VB Trojans

2

Comments

  • : : : : I've got an interesting tutorial that show's the basics of vb trojans, if anyone is interested post and let me know.
    : : : :
    : : : :
    : : : :
    : : : :
    : : : : C:Dos
    : : : : C:Dos Run
    : : : : Run Dos Run
    : : : :
    : : : hi i have 3 questions really first one is
    : : : wot does this virus do i have made it but wot does it do
    : : : second question is
    : : : i have never compiled a project before does it just mean do standard package and deploment or do u do somthing different so u dont have to install it
    : : : and last question is do i compile them seperatly or together and also one more question how do u use it do i send one part to a target machine or wot
    : : : please help
    : : : thanks from
    : : : mark
    : : :
    : : Hi m8, here's the answers:
    : : 1. It is not a virus. It is a trojan... The difference? A trojan does not spread itself, a victim has to open it. What it does: It grants you the ability to send the user a message, open his cd-tray or shut his computer down.
    : : The compiling is most easy:
    : : File --> Make project1.exe --> Choose the desktop for location and tadaa... There appears the program on the desktop
    : : The compiling should be done seperately, indeed. Compile the server part, and send this to the victim, and compile the client part, and use this as a tool to control the victim. Once you have compiled the server, you should make sure the victim opens it, or else you will not be able to control his pc...
    : :
    : : Hope this helps...
    : :
    : : EtHeO out...
    : :
    :
    :
    : didani is absolutly right, this is a very basic program ment only to give you the knowhow to design a better one your self.
    :
    : for those of you that have it, check out the registry api's you can add a simple bit of code that when the program executes it will right the reg key in so that it runs on start up, getting into it even more you can add more winsock controls or array them and then give yourself the ability to download files off of the victim or to transfer files yourself to the victem and then execute shells to load the newly tranfered programs, and for the truly dedicated programmers you can make it so that it will spawn copys of itself(this will most likly require the trojan to download an exe of itself or to have one extra one included under a different name - that does not however make it a virus as it does not infect any files it only does what you tell it to do..
    :
    : on a side note the one that I finaly developed (not quite finished yet) funny enough is detected as a virus by mcaffe.
    :
    : hope that helps everyone looking into it.
    :
    : just remember the source in the tut really does nothing important at all you will need to expand apon it greatly to do anything worth while.
    : [blue]
    : C:Dos
    : C:Dos Run
    : Run Dos Run
    : [/blue]
    :
    hi i am new to vb so i need as much help as i can get soz if the questions where stupid sorry bout that but wot is the vb code for the reg key or where could i find it out
    from
    mark
  • : : : : : I've got an interesting tutorial that show's the basics of vb trojans, if anyone is interested post and let me know.
    : : : : :
    : : : : :
    : : : : :
    : : : : :
    : : : : : C:Dos
    : : : : : C:Dos Run
    : : : : : Run Dos Run
    : : : : :
    : : : : hi i have 3 questions really first one is
    : : : : wot does this virus do i have made it but wot does it do
    : : : : second question is
    : : : : i have never compiled a project before does it just mean do standard package and deploment or do u do somthing different so u dont have to install it
    : : : : and last question is do i compile them seperatly or together and also one more question how do u use it do i send one part to a target machine or wot
    : : : : please help
    : : : : thanks from
    : : : : mark
    : : : :
    : : : Hi m8, here's the answers:
    : : : 1. It is not a virus. It is a trojan... The difference? A trojan does not spread itself, a victim has to open it. What it does: It grants you the ability to send the user a message, open his cd-tray or shut his computer down.
    : : : The compiling is most easy:
    : : : File --> Make project1.exe --> Choose the desktop for location and tadaa... There appears the program on the desktop
    : : : The compiling should be done seperately, indeed. Compile the server part, and send this to the victim, and compile the client part, and use this as a tool to control the victim. Once you have compiled the server, you should make sure the victim opens it, or else you will not be able to control his pc...
    : : :
    : : : Hope this helps...
    : : :
    : : : EtHeO out...
    : : :
    : :
    : :
    : : didani is absolutly right, this is a very basic program ment only to give you the knowhow to design a better one your self.
    : :
    : : for those of you that have it, check out the registry api's you can add a simple bit of code that when the program executes it will right the reg key in so that it runs on start up, getting into it even more you can add more winsock controls or array them and then give yourself the ability to download files off of the victim or to transfer files yourself to the victem and then execute shells to load the newly tranfered programs, and for the truly dedicated programmers you can make it so that it will spawn copys of itself(this will most likly require the trojan to download an exe of itself or to have one extra one included under a different name - that does not however make it a virus as it does not infect any files it only does what you tell it to do..
    : :
    : : on a side note the one that I finaly developed (not quite finished yet) funny enough is detected as a virus by mcaffe.
    : :
    : : hope that helps everyone looking into it.
    : :
    : : just remember the source in the tut really does nothing important at all you will need to expand apon it greatly to do anything worth while.
    : : [blue]
    : : C:Dos
    : : C:Dos Run
    : : Run Dos Run
    : : [/blue]
    : :
    : hi i am new to vb so i need as much help as i can get soz if the questions where stupid sorry bout that but wot is the vb code for the reg key or where could i find it out
    : from
    : mark
    :


    don't worry about it, your not going to know unless you ask right. as for the reg code, I'll try to dig it up and post it, or your can try to search for "registry API's" on google or on some vb programming site.
    [blue]
    C:Dos
    C:Dos Run
    Run Dos Run
    [/blue]

  • : : : : : : I've got an interesting tutorial that show's the basics of vb trojans, if anyone is interested post and let me know.
    : : : : : :
    : : : : : :
    : : : : : :
    : : : : : :
    : : : : : : C:Dos
    : : : : : : C:Dos Run
    : : : : : : Run Dos Run
    : : : : : :
    : : : : : hi i have 3 questions really first one is
    : : : : : wot does this virus do i have made it but wot does it do
    : : : : : second question is
    : : : : : i have never compiled a project before does it just mean do standard package and deploment or do u do somthing different so u dont have to install it
    : : : : : and last question is do i compile them seperatly or together and also one more question how do u use it do i send one part to a target machine or wot
    : : : : : please help
    : : : : : thanks from
    : : : : : mark
    : : : : :
    : : : : Hi m8, here's the answers:
    : : : : 1. It is not a virus. It is a trojan... The difference? A trojan does not spread itself, a victim has to open it. What it does: It grants you the ability to send the user a message, open his cd-tray or shut his computer down.
    : : : : The compiling is most easy:
    : : : : File --> Make project1.exe --> Choose the desktop for location and tadaa... There appears the program on the desktop
    : : : : The compiling should be done seperately, indeed. Compile the server part, and send this to the victim, and compile the client part, and use this as a tool to control the victim. Once you have compiled the server, you should make sure the victim opens it, or else you will not be able to control his pc...
    : : : :
    : : : : Hope this helps...
    : : : :
    : : : : EtHeO out...
    : : : :
    : : :
    : : :
    : : : didani is absolutly right, this is a very basic program ment only to give you the knowhow to design a better one your self.
    : : :
    : : : for those of you that have it, check out the registry api's you can add a simple bit of code that when the program executes it will right the reg key in so that it runs on start up, getting into it even more you can add more winsock controls or array them and then give yourself the ability to download files off of the victim or to transfer files yourself to the victem and then execute shells to load the newly tranfered programs, and for the truly dedicated programmers you can make it so that it will spawn copys of itself(this will most likly require the trojan to download an exe of itself or to have one extra one included under a different name - that does not however make it a virus as it does not infect any files it only does what you tell it to do..
    : : :
    : : : on a side note the one that I finaly developed (not quite finished yet) funny enough is detected as a virus by mcaffe.
    : : :
    : : : hope that helps everyone looking into it.
    : : :
    : : : just remember the source in the tut really does nothing important at all you will need to expand apon it greatly to do anything worth while.
    : : : [blue]
    : : : C:Dos
    : : : C:Dos Run
    : : : Run Dos Run
    : : : [/blue]
    : : :
    : : hi i am new to vb so i need as much help as i can get soz if the questions where stupid sorry bout that but wot is the vb code for the reg key or where could i find it out
    : : from
    : : mark
    : :
    :
    :
    : don't worry about it, your not going to know unless you ask right. as for the reg code, I'll try to dig it up and post it, or your can try to search for "registry API's" on google or on some vb programming site.
    : [blue]
    : C:Dos
    : C:Dos Run
    : Run Dos Run
    : [/blue]
    :
    thanks mate i will for it as weell and could u look aswell please then if any of us find sumthing post it on here ok thaks
    from
    mark

