windows 检测远程桌面连接的来源
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/2461325/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Detect source of remote desktop connection
提问by Vegar
This questiontells me how to detect a remote desktop session.
这个问题告诉我如何检测远程桌面会话。
Do anybody know if it's possible to find out from where the remote connection was initialized?
有谁知道是否可以找出远程连接的初始化位置?
采纳答案by AFK
Since it's in windows use netstat to check which machines you are connected to and on which ports and just parse out the address for the one that uses the port that remote desktop uses.
由于它在 Windows 中,因此使用 netstat 来检查您连接到哪些机器以及在哪些端口上,只需解析使用远程桌面使用的端口的地址即可。
回答by RRUZ
@Vegar, you can use the WTSEnumerateSessionsand WTSQuerySessionInformationfunctions to retrieve this info.
@Vegar,您可以使用 WTSEnumerateSessions和WTSQuerySessionInformation函数来检索此信息。
check this linkfor an example using the Jedi Api Headers.
检查此链接以获取使用Jedi Api Headers的示例。
check this code.
检查此代码。
program ProjectTsInfo;
{$APPTYPE CONSOLE}
Uses
Windows,
JwaWinType,
JwaWtsApi32,
JwaWinsock2,
SysUtils,
TypInfo;
type
PWtsSessionInfoAArray = ^TWtsSessionInfoAArray;
TWtsSessionInfoAArray = array[0..ANYSIZE_ARRAY-1] of WTS_SESSION_INFOA;
//Get the info for all clients connected
procedure GetAll_TSClientsInfo;
var
SessionInfoAArray: PWtsSessionInfoAArray;
ClientAddr : PWtsClientAddress;
ClientName : PAnsiChar;
//ClientInfo : PWTSCLIENT;
RetBytes : Cardinal;
IPAddr : String;
i : integer;
pCount : Cardinal;
SessionId : Cardinal;
begin
if WtsEnumerateSessions(WTS_CURRENT_SERVER, 0, 1, PWTS_SESSION_INFO(SessionInfoAArray), pCount) then
begin
for i := 0 to pCount - 1 do
begin
SessionId:=SessionInfoAArray^[i].SessionId;
WTSQuerySessionInformation(WTS_CURRENT_SERVER, SessionId, WTSClientAddress, Pointer(ClientAddr), RetBytes);
WTSQuerySessionInformation(WTS_CURRENT_SERVER, SessionId, WTSClientName, Pointer(ClientName), RetBytes);
//WTSQuerySessionInformation(WTS_CURRENT_SERVER, SessionId, WTSClientInfo, Pointer(ClientInfo), RetBytes); //This value is supported for Windows Server 2008 and Windows Vista with SP1.
try
case ClientAddr^.AddressFamily of
AF_INET:
IPAddr:= Format('%d.%d.%d.%d', [
ClientAddr^.Address[2],
ClientAddr^.Address[3],
ClientAddr^.Address[4],
ClientAddr^.Address[5]
]);
else
IPAddr:= '<unknow>';
end;
WriteLn(Format('Session Id : %d ', [SessionId]));
WriteLn(Format('Client Name : %s ', [ClientName]));
WriteLn(Format('Station Name: %s ', [SessionInfoAArray^[i].pWinStationName]));
WriteLn(Format('State : %s ', [GetEnumName(TypeInfo(WTS_CONNECTSTATE_CLASS),integer(SessionInfoAArray^[i].State))]));
WriteLn(Format('IP : %s ', [IPAddr]));
//supported for Windows Server 2008 and Windows Vista with SP1.
{
WriteLn(Format('ClientName : %s ', [ClientInfo^.ClientName]));
WriteLn(Format('Domain : %s ', [ClientInfo^.Domain]));
WriteLn(Format('UserName : %s ', [ClientInfo^.UserName]));
WriteLn(Format('WorkDirectory : %s ', [ClientInfo^.WorkDirectory]));
WriteLn(Format('InitialProgram : %s ', [ClientInfo^.InitialProgram]));
WriteLn(Format('EncryptionLevel : %d ', [ClientInfo^.EncryptionLevel]));
WriteLn(Format('HRes : %d ', [ClientInfo^.HRes]));
WriteLn(Format('VRes : %d ', [ClientInfo^.VRes]));
WriteLn(Format('ColorDepth : %d ', [ClientInfo^.ColorDepth]));
WriteLn(Format('ClientDirectory : %s ', [ClientInfo^.ClientDirectory]));
}
Writeln('');
finally
WTSFreeMemory(ClientAddr);
WTSFreeMemory(ClientName);
end;
end;
end;
WtsFreeMemory(SessionInfoAArray);
end;
//Get the ip address of the actual connected client
function GetIpActualClient : string;
var
ClientAddr : PWtsClientAddress;
RetBytes : Cardinal;
IPAddr : String;
SessionId : Cardinal;
begin
SessionId:=WTS_CURRENT_SESSION;
WTSQuerySessionInformation(WTS_CURRENT_SERVER, SessionId, WTSClientAddress, Pointer(ClientAddr), RetBytes);
try
case ClientAddr^.AddressFamily of
AF_INET:
IPAddr:= Format('%d.%d.%d.%d', [
ClientAddr^.Address[2],
ClientAddr^.Address[3],
ClientAddr^.Address[4],
ClientAddr^.Address[5]
]);
else
IPAddr:= '<unknow>';
end;
Result:=IPAddr;
finally
WTSFreeMemory(ClientAddr);
end;
end;
begin
Writeln('IP Actual client '+GetIpActualClient);
Writeln('-----------------------------------');
GetAll_TSClientsInfo;
Readln;
end.
