管道 简介与简单使用

时间:2021-03-18 20:44:51

什么是管道

百度百科-命名管道

通过管道控制cmd

思路大概是创建两根管道替换掉被调用程序(cmd)的标准输入和输出,控制程序在A管道中写如数据,让被调用程序从A管道管道中读入数据,而被调用程序的输出数据输出到B管道*控制程序读入。

此处有图

创建管道

    SECURITY_ATTRIBUTES sa = { 0 };
    sa.nLength = sizeof(sa);
    sa.lpSecurityDescriptor = NULL;
    sa.bInheritHandle = TRUE;
    
    HANDLE rh1, wh1, rh2, wh2;
    if (!CreatePipe(&rh1, &wh1, &sa, 1024)) {//outputpipe
        return false;
    }
    if (!CreatePipe(&rh2, &wh2, &sa, 1024)) {//input pipe
        return false;
    }
    (*readH) = rh1;
    (*writeH) = wh2;
//Creates an anonymous pipe, and returns handles to the read and write ends of the pipe.
BOOL WINAPI CreatePipe(
  _Out_    PHANDLE               hReadPipe,
  _Out_    PHANDLE               hWritePipe,
  _In_opt_ LPSECURITY_ATTRIBUTES lpPipeAttributes,
  _In_     DWORD                 nSize
);

创建进程并替换输入输出

修改si.hStdInput和si.hStdOutput

    STARTUPINFOA  si;
    memset(&si, 0, sizeof(si));
    si.dwFlags = STARTF_USESHOWWINDOW | STARTF_USESTDHANDLES;
    si.wShowWindow = SW_HIDE;
    si.hStdInput = rh2;//rh2
    si.hStdOutput = wh1;//wh1
    si.hStdError = wh1;
    if (!CreateProcessWithDllA(NULL, "C:\\Users\\hasee\\Desktop\\tellnet\\telnet.exe", NULL, NULL, TRUE, NORMAL_PRIORITY_CLASS|CREATE_NEW_CONSOLE, NULL, NULL, &si, pi)) {
        cout << "CreateProcess error!" << endl;
        return false;

通过管道控制

    //write pipe
    WriteFile(writeH, cmd, n2*2, &n, NULL);
    //read pipe
    PeekNamedPipe(readH, NULL, 0, NULL, &n, NULL);
    ReadFile(readH, output, length, &n, NULL);

这样就可以通过控制程序控制cmd。