SetFileTime:修改文件创建时间(可配合asp木马使用)
调用Windows API来实现修改文件时间(修改文件创建时间) 可配合asp木马使用
http://www.upsdn.net 通用便携系统开发网 特约撰稿人:Greg
用asp木马入侵了IIS站点之后,其实很容易的网管发现,因为无缘无故多出文件来了.于是就有人把木马代码藏在正常的asp文件之中,然而这样带来的问题就是 正常asp文件的修改时间被改变了.这也很容易惹人怀疑.
这里有段C代码,调用Windows API来实现修改 文件时间到 任意时间(其实也不是任意,是操作系统可以接受的范围 1980-1-1 到 2037-12-31)
已经在LCC-Win32编译通过,源文件和可执行文件
下载地址http://down.upsdn.net/others/setime.rar
/*****************************************************************************
File : SetDateAsIWant.c
Description : Set a File time to the specific date and time
Win NT/2K/XP
Code by : Gregory Shaw <greg@upsdn.net>
Lastest Date : 2004-7-15
Example :
settime c:\test.txt 20040715093506
2004-07-15 09:35:06
******************************************************************************/
#define _LCC_DEBUG
#define _WIN32_WINNT 0x0400
#include
#include
/*************************Functions Declarations*****************************/
BOOL SetFileToSpecTime(HANDLE hFile,SYSTEMTIME * pSysTime);
int GetSpecTime(char * szTime, SYSTEMTIME * pSysTime);
int StrToInt(char * str,int start,int end);
int main(int argc, char *argv[])
{
SYSTEMTIME st;
HANDLE hFile;
if ( (argc != 3) )
{
#ifdef _LCC_DEBUG
printf("Format:%s filename time",argv[0]);
printf("\nExample:%s test.txt 20040715140810",argv[0]);
#endif
return (0);
}
else if ( strlen(argv[2])!=14)
{
#ifdef _LCC_DEBUG
printf("Argument Error.time string length is 14.");
#endif
return (0);
}
if ( GetSpecTime(argv[2],&st) == 0 )
{
#ifdef _LCC_DEBUG
printf("Time Error.");
#endif
return (0);
}
hFile = CreateFile(argv[1], //LPCTSTR lpFileName,
GENERIC_READ|GENERIC_WRITE, //DWORD dwDesiredAccess,
FILE_SHARE_READ|FILE_SHARE_DELETE,
NULL, //LPSECURITY_ATTRIBUTES lpSecurityAttributes,
OPEN_EXISTING,
FILE_FLAG_BACKUP_SEMANTICS, //DWORD dwFlagsAndAttributes,
NULL);
if (hFile == INVALID_HANDLE_VALUE)
{
#ifdef _LCC_DEBUG
printf ("Invalid File Handle. Error#:%d\n", GetLastError ());
#endif
return (0);
}
else
{
#ifdef _LCC_DEBUG
printf("The Specifi Time:%d-%d-%d %d:%d:%d\n",
st.wYear,
st.wMonth,
st.wDay,
st.wHour,
st.wMinute,
st.wSecond);
#endif
if( SetFileToSpecTime(hFile,&st) ==0)
{
#ifdef _LCC_DEBUG
printf("fail to set file time.\n");
#endif
}
CloseHandle(hFile);
return (1);
}
}
int StrToInt(char * str,int start,int end)
{
int result=0;
if(start>end)
{
result = -1;
}
else
{
while(start<=end)
{
result = (str[start]-'0') + result*10;
start ++;
}
}
return result;
}
int GetSpecTime(char * szTime, SYSTEMTIME * pSysTime)
{
int i;
for(i=0;i<14;)
{
if( (szTime[i]>='0') &&(szTime[i]<='9') )
i++;
else
{
#ifdef _LCC_DEBUG
printf("Invalid time string.\n");
#endif
return 0;
}
}
pSysTime->wYear = StrToInt(szTime,0,3);
pSysTime->wMonth = StrToInt(szTime,4,5);
pSysTime->wDayOfWeek = 1; //is ignored by SystemTimeToFileTime
pSysTime->wDay = StrToInt(szTime,6,7);
pSysTime->wHour = StrToInt(szTime,8,9);
pSysTime->wMinute = StrToInt(szTime,10,11);
pSysTime->wSecond = StrToInt(szTime,12,13);
pSysTime->wMilliseconds = 0;
if( (pSysTime->wYear <1601)
|| (pSysTime->wMonth <1) || (pSysTime->wMonth >12 )
|| (pSysTime->wDay < 0 ) || (pSysTime->wDay >31 )
|| (pSysTime->wHour < 0 ) || (pSysTime->wHour >23 )
|| (pSysTime->wMinute <0) || (pSysTime->wMinute >59 )
|| (pSysTime->wMinute <0) || (pSysTime->wMinute >59 ) )
{
#ifdef _LCC_DEBUG
printf("time overflow.\n");
#endif
return 0;
}
else
{
return 1;
}
}
BOOL SetFileToSpecTime(HANDLE hFile,SYSTEMTIME * pSysTime)
{
FILETIME ft,LocalFileTime;
BOOL f;
SystemTimeToFileTime(pSysTime, &ft);
LocalFileTimeToFileTime(&ft,&LocalFileTime);
f = SetFileTime(hFile,
&LocalFileTime,
(LPFILETIME) NULL,
&LocalFileTime);
return f;
}
作者:Greg 更新日期:2004-11-04
来源:本站
浏览次数:
相关文章
相关评论 发表评论
- No Comments