大家经常能看到一些程序,如木马程序能够生成一个完整的可执行程序出来,是不是觉得很有意思?其实VB也能做到这一点。
首先我们需要把一个EXE文件转为容易在程序中保存的文本形式,这里我转成16进制表示,大家也可以转为Base64或其它兼容的格式。下面这个函数能将二进制文件转为VB可识别的语句。
Function ConvBinToHex(byval strVarName as string,byval strInFile as string,byval strOutFile as string)
Open strInFile For Binary Access Read As #1
ReDim bBytes(LOF(1))
Get 1, , bBytes
Close #1
Dim strHex As String, strHexTmp As String
Dim i As Long, n As Long
strHex = strVarName & " = """
For i = 0 To UBound(bBytes)
strHexTmp = Hex(bBytes(i))
If Len(strHexTmp) = 1 Then
strHexTmp = "0" & strHexTmp
End If
n = n + 1
If n = 50 Then '设置一行显示50个字节
strHex = strHex & """" & vbCrLf & strVarName & " = " & strVarName & " & """ & strHexTmp & " "
n = 0
Else
strHex = strHex & strHexTmp & " "
End If
Next
strHex = Left(strHex, Len(strHex) - 1) & """"
Open strOutFile For Output As #1
Print #1, strHex
Close #1
End Function
执行上面的函数后,我们会得到这样的代码:
trBin = "4D 5A 90 00 03 00 00 00 04 00 00 00 FF FF 00 00 B8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 "
strBin = strBin & "00 00 00 00 00 00 00 00 00 00 00 C0 00 00 00 0E 1F BA 0E 00 B4 09 CD 21 B8 01 4C CD 21 54 68 69 73 20 70 72 6F 67 72 61 6D 20 63 61 6E 6E 6F 74 20 62 "
.............
将这些代码放入VB的工程源代码中,再使用下面的函数即可完成将文本恢复为二进制的功能:
Public Function ConvHexToBin(ByRef strHex As String, ByRef OutputFile As String)
Dim vHex As Variant, bBytes() As Byte, i As Long
vHex = Split(strHex, " ", -1)
ReDim bBytes(UBound(vHex))
For i = 0 To UBound(vHex)
bBytes(i) = CDec("&H" & vHex(i))
Next
Open OutputFile For Binary Access Write As #1
Put #1, , bBytes
Close #1
End Function
大家有什么好的想法欢迎留言:)