Windows自动关机软件.txt
《Windows自动关机软件.txt》由会员分享,可在线阅读,更多相关《Windows自动关机软件.txt(15页珍藏版)》请在文库网上搜索。
1、Windows:Windows evilbogy :2005-12-3007:45 WindowsEvilbogy,BT,win2kshutdown.exe,XP,Q,showlife,9x/NT,Delphi7+windows2000.,.evilbogy2005-12-3104:48winautodown.rar(179K):180 sobiny :2005-12-3012:06 1繫 kiki :2005-12-3012:37 2if(!OpenProcessToken(GetCurrentProcess(),TOKEN_ADJUST_PRIVILEGES|TOKEN
2、_QUERY,&hToken) return0; LookupPrivilegeValue(NULL,SE_SHUTDOWN_NAME,&tkp.Privileges0.Luid); tkp.PrivilegeCount=1; tkp.Privileges0.Attributes=SE_PRIVILEGE_ENABLED; AdjustTokenPrivileges(hToken,FALSE,&tkp,0,(PTOKEN_PRIVILEGES)NULL,0); InitiateSystemShutdown( NULL, NULL, 0, TRUE, FALSE ); evilbogy :200
3、5-12-3019:07 3UP,NTAPISeShutdownPrivilege jimwin123 :2005-12-3023:19 4BATXPSHUTDOWNEXE𣿲 jacky :2005-12-3109:19 5XP snafor :2006-01-0818:35 6RING0BIOSint15h acactus :2006-01-0904:26 7Windows.386p.modelflat,stdcalloptioncasemap:noneincludeC:masm32binALLDLLDlgProcproto:dword,:dword,:dword,:dwor
4、d.datahInstancedd?privilegedbSeShutdownPrivilege,0.codeAdjustTokenproc local hdlProcessHandle local hdlTokenHandle local tp:TOKEN_PRIVILEGES local lBufferNeeded local os:OSVERSIONINFO mov os.dwOSVersionInfoSize,sizeofOSVERSIONINFO invoke GetVersionExA,addros cmp os.dwPlatformId,VER_PLATFORM_WIN32_NT
5、 jne F invoke GetCurrentProcess mov hdlProcessHandle,eax invoke OpenProcessToken,hdlProcessHandle,TOKEN_ADJUST_PRIVILEGESorTOKEN_QUERY,addrhdlTokenHandle invoke LookupPrivilegeValue,0,addrprivilege,addrtp.Privileges.Luid mov tp.PrivilegeCount,1 mov tp.Privileges.Attributes,SE_PRIVILEGE_ENABLED invok
6、e AdjustTokenPrivileges,hdlTokenHandle,FALSE,addrtp,sizeofTOKEN_PRIVILEGES,addrtp,addrlBufferNeeded : retAdjustTokenendp;=ResetNowprociCode localbuf256,pClose,pAdjust,hNtDll invokeLoadLibrary,CTXT(NtDll.dll) .ifeax movhNtDll,eax invokeGetProcAddress,hNtDll,CTXT(ZwShutdownSystem) movpClose,eax invoke
7、GetProcAddress,hNtDll,CTXT(RtlAdjustPrivilege) movpAdjust,eax .ifeax&pClose leaeax,buf pusheax push1 push1 push13H moveax,pAdjust calleax .ifeax=0C000007CH leaeax,buf pusheax push0 push1 push13H moveax,pAdjust calleax .endif pushiCode moveax,pClose calleax .endif .endif retResetNowendp;=Close_Clickp
8、roc invokeResetNow,0 retClose_Clickendp;=Relog_Clickproc invoke AdjustToken invoke ExitWindowsEx,EWX_LOGOFForEWX_FORCE,0FFFFh retRelog_Clickendp;=cq_Clickproc invokeResetNow,1 retcq_Clickendp;=Standby_Clickproc invoke AdjustToken invoke SetSystemPowerState,1,1 retStandby_Clickendp;=xm_Clickproc invo
9、ke AdjustToken invoke SetSystemPowerState,0,1 retxm_Clickendp;-start:; invokeGetModuleHandle,0 movhInstance,eax invokeDialogBoxParam,hInstance,9999,0,addrDlgProc,0 invokeExitProcess,eax;-DlgProcprochWnd,uMsg,wParam,lParammoveax,uMsg.IFeax=WM_INITDIALOG invokeLoadIcon,hInstance,1001 invokeSendMessage
10、,hWnd,WM_SETICON,ICON_BIG,eax.ELSEIFuMsg=WM_CLOSE MsgBox0,48 invokeEndDialog,hWnd,0 .ELSEIFeax=WM_COMMAND movedx,hWnd moveax,wParam .ifeax=1009 invokeClose_Click .elseifeax=1010 invokeRelog_Click .elseifeax=1011 invokeStandby_Click .elseifeax=1012 invokexm_Click .elseifeax=1013 invokecq_Click .elsei
11、feax=1014 invokeSleep,1000 invokeSendMessage,hWnd,WM_SYSCOMMAND,SC_MONITORPOWER,2 .endif.ELSE xoreax,eax ret.ENDIFmoveax,TRUEretDlgProcendp;-endstart acactus :2006-01-0904:28 8Windows.386.modelflat,stdcall;32bitmemorymodeloptioncasemap:none;casesensitiveincluderesshutdown.inc.data szMutexdb_Me?,0.da
12、ta? g_hInst dd? g_hDatePicker dd? g_hTimePicker dd? g_hCombobar dd? g_hTime dd? g_hFont dd? g_systime SYSTEMTIME ;趨 g_nid NOTIFYICONDATA g_bTiming dd? ; g_bSysNT dd? ;NT g_iCount dd? icex INITCOMMONCONTROLSEX g_buf db128dup(?) g_hIconMain dd? g_hIconStart dd? hMutex dd? WM_TASKBARCREATEdd?.codestart
13、: invokeGetModuleHandle,NULL mov g_hInst,eax invokeCreateMutex,NULL,TRUE,offsetszMutex movhMutex,eax invokeGetLastError ; cmpeax,ERROR_ALREADY_EXISTS ; jzF invoke RtlZeroMemory,addricex,sizeofINITCOMMONCONTROLSEX mov icex.dwSize,sizeofINITCOMMONCONTROLSEX mov icex.dwICC,ICC_DATE_CLASSES invoke InitC
14、ommonControlsEx,addricex invoke DialogBoxParam,g_hInst,DLG_MAIN,NULL,addrMainDlgProc,NULL : invoke ExitProcess,0;#MainDlgProcprochWnd:HWND,uMsg:UINT,wParam:WPARAM,lParam:LPARAM LOCAL systime:SYSTEMTIME mov eax,uMsg .ifeax=WM_INITDIALOG invoke _Init,hWnd .elseifeax=WM_COMMAND mov eax,wParam and eax,0
15、ffffh .ifeax=IDC_APPLY ; mov g_bTiming,TRUE ;1000WM_TIMER invoke SetTimer,hWnd,ID_TIMER1,1000,NULL invoke SendMessage,g_hDatePicker,DTM_GETSYSTEMTIME,0,addrsystime invoke SendMessage,g_hTimePicker,DTM_GETSYSTEMTIME,0,addrg_systime m2m g_systime.wYear,systime.wYear m2m g_systime.wMonth,systime.wMonth
16、 m2m g_systime.wDay,systime.wDay pushad ; movzx eax,g_systime.wYear movzx ebx,g_systime.wMonth movzx ecx,g_systime.wDay movzx edx,g_systime.wHour movzx esi,g_systime.wMinute movzx edi,g_systime.wSecond invoke wsprintf,addrg_buf,CTXT(%d-%d-%d%d:%d:%d),eax,ebx,ecx,edx,esi,edi popad invoke SetWindowTex
17、t,g_hTime,addrg_buf invoke _ModifyTrayIcon,hWnd,1 .elseifeax=IDC_MINIMIZE ; invoke ShowWindow,hWnd,SW_HIDE .endif ; .elseifeax=WM_TIMER invoke GetLocalTime,addrsystime .if!g_bTiming jmp lexit .endif movzx eax,g_systime.wYear .ifax!=systime.wYear ; jmp lexit .endif movzx eax,g_systime.wMonth .ifax!=s
18、ystime.wMonth ; jmp lexit .endif movzx eax,g_systime.wDay .ifax!=systime.wDay ;Ri jmp lexit .endif movzx eax,g_systime.wHour .ifax!=systime.wHour ; jmp lexit .endif movzx eax,g_systime.wMinute .ifax!=systime.wMinute ; jmp lexit .endif invoke KillTimer,hWnd,ID_TIMER1 invoke DialogBoxParam,g_hInst,DLG
19、_COUNT,NULL,addrCountDlgProc,NULL .ifeax=0 jmp lkill .endif invoke SendMessage,g_hCombobar,CB_GETCURSEL,0,0 .ifeax=0 invoke _ShutDown,0 ; .elseifeax=1 invoke _ShutDown,1 ; .endif lkill: invoke RtlZeroMemory,addrg_systime,sizeofSYSTEMTIME mov g_bTiming,FALSE invoke RtlZeroMemory,addrg_buf,128 invoke
20、SetWindowText,g_hTime,addrg_buf invoke _ModifyTrayIcon,hWnd,2 lexit: ; .elseifeax=WM_ACTIVATE invoke GetLocalTime,addrsystime invoke SendMessage,g_hDatePicker,DTM_SETSYSTEMTIME,0,addrsystime invoke SendMessage,g_hTimePicker,DTM_SETSYSTEMTIME,0,addrsystime .elseifeax=WM_PAINT invoke _Paint,hWnd .else
21、ifuMsg=WM_CTLCOLORSTATIC invokeGetDlgCtrlID,lParam .ifeax=IDC_TIME invoke SetTextColor,wParam,COLOR(255,0,0) invoke GetSysColor,COLOR_BTNFACE push eax invoke SetBkColor,wParam,eax call CreateSolidBrush ret .else mov eax,FALSE ret .endif .elseifeax=WM_ICONNOTIFY mov eax,lParam .ifeax=WM_LBUTTONDOWN i
22、nvoke ShowWindow,hWnd,SW_SHOW invoke SetForegroundWindow,hWnd .endif .elseifeax=WM_TASKBARCREATE invoke _ModifyTrayIcon,hWnd,2 .elseifeax=WM_CLOSE invoke Shell_NotifyIcon,NIM_DELETE,addrg_nid invoke KillTimer,hWnd,ID_TIMER1 invoke EndDialog,hWnd,0 .else mov eax,FALSE ret .endif mov eax,TRUE retMainD
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- Windows 自动关机 软件