📄 shell.asm
字号:
.386
.model flat, stdcall
option casemap:none
include \masm32\include\kernel32.inc
include \masm32\include\user32.inc
include \masm32\include\comdlg32.inc
include \masm32\include\shell32.inc
include \masm32\include\imagehlp.inc
includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\user32.lib
includelib \masm32\lib\comdlg32.lib
includelib \masm32\lib\shell32.lib
includelib \masm32\lib\imagehlp.lib
include \masm32\include\windows.inc
include resource.inc
include jacket.inc
DlgProc PROTO :HWND, :UINT, :WPARAM, :LPARAM
GetApiA proto :DWORD,:DWORD
;------------ CONST ---------
.const
EntryPointEncry_FLAG equ 1
ERASE_HEADER_FLAG equ 2
DESTROY_IMPORT_FLAG equ 4
HookReadMemory_FLAG equ 8
ChangeSectionName_FLAG equ 16
API_REDIRECT_FLAG equ 32
VA_SHARED EQU 08000000h ; Matt Pietrek
HOOK_PROC_SIZE EQU OFFSET HookProcEnd - OFFSET HookProc
RPM_API_ENTRY_CODE EQU DB 055h, 08Bh, 0ECh, 056h, 057h
SEC_PER_SIZE EQU 030h
;------------ DATA ----------
.data
pMem dd 0
dwFsize dd 0
hInst dd 0
hDLG dd 0
ofn OPENFILENAME <>
cFname db MAX_PATH dup (0)
szFilter db "ExE files",0,"*.exe",0,"All files",0,"*.*",0,0
szCurDir db ".",0
szNoFile db "没有选择文件!",0
mdo db "已经修改过了,不需要再修改!",0
mtitle db "Note by PLL621[CCG]",0
mwerr db "无法写入错误,请册除这个文件",0
msectionbig db "无法进行下去,原因是不能添加新节了,",0
mopenerr db "没有找到文件",0
mnope db "不是PE文件,无法进行",0
mok db "修改完成",0
mduiqierr db "段对齐错误,需要用peedior重建立pe文件头才可在2000下用",0
MsizeErr db "文件尺寸错误",0
MMemErr db "分配内存错误",0
MEncryptEntryPointCodeErr db "无法转化入口RAV值",0
checker_len dd 0
Section_addr dd 0
des_basein dd 0
hFile dd 0
PE_head IMAGE_NT_HEADERS <0>
Section_table db 280h dup (0)
Head_len dd 0;sizeof PE_head+sizeof Section_table
pe_header_off dd 0 ;存储文件头相对文件的偏移量
PE_head_addr dd 0
byte_read dd 0
byte_write dd 0 ;WriteFile时使用,没有实际用途,为了程序正确
temp_virt_addr dd 0
temp_raw_size dd 0
my_section struc
sec_name db '.PLL621',0 ; 块名
virt_size dd 0 ; 块长
virt_addr dd 0 ; 该块RVA地址
raw_size dd 0 ; 该块物理长度
raw_offset dd 0 ; 该块物理偏移
dd 0,0,0 ; 未用
sec_flags dd 0E0000020h ; 属性
my_section ends
new_section my_section <>
;------------ CODE ----------
.code
include code.ASM
main:
invoke GetModuleHandle,0
mov hInst,eax
invoke DialogBoxParam,eax,IDD_MAINDLG,0,offset DlgProc,0
THEEND:
invoke ExitProcess,0
DlgProc proc hDlg:HWND, uMsg:UINT, wParam:WPARAM, lParam:LPARAM
LOCAL hDrop : HANDLE
pushad
.IF uMsg == WM_INITDIALOG
invoke LoadIcon,hInst,IDI_ICON
invoke SendMessage,hDlg,WM_SETICON,TRUE,eax
push hDlg
pop hDLG
invoke DragAcceptFiles,hDlg,TRUE
.ELSEIF uMsg == WM_DROPFILES
push wParam
pop hDrop
invoke DragQueryFile,hDrop,0,offset cFname,sizeof cFname
invoke DragFinish,hDrop
invoke SetDlgItemText,hDlg,IDC_TARGETFILE,offset cFname
.ELSEIF uMsg == WM_COMMAND
mov eax,wParam
.IF ax == IDC_CLOSE
invoke SendMessage,hDlg,WM_CLOSE,NULL,NULL
.ELSEIF ax == IDC_CHOOSEFILE
; get a file path
mov ofn.lStructSize,SIZEOF ofn
mov ofn.lpstrFilter,offset szFilter
push hDlg
pop ofn.hwndOwner
mov ofn.lpstrFile, offset cFname
mov ofn.nMaxFile,SIZEOF cFname
mov ofn.lpstrInitialDir,offset szCurDir
mov ofn.Flags, OFN_FILEMUSTEXIST or OFN_PATHMUSTEXIST or OFN_LONGNAMES or OFN_HIDEREADONLY
push offset ofn
call GetOpenFileName
test eax,eax
jz @@ExitDlgProc
invoke SetDlgItemText,hDlg,IDC_TARGETFILE,offset cFname
.ELSEIF ax == IDC_CRYPT
; ----- was a file selected ? -----
mov eax,offset cFname
.IF byte ptr [eax] == 0
invoke MessageBox,hDlg,offset szNoFile,offset mtitle,MB_ICONERROR
jmp @@ExitDlgProc
.ENDIF
push edi
push hDlg
push offset cFname
call CryptFile
.ENDIF
.ELSEIF uMsg == WM_CLOSE
invoke EndDialog,hDlg,0
.ENDIF
popad
@@ExitDlgProc:
xor eax,eax
ret
DlgProc endp
Protectcode ;插入到程序里面代码的宏
end main⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -