Programming and Coding
Programming and coding tips, help and solutions...
1,885 topics in this forum
-
- 8 replies
- 16.9k views
I try to compile the code from Delphi XE for android but it takes a long time and heavy because my PC specs are not too good, so I had to cancel, so I download Genymotion to try android application on my PC because it is very light. how to connect Delphi XE 8 to Genymotion as android emulator? and what emulator for iOS / iPhone / iPad / OSX are small and lightweight to test iOS applications? I downloaded iPadian but I do not know if this could be used to try the iOS app?! ... and I do not have an iOS device (iPhone / iPad or Mac etc). thx b4
-
AsmPointers (source code C#)
by CodeExplorer- 1 reply
- 12.1k views
AsmPointers (source code C#): AsmPointers will enumerate all assemblies and modules and will eventually call mbase.MethodHandle.GetFunctionPointer() for each method of a module.For testing purpose change in Program.cs: /// <summary> /// Program entry point. /// </summary> [sTAThread] public static void Main(string[] args) { string target = @"D:\\ModuleToAssembly.exe"; Assembly asm = Assembly.LoadFile(target); SendToJit.SendModuleToJit(asm.ManifestModule);the line string target = @"D:\\ModuleToAssembly.exe"; shoul be changed to load your simple assembly, for testing purpose only. And the program will on…
-
[c++]Problem with convert EAX
by baruch- 7 replies
- 12.9k views
Hi all! I try to do the keygen: "2. Keygenning tut KeyGenMe_#1_cLoNeTrOnE TeAm FOFF" from the link : https://forum.tuts4you.com/topic/36362-all-my-keygenning-tuts/?hl=%2Bkeygening+%2Btut There was a moment which register EAX equal to : 00000275 (in my case).[its just take the string "baruch" and conclude every char] And then was check : if(EAX == 00000275). Now in my C++ program ,i have integer called "sum" which equal to 275. The question is how i convert that number? I mean ,i need 00000275 not 275,so how i convert from "integer look" to "register look"? of course i can do very long way : 1.check the length of sum==3 2.do loop from 0 to 5 and fil…
-
My debugger loads dll too late
by Pancake- 13 replies
- 6.4k views
Hello So today i decided to create own debugger for own use, everything works just fine btu as we all know the anti-debug tricks have to by bypassed. So i created my Fix.dll which fixes the peb and hooks far jump (currently only for wow64). It works like a charm and spoofs the Zw* functions output, but the problem is that the dll is loaded too late.. After receiving the first debug meesage which is obviously CREATE_PROCESS_DEBUG_EVENT i get the EIP, LoadLibraryA address and then inject payload which loads my Fix.dll (i coped the shellcode from StrongOD). So it calls LoadLibraryA for my dll and returns to the original EIP, continuing execution properly without any…
-
PortEx: Library for Static Analysis of PE Files
by Struppigel- 0 replies
- 6.4k views
What is PortEx?PortEx is a library aimed at Java developers and reverse engineers. It enables you analyse Portable Executable files (e.g. EXE, DLL files) and has a special focus on malware analysis. In addition to just viewing a lot of file format information it provides tools that help you with reverse engineering or malware analysis. PortEx is written in Scala and Java.PortEx is free, open source and still in heavy development. Although I made Unit Tests for the most parts of the code there might still be bugs.Features Reading header information from: MSDOS Header, COFF File Header, Optional Header, Section Table Reading standard section formats: Import Section, Resou…
-
Skinning GUI in PureBasic keygen Example
by Bilbardfayim- 2 replies
- 8.5k views
Skinning GUI in PureBasic keygen Example https://forum.tuts4you.com/gallery/image/443-srn/ KEYGEN_EXAMPLE.rar
-
OllyDbg 1.10 plugin API (CHM format)
by RaMMicHaeL- 0 replies
- 8.2k views
File Name: OllyDbg 1.10 plugin API (CHM format) File Submitter: RaMMicHaeL File Submitted: 08 Aug 2015 File Category: Source Code The OllyDbg 1.10 plugin API manual in CHM format. Click here to download this file
-
another keygen template
by Jowy- 3 replies
- 8k views
here is another a keygen template by me thanks to xsp1d3r for the gfx hope u like it
-
help me des SSL library,THK Y.
by diskgetor- 3 replies
- 9.8k views
look here des soure: https://tls.mbed.org/des-source-code now i write code for DES ECB ENCODE: des_const des: setkey : des_crype_ecb(&des,input,output); now,encode was ok,but how i write the DES ECB decode codes?
