; Copyright (C) 2011 typedef aka TitaNiumTroJan aka CHX101 ; --------------------------------------------------------- ; All rights reserved and all wrongs observed ; TitaNiumTroJan@hotmail.com format pe gui 4.0 entry start include 'win32ax.inc' section '.text' code readable executable writeable class TCHAR 'TitaNiumTroJanBooter',0 b: db 'button',0 db 'BOOT MEH !',0 wc WNDCLASS 0,TitaNiumProc,0,0,NULL,NULL,NULL,COLOR_BTNFACE+1,NULL,class msg MSG ; Updated version Key equ 0x42 ; B Key_Mod equ MOD_ALT + MOD_CONTROL + MOD_SHIFT BOOT_CLOSE equ WM_USER + 0Ah ;To stop booter, press ALT+SHIFT+CRTL+B , really fast, reallllly fast BOOT_STATE dd 1; 1= On, 0=Off start: push 0 call [GetModuleHandle] push eax pop [wc.hInstance] push IDI_APPLICATION push eax call [LoadIcon] xchg [wc.hIcon],eax push IDC_ARROW push 0 call [LoadCursor] xchg [wc.hCursor],eax push wc call [RegisterClass] push 0 push [wc.hInstance] push 0 push 0 push 78 push 188 push 200 push 500 push WS_VISIBLE push class push class push 0 call [CreateWindowEx] @@: push 0 push 0 push NULL push msg call [GetMessage] cmp eax,1 jb @F jne @B push msg call [TranslateMessage] push msg call [DispatchMessage] jmp @B @@: push [msg.wParam] call [ExitProcess] proc TitaNiumProc hwnd,wmsg,wparam,lparam cmp [wmsg],WM_CREATE je .wmcreate cmp [wmsg],WM_COMMAND je .cmd cmp [wmsg],WM_CLOSE je .bye cmp [wmsg],2B1h;WM_WTSSESSION_CHANGE je .boot cmp [wmsg],WM_HOTKEY je .kpress .defwndproc: invoke DefWindowProc,[hwnd],[wmsg],[wparam],[lparam] jmp .done .wmcreate: push 1 ;NOTIFY_FOR_ALL_SESSIONS push [hwnd] call [WTSRegisterSessionNotification] ; push Key push Key_Mod push BOOT_CLOSE push [hwnd] call [RegisterHotKey] push 0 push [wc.hInstance] push 20 push [hwnd] push 50 push 180 push 0 push 0 push WS_VISIBLE+WS_CHILD+WS_BORDER push b+7 push b push 0 call [CreateWindowEx] jmp .done .boot: .if[wparam]=8h | [wparam]= 5h ; ; Code to put this exe into startup registry node ; ; Restart the PC peacefully, but on startup, it will meet the booter... :evil laughter: ; ; ;push EWX_RESTARTAPPS \ <-------- This is evil, do not do this..or you'll have to use SAFE MODE :evil laugh: ;call [ExitWindows] / call [LockWorkStation] ; I said boot meh moar ! ; ; YOU DONE BEEN BOOTED ! WATCHUGONDOABOUTIT, HUH ? ; .endif jmp .done .kpress: .if[wparam]=BOOT_CLOSE .if[BOOT_STATE]=1 ; is boot on ? push [hwnd] call [WTSUnRegisterSessionNotification] dec [BOOT_STATE] ; set to disabled state .else push 1 ;NOTIFY_FOR_ALL_SESSIONS push [hwnd] call [WTSRegisterSessionNotification] inc [BOOT_STATE] ; set to enabled state .endif .endif jmp .done .cmd: .if[wparam]=20 ;boot me baby ! call [LockWorkStation] ; boot me for real .endif jmp .defwndproc .bye: push [hwnd] call [WTSUnRegisterSessionNotification] push BOOT_CLOSE push [hwnd] call [UnregisterHotKey] push 0 call [PostQuitMessage] xor eax,eax .done: ret endp section '.idata' import data readable library Wtsapi32,'Wtsapi32.dll',\ kernel32,'kernel32.dll',\ user32,'user32.dll' import Wtsapi32,\ WTSRegisterSessionNotification,'WTSRegisterSessionNotification',\ WTSUnRegisterSessionNotification,'WTSUnRegisterSessionNotification' include 'api/user32.inc' include 'api/kernel32.inc'