📄 sheller.asm
字号:
; #########################################################################
.386
.model flat, stdcall
option casemap :none ; case sensitive
; #########################################################################
include \masm32\include\windows.inc
include \masm32\include\user32.inc
include \masm32\include\kernel32.inc
includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib
; #########################################################################
;=============
; Local macros
;=============
szText MACRO Name, Text:VARARG
LOCAL lbl
jmp lbl
Name db Text,0
lbl:
ENDM
m2m MACRO M1, M2
push M2
pop M1
ENDM
return MACRO arg
mov eax, arg
ret
ENDM
;=================
; Local prototypes
;=================
WinMain PROTO :DWORD,:DWORD,:DWORD,:DWORD
WndProc PROTO :DWORD,:DWORD,:DWORD,:DWORD
TopXY PROTO :DWORD,:DWORD
.data
hWnd dd 0
hPasswordEdit dd 0
hInstance dd 0
CommandLine dd 0
szDisplayName db "exeLock v1.0 Powered by bodies",0
itPassword db 20 dup(0)
itTheKey db "exeLock v1.0 ",0
itImageBase dd 0
itImageEntryPoint dd 0
itImportTableEntryPoint dd 0
itThunkPoint dd 0
itDllHandle dd 0
.code
start:
invoke GetModuleHandle, NULL
mov hInstance, eax
invoke GetCommandLine
mov CommandLine, eax
invoke WinMain,hInstance,NULL,CommandLine,SW_SHOWDEFAULT
invoke ExitProcess,eax
; #########################################################################
WinMain proc hInst :DWORD,
hPrevInst :DWORD,
CmdLine :DWORD,
CmdShow :DWORD
;====================
; Put LOCALs on stack
;====================
LOCAL wc :WNDCLASSEX
LOCAL msg :MSG
LOCAL Wwd :DWORD
LOCAL Wht :DWORD
LOCAL Wtx :DWORD
LOCAL Wty :DWORD
;==================================================
; Fill WNDCLASSEX structure with required variables
;==================================================
mov wc.cbSize, sizeof WNDCLASSEX
mov wc.style, CS_HREDRAW or CS_VREDRAW \
or CS_BYTEALIGNWINDOW
mov wc.lpfnWndProc, offset WndProc
mov wc.cbClsExtra, NULL
mov wc.cbWndExtra, NULL
mov wc.hInstance, NULL
mov wc.hbrBackground, COLOR_BTNFACE+1
mov wc.lpszMenuName, NULL
mov wc.lpszClassName, offset szClassName
;invoke LoadIcon,hInst,80101 ; icon ID
mov wc.hIcon, NULL
;invoke LoadCursor,NULL,IDC_ARROW
mov wc.hCursor, NULL
mov wc.hIconSm, 0
invoke RegisterClassEx, ADDR wc
;================================
; Centre window at following size
;================================
mov Wwd, 340
mov Wht, 150
invoke GetSystemMetrics,SM_CXSCREEN
invoke TopXY,Wwd,eax
mov Wtx, eax
invoke GetSystemMetrics,SM_CYSCREEN
invoke TopXY,Wht,eax
mov Wty, eax
szText szClassName,"SHELLER_BOYU"
invoke CreateWindowEx,WS_EX_DLGMODALFRAME,
ADDR szClassName,
ADDR szDisplayName,
WS_DLGFRAME or WS_CAPTION or WS_SYSMENU,
Wtx,Wty,Wwd,Wht,
NULL,NULL,
hInst,NULL
mov hWnd,eax
invoke ShowWindow,hWnd,SW_SHOWNORMAL
invoke UpdateWindow,hWnd
;===================================
; Loop until PostQuitMessage is sent
;===================================
StartLoop:
invoke GetMessage,ADDR msg,NULL,0,0
cmp eax, 0
je ExitLoop
invoke TranslateMessage, ADDR msg
invoke DispatchMessage, ADDR msg
jmp StartLoop
ExitLoop:
return msg.wParam
WinMain endp
; #########################################################################
WndProc proc hWin :DWORD,
uMsg :DWORD,
wParam :DWORD,
lParam :DWORD
.if uMsg == WM_COMMAND
.if wParam == 8301
invoke GetWindowText,hPasswordEdit,offset itPassword,20
mov eax,offset itTheKey
mov ecx,offset itPassword
OnCmp:
mov dh,[eax]
mov dl,[ecx]
cmp dh,0
jz EndCmp
cmp dl,dh
jne ProcRet
add eax,1
add ecx,1
jmp OnCmp
EndCmp:
;invoke MessageBox,hWin,ADDR itPassword,ADDR szDisplayName,MB_OK
