||
DEBUG(0, ("winexe version %d.%02d\nThis program may be freely redistributed under the terms of the GNU GPL\n", VERSION / 100, VERSION % 100));
|
||||
poptPrintUsage(pc, stdout, 0);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
argv_new = discard_const_p(char *, poptGetArgs(pc));
|
||||
|
||||
argc_new = argc;
|
||||
for (i = 0; i < argc - 1; i++) {
|
||||
if (argv_new[i] == NULL) {
|
||||
argc_new = i;
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
if (argc_new != 2 || argv_new[0][0] != '/'
|
||||
|| argv_new[0][1] != '/') {
|
||||
DEBUG(0, ("winexe version %d.%02d\nThis program may be freely redistributed under the terms of the GNU GPL\n", VERSION / 100, VERSION % 100));
|
||||
poptPrintUsage(pc, stdout, 0);
|
||||
exit(1);
|
||||
}
|
||||
|
||||
pmyargs->hostname = argv_new[0] + 2;
|
||||
pmyargs->cmd = argv_new[1];
|
||||
}
|
||||
|
||||
enum {STATE_OPENING, STATE_GETTING_VERSION, STATE_RUNNING, STATE_CLOSING, STATE_CLOSING_FOR_REINSTALL };
|
||||
|
||||
struct winexe_context {
|
||||
int state;
|
||||
struct program_args *args;
|
||||
struct smbcli_tree *tree;
|
||||
struct async_context *ac_ctrl;
|
||||
struct async_context *ac_io;
|
||||
struct async_context *ac_err;
|
||||
int return_code;
|
||||
};
|
||||
|
||||
void exit_program(struct winexe_context *c);
|
||||
|
||||
void on_ctrl_pipe_error(struct winexe_context *c, int func, NTSTATUS status)
|
||||
{
|
||||
DEBUG(1, ("ERROR: on_ctrl_pipe_error - %s\n", nt_errstr(status)));
|
||||
static int activated = 0;
|
||||
if (!activated
|
||||
&& NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
|
||||
status =
|
||||
svc_install(c->args->hostname, c->args->credentials, c->args->interactive);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
DEBUG(0,
|
||||
("ERROR: Failed to install service winexesvc - %s\n",
|
||||
nt_errstr(status)));
|
||||
c->return_code = 1;
|
||||
exit_program(c);
|
||||
}
|
||||
activated = 1;
|
||||
async_open(c->ac_ctrl, "\\pipe\\" PIPE_NAME, OPENX_MODE_ACCESS_RDWR);
|
||||
} else if (func == ASYNC_OPEN_RECV) {
|
||||
DEBUG(0,
|
||||
("ERROR: Cannot open control pipe - %s\n",
|
||||
nt_errstr(status)));
|
||||
c->return_code = 1;
|
||||
exit_program(c);
|
||||
} else if (func == ASYNC_READ_RECV && c->state == STATE_OPENING) {
|
||||
;
|
||||
} else
|
||||
exit_program(c);
|
||||
}
|
||||
|
||||
void on_io_pipe_open(struct winexe_context *c);
|
||||
void on_io_pipe_read(struct winexe_context *c, const char *data, int len);
|
||||
void on_io_pipe_error(struct winexe_context *c, int func, NTSTATUS status);
|
||||
void on_err_pipe_read(struct winexe_context *c, const char *data, int len);
|
||||
void on_err_pipe_error(struct winexe_context *c, int func, NTSTATUS status);
|
||||
|
||||
const char *cmd_check(const char *data, const char *cmd, int len)
|
||||
{
|
||||
int lcmd = strlen(cmd);
|
||||
if (lcmd >= len)
|
||||
return 0;
|
||||
if (!strncmp(data, cmd, lcmd)
|
||||
&& (data[lcmd] == ' ' || data[lcmd] == '\n')) {
|
||||
return data + lcmd + 1;
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
|
||||
void catch_alarm(int sig)
|
||||
{
|
||||
abort_requested = 1;
|
||||
signal(sig, SIG_DFL);
|
||||
}
|
||||
|
||||
static void timer(struct event_context *ev, struct timed_event *te, struct timeval t, void *private)
|
||||
{
|
||||
struct winexe_context *c = talloc_get_type(private, struct winexe_context);
|
||||
if (abort_requested) {
|
||||
fprintf(stderr, "Aborting...\n");
|
||||
async_write(c->ac_ctrl, "abort\n", 6);
|
||||
} else
|
||||
event_add_timed(c->tree->session->transport->socket->event.ctx, c, timeval_current_ofs(0, 10000), timer, c);
|
||||
}
|
||||
|
||||
void on_ctrl_pipe_open(struct winexe_context *c)
|
||||
{
|
||||
char *str = "get version\n";
|
||||
|
||||
DEBUG(1, ("CTRL: Sending command: %s", str));
|
||||
c->state = STATE_GETTING_VERSION;
|
||||
async_write(c->ac_ctrl, str, strlen(str));
|
||||
signal(SIGINT, catch_alarm);
|
||||
signal(SIGTERM, catch_alarm);
|
||||
event_add_timed(c->tree->session->transport->socket->event.ctx, c, timeval_current_ofs(0, 10000), timer, c);
|
||||
}
|
||||
|
||||
void on_ctrl_pipe_read(struct winexe_context *c, const char *data, int len)
|
||||
{
|
||||
const char *p;
|
||||
if ((p = cmd_check(data, CMD_STD_IO_ERR, len))) {
|
||||
DEBUG(1, ("CTRL: Recieved command: %.*s", len, data));
|
||||
unsigned int npipe = strtoul(p, 0, 16);
|
||||
c->ac_io = talloc_zero(c, struct async_context);
|
||||
c->ac_io->tree = c->tree;
|
||||
c->ac_io->cb_ctx = c;
|
||||
c->ac_io->cb_open = (async_cb_open) on_io_pipe_open;
|
||||
c->ac_io->cb_read = (async_cb_read) on_io_pipe_read;
|
||||
c->ac_io->cb_error = (async_cb_error) on_io_pipe_error;
|
||||
char *fn = talloc_asprintf(c->ac_io, "\\pipe\\" PIPE_NAME_IO, npipe);
|
||||
async_open(c->ac_io, fn, OPENX_MODE_ACCESS_RDWR);
|
||||
c->ac_err = talloc_zero(c, struct async_context);
|
||||
c->ac_err->tree = c->tree;
|
||||
c->ac_err->cb_ctx = c;
|
||||
c->ac_err->cb_read = (async_cb_read) on_err_pipe_read;
|
||||
c->ac_err->cb_error = (async_cb_error) on_err_pipe_error;
|
||||
fn = talloc_asprintf(c->ac_err, "\\pipe\\" PIPE_NAME_ERR, npipe);
|
||||
async_open(c->ac_err, fn, OPENX_MODE_ACCESS_RDWR);
|
||||
} else if ((p = cmd_check(data, CMD_RETURN_CODE, len))) {
|
||||
c->return_code = strtoul(p, 0, 16);
|
||||
} else if ((p = cmd_check(data, "version", len))) {
|
||||
int ver = strtoul(p, 0, 0);
|
||||
if (ver/10 != VERSION/10) {
|
||||
DEBUG(1, ("CTRL: Bad version of service (is %d.%02d, expected %d.%02d), reinstalling.\n", ver/100, ver%100, VERSION/100, VERSION%100));
|
||||
async_close(c->ac_ctrl);
|
||||
c->state = STATE_CLOSING_FOR_REINSTALL;
|
||||
} else {
|
||||
char *str;
|
||||
if (c->args->runas)
|
||||
str = talloc_asprintf(c, "set runas %s\nrun %s\n", c->args->runas, c->args->cmd);
|
||||
else
|
||||
str = talloc_asprintf(c, "%srun %s\n", c->args->system ? "set system 1\n" : "" , c->args->cmd);
|
||||
DEBUG(1, ("CTRL: Sending command: %s", str));
|
||||
async_write(c->ac_ctrl, str, strlen(str));
|
||||
talloc_free(str);
|
||||
c->state = STATE_RUNNING;
|
||||
}
|
||||
} else if ((p = cmd_check(data, "error", len))) {
|
||||
DEBUG(0, ("Error: %.*s", len, data));
|
||||
if (c->state == STATE_GETTING_VERSION) {
|
||||
DEBUG(0, ("CTRL: Probably old version of service, reinstalling.\n"));
|
||||
async_close(c->ac_ctrl);
|
||||
c->state = STATE_CLOSING_FOR_REINSTALL;
|
||||
}
|
||||
} else {
|
||||
DEBUG(0, ("CTRL: Unknown command: %.*s", len, data));
|
||||
}
|
||||
}
|
||||
|
||||
void on_ctrl_pipe_close(struct winexe_context *c)
|
||||
{
|
||||
if (c->state == STATE_CLOSING_FOR_REINSTALL) {
|
||||
DEBUG(1,("Reinstalling service\n"));
|
||||
svc_uninstall(c->args->hostname, c->args->credentials);
|
||||
svc_install(c->args->hostname, c->args->credentials, c->args->interactive | SVC_FORCE_UPLOAD);
|
||||
c->state = STATE_OPENING;
|
||||
async_open(c->ac_ctrl, "\\pipe\\" PIPE_NAME, OPENX_MODE_ACCESS_RDWR);
|
||||
}
|
||||
}
|
||||
|
||||
static void on_stdin_read_event(struct event_context *event_ctx,
|
||||
struct fd_event *fde, uint16_t flags,
|
||||
struct winexe_context *c)
|
||||
{
|
||||
char buf[256];
|
||||
int len;
|
||||
if ((len = read(0, &buf, sizeof(buf))) > 0) {
|
||||
async_write(c->ac_io, buf, len);
|
||||
}
|
||||
}
|
||||
|
||||
void on_io_pipe_open(struct winexe_context *c)
|
||||
{
|
||||
event_add_fd(c->tree->session->transport->socket->event.ctx,
|
||||
c->tree, 0, EVENT_FD_READ,
|
||||
(event_fd_handler_t) on_stdin_read_event, c);
|
||||
struct termios term;
|
||||
tcgetattr(0, &term);
|
||||
term.c_lflag &= ~ICANON;
|
||||
tcsetattr(0, TCSANOW, &term);
|
||||
setbuf(stdin, NULL);
|
||||
}
|
||||
|
||||
void on_io_pipe_read(struct winexe_context *c, const char *data, int len)
|
||||
{
|
||||
write(1, data, len);
|
||||
}
|
||||
|
||||
void on_io_pipe_error(struct winexe_context *c, int func, NTSTATUS status)
|
||||
{
|
||||
async_close(c->ac_io);
|
||||
}
|
||||
|
||||
void on_err_pipe_read(struct winexe_context *c, const char *data, int len)
|
||||
{
|
||||
write(2, data, len);
|
||||
}
|
||||
|
||||
void on_err_pipe_error(struct winexe_context *c, int func, NTSTATUS status)
|
||||
{
|
||||
async_close(c->ac_err);
|
||||
}
|
||||
|
||||
void exit_program(struct winexe_context *c)
|
||||
{
|
||||
if (c->args->uninstall)
|
||||
svc_uninstall(c->args->hostname, c->args->credentials);
|
||||
exit(c->return_code);
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[])
|
||||
{
|
||||
NTSTATUS status;
|
||||
struct smbcli_state *cli;
|
||||
struct program_args myargs = {.reinstall = 0,.uninstall = 0, .system = 0, .interactive = SVC_IGNORE_INTERACTIVE };
|
||||
|
||||
parse_args(argc, argv, &myargs);
|
||||
DEBUG(1, ("winexe version %d.%02d\nThis program may be freely redistributed under the terms of the GNU GPL\n", VERSION / 100, VERSION % 100));
|
||||
myargs.interactive &= SVC_INTERACTIVE_MASK;
|
||||
|
||||
dcerpc_init();
|
||||
|
||||
if (myargs.reinstall)
|
||||
svc_uninstall(myargs.hostname, cmdline_credentials);
|
||||
|
||||
if (!(myargs.interactive & SVC_IGNORE_INTERACTIVE)) {
|
||||
svc_install(myargs.hostname, cmdline_credentials, myargs.interactive | (myargs.reinstall ? SVC_FORCE_UPLOAD : 0));
|
||||
}
|
||||
|
||||
status =
|
||||
smbcli_full_connection(NULL, &cli, myargs.hostname, "IPC$",
|
||||
NULL, cmdline_credentials, NULL);
|
||||
if (!NT_STATUS_IS_OK(status)) {
|
||||
DEBUG(0,
|
||||
("ERROR: Failed to open connection - %s\n",
|
||||
nt_errstr(status)));
|
||||
return 1;
|
||||
}
|
||||
|
||||
struct winexe_context *c =
|
||||
talloc_zero(cli->tree, struct winexe_context);
|
||||
if (c == NULL) {
|
||||
DEBUG(0,
|
||||
("ERROR: Failed to allocate struct winexe_context\n"));
|
||||
return 1;
|
||||
}
|
||||
|
||||
c->tree = cli->tree;
|
||||
c->ac_ctrl = talloc_zero(cli->tree, struct async_context);
|
||||
c->ac_ctrl->tree = cli->tree;
|
||||
c->ac_ctrl->cb_ctx = c;
|
||||
c->ac_ctrl->cb_open = (async_cb_open) on_ctrl_pipe_open;
|
||||
c->ac_ctrl->cb_read = (async_cb_read) on_ctrl_pipe_read;
|
||||
c->ac_ctrl->cb_error = (async_cb_error) on_ctrl_pipe_error;
|
||||
c->ac_ctrl->cb_close = (async_cb_close) on_ctrl_pipe_close;
|
||||
c->args = &myargs;
|
||||
c->args->credentials = cmdline_credentials;
|
||||
c->return_code = 99;
|
||||
c->state = STATE_OPENING;
|
||||
async_open(c->ac_ctrl, "\\pipe\\" PIPE_NAME, OPENX_MODE_ACCESS_RDWR);
|
||||
|
||||
event_loop_wait(cli->tree->session->transport->socket->event.ctx);
|
||||
return 0;
|
||||
}
|
||||
@@ -0,0 +1,63 @@
|
||||
/*
|
||||
Copyright (C) Andrzej Hajda 2006
|
||||
Contact: andrzej.hajda@wp.pl
|
||||
License: GNU General Public License version 2
|
||||
*/
|
||||
|
||||
/* service.c */
|
||||
#define SVC_INTERACTIVE 1
|
||||
#define SVC_IGNORE_INTERACTIVE 2
|
||||
#define SVC_INTERACTIVE_MASK 3
|
||||
#define SVC_FORCE_UPLOAD 4
|
||||
NTSTATUS svc_install(const char *hostname,
|
||||
struct cli_credentials *credentials, int flags);
|
||||
NTSTATUS svc_uninstall(const char *hostname,
|
||||
struct cli_credentials *credentials);
|
||||
|
||||
/* async.c */
|
||||
enum { ASYNC_OPEN, ASYNC_OPEN_RECV, ASYNC_READ, ASYNC_READ_RECV,
|
||||
ASYNC_WRITE, ASYNC_WRITE_RECV, ASYNC_CLOSE, ASYNC_CLOSE_RECV };
|
||||
typedef void (*async_cb_open) (void *ctx);
|
||||
typedef void (*async_cb_read) (void *ctx, const char *data, int len);
|
||||
typedef void (*async_cb_close) (void *ctx);
|
||||
typedef void (*async_cb_error) (void *ctx, int func, NTSTATUS status);
|
||||
|
||||
struct list_item {
|
||||
struct list_item *next;
|
||||
int size;
|
||||
char data[0];
|
||||
};
|
||||
|
||||
struct list {
|
||||
struct list_item *begin;
|
||||
struct list_item *end;
|
||||
};
|
||||
|
||||
struct async_context {
|
||||
/* Public - must be initialized by client */
|
||||
struct smbcli_tree *tree;
|
||||
void *cb_ctx;
|
||||
async_cb_open cb_open;
|
||||
async_cb_read cb_read;
|
||||
async_cb_close cb_close;
|
||||
async_cb_error cb_error;
|
||||
/* Private - internal usage, initialize to zeros */
|
||||
int fd;
|
||||
union smb_open *io_open;
|
||||
union smb_read *io_read;
|
||||
union smb_write *io_write;
|
||||
union smb_close *io_close;
|
||||
struct smbcli_request *rreq;
|
||||
struct smbcli_request *wreq;
|
||||
struct list wq;
|
||||
char buffer[256];
|
||||
};
|
||||
|
||||
int async_open(struct async_context *c, const char *fn, int open_mode);
|
||||
int async_read(struct async_context *c);
|
||||
int async_write(struct async_context *c, const void *buf, int len);
|
||||
int async_close(struct async_context *c);
|
||||
|
||||
/* winexesvc_exe.c */
|
||||
extern unsigned int winexesvc_exe_len;
|
||||
extern unsigned char winexesvc_exe[];
|
||||
@@ -0,0 +1,20 @@
|
||||
CFLAGS=-mno-cygwin -Os
|
||||
LDFLAGS=-mno-cygwin -s -Os
|
||||
|
||||
CC := $(shell uname | grep -qi linux && echo i586-mingw32msvc-gcc || echo gcc)
|
||||
|
||||
LD=$(CC)
|
||||
|
||||
all: winexesvc_exe.c
|
||||
|
||||
winexesvc.exe: winexesvc.o service.o
|
||||
$(LD) $(LDFLAGS) -o $@ $^
|
||||
|
||||
winexesvc_exe.c: winexesvc.exe bin2c.exe
|
||||
./bin2c.exe winexesvc_exe winexesvc.exe > $@
|
||||
|
||||
bin2c.exe: bin2c.c
|
||||
gcc -s -o $@ $^
|
||||
|
||||
clean:
|
||||
-@rm *.exe *.o winexesvc_exe.c
|
||||
@@ -0,0 +1,36 @@
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
int main(int argc, char **argv)
|
||||
{
|
||||
char buf[256], s[100];
|
||||
int c;
|
||||
FILE *fp;
|
||||
if (argc != 3) {
|
||||
fprintf(stderr, "Usage: %s varname file\n", *argv);
|
||||
return 1;
|
||||
}
|
||||
if (!(fp = fopen(argv[2], "rb"))) {
|
||||
fputs("Cannot open ", stderr);
|
||||
perror(argv[2]);
|
||||
return 1;
|
||||
}
|
||||
fseek(fp, 0, SEEK_END);
|
||||
long len = ftell(fp);
|
||||
fseek(fp, 0, SEEK_SET);
|
||||
printf("unsigned int %s_len = %u;\nunsigned char %s[] = {\n",
|
||||
argv[1], len, argv[1]);
|
||||
strcpy(buf, " ");
|
||||
while ((c = getc(fp)) != EOF) {
|
||||
sprintf(s, "%u,", (unsigned char) c);
|
||||
if (strlen(s) + strlen(buf) >= 80)
|
||||
puts(buf), strcpy(buf, " ");
|
||||
strcat(buf, s);
|
||||
}
|
||||
if (*buf)
|
||||
strcat(buf, "\n");
|
||||
printf("%s};\n", buf);
|
||||
fprintf(stderr, "%s_len = %u\n", argv[1], len);
|
||||
return 0;
|
||||
}
|
||||
@@ -0,0 +1,160 @@
|
||||
/*
|
||||
Copyright (C) Andrzej Hajda 2006
|
||||
Contact: andrzej.hajda@wp.pl
|
||||
License: GNU General Public License version 2
|
||||
*/
|
||||
|
||||
#include <windows.h>
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdarg.h>
|
||||
|
||||
#include "shared.h"
|
||||
|
||||
#if 0
|
||||
static void SvcDebugOut(const char *a, int b)
|
||||
{
|
||||
FILE *f = fopen("C:\\" SERVICE_NAME ".log", "at");
|
||||
fprintf(f, a, b);
|
||||
fclose(f);
|
||||
}
|
||||
#else
|
||||
#define SvcDebugOut(a,b) 0
|
||||
#endif
|
||||
|
||||
DWORD WINAPI server_loop(LPVOID lpParameter);
|
||||
|
||||
SERVICE_STATUS winexesvcStatus;
|
||||
SERVICE_STATUS_HANDLE winexesvcStatusHandle;
|
||||
|
||||
VOID WINAPI winexesvcCtrlHandler(DWORD Opcode)
|
||||
{
|
||||
DWORD status;
|
||||
|
||||
switch (Opcode) {
|
||||
case SERVICE_CONTROL_PAUSE:
|
||||
SvcDebugOut(SERVICE_NAME ": winexesvcCtrlHandler: pause\n", 0);
|
||||
winexesvcStatus.dwCurrentState = SERVICE_PAUSED;
|
||||
break;
|
||||
|
||||
case SERVICE_CONTROL_CONTINUE:
|
||||
SvcDebugOut(SERVICE_NAME ": winexesvcCtrlHandler: continue\n", 0);
|
||||
winexesvcStatus.dwCurrentState = SERVICE_RUNNING;
|
||||
break;
|
||||
|
||||
case SERVICE_CONTROL_STOP:
|
||||
SvcDebugOut(SERVICE_NAME ": winexesvcCtrlHandler: stop\n", 0);
|
||||
winexesvcStatus.dwWin32ExitCode = 0;
|
||||
winexesvcStatus.dwCurrentState = SERVICE_STOPPED;
|
||||
winexesvcStatus.dwCheckPoint = 0;
|
||||
winexesvcStatus.dwWaitHint = 0;
|
||||
|
||||
if (!SetServiceStatus
|
||||
(winexesvcStatusHandle, &winexesvcStatus)) {
|
||||
status = GetLastError();
|
||||
SvcDebugOut(SERVICE_NAME
|
||||
": SetServiceStatus error %ld\n",
|
||||
status);
|
||||
}
|
||||
|
||||
SvcDebugOut(SERVICE_NAME ": Leaving winexesvc\n", 0);
|
||||
return;
|
||||
|
||||
case SERVICE_CONTROL_INTERROGATE:
|
||||
SvcDebugOut(SERVICE_NAME ": winexesvcCtrlHandler: interrogate\n", 0);
|
||||
break;
|
||||
|
||||
default:
|
||||
SvcDebugOut(SERVICE_NAME ": Unrecognized opcode %ld\n",
|
||||
Opcode);
|
||||
}
|
||||
|
||||
if (!SetServiceStatus(winexesvcStatusHandle, &winexesvcStatus)) {
|
||||
status = GetLastError();
|
||||
SvcDebugOut(SERVICE_NAME ": SetServiceStatus error 0x%08X\n",
|
||||
status);
|
||||
}
|
||||
return;
|
||||
}
|
||||
|
||||
DWORD winexesvcInitialization(DWORD argc, LPTSTR * argv,
|
||||
DWORD * specificError)
|
||||
{
|
||||
HANDLE th = CreateThread(NULL, 0, server_loop, NULL, 0, NULL);
|
||||
if (th) {
|
||||
CloseHandle(th);
|
||||
return NO_ERROR;
|
||||
}
|
||||
return !NO_ERROR;
|
||||
}
|
||||
|
||||
void WINAPI winexesvcStart(DWORD argc, LPTSTR * argv)
|
||||
{
|
||||
DWORD status;
|
||||
DWORD specificError;
|
||||
|
||||
winexesvcStatus.dwServiceType = SERVICE_WIN32;
|
||||
winexesvcStatus.dwCurrentState = SERVICE_START_PENDING;
|
||||
winexesvcStatus.dwControlsAccepted =
|
||||
SERVICE_ACCEPT_STOP | SERVICE_ACCEPT_PAUSE_CONTINUE;
|
||||
winexesvcStatus.dwWin32ExitCode = 0;
|
||||
winexesvcStatus.dwServiceSpecificExitCode = 0;
|
||||
winexesvcStatus.dwCheckPoint = 0;
|
||||
winexesvcStatus.dwWaitHint = 0;
|
||||
|
||||
SvcDebugOut(SERVICE_NAME ": RegisterServiceCtrlHandler\n", 0);
|
||||
|
||||
winexesvcStatusHandle =
|
||||
RegisterServiceCtrlHandler(SERVICE_NAME, winexesvcCtrlHandler);
|
||||
|
||||
if (winexesvcStatusHandle == (SERVICE_STATUS_HANDLE) 0) {
|
||||
SvcDebugOut(SERVICE_NAME
|
||||
": RegisterServiceCtrlHandler failed %d\n",
|
||||
GetLastError());
|
||||
return;
|
||||
}
|
||||
status = winexesvcInitialization(argc, argv, &specificError);
|
||||
|
||||
if (status != NO_ERROR) {
|
||||
winexesvcStatus.dwCurrentState = SERVICE_STOPPED;
|
||||
winexesvcStatus.dwCheckPoint = 0;
|
||||
winexesvcStatus.dwWaitHint = 0;
|
||||
winexesvcStatus.dwWin32ExitCode = status;
|
||||
winexesvcStatus.dwServiceSpecificExitCode = specificError;
|
||||
|
||||
SetServiceStatus(winexesvcStatusHandle, &winexesvcStatus);
|
||||
return;
|
||||
}
|
||||
|
||||
winexesvcStatus.dwCurrentState = SERVICE_RUNNING;
|
||||
winexesvcStatus.dwCheckPoint = 0;
|
||||
winexesvcStatus.dwWaitHint = 0;
|
||||
|
||||
if (!SetServiceStatus(winexesvcStatusHandle, &winexesvcStatus)) {
|
||||
status = GetLastError();
|
||||
SvcDebugOut(SERVICE_NAME ": SetServiceStatus error %ld\n",
|
||||
status);
|
||||
}
|
||||
|
||||
SvcDebugOut(SERVICE_NAME ": Returning the Main Thread \n", 0);
|
||||
|
||||
return;
|
||||
}
|
||||
|
||||
int main(int argc, char *argv[])
|
||||
{
|
||||
SERVICE_TABLE_ENTRY DispatchTable[] = {
|
||||
{SERVICE_NAME, winexesvcStart},
|
||||
{NULL, NULL}
|
||||
};
|
||||
|
||||
SvcDebugOut(SERVICE_NAME ": StartServiceCtrlDispatcher %d\n",
|
||||
GetLastError());
|
||||
if (!StartServiceCtrlDispatcher(DispatchTable)) {
|
||||
SvcDebugOut(SERVICE_NAME
|
||||
": StartServiceCtrlDispatcher (%d)\n",
|
||||
GetLastError());
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
@@ -0,0 +1,17 @@
|
||||
/*
|
||||
Copyright (C) Andrzej Hajda 2006
|
||||
Contact: andrzej.hajda@wp.pl
|
||||
License: GNU General Public License version 2
|
||||
*/
|
||||
|
||||
/* ver = $(VERSION / 100) . $(VERSION % 100) */
|
||||
#define VERSION 80
|
||||
|
||||
#define SERVICE_NAME "winexesvc"
|
||||
|
||||
#define PIPE_NAME "ahexec"
|
||||
#define PIPE_NAME_IO "ahexec_stdio%08X"
|
||||
#define PIPE_NAME_ERR "ahexec_stderr%08X"
|
||||
|
||||
#define CMD_STD_IO_ERR "std_io_err"
|
||||
#define CMD_RETURN_CODE "return_code"
|
||||
@@ -0,0 +1,573 @@
|
||||
/*
|
||||
Copyright (C) Andrzej Hajda 2006
|
||||
Contact: andrzej.hajda@wp.pl
|
||||
License: GNU General Public License version 2
|
||||
*/
|
||||
|
||||
#include <windows.h>
|
||||
#include <aclapi.h>
|
||||
|
||||
#include <stdio.h>
|
||||
#include <string.h>
|
||||
#include <stdarg.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
#include "shared.h"
|
||||
|
||||
#define BUFSIZE 256
|
||||
|
||||
#if 0
|
||||
static void SvcDebugOut(const char *a, int b)
|
||||
{
|
||||
FILE *f = fopen("C:\\" SERVICE_NAME ".log", "at");
|
||||
if (f) {
|
||||
fprintf(f, a, b);
|
||||
fclose(f);
|
||||
}
|
||||
}
|
||||
#else
|
||||
#define SvcDebugOut(a,b) 0
|
||||
#endif
|
||||
|
||||
SECURITY_ATTRIBUTES sa;
|
||||
|
||||
/* Creates SECURITY_ATTRIBUTES sa with full access for BUILTIN\Administrators */
|
||||
int CreatePipesSA()
|
||||
{
|
||||
DWORD dwRes;
|
||||
PSID pAdminSID = NULL;
|
||||
PACL pACL = NULL;
|
||||
PSECURITY_DESCRIPTOR pSD = NULL;
|
||||
EXPLICIT_ACCESS ea;
|
||||
SID_IDENTIFIER_AUTHORITY SIDAuthNT = SECURITY_NT_AUTHORITY;
|
||||
|
||||
/* Create a SID for the BUILTIN\Administrators group. */
|
||||
if (!AllocateAndInitializeSid(&SIDAuthNT, 2,
|
||||
SECURITY_BUILTIN_DOMAIN_RID,
|
||||
DOMAIN_ALIAS_RID_ADMINS,
|
||||
0, 0, 0, 0, 0, 0, &pAdminSID)) {
|
||||
SvcDebugOut("AllocateAndInitializeSid Error %u\n",
|
||||
GetLastError());
|
||||
return 0;
|
||||
}
|
||||
/* Initialize an EXPLICIT_ACCESS structure for an ACE.
|
||||
The ACE will allow the Administrators group full access to the key.
|
||||
*/
|
||||
ea.grfAccessPermissions = FILE_ALL_ACCESS;
|
||||
ea.grfAccessMode = SET_ACCESS;
|
||||
ea.grfInheritance = NO_INHERITANCE;
|
||||
ea.Trustee.TrusteeForm = TRUSTEE_IS_SID;
|
||||
ea.Trustee.TrusteeType = TRUSTEE_IS_GROUP;
|
||||
ea.Trustee.ptstrName = (LPTSTR) pAdminSID;
|
||||
|
||||
/* Create a new ACL that contains the new ACEs */
|
||||
dwRes = SetEntriesInAcl(1, &ea, NULL, &pACL);
|
||||
if (ERROR_SUCCESS != dwRes) {
|
||||
SvcDebugOut("SetEntriesInAcl Error %u\n", GetLastError());
|
||||
return 0;
|
||||
}
|
||||
/* Initialize a security descriptor */
|
||||
pSD =
|
||||
(PSECURITY_DESCRIPTOR) LocalAlloc(LPTR,
|
||||
SECURITY_DESCRIPTOR_MIN_LENGTH);
|
||||
if (NULL == pSD) {
|
||||
SvcDebugOut("LocalAlloc Error %u\n", GetLastError());
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (!InitializeSecurityDescriptor
|
||||
(pSD, SECURITY_DESCRIPTOR_REVISION)) {
|
||||
SvcDebugOut("InitializeSecurityDescriptor Error %u\n",
|
||||
GetLastError());
|
||||
return 0;
|
||||
}
|
||||
/* Add the ACL to the security descriptor */
|
||||
if (!SetSecurityDescriptorDacl(pSD, TRUE, /* bDaclPresent flag */
|
||||
pACL, FALSE)) /* not a default DACL */
|
||||
{
|
||||
SvcDebugOut("SetSecurityDescriptorDacl Error %u\n",
|
||||
GetLastError());
|
||||
return 0;
|
||||
}
|
||||
/* Initialize a security attributes structure */
|
||||
sa.nLength = sizeof(SECURITY_ATTRIBUTES);
|
||||
sa.lpSecurityDescriptor = pSD;
|
||||
sa.bInheritHandle = FALSE;
|
||||
return 1;
|
||||
}
|
||||
|
||||
typedef struct {
|
||||
HANDLE h;
|
||||
OVERLAPPED o;
|
||||
} OV_HANDLE;
|
||||
|
||||
int hgets(char *str, int n, OV_HANDLE *pipe)
|
||||
{
|
||||
DWORD res;
|
||||
DWORD count = 0;
|
||||
--n;
|
||||
while (--n >= 0) {
|
||||
if (!ReadFile(pipe->h, str, 1, NULL, &pipe->o) && GetLastError() != ERROR_IO_PENDING)
|
||||
goto finish;
|
||||
if (!GetOverlappedResult(pipe->h, &pipe->o, &res, TRUE) || !res)
|
||||
goto finish;
|
||||
if (*str == '\n')
|
||||
goto finish;
|
||||
++count;
|
||||
++str;
|
||||
}
|
||||
finish:
|
||||
*str = 0;
|
||||
return count;
|
||||
}
|
||||
|
||||
int hprintf(OV_HANDLE *pipe, const char *fmt, ...)
|
||||
{
|
||||
int res;
|
||||
char buf[1024];
|
||||
va_list ap;
|
||||
va_start(ap, fmt);
|
||||
vsnprintf(buf, sizeof(buf), fmt, ap);
|
||||
va_end(ap);
|
||||
if (!WriteFile(pipe->h, buf, strlen(buf), NULL, &pipe->o) && GetLastError() == ERROR_IO_PENDING)
|
||||
GetOverlappedResult(pipe->h, &pipe->o, (LPDWORD)&res, TRUE);
|
||||
FlushFileBuffers(pipe->h);
|
||||
return res;
|
||||
}
|
||||
|
||||
typedef struct {
|
||||
OV_HANDLE *pipe;
|
||||
const char *cmd;
|
||||
HANDLE pio;
|
||||
HANDLE perr;
|
||||
HANDLE token;
|
||||
int implevel;
|
||||
int system;
|
||||
char *runas;
|
||||
int conn_number;
|
||||
} connection_context;
|
||||
|
||||
typedef int CMD_FUNC(connection_context *);
|
||||
|
||||
typedef struct {
|
||||
const char *name;
|
||||
CMD_FUNC *func;
|
||||
} CMD_ITEM;
|
||||
|
||||
int cmd_set(connection_context *c)
|
||||
{
|
||||
static const char* var_system = "system";
|
||||
static const char* var_implevel = "implevel";
|
||||
static const char* var_runas = "runas";
|
||||
char *cmdline;
|
||||
int res = 0;
|
||||
|
||||
cmdline = strchr(c->cmd, ' ');
|
||||
if (!cmdline) {
|
||||
goto finish;
|
||||
}
|
||||
++cmdline;
|
||||
int l;
|
||||
if ((strstr(cmdline, var_system) == cmdline) &&
|
||||
(cmdline[l = strlen(var_system)] == ' ')) {
|
||||
c->system = atoi(cmdline + l + 1);
|
||||
} else if ((strstr(cmdline, var_implevel) == cmdline) &&
|
||||
(cmdline[l = strlen(var_implevel)] == ' ')) {
|
||||
c->implevel = atoi(cmdline + l + 1);
|
||||
} else if ((strstr(cmdline, var_runas) == cmdline) &&
|
||||
(cmdline[l = strlen(var_runas)] == ' ')) {
|
||||
c->runas = strdup(cmdline + l + 1);
|
||||
} else {
|
||||
hprintf(c->pipe, "error Unknown commad (%s)\n", c->cmd);
|
||||
goto finish;
|
||||
}
|
||||
res = 1;
|
||||
finish:
|
||||
return res;
|
||||
}
|
||||
|
||||
int cmd_get(connection_context *c)
|
||||
{
|
||||
static const char* var_version = "version";
|
||||
char *cmdline;
|
||||
int res = 0;
|
||||
|
||||
cmdline = strchr(c->cmd, ' ');
|
||||
if (!cmdline) {
|
||||
goto finish;
|
||||
}
|
||||
++cmdline;
|
||||
int l;
|
||||
if ((strstr(cmdline, var_version) == cmdline) &&
|
||||
(cmdline[l = strlen(var_version)] == 0)) {
|
||||
hprintf(c->pipe, "version 0x%04X\n", VERSION);
|
||||
} else {
|
||||
hprintf(c->pipe, "error Unknown argument (%s)\n", c->cmd);
|
||||
goto finish;
|
||||
}
|
||||
res = 1;
|
||||
finish:
|
||||
return res;
|
||||
}
|
||||
|
||||
typedef struct {
|
||||
char *user;
|
||||
char *domain;
|
||||
char *password;
|
||||
} credentials;
|
||||
|
||||
int prepare_credentials(char *str, credentials *crd)
|
||||
{
|
||||
char *p;
|
||||
p = strchr(str, '/');
|
||||
if (!p) p = strchr(str, '\\');
|
||||
if (p) {
|
||||
*p++ = 0;
|
||||
crd->domain = str;
|
||||
} else {
|
||||
p = str;
|
||||
crd->domain = ".";
|
||||
}
|
||||
crd->user = p;
|
||||
p = strchr(p, '%');
|
||||
if (p)
|
||||
*p++ = 0;
|
||||
crd->password = p;
|
||||
return 1;
|
||||
}
|
||||
|
||||
int get_token(connection_context *c)
|
||||
{
|
||||
int res = 0;
|
||||
int wres;
|
||||
HANDLE token;
|
||||
|
||||
if (c->runas) {
|
||||
credentials crd;
|
||||
if (!prepare_credentials(c->runas, &crd)) {
|
||||
hprintf(c->pipe, "error Incorrect runas credentials\n");
|
||||
goto finish;
|
||||
}
|
||||
wres = LogonUser(crd.user, crd.domain, crd.password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, &c->token);
|
||||
if (!wres) {
|
||||
hprintf(c->pipe, "error Cannot LogonUser(%s,%s,%s) %d\n", crd.user, crd.domain, crd.password, GetLastError());
|
||||
goto finish;
|
||||
}
|
||||
res = 1;
|
||||
goto finish;
|
||||
} else if (c->system) {
|
||||
if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, &token)) {
|
||||
hprintf(c->pipe, "error Cannot OpenProcessToken %d\n", GetLastError());
|
||||
goto finish;
|
||||
}
|
||||
} else {
|
||||
if (!ImpersonateNamedPipeClient(c->pipe->h)) {
|
||||
hprintf(c->pipe, "error Cannot ImpersonateNamedPipeClient %d\n", GetLastError());
|
||||
goto finish;
|
||||
}
|
||||
if (!OpenThreadToken(GetCurrentThread(), TOKEN_ALL_ACCESS, FALSE, &token)) {
|
||||
hprintf(c->pipe, "error Cannot OpenThreadToken %d\n", GetLastError());
|
||||
goto finishRevertToSelf;
|
||||
}
|
||||
}
|
||||
if (!DuplicateTokenEx(token, MAXIMUM_ALLOWED, 0, c->implevel, TokenPrimary, &c->token)) {
|
||||
hprintf(c->pipe, "error Cannot Duplicate Token %d\n", GetLastError());
|
||||
goto finishCloseToken;
|
||||
}
|
||||
res = 1;
|
||||
finishCloseToken:
|
||||
CloseHandle(token);
|
||||
finishRevertToSelf:
|
||||
if (!c->system) {
|
||||
if (!RevertToSelf()) {
|
||||
hprintf(c->pipe, "error Cannot RevertToSelf %d\n", GetLastError());
|
||||
res = 0;
|
||||
}
|
||||
}
|
||||
finish:
|
||||
return res;
|
||||
}
|
||||
|
||||
int cmd_run(connection_context *c)
|
||||
{
|
||||
char buf[256];
|
||||
int res = 0;
|
||||
int wres;
|
||||
char *cmdline;
|
||||
DWORD pipe_nr;
|
||||
|
||||
cmdline = strchr(c->cmd, ' ');
|
||||
if (!cmdline) {
|
||||
goto finish;
|
||||
}
|
||||
++cmdline;
|
||||
|
||||
if (!get_token(c))
|
||||
return 0;
|
||||
|
||||
pipe_nr = (GetCurrentProcessId() << 16) + (DWORD) c->conn_number;
|
||||
sprintf(buf, "\\\\.\\pipe\\" PIPE_NAME_IO, pipe_nr);
|
||||
c->pio = CreateNamedPipe(buf,
|
||||
PIPE_ACCESS_DUPLEX,
|
||||
PIPE_WAIT,
|
||||
1,
|
||||
BUFSIZE,
|
||||
BUFSIZE,
|
||||
NMPWAIT_USE_DEFAULT_WAIT,
|
||||
&sa);
|
||||
if (c->pio == INVALID_HANDLE_VALUE) {
|
||||
hprintf(c->pipe, "error Cannot create io pipe(%s), error 0x%08X\n", buf, GetLastError());
|
||||
goto finishCloseToken;
|
||||
}
|
||||
|
||||
sprintf(buf, "\\\\.\\pipe\\" PIPE_NAME_ERR, pipe_nr);
|
||||
c->perr = CreateNamedPipe(buf,
|
||||
PIPE_ACCESS_DUPLEX,
|
||||
PIPE_WAIT,
|
||||
1,
|
||||
BUFSIZE,
|
||||
BUFSIZE,
|
||||
NMPWAIT_USE_DEFAULT_WAIT,
|
||||
&sa);
|
||||
if (c->perr == INVALID_HANDLE_VALUE) {
|
||||
hprintf(c->pipe, "error Cannot create err pipe\n");
|
||||
goto finishClosePio;
|
||||
}
|
||||
/* Send handle to client (it will use it to connect pipes) */
|
||||
hprintf(c->pipe, CMD_STD_IO_ERR " %08X\n", pipe_nr);
|
||||
|
||||
wres = ConnectNamedPipe(c->pio, NULL);
|
||||
if (!wres)
|
||||
wres = (GetLastError() == ERROR_PIPE_CONNECTED);
|
||||
|
||||
if (!wres) {
|
||||
hprintf(c->pipe, "error ConnectNamedPipe(pio)\n");
|
||||
goto finishClosePerr;
|
||||
}
|
||||
|
||||
wres = ConnectNamedPipe(c->perr, NULL);
|
||||
if (!wres)
|
||||
wres = (GetLastError() == ERROR_PIPE_CONNECTED);
|
||||
|
||||
if (!wres) {
|
||||
hprintf(c->pipe, "error ConnectNamedPipe(perr)\n");
|
||||
goto finishDisconnectPio;
|
||||
}
|
||||
|
||||
SetHandleInformation(c->pio, HANDLE_FLAG_INHERIT, 1);
|
||||
SetHandleInformation(c->perr, HANDLE_FLAG_INHERIT, 1);
|
||||
|
||||
|
||||
SECURITY_ATTRIBUTES sattr;
|
||||
sattr.nLength = sizeof(SECURITY_ATTRIBUTES);
|
||||
sattr.bInheritHandle = TRUE;
|
||||
sattr.lpSecurityDescriptor = NULL;
|
||||
|
||||
PROCESS_INFORMATION pi;
|
||||
ZeroMemory(&pi, sizeof(PROCESS_INFORMATION));
|
||||
|
||||
STARTUPINFO si;
|
||||
ZeroMemory(&si, sizeof(STARTUPINFO));
|
||||
si.cb = sizeof(STARTUPINFO);
|
||||
si.hStdInput = c->pio;
|
||||
si.hStdOutput = c->pio;
|
||||
si.hStdError = c->perr;
|
||||
si.dwFlags |= STARTF_USESTDHANDLES;
|
||||
|
||||
if (CreateProcessAsUser(
|
||||
c->token,
|
||||
NULL,
|
||||
cmdline, /* command line */
|
||||
NULL, /* process security attributes */
|
||||
NULL, /* primary thread security attributes */
|
||||
TRUE, /* handles are inherited */
|
||||
0, /* creation flags */
|
||||
NULL, /* use parent's environment */
|
||||
NULL, /* use parent's current directory */
|
||||
&si, /* STARTUPINFO pointer */
|
||||
&pi)) /* receives PROCESS_INFORMATION */
|
||||
{
|
||||
HANDLE hlist[2] = {c->pipe->o.hEvent, pi.hProcess};
|
||||
DWORD ec;
|
||||
char str[1];
|
||||
|
||||
if (!ResetEvent(c->pipe->o.hEvent))
|
||||
SvcDebugOut("ResetEvent error - %d\n", GetLastError());
|
||||
if (!ReadFile(c->pipe->h, str, 1, NULL, &c->pipe->o) && GetLastError() != ERROR_IO_PENDING)
|
||||
SvcDebugOut("ReadFile(control_pipe) error - %d\n", GetLastError());
|
||||
ec = WaitForMultipleObjects(2, hlist, FALSE, INFINITE);
|
||||
SvcDebugOut("WaitForMultipleObjects=%d\n", ec - WAIT_OBJECT_0);
|
||||
if (ec != WAIT_OBJECT_0)
|
||||
GetExitCodeProcess(pi.hProcess, &ec);
|
||||
else
|
||||
TerminateProcess(pi.hProcess, ec = 0x1234);
|
||||
FlushFileBuffers(c->pio);
|
||||
FlushFileBuffers(c->perr);
|
||||
CloseHandle(pi.hProcess);
|
||||
CloseHandle(pi.hThread);
|
||||
hprintf(c->pipe, CMD_RETURN_CODE " %08X\n", ec);
|
||||
} else {
|
||||
hprintf(c->pipe, "error Creating process(%s) %d\n", cmdline, GetLastError());
|
||||
}
|
||||
|
||||
DisconnectNamedPipe(c->perr);
|
||||
finishDisconnectPio:
|
||||
DisconnectNamedPipe(c->pio);
|
||||
finishClosePerr:
|
||||
CloseHandle(c->perr);
|
||||
finishClosePio:
|
||||
CloseHandle(c->pio);
|
||||
finishCloseToken:
|
||||
CloseHandle(c->token);
|
||||
finish:
|
||||
return res;
|
||||
}
|
||||
|
||||
CMD_ITEM cmd_table[] = {
|
||||
{"run", cmd_run},
|
||||
{"set", cmd_set},
|
||||
{"get", cmd_get},
|
||||
{NULL, NULL}
|
||||
};
|
||||
|
||||
typedef struct {
|
||||
OV_HANDLE *pipe;
|
||||
int conn_number;
|
||||
} connection_data;
|
||||
|
||||
#define MAX_COMMAND_LENGTH (32768)
|
||||
|
||||
VOID handle_connection(connection_data *data)
|
||||
{
|
||||
char *cmd = 0;
|
||||
int res;
|
||||
connection_context _c, *c = &_c;
|
||||
cmd = malloc(MAX_COMMAND_LENGTH);
|
||||
if (!cmd) {
|
||||
hprintf(data->pipe,
|
||||
"error: unable to allocate buffer for command\n");
|
||||
return;
|
||||
}
|
||||
ZeroMemory(cmd, MAX_COMMAND_LENGTH);
|
||||
ZeroMemory(c, sizeof(connection_context));
|
||||
c->pipe = data->pipe;
|
||||
c->cmd = cmd;
|
||||
c->conn_number = data->conn_number;
|
||||
free(data);
|
||||
/* FIXME make wait for end of process or ctrl_pipe input */
|
||||
while (1) {
|
||||
res = hgets(cmd, MAX_COMMAND_LENGTH, c->pipe);
|
||||
if (res <= 0) {
|
||||
SvcDebugOut("Error reading from pipe(%08X)\n", (int) c->pipe->h);
|
||||
goto finish;
|
||||
}
|
||||
SvcDebugOut("Retrieved line: \"%s\"\n", (int)cmd);
|
||||
CMD_ITEM *ci;
|
||||
for (ci = cmd_table; ci->name; ++ci) {
|
||||
if (strstr(cmd, ci->name) != cmd) continue;
|
||||
char c = cmd[strlen(ci->name)];
|
||||
if (!c || (c == ' '))
|
||||
break;
|
||||
}
|
||||
if (ci->name) {
|
||||
if (!ci->func(c))
|
||||
goto finish;
|
||||
} else
|
||||
hprintf(c->pipe, "error Ignoring unknown command (%s)\n", cmd);
|
||||
}
|
||||
finish:
|
||||
FlushFileBuffers(c->pipe->h);
|
||||
DisconnectNamedPipe(c->pipe->h);
|
||||
CloseHandle(c->pipe->h);
|
||||
CloseHandle(c->pipe->o.hEvent);
|
||||
free(c->pipe);
|
||||
free(cmd);
|
||||
}
|
||||
|
||||
static int conn_number = 0;
|
||||
|
||||
DWORD WINAPI server_loop(LPVOID lpParameter)
|
||||
{
|
||||
BOOL res;
|
||||
|
||||
SvcDebugOut("server_loop: alive\n", 0);
|
||||
if (!CreatePipesSA()) {
|
||||
SvcDebugOut("CreatePipesSA failed (%08X)\n",
|
||||
GetLastError());
|
||||
return -1;
|
||||
}
|
||||
SvcDebugOut("server_loop: CreatePipesSA done\n", 0);
|
||||
for (;;) {
|
||||
SvcDebugOut("server_loop: Create Pipe\n", 0);
|
||||
OV_HANDLE *pipe;
|
||||
pipe = (OV_HANDLE *)malloc(sizeof(OV_HANDLE));
|
||||
ZeroMemory(&pipe->o, sizeof(OVERLAPPED));
|
||||
pipe->o.hEvent = CreateEvent(NULL, TRUE, TRUE, NULL);
|
||||
pipe->h = CreateNamedPipe("\\\\.\\pipe\\" PIPE_NAME,
|
||||
PIPE_ACCESS_DUPLEX | FILE_FLAG_OVERLAPPED,
|
||||
PIPE_WAIT,
|
||||
PIPE_UNLIMITED_INSTANCES,
|
||||
BUFSIZE,
|
||||
BUFSIZE,
|
||||
NMPWAIT_USE_DEFAULT_WAIT,
|
||||
&sa);
|
||||
|
||||
if (pipe->h == INVALID_HANDLE_VALUE) {
|
||||
SvcDebugOut("CreatePipe failed(%08X)\n",
|
||||
GetLastError());
|
||||
CloseHandle(pipe->o.hEvent);
|
||||
free(pipe);
|
||||
return 0;
|
||||
}
|
||||
|
||||
SvcDebugOut("server_loop: Connect Pipe\n", 0);
|
||||
if (ConnectNamedPipe(pipe->h, &pipe->o)) {
|
||||
SvcDebugOut("server_loop: Connect Pipe err %08X\n", GetLastError());
|
||||
res = FALSE;
|
||||
} else {
|
||||
switch (GetLastError()) {
|
||||
case ERROR_IO_PENDING:
|
||||
SvcDebugOut("server_loop: Connect Pipe(0) pending\n", 0);
|
||||
DWORD t;
|
||||
res = GetOverlappedResult(pipe->h, &pipe->o, &t, TRUE);
|
||||
break;
|
||||
case ERROR_PIPE_CONNECTED:
|
||||
SvcDebugOut("server_loop: Connect Pipe(0) connected\n", 0);
|
||||
res = TRUE;
|
||||
break;
|
||||
default:
|
||||
SvcDebugOut("server_loop: Connect Pipe(0) err %08X\n", GetLastError());
|
||||
res = FALSE;
|
||||
}
|
||||
}
|
||||
|
||||
if (res) {
|
||||
connection_data *cd = malloc(sizeof(connection_data));
|
||||
cd->pipe = pipe;
|
||||
cd->conn_number = ++conn_number;
|
||||
SvcDebugOut("server_loop: CreateThread\n", 0);
|
||||
HANDLE th = CreateThread(NULL, /* no security attribute */
|
||||
0, /* default stack size */
|
||||
(LPTHREAD_START_ROUTINE)
|
||||
handle_connection,
|
||||
(LPVOID) cd, /* thread parameter */
|
||||
0, /* not suspended */
|
||||
NULL); /* returns thread ID */
|
||||
if (!th) {
|
||||
SvcDebugOut("Cannot create thread\n", 0);
|
||||
CloseHandle(pipe->h);
|
||||
CloseHandle(pipe->o.hEvent);
|
||||
free(pipe);
|
||||
} else {
|
||||
CloseHandle(th);
|
||||
SvcDebugOut("server_loop: Thread created\n", 0);
|
||||
}
|
||||
} else {
|
||||
SvcDebugOut("server_loop: Pipe not connected\n", 0);
|
||||
CloseHandle(pipe->h);
|
||||
CloseHandle(pipe->o.hEvent);
|
||||
free(pipe);
|
||||
}
|
||||
}
|
||||
SvcDebugOut("server_loop: STH wrong\n", 0);
|
||||
}
|
||||
@@ -0,0 +1,379 @@
|
||||
unsigned int winexesvc_exe_len = 9728;
|
||||
unsigned char winexesvc_exe[] = {
|
||||
77,90,144,0,3,0,0,0,4,0,0,0,255,255,0,0,184,0,0,0,0,0,0,0,64,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,128,0,0,0,14,31,186,14,
|
||||
0,180,9,205,33,184,1,76,205,33,84,104,105,115,32,112,114,111,103,114,97,109,
|
||||
32,99,97,110,110,111,116,32,98,101,32,114,117,110,32,105,110,32,68,79,83,32,
|
||||
109,111,100,101,46,13,13,10,36,0,0,0,0,0,0,0,80,69,0,0,76,1,5,0,220,249,33,
|
||||
71,0,0,0,0,0,0,0,0,224,0,15,3,11,1,2,56,0,20,0,0,0,14,0,0,0,2,0,0,47,18,0,0,
|
||||
0,16,0,0,0,48,0,0,0,0,64,0,0,16,0,0,0,2,0,0,4,0,0,0,1,0,0,0,4,0,0,0,0,0,0,0,
|
||||
0,112,0,0,0,4,0,0,137,234,0,0,3,0,0,0,0,0,32,0,0,16,0,0,0,0,16,0,0,16,0,0,0,
|
||||
0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,96,0,0,104,7,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,46,116,101,120,116,0,0,0,112,
|
||||
19,0,0,0,16,0,0,0,20,0,0,0,4,0,0,0,0,0,0,0,0,0,0,0,0,0,0,32,0,0,96,46,100,97,
|
||||
116,97,0,0,0,112,0,0,0,0,48,0,0,0,2,0,0,0,24,0,0,0,0,0,0,0,0,0,0,0,0,0,0,64,
|
||||
0,0,192,46,114,100,97,116,97,0,0,224,2,0,0,0,64,0,0,0,4,0,0,0,26,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,64,0,0,64,46,98,115,115,0,0,0,0,176,0,0,0,0,80,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,128,0,0,192,46,105,100,97,116,97,0,0,104,7,0,0,
|
||||
0,96,0,0,0,8,0,0,0,30,0,0,0,0,0,0,0,0,0,0,0,0,0,0,64,0,0,192,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,85,137,229,131,236,8,199,69,248,
|
||||
0,0,0,0,131,236,12,141,69,248,80,255,53,64,48,64,0,141,69,252,80,104,4,80,64,
|
||||
0,104,0,80,64,0,232,99,16,0,0,131,196,32,201,195,85,137,229,131,236,8,131,61,
|
||||
32,80,64,0,0,116,118,161,32,80,64,0,163,80,48,64,0,131,61,36,98,64,0,0,116,
|
||||
25,131,236,8,255,53,32,80,64,0,161,36,98,64,0,255,112,16,232,22,16,0,0,131,
|
||||
196,16,131,61,36,98,64,0,224,116,28,131,236,8,255,53,32,80,64,0,161,36,98,64,
|
||||
0,131,192,32,255,112,16,232,241,15,0,0,131,196,16,131,61,36,98,64,0,192,116,
|
||||
28,131,236,8,255,53,32,80,64,0,161,36,98,64,0,131,192,64,255,112,16,232,204,
|
||||
15,0,0,131,196,16,232,180,15,0,0,137,194,161,80,48,64,0,137,2,201,195,85,137,
|
||||
229,131,236,24,199,69,248,0,0,0,0,199,69,244,0,0,0,0,139,69,8,139,0,139,0,
|
||||
137,69,240,129,125,240,145,0,0,192,119,23,129,125,240,141,0,0,192,115,113,
|
||||
129,125,240,5,0,0,192,116,28,233,191,0,0,0,129,125,240,147,0,0,192,116,90,
|
||||
129,125,240,148,0,0,192,116,88,233,168,0,0,0,131,236,8,106,0,106,11,232,56,
|
||||
15,0,0,131,196,16,137,69,252,131,125,252,1,117,24,131,236,8,106,1,106,11,232,
|
||||
32,15,0,0,131,196,16,199,69,248,255,255,255,255,235,120,131,125,252,0,116,
|
||||
114,131,236,12,106,11,139,69,252,255,208,131,196,16,199,69,248,255,255,255,
|
||||
255,235,92,199,69,244,1,0,0,0,131,236,8,106,0,106,8,232,229,14,0,0,131,196,
|
||||
16,137,69,252,131,125,252,1,117,35,131,236,8,106,1,106,8,232,205,14,0,0,131,
|
||||
196,16,131,125,244,0,116,5,232,191,13,0,0,199,69,248,255,255,255,255,235,26,
|
||||
131,125,252,0,116,20,131,236,12,106,8,139,69,252,255,208,131,196,16,199,69,
|
||||
248,255,255,255,255,139,69,248,201,194,4,0,85,137,229,131,236,8,131,236,12,
|
||||
104,199,16,64,0,232,66,15,0,0,131,196,12,232,122,13,0,0,232,21,254,255,255,
|
||||
232,66,254,255,255,232,68,13,0,0,131,228,240,131,236,4,131,236,12,232,77,14,
|
||||
0,0,131,196,12,255,48,255,53,4,80,64,0,255,53,0,80,64,0,232,173,12,0,0,131,
|
||||
196,16,137,69,252,232,28,14,0,0,131,236,12,255,117,252,232,1,15,0,0,85,137,
|
||||
229,131,236,8,131,236,12,106,1,161,28,98,64,0,255,208,131,196,16,232,130,255,
|
||||
255,255,85,137,229,131,236,8,131,236,12,106,2,161,28,98,64,0,255,208,131,196,
|
||||
16,232,104,255,255,255,85,137,229,131,236,8,131,236,12,255,117,8,161,52,98,
|
||||
64,0,255,208,131,196,16,201,195,85,137,229,131,236,8,131,236,12,255,117,8,
|
||||
161,40,98,64,0,255,208,131,196,16,201,195,144,144,144,144,144,144,144,144,
|
||||
144,144,144,144,144,85,137,229,49,192,87,252,141,125,204,185,6,0,0,0,131,236,
|
||||
56,199,69,200,0,0,0,0,199,69,196,0,0,0,0,243,170,141,69,200,80,106,0,106,0,
|
||||
106,0,106,0,106,0,106,0,104,32,2,0,0,106,32,106,2,141,69,204,80,198,69,209,5,
|
||||
232,152,15,0,0,49,210,133,192,15,132,142,0,0,0,139,69,200,137,69,248,141,69,
|
||||
196,80,106,0,141,69,220,80,106,1,199,69,220,255,1,31,0,199,69,224,2,0,0,0,
|
||||
199,69,228,0,0,0,0,199,69,240,0,0,0,0,199,69,244,2,0,0,0,232,100,15,0,0,49,
|
||||
210,133,192,117,78,106,20,106,64,232,5,14,0,0,49,210,133,192,137,199,116,61,
|
||||
106,1,80,232,85,15,0,0,49,210,133,192,116,47,106,0,255,117,196,106,1,87,232,
|
||||
82,15,0,0,49,210,133,192,116,28,199,5,80,80,64,0,12,0,0,0,137,61,84,80,64,0,
|
||||
199,5,88,80,64,0,0,0,0,0,178,1,137,208,139,125,252,201,195,85,137,229,87,86,
|
||||
83,80,80,139,117,12,139,93,8,199,69,236,0,0,0,0,131,238,2,120,77,139,125,16,
|
||||
131,199,4,87,106,0,106,1,83,139,69,16,255,48,232,153,13,0,0,133,192,117,12,
|
||||
232,160,13,0,0,61,229,3,0,0,117,39,106,1,141,69,240,80,87,139,69,16,255,48,
|
||||
232,152,13,0,0,133,192,116,18,131,125,240,0,116,12,128,59,10,116,7,255,69,
|
||||
236,67,78,235,177,198,3,0,139,69,236,141,101,244,91,94,95,201,195,85,137,229,
|
||||
87,86,83,129,236,4,4,0,0,141,69,16,80,255,117,12,104,0,4,0,0,141,133,244,251,
|
||||
255,255,139,93,8,80,232,237,12,0,0,141,115,4,131,196,16,86,106,0,49,192,252,
|
||||
131,201,255,141,189,244,251,255,255,242,174,247,209,73,81,141,133,244,251,
|
||||
255,255,80,255,51,232,52,13,0,0,133,192,117,29,232,11,13,0,0,61,229,3,0,0,
|
||||
117,17,106,1,141,133,240,251,255,255,80,86,255,51,232,3,13,0,0,255,51,232,28,
|
||||
13,0,0,139,133,240,251,255,255,141,101,244,91,94,95,201,195,85,137,229,87,86,
|
||||
83,131,236,24,106,32,139,117,8,255,118,4,199,69,240,0,0,0,0,232,97,12,0,0,
|
||||
133,192,89,91,137,195,15,132,216,0,0,0,255,53,32,48,64,0,67,83,232,56,12,0,0,
|
||||
57,216,95,90,117,48,161,32,48,64,0,137,69,236,131,201,255,49,192,252,139,125,
|
||||
236,242,174,247,209,141,65,255,128,60,3,32,117,18,141,68,3,1,80,232,250,11,0,
|
||||
0,137,70,24,233,141,0,0,0,255,53,36,48,64,0,83,232,246,11,0,0,57,216,90,89,
|
||||
117,40,49,192,131,201,255,139,61,36,48,64,0,252,242,174,247,209,141,65,255,
|
||||
128,60,3,32,117,15,141,68,3,1,80,232,189,11,0,0,137,70,20,235,83,255,53,40,
|
||||
48,64,0,83,232,188,11,0,0,57,216,89,95,117,45,161,40,48,64,0,137,69,220,131,
|
||||
201,255,49,192,252,139,125,220,242,174,247,209,141,65,255,128,60,3,32,117,15,
|
||||
141,68,3,1,80,232,190,10,0,0,137,70,28,235,20,255,118,4,104,34,64,64,0,255,
|
||||
54,232,134,254,255,255,131,196,12,235,8,90,199,69,240,1,0,0,0,139,69,240,141,
|
||||
101,244,91,94,95,201,195,85,137,229,87,86,83,86,86,106,32,139,69,8,255,112,4,
|
||||
199,69,240,0,0,0,0,232,86,11,0,0,133,192,89,91,137,198,116,98,141,88,1,255,
|
||||
53,44,48,64,0,83,232,47,11,0,0,57,216,95,90,117,27,161,44,48,64,0,137,69,236,
|
||||
131,201,255,49,192,252,139,125,236,242,174,247,209,128,60,49,0,116,23,139,69,
|
||||
8,255,112,4,104,69,64,64,0,255,48,232,8,254,255,255,131,196,12,235,27,106,80,
|
||||
104,98,64,64,0,139,69,8,255,48,232,242,253,255,255,131,196,12,199,69,240,1,0,
|
||||
0,0,139,69,240,141,101,244,91,94,95,201,195,85,137,229,86,83,106,47,139,93,8,
|
||||
83,232,209,10,0,0,133,192,90,139,117,12,89,117,14,106,92,83,232,192,10,0,0,
|
||||
133,192,90,89,116,9,198,0,0,64,137,94,4,235,9,137,216,199,70,4,114,64,64,0,
|
||||
137,6,106,37,80,232,158,10,0,0,133,192,90,89,116,4,198,0,0,64,137,70,8,141,
|
||||
101,248,91,184,1,0,0,0,94,201,195,85,137,229,86,83,131,236,20,139,93,8,139,
|
||||
83,28,49,246,133,210,116,106,141,69,232,80,82,232,134,255,255,255,133,192,90,
|
||||
89,117,19,104,116,64,64,0,255,51,232,81,253,255,255,91,88,233,45,1,0,0,141,
|
||||
67,16,80,106,0,106,2,255,117,240,255,117,236,255,117,232,232,248,11,0,0,133,
|
||||
192,117,35,232,143,10,0,0,80,255,117,240,255,117,236,255,117,232,104,151,64,
|
||||
64,0,255,51,232,21,253,255,255,131,196,24,233,240,0,0,0,190,1,0,0,0,233,230,
|
||||
0,0,0,131,123,24,0,116,37,141,69,228,80,104,255,0,15,0,232,147,10,0,0,80,232,
|
||||
189,11,0,0,133,192,117,98,232,68,10,0,0,80,104,188,64,64,0,235,24,139,3,255,
|
||||
48,232,179,11,0,0,133,192,117,23,232,42,10,0,0,80,104,222,64,64,0,255,51,232,
|
||||
185,252,255,255,233,148,0,0,0,141,69,228,80,106,0,104,255,0,15,0,232,88,10,0,
|
||||
0,80,232,146,11,0,0,133,192,117,23,232,249,9,0,0,80,104,10,65,64,0,255,51,
|
||||
232,136,252,255,255,131,196,12,235,64,141,67,16,80,106,1,255,115,20,106,0,
|
||||
104,0,0,0,2,255,117,228,232,111,11,0,0,133,192,117,23,232,198,9,0,0,80,104,
|
||||
43,65,64,0,255,51,232,85,252,255,255,131,196,12,235,5,190,1,0,0,0,255,117,
|
||||
228,232,7,10,0,0,131,123,24,0,117,32,232,76,11,0,0,133,192,117,23,232,147,9,
|
||||
0,0,80,104,76,65,64,0,255,51,232,34,252,255,255,49,246,131,196,12,141,101,
|
||||
248,91,137,240,94,201,195,85,137,229,87,86,83,129,236,132,1,0,0,106,32,139,
|
||||
117,8,255,118,4,232,255,8,0,0,133,192,90,89,137,133,112,254,255,255,15,132,
|
||||
223,2,0,0,86,255,133,112,254,255,255,232,94,254,255,255,133,192,95,15,132,
|
||||
202,2,0,0,232,165,9,0,0,137,195,193,227,16,3,94,32,83,104,106,65,64,0,141,
|
||||
189,244,254,255,255,87,232,139,8,0,0,104,80,80,64,0,106,0,104,0,1,0,0,104,0,
|
||||
1,0,0,106,1,106,0,106,3,87,232,126,9,0,0,137,70,8,131,196,12,64,117,27,232,
|
||||
240,8,0,0,80,87,104,132,65,64,0,255,54,232,126,251,255,255,131,196,16,233,98,
|
||||
2,0,0,83,104,179,65,64,0,87,232,62,8,0,0,104,80,80,64,0,106,0,104,0,1,0,0,
|
||||
104,0,1,0,0,106,1,106,0,106,3,87,232,49,9,0,0,137,70,12,131,196,12,64,117,19,
|
||||
104,206,65,64,0,255,54,232,56,251,255,255,89,91,233,21,2,0,0,83,104,236,65,
|
||||
64,0,255,54,232,36,251,255,255,106,0,255,118,8,232,14,9,0,0,131,196,12,133,
|
||||
192,117,31,232,114,8,0,0,61,23,2,0,0,116,19,104,253,65,64,0,255,54,232,251,
|
||||
250,255,255,88,90,233,208,1,0,0,106,0,255,118,12,232,222,8,0,0,133,192,117,
|
||||
31,232,69,8,0,0,61,23,2,0,0,116,19,104,26,66,64,0,255,54,232,206,250,255,255,
|
||||
91,95,233,155,1,0,0,106,1,106,1,255,118,8,232,191,8,0,0,106,1,106,1,255,118,
|
||||
12,232,179,8,0,0,141,189,212,254,255,255,252,49,192,185,4,0,0,0,243,171,106,
|
||||
68,106,0,141,157,132,254,255,255,83,199,133,228,254,255,255,12,0,0,0,199,133,
|
||||
236,254,255,255,1,0,0,0,199,133,232,254,255,255,0,0,0,0,232,21,7,0,0,139,70,
|
||||
8,137,133,188,254,255,255,137,133,192,254,255,255,139,70,12,137,133,196,254,
|
||||
255,255,141,133,212,254,255,255,80,83,106,0,106,0,106,0,106,1,106,0,106,0,
|
||||
255,181,112,254,255,255,106,0,255,118,16,129,141,176,254,255,255,0,1,0,0,199,
|
||||
133,132,254,255,255,68,0,0,0,232,69,9,0,0,131,196,12,133,192,15,132,199,0,0,
|
||||
0,139,22,139,66,20,137,133,124,254,255,255,139,133,212,254,255,255,137,133,
|
||||
128,254,255,255,255,114,20,232,11,8,0,0,139,22,141,66,4,80,106,0,106,1,141,
|
||||
133,123,254,255,255,80,255,50,232,51,7,0,0,133,192,117,5,232,58,7,0,0,106,
|
||||
255,106,0,141,133,124,254,255,255,80,106,2,232,232,7,0,0,133,192,137,133,116,
|
||||
254,255,255,116,20,141,133,116,254,255,255,80,255,181,212,254,255,255,232,
|
||||
220,7,0,0,235,26,104,52,18,0,0,255,181,212,254,255,255,199,133,116,254,255,
|
||||
255,52,18,0,0,232,208,7,0,0,255,118,8,232,24,7,0,0,255,118,12,232,16,7,0,0,
|
||||
255,181,212,254,255,255,232,53,7,0,0,255,181,216,254,255,255,232,42,7,0,0,
|
||||
255,181,116,254,255,255,104,56,66,64,0,255,54,232,84,249,255,255,131,196,12,
|
||||
235,27,232,174,6,0,0,80,255,181,112,254,255,255,104,74,66,64,0,255,54,232,55,
|
||||
249,255,255,131,196,16,255,118,12,232,128,7,0,0,255,118,8,232,120,7,0,0,255,
|
||||
118,12,232,224,6,0,0,255,118,8,232,216,6,0,0,255,118,16,232,208,6,0,0,141,
|
||||
101,244,91,94,49,192,95,201,195,85,137,229,87,86,83,131,236,56,104,0,128,0,0,
|
||||
