Jump to content
Tuts 4 You

Edit History

Rever7eR

Rever7eR

i tried to write a small program that run some useful tools that i need , unfortunately the program run only in my computer
how can i fix that problem , another question ... i'm just a beginner so the i've repeated CreateProcess and ResumeThread so many times
i guess am doing this wrong ! please correct me

i called this small Program EX_Runner
the source code ,

.386
.model flat, stdcall  ;32 bit memory model
option casemap :none  ;case sensitive

include EX_Runner.inc
include comdlg32.inc
includelib comdlg32.lib

.const
sla db"\",0
FilterStr db "Executable Files","*.exe",0,0

.data
olly db "C:\RCE\RAMODBG v1.1\OLLYDBG.EXE",0
IDA db "C:\RCE\Tools\IDA Pro\IDA Pro Advanced (32-bit).exe",0
reflector db "C:\Program Files\Red Gate\.NET Reflector\Desktop 8.5\Reflector.exe",0
qu db "C:\RCE\Tools\QUnpack32\Explorer.exe",0
stripper db "C:\RCE\Tools\Unpacking Kit 2012\ARMADILLO\stripper_v213b9\_stripperX.exe",0
dillodie db "C:\RCE\Tools\Unpacking Kit 2012\ARMADILLO\Dillodie\dilloDIE.exe",0
die db "C:\RCE\Tools\DIE_1.01_win\die.exe",0
peid db "C:\RCE\Tools\PEiD-0.95-20081021\PEiD.exe",0
exepeinfo db "C:\RCE\Tools\Exeinfope\exeinfope.exe",0
impREC db "C:\RCE\Tools\ImpREC 1.7e\ImportREC.exe",0
lordpe db "C:\RCE\Tools\lordPE\LordPE.EXE",0
scylla db "C:\RCE\Tools\Scylla v0.9.7c\Scylla_x86.exe",0
.data?
buffer db 512 dup (?)
WFD WIN32_FIND_DATA<>
ofn OPENFILENAME<>

SSI STARTUPINFO<>
PI PROCESS_INFORMATION<>
.code

start:

	invoke GetModuleHandle,NULL
	mov		hInstance,eax

    invoke InitCommonControls
	invoke DialogBoxParam,hInstance,IDD_DIALOG1,NULL,addr DlgProc,NULL
	invoke ExitProcess,0

;########################################################################



DlgProc proc hWin:HWND,uMsg:UINT,wParam:WPARAM,lParam:LPARAM

	mov		eax,uMsg
	.if eax==WM_INITDIALOG

	.elseif eax==WM_COMMAND
	
 .if wParam==1002 
 invoke CreateProcess,addr olly,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif  wParam==1003 
 invoke CreateProcess,addr IDA,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1004
 invoke CreateProcess,addr reflector,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1005
 invoke CreateProcess,addr reflector,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1006
 invoke CreateProcess,addr exepeinfo,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
	 .elseif wParam==1007
 invoke CreateProcess,addr peid,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
  	.elseif wParam==1008
 invoke CreateProcess,addr die,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 
 	.elseif wParam==1011
 invoke CreateProcess,addr dillodie,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1012
 invoke CreateProcess,addr stripper,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1013
 invoke CreateProcess,addr qu,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1014
 invoke CreateProcess,addr scylla,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1015
 invoke CreateProcess,addr lordpe,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1016
 invoke CreateProcess,addr impREC,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 
 	.endif 
	.elseif eax==WM_CLOSE
		invoke EndDialog,hWin,0
	.else
		mov		eax,FALSE
		ret
	.endif
	mov		eax,TRUE
	ret

DlgProc endp

end start

am using RadASM IDE !
Regards ,

Rever7eR

Rever7eR

i tried to write a small program that run some useful tools that i need , unfortunately the program run only in my computer
how can i fix that problem , another question ... i'm just a beginner so the i've repeated CreateProcess and ResumeThread so many times
i guess am doing this wrong ! please correct me
the source code , i called this small Program EX_Runner

.386
.model flat, stdcall  ;32 bit memory model
option casemap :none  ;case sensitive

include EX_Runner.inc
include comdlg32.inc
includelib comdlg32.lib

.const
sla db"\",0
FilterStr db "Executable Files","*.exe",0,0

.data
olly db "C:\RCE\RAMODBG v1.1\OLLYDBG.EXE",0
IDA db "C:\RCE\Tools\IDA Pro\IDA Pro Advanced (32-bit).exe",0
reflector db "C:\Program Files\Red Gate\.NET Reflector\Desktop 8.5\Reflector.exe",0
qu db "C:\RCE\Tools\QUnpack32\Explorer.exe",0
stripper db "C:\RCE\Tools\Unpacking Kit 2012\ARMADILLO\stripper_v213b9\_stripperX.exe",0
dillodie db "C:\RCE\Tools\Unpacking Kit 2012\ARMADILLO\Dillodie\dilloDIE.exe",0
die db "C:\RCE\Tools\DIE_1.01_win\die.exe",0
peid db "C:\RCE\Tools\PEiD-0.95-20081021\PEiD.exe",0
exepeinfo db "C:\RCE\Tools\Exeinfope\exeinfope.exe",0
impREC db "C:\RCE\Tools\ImpREC 1.7e\ImportREC.exe",0
lordpe db "C:\RCE\Tools\lordPE\LordPE.EXE",0
scylla db "C:\RCE\Tools\Scylla v0.9.7c\Scylla_x86.exe",0
.data?
buffer db 512 dup (?)
WFD WIN32_FIND_DATA<>
ofn OPENFILENAME<>

