Programming and Coding
Programming and coding tips, help and solutions...
1,893 topics in this forum
-
.net IL Memory Patching?
by PermaNull- 4 replies
- 10.6k views
I'm wondering if there's any library available for patching IL code in-memory at run-time of a remote App, similar to how you'd perform detours or write memory to a remote C app. Basically I'm dealing with an application I'd like to bypass some checks on but getting defeated by the packer's integrity protection when manipulating the IL in the binary itself, so I figured my next best option was to write a loader and patch the process in memory. I've looked through a few different things: https://github.com/0xd4d/dnlib - I haven't discovered any in-memory patching functions for IL code in specific locations in dnlib if it exists please do let me know. Most o…
-
Problem calling hooked function (MinHook)
by Zeupert- 5 replies
- 10.1k views
In my DLL I am using the MinHook library to hook certain functions based on their address. The problem is, if I try to directly call the original function with the address that MinHook gives me, it ends up crashing, it only works when jumping directly to the address. I am working in x64 btw. I am hooking the function in a way like this: extern "C" LPVOID originalFunc; LPVOID myAddress = 0xDEADC0DE; MH_CreateHook(myAddress, &myCustomFunc, &originalFunc) the "myCustomFunc" is also declared extern "C" and is a function in a seperate assembly file, looking like this: myCustomFunc: *push all registers, similar to pushad* call myFunction *po…
-
- 7 replies
- 11k views
Hii, there's been a lots of obstacles on my first intro making BUT most of them have been resolved either by trying hard or looking for threads on forums BUT this time i can't find the answer anywhere, so i ask your help to solve this puzzle on my main.c project (Code::Blocks always create it with .c when using the OpenGL Project template BUT i still use C++ on it) i have included this ufmod.h header: https://pastebin.com/raw/UMuqxB6h (Note that it specifies Compiler: Visual C, Dev-C++ BUT i want to use Code::Blocks :c) and have this function to play music /* music function */ void play_xm(){ uFMOD_PlaySong((char*)1, 0, XM_RESOURCE); …
-
- 4 replies
- 5.3k views
Recently lost a bunch of old pdf files and whitepapers I had covering these kinds of topics. Looking for any examples/papers/pdfs etc. that contain things like: Anti-Decompiler Techniques Anti-Debugger Techniques Anti-Disassembler Techniques Mainly looking for native code protection information, not .NET related stuff.
-
[DELPHI 7 SOURCE] Simple Layered Encryption
by JohnWho- 3 replies
- 7.4k views
I have been working on a EXE protector for a looooooooooooong time and in the process i have coded a lot of test functions, here is a first and very basic version of one of them. Instead of just sharing the code snippets i put the functions to use by showing it in action. The example does: 1). Add a new section to a 32-bit .exe 2). Change entry point to new section, 3). Add variables to layer encrypted function and encrypt the 5 layers 4). Write layer encrypted function to new section When target file is executed the 5 layers is decrypted, on last layer OEP is decrypted and jump is taken to OEP. All is simple xor encryption. …
-
- 0 replies
- 4.7k views
Syntia is a program synthesis based framework for deobfuscation. It uses instruction traces as an blackbox oracle to produce random input and output pairs. From these I/O pairs, the synthesizer learns the code's underlying semantic. https://github.com/RUB-SysSec/syntia
-
Allocate Console in Java
by CodeExplorer- 3 replies
- 13.2k views
Allocate Console in Java??? When I try to run the bolded one it doesn't work: JavaCompiler compiler = ToolProvider.getSystemJavaCompiler(); int compilationResult = compiler.run(null, null, null,sourceFile.getPath()); The run method can use streams to handle input and output: int run(InputStream in, OutputStream out, OutputStream err, String... arguments) When I run the program from console with java.exe or even javaw.exe all works ok. SO I think it fails because it doesn't have a console window or such... Anyone know how to solve the problem?
-
Execute an exe in same process Java
by CodeExplorer- 2 replies
- 5k views
Hi guys and gals. I wanna execute an exe inside same process with Java code. Hopefully someone will give some advices , I am not familiarly not even with executing exes from native code. So first I have to use LoadLibrary of the exe, then what? From what I've read on https://stackoverflow.com/questions/44912/java-delegates I'm fornicated since there are no delegates on Java!
-
Java Compilers
by CodeExplorer- 2 replies
- 9.5k views
Java Compilers Some time ago I've searched over NET for java compilers, then without good results, Now I've found some: https://blogs.oracle.com/sundararajan/week-end-fun-with-the-java-compiler-source-code https://en.wikipedia.org/wiki/Javac http://janino-compiler.github.io/janino/ https://github.com/janino-compiler/janino https://stackoverflow.com/questions/616532/on-the-fly-in-memory-java-code-compilation-for-java-5-and-java-6 https://commons.apache.org/proper/commons-jci/ jci seems tom be the winner, trough is a bit outdated.
-
C++ end-of-function hooking
by JQueue- 5 replies
- 23.3k views
Are there any C++ hooking libraries that also allows a function to be called right before the return statement? I would like to get some values from two registers after the function has executed, without having to hook all the places where this function is called.
-
Annoying error
by Avenger- 1 reply
- 4.6k views
Hi When i load and save assembly(without any editing) (using dnlib) result is broken When i run result I got below message: And when I open it on dnspy : What's wrong?
-
Invoke method
by Avenger- 3 replies
- 6.8k views
Hi I want to invoke method from c++/cli assembly but when I use Assembly.Load(filename) I get caught in catch block with below message: "Attempt to load an unverifiable executable with fixups (IAT with more than 2 sections or a TLS section.)" What should i do to load assembly and invoke method?
