[ de_c0der @ 31.12.2006. 20:08 ] @
| Borland C++ Zelja:u inline asm-u nakucat kod koji ce izbacit messagebox i pri tom upozorit korisnika da ce kreirat novi fajl, zatim kreirat novi fajlt, i onda ga otvorit i u njega stavit text poruku... jedine 2 adrese od kojih pocimam da ih imam su adresa od LoadLibarary-a i GetProcAddress-a, a onda preko njih dobavljam adrese ostalih... uglavnom sve radi uspjesno do kreiranja fajla (znaci to izvrsno obavi) i onda se sjebe nesto, puko sam vise!! Ako ima ko strpljenja da proceljsa ovo i da nadje gdje sta treba od'ebat da bi dovrsio to s*****  Code: int main(int argc, char* argv[]) { asm{mov ebx, esp sub ebx,4 sub ebx,4 sub ebx,4 push 0x00006C6C push 0x642E3233 push 0x72657375 //ebx sadrzi string 'user32.dll' mov esi, 0x77e7a5fd mov edi,esi //esi,edi sadrzi adresu GetProcAddress fje mov edx, 0x77e805d8 //edx sadrzi adresu LoadLibraryA fje push ebx //kernel32.dll call edx //LoadLibraryA //eax sad sadrzi handle od user32.dll-a mov ebx, esp sub ebx,4 sub ebx,4 sub ebx,4 push 0x0041786F push 0x42656761 push 0x7373654D //ebx sadrzi string 'MessageBoxA' push ebx //string 'MessageBoxA' push eax //handle od user32.dll-a call esi //pozivamo GetProcAddress mov ebx,esp mov ecx, 4 imul ecx,13 sub ebx, ecx xor ecx,ecx push 0x00000000 push 0x293A2021 push 0x21212074 push 0x78742E65 push 0x67615373 push 0x654D5F6B push 0x4361485C push 0x3A63206C push 0x6A616620 push 0x74617269 push 0x65726B20 push 0x6F6D6563 push 0x20646153 //obavijest korisniku //s kim ima posla :D mov ecx,esp mov edx,4 imul edx,5 sub ecx,edx mov edx,0 //xor edx,edx push 0x00002E2E push 0x2E747365 push 0x6A697661 push 0x626F2072 push 0x6F786148 //Naslov obavijesti push 0 push ecx push ebx push 0 call eax //MessageBox mov edx,esp sub edx,4 sub edx,4 sub edx,4 sub edx,4 push 0x00000000 push 0x6C6C642E push 0x32336C65 push 0x6E72656B //edx sadrzi string 'kernel32.dll' mov edi, 0x77e805d8 //edi sadrzi adresu LoadLibraryA fje push edx call edi //LoadLibraryA mov ecx,esp sub ecx,4 sub ecx,4 sub ecx,4 push 0x0041656C push 0x69466574 push 0x61657243 //ecx=string 'CreateFileA' mov esi, 0x77e7a5fd //esi sadrzi adresu GetProcAddress fje push ecx //'CreateFileA' push eax //handle od kernel32.dll-a call esi //GetProcAddress //eax sadrzi sada adresu CreateFileA fje :)) //idemo dalje, nije da mi se da vise ali ono :D mov ecx,esp mov edx,4 imul edx,6 sub ecx,edx push 0x00000074 push 0x78742E65 push 0x67617373 push 0x656D5F72 push 0x6F786168 push 0x5C5C3A43 //putanja fajla; c:\haxor_message.txt //idemo sad kreirat fajl C:\\haxor_message.txt push 0 //hTemplateFile push 0 //dwFlagsAndAttributes push 1 //dwCreationDisposition->create new push 0 //lpSecurityAttributes push 0 //dwShareMode push 0x40000000 //dwDesiredAccess->write access push ecx //C:\\haxor_message.txt call eax //CreateFileA mov ebx,eax // da sacuvamo handle :) ... ipak ne :D //jer EAX dobije FFFFFFFF ... hmmm, uradit //cemo poslije radje OpenFile pa na miru spavat //hajde da otvorimo fajl ... //znaci idemo polako po OpenFile koja je u kernel32.dll-u mov edx,esp sub edx,4 sub edx,4 sub edx,4 sub edx,4 push 0x00000000 push 0x6C6C642E push 0x32336C65 push 0x6E72656B //edx sadrzi string 'kernel32.dll' mov edi, 0x77e805d8 //edi sadrzi adresu LoadLibraryA fje push edx call edi //LoadLibararyA mov ecx,esp mov edx,4 imul edx,3 sub ecx,edx push 0x00000000 push 0x656C6946 push 0x6E65704F //string 'OpenFile' mov esi, 0x77e7a5fd //esi sadrzi adresu GetProcAddress fje push ecx push eax call esi //GetProcAddress mov esi,esp mov edi,4 imul edi,6 sub esi,edi push 0x00000074 push 0x78742E65 push 0x67617373 push 0x656D5F72 push 0x6F786168 push 0x5C5C3A43 //putanja fajla; c:\\haxor_message.txt push 0x00000001 //stajl :D .. write :) push 0 //lpReOpenBuff push esi //putanja do fajla call eax //kernel32.OpenFile mov ebx, eax //savuvamo hFile govnara //=======ajde da napokon nesto upisemo u fajl mov edx,esp sub edx,4 sub edx,4 sub edx,4 sub edx,4 push 0x00000000 push 0x6C6C642E push 0x32336C65 push 0x6E72656B //edx sadrzi string 'kernel32.dll' mov edi, 0x77e805d8 //edi sadrzi adresu LoadLibraryA fje push edx call edi //LoadLibararyA mov ecx,esp mov edx,4 imul edx,3 sub ecx,edx push 0x00000065 push 0x6C694665 push 0x74697257 //string 'WriteFile' mov esi, 0x77e7a5fd //esi sadrzi adresu GetProcAddress fje push ecx push eax call esi //GetProcAddress mov ecx,esp mov edx,4 imul edx,5 sub ecx,edx mov edx,0 //xor edx,edx push 0x00002E2E push 0x2E747365 push 0x6A697661 push 0x626F2072 push 0x6F786148 //Naslov obavijesti push 0 //lpOverlapped push ecx //lpNumberOfBytesWritten push 0x09 //NumberOfBytesToWrite push ecx //lpBuffer push ebx //hFile call eax //WriteFile /* probni MessageBox push 0 push ebx //'kernel32.dll' push ebx //isto push 0 mov eax,0x77d6add7 call eax */ //ciscenje stack-a pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx pop ebx } return 0; } E da, ovo za popovanje EBX-a imam u planu na kraju samo ubacit u jedan loop koji ce to obavit!! pozz i thx unaprijed, nadam se da ima neki "ludjak" koji ce pomoc  z |