I`m wrote program for uploading file (converted to base64) to remote server with urlmon.dll call
But I have a problem for final url creation (when I try to combine two buffers to one).
"GET /cgi-bin/script.cgi?lc=server/cgi-bin/script.cgi?lc=server/cgi-bin/script.cgi?lc=server/cgi-bin/script.cgi?lc=server/cgi-bin/script.cgi?lc=server/cgi-bin/script.cgi?lc=server/cgi-bin/script.cgi?lc=server/cgi-bin/script.cgi?lc=server/cgi-bin/script.cgi?lc=server/c HTTP/1.1" 200 268 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1)"
I think error when I`ll try to create final url (fin_url_x buffer) from two buffers (url_send+bs64) before urlmon.dll call
macro align base, value { rb (value-1) - (base + value-1) mod value }
format PE GUI 4.0
entry start
;------------------------------------------------------------------------------;
section '.text' readable writeable executable import data
;------------------------------------------------------------------------------;
alignx:
include 'h:/fasm/include/win32a.inc'
library kernel32,'KERNEL32.DLL'
include 'h:/fasm/include/API/kernel32.inc'
;------------------------------------------------------------------------------;
start:
;------------------------------------------------------------------------------;
; Main body (reading file to memory and call base64 proc)
;------------------------------------------------------------------------------;
xor esi,esi
invoke CreateFile,file_name,GENERIC_WRITE or GENERIC_READ,\
esi,esi,OPEN_EXISTING,esi,esi
inc eax
je exit
dec eax
mov [file_h],eax
invoke GetFileSize,eax,esi
mov ebx,eax
rol eax,1
add eax,message_sz
invoke LocalAlloc,LMEM_FIXED,eax
test eax,eax
je exit
mov [al_mem],eax
mov edi,eax
mov esi,message
mov ecx,message_sz
rep movsb
xor esi,esi
invoke CreateFileMapping,[file_h],esi,PAGE_READWRITE,esi,ebx,esi
test eax,eax
je clean_exit3
mov [map_h],eax
invoke MapViewOfFile,eax,2,esi,esi,esi
test eax,eax
je clean_exit2
mov [map_addr],eax
mov esi,eax
mov ebp,ebx
call b64.encode
mov eax,edi
sub eax,[al_mem]
mov ebx,eax
xor esi,esi
xor ecx,ecx
mov esi, al_mem
mov edi, bs64
mov ecx,32
rep movsb ;copy converted buffer (base64) to bs64 buffer
invoke CreateFile,fName1,GENERIC_READ or GENERIC_WRITE ,FILE_SHARE_READ or FILE_SHARE_WRITE,NULL,CREATE_NEW,0,NULL
mov [hFile],eax
invoke WriteFile, [hFile], [bs64], ebx, written, 0 ;dump bs64 buffer to local file
invoke CloseHandle,[hFile]
xor esi,esi
clean_exit1:
invoke UnmapViewOfFile,[map_addr]
clean_exit2:
invoke CloseHandle,[map_h]
clean_exit3:
invoke LocalFree,[al_mem]
invoke CloseHandle,[file_h]
exit:
call url_mon_send ; call urlmon proc
invoke ExitProcess,esi
;~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
; proc for forming url (fin_url_x) string , url_send + bs64 buffers and call urlmon.dll
;~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
url_mon_send:
pushad
xor esi,esi
mov esi,fin_url_x
add esi,0
invoke lstrcpy,esi,url_send
mov esi, bs64
mov edi, fin_url_x
add edi, url_send_sz-1
mov ecx, bs64_sz
rep movsb
xor eax,eax
invoke LoadLibrary,libx
invoke GetProcAddress,eax,funcx
stdcall eax,0,fin_url_x,file_x,0,0
popad
ret
;~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
; Convert buffer to BASE64 by RT Fishel
;~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
b64:
.newline:
call b64.store_crlf
.encode:
push (76 shr 2)+1
pop edx
.outer:
dec edx
je b64.newline
lodsd
dec esi
inc ebp
bswap eax
mov ecx,4
.inner:
rol eax,6
and al,3Fh
cmp al,3Eh
jb b64.testchar
shl al,2
sub al,((3Eh shl 2)+'A'-'+') and 0FFh
.testchar:
sub al,4
cmp al,'0'
jnl b64.store
add al,'A'+4
cmp al,'Z'
jbe b64.store
add al,'a'-'Z'-1
.store:
stosb
dec ebp
loopne b64.inner
jne b64.outer
mov al,'='
rep stosb
ret
.store_crlf:
; mov ax,0A0Dh
; stosw
ret
;~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
; �0==K5
;~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
fName1 db 'base64_buffer_dump.txt',0
hFile dd ?
written dd ?
align $-alignx,32
file_x db 'c:\test.dat',0
libx db 'urlmon.dll',0
funcx db 'URLDownloadToFileA',0
align $-alignx,32
message db ''
message_sz = $ - message
file_name db 'c:\test.txt',0
align $-alignx,32
sock dd 0
file_h dd 0
map_h dd 0
map_addr dd 0
al_mem dd 0
fin_url_x dd 0
align $-alignx,32
bs64 dd 0,0,0,0,0,0,0,0,0
bs64_sz = $ - bs64
align $-alignx,32
url_send db 'http://server/cgi-bin/script.cgi?lc=',0
url_send_sz = $ - url_send
;------------------------------------------------------------------------------;
Index
> Windows > Problem with urlmon.dll call (url with base64 parameter)