  • : : : : : : : I've got an interesting tutorial that show's the basics of vb trojans, if anyone is interested post and let me know.
    : : : : : : :
    : : : : : : :
    : : : : : : :
    : : : : : : :
    : : : : : : : C:Dos
    : : : : : : : C:Dos Run
    : : : : : : : Run Dos Run
    : : : : : : :
    : : : : : : hi i have 3 questions really first one is
    : : : : : : wot does this virus do i have made it but wot does it do
    : : : : : : second question is
    : : : : : : i have never compiled a project before does it just mean do standard package and deploment or do u do somthing different so u dont have to install it
    : : : : : : and last question is do i compile them seperatly or together and also one more question how do u use it do i send one part to a target machine or wot
    : : : : : : please help
    : : : : : : thanks from
    : : : : : : mark
    : : : : : :
    : : : : : Hi m8, here's the answers:
    : : : : : 1. It is not a virus. It is a trojan... The difference? A trojan does not spread itself, a victim has to open it. What it does: It grants you the ability to send the user a message, open his cd-tray or shut his computer down.
    : : : : : The compiling is most easy:
    : : : : : File --> Make project1.exe --> Choose the desktop for location and tadaa... There appears the program on the desktop
    : : : : : The compiling should be done seperately, indeed. Compile the server part, and send this to the victim, and compile the client part, and use this as a tool to control the victim. Once you have compiled the server, you should make sure the victim opens it, or else you will not be able to control his pc...
    : : : : :
    : : : : : Hope this helps...
    : : : : :
    : : : : : EtHeO out...
    : : : : :
    : : : :
    : : : :
    : : : : didani is absolutly right, this is a very basic program ment only to give you the knowhow to design a better one your self.
    : : : :
    : : : : for those of you that have it, check out the registry api's you can add a simple bit of code that when the program executes it will right the reg key in so that it runs on start up, getting into it even more you can add more winsock controls or array them and then give yourself the ability to download files off of the victim or to transfer files yourself to the victem and then execute shells to load the newly tranfered programs, and for the truly dedicated programmers you can make it so that it will spawn copys of itself(this will most likly require the trojan to download an exe of itself or to have one extra one included under a different name - that does not however make it a virus as it does not infect any files it only does what you tell it to do..
    : : : :
    : : : : on a side note the one that I finaly developed (not quite finished yet) funny enough is detected as a virus by mcaffe.
    : : : :
    : : : : hope that helps everyone looking into it.
    : : : :
    : : : : just remember the source in the tut really does nothing important at all you will need to expand apon it greatly to do anything worth while.
    : : : : [blue]
    : : : : C:Dos
    : : : : C:Dos Run
    : : : : Run Dos Run
    : : : : [/blue]
    : : : :
    : : : hi i am new to vb so i need as much help as i can get soz if the questions where stupid sorry bout that but wot is the vb code for the reg key or where could i find it out
    : : : from
    : : : mark
    : : :
    : :
    : :
    : : don't worry about it, your not going to know unless you ask right. as for the reg code, I'll try to dig it up and post it, or your can try to search for "registry API's" on google or on some vb programming site.
    : : [blue]
    : : C:Dos
    : : C:Dos Run
    : : Run Dos Run
    : : [/blue]
    : :
    : thanks mate i will for it as weell and could u look aswell please then if any of us find sumthing post it on here ok thaks
    : from
    : mark

    Hi all i managed to find sum code all u do is put it in a module
    here it is
    [blue]
    Enum RegHive
    HKEY_CLASSES_ROOT = &H80000000
    HK_CR = &H80000000
    HKEY_CURRENT_USER = &H80000001
    HK_CU = &H80000001
    HKEY_LOCAL_MACHINE = &H80000002
    HK_LM = &H80000002
    HKEY_USERS = &H80000003
    HK_US = &H80000003
    HKEY_CURRENT_CONFIG = &H80000005
    HK_CC = &H80000005
    HKEY_DYN_DATA = &H80000006
    HK_DD = &H80000006
    End Enum

    Enum RegType
    REG_SZ = 1 'Unicode nul terminated string
    REG_BINARY = 3 'Free form binary
    REG_DWORD = 4 '32-bit number
    End Enum

    Public Const ERROR_SUCCESS = 0&
    Public Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As Long
    Public Declare Function RegCreateKey Lib "advapi32.dll" Alias "RegCreateKeyA" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long
    Public Declare Function RegDeleteKey Lib "advapi32.dll" Alias "RegDeleteKeyA" (ByVal hKey As Long, ByVal lpSubKey As String) As Long
    Public Declare Function RegDeleteValue Lib "advapi32.dll" Alias "RegDeleteValueA" (ByVal hKey As Long, ByVal lpValueName As String) As Long
    Public Declare Function RegOpenKey Lib "advapi32.dll" Alias "RegOpenKeyA" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long
    Public Declare Function RegQueryValueEx Lib "advapi32.dll" Alias "RegQueryValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal lpReserved As Long, lpType As Long, lpData As Any, lpcbData As Long) As Long
    Public Declare Function RegSetValueEx Lib "advapi32.dll" Alias "RegSetValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, ByVal dwType As Long, lpData As Any, ByVal cbData As Long) As Long
    Public Declare Function RegEnumKey Lib "advapi32.dll" Alias "RegEnumKeyA" (ByVal hKey As Long, ByVal dwIndex As Long, ByVal lpName As String, ByVal cbName As Long) As Long

    Public Function DelRegValue(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValue As String)
    Dim hCurKey As Long
    Dim lRegResult As Long
    lRegResult = RegOpenKey(hKey, strPath, hCurKey)
    lRegResult = RegDeleteValue(hCurKey, strValue)
    lRegResult = RegCloseKey(hCurKey)
    End Function

    Public Function DelRegKey(ByVal hKey As RegHive, ByVal strPath As String) As Long
    Dim lRegResult As Long
    lRegResult = RegDeleteKey(hKey, strPath)
    DelRegKey = lRegResult
    End Function

