aspia

C#系列

FLTK

使用fltk做轻量UI

mpeg

golang开发的节点VPN使用其中的p2p代码

QT

https://www.qt.io/download-qt-installer

https://d13lb3tujbc8s0.cloudfront.net/onlineinstallers/qt-unified-linux-x64-4.4.1-online.run

  • https://github.com/probonopd/linuxdeployqt 这个 Linux 部署工具linuxdeployqt将应用程序作为输入,并通过将应用程序使用的资源(如库、图形和插件)复制到包中来使其自包含。生成的包可以作为 AppDir 或AppImage分发给用户,也可以放入交叉分发包中。它可以用作构建过程的一部分,用于部署用 C、C++ 和其他编译语言编写的应用程序,系统包括CMakeqmakemake. 在基于 Qt 的应用程序上使用时,它可以捆绑运行应用程序所需的特定 Qt 最小子集。

  • https://github.com/feiyangqingyun Qt 案例,使用QT做UI

rustdesk

stun

webrtc

  • 这个的实现方式就有很多种了,无疑借用浏览器的方式是最快捷的。

python开发远程控制

  • 屏幕共享和控制

  • python 网络库

  • Python p2p libraries and frameworks 内网穿透相关库

    https://blog.rfox.eu/en/Explorations/Python_p2p_libraries_and_frameworks.html#:~:text=PyP2P%20is%20a%20simplified%20networking,on%20writing%20your%20application%20code.

    • PyP2P

      https://github.com/StorjOld/pyp2p

      PyP2P is a simplified networking library for building peer-to-peer networks in Python. The library is designed to solve the pain of finding nodes and bypassing NATs so you can focus on writing your application code.

      • Automated port forwarding with UPnP and NATPMP

      • Support for TCP hole punching / simultaneous open

      • Reverse connect (tell a node to connect to you)

      • Fail-safe proxying (planned feature)

      • Python 2 (tested on 2.7 - experimental) & 3 (tested on 3.3)

      • Linux and Windows - yep

      Somehow related to Storj.

    • py-libp2p

      https://github.com/libp2p/py-libp2p

      Peer-to-peer networking stack (used by IPFS and others).

      The one-liner pitch is that libp2p is a modular system of protocols, specifications, and libraries that enable the development of peer-to-peer network applications.

    • py-ipv8

      https://github.com/tribler/py-ipv8/

      What is IPv8 ?

      IPv8 aims to provide authenticated communication with privacy. The design principle is to enable communication between public key pairs: IP addresses and physical network attachment points are abstracted away. This Python 2/3 package is an amalgamation of peer-to-peer communication functionality from Dispersy and Tribler, developed over the last 13 years by students and employees of the Delft University of Technology. The IPv8 library allows you to easily create network overlays on which to build your own applications.

      IPv8 Objectives

      • Authentication. We offer mutual authentication using strong cryptography. During an IPv8 communication session, both parties can be sure of the other party’s identity. IPv8 users are identified by their public key. The initial key exchange is designed so that secrets are never transmitted across the Internet, not even in encrypted form. We use a standard challenge/response protocol with protection against spoofing, man-in-the-middle, and replay attacks.

      • Privacy. IPv8 is specifically designed for strong privacy protection and end-to-end encryption with perfect forward secrecy. We enhanced the industry standard onion routing protocol, Tor, for usage in a trustless environment (e.g. no trusted central directory servers).

      • No infrastructure dependency. Everybody is equal in the world of IPv8. No central web server, discovery server, or support foundation is needed.

      • Universal connectivity. IPv8 can establish direct communication in difficult network situations. This includes connecting people behind a NAT or firewall. IPv8 includes a single simple and effective NAT traversal technique: UDP hole-punching. This is essential when offering privacy without infrastructure and consumer-grade donated resources.

      • Trust. You can enhance your security if you tell IPv8 which people you know and trust. It tries to build a web-of-trust automatically.

    • p2p-python

      https://github.com/namuyan/p2p-python

      I seek a library that can make a simple P2P network. This library enables you create P2P application.

      Specification

      • Asynchronous IO

      • Pure Python code

      • TCP and UDP connection

      • Automatic network build

      • Python 3.6+

    • Zyre

      https://github.com/zeromq/zyre

      Zyre provides reliable group messaging over local area networks.

    • devp2p / ethereum

      https://github.com/ethereum/devp2p

      https://github.com/ethereum/trinity

      Client for the ethereum network.

      Doesn’t seem to be easily use-able for standalone projects.

    • pydevp2p

      https://github.com/ethereum/pydevp2p

      Old library for lowlevel ethereum p2p.

      pydevp2p is the Python implementation of the RLPx network layer. RLPx provides a general-purpose transport and interface for applications to communicate via a p2p network. The first version is geared towards building a robust transport, well-formed network, and software interface in order to provide infrastructure which meets the requirements of distributed or decentralized applications such as Ethereum. Encryption is employed to provide better privacy and integrity than would be provided by a cleartext implementation.

    • Tandem

      https://github.com/typeintandem/tandem

      Tandem is a decentralized, collaborative text-editing solution. Tandem works with native text editors, works across different editors, and uses peer-to-peer connections to facilitate communication.

      Tandem exists as a set of plugins for native text editors. We currently support Sublime Text 3 and Neovim. We also unofficially support Vim.

      Collaborating is as easy as installing the plugin on your editor and creating a Tandem Session. Invite other people to your session, and get typing in tandem!

    • Dispersy

      https://github.com/Tribler/dispersy

      The elastic database system. A database designed for P2P-like scenarios, where potentially millions of computers send database updates around.

      The Distributed Permission System, or Dispersy, is a platform to simplify the design of distributed communities. At the heart of Dispersy lies a simple identity and message handling system where each community and each user is uniquely and securely identified using elliptic curve cryptography.

    • Banyan

      https://github.com/OpenWeavers/banyan

      Banyan is a simple peer to peer application protocol for File Sharing over LAN.

      The workflow is organized as follows

      1. Initialization - Peer Starts up with a friendly name, which is visible on local network

      2. Peer Discovery - Peer Sends a broadcast to all other hosts in local network. Other peers will respond to it.

      3. Synchronization - Peer Receives file list from all other Peers

      4. Transfer - Peer can receive file from any other Peer

    • Peerstack

      https://github.com/e9k/peerstack

      Python Peer-to-Peer Framework.

    wireguard

  • https://en.wikipedia.org/wiki/WireGuard

  • https://github.com/WireGuard/wireguard-windows/tree/master

  • https://github.com/tailscale/tailscale

  • https://tunsafe.com/

Connection ApplicationsFreeLANFreeS/WANLibreswann2nOpenConnectOpenIKEDOpenswanOpenVPNSocial VPNSoftEther VPNstrongSwantcpcrypttincVTunWireGuardShadowsocks

n2n

https://github.com/ntop/n2n

SoftEther_VPN

A small C library for building user interfaces with C, XML and CSS.

LCUI 的 windows 平台后端有两个,一个是基于传统的 Win32 API,一个是基于 UWP 的 C++ API ,而 linux 的后端也有两个:framebuffer 和 x11

lcui.org

https://github.com/lc-soft/LCUI

https://gitee.com/lc-soft/LCUI

https://lcui.lc-soft.io/

https://github.com/andlabs/libui

GLFW https://www.glfw.org/

很多库都是基于此库进行开发的

coturn编译

https://www.g2.com/

https://logicalread.com/teamviewer-alternatives/#.YXyiSLozZdM

www.solarwinds.com 安装包下载:https://sw1.solarwinds.com/NTY0LVZGUi0wMDgAAAGAbdeNGq4vhMR3aDijxEy870pesOYWDS8aCQPNgU8p3cyR8KDVZ_bEgNr2QVykqRMxowp4lJ8=

百度网盘》000远程控制项目》DameWareRS-St-v12.2-Eval

2021-2027中国远程桌面和屏幕共享软件市场现状及未来发展趋势

https://zhuanlan.zhihu.com/p/393570440

1
2
The future development trend of remote desktop
远程桌面市场现状及未来发展趋

开源远程协助:https://alternativeto.net/software/teamviewer/?license=opensource

https://www.remoteutilities.com/download/

;

国际协议追踪器

https://datatracker.ietf.org/

源码

awesome

【C++ GUI】
https://github.com/fffaraz/awesome-cpp#gui

【C# GUI】
https://github.com/quozd/awesome-dotnet#gui

【Java GUI】
https://github.com/akullpp/awesome-java#gui

【Golang GUI】
https://github.com/avelino/awesome-go#gui

【Python GUI】
https://github.com/vinta/awesome-python#gui-development

【Rust GUI】
https://github.com/rust-unofficial/awesome-rust#gui

excel view

spreadsheet qt
unvell.ReoGrid c#

FlexCell Grid Control http://www.grid2000.com/

vsFlexGrid

js在线Excel
‌Jspreadsheet
‌x-spreadsheet
‌sheetjs
‌luckysheet
‌x-sheet
‌exceljs
‌libxlsxwriter.github.io
‌DataGear

轻量ide

‌codelite https://github.com/eranif/codelite
‌IDE Spyder https://blog.csdn.net/jhsxy2005/article/details/113058953
‌liteide LiteIDE https://github.com/visualfc/liteide

https://blog.csdn.net/constantin_/article/details/79672349
https://www.kdevelop.org/
http://anjuta.org/

记事本
https://github.com/notepad-plus-plus/notepad-plus-plus
https://github.com/dail8859/NotepadNext

框架
https://api.kde.org/frameworks/index.html kde框架

编程语言
https://www.b4x.com/b4j.html

ConnectWise Control 的完整服务器安装,其中包括客户端组件。移动客户端可以从相应的应用程序商店下载。

ConnectWise Control Support 提供全面的有人值守的远程控制功能,使技术人员能够随时随地直接通过他们的设备为客户提供直接、快速的服务。他们可以迅速提供帮助台式服务,包括现场和即时中断/修复服务,加快故障单解决速度并让客户更快地恢复工作。

系统要求的重要变化

ConnectWise Control将于 2021 年 12 月 31 日终止对 Linux 主机服务器的支持 ,并在2022年6 月 6 日之前履行维护协议 合作伙伴将需要迁移到 Windows Server 或迁移到 Control Cloud。要开始此过程,请通过controlsales@connectwise.com联系我们的控制销售团队, 因为您可能有资格享受折扣。如果您有任何其他问题,请参阅 常见问题解答页面

虽然对 Linux 主机服务器的支持将被弃用,但请注意 Linux 主机和来宾客户端的可支持性不会发生变化;ConnectWise 团队将继续支持他们前进。如果您使用 Linux 连接到机器或连接到 Linux 机器,这些仍将受到支持。

ConnectWise 控制支持兼容性

提供无缝的客户和员工远程访问功能。ConnectWise Control Support 兼容并优化了几乎所有当前的操作系统、浏览器和移动设备,使您能够与几乎任何端点建立单点登录、超级安全的远程连接,以控制、管理、监控和维修计算机、移动设备、服务器等。

https://control.connectwise.com/support/features/compatibility[
远程支持](https://control.connectwise.com/support/features/remote-support)

从任何地方查看和控制设备。
无人值守访问

连接并支持无人值守的机器。
远程会议

与来自多个地点的无限参与者进行交流。

可配置性

让技术人员轻松提供远程控制的支持——您可以配置和自定义主机页面、主机客户端和访客客户端上的几乎每个选项以满足您的需求。

定制

通过为 ConnectWise Control Support 软件加上数百种外观选项的白标,在每次客户支持互动中展示您的品牌。

关于license

https://docs.connectwise.com/ConnectWise_Control_Documentation/On-premises/On-premises_licensing?_ga=2.92055514.1100023075.1635500336-1683057055.1635237939

更改访问的中继地址

https://docs.connectwise.com/ConnectWise_Control_Documentation/On-premises/Advanced_setup/Change_the_relay_address_for_access_agents

访问代理使用特定地址回叫您的 ConnectWise Control® 服务器。此“中继”地址由您构建安装程序时服务器的 URL 确定。在某些情况下,例如将 ConnectWise Control 安装移动到新服务器,您会希望代理使用不同的中继地址或不同的端口号。本文将解释如何为您现有的代理切换中继地址。