139,93,8,232,176,5,0,0,133,192,137,198,89,117,17,104,105,66,64,0,255,51,232,
|
||||
217,248,255,255,233,229,0,0,0,104,0,128,0,0,106,0,80,232,107,5,0,0,141,125,
|
||||
196,252,49,192,185,9,0,0,0,243,171,139,3,137,69,196,139,67,4,83,137,117,200,
|
||||
137,69,228,232,90,5,0,0,131,196,16,255,117,196,104,0,128,0,0,86,232,32,248,
|
||||
255,255,131,196,12,133,192,126,104,187,0,48,64,0,131,61,0,48,64,0,0,116,71,
|
||||
255,51,86,232,108,5,0,0,57,240,95,90,117,30,139,3,137,69,188,131,201,255,49,
|
||||
192,252,139,125,188,242,174,247,209,138,68,49,255,132,192,116,12,60,32,116,8,
|
||||
131,195,8,131,59,0,235,202,131,59,0,116,14,141,125,196,87,255,83,4,133,192,
|
||||
91,117,152,235,19,86,104,151,66,64,0,255,117,196,232,43,248,255,255,131,196,
|
||||
12,235,131,139,69,196,255,48,232,176,5,0,0,139,69,196,255,48,232,102,6,0,0,
|
||||
139,69,196,255,48,232,204,5,0,0,139,69,196,255,112,20,232,193,5,0,0,255,117,
|
||||
196,232,169,4,0,0,86,232,163,4,0,0,141,101,244,91,94,95,201,195,85,137,229,
|
||||
87,83,81,232,128,246,255,255,131,202,255,133,192,15,132,246,0,0,0,235,21,255,
|
||||
115,20,232,139,5,0,0,83,232,117,4,0,0,49,210,233,223,0,0,0,106,24,232,119,4,
|
||||
0,0,137,195,252,141,120,4,185,5,0,0,0,49,192,243,171,106,0,106,1,106,1,106,0,
|
||||
232,251,5,0,0,137,67,20,104,80,80,64,0,106,0,104,0,1,0,0,104,0,1,0,0,104,255,
|
||||
0,0,0,106,0,104,3,0,0,64,104,188,66,64,0,232,81,5,0,0,137,3,131,248,255,90,
|
||||
116,150,141,123,4,87,80,232,79,5,0,0,133,192,117,97,232,182,4,0,0,61,23,2,0,
|
||||
0,116,25,61,229,3,0,0,117,78,106,1,141,69,244,80,87,255,51,232,170,4,0,0,133,
|
||||
192,116,60,106,8,232,239,3,0,0,139,21,16,80,64,0,66,137,24,137,21,16,80,64,0,
|
||||
137,80,4,106,0,106,0,80,104,250,26,64,0,106,0,106,0,232,122,5,0,0,133,192,95,
|
||||
116,11,80,232,191,4,0,0,233,60,255,255,255,255,51,232,179,4,0,0,255,115,20,
|
||||
232,171,4,0,0,83,232,149,3,0,0,91,233,33,255,255,255,141,101,248,91,137,208,
|
||||
95,201,194,4,0,144,144,144,144,85,137,229,139,69,8,131,248,2,116,14,119,5,72,
|
||||
116,33,235,71,131,248,3,116,14,235,64,199,5,100,80,64,0,7,0,0,0,235,52,199,5,
|
||||
100,80,64,0,4,0,0,0,235,40,199,5,108,80,64,0,0,0,0,0,199,5,100,80,64,0,1,0,0,
|
||||
0,199,5,116,80,64,0,0,0,0,0,199,5,120,80,64,0,0,0,0,0,104,96,80,64,0,255,53,
|
||||
128,80,64,0,232,151,5,0,0,133,192,117,5,232,190,3,0,0,201,194,4,0,85,137,229,
|
||||
106,0,106,0,106,0,104,21,28,64,0,106,0,106,0,232,179,4,0,0,133,192,186,1,0,0,
|
||||
0,116,8,80,232,244,3,0,0,49,210,137,208,201,195,85,137,229,80,104,48,29,64,0,
|
||||
104,208,66,64,0,199,5,96,80,64,0,48,0,0,0,199,5,100,80,64,0,2,0,0,0,199,5,
|
||||
104,80,64,0,3,0,0,0,199,5,108,80,64,0,0,0,0,0,199,5,112,80,64,0,0,0,0,0,199,
|
||||
5,116,80,64,0,0,0,0,0,199,5,120,80,64,0,0,0,0,0,232,21,5,0,0,133,192,163,128,
|
||||
80,64,0,15,132,138,0,0,0,141,69,252,80,255,117,12,255,117,8,232,95,255,255,
|
||||
255,131,196,12,133,192,116,61,104,96,80,64,0,163,108,80,64,0,255,53,128,80,
|
||||
64,0,139,69,252,199,5,100,80,64,0,1,0,0,0,199,5,116,80,64,0,0,0,0,0,199,5,
|
||||
120,80,64,0,0,0,0,0,163,112,80,64,0,232,167,4,0,0,235,55,104,96,80,64,0,255,
|
||||
53,128,80,64,0,199,5,100,80,64,0,4,0,0,0,199,5,116,80,64,0,0,0,0,0,199,5,120,
|
||||
80,64,0,0,0,0,0,232,119,4,0,0,133,192,117,5,232,158,2,0,0,201,194,8,0,85,137,
|
||||
229,131,236,16,232,35,1,0,0,141,69,240,80,199,69,240,208,66,64,0,199,69,244,
|
||||
210,29,64,0,199,69,248,0,0,0,0,199,69,252,0,0,0,0,232,90,4,0,0,49,192,201,
|
||||
195,144,144,144,144,144,144,85,137,229,131,236,8,139,69,8,137,69,248,139,69,
|
||||
248,59,69,12,115,35,139,85,248,139,69,16,3,66,4,137,69,252,139,77,252,139,85,
|
||||
252,139,69,248,139,0,3,2,137,1,141,69,248,131,0,8,235,213,201,195,85,137,229,
|
||||
104,0,0,64,0,104,224,66,64,0,104,224,66,64,0,232,176,255,255,255,131,196,12,
|
||||
201,195,144,144,144,144,144,144,144,144,144,144,144,85,137,229,219,227,201,
|
||||
195,144,144,144,144,144,144,144,144,144,85,137,229,131,236,8,161,96,48,64,0,
|
||||
131,56,0,116,18,161,96,48,64,0,139,0,255,208,131,5,96,48,64,0,4,235,228,201,
|
||||
195,85,137,229,131,236,8,161,96,35,64,0,137,69,252,131,125,252,255,117,27,
|
||||
199,69,252,0,0,0,0,139,69,252,131,60,133,100,35,64,0,0,116,7,141,69,252,255,
|
||||
0,235,236,139,69,252,137,69,248,131,125,248,0,116,19,139,69,248,139,4,133,96,
|
||||
35,64,0,255,208,141,69,248,255,8,235,231,131,236,12,104,112,31,64,0,232,116,
|
||||
242,255,255,131,196,16,201,195,85,137,229,131,236,8,131,61,48,80,64,0,0,117,
|
||||
15,199,5,48,80,64,0,1,0,0,0,232,130,255,255,255,201,195,144,144,144,144,144,
|
||||
144,144,144,144,144,144,144,255,37,4,98,64,0,144,144,0,0,0,0,0,0,0,0,255,37,
|
||||
28,98,64,0,144,144,0,0,0,0,0,0,0,0,255,37,32,98,64,0,144,144,0,0,0,0,0,0,0,0,
|
||||
255,37,20,98,64,0,144,144,0,0,0,0,0,0,0,0,255,37,72,98,64,0,144,144,0,0,0,0,
|
||||
0,0,0,0,255,37,24,98,64,0,144,144,0,0,0,0,0,0,0,0,255,37,44,98,64,0,144,144,
|
||||
0,0,0,0,0,0,0,0,255,37,16,98,64,0,144,144,0,0,0,0,0,0,0,0,255,37,68,98,64,0,
|
||||
144,144,0,0,0,0,0,0,0,0,255,37,60,98,64,0,144,144,0,0,0,0,0,0,0,0,255,37,64,
|
||||
98,64,0,144,144,0,0,0,0,0,0,0,0,255,37,76,98,64,0,144,144,0,0,0,0,0,0,0,0,
|
||||
255,37,56,98,64,0,144,144,0,0,0,0,0,0,0,0,255,37,84,98,64,0,144,144,0,0,0,0,
|
||||
0,0,0,0,255,37,80,98,64,0,144,144,0,0,0,0,0,0,0,0,255,37,48,98,64,0,144,144,
|
||||
0,0,0,0,0,0,0,0,255,37,236,97,64,0,144,144,0,0,0,0,0,0,0,0,255,37,188,97,64,
|
||||
0,144,144,0,0,0,0,0,0,0,0,255,37,220,97,64,0,144,144,0,0,0,0,0,0,0,0,255,37,
|
||||
224,97,64,0,144,144,0,0,0,0,0,0,0,0,255,37,212,97,64,0,144,144,0,0,0,0,0,0,0,
|
||||
0,255,37,216,97,64,0,144,144,0,0,0,0,0,0,0,0,255,37,248,97,64,0,144,144,0,0,
|
||||
0,0,0,0,0,0,255,37,192,97,64,0,144,144,0,0,0,0,0,0,0,0,255,37,196,97,64,0,
|
||||
144,144,0,0,0,0,0,0,0,0,255,37,204,97,64,0,144,144,0,0,0,0,0,0,0,0,255,37,
|
||||
164,97,64,0,144,144,0,0,0,0,0,0,0,0,255,37,200,97,64,0,144,144,0,0,0,0,0,0,0,
|
||||
0,255,37,176,97,64,0,144,144,0,0,0,0,0,0,0,0,255,37,168,97,64,0,144,144,0,0,
|
||||
0,0,0,0,0,0,255,37,232,97,64,0,144,144,0,0,0,0,0,0,0,0,255,37,228,97,64,0,
|
||||
144,144,0,0,0,0,0,0,0,0,255,37,244,97,64,0,144,144,0,0,0,0,0,0,0,0,255,37,
|
||||
208,97,64,0,144,144,0,0,0,0,0,0,0,0,255,37,240,97,64,0,144,144,0,0,0,0,0,0,0,
|
||||
0,255,37,184,97,64,0,144,144,0,0,0,0,0,0,0,0,255,37,172,97,64,0,144,144,0,0,
|
||||
0,0,0,0,0,0,255,37,180,97,64,0,144,144,0,0,0,0,0,0,0,0,255,37,100,97,64,0,
|
||||
144,144,0,0,0,0,0,0,0,0,255,37,140,97,64,0,144,144,0,0,0,0,0,0,0,0,255,37,
|
||||
116,97,64,0,144,144,0,0,0,0,0,0,0,0,255,37,144,97,64,0,144,144,0,0,0,0,0,0,0,
|
||||
0,255,37,120,97,64,0,144,144,0,0,0,0,0,0,0,0,255,37,124,97,64,0,144,144,0,0,
|
||||
0,0,0,0,0,0,255,37,112,97,64,0,144,144,0,0,0,0,0,0,0,0,255,37,128,97,64,0,
|
||||
144,144,0,0,0,0,0,0,0,0,255,37,108,97,64,0,144,144,0,0,0,0,0,0,0,0,255,37,
|
||||
136,97,64,0,144,144,0,0,0,0,0,0,0,0,255,37,104,97,64,0,144,144,0,0,0,0,0,0,0,
|
||||
0,255,37,148,97,64,0,144,144,0,0,0,0,0,0,0,0,255,37,132,97,64,0,144,144,0,0,
|
||||
0,0,0,0,0,0,255,37,152,97,64,0,144,144,0,0,0,0,0,0,0,0,255,255,255,255,0,0,0,
|
||||
0,255,255,255,255,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,64,64,0,232,23,64,0,4,64,64,0,130,20,64,0,8,64,64,0,142,21,64,0,
|
||||
0,0,0,0,0,0,0,0,12,64,64,0,19,64,64,0,28,64,64,0,61,64,64,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,255,255,255,255,0,0,0,0,0,0,0,0,0,0,0,0,0,64,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,108,35,64,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,114,117,110,0,115,101,116,0,103,101,116,0,115,121,115,116,101,
|
||||
109,0,105,109,112,108,101,118,101,108,0,114,117,110,97,115,0,101,114,114,111,
|
||||
114,32,85,110,107,110,111,119,110,32,99,111,109,109,97,100,32,40,37,115,41,
|
||||
10,0,118,101,114,115,105,111,110,0,101,114,114,111,114,32,85,110,107,110,111,
|
||||
119,110,32,97,114,103,117,109,101,110,116,32,40,37,115,41,10,0,118,101,114,
|
||||
115,105,111,110,32,48,120,37,48,52,88,10,0,46,0,101,114,114,111,114,32,73,
|
||||
110,99,111,114,114,101,99,116,32,114,117,110,97,115,32,99,114,101,100,101,
|
||||
110,116,105,97,108,115,10,0,101,114,114,111,114,32,67,97,110,110,111,116,32,
|
||||
76,111,103,111,110,85,115,101,114,40,37,115,44,37,115,44,37,115,41,32,37,100,
|
||||
10,0,101,114,114,111,114,32,67,97,110,110,111,116,32,79,112,101,110,80,114,
|
||||
111,99,101,115,115,84,111,107,101,110,32,37,100,10,0,101,114,114,111,114,32,
|
||||
67,97,110,110,111,116,32,73,109,112,101,114,115,111,110,97,116,101,78,97,109,
