      
 

  -      
  pwuploader

  

     .exe-,      .

1.      ,   Windows ( F3  ).
     .
  
2.        .
3.    ID,    PROMPT.
        DOS/Windows   ,
   .

    , ()   :
- Client ID
- Group ID
- IP address
    (   ),      ,     :
Client ID: %MACHINE%-%USER%_W%winver%.%hex32% (  ,  )
Group ID: nop000
IP address: 0.0.0.0

Id  -  ,      .
    %MACHINE%-%USER%_XYYYYYYY, 
MACHINE -  
USER -  
X -        
(W - windows, L - linux, A - , M - Mac OS),
YYYYYYY - 3-7   major-version, minor-version  build       
(,  6.1 build 7600   617600).
   32   0-9, A-F.
 id  - HOSTNAME-USER_W617600.11223344556677889900AABBCCDDEEFF.
    .
4.      ( HTTP),  HTTP-,    200,  .
   ( -200   )          .
5.     .
      HTTP,    HTTPS -      WinInet/WinHTTP.
6.        .


 
1.    Microsoft,     Microsoft Visual Studio    2015.
2.  Visual Studio     :
*    :
-  : $(SolutionDir)Bin\$(PlatformTarget)\$(Configuration)\
-  : $(SolutionDir)\obj\$(Platform)\$(Configuration)\$(ProjectName)\
-  : 
*  Release:
-    (/++  ): 
-    (/): 
3.    Andrivet (, . _STR())
4.     GetApi.h.  ,     .
5.      - x32-  x64-.
6.         ,    .
7.     .      modulename.log (     ).
          .
8.       config.h ( ,   -     - , -   ).
9.        Windows.
      Windows - Windows XP (  - Windows Vista).
10.       notelemetry.obj (https://stackoverflow.com/questions/37761768/how-to-prevent-visual-studio-2015-update-2-to-add-telemetry-main-invoke-trigger)


  

1)         HTTP POST   multipart/form-data (   html-).
POST   :
timestamp -  UNIX-
ip        -  IP address
ip1       -     (         ; )
ip2       -    
...
ipN       -  N-  
cid       -  Client ID
group     -  Group ID
hostname  -  ,   GetComputerName()
source    -  `pw'

   url :
http://foo.com/<junk>/<auth>/<junk>
junk -  ,   URI,   /
auth -  . ,     ,
     .
 -   . 
  :
-  Z    
-   ( !)  6  15-    31. 
   - .       Z.
  - abcde7ol7k9hi8mZ

2)      ,  HTTP POST,   multipart/form-data.
    file.
     Content-Disposition;     URI .
 :
-     .  ,    100,    10 .
-       ,   ,    .
-  ,          gzip.
-    URL 
junk -  ,   URI,   /
auth -  .  -   ,   
-  S   
-   ( !)  8  15-    25. 
cid      -  Client ID
filename -     URL Encoded;
start -       ;    ,  .
    ,     .
, 0A --   0 ( 0 ,  A ).
end -       ;   ,    start.
, 3A5A2A3A9A5A9A -  3523959.
eof -   .   ,    ;   ( )
   ,   :
-     0
-   A  F 

  ,  HTTP- 200     ,
  -200     (, 50*  40*  ).
     XML   HTTP-,   <response>.
     4041,   1 -      (    ).

,        9:

HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Mon, 07 Oct 2019 13:08:44 GMT
Content-Type: application/xml; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept

<?xml version="1.0" encoding="UTF-8"?>
<response>4049</response>

  -  ,  
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Mon, 07 Oct 2019 13:08:44 GMT
Content-Type: application/xml; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept

<?xml version="1.0" encoding="UTF-8"?>
<response>200</response>
