vb.net实现木马注册机原理：动态配置exe-.NET教程,VB.Net语言

  private sub b_ok_click(byval sender as system.object, byval e as system.eventargs) handles b_ok.click

        检查配置

        if len(me.tb_myconfig.text) = 0 then

            me.l_res.text = “请输入你要设置的字符！”

            return

        end if

        设置文件保存位置

        dim strurl as string

        if ofd.showdialog = dialogresult.ok then

            strurl = ofd.filename

        else

            return

        end if

        复制本身到指定文件

        io.file.copy(application.executablepath, strurl, true)

        dim ms as io.filestream

        dim bw as io.binarywriter

        try

            打开文件

            ms = new io.filestream(strurl, io.fileaccess.readwrite)

            bw = new io.binarywriter(ms)

            读取中文件配置的位置，以确定该文件是否被配置过

            dim ip as integer = seekpostion(application.executablepath)

            if ip = 0 then

                如果没有配置过，就定位到文件结尾

                bw.seek(0, io.seekorigin.end)

            else

                已经配置过的话，就定位到配置位置

                bw.seek(ip, io.seekorigin.begin)

            end if

            连续写2个 vbcrlf，这个就是是否被配置的标志

            bw.write(vbcrlf)

            bw.write(vbcrlf)

            这里写配置进去！

            bw.write(system.text.encoding.default.getbytes(me.tb_myconfig.text))

            bw.flush()

        catch ex as exception

            me.l_res.text = “错误：” & ex.message

            return

        finally

            关闭文件

            bw.close()

            ms.close()

        end try

        try

            启动新程序

            system.diagnostics.process.start(strurl)

            结束当前京城

            me.dispose()

        catch ex as exception

        end try

    end sub

    private sub frmmain_load(byval sender as system.object, byval e as system.eventargs) handles mybase.load

        显示是否配置 以及配置结果

        me.tb_myconfig.text = reanconfig(application.executablepath)

        if seekpostion(application.executablepath) = 0 then

            me.l_res.text = “该程序没有被配置过！”

        else

            me.l_res.text = “该程序已经被配置过了！”

        end if

    end sub

    function seekpostion(byval strpath as string) as integer

        dim ip as integer = 0 位置

        dim ms as io.filestream

        dim br as io.binaryreader

        try

            ms = new io.filestream(strpath, io.filemode.open, io.fileaccess.read)

            br = new io.binaryreader(ms)

            读取文件

            dim b() as byte = br.readbytes(ms.length)

            dim ic as integer

            for i as integer = 0 to b.length – 5

                ic = i

                这里检查标志，就是上面连续写2个 vbcrlf  vbcrlf

                if b(ic) = 13 and b(ic + 1) = 10 and b(ic + 3) = 13 and b(ic + 4) = 10 then

                    ip = ic

                    exit for

                end if

            next

        catch ex as exception

            console.write(ex.message)

        finally

            if not ms is nothing then

                ms.close()

            end if

            if not br is nothing then

                br.close()

            end if

        end try

        return ip

    end function

    private function reanconfig(byval strpath as string) as string

        dim ip as integer = seekpostion(strpath)

        if ip = 0 then

            return nothing

        end if

        dim ms as io.filestream

        dim br as io.binaryreader

        try

            ms = new io.filestream(application.executablepath, io.filemode.open, io.fileaccess.read)

            br = new io.binaryreader(ms)

            br.readbytes(ip + 5) 舍弃前面的数据

            读取最后的数据！

            return system.text.encoding.default.getstring(br.readbytes(ms.length – ip – 5))

        catch ex as exception

            console.write(ex.message)

            return nothing

        finally

            if not ms is nothing then

                ms.close()

            end if

            if not br is nothing then

                br.close()

            end if

        end try

    end function