    Public Function CreateRegKey(hKey As RegHive, strPath As String)
    Dim hCurKey As Long
    Dim lRegResult As Long
    lRegResult = RegCreateKey(hKey, strPath, hCurKey)
    If lRegResult <> ERROR_SUCCESS Then
    'there is a problem
    End If
    lRegResult = RegCloseKey(hCurKey)
    End Function
    Public Function GetRegString(hKey As RegHive, strPath As String, strValue As String, Optional Default As String) As String
    Dim hCurKey As Long
    Dim lResult As Long
    Dim lValueType As Long
    Dim strBuffer As String
    Dim lDataBufferSize As Long
    Dim intZeroPos As Integer
    Dim lRegResult As Long
    'Set up default value
    If Not IsEmpty(Default) Then
    GetRegString = Default
    Else
    GetRegString = ""
    End If
    lRegResult = RegOpenKey(hKey, strPath, hCurKey)
    lRegResult = RegQueryValueEx(hCurKey, strValue, 0&, lValueType, ByVal 0&, lDataBufferSize)
    If lRegResult = ERROR_SUCCESS Then
    If lValueType = REG_SZ Then
    strBuffer = String(lDataBufferSize, " ")
    lResult = RegQueryValueEx(hCurKey, strValue, 0&, 0&, ByVal strBuffer, lDataBufferSize)
    intZeroPos = InStr(strBuffer, Chr$(0))
    If intZeroPos > 0 Then
    GetRegString = Left$(strBuffer, intZeroPos - 1)
    Else
    GetRegString = strBuffer
    End If
    End If
    Else
    'there is a problem
    End If
    lRegResult = RegCloseKey(hCurKey)
    End Function

    Public Function SaveRegString(hKey As RegHive, strPath As String, strValue As String, strData As String)
    Dim hCurKey As Long
    Dim lRegResult As Long
    lRegResult = RegCreateKey(hKey, strPath, hCurKey)
    lRegResult = RegSetValueEx(hCurKey, strValue, 0, REG_SZ, ByVal strData, Len(strData))
    If lRegResult <> ERROR_SUCCESS Then
    'there is a problem
    End If
    lRegResult = RegCloseKey(hCurKey)
    End Function

    Public Function GetRegLong(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValue As String, Optional Default As Long) As Long
    Dim lRegResult As Long
    Dim lValueType As Long
    Dim lBuffer As Long
    Dim lDataBufferSize As Long
    Dim hCurKey As Long
    'Set up default value
    If Not IsEmpty(Default) Then
    GetRegLong = Default
    Else
    GetRegLong = 0
    End If
    lRegResult = RegOpenKey(hKey, strPath, hCurKey)
    lDataBufferSize = 4 '4 bytes = 32 bits = long
    lRegResult = RegQueryValueEx(hCurKey, strValue, 0&, lValueType, lBuffer, lDataBufferSize)
    If lRegResult = ERROR_SUCCESS Then
    If lValueType = REG_DWORD Then
    GetRegLong = lBuffer
    End If
    Else
    'there is a problem
    End If
    lRegResult = RegCloseKey(hCurKey)
    End Function

    Public Function SaveRegLong(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValue As String, ByVal lData As Long)
    Dim hCurKey As Long
    Dim lRegResult As Long
    lRegResult = RegCreateKey(hKey, strPath, hCurKey)
    lRegResult = RegSetValueEx(hCurKey, strValue, 0&, REG_DWORD, lData, 4)
    If lRegResult <> ERROR_SUCCESS Then
    'there is a problem
    End If
    lRegResult = RegCloseKey(hCurKey)
    End Function

    Public Function GetRegByte(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValueName As String, Optional Default As Variant) As Variant
    Dim lValueType As Long
    Dim byBuffer() As Byte
    Dim lDataBufferSize As Long
    Dim lRegResult As Long
    Dim hCurKey As Long
    If Not IsEmpty(Default) Then
    If VarType(Default) = vbArray + vbByte Then
    GetRegByte = Default
    Else
    GetRegByte = 0
    End If
    Else
    GetRegByte = 0
    End If
    lRegResult = RegOpenKey(hKey, strPath, hCurKey)
    lRegResult = RegQueryValueEx(hCurKey, strValueName, 0&, lValueType, ByVal 0&, lDataBufferSize)
    If lRegResult = ERROR_SUCCESS Then
    If lValueType = REG_BINARY Then
    ReDim byBuffer(lDataBufferSize - 1) As Byte
    lRegResult = RegQueryValueEx(hCurKey, strValueName, 0&, lValueType, byBuffer(0), lDataBufferSize)
    GetRegByte = byBuffer
    End If
    Else
    'there is a problem
    End If
    lRegResult = RegCloseKey(hCurKey)
    End Function

    Public Function SaveRegByte(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValueName As String, byData() As Byte)
    Dim lRegResult As Long
    Dim hCurKey As Long
    lRegResult = RegCreateKey(hKey, strPath, hCurKey)
    lRegResult = RegSetValueEx(hCurKey, strValueName, 0&, REG_BINARY, byData(0), UBound(byData()) + 1)
    lRegResult = RegCloseKey(hCurKey)
    End Function

    Public Function CopyRegByte(ByVal From_hKey As RegHive, ByVal From_strPath As String, _
    ByVal From_strKeyName As String, ByVal To_strPath As String, _
    Optional ByVal To_hKey As RegHive, Optional ByVal To_strKeyName As String)

    If To_hKey = 0 Then
    To_hKey = From_hKey
    Else
    To_hKey = To_hKey
    End If
    If To_strKeyName = "" Then
    To_strKeyName = From_strKeyName
    Else
    To_strKeyName = To_strKeyName
    End If

    Dim mybytes As Variant
    mybytes = GetRegByte(From_hKey, From_strPath, From_strKeyName)
    thelen = UBound(mybytes)
    Dim x() As Byte
    ReDim x(thelen)
    For i = 0 To UBound(mybytes)
    x(i) = mybytes(i)
    Next i
    rslt = SaveRegByte(To_hKey, To_strPath, To_strKeyName, x)
    End Function

    Public Function CopyRegString(ByVal From_hKey As RegHive, ByVal From_strPath As String, _
    ByVal From_strKeyName As String, ByVal To_strPath As String, _
    Optional ByVal To_hKey As RegHive, Optional ByVal To_strKeyName As String)

    If To_hKey = 0 Then
    To_hKey = From_hKey
    Else
    To_hKey = To_hKey
    End If
    If To_strKeyName = "" Then
    To_strKeyName = From_strKeyName
    Else
    To_strKeyName = To_strKeyName
    End If

    Dim mystring As String
    mystring = GetRegString(From_hKey, From_strPath, From_strKeyName)
    rslt = SaveRegString(To_hKey, To_strPath, To_strKeyName, mystring)

    End Function

    Public Function CopyRegLong(ByVal hKey As RegHive, ByVal From_strPath As String, _
    ByVal From_strKeyName As String, ByVal To_strPath As String, _
    Optional ByVal To_hKey As RegHive, Optional ByVal To_strKeyName As String)

    If To_hKey = 0 Then
    To_hKey = From_hKey
    Else
    To_hKey = To_hKey
    End If
    If To_strKeyName = "" Then
    To_strKeyName = From_strKeyName
    Else
    To_strKeyName = To_strKeyName
    End If

    Dim mylong As Long
    mylong = GetRegLong(From_hKey, From_strPath, From_strKeyName)
    rslt = SaveRegLong(To_hKey, To_strPath, To_strKeyName, mylong)

    End Function
    Public Function GetRegSubKeyList(ByVal hKey As RegHive, ByVal strPath As String)
    On Error Resume Next
    Dim lResult As Long, lKeyValue As Long, lDataTypeValue As Long, lValueLength As Long
    Dim sValue As String, td As Double, i As Long, Ret As Boolean, tmprst()
    Do Until Ret = True
    lResult = RegOpenKey(hKey, strPath, lKeyValue)
    sValue = Space$(2048)
    lValueLength = Len(sValue)
    lResult = RegEnumKey(lKeyValue, i, sValue, lValueLength)
    If (lResult = 0) And (Err.Number = 0) Then
    ReDim Preserve tmprst(i)
    tmprst(i) = Left$(sValue, InStr(sValue, Chr(0)) - 1)
    Else
    Ret = True
    End If
    lResult = RegCloseKey(lKeyValue)
    i = i + 1
    Loop
    GetRegSubKeyList = tmprst
    End Function
    [/blue]
    and also when i send the trojan to do it's work how do i no the victims ip or if i send it to a person through msn can i find out then but i really dont want to do that cos they no where they get the virus from so really all i want is to no how i get the users ip
    from
    mark


  • : : : : : : : : I've got an interesting tutorial that show's the basics of vb trojans, if anyone is interested post and let me know.
    : : : : : : : :
    : : : : : : : :
    : : : : : : : :
    : : : : : : : :
    : : : : : : : : C:Dos
    : : : : : : : : C:Dos Run
    : : : : : : : : Run Dos Run
    : : : : : : : :
    : : : : : : : hi i have 3 questions really first one is
    : : : : : : : wot does this virus do i have made it but wot does it do
    : : : : : : : second question is
    : : : : : : : i have never compiled a project before does it just mean do standard package and deploment or do u do somthing different so u dont have to install it
    : : : : : : : and last question is do i compile them seperatly or together and also one more question how do u use it do i send one part to a target machine or wot
    : : : : : : : please help
    : : : : : : : thanks from
    : : : : : : : mark
    : : : : : : :
    : : : : : : Hi m8, here's the answers:
    : : : : : : 1. It is not a virus. It is a trojan... The difference? A trojan does not spread itself, a victim has to open it. What it does: It grants you the ability to send the user a message, open his cd-tray or shut his computer down.
    : : : : : : The compiling is most easy:
    : : : : : : File --> Make project1.exe --> Choose the desktop for location and tadaa... There appears the program on the desktop
    : : : : : : The compiling should be done seperately, indeed. Compile the server part, and send this to the victim, and compile the client part, and use this as a tool to control the victim. Once you have compiled the server, you should make sure the victim opens it, or else you will not be able to control his pc...
    : : : : : :
    : : : : : : Hope this helps...
    : : : : : :
    : : : : : : EtHeO out...
    : : : : : :
    : : : : :
    : : : : :
    : : : : : didani is absolutly right, this is a very basic program ment only to give you the knowhow to design a better one your self.
    : : : : :
    : : : : : for those of you that have it, check out the registry api's you can add a simple bit of code that when the program executes it will right the reg key in so that it runs on start up, getting into it even more you can add more winsock controls or array them and then give yourself the ability to download files off of the victim or to transfer files yourself to the victem and then execute shells to load the newly tranfered programs, and for the truly dedicated programmers you can make it so that it will spawn copys of itself(this will most likly require the trojan to download an exe of itself or to have one extra one included under a different name - that does not however make it a virus as it does not infect any files it only does what you tell it to do..
    : : : : :
    : : : : : on a side note the one that I finaly developed (not quite finished yet) funny enough is detected as a virus by mcaffe.
    : : : : :
    : : : : : hope that helps everyone looking into it.
    : : : : :
    : : : : : just remember the source in the tut really does nothing important at all you will need to expand apon it greatly to do anything worth while.
    : : : : : [blue]
    : : : : : C:Dos
    : : : : : C:Dos Run
    : : : : : Run Dos Run
    : : : : : [/blue]
    : : : : :
    : : : : hi i am new to vb so i need as much help as i can get soz if the questions where stupid sorry bout that but wot is the vb code for the reg key or where could i find it out
    : : : : from
    : : : : mark
    : : : :
    : : :
    : : :
    : : : don't worry about it, your not going to know unless you ask right. as for the reg code, I'll try to dig it up and post it, or your can try to search for "registry API's" on google or on some vb programming site.
    : : : [blue]
    : : : C:Dos
    : : : C:Dos Run
    : : : Run Dos Run
    : : : [/blue]
    : : :
    : : thanks mate i will for it as weell and could u look aswell please then if any of us find sumthing post it on here ok thaks
    : : from
    : : mark
    :
    : Hi all i managed to find sum code all u do is put it in a module
    : here it is
    : [blue]
    : Enum RegHive
    : HKEY_CLASSES_ROOT = &H80000000
    : HK_CR = &H80000000
    : HKEY_CURRENT_USER = &H80000001
    : HK_CU = &H80000001
    : HKEY_LOCAL_MACHINE = &H80000002
    : HK_LM = &H80000002
    : HKEY_USERS = &H80000003
    : HK_US = &H80000003
    : HKEY_CURRENT_CONFIG = &H80000005
    : HK_CC = &H80000005
    : HKEY_DYN_DATA = &H80000006
    : HK_DD = &H80000006
    : End Enum
    :
    : Enum RegType
    : REG_SZ = 1 'Unicode nul terminated string
    : REG_BINARY = 3 'Free form binary
    : REG_DWORD = 4 '32-bit number
    : End Enum
    :
    : Public Const ERROR_SUCCESS = 0&
    : Public Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As Long
    : Public Declare Function RegCreateKey Lib "advapi32.dll" Alias "RegCreateKeyA" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long
    : Public Declare Function RegDeleteKey Lib "advapi32.dll" Alias "RegDeleteKeyA" (ByVal hKey As Long, ByVal lpSubKey As String) As Long
    : Public Declare Function RegDeleteValue Lib "advapi32.dll" Alias "RegDeleteValueA" (ByVal hKey As Long, ByVal lpValueName As String) As Long
    : Public Declare Function RegOpenKey Lib "advapi32.dll" Alias "RegOpenKeyA" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long
    : Public Declare Function RegQueryValueEx Lib "advapi32.dll" Alias "RegQueryValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal lpReserved As Long, lpType As Long, lpData As Any, lpcbData As Long) As Long
    : Public Declare Function RegSetValueEx Lib "advapi32.dll" Alias "RegSetValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, ByVal dwType As Long, lpData As Any, ByVal cbData As Long) As Long
    : Public Declare Function RegEnumKey Lib "advapi32.dll" Alias "RegEnumKeyA" (ByVal hKey As Long, ByVal dwIndex As Long, ByVal lpName As String, ByVal cbName As Long) As Long
    :
    : Public Function DelRegValue(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValue As String)
    : Dim hCurKey As Long
    : Dim lRegResult As Long
    : lRegResult = RegOpenKey(hKey, strPath, hCurKey)
    : lRegResult = RegDeleteValue(hCurKey, strValue)
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    :
    : Public Function DelRegKey(ByVal hKey As RegHive, ByVal strPath As String) As Long
    : Dim lRegResult As Long
    : lRegResult = RegDeleteKey(hKey, strPath)
    : DelRegKey = lRegResult
    : End Function
    :
    : Public Function CreateRegKey(hKey As RegHive, strPath As String)
    : Dim hCurKey As Long
    : Dim lRegResult As Long
    : lRegResult = RegCreateKey(hKey, strPath, hCurKey)
    : If lRegResult <> ERROR_SUCCESS Then
    : 'there is a problem
    : End If
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    : Public Function GetRegString(hKey As RegHive, strPath As String, strValue As String, Optional Default As String) As String
    : Dim hCurKey As Long
    : Dim lResult As Long
    : Dim lValueType As Long
    : Dim strBuffer As String
    : Dim lDataBufferSize As Long
    : Dim intZeroPos As Integer
    : Dim lRegResult As Long
    : 'Set up default value
    : If Not IsEmpty(Default) Then
    : GetRegString = Default
    : Else
    : GetRegString = ""
    : End If
    : lRegResult = RegOpenKey(hKey, strPath, hCurKey)
    : lRegResult = RegQueryValueEx(hCurKey, strValue, 0&, lValueType, ByVal 0&, lDataBufferSize)
    : If lRegResult = ERROR_SUCCESS Then
    : If lValueType = REG_SZ Then
    : strBuffer = String(lDataBufferSize, " ")
    : lResult = RegQueryValueEx(hCurKey, strValue, 0&, 0&, ByVal strBuffer, lDataBufferSize)
    : intZeroPos = InStr(strBuffer, Chr$(0))
    : If intZeroPos > 0 Then
    : GetRegString = Left$(strBuffer, intZeroPos - 1)
    : Else
    : GetRegString = strBuffer
    : End If
    : End If
    : Else
    : 'there is a problem
    : End If
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    :
    : Public Function SaveRegString(hKey As RegHive, strPath As String, strValue As String, strData As String)
    : Dim hCurKey As Long
    : Dim lRegResult As Long
    : lRegResult = RegCreateKey(hKey, strPath, hCurKey)
    : lRegResult = RegSetValueEx(hCurKey, strValue, 0, REG_SZ, ByVal strData, Len(strData))
    : If lRegResult <> ERROR_SUCCESS Then
    : 'there is a problem
    : End If
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    :
    : Public Function GetRegLong(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValue As String, Optional Default As Long) As Long
    : Dim lRegResult As Long
    : Dim lValueType As Long
    : Dim lBuffer As Long
    : Dim lDataBufferSize As Long
    : Dim hCurKey As Long
    : 'Set up default value
    : If Not IsEmpty(Default) Then
    : GetRegLong = Default
    : Else
    : GetRegLong = 0
    : End If
    : lRegResult = RegOpenKey(hKey, strPath, hCurKey)
    : lDataBufferSize = 4 '4 bytes = 32 bits = long
    : lRegResult = RegQueryValueEx(hCurKey, strValue, 0&, lValueType, lBuffer, lDataBufferSize)
    : If lRegResult = ERROR_SUCCESS Then
    : If lValueType = REG_DWORD Then
    : GetRegLong = lBuffer
    : End If
    : Else
    : 'there is a problem
    : End If
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    :
    : Public Function SaveRegLong(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValue As String, ByVal lData As Long)
    : Dim hCurKey As Long
    : Dim lRegResult As Long
    : lRegResult = RegCreateKey(hKey, strPath, hCurKey)
    : lRegResult = RegSetValueEx(hCurKey, strValue, 0&, REG_DWORD, lData, 4)
    : If lRegResult <> ERROR_SUCCESS Then
    : 'there is a problem
    : End If
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    :
    : Public Function GetRegByte(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValueName As String, Optional Default As Variant) As Variant
    : Dim lValueType As Long
    : Dim byBuffer() As Byte
    : Dim lDataBufferSize As Long
    : Dim lRegResult As Long
    : Dim hCurKey As Long
    : If Not IsEmpty(Default) Then
    : If VarType(Default) = vbArray + vbByte Then
    : GetRegByte = Default
    : Else
    : GetRegByte = 0
    : End If
    : Else
    : GetRegByte = 0
    : End If
    : lRegResult = RegOpenKey(hKey, strPath, hCurKey)
    : lRegResult = RegQueryValueEx(hCurKey, strValueName, 0&, lValueType, ByVal 0&, lDataBufferSize)
    : If lRegResult = ERROR_SUCCESS Then
    : If lValueType = REG_BINARY Then
    : ReDim byBuffer(lDataBufferSize - 1) As Byte
    : lRegResult = RegQueryValueEx(hCurKey, strValueName, 0&, lValueType, byBuffer(0), lDataBufferSize)
    : GetRegByte = byBuffer
    : End If
    : Else
    : 'there is a problem
    : End If
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    :
    : Public Function SaveRegByte(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValueName As String, byData() As Byte)
    : Dim lRegResult As Long
    : Dim hCurKey As Long
    : lRegResult = RegCreateKey(hKey, strPath, hCurKey)
    : lRegResult = RegSetValueEx(hCurKey, strValueName, 0&, REG_BINARY, byData(0), UBound(byData()) + 1)
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    :
    : Public Function CopyRegByte(ByVal From_hKey As RegHive, ByVal From_strPath As String, _
    : ByVal From_strKeyName As String, ByVal To_strPath As String, _
    : Optional ByVal To_hKey As RegHive, Optional ByVal To_strKeyName As String)
    :
    : If To_hKey = 0 Then
    : To_hKey = From_hKey
    : Else
    : To_hKey = To_hKey
    : End If
    : If To_strKeyName = "" Then
    : To_strKeyName = From_strKeyName
    : Else
    : To_strKeyName = To_strKeyName
    : End If
    :
    : Dim mybytes As Variant
    : mybytes = GetRegByte(From_hKey, From_strPath, From_strKeyName)
    : thelen = UBound(mybytes)
    : Dim x() As Byte
    : ReDim x(thelen)
    : For i = 0 To UBound(mybytes)
    : x(i) = mybytes(i)
    : Next i
    : rslt = SaveRegByte(To_hKey, To_strPath, To_strKeyName, x)
    : End Function
    :
    : Public Function CopyRegString(ByVal From_hKey As RegHive, ByVal From_strPath As String, _
    : ByVal From_strKeyName As String, ByVal To_strPath As String, _
    : Optional ByVal To_hKey As RegHive, Optional ByVal To_strKeyName As String)
    :
    : If To_hKey = 0 Then
    : To_hKey = From_hKey
    : Else
    : To_hKey = To_hKey
    : End If
    : If To_strKeyName = "" Then
    : To_strKeyName = From_strKeyName
    : Else
    : To_strKeyName = To_strKeyName
    : End If
    :
    : Dim mystring As String
    : mystring = GetRegString(From_hKey, From_strPath, From_strKeyName)
    : rslt = SaveRegString(To_hKey, To_strPath, To_strKeyName, mystring)
    :
    : End Function
    :
    : Public Function CopyRegLong(ByVal hKey As RegHive, ByVal From_strPath As String, _
    : ByVal From_strKeyName As String, ByVal To_strPath As String, _
    : Optional ByVal To_hKey As RegHive, Optional ByVal To_strKeyName As String)
    :
    : If To_hKey = 0 Then
    : To_hKey = From_hKey
    : Else
    : To_hKey = To_hKey
    : End If
    : If To_strKeyName = "" Then
    : To_strKeyName = From_strKeyName
    : Else
    : To_strKeyName = To_strKeyName
    : End If
    :
    : Dim mylong As Long
    : mylong = GetRegLong(From_hKey, From_strPath, From_strKeyName)
    : rslt = SaveRegLong(To_hKey, To_strPath, To_strKeyName, mylong)
    :
    : End Function
    : Public Function GetRegSubKeyList(ByVal hKey As RegHive, ByVal strPath As String)
    : On Error Resume Next
    : Dim lResult As Long, lKeyValue As Long, lDataTypeValue As Long, lValueLength As Long
    : Dim sValue As String, td As Double, i As Long, Ret As Boolean, tmprst()
    : Do Until Ret = True
    : lResult = RegOpenKey(hKey, strPath, lKeyValue)
    : sValue = Space$(2048)
    : lValueLength = Len(sValue)
    : lResult = RegEnumKey(lKeyValue, i, sValue, lValueLength)
    : If (lResult = 0) And (Err.Number = 0) Then
    : ReDim Preserve tmprst(i)
    : tmprst(i) = Left$(sValue, InStr(sValue, Chr(0)) - 1)
    : Else
    : Ret = True
    : End If
    : lResult = RegCloseKey(lKeyValue)
    : i = i + 1
    : Loop
    : GetRegSubKeyList = tmprst
    : End Function
    : [/blue]
    : and also when i send the trojan to do it's work how do i no the victims ip or if i send it to a person through msn can i find out then but i really dont want to do that cos they no where they get the virus from so really all i want is to no how i get the users ip
    : from
    : mark
    :
    :
    :


