slesh
23.06.2007, 00:13
Вот привожу пример на FASM какие пакости можно делать с помошью функций DefineDosDevice.
Также на базе исходника можно сделать защиту от ламеров (прятать диск в системе).
Прога умеет прятать и обратно показывать жесткие диски. Прячет до первой перезагрузки. Размер проги - 2кб
; Автор SLESH (SLESH-2000@yandex.ru) ICQ: 266-334-734
format PE GUI 4.0
include 'd:\coding\fasm\include\win32ax.inc'
.code
start:
invoke GetModuleHandle,0
invoke DialogBoxParam,eax,1,HWND_DESKTOP,mainss,0
proc mainss hwnd,msg,wparam,lparam
push ebx esi edi
cmp [msg],WM_INITDIALOG
je wminitdialog
cmp [msg],WM_COMMAND
je wmcommand
cmp [msg],WM_CLOSE
je wmclose
xor eax,eax
jmp finish
wminitdialog:
jmp processed
wmcommand:
cmp [wparam],BN_CLICKED shl 16 + 100
je drv_show
cmp [wparam],BN_CLICKED shl 16 + 101
je drv_hide
cmp [wparam],BN_CLICKED shl 16 + 102
je wmclose
jmp processed
drv_show:
invoke GetDlgItem,[hwnd], 103
invoke SendMessage,eax, WM_GETTEXT, 3, bufe
mov dl,[bufe]
sub dl,18
mov [strtohide+22],dl
invoke DefineDosDevice,1,bufe,strtohide
mov al,[bufe]
mov [mes_3+5],al
invoke MessageBox,HWND_DESKTOP,mes_3,"DISK HIDE",MB_OK
jmp processed
drv_hide:
invoke GetDlgItem,[hwnd], 103
invoke SendMessage,eax, WM_GETTEXT, 3, bufe
invoke DefineDosDevice,2,bufe,0
mov al,[bufe]
mov [mes_2+5],al
invoke MessageBox,HWND_DESKTOP,mes_2,"DISK SHOW",MB_OK
jmp processed
wmclose:
invoke EndDialog,[hwnd],0
invoke ExitProcess,0
processed:
mov eax,1
finish:
pop edi esi ebx
ret
endp
strtohide db '\Device\HarddiskVolume',?,0
;strtohide db '\Device\Cdrom0',0,?,0 åñëè ïðÿòàòü ñèäèðîìû :)
mes_2 db 'Disk ',?,': HIDE',0
mes_3 db 'Disk ',?,': SHOW',0
bufe db (3)
.end start
section '.rsrc' resource data readable
directory RT_DIALOG,dialogs
resource dialogs,1,LANG_RUSSIAN+SUBLANG_DEFAULT,mydialog
dialog mydialog,'Drivers hide',70,70,67,68,WS_CAPTION+WS_POPUP+WS_SYSMENU+D S_MODALFRAME
dialogitem 'BUTTON','Show', 100, 3, 19, 61, 15, BS_PUSHBUTTON+WS_CHILD+WS_VISIBLE+WS_TABSTOP
dialogitem 'BUTTON','Hide', 101, 3, 34, 61, 15, BS_PUSHBUTTON+WS_CHILD+WS_VISIBLE+WS_TABSTOP
dialogitem 'BUTTON','Exit', 102, 3, 49, 61, 15, BS_PUSHBUTTON+WS_CHILD+WS_VISIBLE+WS_TABSTOP
dialogitem 'EDIT','D:', 103,3, 4, 61, 15, ES_LEFT+ES_UPPERCASE+WS_CHILD+WS_VISIBLE+WS_BORDER +WS_TABSTOP
enddialog
Также на базе исходника можно сделать защиту от ламеров (прятать диск в системе).
Прога умеет прятать и обратно показывать жесткие диски. Прячет до первой перезагрузки. Размер проги - 2кб
; Автор SLESH (SLESH-2000@yandex.ru) ICQ: 266-334-734
format PE GUI 4.0
include 'd:\coding\fasm\include\win32ax.inc'
.code
start:
invoke GetModuleHandle,0
invoke DialogBoxParam,eax,1,HWND_DESKTOP,mainss,0
proc mainss hwnd,msg,wparam,lparam
push ebx esi edi
cmp [msg],WM_INITDIALOG
je wminitdialog
cmp [msg],WM_COMMAND
je wmcommand
cmp [msg],WM_CLOSE
je wmclose
xor eax,eax
jmp finish
wminitdialog:
jmp processed
wmcommand:
cmp [wparam],BN_CLICKED shl 16 + 100
je drv_show
cmp [wparam],BN_CLICKED shl 16 + 101
je drv_hide
cmp [wparam],BN_CLICKED shl 16 + 102
je wmclose
jmp processed
drv_show:
invoke GetDlgItem,[hwnd], 103
invoke SendMessage,eax, WM_GETTEXT, 3, bufe
mov dl,[bufe]
sub dl,18
mov [strtohide+22],dl
invoke DefineDosDevice,1,bufe,strtohide
mov al,[bufe]
mov [mes_3+5],al
invoke MessageBox,HWND_DESKTOP,mes_3,"DISK HIDE",MB_OK
jmp processed
drv_hide:
invoke GetDlgItem,[hwnd], 103
invoke SendMessage,eax, WM_GETTEXT, 3, bufe
invoke DefineDosDevice,2,bufe,0
mov al,[bufe]
mov [mes_2+5],al
invoke MessageBox,HWND_DESKTOP,mes_2,"DISK SHOW",MB_OK
jmp processed
wmclose:
invoke EndDialog,[hwnd],0
invoke ExitProcess,0
processed:
mov eax,1
finish:
pop edi esi ebx
ret
endp
strtohide db '\Device\HarddiskVolume',?,0
;strtohide db '\Device\Cdrom0',0,?,0 åñëè ïðÿòàòü ñèäèðîìû :)
mes_2 db 'Disk ',?,': HIDE',0
mes_3 db 'Disk ',?,': SHOW',0
bufe db (3)
.end start
section '.rsrc' resource data readable
directory RT_DIALOG,dialogs
resource dialogs,1,LANG_RUSSIAN+SUBLANG_DEFAULT,mydialog
dialog mydialog,'Drivers hide',70,70,67,68,WS_CAPTION+WS_POPUP+WS_SYSMENU+D S_MODALFRAME
dialogitem 'BUTTON','Show', 100, 3, 19, 61, 15, BS_PUSHBUTTON+WS_CHILD+WS_VISIBLE+WS_TABSTOP
dialogitem 'BUTTON','Hide', 101, 3, 34, 61, 15, BS_PUSHBUTTON+WS_CHILD+WS_VISIBLE+WS_TABSTOP
dialogitem 'BUTTON','Exit', 102, 3, 49, 61, 15, BS_PUSHBUTTON+WS_CHILD+WS_VISIBLE+WS_TABSTOP
dialogitem 'EDIT','D:', 103,3, 4, 61, 15, ES_LEFT+ES_UPPERCASE+WS_CHILD+WS_VISIBLE+WS_BORDER +WS_TABSTOP
enddialog