;下面是改编whg的代码。大概是2009年写的,不确定。
;Email:leguanyuan@126.com
;QQ:112426112
;websites:http://correy.webs.com
;rc me.rc
;ml /coff test.asm /link /subsystem:windows me.res
;QQ:112426112
;websites:http://correy.webs.com
;rc me.rc
;ml /coff test.asm /link /subsystem:windows me.res
.386
.model flat,stdcall
include user32.inc
include mpr.inc
includelib user32.lib
includelib mpr.lib
.code
EnumNet proc
pushad
push 2
invoke WNetOpenEnumA,2,1,2,ebp,esp
pop esi
jnz OError
mov edi,100h
sub esp,edi
mov ebp,esp
next:push 1h
mov eax,esp
push edi
invoke WNetEnumResourceA,esi,eax,ebp,esp
pop ecx
pop ecx
jnz Over
invoke MessageBoxA,0,[ebp+20],[ebp+28],0
call Enumnet
jmp next
Over:invoke WNetCloseEnum,esi
add esp,edi
OError:popad
ret
EnumNet endp
Start:push [esp]
mov ebp,0
call EnumNet
pop esp
ret
end Start
.model flat,stdcall
include user32.inc
include mpr.inc
includelib user32.lib
includelib mpr.lib
.code
EnumNet proc
pushad
push 2
invoke WNetOpenEnumA,2,1,2,ebp,esp
pop esi
jnz OError
mov edi,100h
sub esp,edi
mov ebp,esp
next:push 1h
mov eax,esp
push edi
invoke WNetEnumResourceA,esi,eax,ebp,esp
pop ecx
pop ecx
jnz Over
invoke MessageBoxA,0,[ebp+20],[ebp+28],0
call Enumnet
jmp next
Over:invoke WNetCloseEnum,esi
add esp,edi
OError:popad
ret
EnumNet endp
Start:push [esp]
mov ebp,0
call EnumNet
pop esp
ret
end Start
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;为了这个程序,我努力一年多了,才成功。
;刚开始是研究whg的那个用堆栈且来回调用的子程序。
;还有上海交大一个女教授的与funlove病毒上用的代码。
;今天费了九牛二虎之力终于完成了,不足之处,敬请指导。
;小玩意,见笑了,但我深刻理解了,我调试成功了!
;made by correy
;QQ:112426112
;Email:leguanyuan@126.com
;Homepage:http://correy.webs.com
;刚开始是研究whg的那个用堆栈且来回调用的子程序。
;还有上海交大一个女教授的与funlove病毒上用的代码。
;今天费了九牛二虎之力终于完成了,不足之处,敬请指导。
;小玩意,见笑了,但我深刻理解了,我调试成功了!
;made by correy
;QQ:112426112
;Email:leguanyuan@126.com
;Homepage:http://correy.webs.com
.386
.model flat,stdcall
option casemap:none
include windows.inc
include kernel32.inc
include user32.inc
include mpr.inc
.model flat,stdcall
option casemap:none
include windows.inc
include kernel32.inc
include user32.inc
include mpr.inc
includelib user32.lib
includelib kernel32.lib
includelib mpr.lib
includelib kernel32.lib
includelib mpr.lib
.data
zeroone dd -1
zeroone2 dd -1
zeroone3 dd -1
fours dd 4000h
fours2 dd 4000h
fours3 dd 4000h
zeroone dd -1
zeroone2 dd -1
zeroone3 dd -1
fours dd 4000h
fours2 dd 4000h
fours3 dd 4000h
.data?
x dd ?
y dd ?
z dd ?
buffer db 4000h dup (?)
buffer2 db 4000h dup (?)
buffer3 db 4000h dup (?)
x dd ?
y dd ?
z dd ?
buffer db 4000h dup (?)
buffer2 db 4000h dup (?)
buffer3 db 4000h dup (?)
