Government Security
Network Security Resources

Jump to content


Desktop Root

- - - - - trojan
  • Please log in to reply
5 replies to this topic

#1 Andyroo



  • Members
  • 2 posts

Posted 19 March 2007 - 07:23 AM

I've created a trojan and i've used resource to open a normal exe at the start, everythings sorted but.. how can i copy a file to their desktop? Because it won't know the users. Cheers.

#2 IDEspinner



  • Sergeant Major
  • 212 posts

Posted 19 March 2007 - 07:53 AM

I would assume the easiest way would be to use the enviroment variable %username%

if you type
echo %username% in a command prompt it will echo your user name.

this should work in VB, when you go to the path for the desktop, for your path use:

"C:\Documents and Settings\%username%\desktop"

that should work in XP, i dont know about the operating systems. This is useful because XP doesnt have a Whoami command

#3 mh p0rtal

mh p0rtal


  • Members
  • 14 posts

Posted 20 March 2007 - 09:52 AM

try with Power of .NET language , they will make your problems easy



#4 Guest_RandomCode_*

  • Guests

Posted 23 March 2007 - 12:54 PM

Try the power of less 80 megs of framework:

msgbox Environ$("USERNAME")

Or if you like it donne using the OS API try:

Option Explicit

Private Declare Function GetUserNameW Lib "advapi32.dll" (ByVal lpBuffer As Long, nSize As Long) As Long
Private Sub Form_Load()
	Debug.Print GetUserName
End Sub

Public Function GetUserName() As String
	Const SIZE As Long = 255
	GetUserName = String$(SIZE, 0)
	GetUserNameW StrPtr(GetUserName), SIZE
End Function

#5 3XPL0IT



  • Members
  • 1 posts

Posted 27 October 2010 - 02:56 PM

Ok, so as i think i guess you wants it to copy itself to desktop ofcourse when you call the function.
Here is an example i use for my Trojan.

Function DropFile()
On Error Resume Next
Dim RemSrc As String
Dim RemDes As String

RemSrc = App.Path & "\" & App.EXEName & ".exe" This is to check where the file is located at the moment so you can atleast copy something.
RemDes = Environ$("systemdrive") & "\Users\" & Environ$("username") & "\desktop\" & app.exename & ".exe" This is the folder or place where you want to the the file.

FileCopy RemSrc, RemDes

End Function

Hope it helped.

#6 sajid89



  • Members
  • 9 posts

Posted 02 May 2012 - 02:52 AM

He clearly states that this is an exploit you dl it and unzipped it at your own risk. It is not his fault that you don't understand what this is. Thanks for the pack I am going to take a look at this in my sandbox to see if I can learn more on this.

Also tagged with one or more of these keywords: trojan