📄 winr.lst
字号:
Microsoft (R) Macro Assembler Version 6.11d 03/12/99 16:40:59
WINR - Winr VxD Page 1 - 1
;******************************************************************************
TITLE WINR - Winr VxD
;******************************************************************************
;
; Title: WINR.ASM - Winr VxD
;
; Version: 1.00
;
;==============================================================================
.386p
;******************************************************************************
; I N C L U D E S
;******************************************************************************
.XLIST
.LIST
;******************************************************************************
; I N I T D A T A
;******************************************************************************
VxD_IDATA_SEG
00000000 1 _IDATA SEGMENT
00000000 ; Initialization data here - discarded after Init_Complete
VxD_IDATA_ENDS
00000000 0000 1 _IDATA ENDS
;******************************************************************************
; D A T A
;******************************************************************************
VxD_DATA_SEG
00000000 1 _LDATA SEGMENT
00000000 00000000 FileAttributes dd 0
00000004 00000000 FileTime dd 0
00000008 00000000 FileDate dd 0
0000000C 00000200 [ TempBuffer db 200h dup(0)
00
]
0000020C
VxD_DATA_ENDS
0000020C 020C 1 _LDATA ENDS
;******************************************************************************
; L O C K E D D A T A
;******************************************************************************
VxD_LOCKED_DATA_SEG
0000020C 1 _LDATA SEGMENT
0000020C Service_Table label dword
0000020C 0000002D R dd offset32 CloseHandle
00000210 0000002D R dd offset32 GetVersion
00000214 0000002F R dd offset32 MyCopyFile
00000218 = 00000003 Service_Table_Size EQU ($-Service_Table)/4
00000218 00000000 Prev_Ifs_Hooker dd 0
0000021C
VxD_LOCKED_DATA_ENDS
0000021C 021C 1 _LDATA ENDS
;******************************************************************************
; L O C K E D C O D E
;******************************************************************************
VxD_LOCKED_CODE_SEG
00000000 1 _LTEXT SEGMENT
00000000
DECLARE_VIRTUAL_DEVICE WINR, WINR_Major_Version,WINR_Minor_Version, WINR_Control,,\
UNDEFINED_INIT_ORDER
= 00000000 1 ??0000 EQU 0
= 00000000 1 ??0001 EQU 0
= 00000000 1 ??0002 EQU 0
= 00000000 1 ??0003 EQU 0
= 00000000 1 ??0004 EQU 0
00000000 0000021C 2 _LDATA SEGMENT
0000021C 00000000 040A 1 WINR_DDB VxD_Desc_Block <,,,WINR_Major_Version,WINR_Minor_Version,,"WINR",UNDEFINED_INIT_ORDER,\
0000 01 00
0000
00000001 [
20202020524E4957
] 80000000
00000000 R
00000000
00000000
00000000
00000000
00000000
00000000
00000000
00000000
50726576
00000050
52737631
52737632
52737633
0000026C
0000026C 00000000 2 _LDATA ENDS
public WINR_Control
00000000 WINR_Control proc near
Control_Dispatch SYS_DYNAMIC_DEVICE_INIT, SYS_Dynamic_Init
00000000 83 F8 1B 1 cmp eax, SYS_DYNAMIC_DEVICE_INIT
00000003 0F 84 00000000 R 1 jz SYS_Dynamic_Init
Control_Dispatch SYS_DYNAMIC_DEVICE_EXIT, SYS_Dynamic_Exit
00000009 83 F8 1C 1 cmp eax, SYS_DYNAMIC_DEVICE_EXIT
0000000C 0F 84 00000000 R 1 jz SYS_Dynamic_Exit
Control_Dispatch W32_DEVICEIOCONTROL,WINR_ioctl
00000012 83 F8 23 1 cmp eax, W32_DEVICEIOCONTROL
00000015 74 02 1 jz WINR_ioctl
00000017 F8 clc
00000018 C3 ret
00000019 WINR_Control endp
00000019 public WINR_ioctl
BeginProc WINR_ioctl
00000019 00000019 1 WINR_ioctl proc near
00000019 51 push ecx
0000001A 8B 4E 0C mov ecx,[esi].dwIoControlCode
0000001D 41 inc ecx
0000001E 81 F9 00000003 cmp ecx,Service_Table_Size
00000024 73 13 jae WINRioctl_fail
00000026 FF 24 8D jmp Service_Table[ecx*4]
0000020C R
0000002D CloseHandle:
0000002D GetVersion:
0000002D EB 05 jmp WINRioctl_sucess
0000002F MyCopyFile:
0000002F E8 00000017 call My_Copy_File
00000034 WINRioctl_sucess:
00000034 59 pop ecx
00000035 33 C0 xor eax,eax