.code
Start:
invoke WNetOpenEnumA,2,1,2,0,aDDR x
invoke WNetEnumResourceA,x,addr zeroone,aDDR buffer,addr fours
invoke WNetOpenEnumA,2,1,2,0,aDDR x
invoke WNetEnumResourceA,x,addr zeroone,aDDR buffer,addr fours
mov esi,offset buffer
show:
cmp zeroone,0
je over
invoke MessageBoxA,0,dword ptr [esi+20],[esi+28],0
cmp zeroone,0
je over
invoke MessageBoxA,0,dword ptr [esi+20],[esi+28],0
invoke WNetOpenEnumA,2,1,2,esi,aDDR y
mov zeroone2,-1
invoke WNetEnumResourceA,y,addr zeroone2,addr buffer2,addr fours2;运行错误。
cmp eax,0
jne next
mov edi,offset buffer2
show2:
invoke MessageBoxA,0,[edi+20],dword ptr [edi+28],0
invoke WNetOpenEnumA,2,1,2,edi,addr z
mov zeroone3,-1
invoke WNetEnumResourceA,z,addr zeroone3,addr buffer3,addr fours3
mov ebx,offset buffer3
show3:
invoke MessageBoxA,0,[ebx+20],dword ptr [ebx+28],0
dec zeroone3
cmp zeroone3,0
je next2
add ebx,32
jmp show3
next2:
dec zeroone2
cmp zeroone2,0
je next
add edi,32
jmp show2
next:
add esi,32
dec zeroone
jmp show
mov zeroone2,-1
invoke WNetEnumResourceA,y,addr zeroone2,addr buffer2,addr fours2;运行错误。
cmp eax,0
jne next
mov edi,offset buffer2
show2:
invoke MessageBoxA,0,[edi+20],dword ptr [edi+28],0
invoke WNetOpenEnumA,2,1,2,edi,addr z
mov zeroone3,-1
invoke WNetEnumResourceA,z,addr zeroone3,addr buffer3,addr fours3
mov ebx,offset buffer3
show3:
invoke MessageBoxA,0,[ebx+20],dword ptr [ebx+28],0
dec zeroone3
cmp zeroone3,0
je next2
add ebx,32
jmp show3
next2:
dec zeroone2
cmp zeroone2,0
je next
add edi,32
jmp show2
next:
add esi,32
dec zeroone
jmp show
over:
invoke WNetCloseEnum,x
push 0
call ExitProcess
end Start
;made at 2010.09.18
push 0
call ExitProcess
end Start
;made at 2010.09.18
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
;本文的功能是:以树形控件的形式显示本电脑所在的局域网网络结构。
;注释:树性控件中没有显示小图标。
;不足之处,敬请指导。
;QQ:112426112
;Email:leguanyuan at 126 dot com
;Homepage:http://correy.webs.com
.386
.model flat,stdcall
option casemap:none
include windows.inc
include kernel32.inc
includelib kernel32.lib
include user32.inc
includelib user32.lib
include comctl32.inc
includelib comctl32.lib
include mpr.inc
includelib mpr.lib
.data
TreeViewClass db "SysTreeView32",0
zeroone dd -1
zeroone2 dd -1
zeroone3 dd -1
fours dd 4000h
fours2 dd 4000h
fours3 dd 4000h
hParent dd 0
hson dd 0
.data?
x dd ?
y dd ?
z dd ?
buffer db 4000h dup (?)
buffer2 db 4000h dup (?)
buffer3 db 4000h dup (?)
hInstance HINSTANCE ?
hwndTreeView dd ?
.code
szClassName db "made by correy",0
pwndclassex dd 48,3,offset WndowProc,0,0,0,0,0,6,0,offset szClassName,0
stMsg MSG <>
szSysTreeView32 db "SysTreeView32",0
WndowProc proc uses edi hWnd:HWND, uMsg:UINT, wParam:WPARAM, lParam:LPARAM
LOCAL tvinsert:TV_INSERTSTRUCT
LOCAL tvhit:TV_HITTESTINFO
.if uMsg==WM_CREATE
;int 3
invoke InitCommonControls
invoke CreateWindowEx,NULL,ADDR TreeViewClass,NULL, WS_CHILD+WS_VISIBLE+TVS_HASLINES+TVS_HASBUTTONS+TVS_LINESATROOT,0,0,600,400,hWnd,NULL,hInstance,NULL
mov hwndTreeView,eax
invoke WNetOpenEnumA,2,1,2,0,aDDR x
