flat assembler
Message board for the users of flat assembler.
Index
> Windows > need service example [skeleton] |
Author |
|
Kermil 21 Apr 2006, 08:33
Try to use attached example, it is small telnet server.
|
|||||||||||
21 Apr 2006, 08:33 |
|
Madis731 21 Apr 2006, 10:54
Stupid me - I compiled it and it doesn't want to shut down! I can't find it in the services either...
|
|||
21 Apr 2006, 10:54 |
|
okasvi 21 Apr 2006, 11:13
see, start->run->services.msc
if it isnt there, it isnt running... unless there is rootkit hiding it, which is unlikely |
|||
21 Apr 2006, 11:13 |
|
Madis731 21 Apr 2006, 11:39
Ok, I did some digging and its under the name "System Service Configuration", but it has all the functions disabled
I guess I'll have to restart afterall |
|||
21 Apr 2006, 11:39 |
|
okasvi 21 Apr 2006, 11:44
Madis731 wrote: Ok, I did some digging and its under the name "System Service Configuration", but it has all the functions disabled did you see preferences of the service to make sure it doesnt autostart? _________________ When We Ride On Our Enemies support reverse smileys |: |
|||
21 Apr 2006, 11:44 |
|
Madis731 21 Apr 2006, 12:04
I put it to disabled so it won't start on the next reboot, but it has all the functional buttons disabled like the RPC. I'm hacking the registry right now but I don't think it will work.
|
|||
21 Apr 2006, 12:04 |
|
Kermil 21 Apr 2006, 12:07
okasvi wrote: see, start->run->services.msc It is not rootkit 2Madis731, add your code in the following function: Code: ;Handle message for service proc Handler, dwAction cmp [dwAction], SERVICE_CONTROL_SHUTDOWN jnz @F invoke ExitProcess, 0 @@: ret endp And change this field - status.dwControlsAccepted |
|||
21 Apr 2006, 12:07 |
|
Madis731 21 Apr 2006, 12:21
Ok, this is where I put my code, when I want something to be done, WHEN the shutdown message arrives, but there IS NO shutdown message, because itsdisabled.
Code: mov [status.dwControlsAccepted], SERVICE_ACCEPT_SHUTDOWN How should this work? Code: invoke GetCommandLine and how should this work? For example does it accept variables from the commandline and if it does - what should they be like? vIm -exit and vIm -shutdown didn't work, they just start new instances and: Code: C:\Documents and Settings\Madisk>telnet localhost Connecting To localhost...Could not open a connection to host on port 23 : Connect failed Last edited by Madis731 on 21 Apr 2006, 12:22; edited 1 time in total |
|||
21 Apr 2006, 12:21 |
|
Kermil 21 Apr 2006, 12:28
I coded this program very long ago. Use GetModuleFileName function instead of GetCommandLine. Constant PORT defines port for the binding.
Quote:
|
|||
21 Apr 2006, 12:28 |
|
Madis731 21 Apr 2006, 12:30
Ok, the service works - I successfully connected to telnet
Did you have any backdoors in mind when you coded this? |
|||
21 Apr 2006, 12:30 |
|
Kermil 21 Apr 2006, 12:35
No. If I will want to code backdoor, I cut many lines, which concern to a service.
|
|||
21 Apr 2006, 12:35 |
|
Madis731 21 Apr 2006, 12:44
I restarted my computer, but now I want to find out an elegant way to uninstall the service - now it just sits there as "disabled" in the Service Manager
|
|||
21 Apr 2006, 12:44 |
|
Kermil 21 Apr 2006, 12:50
Look on this line:
Code: ServiceName db 'SysConfig',0 It is name of service. For killing of service delete following key in registry: Quote:
|
|||
21 Apr 2006, 12:50 |
|
Madis731 21 Apr 2006, 12:57
but even if I do:
Code: [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SysConfig] [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SysConfig] [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SysConfig] [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SYSCONFIG] [-HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SYSCONFIG] [-HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SYSCONFIG] ...there will remain... Code: HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Enum\Root\LEGACY_SYSCONFIG HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Enum\Root\LEGACY_SYSCONFIG HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SYSCONFIG ...because of ACCESS_DENIED PS I have to go home now - I won't answer the posts for about ~2 hours. See you later Last edited by Madis731 on 21 Apr 2006, 13:03; edited 1 time in total |
|||
21 Apr 2006, 12:57 |
|
Kermil 21 Apr 2006, 13:02
I think that following keys don't concern to service:
Quote:
|
|||
21 Apr 2006, 13:02 |
|
Vasilev Vjacheslav 21 Apr 2006, 16:52
Quote: because of ACCESS_DENIED if you have admin rights, just right click on target branch and set permissions to administrator |
|||
21 Apr 2006, 16:52 |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.