-
[dnlib] .Net Renamer problem
by Sniper.ps- 5 replies
- 12k views
Hello Guys I am gonna to make a simple renamer for .Net Apps .. the problem is : after rename the (modules, types,methods .. etc) the file is not working this is the code which i am using private void button1_Click(object sender, EventArgs e) { Rename(AssemblyDef.Load("C:\\MyApp.exe")); } public void Rename(AssemblyDef AsmDef) { int xMod = 0; int xType = 0; int xMethod = 0; int xParameter = 0; int xField = 0; int xProperty = 0; foreach (ModuleDef ModDef in AsmDef.Modules) { ModDef.Na…
-
- 12 replies
- 7.3k views
Hello eveyone , i was coding an obfuscator , everything is working good , but when i start to deobfuscate , it says value does not fall within the expected range , can someone help me please , here is the code Private Sub DesignButton8_Click(sender As Object, e As EventArgs) Handles DesignButton8.Click Try Dim S As New SaveFileDialog S.Filter = "|*.exe" If S.ShowDialog = vbOK Then If Protectpart2() = True Then ASM.Write(S.FileName) MsgBox("Sucessfully Obfuscated at: " & vbCrLf & S.FileName, MsgBoxStyle.Information) Else Exit…
-
Syscall notification
by Pancake- 1 reply
- 5.1k views
Hello. Im developing a bot to game, and tryin to be as stealthy as possible i planned to do some stuff in kernel. On x32 it was pretty easy to hook ssdt, and it was basically it, but on x64 things are different. I know the patchguard limitations, and i cant find way to intercept the syscalls. I want to hide and preserve debug registers because im using HWBPs to intercept game loops (i know i can do it usermode, but i want the stronger way), inject the implant botting code and control it from driver (already managed to do it). The only "legal" way to get notified was ObRegisterCallbacks but it works only for process creation and some other operations with handle, i digged …
-
- 1 reply
- 4.5k views
my unfinished project 2011, maybe you like it http://www.4shared.com/zip/G2piRjSfce/ZS_Ascii_Maker_Source_Code_.html
-
- 5 replies
- 5.3k views
Hello. Im tryin to filter out clicks which are comin for external applications and not user himself. I tried GetAsyncKeyState, GetKeyState or GetKeyboardState, watched the LPARAM and WPARAM in SetWindowsHook and it seems that automated keystrokes are the same as the usermade... I wonder how some games detect the fake input, any ideas?Greetz
-
Nice About Effect
by FudoWarez- 22 replies
- 16.9k views
enjoy!!! about.zip
-
- 9 replies
- 5.3k views
Hello. I got a function which returns hash from const char*, and obviously the same input gives same 32 byte hash. My problem is that after compilation program recounts the hash everytime, is it possible to tell compiler to count it during compilation time and just save the hash value? Im creating wrappers for common functions like getmodulehandle, getprocaddress etc with PE parsing, and the problem is that such piece of code for example myGetModuleHandle(hash("kernel32.dll")) generates assembly which counts the const char* hash everytime, and i would like the compiler to make it myGetModuleHandle(0xdeadbeef) where its the counted hash. How can i achive that?
