Programming and Coding
Programming and coding tips, help and solutions...
1,886 topics in this forum
-
Alternatives to JitHooking
by noob.exe- 4 replies
- 6.8k views
Yo, I am planning to code some method encryption, and I wanted to ask if there are alternatives to JitHooking. The problem is not hoe to encrypt/decrypt the methodbodys, - that's simple, the question is how I can detect the calls so I know when to decrypt. JitHooking is pretty unstable and might not work properly in future versions of the .Net FW. I am open for ideas and suggestions.
-
How deobfuscate crypto Obfuscator 2015?
by ismkdc- 1 reply
- 7.2k views
What can do any more? string decryp is given error unpackme.rar
-
change PE header in suspended process
by JustAGuy- 8 replies
- 6.8k views
It's possible to create suspended process, change for example entrypoint and when resumed it would start from changed EP? I have a non-working executable(wrong EP) idea is to modify PE header but only when it's loaded in memory. I used WriteProcessMemory api to write correct EP to header but when resumed, process crashes. WriteProcessMemory returns success, so problem must be somewhere else. Is it too late to modify header when the process is suspended? thanx in andvance
-
Help in converting C to Delphi pls
by kolynet- 6 replies
- 5.2k views
Hi all,I have a small poker odds calculator a free software and would like to implement it into my delphi application. (HandOdds class) where we input players hole cards, dead cards, etc. It will calculate the odds. Somehow i would like to call a class (in its DLL). OR just translate it to delphi style.Could someone help? I appreciate it !Here is the link to the source and binary of the calculator:https://mega.nz/#!wlAkUZbL!zj1A_GZE3kr1ib7mL4BdskeHAgh6u0j1bvtKiv2wPYY
-
[C#] Phoneix Protector de4dot code
by TheProxy- 3 replies
- 8.3k views
Hi im new to de4dot midding so when i finaly made this to work i wanted to share with ewryone Open De4Dot source (be shure that you can compile it Video //Credit to @li0nsar3c00l) Then go to de4dot.code/deobfuscators and create New Folder (Phoneix_Protector) and create 2 classes Deobfuscator.cs and StringDecrypter.csand paste this codeDeobfuscator.cs using System.Collections.Generic;using dnlib.DotNet;using de4dot.blocks;namespace de4dot.code.deobfuscators.Phoneix_Protector{ public class DeobfuscatorInfo:DeobfuscatorInfoBase { public const string THE_NAME = "Phoneix Protector"; public const string THE_TYPE = "pp"; const string DEFAULT_REGE…
-
Nice About Effect 2
by FudoWarez- 1 follower
- 12 replies
- 9.3k views
skull.zip
-
The Advanced Batch AI
by jahwi- 3 replies
- 5.5k views
hello guys! I've have been looking for a batch ai/chatbot for the last year. so I thought to myself: why not just make one? so I went ahead and did. please leave reviews,ratings comments etc. get it here:https://sourceforge.net/projects/meri/
-
- 1 follower
- 2 replies
- 4.6k views
I want to write a plugin that can set command line. The executable have some dynamic arguments ,so i decided to write a plugin. I browsed some apis from ollydbg plugin help, couldnot find .Or i missed something . Any hint , so appreciated . Thanks.
-
- 1 reply
- 4.1k views
I'm using plain C to call these functions of GDI+ ,and response WM_PAINT with this function ,the last call of GdipDrawImage returns 0, it means success ,but on my picture control I can not find my picture on it.source.txt
-
CaptureStackbackTrace
by Pancake- 1 reply
- 5.1k views
Hello. I was wondering how can i create a call stack to view the return addresses. So i found that fancy function, it worked prefrectly in one .exe, showing call stack up to ntdll but it does not show full backtrace when called from a hook. Sometimes it prints 1, 2, 3 addresses but i know how that program is working and the call stack is much bigger. The "Call Stack" function from olly shows exactly same not full result but i can view stack and see which address is a return address, but i cant dereference values from the stack to see if its a return address because i would crash on access vioaltion very quickly. How can i make it work properly?
-
PureBasic keygen template by [SST]
by Bilbardfayim- 0 replies
- 11.1k views
File Name: PureBasic keygen template by [sST] File Submitter: Bilbardfayim File Submitted: 11 Apr 2015 File Category: Source Code PureBasic keygen template by [sST] Click here to download this file
-
Creating and exe from zero
by Pancake- 4 replies
- 4.7k views
Hello everyone. Today i bumped onto one very crazy idea I am trying to preapre an exe file from scratch, not using any compiler, just create hex file. Im goin to create PE header, fill all values, create sections, directories, imports etc. So here comes my question. How much work has to be done to make windows loader successfully load the exe, map it and run the code inside? Is it only about creating the header with all its dependiences, or somehing more?
-
VirtualBox Hardened Loader x64 (kernelmode.info)
by Insid3Code- 2 replies
- 7.8k views
VirtualBox Hardened VM detection mitigation loader x64 from kernelmode.info.Step by step guide for VirtualBox Hardened (4.3.14+) VM detection mitigation configuring. http://www.kernelmode.info/forum/viewtopic.php?f=11&t=3478'>>http://www.kernelmode.info/forum/viewtopic.php?f=11&t=3478 https://github.com/hfiref0x/VBoxHardenedLoader'>>https://github.com/hfiref0x/VBoxHardenedLoader
-
[dotNet] How to patch the dngEXE?
by despy- 1 reply
- 5.3k views
exe is protected by dng3.68,unpack it using DNGuardHVMUnpacker, and it work well,but when i patch and save it in reflector,it show error. Round Trip with ILDASM ILASM fails: error -- Failed to open managed resource file '' error -- Failed to open managed resource file ' ' Output file contains errors ...... Now i want to add some codes in the exe ,what can i do ?
-
[Delphi Source]
by root- 2 replies
- 6.4k views
Hello, I decided to share some projects are difficult to find in Delphi.I hope it will be useful and that someone can improve - DbgThr - Fast and simple Debug in delphi - PE_LIB - library for manipulating File format PE32 / 64 - DAForge_IA - Artificial Intelligence in Delphi There is also another project(Private repository at this Moment), code generator based on nasm. It works very well but still is the first release and is to be tested and then I would also implement the syntax MASM. https://bitbucket.org/Pigreco6 Hello soon sorry for my bad english
-
[Q?][.NET] ByteArray in .bmp image
by Meteor2142- 2 replies
- 5.3k views
/del pls Full here bellow Sorry tuts is lagging
-
[C/C++] UACME (kernelmode.info)
by Insid3Code- 0 replies
- 8.2k views
Defeating Windows User Account Control from kernelmode.info.Defeating Windows User Account Control by abusing built-in Windows AutoElevate backdoor. http://www.kernelmode.info/forum/viewtopic.php?f=11&t=3643 https://github.com/hfiref0x/UACME
-
OllyDbg Plugin in C#
by li0nsar3c00l- 4 replies
- 5.4k views
Did anybody ever created plugins for ollydbg in c#? is it worth it to try, as im more experiecned with c#, or should i rather do it in c/c++? or is it easier for simple tasks to use scripts? if this is not the proper section, please move the thread
-
- 1 follower
- 12 replies
- 7.2k views
Source code in OOP C++ for the Windows PE. In the next post I will post the source code of the functions, in this one I will post the header of it. Note that the most of the functions are coded by steve10120, but I modified/added some things to make it work for x64 files too and for windows 7+. PE.h #ifndef PEH #define PEH #include <vcl.h> class PE_management { protected: HANDLE hOpenFile; HANDLE hOpenFileMapping; public: HANDLE hFile; PIMAGE_DOS_HEADER pIDH; PIMAGE_NT_HEADERS32 pINH; PIMAGE_SECTION_HEADER pIFS; PIMAGE_SECTION_HEADER sectionHeaderOfOEP; PIMAGE_IMPORT_DESCRIPTOR pIID; String fileName; unsigned int sizeOf…
-
[C#] Make Encoder from Decoder
by Meteor2142- 2 replies
- 4.7k views
Hello guys, Have a some problem, need to make an encoder code from decoder code. It's possible? Here it is: private static byte[] ByteArray = new byte[] { 198, 155, 210, 181, 170, 198, 80, 247, 165, 134, 249, 215, 18, 204, 212, 8, 71, 122, 144, 187, 164, 225, 159, 57 }; private static string Decoder(string MOLmemeNWSgZXjzu, byte[] VEuOxZqRKRisj) { byte[] array = Convert.FromBase64String(MOLmemeNWSgZXjzu); for (int i = 0; i < array.Length; i++) { for (int j = 0; j < VEuOxZqRKRisj.Length; j++) { array[i] ^= VEuOxZqRKRisj[j]; } } string text = ""; byte[] array2 = array; for (int k = 0; k < array2.Length; k++) { byte …
-
text selection color of an edit control
by qwsa21- 1 reply
- 6.8k views
hi all, i want to change the default text selection color of an edit control (which is blue) to another color. how can i do this? any help will be appreciated.
-
[C/C++ ] VMDE (kernelmode.info)
by Insid3Code- 0 replies
- 7.7k views
Virtual Machines Detection Enhanced from kernelmode.info Yes, as you've already noticed! I appreciate all projects coded by EP_X0FF https://github.com/hfiref0x/VMDE
-
More MetaBalls
by PeterPunk- 2 replies
- 11.4k views
Hi everyone, I was boring and I've coded a .dll in MASM32 to use the famous MetaBall effect on any language: MetaBalls.zip Also includes the source code and an example for some languages (MASM32, Delphi 7, VB6 and VB .NET). Maybe will be useful for someone. Regards. PS: Sorry for my English
-
DSEFix x64 (kernelmode.info)
by Insid3Code- 0 replies
- 18.3k views
Windows x64 Driver Signature Enforcement Overrider from kernelmode.info. Updated Source and binary: https://github.com/hfiref0x/DSEFix
-
My program will not run on win8
by Pancake- 4 replies
- 5.9k views
Hello. I created simple tray application wih options of showing a messagebox and launching one .exe in same folder as the tray app. But for some reason it shows some blue bar on windows8 saying it will not allow to open or smth like that... What may be the reason?
