программа полностью готова к использованию как сама по-себе так и доп. модуль
т.е. запускаем прогу если в приводе присутствует дискета с правильным хешом то выводится окно, с сообщением код верный
.386
.model flat,stdcall
MIN_KERNEL_SEARCH_BASE equ 070000000h
MAX_API_STRING_LENGTH equ 150
INCLUDE WIN32.inc
.code
start:
pushad
Call Delta
Delta:
pop ebp
sub ebp, offset Delta
push dword ptr [esp + 20h]
call GetKernelBase
mov [ebp + dwKernelBase], eax
lea eax, [ebp + offset szCF]
push eax
push [ebp + dwKernelBase]
call GetProcAddr
mov [ebp + _CF],eax
lea eax, [ebp + offset szEP]
push eax
push [ebp + dwKernelBase]
call GetProcAddr
mov [ebp + _EP],eax
lea eax, [ebp + offset szRF]
push eax
push [ebp + dwKernelBase]
call GetProcAddr
mov [ebp + _RF],eax
lea eax, [ebp + offset szLoadLibrary]
push eax
push [ebp + dwKernelBase]
call GetProcAddr
mov [ebp + _LoadLibrary],eax
lea eax, [ebp + offset szGetProcAddress]
push eax
push [ebp + dwKernelBase]
call GetProcAddr
mov [ebp + _GetProcAddress],eax
lea eax, [ebp + offset szUser32]
push eax
call [ebp + _LoadLibrary]
mov [ebp + dwUserBase],eax
lea eax, [ebp + offset szMB]
push eax
push [ebp + dwUserBase]
call GetProcAddr
mov [ebp + _MB],eax
push 0
push FILE_ATTRIBUTE_NORMAL
push OPEN_ALWAYS
push 0
push FILE_SHARE_READ or FILE_SHARE_WRITE
push GENERIC_READ
lea eax, [ebp + offset Filen]
push eax
call [ebp + _CF]
mov [ebp + dFile], eax
push 0
lea eax, [ebp + offset num]
push eax
lea eax, [ebp + 512]
push eax
lea eax, [ebp + offset buf]
push eax
push [ebp + dFile]
call [ebp + _RF]
mov edx, dword ptr [ebp + buf+27h]
cmp edx,[sn]
jne m1
push MB_OK
lea eax, [ebp + offset _ttl]
push eax
lea eax, [ebp + offset _msg]
push eax
push NULL
call [ebp + _MB]
jmp m2
m1: push MB_OKCANCEL
lea eax, [ebp + offset _ttl2]
push eax
lea eax, [ebp + offset _msg2]
push eax
push NULL
call [ebp + _MB]
m2: push NULL
mov eax, [ebp + _EP]
call eax
GetKernelBase PROC USES edi esi, dwTopStack : dword
mov edi, dwTopStack
and edi, 0FFFF0000h
k2: mov ax, word ptr [edi]
cmp word ptr [edi], 'ZM'
jne ExceptCount
mov esi, edi
add esi, [esi + 03ch]
cmp dword ptr [esi], 'EP'
jne ExceptCount
jmp k1
ExceptCount:
sub edi, 010000h
cmp edi, MIN_KERNEL_SEARCH_BASE
ja k2
mov edi, 0BFF70000h
k1: xchg eax, edi
ret
GetKernelBase ENDP
GetProcAddr PROC USES Esi Edi ecx ebx edx, dwDllBase : dword, szApi : dword
mov esi, dwDllBase
cmp word ptr [esi], 'ZM'
jnz @@BadExit
add esi, [esi + 03ch]
cmp dword ptr [esi], 'EP'
jnz @@BadExit
mov edi, szApi
mov ecx, MAX_API_STRING_LENGTH
xor al, al
repnz SCASB
mov ecx, edi
sub ecx, szApi
mov edx, [esi + 078h]
add edx, dwDllBase
mov ebx, [edx+20h]
add ebx, dwDllBase
xor eax, eax
m3: mov edi, [ebx]
add edi, dwDllBase
mov esi, szApi
push ecx
repz CMPSB
jne n1
jmp n2
n1: pop ecx
add ebx,4
inc eax
cmp eax,[edx+18h]
jne m3
n2: mov esi,[edx+24h]
add esi,dwDllBase
push edx
mov ebx,2
xor edx,edx
mul ebx
add eax,esi
xor ecx,ecx
mov cx,word ptr [eax]
pop edx
mov edi,[edx+1Ch]
xor edx,edx
mov ebx,4
mov eax,ecx
mul ebx
add eax,dwDllBase
add eax,edi
mov eax,dword ptr [eax]
add eax,dwDllBase
jmp @@ExitProc
@@BadExit:
xor eax,eax
@@ExitProc:
ret
GetProcAddr ENDP
Constants:
dFile dd 0
num dd 0
Filen db '\\.\A:',0
sn dd 0FCE9DE9Eh
_ttl db "vernii",0
_msg db "dlya prodolgeniya najmite ''OK''",0
_ttl2 db "nevernii",0
_msg2 db "dlya zaversheniya najmite ''OK''",0
dwKernelBase dd 0
dwUserBase dd 0
szLoadLibrary db "LoadLibraryA",0
szGetProcAddress db "GetProcAddress",0
szUser32 db "user32",0
_LoadLibrary dd 0
_GetProcAddress dd 0
szMB db "MessageBoxA",0
szCF db "CreateFileA",0
szRF db "ReadFile",0
szEP db "ExitProcess",0
_MB dd 0
_CF dd 0
_RF dd 0
_EP dd 0
buf db 1024 dup (0)
end start
з.ы. если оформил не так как надо, подкорректируйте