invoke WNetEnumResourceA,x,addr zeroone,aDDR buffer,addr fours
mov esi,offset buffer
.while zeroone != 0
mov eax,hParent ;这两行解决了,“Microsoft Terminal Tervices” 与 “Microsoft Windows Network” 并列显示的问题。可能还有"Web Cient Network"。
mov tvinsert.hParent,eax;hParent被定义成0,第一次运行,此处是0,以后就有数字了。
mov tvinsert.hInsertAfter,TVI_ROOT
mov tvinsert.item.imask,TVIF_TEXT+TVIF_IMAGE+TVIF_SELECTEDIMAGE
mov eax,dword ptr [esi+20]
mov tvinsert.item.pszText,eax
mov tvinsert.item.iImage,0
mov tvinsert.item.iSelectedImage,1
invoke SendMessage,hwndTreeView,TVM_INSERTITEM,0,addr tvinsert
mov hParent,eax
invoke WNetOpenEnumA,2,1,2,esi,aDDR y
mov zeroone2,-1
invoke WNetEnumResourceA,y,addr zeroone2,addr buffer2,addr fours2
.if eax == 0
mov edi,offset buffer2
.while eax == eax
mov eax,hParent
mov tvinsert.hParent,eax
mov tvinsert.hInsertAfter,TVI_LAST
mov eax,[edi+20]
mov tvinsert.item.pszText,eax
invoke SendMessage,hwndTreeView,TVM_INSERTITEM,0,addr tvinsert
mov hson,eax
invoke WNetOpenEnumA,2,1,2,edi,addr z
mov zeroone3,-1
invoke WNetEnumResourceA,z,addr zeroone3,addr buffer3,addr fours3
mov ebx,offset buffer3
.while eax == eax
mov eax,hson
mov tvinsert.hParent,eax
mov eax,[ebx+20]
mov tvinsert.item.pszText,eax
invoke SendMessage,hwndTreeView,TVM_INSERTITEM,0,addr tvinsert
dec zeroone3
.break .if zeroone3 == 0
add ebx,32
.endw
;mov eax,hson ;这两行代码加这里与加下面的作用,基本上是一样的。
;mov hParent,eax ;这两行代码的作用是使"Web Cient Network“与计算机并列。不知道这样设置对不对?
dec zeroone2
.break .if zeroone2 == 0
add edi,32
.endw
mov eax,hson
mov hParent,eax
.endif
add esi,32
dec zeroone
.endw
invoke WNetCloseEnum,x
.elseif uMsg==WM_DESTROY
invoke PostQuitMessage,NULL
.else
invoke DefWindowProc,hWnd,uMsg,wParam,lParam
ret
.endif
xor eax,eax
ret
WndowProc endp
start:
invoke GetModuleHandle,0
mov hInstance,eax
mov pwndclassex+20,eax
invoke LoadCursor,0,32512;加载箭头鼠标。
mov pwndclassex+28,eax
invoke RegisterClassEx,addr pwndclassex
invoke CreateWindowEx,200h,offset szClassName,offset szClassName,0Cf0000h,80000000h,80000000h,710,530,0,0,hInstance,0;0Ca0000h 0Cf0000h
invoke ShowWindow,eax,1;若不想显示,此行也可以去掉。
again:invoke GetMessage,addr stMsg,0,0,0
cmp eax,0
je exit
invoke DispatchMessage,addr stMsg
jmp again
exit:invoke ExitProcess,0
end start
;made at 2011.10.23
;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
再次修改如下:
;本文的功能是:以树形控件的形式显示本电脑所在的局域网网络结构。
;注释:属性控件中没有显示小图标。
;不足之处,敬请指导。
;QQ:112426112
;Email:leguanyuan at 126 dot com
;Homepage:http://correy.webs.com
.386
.model flat,stdcall
option casemap:none
include windows.inc
include kernel32.inc
includelib kernel32.lib
include user32.inc
includelib user32.lib
include comctl32.inc
includelib comctl32.lib
include mpr.inc
includelib mpr.lib
.data
TreeViewClass db "SysTreeView32",0
zeroone dd -1
zeroone2 dd -1
zeroone3 dd -1
fours dd 4000h
fours2 dd 4000h
fours3 dd 4000h
hParent dd 0
hson dd 0
.data?
x dd ?
y dd ?
z dd ?
buffer db 4000h dup (?)
buffer2 db 4000h dup (?)
buffer3 db 4000h dup (?)
hInstance HINSTANCE ?
hwndTreeView dd ?
.code
szClassName db "made by correy",0
pwndclassex dd 48,3,offset WndowProc,0,0,0,0,0,6,0,offset szClassName,0
stMsg MSG <>
szSysTreeView32 db "SysTreeView32",0
root dd 0
szroot db "整个网络",0
WndowProc proc uses edi hWnd:HWND, uMsg:UINT, wParam:WPARAM, lParam:LPARAM
LOCAL tvinsert:TV_INSERTSTRUCT
.if uMsg==WM_CREATE
;int 3
invoke InitCommonControls
invoke CreateWindowEx,NULL,ADDR TreeViewClass,NULL, WS_CHILD+WS_VISIBLE+TVS_HASLINES+TVS_HASBUTTONS+TVS_LINESATROOT,0,0,600,400,hWnd,NULL,hInstance,NULL
mov hwndTreeView,eax
invoke WNetOpenEnumA,2,1,2,0,aDDR x
invoke WNetEnumResourceA,x,addr zeroone,aDDR buffer,addr fours
mov tvinsert.hParent,0
mov tvinsert.hInsertAfter,TVI_ROOT
mov tvinsert.item.imask,TVIF_TEXT+TVIF_IMAGE+TVIF_SELECTEDIMAGE
lea eax,szroot
mov tvinsert.item.pszText,eax
invoke SendMessage,hwndTreeView,TVM_INSERTITEM,0,addr tvinsert
mov root,eax
mov esi,offset buffer
.while zeroone != 0
push root
pop tvinsert.hParent
mov tvinsert.hInsertAfter,TVI_LAST
mov eax,dword ptr [esi+20]
mov tvinsert.item.pszText,eax
invoke SendMessage,hwndTreeView,TVM_INSERTITEM,0,addr tvinsert
mov hParent,eax
invoke WNetOpenEnumA,2,1,2,esi,aDDR y
mov zeroone2,-1
invoke WNetEnumResourceA,y,addr zeroone2,addr buffer2,addr fours2
.if eax == 0
mov edi,offset buffer2
.while eax == eax
mov eax,hParent
mov tvinsert.hParent,eax
mov tvinsert.hInsertAfter,TVI_LAST
mov eax,[edi+20]
mov tvinsert.item.pszText,eax
invoke SendMessage,hwndTreeView,TVM_INSERTITEM,0,addr tvinsert
mov hson,eax
invoke WNetOpenEnumA,2,1,2,edi,addr z
mov zeroone3,-1
invoke WNetEnumResourceA,z,addr zeroone3,addr buffer3,addr fours3
mov ebx,offset buffer3
.while eax == eax
mov eax,hson
mov tvinsert.hParent,eax
mov eax,[ebx+20]
mov tvinsert.item.pszText,eax
invoke SendMessage,hwndTreeView,TVM_INSERTITEM,0,addr tvinsert
dec zeroone3
.break .if zeroone3 == 0
add ebx,32
.endw
dec zeroone2
.break .if zeroone2 == 0
add edi,32
.endw
.endif
add esi,32
dec zeroone
.endw
invoke WNetCloseEnum,x
.elseif uMsg==WM_DESTROY
invoke PostQuitMessage,NULL
.else
invoke DefWindowProc,hWnd,uMsg,wParam,lParam
ret
.endif
xor eax,eax
ret
WndowProc endp
start:
invoke GetModuleHandle,0
mov hInstance,eax
mov pwndclassex+20,eax
invoke LoadCursor,0,32512;加载箭头鼠标。
mov pwndclassex+28,eax
invoke RegisterClassEx,addr pwndclassex
invoke CreateWindowEx,200h,offset szClassName,offset szClassName,0Cf0000h,80000000h,80000000h,710,530,0,0,hInstance,0;0Ca0000h 0Cf0000h
invoke ShowWindow,eax,1;若不想显示,此行也可以去掉。
again:invoke GetMessage,addr stMsg,0,0,0
cmp eax,0
je exit
invoke DispatchMessage,addr stMsg
jmp again
exit:invoke ExitProcess,0
end start
;made at 2011.11.03
//c/c++的如下:
#pragma comment(linker, "/ENTRY:Entry")
#pragma comment(linker, "/subsystem:windows")
#include <winsock2.h>
#pragma comment(lib,"ws2_32.lib")
#include <commctrl.h>
#pragma comment(lib,"comctl32.lib")
#pragma comment(lib,"mpr.lib")
