Programming and Coding
Programming and coding tips, help and solutions...
1,883 topics in this forum
-
- 12 replies
- 7.6k views
Hi I'm looking for example on creatingprocess and then acquiring it's context via GetThreadContext without using DEBUG_PROCESS or DEBUG_ONLY_THIS_PROCESS. If I use CreateProcess with only CREATE_SUSPENDED flag I end up with ERROR_NOACCESS as my thread have no THREAD_GET_CONTEXT attribute. I've tried to use SetSecurityInfo but without luck. If someone have other ideas I'll be glad to test them.
-
- 6 replies
- 5.1k views
Hi guys, so I just have a small question about the SYSTEM_INFO struct and checking the wProcessorArchitecture type to check whether the running OS is x86 or x64 version.So if I read it right then its enough to checking the wProcessorArchitecture type only to get the info about x86 / x64 any "no matter" if I call GetSystemInfo / GetNativeSystemInfo from a x86 or x64 application right?So in this case I dont need to check for IsWow64Process API. If so then I have a add on question.So I found a code about checking Win versions etc and at the end its also checking for wProcessorArchitecture to send output whether its 32 or 64 bit Win version (all clear so far).....BU…
-
address of section from memory
by Avenger- 5 replies
- 5k views
how can i get address of section(such as .text or .rsrc)from memory?
-
Looking for minimum supported C/S tool
by LCF-AT- 7 replies
- 5.3k views
Hi guys, short question.So is there any tool out there what can check other PE files and can give info about this PE file about whats the minimum required OS to run this PE file? Idea: You do load a PE file into the tool and the tool does check now all imports of the PE file and does check the APIs (comparing with a data bank) and does list all APIs + infos like this... API NAME | Minimum supported client ------------------------------------------------------- GetModuleFileName | Windows XP GetVersionEx | Windows 2000 Professional VerifyVersionInfo | Windows 2000 Professional IsWow64Process | Windows Vista, Windows XP with SP2 ...... …
-
need help about Virtualprotect
by spector- 8 replies
- 5.8k views
hello how i can use Virtualprotect to make a section of a pe file writeable , how to call it usig assembly code thank you
-
Thread Local Storage Exception Handler error
by Perplex- 5 replies
- 7.5k views
I've add Thread Local Storage in C++ project but Exception Handler error, What's the solution? Win32Project14.rar
-
PE Reading/Writing C++ library
by Perplex- 0 replies
- 4.2k views
I needed to C++ library for Reading/Writing PE (adding section / changing icon / changing version) which library is better (stable)?
-
- 2 replies
- 5k views
Hi guys, need some quick help again.I try to get the handle of controls where the mouse pointer is and used some APIs for this... GetCursorPos,WindowFromPoint at WM_NOTIFY message.So on first check it seems to work but now the problem I have.I use three controls which I wanna catch if mouse does move over these controls to set the focus on them.I use 2 Listviews and one ComboBoxEx32.Its works to compare the handles of both diffrent LVs to check whether foucs is already set or not but it does fail on the ComboBoxEx32 handle so this strange.My code for this looks so... IDC_LISTVIEW equ 1005 IDC_LISTVIEW2 equ 1006 IDC_COMBOBOX equ 1002 ----------------------…
-
Ebook to learn assembly x86
by ASE- 1 reply
- 5.6k views
Hello people! I'd really like to learn reverse engineering(without malicious purposes), but i read that to understand truly what i'm doing i need to learn x86 assembly language(for x86 programs on Windows), so...may you give me some advice about what's a good book to learn this language please?
-
- 0 replies
- 5.3k views
I have a simple VC++ 2015 project but I can not compile it, It seems the VC++ 2015 has bug. Compile-time error Error C1083 Cannot open precompiled header file: 'Debug\Win32Project12.pch': No such file or directory Win32Project12.rar
-
- 0 replies
- 8k views
EDIT maybe this thread should be moved into another sub forum? not sure i'm currently programing a Shader Editor Tool to create on the fly own GLSL Shaders. Of course Shaders are moving and been animated in that tool. It is possible to manipulate or rewrite or start from the scratch with a brand new GLSL Shader. Shader Tool Screenshot: Video: https://www.youtube.com/watch?v=pcqRxk3kzOU&feature=youtu.be no helpfile yet. the video should explain the "how to" after all it is possible to do some pre work for later Demo and Cracktro Coding. you can write your own GLSL Shader on the fly and export 'em for PureBasic Demo usage as…
-
OpenProcess Problem...
by LCF-AT- 7 replies
- 8.2k views
Hi guys, I need some little help again.So I need to build a processlist to get shwon all running processes & to choose any process to read infos / change infos inside etc.Now the problem is that I dont get access to all running process from my system using OpenProcess API with PROCESS_ALL_ACCESS flag.So for almost the half processes I dont get access and get access denied back in eax.How to get access to all processes?OpenProcess API with that flag seems to be not enough in that case. greetz
-
SCSI_PASS_THROUGH_DIRECT in Masm?
by Sh4DoVV- 6 replies
- 7.3k views
Hi friends how to use SCSI_PASS_THROUGH_DIRECT structure in Masm ? i want read disk structure with this structure i have vb6 source , but i can not convert it to masm
-
Trying to modify an assembly at runtime
by MindSystem- 1 reply
- 6.5k views
Hi everybody, that was a long time that i didn't try to code anything. So sorry if there're stupid mistakes in my code. I try to have an assembly that modify itself at runtime For example, all Nop opcode becomes Ret opcode (don't try to find logic ) So i inject a method in the .cctor of the assembly. Here's the code : Assembly currentAssembly = Assembly.GetExecutingAssembly(); Type type = currentAssembly.GetType(); foreach(MethodInfo method in type.GetMethods()) { RuntimeHelpers.PrepareMethod(method.MethodHandle); byte[] iLAsByteArray = method.GetMethodBod…
-
Looking for Hook lib for MASM
by LCF-AT- 12 replies
- 7.6k views
Hi guys, I am looking for any API hook code / lib for MASM.So just wanna ask whether there is something to get or not.I cant find for example the MinHook lib but only for C++ again and not for MASM and before I start to write something by myself I do better ask before so maybe I can save the work for this.Maybe you know something I could use for MASM if there is something out. Thank you
-
Gathering Twitter , facebook data ?
by kb432- 9 replies
- 9k views
How to Get Twitter, Facebook chat messages using C,C++ ? Thanks
-
Question related to MS's CL and GCC
by Aldhard Oswine- 3 replies
- 5.7k views
I'm learning how C/C++ codes are translated into the assembly language by different compilers. I have following code: #include <cstdio> class Pie { double z; }; int main(){ Pie a = Pie(); Pie v = Pie(); Pie d = a; Pie b = Pie(); } Following is generated by GCC -m32 without optimization: main: push ebp mov ebp, esp push ecx sub esp, 32 lea ecx, [ebp+8] fldz fstp QWORD PTR [ebp-12] fldz fstp QWORD PTR [ebp-20] fld QWORD PTR [ebp-12] fstp QWORD PTR [ebp-28] fldz fstp QWORD PTR [ebp-36] …
-
C/C++ into assembly code
by Aldhard Oswine- 3 replies
- 6.2k views
Is there any book or articles about how C/C++ code is translated into assembly code? like how classes or structs, pointers, etc. are translated into an assembly code
-
Subclass problem but why? 1 2
by LCF-AT- 42 replies
- 26.9k views
Hi guys, so today I wanna ask some questions about subclassing again.So I thought I would know how to subclass correctly but before a few days I got some problems and now I think I dont know how to subclass correctly.So I have following problem now. I just created a dialog window and in this window to create just a simple static control and this I wanna subclass.So I just used CreateWIndowEx API to create static and right after this I used SetWindowLong API with the handle I got before for the static... invoke CreateWindowEx,0,chr$("STATIC"),NULL,WS_CHILD or WS_VISIBLE ,20, 20,200, 100,hWnd, 0,hInstance, 0 mov hWndStatic,eax invoke SetWindowLong,hW…
-
ignore an exception
by Avenger- 0 replies
- 6.7k views
i made anti decompiler for my protector in other word IL codes is true but decompiler can't decompile it but my app have an exception exception : "Common Language Runtime detected an invalid program." how can i ignore the exception?
-
- 3 replies
- 4.9k views
i create a loader in vb6 and it work but in purebasic not working this in vb6 Dim ProcExecS As Long ProcExecS = CreateProcess("File.exe", ByVal 0&, ByVal 0&, ByVal 0&, 1&, NORMAL_PRIORITY_CLASS, ByVal 0&, sNull, sInfo, pInfo) If ProcExecS Then WriteProcessMemory pInfo.hProcess, &H47DBF4, &HEB19, 2, 0& WriteProcessMemory pInfo.hProcess, &H47DBF4 + 2, &H9090, 2, 0& WriteProcessMemory pInfo.hProcess, &H47DBF4 + 4, &H9090, 2, 0& CloseHandle pInfo.hProcess End If this in PB ProcExecS = CreateProcess_("File.exe", $0, #NUL, #NUL, #False, NORMAL_PRIORITY_CLASS, #NUL, #NUL, @StartInfo, @ProcessInfo) If ProcEx…
-
convert asm instruction
by JustAGuy- 2 replies
- 4.9k views
How do I rewrite this code into high level language to have 4fa1 as a result. MOV EAX, 0x4ea1 MOV EDX. 0x8d4f OR AH, DL EAX = 0x4fa1 my half-solution so far 1. (a >> 8) = 0x4e 2. (d && 0xff) = 0x4f 3. a | d a = 0x4f how to make variable a = 0x4fa1 ? I understand what's wrong but have no idea how to fix it.
-
SEH based VM Engine by Yattering
by Yattering- 0 replies
- 7.7k views
This is simple VM engine for Win32 x86 code virtualize, what can replace some machine command by own equal VM commands, so protected code can't run without external VM Engine. This project is only proof of concept, it be written for educational purposes. So, you can use it for fornication AV`s, reversers or FBI Example of use: Assembly litsing: ; SEH based VM Engine by Yattering, 2016 ; e-mail: yattering (at) sigaint (d0t) org ; jabber: yattering (at) xmpp (d0t) jp format MS COFF include 'sehvm.inc' extrn '__imp__MessageBoxA@16' as MessageBoxA:dword extrn '_exception_handler' as _exception_handler public _main section '.text' code readable executable _m…
-
- 31 replies
- 12.6k views
Most of us know there is one ID for each process, actually no, there is more than one. Very Simple and new for some users: 1- How many PID ( Process Identifier ) for each process? 2- Why windows task listing methods or enumerating methods deal with one PID (the first one of them) ? Regards Amer
-
How to get base / Olly 1 plugin?
by LCF-AT- 6 replies
- 8.4k views
Hi guy, I have only a short simple question.So I am working on Olly 1 plugin and now I see a problem about how to get the base of the file which was loaded in Olly.Just have seen this now during testing a dll file.So first I tried to use the Plugingetvalue API with VAL_MAINBASE paramter but there I get result 0 back if I have loaded a dll.So where can I catch the given base of the loaded process?On any ODBG export or is there any other Olly API etc? Thanks
