三
09
DWORD dwProcs[1024*2]; 阅读全文
DWORD dwNeeded;
EnumProcesses( dwProcs, sizeof(dwProcs), &dwNeeded );
DWORD dwProcCount = dwNeeded / sizeof(DWORD);
一
02
char temp[50]; 阅读全文
HANDLE hPrinter = NULL;
DWORD dwNeeded = 0;
DWORD dwReturned = 0;
JOB_INFO_1 *pJobInfo = NULL;
int n = 0;
int ret = OpenPrinter(“\\\\192.168.10.13\\Canon MX310 series Printer”, &hPrinter, NULL);
if(ret == 0)
{
p->MessageBox(“打开打印机失败!”);
return 0;
}
一
01
char RemoteName[] = “\\\\192.168.105.9″; 阅读全文
DWORD ret;
NETRESOURCE nr;
memset(&nr, 0, sizeof(nr));
nr.dwScope = RESOURCE_CONNECTED;
nr.dwType = RESOURCETYPE_ANY;
nr.dwDisplayType = RESOURCEDISPLAYTYPE_GENERIC;
nr.dwUsage = RESOURCEUSAGE_CONNECTABLE;
nr.lpRemoteName = RemoteName;
ret = WNetAddConnection2(&nr, NULL, NULL, CONNECT_UPDATE_PROFILE);
十二
02
DWORD WINAPI Start(LPVOID lParam) 阅读全文
{
CPostDlg *p = (CPostDlg *)lParam;
SOCKET sock = socket( AF_INET, SOCK_STREAM, IPPROTO_TCP);
if(sock == SOCKET_ERROR)
{
p->MessageBox(“创建套接字失败~”);
return 0;
}
SOCKADDR_IN addr;
addr.sin_family = AF_INET;
addr.sin_port = htons(80);
char url[20] = “192.168.10.104″;
十一
16
DWORD WINAPI MyThread(LPVOID lParam)
{
CTestDlg *p = (CTestDlg *)lParam;
char path[1024]; 阅读全文
char cmdline[1024];
char buffer[1024];
memset(buffer, 0, sizeof(buffer));
memset(cmdline, 0, sizeof(cmdline));
memset(path, 0, sizeof(path));
::GetSystemDirectory(path, sizeof(path));
十
26
try
{
CoInitialize(NULL);
_ConnectionPtr pConnection(__uuidof(Connection));
_RecordsetPtr pRecordset(__uuidof(Recordset));
pConnection->ConnectionString = “Provider=SQLOLEDB.1;Persist Security Info=False;User ID = sa;Initial Catalog = CodeTest;Data Source = 164.70.6.219″;
pConnection->Open(pConnection->ConnectionString, “”, “”, -1);//连接数据库
pRecordset->Open(“SELECT * FROM ma_q_test”,_variant_t((IDispatch*)pConnection,true),adOpenStatic,adLockOptimistic,adCmdText);
//打开记录集
十
22
CString str;
::CoInitialize(NULL);
try
{
_ConnectionPtr conn(__uuidof(Connection));
_RecordsetPtr record(__uuidof(Recordset));
conn->ConnectionString = “Provider=SQLOLEDB.1;Persist Security Info=False; 阅读全文
User ID = sa;//用户名
Initial Catalog = CodeTest;//表名
Data Source = 164.70.6.219″; //服务器地址
九
28
病毒样本:http://www.52pojie.cn/thread-64398-1-1.html
只分析了exe,感染的dll下次分析
exe
去除启动时候的小漏斗
004017C9 |. 53 push ebx 004017CA |. 55 push ebp 004017CB |. 56 push esi 004017CC |. 57 push edi 004017CD |. FF15 AC104000 call dword ptr [<&USER32.GetInputStat>; [GetInputState 004017D3 |. 33DB xor ebx, ebx 004017D5 |. 53 push ebx ; /lParam => 0 004017D6 |. 53 push ebx ; |wParam => 0 004017D7 |. 53 push ebx ; |Message => WM_NULL 004017D8 |. FF15 64104000 call dword ptr [<&KERNEL32.GetCurrent>; |[GetCurrentThreadId 004017DE |. 50 push eax ; |ThreadId 004017DF |. FF15 B0104000 call dword ptr [<&USER32.PostThreadMe>; \PostThreadMessageA 004017E5 |. 53 push ebx ; /MsgFilterMax => 0 004017E6 |. 53 push ebx ; |MsgFilterMin => 0 004017E7 |. 8D4424 1C lea eax, dword ptr [esp+1C] ; | 004017EB |. 53 push ebx ; |hWnd => NULL 004017EC |. 50 push eax ; |pMsg 004017ED |. FF15 B4104000 call dword ptr [<&USER32.GetMessageA>>; \GetMessageA
八
04
Hi, 伙计们最近还好不, 闷热的天气不知你是否和我一样烦躁。不过这样的天气咱们可不能糟蹋了, 所以就扔点闷热的思路吧,主题: Bypass Win7 Uac。
Win7 Uac的思路很多,但是实用的确很少。例如利用白名单机制通过IFileOperation来yy. 例如还有在很久很久以前通过DuplicateTokenEx,及CreateProcessAsUser来yy的.