vb.net实现木马注册机原理：动态配置exe

  Private Sub b_OK_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles b_OK.Click

        '检查配置

        If Len(Me.tb_myConfig.Text) = 0 Then

            Me.l_res.Text = "请输入你要设置的字符！"

            Return

        End If

        '设置文件保存位置

        Dim strUrl As String

        If ofd.ShowDialog = DialogResult.OK Then

            strUrl = ofd.FileName

        Else

            Return

        End If

        '复制本身到指定文件

        IO.File.Copy(Application.ExecutablePath, strUrl, True)

        Dim ms As IO.FileStream

        Dim bw As IO.BinaryWriter

        Try

            ' '打开文件

            ms = New IO.FileStream(strUrl, IO.FileAccess.ReadWrite)

            bw = New IO.BinaryWriter(ms)

            '读取中文件配置的位置，以确定该文件是否被配置过

            Dim ip As Integer = SeekPostion(Application.ExecutablePath)

                '如果没有配置过，就定位到文件结尾

                bw.Seek(0, IO.SeekOrigin.End)

            Else

                '已经配置过的话，就定位到配置位置

                bw.Seek(ip, IO.SeekOrigin.Begin)

            End If

            '连续写2个 vbcrlf，这个就是是否被配置的标志

            bw.Write(vbCrLf)

            bw.Write(vbCrLf)

            '这里写配置进去！

            bw.Write(System.Text.Encoding.Default.GetBytes(Me.tb_myConfig.Text))

            bw.Flush()

        Catch ex As Exception

            Me.l_res.Text = "错误：" & ex.Message

            Return

        Finally

            '关闭文件

            bw.Close()

            ms.Close()

        End Try

            '启动新程序

            System.Diagnostics.Process.Start(strUrl)

            '结束当前京城

            Me.Dispose()

        Catch ex As Exception

        '显示是否配置 以及配置结果

        Me.tb_myConfig.Text = reanConfig(Application.ExecutablePath)

        If SeekPostion(Application.ExecutablePath) = 0 Then

            Me.l_res.Text = "该程序没有被配置过！"

        Else

            Me.l_res.Text = "该程序已经被配置过了！"

        End If

    End Sub

        Dim ip As Integer = 0 '位置

        Dim br As IO.BinaryReader

        Try

            ms = New IO.FileStream(strPath, IO.FileMode.Open, IO.FileAccess.Read)

            br = New IO.BinaryReader(ms)

            '读取文件

            Dim b() As Byte = br.ReadBytes(ms.Length)

            For i As Integer = 0 To b.Length - 5

                ic = i

                '这里检查标志，就是上面连续写2个 vbcrlf  vbcrlf

                If b(ic) = 13 And b(ic + 1) = 10 And b(ic + 3) = 13 And b(ic + 4) = 10 Then

                    ip = ic

                    Exit For

                End If

            Next

            Console.Write(ex.Message)

        Finally

            If Not ms Is Nothing Then

                ms.Close()

            End If

            If Not br Is Nothing Then

                br.Close()

            End If

        End Try

    End Function

        Dim Ip As Integer = SeekPostion(strPath)

        If Ip = 0 Then

            Return Nothing

        End If

        Dim br As IO.BinaryReader

        Try

            ms = New IO.FileStream(Application.ExecutablePath, IO.FileMode.Open, IO.FileAccess.Read)

            br = New IO.BinaryReader(ms)

            br.ReadBytes(Ip + 5) '舍弃前面的数据

            Return System.Text.Encoding.Default.GetString(br.ReadBytes(ms.Length - Ip - 5))

            Console.Write(ex.Message)

            Return Nothing

        Finally

            If Not ms Is Nothing Then

                ms.Close()

            End If

            If Not br Is Nothing Then

                br.Close()

            End If

        End Try  vb.net实现木马注册机原理：动态配置exe

    End Function