.if itImportTableEntryPoint!=0
; ----- 对原来的Import表(输入表)进行人工填写(重定位) ----------------------------------------------------
mov edx, itImageBase
mov esi, itImportTableEntryPoint
add esi, edx ; 相加后就是Import表的实际地址
DoLoadDll: ;循环装载DLL
mov eax, [esi+0Ch] ; Dll的文件名RVA地址
or eax, eax
jz LoadDllEnd ; 是否存在(是NULL就不存在),转到LoadDllEnd
add eax, edx ; 加上基址
mov ebx, eax ; 保存到ebx
invoke GetModuleHandle,eax ; 调用Kernel32!GetModuleHandleA以获得模块句柄
or eax, eax
jnz TheDllLoaded ; 是否已经装入了,如果装入了就转TheDllLoaded
invoke LoadLibrary,ebx ; 调用Kernel!LoadLibrary装入模块
or eax, eax ; 成功了就返回该模块句柄
jnz TheDllLoaded
ExitLoader:
szText quitMsg,"装载错误!程序将退出。"
invoke MessageBox,hWin,ADDR quitMsg,ADDR szDisplayName,MB_OK
invoke PostQuitMessage,NULL
return 0
TheDllLoaded:
mov itDllHandle, eax ; 保存该模块句柄
mov ebx, [esi+10h] ; esi为Import表的实际地址
mov itThunkPoint,ebx
DoLoadDllFunction: ;循环装截Function
mov edx, itImageBase ; 基址
mov eax, itThunkPoint ; 指向输入地址表数组(PIMAGE_THUNK_DATA FirstThunk)的指针
add eax, edx ; 加上基址
mov ebx, [eax] ; 得到Thunk的值
mov edi,eax
test ebx, ebx ; 检查此thunk是否为空,空就是此DLL的函数处理完了
jz LoadFunctionEnd ; 为空转到函数处理完毕
test ebx, 80000000h ; 是否是序列号
jnz LoadFunctionByOrdinal
LoadFunctionByHintName:
add ebx, edx ; 加上基址=提示名表地址(Hint Name Table)
add ebx, 2 ; Hint为两个字节
LoadFunctionByOrdinal:
and ebx, 0FFFFFFFh ; 屏蔽高8位
invoke GetProcAddress,itDllHandle,ebx
or eax, eax ; 成功否
jz ExitLoader
mov [edi], eax ; 保存到输入地址表(Import Address Table)
add itThunkPoint, 4 ; 下一个函数
jmp DoLoadDllFunction ; 处理下一个函数
LoadFunctionEnd:
add esi, 14h ; 下一个表项
mov edx, itImageBase ; 加上基址
jmp DoLoadDll ; 处理下一个模块
LoadDllEnd:
invoke ShowWindow,hWin,SW_HIDE
mov eax, itImageEntryPoint ; 原程序入口RVA地址
add eax, itImageBase ; 加上基址
jmp eax ; 跳到原程序执行
.endif
.elseif wParam == 8302
invoke PostQuitMessage,NULL
.elseif wParam == 8303
szText aboutMsg ," exeLock v1.0",13,13\
," 作者:杨博宇 ",13,13\
," bodies@163.com",13,13\
," http://www.vchevean.net"
invoke MessageBox,hWin,ADDR aboutMsg,ADDR szDisplayName,MB_OK
.endif
.elseif uMsg == WM_CREATE
jmp wpLbl
txt1 db " 请输入密码",0
cap1 db " 确 定 ",0
cap2 db " 取 消 ",0
cap3 db " 关 于 ",0
nulbyte db 0
wpLbl:
szText statClass,"STATIC"
szText slEdit,"EDIT"
szText slButton,"Button"
;One static
invoke CreateWindowEx,WS_EX_STATICEDGE,
ADDR statClass,ADDR txt1,
WS_CHILD or WS_VISIBLE or SS_LEFT,
10,30,100,22,hWin,8501,
NULL,NULL
;One edit
invoke CreateWindowEx,WS_EX_CLIENTEDGE,ADDR slEdit,ADDR nulbyte,
WS_VISIBLE or WS_CHILDWINDOW or \
ES_PASSWORD,
120,30,200,23,hWin,8201,NULL,NULL
mov hPasswordEdit,eax
; Three buttons
invoke CreateWindowEx,BS_PUSHBUTTON or BS_AUTO3STATE,ADDR slButton,ADDR cap1,
WS_CHILD or WS_VISIBLE or BS_PUSHBUTTON,
10,90,90,26,hWin,8301,NULL,NULL
invoke CreateWindowEx,BS_PUSHBUTTON or BS_AUTO3STATE,ADDR slButton,ADDR cap2,
WS_CHILD or WS_VISIBLE or BS_PUSHBUTTON,
120,90,90,26,hWin,8302,NULL,NULL
invoke CreateWindowEx,BS_PUSHBUTTON or BS_AUTO3STATE,ADDR slButton,ADDR cap3,
WS_CHILD or WS_VISIBLE or BS_PUSHBUTTON,
230,90,90,26,hWin,8303,NULL,NULL
.elseif uMsg == WM_DESTROY
invoke PostQuitMessage,NULL
return 0
.endif
ProcRet:
invoke DefWindowProc,hWin,uMsg,wParam,lParam
ret
WndProc endp
; ########################################################################
TopXY proc wDim:DWORD, sDim:DWORD
shr sDim, 1 ; divide screen dimension by 2
shr wDim, 1 ; divide window dimension by 2
mov eax, wDim ; copy window dimension into eax
sub sDim, eax ; sub half win dimension from half screen dimension
return sDim
TopXY endp
; ########################################################################
end start
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -