最近由于项目需要,需要做一个rdp文件上成,然后可以直接连远程桌面的功能,在度娘和谷叔搜索一番,所得甚少。闲话少说,来点干货:
看看系统给提供的是啥样的
我们要关心得是 用户名和密码,其他参数可以慢慢了解,可是这个密码是怎么加密的呢?
使用的是一个win32里面一个叫crypt32.dll的CryptProtectData方法,好了,关键的时候来咯~~~~
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)] internal struct DATA_BLOB { public int cbData; public IntPtr pbData; } [StructLayout(LayoutKind.Sequential, CharSet = CharSet.Unicode)] internal struct CRYPTPROTECT_PROMPTSTRUCT { public int cbSize; public int dwPromptFlags; public IntPtr hwndApp; public string szPrompt; } [DllImport("crypt32.dll", CharSet = CharSet.Unicode, SetLastError = true)] private static extern bool CryptProtectData(ref DATA_BLOB pDataIn, string szDataDescr, ref DATA_BLOB pOptionalEntropy, IntPtr pvReserved, ref CRYPTPROTECT_PROMPTSTRUCT pPromptStruct, int dwFlags, ref DATA_BLOB pDataOut);
引用一下win32程序为我们生成密码。
1 private static string Encrypt(string password) 2 { 3 byte[] bytes = Encoding.Unicode.GetBytes(password); 4 DATA_BLOB dATA_BLOB = default(DATA_BLOB); 5 DATA_BLOB dATA_BLOB2 = default(DATA_BLOB); 6 DATA_BLOB dATA_BLOB3 = default(DATA_BLOB); 7 dATA_BLOB.cbData = bytes.Length; 8 dATA_BLOB.pbData = Marshal.AllocHGlobal(bytes.Length); 9 Marshal.Copy(bytes, 0, dATA_BLOB.pbData, bytes.Length); 10 dATA_BLOB3.cbData = 0; 11 dATA_BLOB3.pbData = IntPtr.Zero; 12 dATA_BLOB2.cbData = 0; 13 dATA_BLOB2.pbData = IntPtr.Zero; 14 CRYPTPROTECT_PROMPTSTRUCT cRYPTPROTECT_PROMPTSTRUCT = new CRYPTPROTECT_PROMPTSTRUCT 15 { 16 cbSize = Marshal.SizeOf(typeof(CRYPTPROTECT_PROMPTSTRUCT)), 17 dwPromptFlags = 0, 18 hwndApp = IntPtr.Zero, 19 szPrompt = null 20 }; 21 if (CryptProtectData(ref dATA_BLOB, "psw", ref dATA_BLOB3, IntPtr.Zero, ref cRYPTPROTECT_PROMPTSTRUCT, 1, ref dATA_BLOB2)) 22 { 23 if (IntPtr.Zero != dATA_BLOB.pbData) 24 { 25 Marshal.FreeHGlobal(dATA_BLOB.pbData); 26 } 27 if (IntPtr.Zero != dATA_BLOB3.pbData) 28 { 29 Marshal.FreeHGlobal(dATA_BLOB3.pbData); 30 } 31 byte[] array = new byte[dATA_BLOB2.cbData]; 32 Marshal.Copy(dATA_BLOB2.pbData, array, 0, dATA_BLOB2.cbData); 33 return BitConverter.ToString(array).Replace("-", string.Empty); 34 } 35 return string.Empty; 36 37 }
有密码了,替换掉开始另存为的文件里的密码,我们自己的rdp文件就有咯!
附一个文件内容方法
private static void rdpProfile(string filename, string address, string username, string password, string colordepth) { if (File.Exists(filename)) { File.Delete(filename); } using (StreamWriter streamWriter = new StreamWriter(filename, true)) { streamWriter.WriteLine("screen mode id:i:2"); streamWriter.WriteLine("desktopi:0"); streamWriter.WriteLine("desktopheight:i:0"); streamWriter.WriteLine("session bpp:i:" + colordepth); streamWriter.WriteLine("winposstr:s:0,1,0,0,1234,792"); streamWriter.WriteLine("compression:i:1"); streamWriter.WriteLine("keyboardhook:i:2"); streamWriter.WriteLine("audiocapturemode:i:0"); streamWriter.WriteLine("videoplaybackmode:i:1"); streamWriter.WriteLine("connection type:i:6"); streamWriter.WriteLine("displayconnectionbar:i:1"); streamWriter.WriteLine("disable wallpaper:i:1"); streamWriter.WriteLine("allow font smoothing:i:1"); streamWriter.WriteLine("allow desktop composition:i:1"); streamWriter.WriteLine("disable full window drag:i:1"); streamWriter.WriteLine("disable menu anims:i:1"); streamWriter.WriteLine("disable themes:i:1"); streamWriter.WriteLine("disable cursor setting:i:0"); streamWriter.WriteLine("bitmapcachepersistenable:i:0"); streamWriter.WriteLine("full address:s:" + address); streamWriter.WriteLine("audiomode:i:0"); streamWriter.WriteLine("redirectprinters:i:0"); streamWriter.WriteLine("redirectcomports:i:0"); streamWriter.WriteLine("redirectsmartcards:i:0"); streamWriter.WriteLine("redirectclipboard:i:1"); streamWriter.WriteLine("redirectposdevices:i:0"); streamWriter.WriteLine("redirectdirectx:i:1"); streamWriter.WriteLine("drivestoredirect:s:"); streamWriter.WriteLine("autoreconnection enabled:i:1"); streamWriter.WriteLine("authentication level:i:2"); streamWriter.WriteLine("prompt for credentials:i:0"); streamWriter.WriteLine("negotiate security layer:i:1"); streamWriter.WriteLine("remoteapplicationmode:i:0"); streamWriter.WriteLine("alternate shell:s:"); streamWriter.WriteLine("shell working directory:s:"); streamWriter.WriteLine("gatewayhostname:s:"); streamWriter.WriteLine("gatewayusagemethod:i:4"); streamWriter.WriteLine("gatewaycredentialssource:i:4"); streamWriter.WriteLine("gatewayprofileusagemethod:i:0"); streamWriter.WriteLine("promptcredentialonce:i:1"); streamWriter.WriteLine("use redirection server name:i:0"); streamWriter.WriteLine("use multimon:i:0"); if (!string.IsNullOrEmpty(username)) { streamWriter.WriteLine("username:s:" + username); } if (!string.IsNullOrEmpty(password)) { streamWriter.WriteLine("password 51:b:" + password); } } }