Programming and Coding
Programming and coding tips, help and solutions...
1,893 topics in this forum
-
Trying to modify an assembly at runtime
by MindSystem- 1 reply
- 6.9k views
Hi everybody, that was a long time that i didn't try to code anything. So sorry if there're stupid mistakes in my code. I try to have an assembly that modify itself at runtime For example, all Nop opcode becomes Ret opcode (don't try to find logic ) So i inject a method in the .cctor of the assembly. Here's the code : Assembly currentAssembly = Assembly.GetExecutingAssembly(); Type type = currentAssembly.GetType(); foreach(MethodInfo method in type.GetMethods()) { RuntimeHelpers.PrepareMethod(method.MethodHandle); byte[] iLAsByteArray = method.GetMethodBod…
-
Looking for Hook lib for MASM
by LCF-AT- 12 replies
- 8.2k views
Hi guys, I am looking for any API hook code / lib for MASM.So just wanna ask whether there is something to get or not.I cant find for example the MinHook lib but only for C++ again and not for MASM and before I start to write something by myself I do better ask before so maybe I can save the work for this.Maybe you know something I could use for MASM if there is something out. Thank you
-
Gathering Twitter , facebook data ?
by kb432- 9 replies
- 9.5k views
How to Get Twitter, Facebook chat messages using C,C++ ? Thanks
-
Question related to MS's CL and GCC
by Aldhard Oswine- 3 replies
- 6.2k views
I'm learning how C/C++ codes are translated into the assembly language by different compilers. I have following code: #include <cstdio> class Pie { double z; }; int main(){ Pie a = Pie(); Pie v = Pie(); Pie d = a; Pie b = Pie(); } Following is generated by GCC -m32 without optimization: main: push ebp mov ebp, esp push ecx sub esp, 32 lea ecx, [ebp+8] fldz fstp QWORD PTR [ebp-12] fldz fstp QWORD PTR [ebp-20] fld QWORD PTR [ebp-12] fstp QWORD PTR [ebp-28] fldz fstp QWORD PTR [ebp-36] …
-
C/C++ into assembly code
by Aldhard Oswine- 3 replies
- 6.6k views
Is there any book or articles about how C/C++ code is translated into assembly code? like how classes or structs, pointers, etc. are translated into an assembly code
-
Subclass problem but why? 1 2
by LCF-AT- 42 replies
- 28.1k views
Hi guys, so today I wanna ask some questions about subclassing again.So I thought I would know how to subclass correctly but before a few days I got some problems and now I think I dont know how to subclass correctly.So I have following problem now. I just created a dialog window and in this window to create just a simple static control and this I wanna subclass.So I just used CreateWIndowEx API to create static and right after this I used SetWindowLong API with the handle I got before for the static... invoke CreateWindowEx,0,chr$("STATIC"),NULL,WS_CHILD or WS_VISIBLE ,20, 20,200, 100,hWnd, 0,hInstance, 0 mov hWndStatic,eax invoke SetWindowLong,hW…
-
ignore an exception
by Avenger- 0 replies
- 7.1k views
i made anti decompiler for my protector in other word IL codes is true but decompiler can't decompile it but my app have an exception exception : "Common Language Runtime detected an invalid program." how can i ignore the exception?
-
- 3 replies
- 5.3k views
i create a loader in vb6 and it work but in purebasic not working this in vb6 Dim ProcExecS As Long ProcExecS = CreateProcess("File.exe", ByVal 0&, ByVal 0&, ByVal 0&, 1&, NORMAL_PRIORITY_CLASS, ByVal 0&, sNull, sInfo, pInfo) If ProcExecS Then WriteProcessMemory pInfo.hProcess, &H47DBF4, &HEB19, 2, 0& WriteProcessMemory pInfo.hProcess, &H47DBF4 + 2, &H9090, 2, 0& WriteProcessMemory pInfo.hProcess, &H47DBF4 + 4, &H9090, 2, 0& CloseHandle pInfo.hProcess End If this in PB ProcExecS = CreateProcess_("File.exe", $0, #NUL, #NUL, #False, NORMAL_PRIORITY_CLASS, #NUL, #NUL, @StartInfo, @ProcessInfo) If ProcEx…
-
convert asm instruction
by JustAGuy- 2 replies
- 5.3k views
How do I rewrite this code into high level language to have 4fa1 as a result. MOV EAX, 0x4ea1 MOV EDX. 0x8d4f OR AH, DL EAX = 0x4fa1 my half-solution so far 1. (a >> 8) = 0x4e 2. (d && 0xff) = 0x4f 3. a | d a = 0x4f how to make variable a = 0x4fa1 ? I understand what's wrong but have no idea how to fix it.
-
SEH based VM Engine by Yattering
by Yattering- 0 replies
- 8.2k views
This is simple VM engine for Win32 x86 code virtualize, what can replace some machine command by own equal VM commands, so protected code can't run without external VM Engine. This project is only proof of concept, it be written for educational purposes. So, you can use it for fornication AV`s, reversers or FBI Example of use: Assembly litsing: ; SEH based VM Engine by Yattering, 2016 ; e-mail: yattering (at) sigaint (d0t) org ; jabber: yattering (at) xmpp (d0t) jp format MS COFF include 'sehvm.inc' extrn '__imp__MessageBoxA@16' as MessageBoxA:dword extrn '_exception_handler' as _exception_handler public _main section '.text' code readable executable _m…
-
- 31 replies
- 14.1k views
Most of us know there is one ID for each process, actually no, there is more than one. Very Simple and new for some users: 1- How many PID ( Process Identifier ) for each process? 2- Why windows task listing methods or enumerating methods deal with one PID (the first one of them) ? Regards Amer
-
How to get base / Olly 1 plugin?
by LCF-AT- 6 replies
- 8.9k views
Hi guy, I have only a short simple question.So I am working on Olly 1 plugin and now I see a problem about how to get the base of the file which was loaded in Olly.Just have seen this now during testing a dll file.So first I tried to use the Plugingetvalue API with VAL_MAINBASE paramter but there I get result 0 back if I have loaded a dll.So where can I catch the given base of the loaded process?On any ODBG export or is there any other Olly API etc? Thanks
-
How to make logic while coding??
by abhi93696- 2 replies
- 5.2k views
Hi everyone As the title depicts all!! Anyone willing to share his/her experience regarding this. All suggestions r welcomed!! Thank u in advance!
-
- 0 replies
- 4.3k views
.plt:002F1418 ; Processor : ARM .plt:002F1418 ; ARM architecture: ARMv7 .plt:002F1418 ; Target assembler: Generic assembler for ARM .plt:002F1418 ; Byte sex : Little endian i tried looking everywhere ,could anybody put some information on shared library headers , .so libs i actually need for the the processors we have ,dont know which bit defines what but i know 62 is for arm64 EDIT :-got the thing https://opensource.apple.com/source/dtrace/dtrace-90/sys/elf.h here for other people as well
-
HackChina.com - Open Source Projects Search Engine
by CodeExplorer- 1 reply
- 26.6k views
HackChina.com - Open Source Projects Search Engine Open Source Projects Search Engine Link: />http://www.hackchina.com/dlpre.php?lang=en&id=26873
-
HttpSendRequest problem
by LCF-AT- 7 replies
- 10.2k views
Hi guys, need again some help.I wanna access the internet again with specific set Header datas but this with WinInet functions.So before I always used WinSock or WinInet with InternetOpenUrl API and all was going good.But as I said I wanna send specific header datas and this I cant do with InternetOpenUrl API and have to use HttpOpenRequest / HttpAddRequestHeaders & HttpSendRequest APIs but I dont get it work. Example: https://google.com/imghp GET https://www.google.com/imghp HTTP/1.1 Host: www.google.com Connection: close User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1) TEST1 BYTE "Host: www.google.com", 13, 10 BYTE "…
-
- 2 replies
- 5.2k views
Hello, I am currently working on a paper on uac bypass I would like to show a proof of concept as well and of course I want to code it myself. I already found some great methods but they all require you to copy a file (usually a dll) to a protected location (usually system32) Of course I red everything about the greatest proof of concept currently available : uacme On the forum post the coder describes everything related to his findings and it's a great source. On this post : http://www.kernelmode.info/forum/viewtopic.php?f=11&t=3643&start=80#p28249 He describes a way to copy a file to a protected location without injection, but for some r…
-
Keygen tool debugging
by impossibletask- 7 replies
- 9.8k views
Hi everyone, Im very new to this and have read many docs...and i have infomation overload. I need some help with something which i have been trying to do but now a little confused. I think i have been reading too much things that are unrelated to my task, so im confused. Here is what i want to do. I have a keygen tool ...(for a android app license..fully working) that requires me to put in an IMEI of a phone. I put the IMEI number in the keygen and it generates 2 files that i need to put into the phone to make the app work. Now the app works fine after i put the license in ( generated by my tool). So what i want to do is see what the license gen tool …
-
- 9 replies
- 26.3k views
Hello, I'm trying to write some code to emulate an application that is using ZwCreateKey and ZwQueryValueKey My environment is: Windows 7 DDK 7.1 Visual Studio 2010 When I specify #include <Wdm.h> I get the following error ------ Build started: Project: MVL_0.1, Configuration: Debug Win32 ------ MVL_0.1.cpp c:\winddk\7600.16385.1\inc\ddk\wdm.h(54): fatal error C1083: Cannot open include file: 'ntdef.h': No such file or directory ========== Build: 0 succeeded, 1 failed, 0 up-to-date, 0 skipped ========== I am starting Visual Studio from within the: 'Win7 x86 Checked Build Environment' The Include Directories are: $(…
-
- 0 replies
- 4.4k views
Convert .NET is an integrated, powerful, multi-purpose conversion and developer tool (7-in-1) 多功能多用途轉換與開發工具, 整合七大主要項目超過二十項子功能, 操作簡易直覺無需任何學習 Version 7.9.6103 (2016/09/16), 2.00MB , History更新記錄 / Features軟體特色 / Feedback問題反饋 / License商業授權 Free for non-commercial, All-In-One, Portable, Single executable file, Easy to Use and Multlanguage 非商業下免費使用, 多合一, 綠色可攜, 單檔免安裝, 簡單易用, 多國語言介面, Supported Platforms支持平台 Windows All (x86/x64) , Requires軟體需求 .NET 4.5 Website: http://fishcodelib.com/Convert.htm
-
Ollydbg 2 plugin - How to display DialogBox
by HellRaider- 4 replies
- 6.2k views
I tried to create an olly2 plugin with msvc 2010. But I was unable to display a DialogBox,, even after trying. Can some one please look at the code and figure out the problem and help me display the DialogBox correctly.... Here's the code. main.c /* In OllyDbg 2.x the plugin exports are a mixture of _cdecl and _stdcall Cdecl functions can be declared in the DEF file as FunctionName@Ordinal Stdcall functions must be declared in the DEF file in the decorated format FunctionName@<number_of_parameter_bytes>@Ordinal DllEntryPoint ODBG2_Pluginquery() ->->->-> real entry point ODBG2_Plugininit() mainmenu[] -> function calls ODBG2_Pluginmen…
-
- 3 replies
- 4.9k views
what is this loop equivalent to in C++ / C language ? 2) what is this in reverse engineering mov edx, [eax+4] or mov edx, [eax]
-
how does 16 bit register works ?
by kb432- 6 replies
- 5.3k views
what is moving something to cl or ax or dl ? what does it mean ? i know it's 16 bit register. Can anyone give me an example so i understand better ? Thanks
-
Code cave in C++?
by kb432- 2 replies
- 5.3k views
How do i add an executable code / exe to another executable's body. So when the first file runs it will also execute the second files body from the first one? i have heard like code cave but with all modification. how do i do it ? In C or C++ programming language?
-
- 1 reply
- 4.3k views
1) cmp dword_4298B8, eax jnz short loc_xxxx dword_4298B8 is initialized as "dd ? " then how to compare with eax? dword_4298B8 ---> dd ? 2) Can you give me an example of array and accessing it and allocating it in ASM when i do reverse egnineering! Thanks 3) mov WORD PTR [ebx], 2 WHAT IS THIS ABOVE "WORD PTR" ?
