Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ;irackit 2015
- .486
- .model flat,stdcall
- option casemap:none
- include F:\masm32\include\windows.inc
- include F:\masm32\include\kernel32.inc
- include F:\masm32\include\user32.inc
- include F:\masm32\include\msvcrt.inc
- ;include F:\masm32\include\TlHelp32.inc
- includelib F:\masm32\lib\kernel32.lib
- includelib F:\masm32\lib\user32.lib
- includelib F:\masm32\lib\msvcrt.lib
- ;includelib F:\masm32\lib\TlHelp32.lib
- _DATA SEGMENT PUBLIC 'DATA'
- formatA db '%s',0
- dwFlags dd ?
- handle dd ?
- th32ProcessID dd ?
- p32 PROCESSENTRY32 <>
- debuging db 'debug message',0
- _DATA ENDS
- _TEXT SEGMENT PUBLIC READONLY 'CODE'
- main:
- mov [dwFlags],02h
- push offset th32ProcessID
- push dwFlags
- call CreateToolhelp32Snapshot
- mov [handle],eax
- add esp,8
- cmp eax,0
- je endmission
- mov [p32.dwSize],SIZEOF PROCESSENTRY32
- push offset p32
- mov eax,handle
- push eax
- call Process32FirstW
- cmp eax,0
- je endmission
- mov esi,offset debuging
- call printstdout
- irackit_display_process:
- mov esi, offset debuging
- call printstdout
- push offset p32
- push handle
- call Process32NextW
- cmp eax,0
- jne irackit_display_process
- endmission:
- xor eax,eax
- xor ebx,ebx
- call ExitProcess
- printstdout PROC
- push offset formatA
- push esi
- call _imp__printf
- add esp,8
- ret
- printstdout ENDP
- _TEXT ENDS
- end main
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
