Programming and Coding
Programming and coding tips, help and solutions...
1,882 topics in this forum
-
- 1 reply
- 5.2k views
Hi guys, I'm analyzing some shellcodes and therefore I'm using sctest for visualization. I recreated a hello_world.nasm file which uses sys_write to print string 'Hello World' and then sys_exit to exit the program but I can't create a graph file. The .dot file seems corrupted. root@pcfx:~/shellcode/shell_hello_world# cat hello_world.nasm ; Filename: hello_world.nasm ; Author: PCFX ; Description : ; BITS 32 global _start section .text _start: jmp short message GOBACK: xor eax, eax xor ebx, ebx xor edx, edx mov al, 0x4 mov bl, 0x1 pop ecx mov dl, 0xc int 0x80 xor eax, eax xor ebx, ebx mov al, 0x1 int 0x80 message: call GOBACK d…
-
WriteProcessMemory alternative
by GautamGreat- 12 replies
- 7.6k views
Hello. I was thinking is there any alternative way to patch process memory without using WriteProcessMemory API? Actually I know crackers can get my patched bytes by just putting a bp on WriteProcessMemory so I want to know is there any other way to handle this? Hope for the Best
-
what's the price of firewall
by kb432- 0 replies
- 7.7k views
what would be the costs of firewall (ring0) ? (source code) Windows firewall.
-
- 2 replies
- 4.3k views
Hi, i wrote a simple shellcode which executes /sbin/shutdown via sys_execve. When I execute it in my Ubuntu VM it doesn't shutdown completely but remains in the 'shutdown state' (see attachement). My shellcode length is 51 bytes. I also tried a shellcode example from shell-storm.org which is 56 bytes, but the result was the same. Also I think the following 3 lines (5 bytes) in shell-storm shellcode are not necessary but I might be wrong.. 8048062: 31 d2 xor edx,edx 8048069: 89 e7 mov edi,esp 804808f: 56 push esi EDIT: Hm well i guess it's necessary to xor edx register becaus…
-
Trivial C runtime. Linker error
by Loizos- 2 replies
- 4.6k views
I am giving a shot on BigBoote's tutorial "Writing your own packer". Right at the beginning of the project I ran into linking problems. As a result of not using the default libraries(on purpose) , the linker complains about the unresolved external symbol __ DllMainCRTStartup@12 In order to fix the linking error the author suggested on replacing the DllMain function with DllMainCRTStartup.He claims that this will fix the linker's error and at the same time be the EP.I've tried replacing the Boiler-Plate DllMain function with the DllMainCRTStartup but the problem is still there.I have done my research and I can't seem to find anyone tha…
-
[C#] How to convert 1D List to 2D List
by Perplex- 0 replies
- 4.4k views
The correct approach convert 1D List to 2D List (Randomly)? Please look at the my approach is correct ? List<Tuple<object, object, object>> OneDimensionalLists = new List<Tuple<object, object, object>>(); List<List<Tuple<object, object, object>>> TwoDimensionalLists = new List<List<Tuple<object, object, object>>>(); int i1 = 0; for (int i = 0; i < OneDimensionalLists.Count; i++) { TwoDimensionalLists.Add(new List<Tuple<object, object, object>>()); var random = new Random(seed); int next …
-
Missing byte in shellcode
by pcfx- 8 replies
- 13.7k views
I'm working on a very simple shellcode encoder. It takes an existing shellcode and adds a continuing number on every even position in the shellcode. The shellcode i want to encode is a simple execve -> /bin/sh shellcode: \x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3\x50\x89\xe2\x53\x89\xe1\xb0\x0b\xcd\x80 Encoded: \x31\x01\xc0\x02\x50\x03\x68\x04\x2f\x05\x2f\x06\x73\x07\x68\x08\x68\x09\x2f\x0a\x62\x0b\x69\x0c\x6e\x0d\x89\x0e\xe3\x0f\x50\x10\x89\x11\xe2\x12\x53\x13\x89\x14\xe1\x15\xb0\x16\x0b\x17\xcd\x18\x80\x19 Here is my decoder stub: global _start section .text _start: jmp short call_shellcode decoder: pop esi …
-
Function hooking on x64
by Netskyes- 10 replies
- 14.4k views
I'm trying to understand how hooking in general works, targetting x64 application. (As I'm totally beginneer, some questions might make no sense) 1. Is using assembly required to hook a function? (As inline assembly isn't supported) 2. What is the difference between jump and a trampoline? 3. Is the process of hooking procedure on x64 different? 4 - What does the following byte array actually represents? (Is it different on x64) BYTE jump[6] = { 0xe9, 0x00, 0x00, 0x00, 0x00, 0xc3 }; 5 - When finally writing to process, do we overwrite the original? ----- So if I understand correctly. (Few steps) Define original functions structure:…
-
Memory, DLL Injection C++
by Netskyes- 4 replies
- 5.5k views
Hi, I'm quite new to reverse engineering and C++. I've made an injector and I have a couple of questions regarding DLL operations. (I'm quite confused, so please be kind incase I ask something that makes no sense) Can I directly just access memory addresse's? (Or might require to execute VirtualProtect?) Lets say this address 0x140050D9E contains some data or a function, how could I read it? (Things I've heard that confuses me... base address, offset?) Appreciate it, thanks!
-
- 1 follower
- 1 reply
- 4.1k views
now . i want to ask how to make serial monitor like a eltima software ? any body know how to make it ?
-
SOLVED
by w0rm- 0 replies
- 12.5k views
SOLVED!
-
SOLVED
by w0rm- 0 replies
- 3.8k views
SOLVED
-
How to clone Memory ?
by w0rm- 6 replies
- 7k views
C++ windows how to Clone RAM ( Memory )? using API or is there any way ? Any help appreciated!
-
How to clone HDD ?
by w0rm- 0 replies
- 9.7k views
How to Clone HDD on windows x86 in C++ programming language ? Thanks NOTE: like "HDD Raw Copy Tool" does !
-
- 10 replies
- 7.5k views
hi, how to make for insert music .xm or mod in a keygen for visual basic 2005 o .net..sorry :biggrin: Sorry but I do not speak very well the Englishman An example of code it's very well
-
Few dot Net applications!
by Kick- 0 replies
- 7.5k views
Can anyone name a few application now in wild and built in using .Net ? just a couple of professional application now popular or not popular. Thanks
-
- 6 replies
- 4.4k views
I want to optimize the performance of my current web scrapper and make it as fast as my competitor's scrapper. The issue I'm facing is when user starts scrapping the site for booking process the book now link is not coming in response while in competitor's application it comes in very first second from heavily loaded web site. Please send me only professional developers and web scrappers. i am ready to pay . Thanks Kate
-
Any Tutorials For Calling Functions? 1 2
by GNIREENIGNE- 43 replies
- 16.3k views
Does anyone know of any good tutorials that show you how to properly call a function (e.g. satisfy all of the parameters of the call, stack allocation and cleanup etc.)? I've noticed a few items in some popular debuggers that might be used for this purpose, but I'm not sure about it. Thanks.
-
- 2 replies
- 5k views
DUE TO COPY RIGHT AND PRIVACY REASON THE THREAD HAS BEEN REMOVED
-
Delphi - Image move inside form coordinates.
by SHKODRAN- 1 reply
- 6.3k views
Hello everybody. I have created a small application, which should move images so smoothly into the desktop coordinates. I was wondering how can I limit that the image remains inside the desktop? I have try like that to move the image: procedure TForm1.Timer1Timer(Sender: TObject); Var X, Y :Integer; begin X:= random(2+1); Y:= random(2+1); Image1.Left:= Image1.Left + X; Image1.Top:= Image1.Top + Y; Image1.Refresh; end; Any help is appreciated. Thanks.
-
Branching in Assembly
by 0nion- 1 reply
- 6k views
If ( a == b ) { /////// } This above code block in assembly as JE and The Following one, if ( a != b ) { //////// } JNE ?
-
CPU "Features"
by ixiodor- 8 replies
- 11k views
Hi guys, I heared about DENUVO that uses a CPU bound code to make it harder to crack, some code that run only on your CPU. So i was looking for some nice trick and testings tring to emulate that. I started using CPUD changing values in EAX, my curiosity was on: MOV EAX, 0Bh CPUID This give me some values, including in EDX wich core is executing that CPUID. (core1 - core2 etc) BUT i found this "feature" , if you do: MOV ECX, 100h MOV EAX, 0Bh CPUID You reset all your registers and you get only a value in EDX, where is showed your current core... Is that normal?? I have a i7-2600, can someone with different CPU try if have same results?
-
- 7 replies
- 6.1k views
Hi guys, I'm happy to announce the release of my new disassembler called UnivDisasm. It support both x86 and x86-64 ,Intel and AMD. It support mostly all instructions found in Intel and AMD doc,including: FPU,MMX,SSE,SSE2,SSE3,SSSE3,SSE4.1,SSE4.2,SSE5,3DNOW,AVX,AVX2 ,FMA,FMA4. *AES, MPX, F16C, TSX, VME, BMI, BMI2 … *AVX512F, AVX512BW, AVX512CD, AVX512DQ, AVX512ER, AVX512PF, AVX512VBMI, AVX512IFMA. -REX,DREX,VEX,EVEX,XOP encoding support. -Intel enhancement syntax: Masking, Zeroing, Rounding, Broadcasting. -Support for VSIB memory addressing. -Support Compressed displacement called disp8*N. -Customized: UnivDisasm has an open architecture allowing for easy to…
-
So I want to write a virtualizer
by Pancake- 18 replies
- 8.8k views
Hello. Id like to create my code virtualizer, something similar to VMP, but Im havin some issues. Studying the old (1.7) vmp virtualization got the idea - you get the original bytes and encrypt/store inside VM section and place a jump to prepared piece of code which pushes onto stack EFlags, 8 registers and unique value which contains encrypted pcode pointer. Then such prepared context jumps into virtual machine. And here the vm gets byte from pcode, decrypts, finds case in switch table and executes it and so on. So after thinking for a long time i got problem emulating the stack. The original function's stack looks like that esp -> return address, esp + 4 -&…
-
Added instruction without operand in dnlib
by Perplex- 3 replies
- 5.2k views
How to add instruction without operand in dnlib, For example I wanted add Call opcode without operand, Is it possible?
.jpg.9b3cc680c1cdb8790b30581febacd2e2.thumb.jpg.c96ae0ad250649f0534379582bd0406e.jpg)
