flat assembler
Message board for the users of flat assembler.

Index > Windows > TitaNiumTroJanBooter - Boot yourself for fun !

Author
Thread Post new topic Reply to topic
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
typedef 08 Jul 2011, 04:49
I made this for fun, but it seems it could be even funnier.

What it does.
Locks the PC, and then registers itself for session events(login, logout, shutdown..etc).

So, when user unlocks the PC, it locks it again, creating the "BOOT EFFECT"

I also thought of adding a code where it would put itself on the start-up list so when the PC is restarted, it restarts it, which can only be removed in safe mode. (I did not do it because i thought it was too evil).

But anyways here's the code, and file. Have fun booting your BOSS or your mother-in-law.
Code:
;                       Copyright (C) 2011 typedef
;                       ---------------------------------------------------------
;                    All rights reserved and all wrongs observed
;                               TitaNiumTroJan@hotmail.com

format pe gui 4.0

entry start
include 'win32ax.inc'

section '.text' code readable executable writeable

class TCHAR 'TitaNiumTroJanBooter',0

b:
  db 'button',0
  db 'BOOT MEH !',0

wc WNDCLASS 0,TitaNiumProc,0,0,NULL,NULL,NULL,COLOR_BTNFACE+1,NULL,class
msg MSG


start:
     push 0
     call [GetModuleHandle]
     push eax
     pop  [wc.hInstance]
     push IDI_APPLICATION
     push eax
     call [LoadIcon]
     xchg [wc.hIcon],eax
     push IDC_ARROW
     push 0
     call [LoadCursor]
     xchg [wc.hCursor],eax
     push wc
     call [RegisterClass]

     push 0
     push [wc.hInstance]
     push 0
     push 0
     push 78
     push 188
     push 200
     push 500
     push WS_VISIBLE
     push class
     push class
     push 0
     call [CreateWindowEx]
@@:
     push 0
     push 0
     push NULL
     push msg
     call [GetMessage]
     cmp  eax,1
     jb   @F
     jne  @B
     push msg
     call [TranslateMessage]
     push msg
     call [DispatchMessage]
     jmp  @B

@@:
  push [msg.wParam]
  call [ExitProcess]


proc TitaNiumProc hwnd,wmsg,wparam,lparam
        cmp     [wmsg],WM_CREATE
        je      .wmcreate
        cmp     [wmsg],WM_COMMAND
        je      .cmd
        cmp     [wmsg],WM_CLOSE
        je      .bye
        cmp     [wmsg],2B1h;WM_WTSSESSION_CHANGE
        je      .boot
  .defwndproc:
        invoke  DefWindowProc,[hwnd],[wmsg],[wparam],[lparam]
        jmp     .done
  .wmcreate:

  push 1 ;NOTIFY_FOR_ALL_SESSIONS
  push [hwnd]
  call [WTSRegisterSessionNotification]

     push 0
     push [wc.hInstance]
     push 20
     push [hwnd]
     push 50
     push 180
     push 0
     push 0
     push WS_VISIBLE+WS_CHILD+WS_BORDER
     push b+7
     push b
     push 0
     call [CreateWindowEx]
     jmp     .done
  .boot:
     .if[wparam]=8h | [wparam]= 5h
      ;
      ; Code to put this exe into startup registry node
      ;
      ; Restart the PC peacefully, but on startup, it will meet the booter... :evil laughter:
      ;
      ;
      ;push EWX_RESTARTAPPS    \                                      <-------- This is evil, do not do this..or you'll have to use SAFE MODE :evil laugh:
      ;call [ExitWindows]      /
      call [LockWorkStation] ; I said boot meh moar !
      ;
      ;  YOU DONE BEEN BOOTED ! WATCHUGONDOABOUTIT, HUH ?
      ;
     .endif
     jmp     .done
  .cmd:
        .if[wparam]=20
        ;boot me baby !
        call [LockWorkStation] ; boot me for real
        .endif
        jmp     .defwndproc
  .bye:
        push [hwnd]
        call [WTSUnRegisterSessionNotification]
        push 0
        call [PostQuitMessage]
        xor     eax,eax
  .done:
        ret
endp

section '.idata' import data readable

library Wtsapi32,'Wtsapi32.dll',\
        kernel32,'kernel32.dll',\
        user32,'user32.dll'

        import Wtsapi32,\
               WTSRegisterSessionNotification,'WTSRegisterSessionNotification',\
               WTSUnRegisterSessionNotification,'WTSUnRegisterSessionNotification'

include 'api/user32.inc'
include 'api/kernel32.inc'
    


Description:
Download
Filename: TitaNiumTroJanBooter.ASM
Filesize: 3.17 KB
Downloaded: 188 Time(s)



Last edited by typedef on 12 Oct 2013, 04:09; edited 1 time in total
Post 08 Jul 2011, 04:49
View user's profile Send private message Reply with quote
Dex4u



Joined: 08 Feb 2005
Posts: 1601
Location: web
Dex4u 08 Jul 2011, 15:02
Very funny, what windows ver have you tested it on ?.

Me and a friend coded a not so PC joke once Wink
http://www.youtube.com/watch?v=v09c8sIioQ8
Post 08 Jul 2011, 15:02
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
typedef 08 Jul 2011, 18:05
I tested it on XP-32, and W7-64.

