Author Topic: Bomz new topic.  (Read 13058 times)

bomz

  • Member
  • **
  • Posts: 122
Bomz new topic.
« on: August 09, 2021, 07:49:52 PM »
OK. very many topics. it is not very last I hope to do.

make. it working. but not ignoring sertificate
Code: [Select]
.386

.model flat, stdcall
option casemap :none

include \MASM32\include\windows.inc
include \MASM32\include\user32.inc
include \MASM32\include\kernel32.inc
include \MASM32\include\wininet.inc
includelib \MASM32\lib\user32.lib
includelib \MASM32\lib\kernel32.lib
includelib \MASM32\lib\wininet.lib

.data
UserAgent db "Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko",0
Server db "www.paypal.com",0;"twitter.com",0;"www.livenewsnow.com",0;"mail.yahoo.com",0;
FName db 0;
.data?
Buffer db 65536 dup(?);4096
hSession dd ?

hRequest dd ?
hConnect dd ?
hOutCon dd ?
_rb dd ?
_wb dd ?

.code
start:

invoke InternetOpen, addr UserAgent, INTERNET_OPEN_TYPE_PRECONFIG, NULL, NULL, NULL;INTERNET_OPEN_TYPE_DIRECT
.if eax==0
invoke GetLastError
mov ebx,eax
jmp NoParam
.endif
mov hSession,eax

invoke InternetConnect, hSession, addr Server, INTERNET_DEFAULT_HTTP_PORT, NULL, NULL, INTERNET_SERVICE_HTTP, 0, 0
.if eax==0
invoke GetLastError
mov ebx,eax
jmp @1
.endif
mov hConnect,eax

invoke HttpOpenRequest, hConnect, NULL, addr FName, NULL, NULL, NULL, \
INTERNET_FLAG_PRAGMA_NOCACHE or INTERNET_FLAG_RELOAD OR INTERNET_FLAG_IGNORE_CERT_CN_INVALID OR INTERNET_FLAG_IGNORE_CERT_DATE_INVALID, 0 ;
.if eax==0
invoke GetLastError
mov ebx,eax
jmp @2
.endif
mov hRequest,eax

invoke HttpSendRequest, hRequest, NULL, 0, NULL, 0
.if eax==0
invoke GetLastError
mov ebx,eax
jmp @3
.endif

invoke GetStdHandle, STD_OUTPUT_HANDLE
mov hOutCon,eax
xor ebx,ebx
@@:
invoke InternetQueryDataAvailable, hRequest, addr _rb, 0, 0
.if eax==0
invoke GetLastError
mov ebx,eax
jmp @3
.endif
cmp _rb, 0
je @3
invoke InternetReadFile, hRequest, addr Buffer, _rb, addr _rb
.if !eax
invoke GetLastError
mov ebx,eax
jmp @3
.endif
invoke WriteFile,hOutCon,addr Buffer,_rb,addr _wb,NULL
jmp @B
@3:
invoke InternetCloseHandle, hRequest
@2:
invoke InternetCloseHandle, hConnect
@1:
invoke InternetCloseHandle, hSession
NoParam:
invoke ExitProcess,ebx
end start

bomz

  • Member
  • **
  • Posts: 122
Re: Bomz new topic.
« Reply #1 on: August 09, 2021, 09:19:49 PM »
code works, but send two requst instead of one. first try http than redirect to https.
and not ignoring sertificate. sad but than I use my http trafic analyzer it ignoring sertifacate so I can't catch reason
Code: [Select]
invoke HttpOpenRequest, hConnect, NULL, addr FName, NULL, NULL, NULL, \
;INTERNET_FLAG_PRAGMA_NOCACHE OR INTERNET_FLAG_RELOAD OR INTERNET_FLAG_IGNORE_CERT_CN_INVALID OR INTERNET_FLAG_IGNORE_CERT_DATE_INVALID, 0 ;
INTERNET_FLAG_RELOAD OR INTERNET_FLAG_NO_CACHE_WRITE OR INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTP\
OR INTERNET_FLAG_IGNORE_REDIRECT_TO_HTTPS OR INTERNET_FLAG_IGNORE_CERT_DATE_INVALID\
OR INTERNET_FLAG_IGNORE_CERT_CN_INVALID OR INTERNET_FLAG_KEEP_CONNECTION, 0;

SecFlags dd SECURITY_FLAG_IGNORE_UNKNOWN_CA OR INTERNET_FLAG_IGNORE_CERT_CN_INVALID OR INTERNET_FLAG_IGNORE_CERT_DATE_INVALID OR SECURITY_FLAG_IGNORE_WRONG_USAGE

invoke InternetSetOption, hRequest, INTERNET_OPTION_SECURITY_FLAGS, addr SecFlags, sizeof SecFlags

TouEnMasm

  • Member
  • *****
  • Posts: 1804
    • EditMasm
Re: Bomz new topic.
« Reply #2 on: August 09, 2021, 11:01:48 PM »