LRESULT CALLBACK WindowProc(HWND hWnd, UINT uMsg, WPARAM wParam, LPARAM lParam)
{
switch (uMsg)
{
case WM_CREATE:
{
InitCommonControls();
HWND h_network_tree = CreateWindowEx(0,L"SysTreeView32",0,WS_CHILD | WS_VISIBLE | TVS_HASLINES | TVS_HASBUTTONS | TVS_LINESATROOT,0,0,500,500,hWnd,0,GetModuleHandle(0),0);
TV_INSERTSTRUCT tvinsert;
tvinsert.hParent = 0;
tvinsert.hInsertAfter = TVI_ROOT;
tvinsert.item.mask = TVIF_TEXT+TVIF_IMAGE+TVIF_SELECTEDIMAGE;
tvinsert.item.pszText = L"整个网络";
HTREEITEM root = (HTREEITEM)SendMessage(h_network_tree,TVM_INSERTITEM,0,(LPARAM)& tvinsert);
HANDLE h_enum;
WNetOpenEnum(2,1,2,0,&h_enum);
DWORD buffersize = 0x4000;
NETRESOURCE * pbuffer = (NETRESOURCE *)HeapAlloc(GetProcessHeap(),HEAP_ZERO_MEMORY,buffersize);
DWORD count = -1;
WNetEnumResource(h_enum,& count,pbuffer,& buffersize);
for(int i = 0;i<count;i++)
{
tvinsert.hParent = root;
tvinsert.hInsertAfter = TVI_LAST;
tvinsert.item.pszText = pbuffer->lpRemoteName;
HTREEITEM h_parent = (HTREEITEM)SendMessage(h_network_tree,TVM_INSERTITEM,0,(LPARAM)& tvinsert);
HANDLE h_enum2;
WNetOpenEnum(2,1,2,pbuffer,&h_enum2);
DWORD count2 = -1;
NETRESOURCE * pbuffer2 = (NETRESOURCE *)VirtualAlloc(0,buffersize,MEM_COMMIT | MEM_RESERVE,PAGE_READWRITE);
if (WNetEnumResource(h_enum2,& count2,pbuffer2,& buffersize) == 0)
{
for (int j = 0;j<count2;j++)
{
tvinsert.hParent = h_parent;
tvinsert.item.pszText = pbuffer2->lpRemoteName;
HTREEITEM h_son = (HTREEITEM)SendMessage(h_network_tree,TVM_INSERTITEM,0,(LPARAM)& tvinsert);
HANDLE h_enum3;
WNetOpenEnum(2,1,2,pbuffer2,&h_enum3);
DWORD count3 = -1;
NETRESOURCE * pbuffer3 = (NETRESOURCE *)VirtualAlloc(0,buffersize,MEM_COMMIT | MEM_RESERVE,PAGE_READWRITE);
if (WNetEnumResource(h_enum3,& count3,pbuffer3,& buffersize) == 0)
{
for (int k = 0;k<count3;k++)
{
tvinsert.hParent = h_son;
tvinsert.item.pszText = pbuffer3->lpRemoteName;
SendMessage(h_network_tree,TVM_INSERTITEM,0,(LPARAM)& tvinsert);
pbuffer3 ++;
}
}
pbuffer2 ++;
}
}
pbuffer ++;
}
WNetCloseEnum(h_enum);
//if (pbuffer) HeapFree(GetProcessHeap(),0,pbuffer);//没有释放内存,句柄等的习惯,不释放了。
HWND h_Static = CreateWindowEx(WS_EX_CLIENTEDGE,L"Static",0,WS_CHILD | WS_VISIBLE | SS_LEFT | WS_GROUP,0,500,994,150,hWnd,0,GetModuleHandle(0),0);
SendMessage(h_Static,WM_SETTEXT,0,(LPARAM)L"email:leguanyuan at 126 dot com\n\
homepage:http://correy.webs.com\n\
没啥技术含量,但还有点用处。\n\
不足之处,敬请指导。");
}
break;
case WM_DESTROY:
PostQuitMessage(0);
break;
default:
return(DefWindowProc(hWnd, uMsg, wParam, lParam));
}
return(0);
}
void Entry()
{
WNDCLASSEX sWndClassEx = {48,3,WindowProc,0,0,GetModuleHandle(0),0,LoadCursor(0,IDC_ARROW),(HBRUSH)6,0,L"correy",0};
ATOM a = RegisterClassEx(&sWndClassEx);
ShowWindow(CreateWindowEx(0,L"correy",L"made by correy",0x0Ca0000,CW_USEDEFAULT,CW_USEDEFAULT,999,666,0,0, GetModuleHandle(0),0),1);
MSG sMsg;
while (GetMessage(&sMsg, 0, 0, 0))
{
DispatchMessage(&sMsg);
}
ExitProcess(0);
}
//made at 2011.11.30
没有评论:
发表评论