Programming and Coding

Hi guys, I need some little help again.So I need to build a processlist to get shwon all running processes & to choose any process to read infos / change infos inside etc.Now the problem is that I dont get access to all running process from my system using OpenProcess API with PROCESS_ALL_ACCESS flag.So for almost the half processes I dont get access and get access denied back in eax.How to get access to all processes?OpenProcess API with that flag seems to be not enough in that case. greetz

Hi friends how to use SCSI_PASS_THROUGH_DIRECT structure in Masm ? i want read disk structure with this structure i have vb6 source , but i can not convert it to masm

Hi everybody, that was a long time that i didn't try to code anything. So sorry if there're stupid mistakes in my code. I try to have an assembly that modify itself at runtime For example, all Nop opcode becomes Ret opcode (don't try to find logic ) So i inject a method in the .cctor of the assembly. Here's the code : Assembly currentAssembly = Assembly.GetExecutingAssembly(); Type type = currentAssembly.GetType(); foreach(MethodInfo method in type.GetMethods()) { RuntimeHelpers.PrepareMethod(method.MethodHandle); byte[] iLAsByteArray = method.GetMethodBod…

Hi guys, I am looking for any API hook code / lib for MASM.So just wanna ask whether there is something to get or not.I cant find for example the MinHook lib but only for C++ again and not for MASM and before I start to write something by myself I do better ask before so maybe I can save the work for this.Maybe you know something I could use for MASM if there is something out. Thank you

How to Get Twitter, Facebook chat messages using C,C++ ? Thanks

I'm learning how C/C++ codes are translated into the assembly language by different compilers. I have following code: #include <cstdio> class Pie { double z; }; int main(){ Pie a = Pie(); Pie v = Pie(); Pie d = a; Pie b = Pie(); } Following is generated by GCC -m32 without optimization: main: push ebp mov ebp, esp push ecx sub esp, 32 lea ecx, [ebp+8] fldz fstp QWORD PTR [ebp-12] fldz fstp QWORD PTR [ebp-20] fld QWORD PTR [ebp-12] fstp QWORD PTR [ebp-28] fldz fstp QWORD PTR [ebp-36] …

Is there any book or articles about how C/C++ code is translated into assembly code? like how classes or structs, pointers, etc. are translated into an assembly code

Hi guys, so today I wanna ask some questions about subclassing again.So I thought I would know how to subclass correctly but before a few days I got some problems and now I think I dont know how to subclass correctly.So I have following problem now. I just created a dialog window and in this window to create just a simple static control and this I wanna subclass.So I just used CreateWIndowEx API to create static and right after this I used SetWindowLong API with the handle I got before for the static... invoke CreateWindowEx,0,chr$("STATIC"),NULL,WS_CHILD or WS_VISIBLE ,20, 20,200, 100,hWnd, 0,hInstance, 0 mov hWndStatic,eax invoke SetWindowLong,hW…

i made anti decompiler for my protector in other word IL codes is true but decompiler can't decompile it but my app have an exception exception : "Common Language Runtime detected an invalid program." how can i ignore the exception?

i create a loader in vb6 and it work but in purebasic not working this in vb6 Dim ProcExecS As Long ProcExecS = CreateProcess("File.exe", ByVal 0&, ByVal 0&, ByVal 0&, 1&, NORMAL_PRIORITY_CLASS, ByVal 0&, sNull, sInfo, pInfo) If ProcExecS Then WriteProcessMemory pInfo.hProcess, &H47DBF4, &HEB19, 2, 0& WriteProcessMemory pInfo.hProcess, &H47DBF4 + 2, &H9090, 2, 0& WriteProcessMemory pInfo.hProcess, &H47DBF4 + 4, &H9090, 2, 0& CloseHandle pInfo.hProcess End If this in PB ProcExecS = CreateProcess_("File.exe", $0, #NUL, #NUL, #False, NORMAL_PRIORITY_CLASS, #NUL, #NUL, @StartInfo, @ProcessInfo) If ProcEx…

How do I rewrite this code into high level language to have 4fa1 as a result. MOV EAX, 0x4ea1 MOV EDX. 0x8d4f OR AH, DL EAX = 0x4fa1 my half-solution so far 1. (a >> 8) = 0x4e 2. (d && 0xff) = 0x4f 3. a | d a = 0x4f how to make variable a = 0x4fa1 ? I understand what's wrong but have no idea how to fix it.

This is simple VM engine for Win32 x86 code virtualize, what can replace some machine command by own equal VM commands, so protected code can't run without external VM Engine. This project is only proof of concept, it be written for educational purposes. So, you can use it for fornication AV`s, reversers or FBI Example of use: Assembly litsing: ; SEH based VM Engine by Yattering, 2016 ; e-mail: yattering (at) sigaint (d0t) org ; jabber: yattering (at) xmpp (d0t) jp format MS COFF include 'sehvm.inc' extrn '__imp__MessageBoxA@16' as MessageBoxA:dword extrn '_exception_handler' as _exception_handler public _main section '.text' code readable executable _m…

Most of us know there is one ID for each process, actually no, there is more than one. Very Simple and new for some users: 1- How many PID ( Process Identifier ) for each process? 2- Why windows task listing methods or enumerating methods deal with one PID (the first one of them) ? Regards Amer

Hi guy, I have only a short simple question.So I am working on Olly 1 plugin and now I see a problem about how to get the base of the file which was loaded in Olly.Just have seen this now during testing a dll file.So first I tried to use the Plugingetvalue API with VAL_MAINBASE paramter but there I get result 0 back if I have loaded a dll.So where can I catch the given base of the loaded process?On any ODBG export or is there any other Olly API etc? Thanks

Hi everyone As the title depicts all!! Anyone willing to share his/her experience regarding this. All suggestions r welcomed!! Thank u in advance!