A working sample could help http://luce.yves.pagesperso-orange.fr/SourceCode.htm
search "Moteur de recherche Internet"
Fa is a musical note to play with CL

bomz

  • Member
  • **
  • Posts: 122
Re: Bomz new topic.
« Reply #3 on: August 10, 2021, 01:13:18 AM »
now I think that deal is not in ignorign sertifecates. but in import sertifecate from Mozilla
perhaps that the reason why curl works with such sites and IE not
I used CURL, but besides the fact that it was inconvenient for some reasons, failures in the Internet connection led to the fatal termination execution of applications, including parent applications (!), so I tried to replace the CURL. perhaps because CURL use winsocket, I make application using winsocket and they also terminate fataly

Code: [Select]
@ECHO OFF
COLOR 9F
cd /d %~dp0
find "InternetOpen" .\search_Engine\*.inc
pause
cls
find "InternetOpen" .\search_http\*.inc
pause & GOTO :EOF

TouEnMasm

  • Member
  • *****
  • Posts: 1804
    • EditMasm
Re: Bomz new topic.
« Reply #4 on: August 10, 2021, 01:52:29 AM »

What is the name of the search engine you try to connect ?
Fa is a musical note to play with CL

bomz

  • Member
  • **
  • Posts: 122
Re: Bomz new topic.
« Reply #5 on: August 10, 2021, 02:22:21 AM »
Code: [Select]
www.livenewsnow.com curl read it my application not
Code: [Select]
https://twitter.com/ curl read it, my application say not compatible brawser

TouEnMasm

  • Member
  • *****
  • Posts: 1804
    • EditMasm
Re: Bomz new topic.
« Reply #6 on: August 10, 2021, 03:35:22 AM »
Twitter.com need an account,you must give some informations to the site ,get a password to have an access.
Without that access denied.
user agent http://www.webapps-online.com/online-tools/user-agent-strings/dv/plugin55213/twitter-app
Fa is a musical note to play with CL

bomz

  • Member
  • **
  • Posts: 122
Re: Bomz new topic.
« Reply #7 on: August 10, 2021, 03:43:29 AM »
to open twiitter you don't need any accounts, or you can't register at all
« Last Edit: August 10, 2021, 07:14:54 AM by bomz »

TouEnMasm

  • Member
  • *****
  • Posts: 1804
    • EditMasm
Re: Bomz new topic.
« Reply #8 on: August 10, 2021, 04:04:27 AM »
Happy are you,I need a google account to enter and anwer some questions who can be passed.
I find this as user agent Twitterbot/1.0

Fa is a musical note to play with CL

bomz

  • Member
  • **
  • Posts: 122
Re: Bomz new topic.
« Reply #9 on: August 10, 2021, 05:20:24 AM »
when I use HTTP Trafic Analyzer, application begin work with problem sites correctly.
I think analyzer hook all trafic and sites can't recognize IE "hide" behind it
so exist some method which allow to use wininet with non support sites
at the same time CURL behind traffic analyzer need --insecure option

« Last Edit: August 10, 2021, 07:15:12 AM by bomz »

TouEnMasm

  • Member
  • *****
  • Posts: 1804
    • EditMasm
Re: Bomz new topic.
« Reply #10 on: August 10, 2021, 04:18:52 PM »

If I look your code ,I see .386
Are you working with an also old processor ??
Fa is a musical note to play with CL

bomz

  • Member
  • **
  • Posts: 122
Re: Bomz new topic.
« Reply #11 on: August 10, 2021, 05:48:34 PM »
I prefer make soft compatible from Windows NT 4.0 to Windows 10
without needness of gygabytes dll's, or assembler lost it sense
however, I understand why Billy does the opposite.
virtual machine have any processors

now I think try to use own server to see difference between headers through traffic analyzer and without it

TimoVJL

  • Member
  • *****
  • Posts: 1104
Re: Bomz new topic.
« Reply #12 on: August 10, 2021, 06:14:03 PM »
Windows WinInet TLS support before 7 is weak and there is only long term updates for WindowsXP  :sad:
May the source be with you

bomz

  • Member
  • **
  • Posts: 122
Re: Bomz new topic.
« Reply #13 on: August 10, 2021, 06:27:20 PM »
Chinese export win 7 browsers to xp system

bomz

  • Member
  • **
  • Posts: 122
Re: Bomz new topic.
« Reply #14 on: August 12, 2021, 10:53:45 AM »
Code: [Select]
invoke InternetQueryOption, hRequest, INTERNET_OPTION_SECURITY_FLAGS, NULL, addr _fs
.if _fs
;invoke GetProcessHeap
;mov hMemory,eax
;invoke HeapAlloc,eax,HEAP_ZERO_MEMORY,_fs
invoke GlobalAlloc,GMEM_ZEROINIT,_fs
mov hMemPointer,eax

jmp @F
form db "EAX: %u", 0
@@:
invoke wsprintf,addr Buffer,addr form,dword ptr[hMemPointer]
invoke MessageBox,0,addr Buffer,NULL,MB_ICONASTERISK

invoke InternetQueryOption, hRequest, INTERNET_OPTION_SECURITY_FLAGS, hMemPointer, addr _fs

invoke InternetSetOption, hRequest, INTERNET_OPTION_SECURITY_FLAGS, hMemPointer, _fs

invoke wsprintf,addr Buffer,addr form,eax
invoke MessageBox,0,addr Buffer,NULL,MB_ICONASTERISK

;invoke HeapFree,hMemory,0,hMemPointer
invoke GlobalFree,hMemPointer

.endif