|
652
|
Programación / ASM / Re: [SRC] Listar funciones de una libreria
|
en: 5 Abril 2009, 08:54 am
|
Los parametros de las api's sera imposible de sacar y los valores que devuelve , no no lo toma ya que hay la unica manera que encuentro es ahcel algo como un debugger y ver que manda a eax .
|
|
|
654
|
Programación / ASM / Re: [SRC]antiemulator
|
en: 4 Abril 2009, 21:01 pm
|
Creo que al poner: No confundes a ningun AV... ya que el FASM ya te lo calcula y pone el 500, talvez haciendo Cierto , no me habia fijado .
|
|
|
655
|
Programación / ASM / [SRC]antiemulator
|
en: 4 Abril 2009, 10:15 am
|
Hola , decidi pasar la función AntiEmulaters desarrollada por ChainCoder en el lenguaje de programación delphi a ASM , espero que les sirva Codigo original:Function AntiEmulaters:Boolean; Var UpTime :DWORD; UpTimeAfterSleep :Dword; Begin UpTime := GetTickCount; Sleep(Strtoint('5'+'0'+'0')); UpTimeAfterSleep := GetTickCount; if ( UpTimeAfterSleep - UpTime ) < 500 Then Result:= True Else Result:= False; end;
Codigo traducido: antiemulator: push ebx ecx invoke GetTickCount mov ebx,eax mov eax,2 mov ecx,250 mul ecx invoke SleepEx,eax,FALSE ; 250 * 2= 500 ( para confundir un poco el antivirus ) invoke GetTickCount sub eax,ebx cmp eax,500 jl .si mov eax,FALSE pop ecx ebx ret .si: pop ecx ebx mov eax,TRUE ret
|
|
|
656
|
Programación / PHP / Re: Problemas con envio de email en php
|
en: 4 Abril 2009, 05:09 am
|
http://foro.elhacker.net/php/pequenos_trucos_en_php-t152467.0.html Función hecha por дٳŦ* <?php //Ejemplo: send_mail("user@mail.com","cuerpo","asunto","demi@localhost","demi"); function send_mail($to, $body, $subject, $fromaddress, $fromname, $attachments=false) { $eol="\r\n"; # Common Headers $headers .= "From: ".$fromname."<".$fromaddress.">".$eol; $headers .= "Reply-To: ".$fromname."<".$fromaddress.">".$eol; $headers .= "Return-Path: ".$fromname."<".$fromaddress.">".$eol; // these two to set reply address $headers .= "Message-ID: <".time()."-".$fromaddress.">".$eol; $headers .= "X-Mailer: PHP v".phpversion().$eol; // These two to help avoid spam-filters # Boundry for marking the split & Multitype Headers $headers .= 'MIME-Version: 1.0'.$eol.$eol; $headers .= "Content-Type: multipart/mixed; boundary=\"".$mime_boundary."\"".$eol.$eol; # Open the first part of the mail $msg = "--".$mime_boundary.$eol; $htmlalt_mime_boundary = $mime_boundary."_htmlalt"; //we must define a different MIME boundary for this section # Setup for text OR html - $msg .= "Content-Type: multipart/alternative; boundary=\"".$htmlalt_mime_boundary."\"".$eol.$eol; # Text Version $msg .= "--".$htmlalt_mime_boundary.$eol; $msg .= "Content-Type: text/plain; charset=iso-8859-1".$eol; $msg .= "Content-Transfer-Encoding: 8bit".$eol.$eol; # HTML Version $msg .= "--".$htmlalt_mime_boundary.$eol; $msg .= "Content-Type: text/html; charset=iso-8859-1".$eol; $msg .= "Content-Transfer-Encoding: 8bit".$eol.$eol; $msg .= $body.$eol.$eol; //close the html/plain text alternate portion $msg .= "--".$htmlalt_mime_boundary."--".$eol.$eol; if ($attachments !== false) { for($i=0; $i < count($attachments); $i++) { if (is_file($attachments[$i]["file"])) { # File for Attachment $file_name = substr($attachments[$i]["file"], (strrpos($attachments[$i]["file"], "/")+1)); $handle=fopen($attachments[$i]["file"], 'rb'); $f_type=filetype($attachments[$i]["file"]); # Attachment $msg .