SSI STARTUPINFO<>
PI PROCESS_INFORMATION<>
.code

start:

	invoke GetModuleHandle,NULL
	mov		hInstance,eax

    invoke InitCommonControls
	invoke DialogBoxParam,hInstance,IDD_DIALOG1,NULL,addr DlgProc,NULL
	invoke ExitProcess,0

;########################################################################



DlgProc proc hWin:HWND,uMsg:UINT,wParam:WPARAM,lParam:LPARAM

	mov		eax,uMsg
	.if eax==WM_INITDIALOG

	.elseif eax==WM_COMMAND
	
 .if wParam==1002 
 invoke CreateProcess,addr olly,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif  wParam==1003 
 invoke CreateProcess,addr IDA,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1004
 invoke CreateProcess,addr reflector,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1005
 invoke CreateProcess,addr reflector,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1006
 invoke CreateProcess,addr exepeinfo,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
	 .elseif wParam==1007
 invoke CreateProcess,addr peid,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
  	.elseif wParam==1008
 invoke CreateProcess,addr die,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 
 	.elseif wParam==1011
 invoke CreateProcess,addr dillodie,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1012
 invoke CreateProcess,addr stripper,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1013
 invoke CreateProcess,addr qu,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1014
 invoke CreateProcess,addr scylla,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1015
 invoke CreateProcess,addr lordpe,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1016
 invoke CreateProcess,addr impREC,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 
 	.endif 
	.elseif eax==WM_CLOSE
		invoke EndDialog,hWin,0
	.else
		mov		eax,FALSE
		ret
	.endif
	mov		eax,TRUE
	ret

DlgProc endp

end start

am using RadASM IDE !
Regards ,

Rever7eR

Rever7eR

i tried to write a small program that run some useful tools that i need , unfortunately the program run only in my computer
how can i fix that problem , another question ... i'm just a beginner so the i've repeated CreateProcess and ResumeThread so many times
i guess am doing this wrong ! please correct me
the source code

.386
.model flat, stdcall  ;32 bit memory model
option casemap :none  ;case sensitive

include EX_Runner.inc
include comdlg32.inc
includelib comdlg32.lib

.const
sla db"\",0
FilterStr db "Executable Files","*.exe",0,0

.data
olly db "C:\RCE\RAMODBG v1.1\OLLYDBG.EXE",0
IDA db "C:\RCE\Tools\IDA Pro\IDA Pro Advanced (32-bit).exe",0
reflector db "C:\Program Files\Red Gate\.NET Reflector\Desktop 8.5\Reflector.exe",0
qu db "C:\RCE\Tools\QUnpack32\Explorer.exe",0
stripper db "C:\RCE\Tools\Unpacking Kit 2012\ARMADILLO\stripper_v213b9\_stripperX.exe",0
dillodie db "C:\RCE\Tools\Unpacking Kit 2012\ARMADILLO\Dillodie\dilloDIE.exe",0
die db "C:\RCE\Tools\DIE_1.01_win\die.exe",0
peid db "C:\RCE\Tools\PEiD-0.95-20081021\PEiD.exe",0
exepeinfo db "C:\RCE\Tools\Exeinfope\exeinfope.exe",0
impREC db "C:\RCE\Tools\ImpREC 1.7e\ImportREC.exe",0
lordpe db "C:\RCE\Tools\lordPE\LordPE.EXE",0
scylla db "C:\RCE\Tools\Scylla v0.9.7c\Scylla_x86.exe",0
.data?
buffer db 512 dup (?)
WFD WIN32_FIND_DATA<>
ofn OPENFILENAME<>

SSI STARTUPINFO<>
PI PROCESS_INFORMATION<>
.code

start:

	invoke GetModuleHandle,NULL
	mov		hInstance,eax

    invoke InitCommonControls
	invoke DialogBoxParam,hInstance,IDD_DIALOG1,NULL,addr DlgProc,NULL
	invoke ExitProcess,0

;########################################################################



DlgProc proc hWin:HWND,uMsg:UINT,wParam:WPARAM,lParam:LPARAM

	mov		eax,uMsg
	.if eax==WM_INITDIALOG

	.elseif eax==WM_COMMAND
	
 .if wParam==1002 
 invoke CreateProcess,addr olly,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif  wParam==1003 
 invoke CreateProcess,addr IDA,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1004
 invoke CreateProcess,addr reflector,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1005
 invoke CreateProcess,addr reflector,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1006
 invoke CreateProcess,addr exepeinfo,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
	 .elseif wParam==1007
 invoke CreateProcess,addr peid,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
  	.elseif wParam==1008
 invoke CreateProcess,addr die,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 
 	.elseif wParam==1011
 invoke CreateProcess,addr dillodie,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1012
 invoke CreateProcess,addr stripper,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1013
 invoke CreateProcess,addr qu,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1014
 invoke CreateProcess,addr scylla,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1015
 invoke CreateProcess,addr lordpe,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 	.elseif wParam==1016
 invoke CreateProcess,addr impREC,0,0,0,FALSE,CREATE_SUSPENDED,0,0,addr SSI,addr PI
 invoke ResumeThread,PI.hThread
 
 	.endif 
	.elseif eax==WM_CLOSE
		invoke EndDialog,hWin,0
	.else
		mov		eax,FALSE
		ret
	.endif
	mov		eax,TRUE
	ret

DlgProc endp

end start

am using RadASM IDE !
Regards ,

×
×
  • Create New...