构建访问代理安装程序

https://docs.connectwise.com/ConnectWise_Control_Documentation/Get_started/Host_page/Build_an_access_agent_installer

ConnectWise Control® 访问会话是持久的或“永久的”会话,需要在远程机器上构建和安装代理。如果主机经常连接到机器或服务器,则访问会话可能比临时支持会话更有用。Access 安装程序可用于在同一操作系统的多台计算机上安装代理。本文将解释如何构建访问安装程序。

软件-杀毒白名单备案

360https://open.soft.360.cn/

国家计算机病毒应急处理中心http://www.antivirus-china.org.cn/

http://www.cverc.org.cn/

https://www.cnaac.org.cn/

软件-数字签名申请

https://www.wosign.com/Products/WoSign_CodeSigning_Individuals.htm

https://blog.csdn.net/weixin_31955925/article/details/112572315?utm_medium=distribute.pc_relevant.none-task-blog-2~default~baidujs_title~default-0.no_search_link&spm=1001.2101.3001.4242.1

https://www.itrus.cn/

代码签名证书

代码签名证书(Code Signing Certificate)是提供给软件开发者,对其开发的可执行脚本、软件代码和内容进行数字签名的数字证书。代码签名证书用于验证开发者身份真实性、保护代码的完整性。用户下载软件时,能通过数字签名验证软件来源可信,确认软件、代码没有被非法篡改或植入病毒,保护用户不会被病毒、恶意代码和间谍软件所侵害,也保护了软件开发者的利益,让软件能在互联网上快速安全地发布。

*代码签名证书又被称为数字签名证书。VeriSign代码签名证书就是您软件代码的有效身份证!全球数十家安全防护软件开发商均支持VeriSign代码签名证书***。使用VeriSign代码签名证书,并提交签名到各安全防护软件开发商,即可免费获得软件安全认证,获得代码免杀特权(国内的金山、360、瑞星、江民均支持VeriSign代码签名免杀特权申请。)!无需经过繁琐的源代码安全认证,有效保护源码安全,缩短软件发行周期,提升客户体验,轻松获取第三方机构认证。
IE、Firefox、NetScape、Safari、Opera、Chrome浏览器扩展程序均支持VeriSign数字签名。Java 运行环境(JDK1.4.2 +)支持,兼容jdk1.4.2以上所有版本j2se安全应用,J2me签名兼容全球最多移动终端。申请VeriSign代码签名证书,您还可以使用VeriSign CodeSigning ID快速创建微软徽标认证账户

自制软件签名

https://blog.csdn.net/Zlirving_/article/details/114139739

在线查杀

https://www.virustotal.com/

C#

远程桌面,PC屏幕共享软件原型

https://github.com/jasonpang/RemoteDesktop

注意: 我一直在收到有关该项目的电子邮件(从来没有人希望看到它),但是它不起作用-请参阅remote-desktop.readthedocs.org上的文档。尽管可能会有点慢,但该项目可以在其当前状态下成功构建并运行。(2014年11月4日)

注意: 该项目相当古老且过时。我最近写了一个更小巧的版本,演示了基本用法,如果您仅对屏幕捕获功能感兴趣,则可以在Windows 8 / 8.1上使用。该项目为ScreenShare。Screenshare和RemoteDesktop之间的重要区别:RemoteDesktop已实现UDP穿孔。ScreenShare并非仅在本地工作。RemoteDesktop使用镜像驱动程序进行屏幕捕获;ScreenShare不使用Windows 8 / 8.1中可用的本机Windows桌面复制API。(2015年8月20日)

标语

查看朋友的屏幕并控制他的键盘和鼠标。`RemoteDesktop’通过其他工具(例如,远程文件管理器,注册表编辑器和聊天)为您带来了远程计算机。

旧网站

http://novarat.sourceforge.net/

屏幕截图

img

img

img

img

img

RDPCOMAPI 远程控制就是内存有点大 100MB 和任务管理器无法控制

https://blog.csdn.net/wochendaixin/article/details/78465095

https://www.cnblogs.com/mobwiz/p/remote_desktop_share.html
https://www.haolizi.net/example/view_95862.html
https://docs.microsoft.com/zh-cn/previous-versions/windows/desktop/rdp/rdpsession
https://social.msdn.microsoft.com/Forums/vstudio/en-US/f63b8fc1-2c8c-49dd-b508-70eef0ed8cbf/rdpcomapi-in-vs2015-c-on-windows-81-and-10?forum=csharpgeneral
https://techcommunity.microsoft.com/t5/microsoft-security-and/writing-a-desktop-sharing-application/ba-p/246500

https://www.codenong.com/24824324/

https://docs.microsoft.com/zh-cn/windows/win32/api/rdpencomapi/nf-rdpencomapi-irdpsrapisharingsession-connecttoclient?redirectedfrom=MSDN

https://docs.microsoft.com/zh-cn/previous-versions/windows/desktop/rdp/rdp-portal?redirectedfrom=MSDN

MirrInst DFMirage

Удаленный рабочий стол (RDP). WPF (MVVM).

调用Windows api 进行屏幕共享RDPSession

http://www.devowl.net/2017/12/rdp-wpf-mvvm-rdpviewer.html

https://github.com/devowl/remotedesktopterminalservice

https://docs.microsoft.com/en-us/previous-versions/windows/desktop/rdp/rdpsession?redirectedfrom=MSDN

18 декабря 2017 г.

Удаленный рабочий стол (RDP). WPF (MVVM).

Скачать исходный код можно по ссылке:

https://bitbucket.org/sergey_vaulin/remotedesktopterminalservice/src

[Ссылка] Скомпилированная версия.

Если у вас когда либо вставал вопрос о том, как реализовать в вашем приложении демонстрацию удаленного рабочего стола другого клиента, то скорее всего вам известны описанные ниже варианта:

  1. Делать скриншот на одной стороне, затем пересылать на сторону получателя и отображать на форме.
  2. Найти C# обёртки и реализации работы с VNC протоколом, который используется в opensource проекте UltraVNC.
  3. Использование Windows Desktop Sharing в вашем приложении.

Сразу оговорюсь, что тут рассматривается схема, при которой запуск и остановку серверной части и демонстрация на другой стороне, осуществляется в прикладном коде нашего приложения.

(Пункт 1)
Использование скриншотов является самой простой в реализации, но достаточно трудоемкой операцией. Найденные примеры захвата снимка экрана и его обработка будет намного “тяжелее”, чем используя обычный терминал удаленного рабочего стола. Попробуйте в Realtime поделать хотя бы 10 скриншотов и заметите, что ваше приложение будет активно отбирать ресурсы CPU. Да, сейчас компьютеры достаточно мощные и ваш компьютер может это не чувствовать, но клиенты могу сидеть и на Athlon II, имея загрузку в 30% процессорного времени, что неприемлемо. Выходом может стать нарезка скриншотов используя видео захват с дисплея через DirectX, но решения для copy+paste у меня нет.

(Пункт 2)
UltraVNC достаточно известное кросс платформенное приложение для демонстрации и управлением экраном. Находил обертки для .NET, поэтому, если все плохо, то можно посмотреть в эту сторону. Как мне известно, принцип работы VNC основан на захвате скриншотов клиента, и для того, что бы производить видео захват с дисплея, они используют свой драйвер, аккуратно подгружаемый при демонстрации. При этом сам драйвер идёт как отдельный устанавливаемый пакет и может быть скачан отдельно (искать UltraVNC Driver).

(Пункт 3)
Ну и наконец самый, но мой взгляд, простой способ реализовать демонстрацию удаленного экрана это использование нативного API под названием Windows Desktop Sharing (RDP). Используется стандартный механизм терминала удаленного рабочего стола, но в отличии от обычного подключения, удаленный компьютер не блокируется, как при терминале, и вы можете как в Teamviewer пользоваться одной мышкой и видеть экран одновременно. Далее я перечислю возможности, доступные при работе с Windows Desktop Sharing в формате плюсы и минусы:

Плюсы:

  • Демонстрацию удаленного экрана пользователя.
  • Подключение больше одного человека (код примера надо немного доработать).
  • Можно настраивать уровень взаимодействия для каждого подключающегося человека. Допустим одному дать полный доступ к управление, другому только для просмотра. За это отвечает CTRL_LEVEL выбор уровня.
  • Мы можем в любой момент отключить пользователя, или приостановить показ.
  • Самой интересной особенностью считаю возможность “Фильтрации списка окон”. Таким образом мы можем дать возможность видеть только то, что мы хотим показать, скрывая остальные окна.
  • Можно обеспечивать как прямое подключение клиента к серверу, так и сервера к клиенту. Тем самым можно решить проблему с NAT, инициируя подключение с другой стороны подсети.
  • Для авторизации можно использовать схему с логином и паролем.
  • Отображение идёт через ActiveX оснастку, которую можно разместить как на WPF, так и на WinForm.
  • Проекты можно без потери функциональности конвертировать под работы с .NET Framework 3.5.

Минусы:

  • Поддержка идет только начиная с Windows Vista.

Демонстрация работы описанного ниже функционала.

Перед тем, как изучать сказанное, логично увидеть результат работы. Поэтому я представлю два варианта подключения:

  1. Показ полного рабочего стола.
  2. Показ только тех окон, которые мы хотим показать. В моем случае я буду показывать только окно приложения

Внимание! Возможен еще вариант отображения определенного статического региона экрана, но я не добавлял этот функционал.

- Полный рабочий стол:

img

- Отображение конкретного окна:

img

Как с этом работать?

Всё API у Windows Desktop Sharing находится в библиотеке “C:\Windows\System32\RdpEncom.dll“. Серверный хостинг осуществляется через RDPSession класс:

img

Для демонстрации стоит использовать IRDPSRAPIViewer, который представляет из себя ActiveX оснастку:

img

Поэтому, для того, что бы нам извлечь обертку для последующего использования, нам понадобится воспользоваться утилитой Aximp.exe (Windows Forms ActiveX Control Importer), которая извлекает AcitveX обертку (так же мы можем добавлять ActiveX control в Visual Studio Toolbox). К сожалению, сама утилита не входит в комплект поставки Visual Studio, но присутствует в Windows SDKs, поэтому, ради нее, придется поставить SDK. Версия не должна влияет, поэтому после того как установка завершится, переходите в папку “*C:\Program Files (x86)\Microsoft SDKs\Windows*“ и поиском находите этот файл.

img

Наконец то можно создать недостающие классы обертки и приступить к работе:

img

Команда “AxImp.exe C:\Windows\System32\rdpencom.dll“ создала два файла:

  1. AxRDPCOMAPILib.dll

  2. RDPCOMAPILib.dll

Которые можно без проблем добавить в ваш проект и начать работу с RDP API.

В AxRDPCOMAPILib.dll содержатся:

  • _IRDPSessionEvents
  • AxRDPViewer

В RDPCOMAPILib.dll содержатся:

  • *RDPSession*
  • IRDPSRAPIApplication
  • _IRDPSessionEvents
  • IRDPSRAPIApplicationFilter
  • IRDPSRAPIApplicationList
  • IRDPSRAPIAttendee
  • IRDPSRAPIAttendeeDisconnectInfo
  • IRDPSRAPIAttendeeManager
  • IRDPSRAPIInvitation
  • IRDPSRAPIInvitationManager
  • IRDPSRAPISessionProperties
  • IRDPSRAPISharingSession
  • IRDPSRAPITcpConnectionInfo
  • IRDPSRAPIViewer
  • IRDPSRAPIVirtualChannel
  • IRDPSRAPIVirtualChannelManager
  • IRDPSRAPIWindow
  • IRDPSRAPIWindowList
  • А так же ClassInterface для каждого из интерфейсов выше.

Внимание! В этой схеме есть одно НО! Мы обязанный таскать с собой эти два файла, что, на мой взгляд, не очень удобно. А ведь в них содержатся только обертки для работы с Native API. Далее будет описано как избавить от них.

Архитектура модуля.

Теперь я хочу описать сделанный мной пример (ссылка на исходник в начале статьи), в котором я добавил некоторые упрощения для работы в WPF приложениях с шаблоном MVVM. Я постарался максимально отдалить вас от подготовки RDP описанной выше, доведя использование до простого размещения Control на форме и возможности сразу его использовать. А так же, что бы было еще быстрее понять как с ним работать, я разместил пример его использования.

Дерево иерархии:

img

Про все тонкости использования, и о том что где лежит, я напишу поподробнее:

Проект Rdp.Terminal.Core .

По сути является унифицированной сборкой, которую достаточно поместить в вашем решении.

  • Client\Controls\RemoteTerminal.xml - служит для демонстрации удаленного рабочего стола на стороне клиента
  • Server\RdpSessionServer.cs - содержит примитивные методы, для запуска серверной части.
  • WinApi - что бы избавиться от потребности таскать с собой AxRDPCOMAPILib.dll и RDPCOMAPILib.dll я декомпилятором извлек все обертки и разместил их в модуле в папке winapi.
  • WinApi\SupportUtils.cs содержит метод проверки поддержки текущей версии Windows на возможность использования RDP.

Проект Rdp.Demostration.

Демонстрационный проект, в котором можно узнать как работать с каждым из компонентов.

  • Prism - содержит нужные, для демонстрации использования MVVM шаблона, классы.
  • Views\MainWindow.xaml - главная View окна, выполняющая как роль серверной так и клиентской стороны.
  • ViewModels\MainWindowViewModel.cs - содержащая всю логику для работы со view MainWindow.xaml.
  • Свойство SmartSizing. Если его значение True, тогда удаленный экран будет полностью растянут под размер доступной области. Иначе если False, тогда появятся два бегунка и картинка будет видна полностью, без растягивания.

Внимание! Для работы с RemoteTerminal, содержащим AxRDPViewer, необходимо создать во ViewModel свойство с типом RdpManager и произвести привязку на свойство с таким же названием у RemoteTerminal **<controls:RemoteTerminal RdpManager=”{Binding RdpManager}” />.* После чего, во ViewModel, через это объект* *можно* управлять терминалом.

Процесс удаленного подключения.

При запуске сервера настраивается в каком режиме он будет запускать (с фильтрацией окон или без неё). Далее мы создаём так называемое “Приглашение” вызывая метод CreateInvitation. Оно представляет из себя XML, содержащий информацию доступных сетевых интерфейсах сервера, используемый порт для подключений, MAC и идентификатор зашифрованный паролем, который надо ввести клиенту. Вся эта информацию поможет клиентам с подключением, так как вам не потребуется выяснять какой точно интерфейс доступен клиенту. В случае, если сервер закрыт NAT, клиент может выступить в качестве сервера обратно подключения, но при этом демонстрацию будет осуществлять серверный компьютер. В ситуации, когда когда обе стороны разделяет NAT соединение невозможно.
После подключения модуля удаленного управление вам необходимо будет позаботиться о доставке строки подключения между клиентом и сервером.

Внимание! Не все методы имеются в RdpManager, поэтому в зависимости от потребности придётся их пробросить вам самим.

на 02:44

Отправить по электронной почтеНаписать об этом в блогеОпубликовать в TwitterОпубликовать в FacebookПоделиться в Pinterest

Ярлыки: RDP

chromium-build-windows

Get the code: check out, build, and run Chromium.

Chromium supports building on Windows, Mac and Linux host systems.

Linux is required for building Android, and a Mac is required for building iOS.

The process for building Chrome is generally the same on all platforms, but each platform has a few quirks. In order to keep you from having to jump all over the place, we have a self-contained page for each configuration you might want to build:

https://chromium.googlesource.com/chromium/src/+/master/docs/get_the_code.md

https://www.chromium.org/developers/how-tos/get-the-code

https://chromium.googlesource.com/chromium/src/+/master/docs/windows_build_instructions.md

https://www.chromium.org/getting-involved/download-chromium

webrtc-build-windows

https://webrtc.github.io/webrtc-org/native-code/native-apis/

https://webrtc.github.io/webrtc-org/native-code/development/

https://sourcey.com/articles/building-and-installing-webrtc-on-windows

https://webrtc.org/native-code/development/

https://webrtc.org/native-code/development/prerequisite-sw/

http://dev.chromium.org/developers/how-tos/install-depot-tools

https://chromium.googlesource.com/chromium/src/+/master/docs/windows_build_instructions.md

https://chromium.googlesource.com/chromium/src/+/master/tools/gn/docs/quick_start.md

https://blog.csdn.net/qq_34732729/article/details/105838929

https://blog.csdn.net/qq_34732729/article/details/105707104

https://blog.csdn.net/gupar/article/details/78565677

https://www.cnblogs.com/xl2432/p/13137531.html

webrtc所有平台下载编译步骤详细说明

1、安装depot tools

Windows
国外下载:https://storage.googleapis.com/chrome-infra/depot_tools.zip
下载完把压缩包解压,然后把解压目录加入PATH环境变量
Linux(Android)/Mac(IOS)
安装git
国外:git clone https://chromium.googlesource.com/chromium/tools/depot_tools.git
国内:git clone https://source.codeaurora.org/quic/lc/chromium/tools/depot_tools
把depot_tools目录加入

1
PATH:export PATH=`pwd`/depot_tools:"$PATH"

2.安装依赖软件

Windows
a、系统locale最好设置成English,就是控制面板里面的Region.
b、安装”Visual Studio 2015 Update 2“,其他版本都不受官方支持。
c、操作系统必须是Windows 7 x64及以上版本,x86操作系统都不支持。
d、安装VS2015时必须有下列组件:
•Visual C++, which will select three sub-categories including MFC
•Universal Windows Apps Development Tools > Tools
•Universal Windows Apps Development Tools > Windows 10 SDK (10.0.10586)
e、新开个cmd中运行set DEPOT_TOOLS_WIN_TOOLCHAIN=0,之后所以脚本都在这个cmd中运行
f、编译是用ninja而不是VS!
Linux:看后面
Android
安装Java OpenJDK:

1
2
3
4
5
6
7
$ sudo apt-get install openjdk-7-jdk
$ sudo update-alternatives --config javac
$ sudo update-alternatives --config java
$ sudo update-alternatives --config javaws
$ sudo update-alternatives --config javap
$ sudo update-alternatives --config jar
$ sudo update-alternatives --config jarsigner

Mac(IOS)
安装最新XCode

3.下源码

先创建目录

1
2
mkdir webrtc-checkout
cd webrtc-checkout

Windows

1
2
fetch --nohooks webrtc
gclient sync

Linux

1
2
3
4
export GYP_DEFINES="OS=linux"
fetch --nohooks webrtc_android
gclient sync
./build/install-build-deps.sh

Android

1
2
3
4
export GYP_DEFINES="OS=android"
fetch --nohooks webrtc_android
gclient sync
./build/install-build-deps.sh

Mac

1
2
3
export GYP_DEFINES="OS=mac"
fetch --nohooks webrtc_ios
gclient sync

IOS

1
2
3
export GYP_DEFINES="OS=ios"
fetch --nohooks webrtc_ios
gclient sync

4、生成ninja项目文件

Windows/Linux
方式一:使用gn生成:
生成debug版ninja项目文件:gn gen out/Default
生成release版ninja项目文件:gn gen out/Default --args='is_debug=false'
清空ninja项目文件:gn clean out/Default

方式二:使用gyp生成(已过期的方式,但是目前还可以用)
python webrtc/build/gyp_webrtc.py
Android
使用gn生成:gn gen out/Default --args='target_os="android" target_cpu="arm"'
生成ARM64版:gn gen out/Default --args='target_os="android" target_cpu="arm64"'
生成32位 x86版:gn gen out/Default --args='target_os="android" target_cpu="x86"'
生成64位 x64版:gn gen out/Default --args='target_os="android" target_cpu="x64"'
Mac:
使用gn生成:gn gen out/Debug-mac --args='target_os="mac" target_cpu="x64" is_component_build=false'
IOS
生成ARM版:gn gen out/Debug-device-arm32 --args='target_os="ios" target_cpu="arm" is_component_build=false'
生成ARM64版:gn gen out/Debug-device-arm64 --args='target_os="ios" target_cpu="arm64" is_component_build=false'
生成32位模拟器版:gn gen out/Debug-sim32 --args='target_os="ios" target_cpu="x86" is_component_build=false'
生成64位模拟器版:gn gen out/Debug-sim64 --args='target_os="ios" target_cpu="x64" is_component_build=false'

ios编译

1
2
3
4
5
6
7
#!/bin/sh
#armv32
gn gen out_ios32 --args='target_os="ios" target_cpu="arm" is_component_build=false' --ide=xcode
ninja -C out_ios32 AppRTCMobile
#armv64
gn gen out_ios64 --args='target_os="ios" target_cpu="arm64" is_component_build=false' --ide=xcode
ninja -C out_ios64 AppRTCMobile

mac编译

1
2
gn gen out/Debug --ide=xcode --args='is_debug=true' --mac_deployment_target=10.10 --rtc_include_tests=true
gn gen out/Release --ide=xcode --args='is_debug=false' --mac_deployment_target=10.10 --rtc_include_tests=true

拷贝

1
2
3
4
5
6
7
8
9
10
11
12
13
14
for i in `find /Users/zf/webrtc1128/webrtc-checkout/src/out_ios32 -name "lib*.a"`
do
echo $i
cp $i ./out_ios32/
done
libtool -static -v -o out_ios32/libwebrtc32.a out_ios32/*.a
strip -S -X out_ios32/libwebrtc32.a
for i in `find /Users/zf/webrtc1128/webrtc-checkout/src/out_ios64 -name "lib*.a"`
do
echo $i
cp $i ./out_ios64/
done
libtool -static -v -o out_ios64/libwebrtc64.a out_ios64/*.a
strip -S -X out_ios64/libwebrtc64.a

5.编译源码

Windows/Linux/Android/Mac/IOS:

1
ninja -C out/Default

好了,这样就编译出来所有相关的库和测试程序。
生成vs工程windows
1.生成VS项目文件

1
2
3
set DEPOT_TOOLS_WIN_TOOLCHAIN=0
set GYP_GENERATORS=msvs-ninja,ninja
set GYP_MSVS_VERSION=2015 (这里是2013会出现问题,生成的文件缺失很多)

生成VS2013项目文件(推荐使用)

1
gn gen out/Default –ide=vs2013

生成VS2015项目文件

1
2
gn gen out/Default –ide=vs2015
gn gen out/Default -ide=vs2015 --args="is_debug=true is_component_build=true target_cpu=\"x86\""

Chromoting

turn server open source code

https://github.com/coturn/coturn

编写构建说明

Chromoting,也称为Chrome远程桌面,可让您从Chromium浏览器中远程控制远程计算机。其源代码位于remoting/Chromium代码库的文件夹中。为简洁起见,我们假设您已经在开发计算机上安装了Chromium(或Chrome)的预构建副本。

内容

获取API密钥

在编译代码之前,您必须获取一个API密钥,以使其能够访问联合的Chrome远程桌面API。

  1. 加入chrome-dev列表,该列表可在https://groups.google.com/a/chromium.org/forum/#!forum/chromium-dev中找到。(必须执行此步骤才能访问Chromoting API。)

  2. 通过

    https://code.google.com/apis/console

    访问Google API控制台。

    1. 使用该API Project下拉列表使用您选择的名称创建一个新项目。
    2. 点击APIs & Auth > APIs
    3. 搜索Chrome Remote Desktop API
    4. 点击Chrome Remote Desktop API搜索结果。
    5. 点击Enable API
    6. 点击APIs & Auth > Credentials
    7. 点击Add Credentials
    8. 选择OAuth 2.0 client ID
    9. 选择Chrome App
    10. 在应用程序ID下,输入ljacajndfccfgnfohlgkdphmbnpkjflk

获取铬代码

如果您已经签出了浏览器代码库的副本,则可以跳过本节,尽管您仍然需要运行gclient runhooks以确保使用刚刚生成的API密钥进行构建。

  1. 安装构建依赖项
  2. 安装depot_tools实用程序,该过程在https://dev.chromium.org/developers/how-tos/install-depot-tools中记录
  3. 通过运行以下命令下载Chromium源代码: $ fetch chromium --nosvn=True

构建并安装Linux主机服务

如果要远程访问(基于Debian的)GNU / Linux主机,请按照以下步骤在该系统上编译和安装主机服务。从撰写本文时起,您必须从源代码进行编译,因为未分发任何官方二进制包。