00000037 F8 clc
00000038 C3 ret
00000039 WINRioctl_fail:
00000039 59 pop ecx
0000003A B8 00000050 mov eax,0050h
0000003F F9 stc
00000040 C3 ret
EndProc WINR_ioctl
00000041 1 WINR_ioctl endp
00000041
BeginProc My_FileSystem
00000041 00000041 1 My_FileSystem proc near
00000041 A1 00000218 R mov eax,Prev_Ifs_Hooker
00000046 8B 00 mov eax,dword ptr [eax]
00000048 FF E0 jmp eax
0000004A C3 ret
EndProc My_FileSystem
0000004B 1 My_FileSystem endp
0000004B public My_Copy_File
BeginProc My_Copy_File
0000004B 0000004B 1 My_Copy_File proc near
0000004B CC int 3
0000004C 60 pushad
0000004D 8B 46 14 mov eax,[esi].cbInBuffer
00000050 3D 00000200 cmp eax,200h
00000055 0F 85 00000161 jnz QuitMyProcess
0000005B 8B 76 10 mov esi,[esi].lpvInBuffer
0000005E 33 C0 xor eax,eax
00000060 66| B8 4300 mov ax,4300h
VxdCALL IFSMgr_Ring0_fileIO
00000064 CD 20 1 int Dyna_Link_Int
00000066 00400032 2 dd @@IFSMgr_Ring0_fileIO+0
0000006A 89 0D 00000000 R mov FileAttributes[0],ecx
00000070 33 C0 xor eax,eax
00000072 B4 D5 mov ah,0d5h
00000074 33 C9 xor ecx,ecx
00000076 33 D2 xor edx,edx
00000078 42 inc edx
00000079 33 DB xor ebx,ebx
VxdCALL IFSMgr_Ring0_fileIO
0000007B CD 20 1 int Dyna_Link_Int
0000007D 00400032 2 dd @@IFSMgr_Ring0_fileIO+0
00000081 93 xchg eax,ebx
00000082 33 C0 xor eax,eax
00000084 66| B8 4302 mov ax,4302h
VxdCALL IFSMgr_Ring0_fileIO
00000088 CD 20 1 int Dyna_Link_Int
0000008A 00400032 2 dd @@IFSMgr_Ring0_fileIO+0
0000008E A3 00000008 R mov FileDate[0],eax
00000093 33 C0 xor eax,eax
00000095 66| B8 4304 mov ax,4304h
VxdCALL IFSMgr_Ring0_fileIO
00000099 CD 20 1 int Dyna_Link_Int
0000009B 00400032 2 dd @@IFSMgr_Ring0_fileIO+0
0000009F 89 0D 00000004 R mov FileTime[0],ecx
000000A5 87 EB xchg ebp,ebx
000000A7 81 C6 00000100 add esi,100h
000000AD 56 push esi
000000AE 33 C9 xor ecx,ecx
000000B0 33 C0 xor eax,eax
000000B2 66| B8 4301 mov ax,4301h
VxdCALL IFSMgr_Ring0_fileIO
000000B6 CD 20 1 int Dyna_Link_Int
000000B8 00400032 2 dd @@IFSMgr_Ring0_fileIO+0
000000BC 33 C0 xor eax,eax
000000BE B4 D5 mov ah,0d5h
000000C0 BA 00000002 mov edx,02h
000000C5 BB 00000002 mov ebx,02h
000000CA 33 C9 xor ecx,ecx
VxdCALL IFSMgr_Ring0_fileIO
000000CC CD 20 1 int Dyna_Link_Int
000000CE 00400032 2 dd @@IFSMgr_Ring0_fileIO+0
000000D2 8B D8 mov ebx,eax
000000D4 8B 0D 00000000 R mov ecx,FileAttributes[0]
000000DA B8 00004301 mov eax,4301h
VxdCALL IFSMgr_Ring0_fileIO
000000DF CD 20 1 int Dyna_Link_Int
000000E1 00400032 2 dd @@IFSMgr_Ring0_fileIO+0
000000E5 87 DD xchg ebx,ebp
000000E7 B8 0000D800 mov eax,0d800h
VxdCALL IFSMgr_Ring0_fileIO
000000EC CD 20 1 int Dyna_Link_Int
000000EE 00400032 2 dd @@IFSMgr_Ring0_fileIO+0
000000F2 83 F8 00 cmp eax,0
000000F5 74 5F jz ZeroLength
000000F7 33 D2 xor edx,edx
000000F9 B9 00000200 mov ecx,200h ; eax: File Size
000000FE F7 F1 div ecx ; eax // edx
00000100 8B C8 mov ecx,eax
00000102 52 push edx
00000103 33 D2 xor edx,edx
00000105 BE 0000000C R mov esi,offset TempBuffer
0000010A ReadFile:
0000010A 51 push ecx
0000010B 67& E3 29 jcxz ProcessRemain
0000010E B9 00000200 mov ecx,200h
00000113 B8 0000D600 mov eax,0d600h
VxdCALL IFSMgr_Ring0_fileIO
00000118 CD 20 1 int Dyna_Link_Int
0000011A 00400032 2 dd @@IFSMgr_Ring0_fileIO+0
0000011E WriteFile:
0000011E 87 DD xchg ebx,ebp
00000120 B8 0000D601 mov eax,0d601h
VxdCALL IFSMgr_Ring0_fileIO
00000125 CD 20 1 int Dyna_Link_Int
00000127 00400032 2 dd @@IFSMgr_Ring0_fileIO+0
0000012B 87 DD xchg ebx,ebp
0000012D 81 C2 00000200 add edx,200h
00000133 59 pop ecx
00000134 49 dec ecx
00000135 EB D3 jmp ReadFile
00000137 ProcessRemain:
00000137 59 pop ecx
00000138 59 pop ecx
00000139 67& E3 1A jcxz ZeroLength
0000013C B8 0000D600 mov eax,0d600h
VxdCALL IFSMgr_Ring0_fileIO
00000141 CD 20 1 int Dyna_Link_Int
00000143 00400032 2 dd @@IFSMgr_Ring0_fileIO+0
00000147 87 DD xchg ebx,ebp
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -