Programming and Coding
Programming and coding tips, help and solutions...
1,886 topics in this forum
-
PE structs question
by LCF-AT- 6 replies
- 5.5k views
Hi guys, I have a new problem and wanna find a solution.So at the moment I try to work with the PE structs and found something strange.My goal was it just to read some PE Header datas just to check whether the file is a NET target or not (optinal also to find the NET version the file needs to run if possible). So the IMAGE_NT_HEADERS structs points me to the OptionalHeader IMAGE_OPTIONAL_HEADER32 struct and this points me to DataDirectory IMAGE_DATA_DIRECTORY struct and there I have this... IMAGE_DATA_DIRECTORY STRUCT VirtualAddress DWORD ? isize DWORD ? IMAGE_DATA_DIRECTORY ENDS ....that all?Why this?If I follow the way in Ol…
-
Static lib C return value problems
by LCF-AT- 11 replies
- 6.4k views
Hi guys, so I have just a little question about static libs (dont find any older topics to post my question). So I wrote some dll code and created some export functions with MASM and now I have the normal buld lib of the dll like other libs like kernel32 etc (you need to have kernel dll).Now if I build a new project and use my lib with some functions then it will also need the dll where I used the lib from and this I dont wanna have and would like to build a static lib from my lib so that I dont need the dll itself later in my project.All clear so far right.Now I used a tool called dll to lib to build a lib from my dll (which is in MASM compiled dll) to get a st…
-
Assembly and C++
by Aldhard Oswine- 5 replies
- 6.2k views
I'm trying to learn Reverse Engineering, at this time I compile C++ code without any optimization and see the correspond assembly in IDA's disassembler, but there are some parts of the code, where I can not guess what happens. I think many of you can help me to answer this questions C++ code: #include <stdio.h> #include <string> void fillarray(int is[11], int size) { for (int i = 0; i < size; ++i) { is[i] = i; } } int main() { char* chr = "First"; std::string m = "Secdond"; static int arr[11]; std::string m1 = "Third"; auto size = sizeof(arr) / sizeof(arr[0]); fillarray(arr, size); int num = 11; printf_s("%d", num); get…
-
Editors tools - source code C#
by CodeExplorer- 8 replies
- 8.2k views
Editors tools - source code C# This include: AssemblyReconstructor ByteArrayInitializer FrameworkChanger HonorableNetPatcher ModuleToAssembly ModuleToAssembly_Mono ReferencedVersionChanger ResourceCopy ResourceManager StringAdder Link: http://www.multiupload.nl/ZFVUFB1E4R Editors.zip
-
- 12 replies
- 7.8k views
Hi I'm looking for example on creatingprocess and then acquiring it's context via GetThreadContext without using DEBUG_PROCESS or DEBUG_ONLY_THIS_PROCESS. If I use CreateProcess with only CREATE_SUSPENDED flag I end up with ERROR_NOACCESS as my thread have no THREAD_GET_CONTEXT attribute. I've tried to use SetSecurityInfo but without luck. If someone have other ideas I'll be glad to test them.
-
- 6 replies
- 5.3k views
Hi guys, so I just have a small question about the SYSTEM_INFO struct and checking the wProcessorArchitecture type to check whether the running OS is x86 or x64 version.So if I read it right then its enough to checking the wProcessorArchitecture type only to get the info about x86 / x64 any "no matter" if I call GetSystemInfo / GetNativeSystemInfo from a x86 or x64 application right?So in this case I dont need to check for IsWow64Process API. If so then I have a add on question.So I found a code about checking Win versions etc and at the end its also checking for wProcessorArchitecture to send output whether its 32 or 64 bit Win version (all clear so far).....BU…
-
address of section from memory
by Avenger- 5 replies
- 5.1k views
how can i get address of section(such as .text or .rsrc)from memory?
-
Looking for minimum supported C/S tool
by LCF-AT- 7 replies
- 5.4k views
Hi guys, short question.So is there any tool out there what can check other PE files and can give info about this PE file about whats the minimum required OS to run this PE file? Idea: You do load a PE file into the tool and the tool does check now all imports of the PE file and does check the APIs (comparing with a data bank) and does list all APIs + infos like this... API NAME | Minimum supported client ------------------------------------------------------- GetModuleFileName | Windows XP GetVersionEx | Windows 2000 Professional VerifyVersionInfo | Windows 2000 Professional IsWow64Process | Windows Vista, Windows XP with SP2 ...... …
-
need help about Virtualprotect
by spector- 8 replies
- 6k views
hello how i can use Virtualprotect to make a section of a pe file writeable , how to call it usig assembly code thank you
-
Thread Local Storage Exception Handler error
by Perplex- 5 replies
- 7.6k views
I've add Thread Local Storage in C++ project but Exception Handler error, What's the solution? Win32Project14.rar
-
PE Reading/Writing C++ library
by Perplex- 0 replies
- 4.3k views
I needed to C++ library for Reading/Writing PE (adding section / changing icon / changing version) which library is better (stable)?
-
- 2 replies
- 5.1k views
Hi guys, need some quick help again.I try to get the handle of controls where the mouse pointer is and used some APIs for this... GetCursorPos,WindowFromPoint at WM_NOTIFY message.So on first check it seems to work but now the problem I have.I use three controls which I wanna catch if mouse does move over these controls to set the focus on them.I use 2 Listviews and one ComboBoxEx32.Its works to compare the handles of both diffrent LVs to check whether foucs is already set or not but it does fail on the ComboBoxEx32 handle so this strange.My code for this looks so... IDC_LISTVIEW equ 1005 IDC_LISTVIEW2 equ 1006 IDC_COMBOBOX equ 1002 ----------------------…
-
Ebook to learn assembly x86
by ASE- 1 reply
- 5.7k views
Hello people! I'd really like to learn reverse engineering(without malicious purposes), but i read that to understand truly what i'm doing i need to learn x86 assembly language(for x86 programs on Windows), so...may you give me some advice about what's a good book to learn this language please?
-
- 0 replies
- 5.4k views
I have a simple VC++ 2015 project but I can not compile it, It seems the VC++ 2015 has bug. Compile-time error Error C1083 Cannot open precompiled header file: 'Debug\Win32Project12.pch': No such file or directory Win32Project12.rar
-
- 0 replies
- 8.1k views
EDIT maybe this thread should be moved into another sub forum? not sure i'm currently programing a Shader Editor Tool to create on the fly own GLSL Shaders. Of course Shaders are moving and been animated in that tool. It is possible to manipulate or rewrite or start from the scratch with a brand new GLSL Shader. Shader Tool Screenshot: Video: https://www.youtube.com/watch?v=pcqRxk3kzOU&feature=youtu.be no helpfile yet. the video should explain the "how to" after all it is possible to do some pre work for later Demo and Cracktro Coding. you can write your own GLSL Shader on the fly and export 'em for PureBasic Demo usage as…
-
OpenProcess Problem...
by LCF-AT- 7 replies
- 8.4k views
Hi guys, I need some little help again.So I need to build a processlist to get shwon all running processes & to choose any process to read infos / change infos inside etc.Now the problem is that I dont get access to all running process from my system using OpenProcess API with PROCESS_ALL_ACCESS flag.So for almost the half processes I dont get access and get access denied back in eax.How to get access to all processes?OpenProcess API with that flag seems to be not enough in that case. greetz
-
SCSI_PASS_THROUGH_DIRECT in Masm?
