.386
.model flat,stdcall
option casemap:none
;>>>>>>>>>>>>>>>>>>>>引入相关文件>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
include D:\masm32\include\windows.inc
include D:\masm32\include\user32.inc
include D:\masm32\include\kernel32.inc
include D:\masm32\include\ws2_32.inc
includelib D:\masm32\lib\user32.lib
includelib D:\masm32\lib\kernel32.lib
includelib D:\masm32\lib\ws2_32.lib
include D:\masm32\include\masm32.inc
includelib D:\masm32\lib\masm32.lib
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>a2dw
.data?
szIp db ?
sock SOCKET ?
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.const
szHost db "127.0.0.1",0;地址,可以用www.***.com代替
szPort db 80;端口号
szFile db '/asdf.exe',0;文件在服务器上的路径
szDFile db 'asdf.exe',0;本机文件的路径
szGet db "GET %s HTTP/1.1",0dh,0ah,\
"Host: %s",0dh,0ah,\
"Accept: */*",0dh,0ah,0dh,0ah,0;请求字符串
;>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
.code
;----------------------------------------------------
_DownLoad proc
local @wdata:WSADATA;Protocal information
local @addr:sockaddr_in
local @rstr:byte
local @buf:byte;Read for one times of header
local @header[1024]:byte;HTTP request header
local @hFile,@dwTemp
local @file_size_str[64]:BYTE
local @file_size:DWORD
local @isFileSize:BOOL
;建立链接
invoke WSAStartup,101H,addr @wdata;
invoke socket,AF_INET,SOCK_STREAM,0
.if eax == INVALID_SOCKET
jmp _ret1
.endif
mov sock,eax
;
invoke RtlZeroMemory,addr @addr,sizeof @addr
invoke gethostbyname,addr szHost
.if eax == NULL
jmp _ret1
.endif
mov eax,[eax + 12]
mov eax,[eax]
mov eax,[eax]
mov @addr.sin_addr,eax
invoke htons,80
mov @addr.sin_port,ax
mov @addr.sin_family,AF_INET
;
invoke connect,sock,addr @addr,sizeof @addr
.if eax == SOCKET_ERROR
jmp _ret2
.endif
;
invoke wsprintf,addr @rstr,addr szGet,addr szFile,addr szHost
invoke lstrlen,addr @rstr
invoke send,sock,addr @rstr,eax,0
.if eax == SOCKET_ERROR
jmp _ret2
.endif
;
invoke Sleep,50
invoke RtlZeroMemory,addr @buf,sizeof @buf
invoke RtlZeroMemory,addr @header,sizeof @header
invoke RtlZeroMemory,addr @file_size_str,sizeof @file_size_str
xor edi,edi
lea edi,@header
xor esi,esi
lea esi,@file_size_str
mov @isFileSize,FALSE
;读取http头信息
.while TRUE
invoke recv,sock,addr @buf,1,0
.if eax <= 0
jmp _ret2
.endif
;xor eax,eax
mov al,@buf
mov byte ptr [edi],al
.if @isFileSize == TRUE && al >= 30h && al <= 39h
mov byte ptr [esi],al
inc esi
.endif
invoke lstrlen,addr @header
mov ebx,eax
.if @isFileSize == FALSE && ebx > 15 && @header[eax-2] == ":" && @header[eax-3] == "h" && @header[eax-4] == "t" && @header[eax-10] == "t"
;文件字节数字符串开始标志
mov @isFileSize,TRUE
.endif
.if @isFileSize == TRUE && @header[eax-1] == 0dh
;文件字节数字符串结束标志
mov @isFileSize,FALSE
.endif
.if ebx > 4
;连续两个回车。头文件结束
.break .if @header[eax-1] == 0ah && @header[eax-2] == 0dh && @header[eax-3] == 0ah && @header[eax-4] == 0dh
.endif
inc edi
.endw
;
;读取http文件内容
invoke atodw,addr @file_size_str
mov @file_size,eax
invoke CreateFile,addr szDFile,GENERIC_WRITE,FILE_SHARE_READ,NULL,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL
.if eax == INVALID_HANDLE_VALUE
jmp _ret2
.endif
mov @hFile,eax
invoke RtlZeroMemory,addr @buf,sizeof @buf
xor edi,edi
invoke RtlZeroMemory,addr @file_size_str,sizeof @file_size_str
.while edi < @file_size
invoke recv,sock,addr @buf,1,0
invoke WriteFile,@hFile,addr @buf,1,addr @dwTemp,NULL
inc edi
.if edi > 8953290
invoke dwtoa,edi,addr @file_size_str
invoke MessageBox,NULL,addr @file_size_str,addr @file_size_str,MB_OK
.endif
.endw
_ret3:
invoke CloseHandle,@hFile
_ret2:
invoke closesocket,sock
_ret1:
invoke WSACleanup
ret
_DownLoad endp
;----------------------------------------------------
start:
invoke _DownLoad
invoke ExitProcess,0
end start
;没winnet好。但自己的东西小巧,灵活。
;如果我的注释没让您明白是什么意思,跟贴,我会尽量详细的做答!
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)