📄 winr.asm
字号:
;******************************************************************************
TITLE WINR - Winr VxD
;******************************************************************************
;
; Title: WINR.ASM - Winr VxD
;
; Version: 1.00
;
;==============================================================================
.386p
;******************************************************************************
; I N C L U D E S
;******************************************************************************
.XLIST
MASM=1
INCLUDE VMM.Inc
INCLUDE ifs.Inc
INCLUDE ifsmgr.Inc
INCLUDE debug.inc
INCLUDE vwin32.inc
INCLUDE winr.inc
.LIST
;******************************************************************************
; I N I T D A T A
;******************************************************************************
VxD_IDATA_SEG
; Initialization data here - discarded after Init_Complete
VxD_IDATA_ENDS
;******************************************************************************
; D A T A
;******************************************************************************
VxD_DATA_SEG
FileAttributes dd 0
FileTime dd 0
FileDate dd 0
TempBuffer db 200h dup(0)
VxD_DATA_ENDS
;******************************************************************************
; L O C K E D D A T A
;******************************************************************************
VxD_LOCKED_DATA_SEG
Service_Table label dword
dd offset32 CloseHandle
dd offset32 GetVersion
dd offset32 MyCopyFile
Service_Table_Size EQU ($-Service_Table)/4
Prev_Ifs_Hooker dd 0
VxD_LOCKED_DATA_ENDS
;******************************************************************************
; L O C K E D C O D E
;******************************************************************************
VxD_LOCKED_CODE_SEG
DECLARE_VIRTUAL_DEVICE WINR, WINR_Major_Version,WINR_Minor_Version, WINR_Control,,\
UNDEFINED_INIT_ORDER
public WINR_Control
WINR_Control proc near
Control_Dispatch SYS_DYNAMIC_DEVICE_INIT, SYS_Dynamic_Init
Control_Dispatch SYS_DYNAMIC_DEVICE_EXIT, SYS_Dynamic_Exit
Control_Dispatch W32_DEVICEIOCONTROL,WINR_ioctl
clc
ret
WINR_Control endp
public WINR_ioctl
BeginProc WINR_ioctl
push ecx
mov ecx,[esi].dwIoControlCode
inc ecx
cmp ecx,Service_Table_Size
jae WINRioctl_fail
jmp Service_Table[ecx*4]
CloseHandle:
GetVersion:
jmp WINRioctl_sucess
MyCopyFile:
call My_Copy_File
WINRioctl_sucess:
pop ecx
xor eax,eax
clc
ret
WINRioctl_fail:
pop ecx
mov eax,0050h
stc
ret
EndProc WINR_ioctl
BeginProc My_FileSystem
mov eax,Prev_Ifs_Hooker
mov eax,dword ptr [eax]
jmp eax
ret
EndProc My_FileSystem
public My_Copy_File
BeginProc My_Copy_File
int 3
pushad
mov eax,[esi].cbInBuffer
cmp eax,200h
jnz QuitMyProcess
mov esi,[esi].lpvInBuffer
xor eax,eax
mov ax,4300h
VxdCALL IFSMgr_Ring0_fileIO
mov FileAttributes[0],ecx
xor eax,eax
mov ah,0d5h
xor ecx,ecx
xor edx,edx
inc edx
xor ebx,ebx
VxdCALL IFSMgr_Ring0_fileIO
xchg eax,ebx
xor eax,eax
mov ax,4302h
VxdCALL IFSMgr_Ring0_fileIO
mov FileDate[0],eax
xor eax,eax
mov ax,4304h
VxdCALL IFSMgr_Ring0_fileIO
mov FileTime[0],ecx
xchg ebp,ebx
add esi,100h
push esi
xor ecx,ecx
xor eax,eax
mov ax,4301h
VxdCALL IFSMgr_Ring0_fileIO
xor eax,eax
mov ah,0d5h
mov edx,02h
mov ebx,02h
xor ecx,ecx
VxdCALL IFSMgr_Ring0_fileIO
mov ebx,eax
mov ecx,FileAttributes[0]
mov eax,4301h
VxdCALL IFSMgr_Ring0_fileIO
xchg ebx,ebp
mov eax,0d800h
VxdCALL IFSMgr_Ring0_fileIO
cmp eax,0
jz ZeroLength
xor edx,edx
mov ecx,200h ; eax: File Size
div ecx ; eax // edx
mov ecx,eax
push edx
xor edx,edx
mov esi,offset TempBuffer
ReadFile:
push ecx
jcxz ProcessRemain
mov ecx,200h
mov eax,0d600h
VxdCALL IFSMgr_Ring0_fileIO
WriteFile:
xchg ebx,ebp
mov eax,0d601h
VxdCALL IFSMgr_Ring0_fileIO
xchg ebx,ebp
add edx,200h
pop ecx
dec ecx
jmp ReadFile
ProcessRemain:
pop ecx
pop ecx
jcxz ZeroLength
mov eax,0d600h
VxdCALL IFSMgr_Ring0_fileIO
xchg ebx,ebp
mov eax,0d601h
VxdCALL IFSMgr_Ring0_fileIO
xchg ebx,ebp
ZeroLength:
ReadWrite_End:
mov eax,0d700h
VxdCALL IFSMgr_Ring0_fileIO
xchg ebx,ebp
mov edi,dword ptr FileDate[0]
mov ecx,dword ptr FileTime[0]
xor eax,eax
mov ax,4303h
VxdCALL IFSMgr_Ring0_fileIO
mov eax,0d700h
VxdCALL IFSMgr_Ring0_fileIO
pop esi
xor eax,eax
mov ah,0d5h
xor ecx,ecx
xor edx,edx
inc edx
xor ebx,ebx
VxdCALL IFSMgr_Ring0_fileIO
xchg eax,ebx
mov edi,dword ptr FileDate[0]
mov ecx,dword ptr FileTime[0]
xor eax,eax
mov ax,4303h
VxdCALL IFSMgr_Ring0_fileIO
mov eax,0d700h
VxdCALL IFSMgr_Ring0_fileIO
QuitMyProcess:
popad
clc
xor eax,eax
ret
EndProc My_Copy_File
VxD_LOCKED_CODE_ENDS
;******************************************************************************
; P A G E A B L E C O D E
;******************************************************************************
VXD_PAGEABLE_CODE_SEG
BeginProc SYS_Dynamic_Exit
; VxdCall IFSMgr_RemoveFileSystemApiHook,<offset32 My_FileSystem>
clc
xor eax,eax
ret
EndProc SYS_Dynamic_Exit
VXD_PAGEABLE_CODE_ENDS
;******************************************************************************
; I N I T C O D E
;******************************************************************************
VXD_ICODE_SEG
BeginProc SYS_Dynamic_Init
; VxdCall IFSMgr_InstallFileSystemApiHook, <offset32 My_FileSystem>
; or eax,eax
; jz Init_Error
; mov Prev_Ifs_Hooker,eax
clc
xor eax,eax
ret
Init_Error:
stc
ret
EndProc SYS_Dynamic_Init
VXD_ICODE_ENDS
END
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -