;============================================================================================================================================= ; step_23.asm ;Let's check if the file has the MZ signature ; Algorithm ;A1: Get the name of the file to check! ;A2: Open the file for reading ;A3: Read first 2 bytes ;A4: Check if "MZ" ;(C)I don't take any responsibility for the use of this program ; Zedr0n -- connection closed ;============================================================================================================================================= ;============================================================================================================================================= ; Options/Declarations ;============================================================================================================================================= .386 .model flat, stdcall option casemap:none include windows.inc include kernel32.inc include comdlg32.inc include user32.inc includelib \masm32\lib\kernel32.lib includelib \masm32\lib\comdlg32.lib includelib \masm32\lib\user32.lib ;============================================================================================================================================= ; Data segment ;============================================================================================================================================= .data Caption db "Zedr0n's step #23",0 Filter db "Exe files",0 db "*.exe",0,0 Err_1 db "Error creating a dialog!",0 Err_2 db "Error finding correct instance of the module!",0 Err_3 db "Error setting the structure size!",0 Err_4 db "Error opening file!",0 Err_5 db "Error reading file!",0 ToRead equ 2 Exe db "This is a real EXE file!",0 Not_Exe db "This file just has .exe extension!",0 ;============================================================================================================================================ ; Variables segment ;============================================================================================================================================ .data? buffer db 256 dup(?) buffer_2 db 10 dup(?) op OPENFILENAME <> op_size equ $-op hModule HANDLE ? hFile HANDLE ? Read dd ? ;============================================================================================================================================= ; Code segment ;============================================================================================================================================= .code start: A1: invoke GetModuleHandle,NULL mov hModule,eax mov op.lpstrFilter,offset Filter mov op.lpstrTitle,offset Caption mov op.lpstrFileTitle,offset buffer mov op.hwndOwner,NULL mov op.nMaxFileTitle,256 mov op.hInstance,eax mov op.lStructSize,op_size invoke GetOpenFileName,offset op .if eax==0 invoke CommDlgExtendedError .if eax==CDERR_DIALOGFAILURE invoke MessageBox,NULL,offset Err_1,offset Caption,MB_OK .elseif eax==CDERR_NOHINSTANCE invoke MessageBox,NULL,offset Err_2,offset Caption,MB_OK .elseif eax==CDERR_STRUCTSIZE invoke MessageBox,NULL,offset Err_3,offset Caption,MB_OK .endif invoke CloseHandle,hModule invoke ExitProcess,NULL .endif A2: invoke CreateFile,offset buffer,GENERIC_READ,NULL,NULL,OPEN_EXISTING,FILE_ATTRIBUTE_ARCHIVE,NULL mov hFile,eax .if eax==INVALID_HANDLE_VALUE invoke MessageBox,NULL,offset Err_4,offset Caption,MB_OK invoke CloseHandle,hModule invoke ExitProcess,NULL .endif A3: invoke ReadFile,hFile,offset buffer_2,ToRead,offset Read,NULL .if eax==0 invoke MessageBox,NULL,offset Err_5,offset Caption,MB_OK invoke CloseHandle,hModule invoke CloseHandle,hFile invoke ExitProcess,NULL .endif .if buffer_2[0]=='M' .if buffer_2[1]=='Z' invoke MessageBox,NULL,offset Exe,offset Caption,MB_OK .endif .else invoke MessageBox,NULL,offset Not_Exe,offset Caption,MB_OK .endif invoke CloseHandle,hModule invoke CloseHandle,hFile invoke ExitProcess,NULL end start