; Metralha's Offset Locator v1.1 beta1
; Podem usar o code e distribuir livremente, desde que mantenhas os créditos origiais.
; busTer
; made public at 29/09/2010 :)
; full autoIt source code.
#include <guiConstants.au3>
#include <WindowsConstants.au3>
#include <EditConstants.au3>
#include <GuiCombobox.au3>
#include <winAPI.au3>
#NoTrayIcon
Global $R = 0
Global $HEXDef = "90"
#Region ### START Koda GUI section ### Form=
$FORM1 = GUICreate("Metralha's Offset Locator - A.D.I - Fênix", 442, 409, 289, 177)
$FILEINPUT = GUICtrlCreateInput("", 32, 32, 401, 21)
$FOLDERINPUT = GUICtrlCreateInput("", 32, 88, 401, 21)
$LABEL3 = GUICtrlCreateLabel("Arquivo", 32, 8, 40, 17)
$LABEL4 = GUICtrlCreateLabel("Pasta de destino", 32, 64, 83, 17)
$FILEB = GUICtrlCreateButton("...", 376, 56, 59, 25, 0)
$FOLDERB = GUICtrlCreateButton("...", 376, 112, 59, 25, 0)
$INICIAR = GUICtrlCreateButton("Iniciar", 32, 352, 67, 25, 0)
$LABEL7 = GUICtrlCreateLabel("coDed by busTer", 344, 360, 86, 17)
$GROUP1 = GUICtrlCreateGroup("", 32, 120, 337, 217)
$LOG = GUICtrlCreateInput("", 48, 288, 305, 21, BitOR($ES_AUTOHSCROLL, $ES_READONLY))
$OFFSET1 = GUICtrlCreateInput("1000", 48, 160, 57, 21, $ES_NUMBER)
$LABEL1 = GUICtrlCreateLabel("Final", 120, 140, 26, 17)
$FINAL1 = GUICtrlCreateInput("", 120, 160, 57, 21, $ES_NUMBER)
$LABEL2 = GUICtrlCreateLabel("Subst. com", 264, 140, 57, 17)
$LABEL5 = GUICtrlCreateLabel("InÃcio", 48, 140, 31, 17)
$LABEL6 = GUICtrlCreateLabel("Blocos de", 192, 140, 51, 17)
$BLOCO1 = GUICtrlCreateInput("1000", 192, 160, 57, 21, $ES_NUMBER)
$COMBO1 = GUICtrlCreateCombo("00", 264, 160, 65, 25, BitOR($GUI_SS_DEFAULT_COMBO, $CBS_DROPDOWNLIST, $CBS_SORT))
$COMBO2 = GUICtrlCreateCombo("00", 264, 192, 65, 25, BitOR($GUI_SS_DEFAULT_COMBO, $CBS_DROPDOWNLIST, $CBS_SORT))
$COMBO3 = GUICtrlCreateCombo("00", 264, 224, 65, 25, BitOR($GUI_SS_DEFAULT_COMBO, $CBS_DROPDOWNLIST, $CBS_SORT))
$OFFSET2 = GUICtrlCreateInput("1000", 48, 192, 57, 21, $ES_NUMBER)
$FINAL2 = GUICtrlCreateInput("", 120, 192, 57, 21, $ES_NUMBER)
$BLOCO2 = GUICtrlCreateInput("1000", 192, 192, 57, 21, $ES_NUMBER)
$OFFSET3 = GUICtrlCreateInput("1000", 48, 224, 57, 21, $ES_NUMBER)
$FINAL3 = GUICtrlCreateInput("", 120, 224, 57, 21, $ES_NUMBER)
$BLOCO3 = GUICtrlCreateInput("1000", 192, 224, 57, 21, $ES_NUMBER)
$CHECKBOX2 = GUICtrlCreateCheckbox("", 336, 192, 25, 17)
$CHECKBOX3 = GUICtrlCreateCheckbox("", 336, 224, 17, 17)
GUICtrlCreateGroup("", -99, -99, 1, 1)
$MENUITEM2 = GUICtrlCreateMenu("Menu")
$MENUITEM1 = GUICtrlCreateMenuItem("Sobre...", $MENUITEM2)
$MENUITEM5 = GUICtrlCreateMenu("Auto Scan (novo)", $MENUITEM2)
$MENUITEM4 = GUICtrlCreateMenuItem("Definir HEX (padrão 90)", $MENUITEM5)
$MENUITEM3 = GUICtrlCreateMenuItem("Iniciar", $MENUITEM5)
GUISetState(@SW_SHOW)
GUICtrlSetLimit($BLOCO1, 6)
GUICtrlSetLimit($BLOCO2, 6)
GUICtrlSetLimit($BLOCO3, 6)
#EndRegion ### END Koda GUI section ###
#region ### Main Code
For $I = 1 To 255
$DATAA = Hex($I, 2)
_GUICTRLCOMBOBOX_ADDSTRING($COMBO1, $DATAA)
_GUICTRLCOMBOBOX_ADDSTRING($COMBO2, $DATAA)
_GUICTRLCOMBOBOX_ADDSTRING($COMBO3, $DATAA)
Next
While 1
$NMSG = GUIGetMsg()
Switch $NMSG
Case $MENUITEM1
MsgBox(64, "Sobre...", "Metralha's Offset Locator" & @LF & @LF & "Exclusivo da comunidade A.D.I - Fênix" & @LF & @LF & @LF & "~busTer")
Case $GUI_EVENT_CLOSE
Exit
Case $FILEB
$FILE = FileOpenDialog("Escolha o arquivo SFX", Default, "Executáveis (*.exe)", 1)
If $FILE <> "" Then
GUICtrlSetData($FILEINPUT, $FILE)
GUICtrlSetData($FINAL1, FileGetSize($FILE))
GUICtrlSetData($FINAL2, FileGetSize($FILE))
GUICtrlSetData($FINAL3, FileGetSize($FILE))
EndIf
Case $FOLDERB
$FOLDER = FileSelectFolder("Selecione a pasta de destino", Default)
GUICtrlSetData($FOLDERINPUT, $FOLDER)
Case $INICIAR
GUICtrlSetData($LOG, "Iniciando...")
GUICtrlSetState($INICIAR, $GUI_DISABLE)
$TIME = TimerInit()
_CLEANDIR($FOLDER)
Sleep(2000)
$A1 = GUICtrlRead($OFFSET1)
$A2 = GUICtrlRead($FINAL1)
$A3 = GUICtrlRead($BLOCO1)
$A4 = GUICtrlRead($COMBO1)
$B1 = GUICtrlRead($OFFSET2)
$B2 = GUICtrlRead($FINAL2)
$B3 = GUICtrlRead($BLOCO2)
$B4 = GUICtrlRead($COMBO2)
$C1 = GUICtrlRead($OFFSET3)
$C2 = GUICtrlRead($FINAL3)
$C3 = GUICtrlRead($BLOCO3)
$C4 = GUICtrlRead($COMBO3)
$OFF = _PROCESS($A1, $A2, $A3, $A4)
If GUICtrlRead($CHECKBOX2) = $GUI_CHECKED Then
$OFF = _PROCESS($B1, $B2, $B3, $B4)
EndIf
If GUICtrlRead($CHECKBOX3) = $GUI_CHECKED Then
$OFF = _PROCESS($C1, $C2, $C3, $C4)
EndIf
GUICtrlSetState($INICIAR, $GUI_ENABLE)
GUICtrlSetData($LOG, "Terminado no offset: " & $OFF)
MsgBox(64, "Sucesso!", "Processo terminado em " & Int(TimerDiff($TIME)) & "ms")
Case $MenuItem3
If guiCtrlRead($FILEInput) <> "" then
If GuiCtrlRead($folderInput) <> "" then
$folder = GuiCtrlRead($folderinput)
For $i = 1 to 4
GUICtrlSetData($LOG, "Iniciando...")
GUICtrlSetState($INICIAR, $GUI_DISABLE)
$TIME = TimerInit()
_CLEANDIR($FOLDER)
Sleep(2000)
Switch $i
case 1
$a1 = 0
$a2 = $FINAL1
$a3 = 1000
$a4 = $HexDef
case 2
$SearchHandle = FileFindFirstFile($folder & "\" & $HexDef & "\*.exe")
If $searchHandle <> -1 then
while 1
$nextFile = FileFindNextFile($SearchHandle)
If @Error then ExitLoop
WEnd
MsgBox(64, "Last file:", $nextFile)
Exit
Else
MsgBox(64, "", "Não sobraram Offsets. o HEX escolhido não indetecta tal AV.")
ExitLoop
EndIf
$a1 = 0
$a2 = $FINAL1
$a3 = 1000
$a4 = $HexDef
case 3
$a1 = 0
$a2 = $FINAL1
$a3 = 1000
$a4 = $HexDef
case 4
$a1 = 0
$a2 = $FINAL1
$a3 = 1000
$a4 = $HexDef
EndSwitch
$OFF = _PROCESS($A1, $A2, $A3, $A4)
MsgBox(64, "", "Bloco 1000 Completado. Favor escanear a pasta.")
Next
Else
MsgBox(64, "", "Selecione a pasta de destino.")
EndIf
Else
MsgBox(64, "", "Selecione o arquivo para processar.")
EndIf
EndSwitch
WEnd
#EndRegion ### MAin Code
#Region #### Funcions
Func _HEXWRITE($FILEPATH, $OFFSET, $BINARYVALUE)
Local $BUFFER, $PTR, $BLEN, $FLEN, $HFILE, $RESULT, $WRITTEN
If Not FileExists($FILEPATH) Then Return SetError(1, @error, 0)
$FLEN = FileGetSize($FILEPATH)
If $OFFSET > $FLEN Then Return SetError(2, @error, 0)
If Not IsBinary($BINARYVALUE) Then Return SetError(3, @error, 0)
$BLEN = BinaryLen($BINARYVALUE)
If $BLEN > $OFFSET + $FLEN Then Return SetError(4, @error, 0)
$BUFFER = DllStructCreate("byte[" & $BLEN & "]")
DllStructSetData($BUFFER, 1, $BINARYVALUE)
If @error Then Return SetError(5, @error, 0)
$PTR = DllStructGetPtr($BUFFER)
$HFILE = _WINAPI_CREATEFILE($FILEPATH, 2, 4, 0)
If $HFILE = 0 Then Return SetError(6, @error, 0)
$RESULT = _WINAPI_SETFILEPOINTER($HFILE, $OFFSET)
$ERR = @error
If $RESULT = -1 Then
_WINAPI_CLOSEHANDLE($HFILE)
Return SetError(7, $ERR, 0)
EndIf
$RESULT = _WINAPI_WRITEFILE($HFILE, $PTR, $BLEN, $WRITTEN)
$ERR = @error
If Not $RESULT Then
_WINAPI_CLOSEHANDLE($HFILE)
Return SetError(8, $ERR, 0)
EndIf
_WINAPI_CLOSEHANDLE($HFILE)
If Not $RESULT Then Return SetError(9, @error, 0)
EndFunc
Func _REPEATSTRING($ISTRING, $ITIMES)
$REPEATED = ""
For $I = 1 To $ITIMES
$REPEATED = $REPEATED & $ISTRING
Next
Return $REPEATED
EndFunc
Func _CLEANDIR($PATH)
While 1
$SearchHandle = FileFindFirstFile($path & "\*.*")
$nextFile = FileFindNextFile($SearchHandle)
If @error then ExitLoop
FileDelete($path & "\" & $nextFile)
wend
EndFunc
Func _PROCESS($ISTARTOFF, $IENDOFF, $IBLOCK, $IREPLACE)
For $STARTOFF = $ISTARTOFF To $IENDOFF Step $IBLOCK
$FILECREATED = $FOLDER & "\" & $IREPLACE & "\" & $STARTOFF & "_" & $IBLOCK & ".exe"
FileCopy($FILE, $FILECREATED, 9)
_HEXWRITE($FILECREATED, $STARTOFF, Binary("0x" & _REPEATSTRING($IREPLACE, $IBLOCK)))
$R = $R + 1
If $R = 10 Then
GUICtrlSetData($LOG, "Processando offset: " & $STARTOFF & " Substituindo por: " & $IREPLACE)
$R = 0
EndIf
Next
Return $STARTOFF - $IBLOCK
EndFunc
#EndRegion #### Functions
Gracias por el código amigo de lujo
CrypterHacker escribió:Gracias por el código amigo de lujo