-
Assembly.Load vs LoadFile vs LoadFrom
by CodeExplorer- 2 replies
- 10.5k views
Assembly.Load vs LoadFile vs LoadFrom Link: />http://codingarchitect.wordpress.com/2006/09/11/assembly-load-vs-loadfile-vs-loadfrom/
-
- 8 replies
- 9.4k views
I'm using : - windows 7 x64 - Android studio 2.3.3 with offline gradle (gradle-4.2) - Ndk is installed (android-ndk-r15c-windows-x86_64) - CMake is installed (cmake-3.10.0-rc4) - lldb for debuging is installed Why the native method is always in red? How to load Prebuilt Libraries ".so" files properly into android studio? If possible, i need a demo project for using prebuild libraries. I attached a sample project for my work and a screen capture for android project. Forgive me if i can't reply in time, i have a limited internet connection. -------------------------------- how to use Android.mk? ----------------…
-
- 6 replies
- 6.8k views
Hello, I have been trying to make different self modifying programs in c++, but there have been some problems I am facing due to my less knowledge and experiences. I would be grateful if anyone helps me about these 2 question. 1. how to make the exe's code section writable programmatically? normally, after compiling the program, I use cff explorer and change the "is writable" flag of that program to allow it modify itself. But what code can I write inside the main() function to make it compile with the write allowed? 2. So, far, to make some certain lines self modifying, I am doing it this way : asm("nop"); asm("nop"); asm("nop"); asm("nop"); asm("no…
-
- 1 reply
- 5.3k views
Hello there.. There is some C paper about dll ? I already compiling dll... but I can't find any in depth article or paper about it in pure C. Only in C++... I do like C, but anywhere that i look is C++.
-
- 10 replies
- 6.8k views
Hello, how do you make a .net coded program self modify itself at run-time? I am not talking about making a loader program or something like that. Like, in native, you can make the program xor itself from and upto certain addresses at runtime, is it possible to do the same in .net? Then how? Now, about modifying IL codes. So far, I know about basic code injection in a method using mono.cecil library, but I can do it only in a non-running app. I intend to add some codes in sub_new () or entry point method to make the program add/remove/modify few IL code lines in a specific method. Like this, sub new() // get the certain method // add/remove IL code fr…
-
Need help with Delphi
by T-rad- 5 replies
- 7.2k views
I started playing with Delphi again after a couple of years and now I am feeling dumb, really dumb. Is there a function in Delphi that reads an ascii string, say 54 2D 72 61 64 (T-rad) as 64 00 00 00 54 2D 72 61 (d...T-ra) string type Thanks for any help T-rad
-
- 0 replies
- 4.6k views
Hello, I'm developing a processor module for IDA (using the C API) and I've run into something that has me quite annoyed. Sometimes, when I call the blocking functions from kernwin.hpp (warning(), for example, which displays a MessageBox), they would cause IDA to crash. Removing those function calls from the processor module makes it work fine. I'm calling those functions from within my emulator function, and when IDA calls my outputter afterwards to output the instruction it crashes inside the call I make to MakeLine(). Digging a bit deeper, it seems like IDA loads and unloads some sort of context related to the GUI or outputting of disassembled t…
-
LM-X SDK (4.8) [Request]
by h4sh3m- 0 replies
- 6.3k views
Hi all friends Please share this SDK if you have it ! I need some header files if anyone have it but don't like share full sdk ! BR, h4sh3m
-
Find the process name that locks a file
by djpolgio- 4 replies
- 7k views
I know this is not an easy one .... I tried with IFileIsInUse but works only if the Process uses it to lock the files. I tried also what suggested as "The Hard Way" here : hxxps://stackoverflow.com/questions/8726906/delphi-finding-the-process-that-is-accessing-a-file-from-my-program but seems not working either any idea ? Regards S
-
- 5 replies
- 7.1k views
Hello guys, how are you all ? I trying to do a PoC about PEB hooking and at this point i just trying to code a dll that receives the call and pass to the original dll. I have the dlltest2.dll with 3 functions and in the nasm I am exporting these same 3 functions. I thought that if I did a LoadLibrary with the original the __imp_ would be the original function, but instead the NTDLL is loading my own nasm/dll functions on the IAT making a infinite loop... For example the function NOME goes to the IAT that it forced to ack to the same nasm/NONAME function instead of the dlltest2.dll/NONAME. I did this piece of code in NASM [BITS 32] global _start gl…
-
How to minimize open windows?
by LCF-AT- 5 replies
- 5.8k views
Hi, just have a tiny question.So I was just looking for a small code what can send a minimize command for all open windows and also these who are not present in the taskbar and only using tray icon.So I found something like that... invoke FindWindow,chr$("Shell_TrayWnd"),0 invoke SendMessage,eax,WM_COMMAND,419,0 ....its also working to minimize all at once which are also present in taskbar but I also have running a other app which isnt present in taskbar and just using a try icon to show & minimize the window there and this keeps open.So what lpClassName parameter name I have to use for this to minimize that too? Shell_TrayWnd + ReBarWindow32 + TryNo…
-
Change of ImageBase in code section - MASM disassembler??
by CodeExplorer- 5 replies
- 4.9k views
On x64 there is no need for fixing code section, so all worked ok. For x32 I have to change ImageBase (rebase) for code section. For doing that I have disassemble code section or at last parse instruction and add its size, then check for instructions I wanna fix, is there any MASM disassembler with source code?
-
- 1 reply
- 5.9k views
Hey, Can someone explain how I can get rid of all these crt and runtime crap? tried static link, no effect tried /MD -> /MT no effect thanks!
