schoolboy Posted December 29, 2020 Posted December 29, 2020 Hello, Can you convert this cmd code to Disassembly code, thank you. taskkill /IM notepad.exe /F
atom0s Posted December 29, 2020 Posted December 29, 2020 The entire source code to taskkill has leaked online with the recent Windows XP / Server 2003 / etc. leaks if your goal is to see what the program does in full. https://github.com/bestbat/Windows-Server/blob/master/sdktools/cmdline/taskkill/parse.cpp https://github.com/bestbat/Windows-Server/blob/master/sdktools/cmdline/taskkill/taskkill.cpp https://github.com/PubDom/Windows-Server-2003/blob/master/sdktools/cmdline/taskkill/parse.cpp https://github.com/PubDom/Windows-Server-2003/blob/master/sdktools/cmdline/taskkill/taskkill.cpp Some of the leak is still up on GitHub, you can find the full thing elsewhere. 1
schoolboy Posted December 30, 2020 Author Posted December 30, 2020 No no, my purpose is completely different. If there is a short code like "taskkill / IM notepad.exe / F" in assembly language, if- I want to add that code to a code cave section in my.exe file with the help of the multiline ultimate assembler.
deepzero Posted December 30, 2020 Posted December 30, 2020 you need win32 api to do this. Either you translate the semantics of that shellcommand to win32 apis and implement that in assembly, like done here: https://github.com/mmtechslv/killproc/blob/master/src/killproc.asm Or you use the system() api (or shellexecute) and use that in your code: https://docs.microsoft.com/en-us/cpp/c-runtime-library/reference/system-wsystem?view=msvc-160 system("taskkill / IM notepad.exe / F") The latter seems to be what you are looking for... 1
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now