My friend asked me to add a hot-key option to remove the hook. So I'll do that.
Post 08 Jul 2011, 18:05
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2909
Location: 0x77760000
typedef 11 Jul 2011, 20:19
I updated it...You now have an option to enable/disable the booter using the hotkey SHIFT + CTRL + ALT + B

You have to be really quick with the key press, just after you login, and before you get booted....hehehe Evil or Very Mad (even more fun)

enjoy.

Code:
;                       Copyright (C) 2011 typedef
;                       ---------------------------------------------------------
;                    All rights reserved and all wrongs observed
;                               TitaNiumTroJan@hotmail.com

format pe gui 4.0

entry start
include 'win32ax.inc'

section '.text' code readable executable writeable

class TCHAR 'TitaNiumTroJanBooter',0

b:
  db 'button',0
  db 'BOOT MEH !',0

wc WNDCLASS 0,TitaNiumProc,0,0,NULL,NULL,NULL,COLOR_BTNFACE+1,NULL,class
msg MSG

; Updated version

Key  equ 0x42 ; B
Key_Mod equ MOD_ALT + MOD_CONTROL + MOD_SHIFT
BOOT_CLOSE equ WM_USER + 0Ah

;To stop booter, press ALT+SHIFT+CRTL+B , really fast, reallllly fast

BOOT_STATE dd 1; 1= On, 0=Off

start:
     push 0
     call [GetModuleHandle]
     push eax
     pop  [wc.hInstance]
     push IDI_APPLICATION
     push eax
     call [LoadIcon]
     xchg [wc.hIcon],eax
     push IDC_ARROW
     push 0
     call [LoadCursor]
     xchg [wc.hCursor],eax
     push wc
     call [RegisterClass]

     push 0
     push [wc.hInstance]
     push 0
     push 0
     push 78
     push 188
     push 200
     push 500
     push WS_VISIBLE
     push class
     push class
     push 0
     call [CreateWindowEx]
@@:
     push 0
     push 0
     push NULL
     push msg
     call [GetMessage]
     cmp  eax,1
     jb   @F
     jne  @B
     push msg
     call [TranslateMessage]
     push msg
     call [DispatchMessage]
     jmp  @B

@@:
  push [msg.wParam]
  call [ExitProcess]


proc TitaNiumProc hwnd,wmsg,wparam,lparam
  cmp     [wmsg],WM_CREATE
    je      .wmcreate
   cmp     [wmsg],WM_COMMAND
   je      .cmd
        cmp     [wmsg],WM_CLOSE
     je      .bye
        cmp     [wmsg],2B1h;WM_WTSSESSION_CHANGE
    je      .boot
       cmp     [wmsg],WM_HOTKEY
    je      .kpress
  .defwndproc:
       invoke  DefWindowProc,[hwnd],[wmsg],[wparam],[lparam]
       jmp     .done
  .wmcreate:

  push 1 ;NOTIFY_FOR_ALL_SESSIONS
  push [hwnd]
  call [WTSRegisterSessionNotification]
  ;
  push Key
  push Key_Mod
  push BOOT_CLOSE
  push [hwnd]
  call [RegisterHotKey]

     push 0
     push [wc.hInstance]
     push 20
     push [hwnd]
     push 50
     push 180
     push 0
     push 0
     push WS_VISIBLE+WS_CHILD+WS_BORDER
     push b+7
     push b
     push 0
     call [CreateWindowEx]
     jmp     .done
  .boot:
     .if[wparam]=8h | [wparam]= 5h
      ;
      ; Code to put this exe into startup registry node
      ;
      ; Restart the PC peacefully, but on startup, it will meet the booter... :evil laughter:
      ;
      ;
      ;push EWX_RESTARTAPPS    \                                      <-------- This is evil, do not do this..or you'll have to use SAFE MODE :evil laugh:
      ;call [ExitWindows]      /
      call [LockWorkStation] ; I said boot meh moar !
      ;
      ;  YOU DONE BEEN BOOTED ! WATCHUGONDOABOUTIT, HUH ?
      ;
     .endif
     jmp     .done
    .kpress:
      .if[wparam]=BOOT_CLOSE
         .if[BOOT_STATE]=1 ; is boot on ?
                    push [hwnd]
                 call [WTSUnRegisterSessionNotification]
                     dec [BOOT_STATE]   ; set to disabled state
          .else
               push 1 ;NOTIFY_FOR_ALL_SESSIONS
                     push [hwnd]
                 call [WTSRegisterSessionNotification]
               inc [BOOT_STATE]                    ; set to enabled state
          .endif
      .endif
    jmp   .done
  .cmd:
       .if[wparam]=20
      ;boot me baby !
     call [LockWorkStation] ; boot me for real
   .endif
      jmp     .defwndproc
  .bye:
  push [hwnd]
 call [WTSUnRegisterSessionNotification]
     push BOOT_CLOSE
     push [hwnd]
 call [UnregisterHotKey]
     push 0
      call [PostQuitMessage]
      xor     eax,eax
  .done:
     ret
endp

section '.idata' import data readable

library Wtsapi32,'Wtsapi32.dll',\
      kernel32,'kernel32.dll',\
        user32,'user32.dll'

   import Wtsapi32,\
         WTSRegisterSessionNotification,'WTSRegisterSessionNotification',\
        WTSUnRegisterSessionNotification,'WTSUnRegisterSessionNotification'

include 'api/user32.inc'
include 'api/kernel32.inc'






    


Description:
Download
Filename: TitaNiumTroJanBooter.ASM
Filesize: 3.98 KB
Downloaded: 206 Time(s)

Post 11 Jul 2011, 20:19
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.

Website powered by rwasa.