  1. src/包含您检出Chromium代码的目录开始。

  2. 构建Chromoting主机二进制文件:

    1
    2
    $ autoninja - C输出/释放remoting_me2me_host remoting_start_host \
    remoting_native_messaging_host remoting_native_messaging_manifests

    autoninja是一个自动为传递给的参数提供最佳值的包装器ninja。)

  3. 构建完成后,移至安装程序目录: $ cd remoting/host/installer/

  4. 为系统的程序包管理器生成DEB程序包: $ linux/build-deb.sh

  5. 在系统上安装软件包: $ sudo dpkg -i *.deb

  6. 下次您从浏览器使用Chromoting扩展程序时,它将检测到主机服务的存在,并为您提供选项Enable remote connections

    1. 如果Web应用程序未正确检测到主机进程,则可能需要创建一个符号链接来帮助插件找到本机消息传递主机: $ sudo ln -s /etc/opt/chrome /etc/chromium

(注意:如果您从源代码编译主机服务并希望使用浏览器扩展对其进行配置,则还必须从源代码编译主机服务。否则,程序包签名密钥将不匹配,并且Web应用程序的OAuth2令牌在主机进程。)

生成并安装Chrome打包的应用

Web应用程序是Chromoting系统的主要用户界面,它使您可以连接到现有主机,并在当前所在的计算机上设置主机进程。构建完成后,必须将其作为扩展安装到浏览器中。

  1. src/包含您检出Chromium代码的目录开始。

  2. 构建浏览器扩展(请确保替换由斜括号表示的替换项):

    1
    2
    $ GOOGLE_CLIENT_ID_REMOTING_IDENTITY_API = <客户端ID > \
    autoninja - C out /发布remoting_webapp
  3. 将扩展程序安装到您的Chromium(或Chrome)浏览器中:

    1. 访问设置页面[ chrome:// extensions ]。
    2. 如果未选中,请选中该Developer mode框。
    3. 单击Load unpacked extension...,然后导航到out/Release/remoting/remoting.webapp.v2/代码签出内。
    4. 确认安装,打开一个新选项卡,然后单击新应用程序的Chromoting图标。
    5. 完成帐户授权步骤,如果尚未登录,请登录您的Google帐户。

编译并安装Android客户端

如果要使用Android设备连接到Chromoting主机,请按照以下步骤在其上安装客户端应用程序。请注意,这处于开发的早期阶段。在撰写本文时,由于未分发正式版本,因此您必须从源代码进行编译。

  1. 按照所有下的说明Getting the codeInstall prerequisites部分:https://www.chromium.org/developers/how-tos/android-build-instructions

  2. 移至src/包含您检出Chromium代码的目录。

  3. 构建Android应用程序: $ autoninja -C out/Release remoting_apk

  4. 连接设备并设置USB调试:

    1. 通过USB插入设备。

    2. 打开“设置”应用,然后寻找

      1
      Developer options

      选择。

      1. 如果没有这样的条目,请打开About phone,点击Build number7次,然后再次查看。
    3. 在下Developer options,将主开关切换至ON并启用USB debugging

  5. 在您的机器上并且仍在src/目录中,运行:$ build/android/adb_install_apk.py --apk=out/Release/apks/Chromoting.apk

  6. 如果您的Android设备提示您接受主机的密钥,请这样做。

  7. 现在,该应用程序应在您的应用程序抽屉中列为Chromoting。

请参阅[chromoting_android_hacking.md]指南,以获取有关查看Android应用程序日志和附加调试器的说明。

原文

Chromoting Build Instructions

Chromoting, also known as Chrome Remote Desktop, allows one to remotely control a distant machine, all from within the Chromium browser. Its source code is located in the remoting/ folder in the Chromium codebase. For the sake of brevity, we’ll assume that you already have a pre-built copy of Chromium (or Chrome) installed on your development computer.

Contents

Obtain API keys

Before you can compile the code, you must obtain an API key to allow it to access the federated Chrome Remote Desktop API.

  1. Join the chromium-dev list, which can be found at https://groups.google.com/a/chromium.org/forum/#!forum/chromium-dev. (This step is required in order to gain access to the Chromoting API.)

  2. Visit the Google APIs console at

    https://code.google.com/apis/console

    .

    1. Use the API Project dropdown to create a new project with a name of your choice.
    2. Click on APIs & Auth > APIs.
    3. Search for Chrome Remote Desktop API.
    4. Click on the Chrome Remote Desktop API search result.
    5. Click on Enable API.
    6. Click on APIs & Auth > Credentials.
    7. Click on Add Credentials.
    8. Choose OAuth 2.0 client ID.
    9. Choose Chrome App.
    10. Under application id, enter ljacajndfccfgnfohlgkdphmbnpkjflk.

Obtain Chromium code

If you‘ve already checked out a copy of the browser’s codebase, you can skip this section, although you’ll still need to run gclient runhooks to ensure you build using the API keys you just generated.

  1. Install the build dependencies.
  2. Install the depot_tools utilities, a process that is documented at https://dev.chromium.org/developers/how-tos/install-depot-tools.
  3. Download the Chromium source code by running: $ fetch chromium --nosvn=True

Build and install the Linux host service

If you want to remote into a (Debian-based) GNU/Linux host, follow these steps to compile and install the host service on that system. As of the time of writing, you must compile from source because no official binary package is being distributed.

  1. Start in the src/ directory that contains your checkout of the Chromium code.

  2. Build the Chromoting host binaries:

    1
    2
    $ autoninja -C out/Release remoting_me2me_host remoting_start_host \
    remoting_native_messaging_host remoting_native_messaging_manifests

    (autoninja is a wrapper that automatically provides optimal values for the arguments passed to ninja.)

  3. When the build finishes, move into the installer directory: $ cd remoting/host/installer/

  4. Generate a DEB package for your system’s package manager: $ linux/build-deb.sh

  5. Install the package on your system: $ sudo dpkg -i *.deb

  6. The next time you use the Chromoting extension from your browser, it should detect the presence of the host service and offer you the option to Enable remote connections.

    1. If the Web app doesn’t properly detect the host process, you may need to create a symlink to help the plugin find the native messaging host: $ sudo ln -s /etc/opt/chrome /etc/chromium

(NB: If you compile the host service from source and expect to configure it using the browser extension, you must also compile the latter from source. Otherwise, the package signing keys will not match and the Web app’s OAuth2 token will not be valid within the host process.)

Build and install the Chrome packaged app

The Web app is the Chromoting system‘s main user interface, and allows you to connect to existing hosts as well as set up the host process on the machine you’re currently sitting at. Once built, it must be installed into your browser as an extension.

  1. Start in the src/ directory that contains your checkout of the Chromium code.

  2. Build the browser extension (Be sure to replace the substitutions denoted by angled braces.):

    1
    2
    $ GOOGLE_CLIENT_ID_REMOTING_IDENTITY_API=<client id> \
    autoninja -C out/Release remoting_webapp
  3. Install the extension into your Chromium (or Chrome) browser:

    1. Visit the settings page [chrome://extensions].
    2. If it is unchecked, tick the Developer mode box.
    3. Click Load unpacked extension..., then navigate to out/Release/remoting/remoting.webapp.v2/ within your code checkout.
    4. Confirm the installation, open a new tab, and click the new app’s Chromoting icon.
    5. Complete the account authorization step, signing into your Google account if you weren’t already.

Build and install the Android client

If you want to use your Android device to connect to your Chromoting hosts, follow these steps to install the client app on it. Note that this is in the very early stages of development. At the time of writing, you must compile from source because no official version is being distributed.

  1. Follow all the instructions under the Getting the code and Install prerequisites sections of: https://www.chromium.org/developers/how-tos/android-build-instructions

  2. Move into the src/ directory that contains your checkout of the Chromium code.

  3. Build the Android app: $ autoninja -C out/Release remoting_apk

  4. Connect your device and set up USB debugging:

    1. Plug your device in via USB.

    2. Open the Settings app and look for the

      1
      Developer options

      choice.

      1. If there is no such entry, open About phone, tap Build number 7 times, and look again.
    3. Under Developer options, toggle the main switch to ON and enable USB debugging.

  5. On your machine and still in the src/ directory, run: $ build/android/adb_install_apk.py --apk=out/Release/apks/Chromoting.apk

  6. If your Android device prompts you to accept the host’s key, do so.

  7. The app should now be listed as Chromoting in your app drawer.

See the [chromoting_android_hacking.md] guide for instructions on viewing the Android app’s log and attaching a debugger.

https://developer.mozilla.org/en-US/docs/Web/API/WebRTC_API/Protocols

https://developer.mozilla.org/en-US/docs/Glossary/STUN

https://developer.mozilla.org/en-US/docs/Web/API/RTCIceServer

https://developer.mozilla.org/en-US/docs/Web/API/RTCIceServer/urls

webrtc

https://chromium.googlesource.com/external/webrtc.git

https://github.com/muaz-khan/RecordRTC

https://github.com/webrtc/samples/tree/gh-pages/src/content/getusermedia/getdisplaymedia

https://github.com/search?q=stunserver

https://github.com/coturn/coturn/wiki

Using webrtc to control desktop,Need to read webrtc source code,and coturn.

Does webrtc call chrome remoting?

use webrtc sdk

WebRTC is a free, open software project that provides browsers and mobile applications with Real-Time Communications (RTC) capabilities via simple APIs. The WebRTC components have been optimized to best serve this purpose.

Our mission: To enable rich, high-quality RTC applications to be developed for the browser, mobile platforms, and IoT devices, and allow them all to communicate via a common set of protocols.

The WebRTC initiative is a project supported by Google, Mozilla and Opera, amongst others.

Development

See here for instructions on how to get started developing with the native code.

Authoritative list of directories that contain the native API header files.

More info

Clone this repo:

git clone https://webrtc.googlesource.com/src

https://webrtc.googlesource.com/src/+/refs/heads/master/docs/native-code/development/index.md

WebRTC development

The currently supported platforms are Windows, Mac OS X, Linux, Android and iOS. See the Android and iOS pages for build instructions and example applications specific to these mobile platforms.

Before You Start

First, be sure to install the prerequisite software.

Getting the Code

For desktop development:

  1. Create a working directory, enter it, and run fetch webrtc:
1
2
3
4
$ mkdir webrtc-checkout
$ cd webrtc-checkout
$ fetch --nohooks webrtc
$ gclient sync

NOTICE: During your first sync, you’ll have to accept the license agreement of the Google Play Services SDK.

The checkout size is large due the use of the Chromium build toolchain and many dependencies. Estimated size:

  • Linux: 6.4 GB.
  • Linux (with Android): 16 GB (of which ~8 GB is Android SDK+NDK images).
  • Mac (with iOS support): 5.6GB
  1. Optionally you can specify how new branches should be tracked:
1
2
$ git config branch.autosetupmerge always
$ git config branch.autosetuprebase always
  1. Alternatively, you can create new local branches like this (recommended):
1
2
3
$ cd src
$ git checkout master
$ git new-branch your-branch-name

See the Android and iOS pages for separate instructions.

NOTICE: if you get Remote: Daily bandwidth rate limit exceeded for <ip>, make sure you’re logged in. The quota is much larger for logged in users.

Updating the Code

Update your current branch with:

1
2
3
4
5
$ git checkout master
$ git pull origin master
$ gclient sync
$ git checkout my-branch
$ git merge master

Building

Ninja is the default build system for all platforms.

See the Android and iOS pages for build instructions specific to those platforms.

Generating Ninja project files

Ninja project files are generated using GN. They’re put in a directory of your choice, like out/Debug or out/Release, but you can use any directory for keeping multiple configurations handy.

To generate project files using the defaults (Debug build), run (standing in the src/ directory of your checkout):

1
$ gn gen out/Default

To generate ninja project files for a Release build instead:

1
$ gn gen out/Default --args='is_debug=false'

To clean all build artifacts in a directory but leave the current GN configuration untouched (stored in the args.gn file), do:

1
$ gn clean out/Default

See the GN documentation for all available options. There are also more platform specific tips on the Android and iOS instructions.

Compiling

When you have Ninja project files generated (see previous section), compile (standing in src/) using:

For Ninja project files generated in out/Default:

1
$ ninja -C out/Default

Using Another Build System

Other build systems are not supported (and may fail), such as Visual Studio on Windows or Xcode on OSX. GN supports a hybrid approach of using Ninja for building, but Visual Studio/Xcode for editing and driving compilation.

To generate IDE project files, pass the --ide flag to the GN command. See the GN reference for more details on the supported IDEs.

Working with Release Branches

To see available release branches, run:

1
$ git branch -r

To create a local branch tracking a remote release branch (in this example, the branch corresponding to Chrome M80):

1
2
$ git checkout -b my_branch refs/remotes/branch-heads/3987
$ gclient sync

NOTICE: depot_tools are not tracked with your checkout, so it’s possible gclient sync will break on sufficiently old branches. In that case, you can try using an older depot_tools:

1
2
3
4
5
6
7
8
9
which gclient
$ # cd to depot_tools dir
$ # edit update_depot_tools; add an exit command at the top of the file
$ git log # find a hash close to the date when the branch happened
$ git checkout <hash>
$ cd ~/dev/webrtc/src
$ gclient sync
$ # When done, go back to depot_tools, git reset --hard, run gclient again and
$ # verify the current branch becomes REMOTE:origin/master

The above is untested and unsupported, but it might help.

Commit log for the branch: https://webrtc.googlesource.com/src/+log/branch-heads/3987 To browse it: https://webrtc.googlesource.com/src/+/branch-heads/3987

For more details, read Chromium’s Working with Branches and Working with Release Branches pages. To find the branch corresponding to a Chrome release check the [Chromium Dashboard][https://chromiumdash.appspot.com/branches].

Contributing Patches

Please see Contributing Fixes for information on how to run git cl upload, getting your patch reviewed, and getting it submitted. You can also find info on how to run trybots and applying for try rights.

Chromium Committers

Many WebRTC committers are also Chromium committers. To make sure to use the right account for pushing commits to WebRTC, use the user.email Git config setting. The recommended way is to have the chromium.org account set globally as described at the depot tools setup page and then set user.email locally for the WebRTC repos using (change to your webrtc.org address):

1
2
$ cd /path/to/webrtc/src
$ git config user.email yourname@webrtc.org

Example Applications

WebRTC contains several example applications, which can be found under src/webrtc/examples. Higher level applications are listed first.

Peerconnection

Peerconnection consist of two applications using the WebRTC Native APIs:

  • A server application, with target name peerconnection_server
  • A client application, with target name peerconnection_client (not currently supported on Mac/Android)

The client application has simple voice and video capabilities. The server enables client applications to initiate a call between clients by managing signaling messages generated by the clients.

Setting up P2P calls between peerconnection_clients

Start peerconnection_server. You should see the following message indicating that it is running:

1
Server listening on port 8888

Start any number of peerconnection_clients and connect them to the server. The client UI consists of a few parts:

Connecting to a server: When the application is started you must specify which machine (by IP address) the server application is running on. Once that is done you can press Connect or the return button.

Select a peer: Once successfully connected to a server, you can connect to a peer by double-clicking or select+press return on a peer’s name.

Video chat: When a peer has been successfully connected to, a video chat will be displayed in full window.

Ending chat session: Press Esc. You will now be back to selecting a peer.

Ending connection: Press Esc and you will now be able to select which server to connect to.

Testing peerconnection_server

Start an instance of peerconnection_server application.

Open src/webrtc/examples/peerconnection/server/server_test.html in your browser. Click Connect. Observe that the peerconnection_server announces your connection. Open one more tab using the same page. Connect it too (with a different name). It is now possible to exchange messages between the connected peers.

STUN Server

Target name stunserver. Implements the STUN protocol for Session Traversal Utilities for NAT as documented in RFC 5389.

TURN Server

Target name turnserver. Used for unit tests.

Powered by Gitiles| Privacy

===============

https://tools.ietf.org/html/rfc5389

Session Traversal Utilities for NAT (STUN)

https://tools.ietf.org/html/rfc3489

STUN - Simple Traversal of User Datagram Protocol (UDP)
Through Network Address Translators (NATs)

https://www.ietf.org/rfc/rfc908.txt

RDP Specification RFC-908

https://tools.ietf.org/rfc/rfc7869.txt

The “vnc” URI Scheme

https://www.jianshu.com/p/1eae1e68d5ed

基于 WebRTC 的 Android 设备屏幕分享

https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/

https://tx.ha666.com/src/content/peerconnection/trickle-ice/

sturn test online

Too many articles don’t paste here

===============

http://guacamole.apache.org/

Apache Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH.

We call it clientless because no plugins or client software are required.

Thanks to HTML5, once Guacamole is installed on a server, all you need to access your desktops is a web browser.

delphi

hidadmin

又一款俄罗斯大哥的远程控制工具,已经停止更新

http://hidadmin.delphisources.ru/

下载到的源码包有密码 ,暂时无法找到密码 Hidadmin

https://delphisources.ru/pages/programs/hidden_adm/download.html#

https://rmansys.ru/

已经停止开发,新版本为RMS

https://softomania.net/windows/1307-hidden-administrator.html

RUSTDESK

关键词:remote desktop software

使用https://sciter.com/ 做rust UI开发。当然也可以使用LCUI进行开发。

https://github.com/rustdesk/rustdesk/blob/master/README-ZH.md

远程桌面软件,开箱即用,无需任何配置,替代TeamViewer和AnyDesk。您完全掌控数据,不用担心安全问题。您可以使用我们的注册/中继服务器, 或者自己设置, 亦或者开发您的版本

https://github.com/YiannisBourkelis/Andama-Remote-Desktop

C++后门

https://github.com/hsluoyz/rmtsvc

WinPresenter

采用C#编写,调用RDPlib进行远程控制。

https://github.com/bogdandynamic/WinPresenter

https://github.com/wangh1978/WinPresenter

https://github.com/quasar/QuasarRAT
使用QuasarRAT控制核心进行优化SiMayRemoteMonitorOS

SiMayRemoteMonitorOS,具有中转服务,学习中转服务。

被控端,优化成C++编写。C#最好使用net2.0
linux被控端采用golang编写。

学习VNC源码
学习SiMayRemoteMonitorOS源码
学习QuasarRAT源码
学习ICanSeeYou源码

本地化控制端采用C#进行界面开发。

控制端,webH5界面开发,可在线进行远程控制。

中转服务器web界面开发,进行在线管理被控端信息。

ffmpeg 远程控制

https://github.com/screego/server

在web端使用html5访问远程桌面

https://gitee.com/supercherry/desktop

https://www.cnblogs.com/lanxiaoke/p/11721174.html

https://github.com/ginuerzh/gost

https://github.com/alongL/tcprelay

实现远程桌面的几种方式

https://github.com/search?p=2&q=remote+desktop++language%3AGo&type=Repositories

https://github.com/screego/server

https://github.com/search?p=2&q=screen+share+go&type=Repositories

https://github.com/fjp246810/share_screen/blob/main/main.go 这个会崩溃,需要修复一下

https://github.com/poi5305/go-yuv2webRTC

https://github.com/vova616/screenshot

https://github.com/kbinani/screenshot

https://github.com/rviscarra/webrtc-remote-screen Stream a remote desktop screen directly to your browser

https://github.com/DeshmukhPooja/webrtc-remote-desktop

https://github.com/gortc/stun

https://github.com/changkun/occamy

关键词:内网穿透

https://github.com/pibigstar/go-proxy

https://github.com/ls0f/gortcp

https://github.com/ehang-io/nps 一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发,可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面,内网dns解析、内网socks5代理等等……,并带有功能强大的web管理端。

https://github.com/chenjia404/p2ptunnel 一个基于p2p的tcp、udp内网穿透隧道工具

https://github.com/dxcweb/go-nat-hole 解决外网向内网p2p通信方案–NAT穿透。

https://github.com/Albert-Zhan/small-proxy Go实现的一个跨平台域名式访问内网穿透工具

https://github.com/ying32/rproxy 简单的反向代理用于内网穿透,支持HTTP/HTTPS转发

https://github.com/itchin/proxy Golang gRPC实现的轻量级HTTP内网穿透工具

https://github.com/Jinnrry/Mercurius 一个go写的内网穿透工具

https://github.com/snail007/goproxy Proxy是golang实现的高性能http,https,websocket,tcp,socks5代理服务器,支持内网穿透,链式代理,通讯加密,智能HTTP,SOCKS5代理,黑白名单,限速,限流量,限连接数,跨平台,KCP支持,认证API

https://github.com/qjw/proxy 简单的内网穿透工具

https://github.com/zanjie1999/tcp-over-websocket 将TCP放到WebSocket中传输(就能走CDN)基于ws的内网穿透 隧道代理 tcp2ws

https://github.com/kidbei/easy-tunnel 打洞工具,采用中继模式实现反向隧道内网穿透功能

https://github.com/ice-ice/dnstunnel dns tunnel backdoor DNS隧道后门

https://github.com/geziang/udpovertcp 多连接UDP转TCP隧道

https://github.com/tomasen/fast-table-tunnel fast-table-tunnel 是成对工作的TCP隧道工具。特点是高速、系统开销小的加密方式。

https://github.com/GZShi/net-agent 隧道代理工具

https://github.com/Samall009/go-ssh-proxy 利用go语言实现的ssh隧道代理

// C++编写的turn

https://github.com/coturn/coturn

// 中转服务器

https://github.com/pion/turn

https://github.com/gortc/gortcd

https://github.com/pion

The Open Source, Cross Platform Stack for Real-time Media and Data Communication.

  • 采用webrtc 进行远程控制(控制端在浏览器上面)
    • (后期完善P2P)
    • 完全通过浏览器进行抓屏也就是webrtc 抓屏,然后单独下载一个小插件进行控制键盘和鼠标。
    • 通过golang本地化webrtc抓屏,也有键鼠插件。这个可以注册成服务
  • 控制端在本地

键鼠控制

golang 桌面自动化。控制鼠标、键盘、位图、读取屏幕、窗口句柄和全局事件监听器。

https://github.com/go-vgo/robotgo

所有收集类项目

RAT

  • 250+ 开源远控/C&C工具,1200+ RAT分析报告\C&C相关文章等。
  • English Version

目录

开源工具


pupy

工具

  • [5265星][1m] [Py] n1nj4sec/pupy Python编写的远控、后渗透工具,跨平台(Windows, Linux, OSX, Android)

文章


Covenant

工具

  • [1147星][6d] [C#] cobbr/covenant Covenant is a collaborative .NET C2 framework for red teamers.
  • [95星][9d] [C#] cobbr/elite Elite is the client-side component of the Covenant project. Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers.
  • [31星][4m] [C#] cobbr/c2bridge C2Bridges allow developers to create new custom communication protocols and quickly utilize them within Covenant.

文章


Slackor

工具

文章


QuasarRAT

工具

文章


EvilOSX

工具

  • [1376星][2y] [Py] marten4n6/evilosx An evil RAT (Remote Administration Tool) for macOS / OS X.

文章


Merlin

工具

  • [2568星][6m] [Go] ne0nd0g/merlin Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

文章

商业软件


Team Viewer

工具

文章

恶意软件(部分)


Gh0st

工具

  • [301星][7d] [C++] yuanyuanxiang/simpleremoter 基于gh0st的远程控制器:实现了终端管理、进程管理、窗口管理、远程桌面、文件管理、语音管理、视频管理、服务管理、注册表管理等功能
  • [273星][7y] [C++] sin5678/gh0st a open source remote administrator tool
  • [91星][6y] [C++] igh0st/gh0st3.6_src
  • [90星][1m] [C++] zibility/remote 参考Gh0st源码,实现的一款PC远程协助软件,拥有远程Shell、文件管理、桌面管理、消息发送等功能。
  • [21星][5m] [C++] holmesian/gh0st-light 精简之后的老东西

文章


NanoCore

工具

文章


NjRat

工具

文章


Revenge RAT

工具

文章


PlugX

工具

文章


RemcosRAT


L0rdixRAT


LodaRAT


GulfRAT


NetWireRAT


JhoneRAT


Dacls


BlackRemote


Orcus


NukeSped


DarkComet


WarZone RAT


BlackShades


DenesRAT


WSH RAT


Qrypter RAT


Adwind


CannibalRAT


jRAT


jsRAT


CrossRat


ArmaRat


RokRAT


CatKARAT


TheFatRat


OmniRAT



其他

利用公开服务


Telegram

工具

文章


Twitter

工具

  • [658星][4y] [Py] paulsec/twittor A fully featured backdoor that uses Twitter as a C&C server
  • [186星][3y] [Go] petercunha/goat a trojan created in Go, using Twitter as a the C&C server

文章


GMail

工具

文章


Github

工具

文章


DropBox

工具

  • [134星][1y] [Py] 0x09al/dropboxc2c DropboxC2C is a post-exploitation agent which uses Dropbox Infrastructure for command and control operations.

文章


区块链

工具

  • [46星][1y] [Go] xpn/blockchainc2 A POC C2 server and agent to explore just if/how the Ethereum blockchain can be used for C2
  • [35星][3m] [Py] geek-repo/c2-blockchain This is a concept poc of command and control server implemented over blockchain

文章


其他

工具

  • [513星][1y] [Go] mthbernardes/gtrs 使用Google翻译器作为代理将任意命令发送到受感染的计算机
  • [102星][4m] [Py] nccgroup/gitpwnd 网络渗透测试工具,可使攻击者向被攻击机器发送命令,并使用 git repo 作为 C&C 传输层接收结果
  • [97星][2y] [Py] arno0x/webdavc2 A WebDAV PROPFIND C2 tool
  • [93星][2y] [PS] bkup/slackshell PowerShell to Slack C2
  • [84星][2y] [Go] 0x09al/browser-c2 Post Exploitation agent which uses a browser to do C2 operations.
  • [69星][13d] [Py] itskindred/redviper redViper is a proof of concept Command & Control framework that utilizes Reddit for communications.
  • [66星][2y] [Py] lukebaggett/google_socks A proof of concept demonstrating the use of Google Drive for command and control.
  • [29星][2y] [Py] ajinabraham/xenotix-xbot Xenotix xBOT is a Cross Platform PoC Bot that abuse certain Google Services to implement it’s C&C
  • [26星][3y] [Py] dsnezhkov/octohook Git Web Hook Tunnel for C2
  • [23星][10d] [PS] netspi/sqlc2 SQLC2 is a PowerShell script for deploying and managing a command and control system that uses SQL Server as both the control server and the agent.
  • [22星][2y] [Py] woj-ciech/social-media-c2 Script is a proof of concept how to control your machine by using social media sites.
  • [16星][10d] [Py] securemode/trelloc2 Simple C2 over the Trello API
  • [14星][1y] [Py] j3ssie/c2s Command and Control server on Slack
  • [8星][2y] [Py] maldevel/dicerosbicornis A fully featured Windows backdoor that uses email as a C&C server
  • [7星][3y] [Py] killswitch-gui/flask_appengine_redirector Google App Engine Flask C2 redirector

文章

通信协议


DNS协议

Domain Generation Algorithm(DGA)

工具

文章

工具

  • [1855星][8m] [C++] iagox86/dnscat2 在 DNS 协议上创建加密的 C&C channel
  • [832星][6d] [Go] bishopfox/sliver 一个通用的跨平台植入程序框架,该框架C3支持Mutual-TLS,HTTP(S)和DNS
  • [386星][4y] [Py] ahhh/reverse_dns_shell 使用DNS作为c2通道的python反向shell
  • [277星][1y] [Py] trycatchhcf/packetwhisper Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
  • [276星][4m] [Go] sensepost/godoh A DNS-over-HTTPS Command & Control Proof of Concept
  • [225星][2y] [PS] lukebaggett/dnscat2-powershell A Powershell client for dnscat2, an encrypted DNS command and control tool.
  • [176星][2y] [C++] 0x09al/dns-persist DNS-Persist is a post-exploitation agent which uses DNS for command and control.
  • [41星][2m] [Erlang] homas/ioc2rpz ioc2rpz is a place where threat intelligence meets DNS.
  • [38星][2m] [JS] inquest/threatkb Knowledge base workflow management for YARA rules and C2 artifacts (IP, DNS, SSL) (ALPHA STATE AT THE MOMENT)

文章


ICMP

文章


WebSocket

工具

  • [245星][2y] [Py] arno0x/wsc2 A WebSocket C2 Tool
  • [131星][9d] [C++] xorrior/raven CobaltStrike External C2 for Websockets

文章

C&C


Cobalt Strike

工具

文章


工具

新添加


文章

新添加

远控


工具

新添加

Windows

  • [610星][1y] [PS] fortynorthsecurity/wmimplant This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported is translated into a WMI-equivalent for use on a network/remote machine. WMImplant is WMI based.
  • [518星][8m] [Visual Basic .NET] nyan-x-cat/lime-rat LimeRAT | Simple, yet powerful remote administration tool for Windows (RAT)
  • [493星][6m] [Py] viralmaniar/powershell-rat Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
  • [360星][8d] [C#] nyan-x-cat/asyncrat-c-sharp Open-Source Remote Administration Tool For Windows C# (RAT)
  • [340星][3y] [Pascal] malwares/remote-access-trojan Windows Remote-Access-Trojan
  • [229星][4y] [Py] hood3drob1n/jsrat-py This is my implementation of JSRat.ps1 in Python so you can now run the attack server from any OS instead of being limited to a Windows OS with Powershell enabled.
  • [149星][4m] [Py] safebreach-labs/sireprat Remote Command Execution as SYSTEM on Windows IoT Core
  • [119星][11d] [C#] dannythesloth/vanillarat VanillaRat is an advanced remote administration tool completely coded in C# for Windows.
  • [117星][8d] [Py] thelinuxchoice/pyrat Windows远控
  • [106星][9m] [C#] r-smith/splice-admin A remote Windows administration tool. You know you want it.
  • [104星][2y] [Py] syss-research/outis a custom Remote Administration Tool (RAT) or something like that. It was build to support various transport methods (like DNS) and platforms (like Powershell).
  • [70星][3m] [PS] dsccommunity/certificatedsc DSC resources to simplify administration of certificates on a Windows Server.
  • [67星][4y] [C#] stphivos/rat-shell Windows Remote Access Trojan (RAT)
  • [39星][2m] [Py] swordf1sh/moderat Experimental Windows Remote Administration and Spy Tool in Python + GUI
  • [20星][1y] [Visual Basic] nyan-x-cat/asyncrat Remote Administration Tool For Windows
  • [17星][6m] [Py] operatorequals/smbrat A Windows Remote Administration Tool in Visual Basic with UNC paths
  • [16星][6m] [PS] yschgroup/skyrat SkyRAT - Powershell Remote Administration Tool

Linux

  • [131星][8m] [C] abhishekkr/n00brat 用于POSiX(Linux / Unix)系统的远程管理工具包(或Trojan),以Web服务方式运行
  • [68星][10m] [JS] webxscan/linux_rat LINUX集群控制(LINUX反弹式远控)
  • [51星][15d] [C] thibault-69/rat-hodin-v2.9 Remote Administration Tool for Linux
  • [20星][2m] [C] lillypad/swamp-rat A Linux RAT in C
  • [7星][5m] [C] ctsecurity/stealth-kid-rat Stealth Kid RAT (SKR) is an open source Linux remote administration tool written in C. Licensed under MIT. The SKR project is fully developed and tested on Debian GNU-Linux (Deb 9.3 “Stretch”) platform. The RAT will soon be available on Windows platform by mid 2018.

Apple

  • [430星][9d] [ObjC] sap/macos-enterprise-privileges For Mac users in an Enterprise environment this app ensures secure environment and yet gives the User control over administration of their machine by elevating their level of access to Administrator privilege on macOS X. Users can set the time frame using Preferences to perform specific tasks such as install or remove an application.
  • [75星][4y] [Pascal] xlinshan/coldroot Mac OS Trojan (RAT) made with love <3
  • [74星][1y] [Py] kdaoudieh/bella Bella is a pure python post-exploitation data mining tool & remote administration tool for macOS.
  • [21星][2m] [Py] cys3c/evilosx A pure python, post-exploitation, remote administration tool (RAT) for macOS / OS X.

Android


https://github.com/changkun/occamy

a modern remote desktop proxy written in Go

用Go编写的现代远程桌面代理

https://github.com/rviscarra/webrtc-remote-screen

https://viscarra.dev/post/webrtc-remote-screen/

将远程桌面屏幕直接流式传输到您的浏览器

远程协助

[TOC]

远程桌面应用程序 https://alternativeto.net/category/networking-and-admin/remote-desktop-access/

玉兔远程控制 IM

https://kanglin.github.io/RabbitRemoteControl/README_zh_CN.html

https://github.com/KangLin

免费远程支持软件的真实成本

https://www.beyondtrust.com/assets/documents/Cost_of_Free_2019_WEB.pdf

1
2
Free and basic remote support tools are everywhere, but they have very limited use cases that often don’t meet the needs of today’s highly networked and technology dependent companies. If you are trying to remote into your desktop for personal use, or running basic support for a very small company, a free support tool may be able to get the job done. But when these tools are being used for more complex support cases, or to support larger organizations, support may go awry. While basic remote access tools may work for minor issues, trying to stretch the capabilities of these tools comes at a cost. These costs come in all shapes and sizes. Some come in smaller amounts that are difficult to notice, such as loss of time or productivity. These are like your daily latte, which individually may not seem like a big expense, but when you look at it from a monthly view is a bigger chunk of change than you thought. And others are a big, red, alarming price tag such as dealing with the fallout of a security breach. It’s like if your furnace broke — it’s expensive, unexpected, and usually a huge pain with which to deal.
免费和基本的远程支持工具无处不在,但是它们的用例非常有限,通常无法满足当今高度网络化和技术依赖性公司的需求。如果您试图远程使用桌面以供个人使用,或者为一家非常小的公司提供基本支持,则免费的支持工具可能可以完成任务。但是,当这些工具用于更复杂的支持案例或支持更大的组织时,支持可能会出现问题。虽然基本的远程访问工具可能会解决一些小问题,但要扩展这些工具的功能却要付出一定的代价。这些成本有各种形状和大小。有些以较小的数量出现,例如时间或生产力的损失,这是很难注意到的。这些就像您的每日拿铁咖啡,虽然看起来似乎不算什么大笔开支,但是当您每月查看时,变化却比您想像的要大得多。其他则是一个巨大的,红色的,令人震惊的价格标签,例如处理安全漏洞的后果。就像您的熔炉坏了一样,它昂贵,出乎意料,并且通常会带来巨大的痛苦。
1
2
3
4
5
# 远程工具少及是多,借用beyondtrust 的言语。
When it comes to remote support tools, less truly is more.
Many IT service desk teams use a number of remote access tools to support their users. An audit of the remote support tools in your organization will likely reveal that different remote access products are being used for different support scenarios.

And while it's common for the service desk to make use of free remote support tools, they often have very limited use cases that don’t meet the needs of today’s highly networked and technology driven companies. Without a strategic long-term view, a multi-product patchwork of various tools is not only difficult to maintain, but also leads to inefficiency, extra expenses, and security risks.

???确定一下 chrome remoting 鼠标键盘是通过本地网页socket通讯的吗?

骚操作:借助国内各大IT厂商的直播&IM SDK 进行屏幕传输,将键鼠控制放在独立通道中。

殊归同途,这些技术实现,以及技术迭代,均表现在这些产品里面,有webrtc(也是骚操作),chrome remoting(使用的骚操作),vnc(比较传统),ffmpeg(和webrtc捕获屏幕截图类似)。无论是基于这些产品封装,还是找到代码底层实现方式,均可做做出自己的产品。

  • 第一版要以electron编写客户端(包含协助控制端),键鼠操控+数据透传。数据透传以狗洞进行透传。为了方便打洞代码的编写,键鼠控制+数据透传以golang进行开发。未来开源此版本。通过WebRTC+狗洞。(PC–Windows)与ttvnc类似,双端输入相同鉴权码就可链接。

  • 第二版基于chrome制作,与第一版类似,但是不用下载electron打包的程序,只需要下载键鼠控制即可。以C++进行编写键鼠控制,减少插件体积(插件与网页进行本地通讯)。通过WebRTC+strun。(PC–windows、Linux、mac)(更换了数据透传方式。)WEB以golang进行编写开发,模式1:被控端分享链接给控制端(有密码和无密码);模式2:控制端分享链接给被控端,进行下载插件,并控制。均为有人值守模式。只需要一方注册账号即可(后期可限制必须双方注册账号)。暂不提供无人值守方式,避免安全风险问题。

    ​ TeamViewer是一款C2C模式的远程控制软件,kingdesk第二代是B2B模式的远程控制软件。无需双方安装软件,仅安装2MB以下的键鼠控制插件(键鼠控制插件是本地与web通讯,且需要手动确认才可进行控制鼠标和键盘。)

    (双端均为WEB方式,必须打开网页才可使用,前期可不用注册账号。)

    付费项目

    • 屏幕录像审计,付费云端录像
    • 多端分享,查看和操作。付费。
    • 文件复制粘贴
    • 文件浏览
    • 客服坐席版
    • 私有化部署
    • 软件静默安装(方便集群部署企业各类软件)第三代更好做一点,第二代主要还是B2B方式。
    • …..mare
  • 第三版全新迭代,优化第二版,开源第一版代码。不再以webrtc进行直接封装,进行深度融合webrtc、chrome remoting、vnc、ffmpeg底层抓屏方式,封装自有C++SDK,优化strun提升打洞成功率,(PC–windows、Linux、mac),(mobile-安卓、苹果),(IOT-物联网)。被控端程序优化体积,减少空间使用。(控制端还是以chrome-web端方式为主)

  • 第四版,优化迭代第三版,控制端不再仅有web方式,将以C++为核心编写控制端SDK。实现跨平台多端控制。(学习向日葵)

通讯协议:websocket、sockets

控制端为WEB在线控制,可以使用electron进行封装控制端(但也是WEB在线),暂不提供单独控制端EXE。

被控端为C++小插件模式实现。(分为:1、单服务端。2、有界面客户端,直接与服务器进行通讯。3、依附与chrome,进行本地通讯。)

被控端SDK封装。

云端屏幕录像,操作审计,如同堡垒机 。说是远程控制,其实就是一个堡垒机系统,只不过服务端分散到各个地方,不像传统模式在一个机房里面。

免费版:为chrome-webrtc进行分享屏幕,下载小插件作为操控鼠标键盘等

开发语言》屏幕捕获》屏幕压缩传输》数据透传》键鼠控制

开发语言

开发语言问题:主要还是以C++为核心开发SDK,其他语言进行绑定开发。

为了干扰和搅浑整个市场,需要写各类语言的demo。C++最为成熟有很多代码;C#依附于微软也有自有解决方案;Java也有自己的特性;golang 也有自己的特性;其他语言还是以绑定为主(Python、rust、vlang、Delphi、vb等)

C#:https://github.com/NewLifeX/NewLife.Net 大石头的网络通讯库

以C++为核心(要跨平台),golang为辅助。

golang主要做服务端、web端的编写开发。

c++为屏幕获取、压缩传输、键鼠控制客户端等的编写开发。

学习chromium进行跨平台开发和编译。

PC(Windows、Linux、mac),手机端(安卓、苹果),iot物联网(树莓派等)

https://www.w3.org/TR/webrtc/

golang

screen sharing for developers https://github.com/screego/server

https://github.com/pion The Open Source, Cross Platform Stack for Real-time Media and Data Communication.

image-20210106111947658

C/C++

https://github.com/meetecho/janus-gateway Janus WebRTC服务器 janus.conf.meetecho.com

屏幕捕获方式

https://developer.chrome.com/docs/extensions/reference/desktopCapture/

Remote desktop control open source

Electron方式

适用于Mac OS的WebRTC屏幕共享电子应用程序(Alpha)

https://github.com/maxogden/screencat

直接封装

有webrtc(也是骚操作),chrome remoting(使用的骚操作),vnc(比较传统),ffmpeg(和webrtc捕获屏幕截图类似)

  • 1、安装有chrome内核的浏览器,借助webrtc 捕获屏幕,如同chrome remoting 一样下载一个小插件用于操作鼠标和键盘。
  • 2、安装有chrome内核的浏览器,找到chrome remoting api进行捕获屏幕(remoting Windows捕获屏幕的方式和webrtc不一样),如同chrome remoting 一样下载一个小插件用于操作鼠标和键盘。
  • 3、封装vnc(TightVNC )
  • 4、封装ffmpeg

合并底层代码

找到webrtc、chrome remoting、vnc、ffmpeg底层捕获屏幕方式。

屏幕传输压缩

https://zhuanlan.zhihu.com/p/22544282

  • vp8
  • vp9
  • h.264
  • h.265

数据透传

stunserver、狗洞、golang系列打洞。

第一种实现方式–端口转发

端口转发

端口转发这种方式有几种问题存在

  • 端口限制-总共65525个端口,这样只能同时承载6W个终端同时在线控制。
  • 安全性-端口转发为公网IP端口,大家都可以访问。

程序UI设计

A small C library for building user interfaces with C, XML and CSS.

LCUI 的 windows 平台后端有两个,一个是基于传统的 Win32 API,一个是基于 UWP 的 C++ API ,而 linux 的后端也有两个:framebuffer 和 x11

lcui.org

https://github.com/lc-soft/LCUI

https://gitee.com/lc-soft/LCUI

https://lcui.lc-soft.io/

https://github.com/andlabs/libui

GLFW https://www.glfw.org/

很多库都是基于此库进行开发的

http://gaclib.net/doc/current/gacui/running.html

https://github.com/vczh-libraries/Release

Nana a modern C++ GUI library

https://github.com/cnjinhao/nana

http://nanapro.org/zh-cn/

https://github.com/ocornut/imgui

golang GUI 部分就用github.com/sciter-sdk/go-sciter

https://github.com/andlabs/ui

https://github.com/AllenDang/giu

https://github.com/therecipe/qt/

https://github.com/search?q=UI+language%3AGo&type=Repositories&ref=advsearch&l=Go&l=

https://github.com/avelino/awesome-go#gui

1000+ Hand-Crafted Go Examples, Exercises, and Quizzes

https://github.com/inancgumus/learngo

跨平台:谷歌的经验更丰富

PC程序客户端:

  • QT
  • WPF
  • GTK
  • MFC/ATL
  • Duilib(xml)
  • electron-js

WEB端:

  • vue
  • React
  • wasm(更多是提升运行效率部分代码)

手机端:

  • dart
  • java原生
  • object原生
  • switch

#在线生成ssl证书

https://myssl.com/csr_create.html

openssl 生成自签证书及查看证书细节

转自: https://www.cnblogs.com/threegun/p/7130985.html

生成X509格式的CA自签名证书

1
# openssl req -new -x509 -keyout ca.key -out ca.crt 

生成服务端的私钥(key文件)及csr文件

1
2
# openssl genrsa -des3 -out server.key 1024 
# openssl req -new -key server.key -out server.csr

生成客户端的私钥(key文件)及csr文件

1
2
# openssl genrsa -des3 -out client.key 1024 
# openssl req -new -key client.key -out client.csr

用生成的CA的证书为刚才生成的server.csr,client.csr文件签名

1
2
# openssl ca -in server.csr -out server.crt -cert ca.crt -keyfile ca.key 
# openssl ca -in client.csr -out client.crt -cert ca.crt -keyfile ca.key

生成p12格式证书

1
2
# openssl pkcs12 -export -inkey client.key -in client.crt -out client.pfx 
# openssl pkcs12 -export -inkey server.key -in server.crt -out server.pfx

生成pem格式证书

有时需要用到pem格式的证书,可以用以下方式合并证书文件(crt)和私钥文件(key)来生成

1
2
# cat client.crt client.key> client.pem 
# cat server.crt server.key > server.pem

PFX文件转换为X509证书文件和RSA密钥文件

1
2
3
# openssl pkcs12 -in server.pfx -nodes -out server.pem 
# openssl rsa -in server.pem -out server2.key
# openssl x509 -in server.pem -out server2.crt

PEM–DER/CER(BASE64–DER编码的转换)

1
# openssl x509 -outform der -in server.pem -out server.cer

这样生成服务端证书:ca.crt, server.key, server.crt, server.pem, server.pfx,
客户端证书:ca.crt, client.key, client.crt, client.pem, client.pfx

openssl x509部分命令

打印出证书的内容:
openssl x509 -in cert.pem -noout -text
打印出证书的系列号
openssl x509 -in cert.pem -noout -serial
打印出证书的拥有者名字
openssl x509 -in cert.pem -noout -subject
以RFC2253规定的格式打印出证书的拥有者名字
openssl x509 -in cert.pem -noout -subject -nameopt RFC2253
在支持UTF8的终端一行过打印出证书的拥有者名字
openssl x509 -in cert.pem -noout -subject -nameopt oneline -nameopt -escmsb
打印出证书的MD5特征参数
openssl x509 -in cert.pem -noout -fingerprint
打印出证书的SHA特征参数
openssl x509 -sha1 -in cert.pem -noout -fingerprint
把PEM格式的证书转化成DER格式
openssl x509 -in cert.pem -inform PEM -out cert.der -outform DER
把一个证书转化成CSR
openssl x509 -x509toreq -in cert.pem -out req.pem -signkey key.pem
给一个CSR进行处理,颁发字签名证书,增加CA扩展项
openssl x509 -req -in careq.pem -extfile openssl.cnf -extensions v3_ca -signkey key.pem -out cacert.pem
给一个CSR签名,增加用户证书扩展项
openssl x509 -req -in req.pem -extfile openssl.cnf -extensions v3_usr -CA cacert.pem -CAkey key.pem -CAcreateserial

查看csr文件细节:
openssl req -in my.csr -noout -text

转自:https://www.cnblogs.com/gradven/p/5353256.html

1.首先要生成服务器端的私钥(key文件):

命令:

openssl genrsa -des3 -out server.key 1024

运行时会提示输入密码,此密码用于加密key文件(参数des3便是指加密算法,当然也可以选用其他你认为安全的算法.),以后每当需读取此文件(通过openssl提供的命令或API)都需输入口令

\2. 对服务端生成CSR和key

命令:

openssl req -new -key server.key -out server.csr -config /etc/pki/tls/openssl.cnf

生成Certificate Signing Request(CSR),生成的csr文件交给CA签名后形成服务端自己的证书.屏幕上将有提示,依照其指示一步一步输入要求的个人信息即可.

3.对客户端也作同样的命令生成key及csr文件:

命令:

openssl genrsa -des3 -out client.key 1024

openssl req -new -key client.key -out client.csr -config /etc/pki/tls/openssl.cnf

4.CSR文件必须有CA的签名才可形成证书.可将此文件发送到verisign等地方由它验证,需要交费用,这里说下怎么自己做CA。

命令:

openssl req -new -x509 -keyout ca.key -out ca.crt -config /etc/pki/tls/openssl.cnf

5.用生成的CA的证书为刚才生成的server.csr,client.csr文件签名:

命令:

openssl ca -in server.csr -out server.crt -cert ca.crt -keyfile ca.key -config /etc/pki/tls/openssl.cnf

openssl ca -in client.csr -out client.crt -cert ca.crt -keyfile ca.key -config /etc/pki/tls/openssl.cnf

遇到的问题:

如果提示没有*/etc/pki/CA/index.txt 或者serial文件,那么就按照路径新建文件即可。*

3078239980:error:0D066096:asn1 encoding routines:a2i_ASN1_INTEGER:short line:f_int.c:215:
提示error while loading serial number,一般是因为serial文件中没有赋初值
解决办法
[root@test1 ~]#cd /etc/pki/CA
[root@test1 CA]# echo “00” >serial
[root@test1 CA]# cat serial
00

还有一个问题在CA签名时,最后出现failed to update database错误

遇到这个错误,只需要清空/etc/pki/CA/index.txt的内容再签发就可以成功了。

修改CA的一些配置文件

vi /etc/pki/tls/openssl.cnf

1
default_days    = 3650   修改证书有效期

如何创建自签名的 SSL 证书

https://www.jianshu.com/p/e5f46dcf4664

先把用到的命令行放上来方便备查:
如不需要私钥密码,则删掉 -des3 参数即可

自签名:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
# 1.生成私钥
$ openssl genrsa -out server.key 2048

# 2.生成 CSR (Certificate Signing Request)
$ openssl req \
-subj "/C=CN/ST=Tianjin/L=Tianjin/O=Mocha/OU=Mocha Software/CN=test1.sslpoc.com/emailAddress=test@mochasoft.com.cn" \
-new \
-key server.key \
-out server.csr

# 3.生成自签名证书
$ openssl x509 \
-req \
-days 3650 \
-in server.csr \
-signkey server.key \
-out server.crt

私有 CA 签名:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
# 1.创建 CA 私钥
$ openssl genrsa -out ca.key 2048

# 2.生成 CA 的自签名证书
$ openssl req \
-subj "/C=CN/ST=Tianjin/L=Tianjin/O=Mocha/OU=Mocha Software/CN=Server CA/emailAddress=test@mochasoft.com.cn" \
-new \
-x509 \
-days 3650 \
-key ca.key \
-out ca.crt

# 3.生成需要颁发证书的私钥
$ openssl genrsa -out server.key 2048

# 4.生成要颁发证书的证书签名请求,证书签名请求当中的 Common Name 必须区别于 CA 的证书里面的 Common Name
$ openssl req \
-subj "/C=CN/ST=Tianjin/L=Tianjin/O=Mocha/OU=Mocha Software/CN=test2.sslpoc.com/emailAddress=test@mochasoft.com.cn" \
-new \
-key server.key \
-out server.csr

# 5.用 2 创建的 CA 证书给 4 生成的 签名请求 进行签名
$ openssl x509 \
-req \
-days 3650 \
-in server.csr \
-CA ca.crt \
-CAkey ca.key \
-set_serial 01 \
-out server.crt

注:

  • 指定证书数据内容
1
-subj /C=CN/ST=Guangdong/L=Shenzhen/O=PAX/OU=Common Software/CN=Server CA/emailAddress=qiaojx@paxsz.com
  • 去掉 key 加密的输入提示:去掉 -des3
  • 不提问:使用 -batch 参数

一、概述

本文非常简单地展示了 SSL 的实现,以及整个过程中,证书所扮演的角色。

1、什么是证书及证书的作用

普通的 Web 传输,通过 Internet 发送未加密的数据。这样的话,任何人使用恰当的工具都可以窥视通讯数据的内容。很明显,这会导致出现一些问题,尤其对于有安全和隐私比较敏感的场景,如:信用卡数据、银行交易信息。SSL(Secure Socket Layer)用于加密在 Web Server 与 Web Client(最常见的是 Browser) 之间传递的数据流。
 
 SSL 使用非对称加密算法(Asymmetric Cryptography),通常指 PKI(Public Key Cryptography)。使用 PKI 创建两个秘钥,一个公钥,一个私钥。使用任何一个 Key 做的加密,必须使用另外一个进行解密。这样的话,使用服务器私钥加密的数据,只能通过其对应的公钥进行解密,以确保数据是来自服务器。
 
 为什么使用 SSL 处理数据需要证书?其实从技术角度来说,证书并不是必需的,数据很安全,而且不容易被第三方解密。但是,证书对于通讯过程,扮演着至关重要的角色。证书通过可信的 CA 签名,以确保证书的持有者与其对外所宣称的身份一致。使用未经认证签名的证书,数据可以被加密,但是与你通讯的一方,可能并不如你想。没有证书的话,伪装攻击(Impersonation Attacks)会变得更为普遍。

2、证书的三个作用
  • 加密通信
  • 身份验证(验证对方确实是对方声称的对象)
  • 数据完整性(无法被修改,修改了会被知)
3、自签名证书及自签名类型

当由于某种原因(如:不想通过 CA 购买证书,或者仅是用于测试等情况),无法正常获取 CA 签发的证书。这时可以生成一个自签名证书。使用这个临时证书的时候,会在客户端浏览器报一个错误,签名证书授权未知或不可信(signing certificate authority is unknown and not trusted.)。

  • 自签名证书
  • 私有CA签名的证书

自签名证书的 IssuerSubject 是一样的

区别:
 自签名的证书无法被吊销,CA 签名的证书可以被吊销。
 能不能吊销证书的区别在于:如果你的私钥被黑客获取,如果证书不能被吊销,则黑客可以伪装成你与用户进行通信。
 如果你的规划需要创建多个证书,那么使用 私有 CA **的方法比较合适,因为只要给所有的客户端都安装了 CA 的证书,那么以该证书签名过的证书,客户端都是信任的,也就是安装一次就够了。
 如果你直接用**自签名证书**,你需要给
所有的客户端**安装该证书才会被信任,如果你需要第二个证书,则还的挨个给所有的客户端安装证书2才会被信任。

二、自签名证书

第一步:生成私钥

openssl工具集用于生成 RSA Private Key 和 CSR (Certificate Signing Request),也能用于生成自签名证书,用于测试目的或内部使用。
 第一步创建 RSA Private Key。这个秘钥:

  • 1024 bit RSA key
  • 使用 3DES 加密
  • 使用 PEM 格式存储,ASCII,可读

命令行:

1
$ openssl genrsa -des3 -out server.key 1024

执行结果:

1
2
3
4
5
6
Generating RSA private key, 1024 bit long modulus
.........................................................++++++
........++++++
e is 65537 (0x10001)
Enter PEM pass phrase:
Verifying password - Enter PEM pass phrase:
第二步:从秘钥中删除 Passphrase

我们之前生成的私钥,是带有 passphrase 的。这带来一个副作用,就是需要在使用过程中输入密码。这对于一些特定场景来说会带来一些问题。比如:Apache 的自动启动过程,或者一些工具,甚至有没有提供输入 passphrase 的机会。其实是可以将 3DES 的加密从秘钥中移除的,这样,使用的过程中就不再需要输入 passphrase。这也带来另一个问题,如果其他人获取到了未加密的私钥,对应的证书也需要被吊销,以避免带来危害。
 使用以下命令行来从秘钥中移除 pass-phrase:

1
2
$ cp server.key server.key.org
$ openssl rsa -in server.key.org -out server.key

新创建的 server.key 文件中,不再包含 passphrase。

1
2
3
-rw-r--r-- 1 root root 745 Jun 29 12:19 server.csr
-rw-r--r-- 1 root root 891 Jun 29 13:22 server.key
-rw-r--r-- 1 root root 963 Jun 29 13:22 server.key.org
第三步:生成 CSR (Certificate Signing Request)

一旦私钥生成,CSR (Certificate Signing Request) 就可以被生成了。CSR 可以用于以下两种用途中的任何一种:

  • 理想地,将 CSR 发送到 CA,例如: Thawte、Verisign,会做身份验证,并颁发签名证书
  • 对 CSR 进行自签名

本文的下一部分演示就是演示 CSR 进行自签名的方式。

生成 CSR 的过程中,会提示输入一些信息,这些是证书的 X.509 属性。其中一个提示是 Common Name (e.g., YOUR name),这个非常重要,这一项会填入 FQDN:(Fully Qualified Domain Name)完全合格域名/全称域名,这个 FQDN 会被 SSL 保护。如果要被保护的网站是 https://public.akadia.com,那么输入 public.akadia.com
 用于生成 CSR 的命令行如下:

1
$ openssl req -new -key server.key -out server.csr

执行过程界面如下:

1
2
3
4
5
6
7
8
9
10
11
Country Name (2 letter code) [GB]:CH
State or Province Name (full name) [Berkshire]:Bern
Locality Name (eg, city) [Newbury]:Oberdiessbach
Organization Name (eg, company) [My Company Ltd]:Akadia AG
Organizational Unit Name (eg, section) []:Information Technology
Common Name (eg, your name or your server's hostname) []:public.akadia.com
Email Address []:martin dot zahn at akadia dot ch
Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:
第四步:生成自签名证书

当由于某种原因(如:不想通过 CA 购买证书,或者仅是用于测试等情况),无法正常获取 CA 签发的证书。这时可以生成一个自签名证书。使用这个临时证书的时候,会在客户端浏览器报一个错误,签名证书授权未知或不可信(signing certificate authority is unknown and not trusted.)。

生成一个可以使用 365 天的临时证书,使用如下命令行:

1
$ openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt

执行结果:

1
2
3
4
Signature ok
subject=/C=CH/ST=Bern/L=Oberdiessbach/O=Akadia AG/OU=Information
Technology/CN=public.akadia.com/Email=martin dot zahn at akadia dot ch
Getting Private key

三、创建私有 CA ,然后用该 CA 给证书进行签名

第一步:创建 CA 私钥
1
$ openssl genrsa -des3 -out ca.key 4096
第二步:生成 CA 的自签名证书
1
$ openssl req -new -x509 -days 365 -key ca.key -out ca.crt

其实 CA 证书就是一个自签名证书

第三步:生成需要颁发证书的私钥
1
$ openssl genrsa -des3 -out server.key 4096
第四步:生成要颁发证书的证书签名请求
1
$ openssl req -new -key server.key -out server.csr

这里注意:证书签名请求当中的 Common Name 必须区别于 CA 的证书里面的 Common Name

第五步:用第二步创建的 CA 证书给第四步生成的签名请求进行签名
1
$ openssl x509 -req -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt

四、生成证书链多级证书

1、生成根 CA 并自签(Common Name 填 RootCA)
1
2
$ openssl genrsa -des3 -out keys/RootCA.key 2048
$ openssl req -new -x509 -days 3650 -key keys/RootCA.key -out keys/RootCA.crt
2、生成二级 CA(Common Name 填 SecondCA)
1
2
3
4
$ openssl genrsa -des3 -out keys/secondCA.key 2048
$ openssl rsa -in keys/secondCA.key -out keys/secondCA.key
$ openssl req -new -days 3650 -key keys/secondCA.key -out keys/secondCA.csr
$ openssl ca -extensions v3_ca -in keys/secondCA.csr -config /etc/pki/tls/openssl.cnf -days 3650 -out keys/secondCA.crt -cert keys/RootCA.crt -keyfile keys/RootCA.key
3、生成三级 CA(Common Name 填 ThirdCA)
1
2
3
4
$ openssl genrsa -des3 -out keys/thirdCA.key 2048
$ openssl rsa -in keys/thirdCA.key -out keys/thirdCA.key
$ openssl req -new -days 3650 -key keys/thirdCA.key -out keys/thirdCA.csr
$ openssl ca -extensions v3_ca -in keys/thirdCA.csr -config /etc/pki/tls/openssl.cnf -days 3650 -out keys/thirdCA.crt -cert keys/secondCA.crt -keyfile keys/secondCA.key
4、使用三级 CA 签发服务器证书
1
2
3
4
$ openssl genrsa -des3 -out keys/server.key 2048
$ openssl rsa -in keys/server.key -out keys/server.key
$ openssl req -new -days 3650 -key keys/server.key -out keys/server.csr
$ openssl ca -in keys/server.csr -config /etc/pki/tls/openssl.cnf -days 3650 -out keys/server.crt -cert keys/thirdCA.crt -keyfile keys/thirdCA.key

注:

  • 指定证书数据内容
1
-subj /C=CN/ST=Guangdong/L=Shenzhen/O=PAX/OU=Common Software/CN=Server CA/emailAddress=qiaojx@paxsz.com
  • 去掉 key 加密的输入提示:去掉 -des3
  • 不提问:使用 -batch 参数

五、吊销证书(作废证书)

首先

1
$ echo 00 > /etc/pki/CA/crlnumber

一般由于用户私钥泄露等情况才需要吊销一个未过期的证书。(当然我们用本测试 CA 时其时很少用到该命令,除非专门用于测试吊销证书的情况)
假设需要被吊销的证书文件为 cert.pem,则执行以下命令吊销证书:

1
$ openssl ca -revoke cert.pem -config /etc/pki/tls/openssl.cnf

生成证书吊销列表文件(CRL)
准备公开被吊销的证书列表时,可以生成证书吊销列表(CRL),执行命令如下:

1
$ openssl ca -gencrl -out testca.crl -config /etc/pki/tls/openssl.cnf

还可以添加 -crldays-crlhours 参数来说明下一个吊销列表将在多少天后(或多少小时候)发布。

可以用以下命令检查 testca.crl 的内容:

1
$ openssl crl -in testca.crl -text -noout

六、参考资料