.plt:002F1418 ; Processor : ARM .plt:002F1418 ; ARM architecture: ARMv7 .plt:002F1418 ; Target assembler: Generic assembler for ARM .plt:002F1418 ; Byte sex : Little endian i tried looking everywhere ,could anybody put some information on shared library headers , .so libs i actually need for the the processors we have ,dont know which bit defines what but i know 62 is for arm64 EDIT :-got the thing https://opensource.apple.com/source/dtrace/dtrace-90/sys/elf.h here for other people as well

HackChina.com - Open Source Projects Search Engine Open Source Projects Search Engine Link: />http://www.hackchina.com/dlpre.php?lang=en&id=26873

Hi guys, need again some help.I wanna access the internet again with specific set Header datas but this with WinInet functions.So before I always used WinSock or WinInet with InternetOpenUrl API and all was going good.But as I said I wanna send specific header datas and this I cant do with InternetOpenUrl API and have to use HttpOpenRequest / HttpAddRequestHeaders & HttpSendRequest APIs but I dont get it work. Example: https://google.com/imghp GET https://www.google.com/imghp HTTP/1.1 Host: www.google.com Connection: close User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1) TEST1 BYTE "Host: www.google.com", 13, 10 BYTE "…

Hello, I am currently working on a paper on uac bypass I would like to show a proof of concept as well and of course I want to code it myself. I already found some great methods but they all require you to copy a file (usually a dll) to a protected location (usually system32) Of course I red everything about the greatest proof of concept currently available : uacme On the forum post the coder describes everything related to his findings and it's a great source. On this post : http://www.kernelmode.info/forum/viewtopic.php?f=11&t=3643&start=80#p28249 He describes a way to copy a file to a protected location without injection, but for some r…

Hi everyone, Im very new to this and have read many docs...and i have infomation overload. I need some help with something which i have been trying to do but now a little confused. I think i have been reading too much things that are unrelated to my task, so im confused. Here is what i want to do. I have a keygen tool ...(for a android app license..fully working) that requires me to put in an IMEI of a phone. I put the IMEI number in the keygen and it generates 2 files that i need to put into the phone to make the app work. Now the app works fine after i put the license in ( generated by my tool). So what i want to do is see what the license gen tool …

Hello, I'm trying to write some code to emulate an application that is using ZwCreateKey and ZwQueryValueKey My environment is: Windows 7 DDK 7.1 Visual Studio 2010 When I specify #include <Wdm.h> I get the following error ------ Build started: Project: MVL_0.1, Configuration: Debug Win32 ------ MVL_0.1.cpp c:\winddk\7600.16385.1\inc\ddk\wdm.h(54): fatal error C1083: Cannot open include file: 'ntdef.h': No such file or directory ========== Build: 0 succeeded, 1 failed, 0 up-to-date, 0 skipped ========== I am starting Visual Studio from within the: 'Win7 x86 Checked Build Environment' The Include Directories are: $(…

Convert .NET is an integrated, powerful, multi-purpose conversion and developer tool (7-in-1) 多功能多用途轉換與開發工具, 整合七大主要項目超過二十項子功能, 操作簡易直覺無需任何學習 Version 7.9.6103 (2016/09/16), 2.00MB , History更新記錄 / Features軟體特色 / Feedback問題反饋 / License商業授權 Free for non-commercial, All-In-One, Portable, Single executable file, Easy to Use and Multlanguage 非商業下免費使用, 多合一, 綠色可攜, 單檔免安裝, 簡單易用, 多國語言介面, Supported Platforms支持平台 Windows All (x86/x64) , Requires軟體需求 .NET 4.5 Website: http://fishcodelib.com/Convert.htm

I tried to create an olly2 plugin with msvc 2010. But I was unable to display a DialogBox,, even after trying. Can some one please look at the code and figure out the problem and help me display the DialogBox correctly.... Here's the code. main.c /* In OllyDbg 2.x the plugin exports are a mixture of _cdecl and _stdcall Cdecl functions can be declared in the DEF file as FunctionName@Ordinal Stdcall functions must be declared in the DEF file in the decorated format FunctionName@<number_of_parameter_bytes>@Ordinal DllEntryPoint ODBG2_Pluginquery() ->->->-> real entry point ODBG2_Plugininit() mainmenu[] -> function calls ODBG2_Pluginmen…

what is this loop equivalent to in C++ / C language ? 2) what is this in reverse engineering mov edx, [eax+4] or mov edx, [eax]

what is moving something to cl or ax or dl ? what does it mean ? i know it's 16 bit register. Can anyone give me an example so i understand better ? Thanks