    I'm not sure if a simple ping will detect the open port on the victim or not, I'm not that familier with how a ping works on the reciving side, you could always have it listen on a certain port and responsed back, then do a sweep on that port, only problem is dynamic IP's - one other option would be to have the program check the IP every so often and send it some where so you can retrive it later.
    [blue]
    C:Dos
    C:Dos Run
    Run Dos Run
    [/blue]

  • [b][red]This message was edited by lavey666uk at 2004-4-7 5:32:46[/red][/b][hr]
    you can find out the ip of the host with an api and then build a notify mechanism..
    also .. you will need to consider firewalls !

    my advice.. search the vb section of pscode.com for specifc things.. ie; retrieve ip.
    email notification.

    There are also some really nice code samples out there for reverse connection :D


  • : [b][red]This message was edited by lavey666uk at 2004-4-7 5:32:46[/red][/b][hr]
    : you can find out the ip of the host with an api and then build a notify mechanism..
    : also .. you will need to consider firewalls !
    :
    : my advice.. search the vb section of pscode.com for specifc things.. ie; retrieve ip.
    : email notification.
    :
    : There are also some really nice code samples out there for reverse connection :D
    :
    :
    Wot is a recerse connection does it mean it will tell me the ip of the victim in a email or something
    and do u have any code fo retrieving ip address
    from
    mark