-
Searching flash/actionscript loaded object
by bytesnake- 0 replies
- 5.9k views
hi guys First of all, I hope I started this new thead on thew right spot... I'm looking for windbg/OllyDbg/idapro script which can be use to print or get memory location of flash/actionscript loaded object such as Vector, Array, String object, etc...Also other then script, I am looking the tutorial to print or get memory location of flash/actionscript. Or any tutorial to get flash/actionscript object memory layout I need this info so I can dump or see flash/actionscript object memory layoutI read and tryed various tutorial including the one on CoreLan Website Still I just cannot find it. I watched Heap Inspector videoo too, But Im stuckedI m stucked, I REALLY need…
-
size of the code after compilation
by JustAGuy- 18 replies
- 5.7k views
Hi, is it possible somehow to get size or end address of a procedure, preferably without modifying procedure itself? e.g: Procedure Asem; begin asm mov eax, 5; add eax,8 shl eax,1 end; end; I want from my application determine size(number of bytes) of its own procedure, let's say, when I press a button. It's quite easy by using pointers to get start address of first line mov eax, 5, but how to get address of the last line(eventually RET)? For the sake of simplicity let's say the procedure is pretty simple with only one exit point and no external jumps outside of itself.
-
[dnlib] Injecting class with method.
by IllusiveMan- 1 reply
- 11.3k views
Hello guys. I have some problems with injecting new class with one method inside it. Basicly this class is placed in my project and i need to insert it in assembly using dnlib, then call the method from it from constructor. My code sample: AssemblyDef assembly = AssemblyDef.Load(FilePath); ModuleDef module = assembly.Modules[0]; Importer importer = new Importer(module); // Create new importer. IMethod meth = importer.Import(typeof(MyClass).GetMethod("Initialize")); // Trying to import initialization method and then place it into a new class. TypeDef type = new TypeDefUser("NewClass"); // Creating new type. type.Attributes = TypeAttributes.Class; // Setting class …
-
File Encoder using key in byte array [C#]
by Meteor2142- 4 replies
- 5k views
Hello guys! I'm now on finding out how cryptor works (more on my previous topic) So there is some stub, with randomly generated method names, and randomly generated byte array that crypts the file: Sample of decryptin code: string text = (string)ResourceManager...byte[] array = new byte[text.Length];// and decrypt method string text = (string)resourceManager.GetObject(...... //using the string from crypted resources (i dont how its even store in resouces like that) byte[] array = new byte[text.Length]; for (int i = 0; i < text.Length; i++) { array[i] = (byte)text[i]; // decryption }//the most simple maybe... how to make encoder from this? …
-
- 9 replies
- 5k views
Hi, here's another player lib, and I guess it comes with one of the best compromises between audio quality and size. The sound is awesome, but don't get fooled by the size of the included sound module examples (.ptp files), because they already come in a ready-to-get-compressed format. Check out the homepage for further info: http://code.google.com/p/protrekkr/ All credits to hitchhikr ofc.. a real magician. (Find some of his demos, if you don't know this guy yet.) And again thanks to eNeRGy/dAWN for the hints and the static lib! So here's the static lib and some example code in asm: PtkReplay.7z cheers
-
[VB.NET] Help me Mysql Connect
by CodeEnding- 3 replies
- 5.6k views
I can Use Cheat Engine Scan String password found . How can I protect Thank you
-
PureBasic patch template with crc check by [SST]
by Bilbardfayim- 1 reply
- 4.6k views
File Name: PureBasic patch template with crc check by [sST] File Submitter: Bilbardfayim File Submitted: 11 Apr 2015 File Category: Source Code PureBasic patch template 2 with crc check by SST Click here to download this file
-
- 10 replies
- 9.9k views
Hello, I am trying to debug/reverse engineer a program made in delphi, using x32dbg. This program use madExcept (which replace the default Delphi exception manager). If i put a breakpoint somewhere in the debugger, when it ran over the breakpoint, it does not break in the code, instead madExcept kicks in and the application show an error message : This is nice because the "bug report" can show me a stack trace and also a disassembly with full methods names It does not however , stop and break in the x32_dbg debugger (which i really want to), and thus does not allow me to run the program step by step. In the disasm window (…
-
Alternatives to JitHooking
by noob.exe- 4 replies
- 6.7k views
Yo, I am planning to code some method encryption, and I wanted to ask if there are alternatives to JitHooking. The problem is not hoe to encrypt/decrypt the methodbodys, - that's simple, the question is how I can detect the calls so I know when to decrypt. JitHooking is pretty unstable and might not work properly in future versions of the .Net FW. I am open for ideas and suggestions.