|
||||
101,100,80,105,112,101,67,108,105,101,110,116,32,37,100,10,0,101,114,114,111,
|
||||
114,32,67,97,110,110,111,116,32,79,112,101,110,84,104,114,101,97,100,84,111,
|
||||
107,101,110,32,37,100,10,0,101,114,114,111,114,32,67,97,110,110,111,116,32,
|
||||
68,117,112,108,105,99,97,116,101,32,84,111,107,101,110,32,37,100,10,0,101,
|
||||
114,114,111,114,32,67,97,110,110,111,116,32,82,101,118,101,114,116,84,111,83,
|
||||
101,108,102,32,37,100,10,0,92,92,46,92,112,105,112,101,92,97,104,101,120,101,
|
||||
99,95,115,116,100,105,111,37,48,56,88,0,101,114,114,111,114,32,67,97,110,110,
|
||||
111,116,32,99,114,101,97,116,101,32,105,111,32,112,105,112,101,40,37,115,41,
|
||||
44,32,101,114,114,111,114,32,48,120,37,48,56,88,10,0,92,92,46,92,112,105,112,
|
||||
101,92,97,104,101,120,101,99,95,115,116,100,101,114,114,37,48,56,88,0,101,
|
||||
114,114,111,114,32,67,97,110,110,111,116,32,99,114,101,97,116,101,32,101,114,
|
||||
114,32,112,105,112,101,10,0,115,116,100,95,105,111,95,101,114,114,32,37,48,
|
||||
56,88,10,0,101,114,114,111,114,32,67,111,110,110,101,99,116,78,97,109,101,
|
||||
100,80,105,112,101,40,112,105,111,41,10,0,101,114,114,111,114,32,67,111,110,
|
||||
110,101,99,116,78,97,109,101,100,80,105,112,101,40,112,101,114,114,41,10,0,
|
||||
114,101,116,117,114,110,95,99,111,100,101,32,37,48,56,88,10,0,101,114,114,
|
||||
111,114,32,67,114,101,97,116,105,110,103,32,112,114,111,99,101,115,115,40,37,
|
||||
115,41,32,37,100,10,0,101,114,114,111,114,58,32,117,110,97,98,108,101,32,116,
|
||||
111,32,97,108,108,111,99,97,116,101,32,98,117,102,102,101,114,32,102,111,114,
|
||||
32,99,111,109,109,97,110,100,10,0,101,114,114,111,114,32,73,103,110,111,114,
|
||||
105,110,103,32,117,110,107,110,111,119,110,32,99,111,109,109,97,110,100,32,
|
||||
40,37,115,41,10,0,92,92,46,92,112,105,112,101,92,97,104,101,120,101,99,0,0,0,
|
||||
0,0,119,105,110,101,120,101,115,118,99,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,104,96,0,0,0,0,0,0,0,0,0,0,140,102,0,0,100,97,0,0,168,96,
|
||||
0,0,0,0,0,0,0,0,0,0,244,102,0,0,164,97,0,0,8,97,0,0,0,0,0,0,0,0,0,0,8,103,0,
|
||||
0,4,98,0,0,20,97,0,0,0,0,0,0,0,0,0,0,92,103,0,0,16,98,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,92,98,0,0,120,98,0,0,144,98,0,0,164,98,0,0,196,
|
||||
98,0,0,228,98,0,0,244,98,0,0,8,99,0,0,28,99,0,0,60,99,0,0,76,99,0,0,96,99,0,
|
||||
0,124,99,0,0,144,99,0,0,0,0,0,0,0,0,0,0,176,99,0,0,192,99,0,0,212,99,0,0,228,
|
||||
99,0,0,248,99,0,0,8,100,0,0,32,100,0,0,48,100,0,0,68,100,0,0,88,100,0,0,112,
|
||||
100,0,0,132,100,0,0,156,100,0,0,172,100,0,0,196,100,0,0,212,100,0,0,224,100,
|
||||
0,0,240,100,0,0,8,101,0,0,40,101,0,0,60,101,0,0,88,101,0,0,0,0,0,0,0,0,0,0,
|
||||
100,101,0,0,0,0,0,0,0,0,0,0,112,101,0,0,128,101,0,0,144,101,0,0,160,101,0,0,
|
||||
180,101,0,0,192,101,0,0,200,101,0,0,212,101,0,0,224,101,0,0,240,101,0,0,252,
|
||||
101,0,0,4,102,0,0,12,102,0,0,24,102,0,0,36,102,0,0,48,102,0,0,60,102,0,0,72,
|
||||
102,0,0,0,0,0,0,0,0,0,0,92,98,0,0,120,98,0,0,144,98,0,0,164,98,0,0,196,98,0,
|
||||
0,228,98,0,0,244,98,0,0,8,99,0,0,28,99,0,0,60,99,0,0,76,99,0,0,96,99,0,0,124,
|
||||
99,0,0,144,99,0,0,0,0,0,0,0,0,0,0,176,99,0,0,192,99,0,0,212,99,0,0,228,99,0,
|
||||
0,248,99,0,0,8,100,0,0,32,100,0,0,48,100,0,0,68,100,0,0,88,100,0,0,112,100,0,
|
||||
0,132,100,0,0,156,100,0,0,172,100,0,0,196,100,0,0,212,100,0,0,224,100,0,0,
|
||||
240,100,0,0,8,101,0,0,40,101,0,0,60,101,0,0,88,101,0,0,0,0,0,0,0,0,0,0,100,
|
||||
101,0,0,0,0,0,0,0,0,0,0,112,101,0,0,128,101,0,0,144,101,0,0,160,101,0,0,180,
|
||||
101,0,0,192,101,0,0,200,101,0,0,212,101,0,0,224,101,0,0,240,101,0,0,252,101,
|
||||
0,0,4,102,0,0,12,102,0,0,24,102,0,0,36,102,0,0,48,102,0,0,60,102,0,0,72,102,
|
||||
0,0,0,0,0,0,26,0,65,108,108,111,99,97,116,101,65,110,100,73,110,105,116,105,
|
||||
97,108,105,122,101,83,105,100,0,0,86,0,67,114,101,97,116,101,80,114,111,99,
|
||||
101,115,115,65,115,85,115,101,114,65,0,0,140,0,68,117,112,108,105,99,97,116,
|
||||
101,84,111,107,101,110,69,120,0,0,251,0,73,109,112,101,114,115,111,110,97,
|
||||
116,101,78,97,109,101,100,80,105,112,101,67,108,105,101,110,116,0,0,0,0,254,
|
||||
0,73,110,105,116,105,97,108,105,122,101,83,101,99,117,114,105,116,121,68,101,
|
||||
115,99,114,105,112,116,111,114,0,0,12,1,76,111,103,111,110,85,115,101,114,65,
|
||||
0,0,0,0,101,1,79,112,101,110,80,114,111,99,101,115,115,84,111,107,101,110,0,
|
||||
0,106,1,79,112,101,110,84,104,114,101,97,100,84,111,107,101,110,0,0,0,183,1,
|
||||
82,101,103,105,115,116,101,114,83,101,114,118,105,99,101,67,116,114,108,72,
|
||||
97,110,100,108,101,114,65,0,0,0,193,1,82,101,118,101,114,116,84,111,83,101,
|
||||
108,102,0,0,197,1,83,101,116,69,110,116,114,105,101,115,73,110,65,99,108,65,
|
||||
0,0,211,1,83,101,116,83,101,99,117,114,105,116,121,68,101,115,99,114,105,112,
|
||||
116,111,114,68,97,99,108,0,221,1,83,101,116,83,101,114,118,105,99,101,83,116,
|
||||
97,116,117,115,0,0,227,1,83,116,97,114,116,83,101,114,118,105,99,101,67,116,
|
||||
114,108,68,105,115,112,97,116,99,104,101,114,65,0,0,0,38,0,67,108,111,115,
|
||||
101,72,97,110,100,108,101,0,0,0,46,0,67,111,110,110,101,99,116,78,97,109,101,
|
||||
100,80,105,112,101,0,0,64,0,67,114,101,97,116,101,69,118,101,110,116,65,0,0,
|
||||
81,0,67,114,101,97,116,101,78,97,109,101,100,80,105,112,101,65,0,0,90,0,67,
|
||||
114,101,97,116,101,84,104,114,101,97,100,0,0,117,0,68,105,115,99,111,110,110,
|
||||
101,99,116,78,97,109,101,100,80,105,112,101,0,0,0,155,0,69,120,105,116,80,
|
||||
114,111,99,101,115,115,0,0,0,203,0,70,108,117,115,104,70,105,108,101,66,117,
|
||||
102,102,101,114,115,0,0,25,1,71,101,116,67,117,114,114,101,110,116,80,114,
|
||||
111,99,101,115,115,0,26,1,71,101,116,67,117,114,114,101,110,116,80,114,111,
|
||||
99,101,115,115,73,100,0,0,0,27,1,71,101,116,67,117,114,114,101,110,116,84,
|
||||
104,114,101,97,100,0,0,48,1,71,101,116,69,120,105,116,67,111,100,101,80,114,
|
||||
111,99,101,115,115,0,0,0,0,67,1,71,101,116,76,97,115,116,69,114,114,111,114,
|
||||
0,0,94,1,71,101,116,79,118,101,114,108,97,112,112,101,100,82,101,115,117,108,
|
||||
116,0,0,0,16,2,76,111,99,97,108,65,108,108,111,99,0,0,0,0,101,2,82,101,97,
|
||||
100,70,105,108,101,0,0,122,2,82,101,115,101,116,69,118,101,110,116,0,0,0,0,
|
||||
194,2,83,101,116,72,97,110,100,108,101,73,110,102,111,114,109,97,116,105,111,
|
||||
110,0,0,223,2,83,101,116,85,110,104,97,110,100,108,101,100,69,120,99,101,112,
|
||||
116,105,111,110,70,105,108,116,101,114,0,0,0,243,2,84,101,114,109,105,110,97,
|
||||
116,101,80,114,111,99,101,115,115,0,0,35,3,87,97,105,116,70,111,114,77,117,
|
||||
108,116,105,112,108,101,79,98,106,101,99,116,115,0,0,0,0,54,3,87,114,105,116,
|
||||
101,70,105,108,101,0,84,0,95,115,116,114,100,117,112,0,0,0,39,0,95,95,103,
|
||||
101,116,109,97,105,110,97,114,103,115,0,60,0,95,95,112,95,95,101,110,118,105,
|
||||
114,111,110,0,0,62,0,95,95,112,95,95,102,109,111,100,101,0,0,0,0,80,0,95,95,
|
||||
115,101,116,95,97,112,112,95,116,121,112,101,0,0,0,0,121,0,95,99,101,120,105,
|
||||
116,0,0,0,0,233,0,95,105,111,98,0,0,94,1,95,111,110,101,120,105,116,0,0,0,
|
||||
132,1,95,115,101,116,109,111,100,101,0,0,189,1,95,118,115,110,112,114,105,
|
||||
110,116,102,0,0,0,0,28,2,97,116,101,120,105,116,0,0,0,0,30,2,97,116,111,105,
|
||||
0,0,63,2,102,114,101,101,0,0,114,2,109,97,108,108,111,99,0,0,0,0,122,2,109,
|
||||
101,109,115,101,116,0,0,0,0,144,2,115,105,103,110,97,108,0,0,0,0,147,2,115,
|
||||
112,114,105,110,116,102,0,0,0,152,2,115,116,114,99,104,114,0,0,0,0,166,2,115,
|
||||
116,114,115,116,114,0,0,0,0,0,96,0,0,0,96,0,0,0,96,0,0,0,96,0,0,0,96,0,0,0,
|
||||
96,0,0,0,96,0,0,0,96,0,0,0,96,0,0,0,96,0,0,0,96,0,0,0,96,0,0,0,96,0,0,0,96,0,
|
||||
0,65,68,86,65,80,73,51,50,46,68,76,76,0,0,0,0,20,96,0,0,20,96,0,0,20,96,0,0,
|
||||
20,96,0,0,20,96,0,0,20,96,0,0,20,96,0,0,20,96,0,0,20,96,0,0,20,96,0,0,20,96,
|
||||
0,0,20,96,0,0,20,96,0,0,20,96,0,0,20,96,0,0,20,96,0,0,20,96,0,0,20,96,0,0,20,
|
||||
96,0,0,20,96,0,0,20,96,0,0,20,96,0,0,75,69,82,78,69,76,51,50,46,100,108,108,
|
||||
0,0,0,0,40,96,0,0,109,115,118,99,114,116,46,100,108,108,0,0,60,96,0,0,60,96,
|
||||
0,0,60,96,0,0,60,96,0,0,60,96,0,0,60,96,0,0,60,96,0,0,60,96,0,0,60,96,0,0,60,
|
||||
96,0,0,60,96,0,0,60,96,0,0,60,96,0,0,60,96,0,0,60,96,0,0,60,96,0,0,60,96,0,0,
|
||||
60,96,0,0,109,115,118,99,114,116,46,100,108,108,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,
|
||||
};
|
||||
Reference in New Issue
Block a user