= "--".$mime_boundary.$eol; $msg .= "Content-Type: ".$attachments[$i]["content_type"]."; name=\"".$file_name."\"".$eol; // sometimes i have to send MS Word, use 'msword' instead of 'pdf' $msg .= "Content-Transfer-Encoding: base64".$eol; $msg .= "Content-Description: ".$file_name.$eol; $msg .= "Content-Disposition: attachment; filename=\"".$file_name."\"".$eol.$eol; // !! This line needs TWO end of lines !! IMPORTANT !! $msg .= $f_contents.$eol.$eol; } } } # Finished $msg .= "--".$mime_boundary."--".$eol.$eol; // finish with two eol's for better security. see Injection. # SEND THE EMAIL ini_set(sendmail_from ,$fromaddress); // the INI lines are to force the From Address to be used ! $mail_sent = mail($to, $subject, $msg, $headers); return $mail_sent; } ?>
|
|
|
657
|
Programación / ASM / Re: [Aporte] .inc con api's de distitnas librerias para FASM
|
en: 4 Abril 2009, 05:04 am
|
Include de la srclient.dll import srclient,\ SRUpdateMonitoredListW,'SRUpdateMonitoredListW',\ SRUpdateMonitoredListA,'SRUpdateMonitoredListA',\ SRUpdateDSSize,'SRUpdateDSSize',\ SRUnregisterSnapshotCallback,'SRUnregisterSnapshotCallback',\ SRSwitchLog,'SRSwitchLog',\ SRSetRestorePointW,'SRSetRestorePointW',\ SRSetRestorePointA,'SRSetRestorePointA',\ SRRemoveRestorePoint,'SRRemoveRestorePoint',\ SRRegisterSnapshotCallback,'SRRegisterSnapshotCallback',\ SRPrintState,'SRPrintState',\ SRNotify,'SRNotify',\ SRFreeze,'SRFreeze',\ SRFifo,'SRFifo',\ SRCompress,'SRCompress',\ RestoreSnapshot,'RestoreSnapshot',\ ResetSR,'ResetSR',\ EnableSREx,'EnableSREx',\ EnableSR,'EnableSR',\ EnableFIFO,'EnableFIFO',\ DllUnregisterServer,'DllUnregisterServer',\ DllRegisterServer,'DllRegisterServer',\ DllGetClassObject,'DllGetClassObject',\ DllCanUnloadNow,'DllCanUnloadNow',\ DisableSR,'DisableSR',\ DisableFIFO,'DisableFIFO',\ CreateSnapshot,'CreateSnapshot',\ CreateFirstRunRp,'CreateFirstRunRp'
|
|
|
659
|
Programación / ASM / Re: [SRC]GetAddressFunction
|
en: 4 Abril 2009, 03:11 am
|
Le corregi algunas cosas inutiles , no son muchas modificaciones las que le hice a mis source pero creo que lo debo postear igual include 'win32ax.inc' .code start: invoke LoadLibrary,"user32.dll" stdcall GetAddressFunction,eax,"MessageBoxA" stdcall eax,0,0,0,0 invoke ExitProcess,0 proc GetAddressFunction,LibHandle,Api locals AddressOfNames dd ? AddressOfFunctions dd ? endl push ebx edx edi ecx esi mov eax,[LibHandle] cmp eax,NULL je .Error mov ebx, dword[eax + 03Ch] add ebx,eax cmp word[ebx],"PE" jne .Error mov esi,dword[ebx+078h] mov ebx,esi add ebx,eax push dword[ebx+20h] pop [AddressOfNames] add [AddressOfNames] ,eax mov ecx,dword[ebx+018h] xor edi,edi add eax ,esi push dword[eax+1ch] pop [AddressOfFunctions] sub eax,esi add [AddressOfFunctions] ,eax .encontrar: dec ecx mov eax,edi rol eax,2 add eax,[AddressOfNames] mov eax, dword[eax] add eax, [LibHandle] inc edi stdcall comparar, [Api], eax cmp ecx,NULL je .Error cmp eax, 0 jne .encontrar dec edi rol edi,2 mov eax,edi add eax, [AddressOfFunctions] mov eax, dword[eax] add eax,[LibHandle] pop esi ecx edi edx ebx ret .Error: xor eax,eax ; xor eax,eax = NULL pop esi ecx edi edx ebx ret endp proc comparar ,SRC,DST push edi ecx esi mov ecx,-1 mov edi,[SRC] mov al,0 repnz scasb mov eax,ecx not eax mov ecx,eax mov esi,[SRC] mov edi,[DST] repz cmpsb mov eax,1 jnz Next dec eax Next: pop esi ecx edi ret endp .end start
|
|
|
|
|
|
|