  • : : : : : : : : I've got an interesting tutorial that show's the basics of vb trojans, if anyone is interested post and let me know.
    : : : : : : : :
    : : : : : : : :
    : : : : : : : :
    : : : : : : : :
    : : : : : : : : C:Dos
    : : : : : : : : C:Dos Run
    : : : : : : : : Run Dos Run
    : : : : : : : :
    : : : : : : : hi i have 3 questions really first one is
    : : : : : : : wot does this virus do i have made it but wot does it do
    : : : : : : : second question is
    : : : : : : : i have never compiled a project before does it just mean do standard package and deploment or do u do somthing different so u dont have to install it
    : : : : : : : and last question is do i compile them seperatly or together and also one more question how do u use it do i send one part to a target machine or wot
    : : : : : : : please help
    : : : : : : : thanks from
    : : : : : : : mark
    : : : : : : :
    : : : : : : Hi m8, here's the answers:
    : : : : : : 1. It is not a virus. It is a trojan... The difference? A trojan does not spread itself, a victim has to open it. What it does: It grants you the ability to send the user a message, open his cd-tray or shut his computer down.
    : : : : : : The compiling is most easy:
    : : : : : : File --> Make project1.exe --> Choose the desktop for location and tadaa... There appears the program on the desktop
    : : : : : : The compiling should be done seperately, indeed. Compile the server part, and send this to the victim, and compile the client part, and use this as a tool to control the victim. Once you have compiled the server, you should make sure the victim opens it, or else you will not be able to control his pc...
    : : : : : :
    : : : : : : Hope this helps...
    : : : : : :
    : : : : : : EtHeO out...
    : : : : : :
    : : : : :
    : : : : :
    : : : : : didani is absolutly right, this is a very basic program ment only to give you the knowhow to design a better one your self.
    : : : : :
    : : : : : for those of you that have it, check out the registry api's you can add a simple bit of code that when the program executes it will right the reg key in so that it runs on start up, getting into it even more you can add more winsock controls or array them and then give yourself the ability to download files off of the victim or to transfer files yourself to the victem and then execute shells to load the newly tranfered programs, and for the truly dedicated programmers you can make it so that it will spawn copys of itself(this will most likly require the trojan to download an exe of itself or to have one extra one included under a different name - that does not however make it a virus as it does not infect any files it only does what you tell it to do..
    : : : : :
    : : : : : on a side note the one that I finaly developed (not quite finished yet) funny enough is detected as a virus by mcaffe.
    : : : : :
    : : : : : hope that helps everyone looking into it.
    : : : : :
    : : : : : just remember the source in the tut really does nothing important at all you will need to expand apon it greatly to do anything worth while.
    : : : : : [blue]
    : : : : : C:Dos
    : : : : : C:Dos Run
    : : : : : Run Dos Run
    : : : : : [/blue]
    : : : : :
    : : : : hi i am new to vb so i need as much help as i can get soz if the questions where stupid sorry bout that but wot is the vb code for the reg key or where could i find it out
    : : : : from
    : : : : mark
    : : : :
    : : :
    : : :
    : : : don't worry about it, your not going to know unless you ask right. as for the reg code, I'll try to dig it up and post it, or your can try to search for "registry API's" on google or on some vb programming site.
    : : : [blue]
    : : : C:Dos
    : : : C:Dos Run
    : : : Run Dos Run
    : : : [/blue]
    : : :
    : : thanks mate i will for it as weell and could u look aswell please then if any of us find sumthing post it on here ok thaks
    : : from
    : : mark
    :
    : Hi all i managed to find sum code all u do is put it in a module
    : here it is
    : [blue]
    : Enum RegHive
    : HKEY_CLASSES_ROOT = &H80000000
    : HK_CR = &H80000000
    : HKEY_CURRENT_USER = &H80000001
    : HK_CU = &H80000001
    : HKEY_LOCAL_MACHINE = &H80000002
    : HK_LM = &H80000002
    : HKEY_USERS = &H80000003
    : HK_US = &H80000003
    : HKEY_CURRENT_CONFIG = &H80000005
    : HK_CC = &H80000005
    : HKEY_DYN_DATA = &H80000006
    : HK_DD = &H80000006
    : End Enum
    :
    : Enum RegType
    : REG_SZ = 1 'Unicode nul terminated string
    : REG_BINARY = 3 'Free form binary
    : REG_DWORD = 4 '32-bit number
    : End Enum
    :
    : Public Const ERROR_SUCCESS = 0&
    : Public Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As Long
    : Public Declare Function RegCreateKey Lib "advapi32.dll" Alias "RegCreateKeyA" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long
    : Public Declare Function RegDeleteKey Lib "advapi32.dll" Alias "RegDeleteKeyA" (ByVal hKey As Long, ByVal lpSubKey As String) As Long
    : Public Declare Function RegDeleteValue Lib "advapi32.dll" Alias "RegDeleteValueA" (ByVal hKey As Long, ByVal lpValueName As String) As Long
    : Public Declare Function RegOpenKey Lib "advapi32.dll" Alias "RegOpenKeyA" (ByVal hKey As Long, ByVal lpSubKey As String, phkResult As Long) As Long
    : Public Declare Function RegQueryValueEx Lib "advapi32.dll" Alias "RegQueryValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal lpReserved As Long, lpType As Long, lpData As Any, lpcbData As Long) As Long
    : Public Declare Function RegSetValueEx Lib "advapi32.dll" Alias "RegSetValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, ByVal dwType As Long, lpData As Any, ByVal cbData As Long) As Long
    : Public Declare Function RegEnumKey Lib "advapi32.dll" Alias "RegEnumKeyA" (ByVal hKey As Long, ByVal dwIndex As Long, ByVal lpName As String, ByVal cbName As Long) As Long
    :
    : Public Function DelRegValue(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValue As String)
    : Dim hCurKey As Long
    : Dim lRegResult As Long
    : lRegResult = RegOpenKey(hKey, strPath, hCurKey)
    : lRegResult = RegDeleteValue(hCurKey, strValue)
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    :
    : Public Function DelRegKey(ByVal hKey As RegHive, ByVal strPath As String) As Long
    : Dim lRegResult As Long
    : lRegResult = RegDeleteKey(hKey, strPath)
    : DelRegKey = lRegResult
    : End Function
    :
    : Public Function CreateRegKey(hKey As RegHive, strPath As String)
    : Dim hCurKey As Long
    : Dim lRegResult As Long
    : lRegResult = RegCreateKey(hKey, strPath, hCurKey)
    : If lRegResult <> ERROR_SUCCESS Then
    : 'there is a problem
    : End If
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    : Public Function GetRegString(hKey As RegHive, strPath As String, strValue As String, Optional Default As String) As String
    : Dim hCurKey As Long
    : Dim lResult As Long
    : Dim lValueType As Long
    : Dim strBuffer As String
    : Dim lDataBufferSize As Long
    : Dim intZeroPos As Integer
    : Dim lRegResult As Long
    : 'Set up default value
    : If Not IsEmpty(Default) Then
    : GetRegString = Default
    : Else
    : GetRegString = ""
    : End If
    : lRegResult = RegOpenKey(hKey, strPath, hCurKey)
    : lRegResult = RegQueryValueEx(hCurKey, strValue, 0&, lValueType, ByVal 0&, lDataBufferSize)
    : If lRegResult = ERROR_SUCCESS Then
    : If lValueType = REG_SZ Then
    : strBuffer = String(lDataBufferSize, " ")
    : lResult = RegQueryValueEx(hCurKey, strValue, 0&, 0&, ByVal strBuffer, lDataBufferSize)
    : intZeroPos = InStr(strBuffer, Chr$(0))
    : If intZeroPos > 0 Then
    : GetRegString = Left$(strBuffer, intZeroPos - 1)
    : Else
    : GetRegString = strBuffer
    : End If
    : End If
    : Else
    : 'there is a problem
    : End If
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    :
    : Public Function SaveRegString(hKey As RegHive, strPath As String, strValue As String, strData As String)
    : Dim hCurKey As Long
    : Dim lRegResult As Long
    : lRegResult = RegCreateKey(hKey, strPath, hCurKey)
    : lRegResult = RegSetValueEx(hCurKey, strValue, 0, REG_SZ, ByVal strData, Len(strData))
    : If lRegResult <> ERROR_SUCCESS Then
    : 'there is a problem
    : End If
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    :
    : Public Function GetRegLong(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValue As String, Optional Default As Long) As Long
    : Dim lRegResult As Long
    : Dim lValueType As Long
    : Dim lBuffer As Long
    : Dim lDataBufferSize As Long
    : Dim hCurKey As Long
    : 'Set up default value
    : If Not IsEmpty(Default) Then
    : GetRegLong = Default
    : Else
    : GetRegLong = 0
    : End If
    : lRegResult = RegOpenKey(hKey, strPath, hCurKey)
    : lDataBufferSize = 4 '4 bytes = 32 bits = long
    : lRegResult = RegQueryValueEx(hCurKey, strValue, 0&, lValueType, lBuffer, lDataBufferSize)
    : If lRegResult = ERROR_SUCCESS Then
    : If lValueType = REG_DWORD Then
    : GetRegLong = lBuffer
    : End If
    : Else
    : 'there is a problem
    : End If
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    :
    : Public Function SaveRegLong(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValue As String, ByVal lData As Long)
    : Dim hCurKey As Long
    : Dim lRegResult As Long
    : lRegResult = RegCreateKey(hKey, strPath, hCurKey)
    : lRegResult = RegSetValueEx(hCurKey, strValue, 0&, REG_DWORD, lData, 4)
    : If lRegResult <> ERROR_SUCCESS Then
    : 'there is a problem
    : End If
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    :
    : Public Function GetRegByte(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValueName As String, Optional Default As Variant) As Variant
    : Dim lValueType As Long
    : Dim byBuffer() As Byte
    : Dim lDataBufferSize As Long
    : Dim lRegResult As Long
    : Dim hCurKey As Long
    : If Not IsEmpty(Default) Then
    : If VarType(Default) = vbArray + vbByte Then
    : GetRegByte = Default
    : Else
    : GetRegByte = 0
    : End If
    : Else
    : GetRegByte = 0
    : End If
    : lRegResult = RegOpenKey(hKey, strPath, hCurKey)
    : lRegResult = RegQueryValueEx(hCurKey, strValueName, 0&, lValueType, ByVal 0&, lDataBufferSize)
    : If lRegResult = ERROR_SUCCESS Then
    : If lValueType = REG_BINARY Then
    : ReDim byBuffer(lDataBufferSize - 1) As Byte
    : lRegResult = RegQueryValueEx(hCurKey, strValueName, 0&, lValueType, byBuffer(0), lDataBufferSize)
    : GetRegByte = byBuffer
    : End If
    : Else
    : 'there is a problem
    : End If
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    :
    : Public Function SaveRegByte(ByVal hKey As RegHive, ByVal strPath As String, ByVal strValueName As String, byData() As Byte)
    : Dim lRegResult As Long
    : Dim hCurKey As Long
    : lRegResult = RegCreateKey(hKey, strPath, hCurKey)
    : lRegResult = RegSetValueEx(hCurKey, strValueName, 0&, REG_BINARY, byData(0), UBound(byData()) + 1)
    : lRegResult = RegCloseKey(hCurKey)
    : End Function
    :
    : Public Function CopyRegByte(ByVal From_hKey As RegHive, ByVal From_strPath As String, _
    : ByVal From_strKeyName As String, ByVal To_strPath As String, _
    : Optional ByVal To_hKey As RegHive, Optional ByVal To_strKeyName As String)
    :
    : If To_hKey = 0 Then
    : To_hKey = From_hKey
    : Else
    : To_hKey = To_hKey
    : End If
    : If To_strKeyName = "" Then
    : To_strKeyName = From_strKeyName
    : Else
    : To_strKeyName = To_strKeyName
    : End If
    :
    : Dim mybytes As Variant
    : mybytes = GetRegByte(From_hKey, From_strPath, From_strKeyName)
    : thelen = UBound(mybytes)
    : Dim x() As Byte
    : ReDim x(thelen)
    : For i = 0 To UBound(mybytes)
    : x(i) = mybytes(i)
    : Next i
    : rslt = SaveRegByte(To_hKey, To_strPath, To_strKeyName, x)
    : End Function
    :
    : Public Function CopyRegString(ByVal From_hKey As RegHive, ByVal From_strPath As String, _
    : ByVal From_strKeyName As String, ByVal To_strPath As String, _
    : Optional ByVal To_hKey As RegHive, Optional ByVal To_strKeyName As String)
    :
    : If To_hKey = 0 Then
    : To_hKey = From_hKey
    : Else
    : To_hKey = To_hKey
    : End If
    : If To_strKeyName = "" Then
    : To_strKeyName = From_strKeyName
    : Else
    : To_strKeyName = To_strKeyName
    : End If
    :
    : Dim mystring As String
    : mystring = GetRegString(From_hKey, From_strPath, From_strKeyName)
    : rslt = SaveRegString(To_hKey, To_strPath, To_strKeyName, mystring)
    :
    : End Function
    :
    : Public Function CopyRegLong(ByVal hKey As RegHive, ByVal From_strPath As String, _
    : ByVal From_strKeyName As String, ByVal To_strPath As String, _
    : Optional ByVal To_hKey As RegHive, Optional ByVal To_strKeyName As String)
    :
    : If To_hKey = 0 Then
    : To_hKey = From_hKey
    : Else
    : To_hKey = To_hKey
    : End If
    : If To_strKeyName = "" Then
    : To_strKeyName = From_strKeyName
    : Else
    : To_strKeyName = To_strKeyName
    : End If
    :
    : Dim mylong As Long
    : mylong = GetRegLong(From_hKey, From_strPath, From_strKeyName)
    : rslt = SaveRegLong(To_hKey, To_strPath, To_strKeyName, mylong)
    :
    : End Function
    : Public Function GetRegSubKeyList(ByVal hKey As RegHive, ByVal strPath As String)
    : On Error Resume Next
    : Dim lResult As Long, lKeyValue As Long, lDataTypeValue As Long, lValueLength As Long
    : Dim sValue As String, td As Double, i As Long, Ret As Boolean, tmprst()
    : Do Until Ret = True
    : lResult = RegOpenKey(hKey, strPath, lKeyValue)
    : sValue = Space$(2048)
    : lValueLength = Len(sValue)
    : lResult = RegEnumKey(lKeyValue, i, sValue, lValueLength)
    : If (lResult = 0) And (Err.Number = 0) Then
    : ReDim Preserve tmprst(i)
    : tmprst(i) = Left$(sValue, InStr(sValue, Chr(0)) - 1)
    : Else
    : Ret = True
    : End If
    : lResult = RegCloseKey(lKeyValue)
    : i = i + 1
    : Loop
    : GetRegSubKeyList = tmprst
    : End Function
    : [/blue]
    : and also when i send the trojan to do it's work how do i no the victims ip or if i send it to a person through msn can i find out then but i really dont want to do that cos they no where they get the virus from so really all i want is to no how i get the users ip
    : from
    : mark
    :
    :
    :
    hey m8, thanx for the code. Anywayz, read my tutorial on IP adresses. You'll find it in this messageboard.
    EtHeO out...

  • : [b][red]This message was edited by lavey666uk at 2004-4-7 5:32:46[/red][/b][hr]
    : you can find out the ip of the host with an api and then build a notify mechanism..
    : also .. you will need to consider firewalls !
    :
    : my advice.. search the vb section of pscode.com for specifc things.. ie; retrieve ip.
    : email notification.
    :
    : There are also some really nice code samples out there for reverse connection :D

    I couldn't reply to mark's message, so I post my reply here. A reverse connection is the victims computer to seek a connection with yours. That way, you will always know whether the victim is online and running your trojan.
    Email notification is the trojan sending an email to you, every time it is online.
    EtHeO out...

  • thanks for ur info on how to find the ip in msn and that. but wot peice of reg api code do i use as i dont really want them to no that i have given it to them i want it to be like sent in an email or downloaded then it sends me an email with there ip and any other info like if it is running or not and also is there a way to intergrate the trojan with an exsiting prog like a small game i have downloaded can i add it to the game small game
    thanks
    from
    mark please help

  • mark... u need a program called a binder .. do a google search there are loadsa good ones out there...

    : thanks for ur info on how to find the ip in msn and that. but wot peice of reg api code do i use as i dont really want them to no that i have given it to them i want it to be like sent in an email or downloaded then it sends me an email with there ip and any other info like if it is running or not and also is there a way to intergrate the trojan with an exsiting prog like a small game i have downloaded can i add it to the game small game
    : thanks
    : from
    : mark please help
    :
    :

  • thanks for ur info but i really need to no the code for the reg api thing that lets me no wot the ip of the victims pc is and when the trojan is running help would be greate full please help or is there any code that does it
    please help
    from
    mark
    ps i have searched for binders but cant find any (strange as it seem's)
  • : thanks for ur info but i really need to no the code for the reg api thing that lets me no wot the ip of the victims pc is and when the trojan is running help would be greate full please help or is there any code that does it
    : please help
    : from
    : mark
    : ps i have searched for binders but cant find any (strange as it seem's)
    :
    Binding tools:
    Silk Rope, Saran Wrap, EliteWrap
    search google for these tools, download them, and use them to bind your trojan to the program people would want to download
    EtHeO out...

  • : : thanks for ur info but i really need to no the code for the reg api thing that lets me no wot the ip of the victims pc is and when the trojan is running help would be greate full please help or is there any code that does it
    : : please help
    : : from
    : : mark
    : : ps i have searched for binders but cant find any (strange as it seem's)
    : :
    : Binding tools:
    : Silk Rope, Saran Wrap, EliteWrap
    : search google for these tools, download them, and use them to bind your trojan to the program people would want to download
    right i have sent to trojan to sum 1 and tryped his ip in but it is taking foever to connect to him it just says connecting the when i click send message a runtime error displays which is '40006' and the comment says
    wrong protocol or connection state for the request transaction or request is this due to it trying to connect still or is a a general run time error
    HE HAS NO FIREWALL
    please help asap thanks
  • [b][red]This message was edited by lavey666uk at 2004-4-7 14:10:28[/red][/b][hr]
    mark.. just a pointer for you..

    Always test your trojan b4 sending it to someone.. I run a spare box to test this kinda stuff on.. now seeing as you built this in vb u can control the test (for reg writes, etc)....


    anyway.. back to your question.. wrong protocol/state means u you dont have a conection.
Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Categories