by Sh4DoVV- 6 replies
- 7.4k views
Hi friends how to use SCSI_PASS_THROUGH_DIRECT structure in Masm ? i want read disk structure with this structure i have vb6 source , but i can not convert it to masm
-
Trying to modify an assembly at runtime
by MindSystem- 1 reply
- 6.6k views
Hi everybody, that was a long time that i didn't try to code anything. So sorry if there're stupid mistakes in my code. I try to have an assembly that modify itself at runtime For example, all Nop opcode becomes Ret opcode (don't try to find logic ) So i inject a method in the .cctor of the assembly. Here's the code : Assembly currentAssembly = Assembly.GetExecutingAssembly(); Type type = currentAssembly.GetType(); foreach(MethodInfo method in type.GetMethods()) { RuntimeHelpers.PrepareMethod(method.MethodHandle); byte[] iLAsByteArray = method.GetMethodBod…
-
Looking for Hook lib for MASM
by LCF-AT- 12 replies
- 7.8k views
Hi guys, I am looking for any API hook code / lib for MASM.So just wanna ask whether there is something to get or not.I cant find for example the MinHook lib but only for C++ again and not for MASM and before I start to write something by myself I do better ask before so maybe I can save the work for this.Maybe you know something I could use for MASM if there is something out. Thank you
-
Gathering Twitter , facebook data ?
by kb432- 9 replies
- 9.2k views
How to Get Twitter, Facebook chat messages using C,C++ ? Thanks
-
Question related to MS's CL and GCC
by Aldhard Oswine- 3 replies
- 5.8k views
I'm learning how C/C++ codes are translated into the assembly language by different compilers. I have following code: #include <cstdio> class Pie { double z; }; int main(){ Pie a = Pie(); Pie v = Pie(); Pie d = a; Pie b = Pie(); } Following is generated by GCC -m32 without optimization: main: push ebp mov ebp, esp push ecx sub esp, 32 lea ecx, [ebp+8] fldz fstp QWORD PTR [ebp-12] fldz fstp QWORD PTR [ebp-20] fld QWORD PTR [ebp-12] fstp QWORD PTR [ebp-28] fldz fstp QWORD PTR [ebp-36] …
-
C/C++ into assembly code
by Aldhard Oswine- 3 replies
- 6.3k views
Is there any book or articles about how C/C++ code is translated into assembly code? like how classes or structs, pointers, etc. are translated into an assembly code
-
Subclass problem but why? 1 2
by LCF-AT- 42 replies
- 27.3k views
Hi guys, so today I wanna ask some questions about subclassing again.So I thought I would know how to subclass correctly but before a few days I got some problems and now I think I dont know how to subclass correctly.So I have following problem now. I just created a dialog window and in this window to create just a simple static control and this I wanna subclass.So I just used CreateWIndowEx API to create static and right after this I used SetWindowLong API with the handle I got before for the static... invoke CreateWindowEx,0,chr$("STATIC"),NULL,WS_CHILD or WS_VISIBLE ,20, 20,200, 100,hWnd, 0,hInstance, 0 mov hWndStatic,eax invoke SetWindowLong,hW…
-
ignore an exception
by Avenger- 0 replies
- 6.9k views
i made anti decompiler for my protector in other word IL codes is true but decompiler can't decompile it but my app have an exception exception : "Common Language Runtime detected an invalid program." how can i ignore the exception?
-
- 3 replies
- 5k views
i create a loader in vb6 and it work but in purebasic not working this in vb6 Dim ProcExecS As Long ProcExecS = CreateProcess("File.exe", ByVal 0&, ByVal 0&, ByVal 0&, 1&, NORMAL_PRIORITY_CLASS, ByVal 0&, sNull, sInfo, pInfo) If ProcExecS Then WriteProcessMemory pInfo.hProcess, &H47DBF4, &HEB19, 2, 0& WriteProcessMemory pInfo.hProcess, &H47DBF4 + 2, &H9090, 2, 0& WriteProcessMemory pInfo.hProcess, &H47DBF4 + 4, &H9090, 2, 0& CloseHandle pInfo.hProcess End If this in PB ProcExecS = CreateProcess_("File.exe", $0, #NUL, #NUL, #False, NORMAL_PRIORITY_CLASS, #NUL, #NUL, @StartInfo, @ProcessInfo) If ProcEx…
