Lapho ngolunye usuku umphathi ephakamisa lo mbuzo: “Kungani abanye abantu bekwazi ukufinyelela ikhompuyutha yomsebenzi bekude, ngaphandle kokuthola izimvume ezengeziwe zokusebenzisa?”
Umsebenzi uvela "ukuvala" i-lophole.
Kunenqwaba yezinhlelo zokusebenza zokulawula okukude kunethiwekhi: Ideskithophu ekude ye-Chrome, i-AmmyAdmin, i-LiteManager, i-TeamViewer, i-Anyplace Control, njll. Uma ideskithophu ekude ye-Chrome inebhukwana elisemthethweni lokulwa nokufinyelela kusevisi, i-TeamViewer inemikhawulo yelayisensi ngesikhathi noma izicelo. kusukela kunethiwekhi kanye nabasebenzisi “bagaye amazinyo” ngandlela thize “bacwebezele” nabaphathi, bese intandokazi yabaningi iyisebenzisele umuntu siqu - i-AnyDesk isadinga ukunakwa okukhethekile, ikakhulukazi uma umphathi ethi “Cha!”
Uma wazi ukuthi ukuvimba iphakethe lenethiwekhi ngokuqukethwe kwalo kuyini futhi wanelisekile ngakho, khona-ke konke okunye
okungahlosiwe kwakho.
Ukuzama ukusuka kokuphambene, empeleni isho okufanele kuvunyelwe ukuze uhlelo lusebenze; ngokufanelekile, irekhodi le-DNS livinjiwe *.net.anydesk.com. Kepha i-AnyDesk ayilula; ayinandaba nokuvimba igama lesizinda.
Ngesinye isikhathi, ngaxazulula inkinga yokuvimbela "I-Anyplace Control", eyafika kithi nesofthiwe engabazekayo, futhi yaxazululwa ngokuvimbela ama-IP ambalwa nje (ngasekela i-antivirus). Inkinga nge-AnyDesk, ngemuva kokuthi ngiqoqe amakheli e-IP angaphezu kweshumi nambili, wangisiza suka emsebenzini wezandla ojwayelekile.
Kuphinde kwatholakala ukuthi ku-“C:ProgramDataAnyDesk” kunenani lamafayela anezilungiselelo, njll., kanye nasefayelini i-ad_svc.trace Imicimbi emayelana nokuxhumana nokwehluleka kuyaqoqwa.
1. Ukubuka
Njengoba sekushiwo kakade, ukuvimbela *.anydesk.com akuzange kunikeze imiphumela ekusebenzeni kohlelo, kwanqunywa ukuba kuhlaziywe. ukuziphatha kohlelo ezimweni ezicindezelayo. TCPBuka kusuka Sysinternals ezandleni zakho uhambe!
1.1. Kungabonakala ukuthi izinqubo eziningana ezithandekayo kithi "zilenga", futhi yilowo kuphela oxhumana nekheli kusuka ngaphandle okuthakazelisayo kithi. Amachweba lapho ixhuma khona akhethiwe, kusukela kulokho engikubonile: 80, 443, 6568. 🙂 Ngeke neze sivimbe i-80 ne-443.
1.2. Ngemva kokuvimba ikheli nge-router, elinye ikheli likhethwa buthule.
1.3. I-console YONKE INTO yethu! Sinquma i-PID ngase ngiba nenhlanhla encane ukuthi i-AnyDesk ifakwe yisevisi, ngakho i-PID ebesiyifuna bekuyiyona yodwa.
1.4. Sinquma ikheli le-IP leseva yesevisi kusukela kunqubo ye-PID.
2. Ukulungiselela
Njengoba uhlelo lokuhlonza amakheli e-IP cishe luzosebenza kuphela ku-PC yami, anginayo imingcele ekululameni nasekuvilaphani, ngakho-ke C#.
2.1. Zonke izindlela zokuhlonza ikheli le-IP elidingekayo sezaziwa kakade, kusamele zisetshenziswe.
string pid1_;//узнаем PID сервиса AnyDesk
using (var p = new Process())
{p.StartInfo.FileName = "cmd.exe";
p.StartInfo.Arguments = " /c "tasklist.exe /fi "imagename eq AnyDesk.exe" /NH /FO CsV | findstr "Services""";
p.StartInfo.UseShellExecute = false;
p.StartInfo.RedirectStandardOutput = true;
p.StartInfo.CreateNoWindow = true;
p.StartInfo.StandardOutputEncoding = Encoding.GetEncoding("CP866");
p.Start();
string output = p.StandardOutput.ReadToEnd();
string[] pid1 = output.Split(',');//переводим ответ в массив
pid1_ = pid1[1].Replace(""", "");//берем 2й элемент без кавычек
}Ngokufanayo, sithola isevisi eyasungula uxhumano, ngizonikeza umugqa oyinhloko kuphela
p.StartInfo.Arguments = "/c " netstat -n -o | findstr /I " + pid1_ + " | findstr "ESTABLISHED""";Umphumela uzoba:
Kusukela kumugqa, ngokufanayo nesinyathelo sangaphambilini, khipha ikholomu yesi-3 bese ususa yonke into ngemva kokuthi “:”. Ngenxa yalokho, sine-IP yethu esiyifunayo.
2.2. Ukuvinjwa kwe-IP ku-Windows. Uma i-Linux ine-Blackhole nama-iptables, khona-ke indlela yokuvimba ikheli le-IP kulayini owodwa, ngaphandle kokusebenzisa i-firewall, ku-Windows yaba engavamile,
kodwa yimaphi amathuluzi ayekhona...
route add наш_найденный_IP_адрес mask 255.255.255.255 10.113.113.113 if 1 -pIpharamitha engukhiye "uma 1" thumela umzila ku-Loopback (Ungabonisa izixhumanisi ezitholakalayo ngokusebenzisa ukuphrinta komzila). FUTHI KUBALULEKILE! Manje uhlelo ludinga ukwethulwa ngamalungelo omlawuli, njengoba ukushintsha umzila kudinga ukuphakama.
2.3. Ukubonisa nokulondoloza amakheli e-IP ahlonziwe kuwumsebenzi omncane futhi awudingi incazelo. Uma ucabanga ngakho, ungakwazi ukucubungula ifayela i-ad_svc.trace I-AnyDesk ngokwayo, kodwa angizange ngicabange ngayo ngaso leso sikhathi + mhlawumbe kukhona umkhawulo kuyo.
2.4. Ukuziphatha okungajwayelekile okungalingani kohlelo ukuthi lapho "i-taskkilling" inqubo yesevisi ku-Windows 10, iqala kabusha ngokuzenzakalelayo, ku-Windows 8 iyaphela, ishiya kuphela inqubo ye-console futhi ngaphandle kokuxhuma kabusha, ngokuvamile akunangqondo futhi lokhu akulungile.
Ukususa inqubo exhumeke kuseva kukuvumela ukuthi "uphoqelele" ukuxhuma kabusha ekhelini elilandelayo. Yenziwa ngendlela efanayo nemiyalo edlule, ngakho-ke ngizokunikeza nje:
p.StartInfo.Arguments = "/c taskkill /PID " + pid1_ + " /F";Ukwengeza, vula uhlelo lwe-AnyDesk.
//запускаем программу которая расположена по пути path_pro
if (File.Exists(path_pro)){
Process p1 = Process.Start(path_pro);}2.5. Sizohlola isimo se-AnyDesk kanye ngomzuzu (noma kaningi?), futhi uma ixhunyiwe, i.e. uxhumano LUSENZIWE - vimba le-IP, futhi uphinde futhi - linda ize ixhume, vimba bese ulinda.
3. Ukuhlasela
Ikhodi "yadwetshwa" futhi kwanqunywa ukuthi kubonwe ngeso lengqondo inqubo "+" khombisa i-IP etholakele nevinjiwe, futhi "."-phinda isheke ngaphandle kokuxhumeka komakhelwane okuphumelelayo kusuka ku-AnyDesk.
→
Ngenxa yalokho…
Uhlelo lusebenze kumakhompuyutha amaningana ane-Windows OS ehlukile, enezinguqulo ze-AnyDesk 5 kanye ne-6. Ukuphindaphinda okungaphezu kuka-500, amakheli angaba ngu-80 aqoqwa. Ku-2500 - 87 nokunye ...
Ngokuhamba kwesikhathi, inani lama-IP avinjiwe lafinyelela ku-100+.
Xhuma kokugcina ifayela lombhalo namakheli: и
Kwenziwe! Inqwaba yamakheli e-IP yengezwe emithethweni yomzila oyinhloko ngombhalo futhi i-AnyDesk ayikwazi nje ukudala uxhumano lwangaphandle.
Kukhona iphuzu elingavamile, kusukela emigodini yokuqala kuyacaca ukuthi ikheli lihilelekile ekudlulisweni kolwazi boot-01.net.anydesk.com. Yebo, sivimbe bonke abasingathi be-*.net.anydesk.com njengomthetho ojwayelekile, kodwa akuyona into exakile leyo. Isikhathi ngasinye nge-ping evamile evela kumakhompyutha ahlukene, leli gama lesizinda linikeza i-IP ehlukile. Ukuhlola ku-Linux:
host boot-01.net.anydesk.com
njenge-DNSLookup banikeza ikheli le-IP elilodwa kuphela, kodwa leli kheli liyahlukahluka. Uma sihlaziya uxhumano lwe-TCPView, sibuyiselwa amarekhodi e-PTR amakheli e-IP ohlobo i-relay-*.net.anydesk.com.
Ngokwethiyori: njengoba i-ping kwesinye isikhathi iya kumsingathi ongavinjiwe ongaziwa boot-01.net.anydesk.com singathola lawa ma-ips futhi siwavimbe, senze lokhu kuqaliswa kube iskripthi esivamile ngaphansi kwe-Linux OS, lapha asikho isidingo sokufaka i-AnyDesk. Ukuhlaziya kubonise ukuthi lawa ma-IP ngokuvamile "nqamula"nalabo abatholakala ohlwini lwethu. Mhlawumbe yilo msingathi kuphela lapho uhlelo luxhumeka kuye ngaphambi kokuthi luqale "ukuxazulula" ama-IP aziwayo. Mhlawumbe kamuva ngizofaka isihloko ngengxenye yesi-2 yokusesha komsingathi, nakuba okwamanje Uhlelo ngokwalo alufaki ngaphakathi kwenethiwekhi yangaphandle ukujoyina ngokuvamile.
Ngethemba ukuthi awubonanga lutho olungekho emthethweni kulokhu okungenhla, futhi abadali be-AnyDesk bazophatha izenzo zami ngendlela efana neyomdlalo.
Source: www.habr.com