UPDATE
更新
As @Remko says, the WTSQuerySessionInformationfunction with the WTSClientAddresstype, can return the local IP of the client. if you wanna get the real ip you can use the WinStationGetRemoteIPAddress helper function located in the JwaWinSta unit.
正如@Remko 所说,具有WTSClientAddress类型的WTSQuerySessionInformation函数 可以返回客户端的本地 IP。如果你想获得真实的 ip,你可以使用位于 JwaWinSta 单元中的 WinStationGetRemoteIPAddress 帮助函数。
Var
Port : Word;
IpAddr : WideString;
Begin
WinStationGetRemoteIPAddress(WTS_CURRENT_SERVER,WTS_CURRENT_SESSION,IpAddr,Port);
End;
回答by user1366807
For me, this worked, it gets the name of the machine connected.
对我来说,这行得通,它获得了所连接机器的名称。
Environment.GetEnvironmentVariable("CLIENTNAME")
回答by Remko
WTSQuerySessionInformation returns the client IP as the client reports it, this will probably be (one) of it's local IP Address. If you want to know the REAL ip address and port that is connected you can use WinStationQueryInformationW with information class WinStationRemoteAddress. You will need my unit JwaWinsta from the Jedi Apilib.
WTSQuerySessionInformation 在客户端报告时返回客户端 IP,这可能是它的本地 IP 地址之一。如果您想知道连接的真实 IP 地址和端口,您可以使用 WinStationQueryInformationW 和信息类 WinStationRemoteAddress。你需要我的绝地阿皮利布单位 JwaWinsta。
I have provided a simple wrapper in the same unit as well:
我还在同一单元中提供了一个简单的包装器:
function WinStationGetRemoteIPAddress(hServer: HANDLE; SessionId: DWORD;
var RemoteIPAddress: WideString; var Port: WORD): Boolean;
回答by BrettKennard
If you want to get the remote session ID and get the IP address that connected via Citrix you can use the below. This was designed to run when a user connects to a server via a citrix session and display/create a string for the IP address it is connecting from.
如果您想获取远程会话 ID 并获取通过 Citrix 连接的 IP 地址,您可以使用以下内容。这旨在在用户通过 citrix 会话连接到服务器时运行,并为其连接的 IP 地址显示/创建字符串。
// Prints out ICA or RDP session ID of current user & gets ICA session clientAddress variable
using System;
using Microsoft.Win32;
namespace ViaRegedit
{
class Program03
{
static void Main(string[] args)
{
// Obtain an instance of RegistryKey for the CurrentUser registry
RegistryKey rkCurrentUser = Registry.CurrentUser;
// Obtain the test key (read-only) and display it.
RegistryKey rkTest = rkCurrentUser.OpenSubKey("Remote");
foreach (string valueName in rkTest.GetSubKeyNames())
{
//Getting path to RDP/Citrix session ID
string RDPICApath = "";
if (rkTest.OpenSubKey(valueName) != null && rkTest.OpenSubKey(valueName) != null) { RDPICApath = rkTest.OpenSubKey(valueName).ToString(); }
Console.WriteLine("Getting CurrentUser ICA-RDP path from string = " + RDPICApath);
//Split RDPICApath to get session number
string RDPICAnumber = RDPICApath.Substring(RDPICApath.LastIndexOf('\') + 1);
Console.WriteLine("Current User RDPICAnumber = " + RDPICAnumber);
//Getting reg local machine info for Citrix based on RDP/Citrix session ID "RDPICAnumber"
string regLocal = @"SOFTWARE\Citrix\Ica\Session\" + RDPICAnumber + @"\Connection";
RegistryKey localKey = RegistryKey.OpenBaseKey(Microsoft.Win32.RegistryHive.LocalMachine, RegistryView.Registry64);
RegistryKey citrixKey = localKey.OpenSubKey(regLocal);
Console.WriteLine("Registry " + citrixKey + " Does Exist - going to get ClientAddress");
//getting clietAddress var from citrixKey
string clientAddress = "";
if (citrixKey != null && citrixKey.GetValue("clientAddress") != null)
{clientAddress = citrixKey.GetValue("clientAddress").ToString();}
Console.WriteLine("Getting current user clientAddress from string = " + clientAddress);
}
rkTest.Close();
rkCurrentUser.Close();
Console.ReadLine();
}
}
}
