Programming and Coding
Programming and coding tips, help and solutions...
1,893 topics in this forum
-
OllyDbg Plugin in C#
by li0nsar3c00l- 4 replies
- 5.7k views
Did anybody ever created plugins for ollydbg in c#? is it worth it to try, as im more experiecned with c#, or should i rather do it in c/c++? or is it easier for simple tasks to use scripts? if this is not the proper section, please move the thread
-
- 1 follower
- 12 replies
- 7.6k views
Source code in OOP C++ for the Windows PE. In the next post I will post the source code of the functions, in this one I will post the header of it. Note that the most of the functions are coded by steve10120, but I modified/added some things to make it work for x64 files too and for windows 7+. PE.h #ifndef PEH #define PEH #include <vcl.h> class PE_management { protected: HANDLE hOpenFile; HANDLE hOpenFileMapping; public: HANDLE hFile; PIMAGE_DOS_HEADER pIDH; PIMAGE_NT_HEADERS32 pINH; PIMAGE_SECTION_HEADER pIFS; PIMAGE_SECTION_HEADER sectionHeaderOfOEP; PIMAGE_IMPORT_DESCRIPTOR pIID; String fileName; unsigned int sizeOf…
-
[C#] Make Encoder from Decoder
by Meteor2142- 2 replies
- 5.1k views
Hello guys, Have a some problem, need to make an encoder code from decoder code. It's possible? Here it is: private static byte[] ByteArray = new byte[] { 198, 155, 210, 181, 170, 198, 80, 247, 165, 134, 249, 215, 18, 204, 212, 8, 71, 122, 144, 187, 164, 225, 159, 57 }; private static string Decoder(string MOLmemeNWSgZXjzu, byte[] VEuOxZqRKRisj) { byte[] array = Convert.FromBase64String(MOLmemeNWSgZXjzu); for (int i = 0; i < array.Length; i++) { for (int j = 0; j < VEuOxZqRKRisj.Length; j++) { array[i] ^= VEuOxZqRKRisj[j]; } } string text = ""; byte[] array2 = array; for (int k = 0; k < array2.Length; k++) { byte …
-
text selection color of an edit control
by qwsa21- 1 reply
- 7.1k views
hi all, i want to change the default text selection color of an edit control (which is blue) to another color. how can i do this? any help will be appreciated.
-
[C/C++ ] VMDE (kernelmode.info)
by Insid3Code- 0 replies
- 8k views
Virtual Machines Detection Enhanced from kernelmode.info Yes, as you've already noticed! I appreciate all projects coded by EP_X0FF https://github.com/hfiref0x/VMDE
-
More MetaBalls
by PeterPunk- 2 replies
- 11.7k views
Hi everyone, I was boring and I've coded a .dll in MASM32 to use the famous MetaBall effect on any language: MetaBalls.zip Also includes the source code and an example for some languages (MASM32, Delphi 7, VB6 and VB .NET). Maybe will be useful for someone. Regards. PS: Sorry for my English
-
DSEFix x64 (kernelmode.info)
by Insid3Code- 0 replies
- 18.8k views
Windows x64 Driver Signature Enforcement Overrider from kernelmode.info. Updated Source and binary: https://github.com/hfiref0x/DSEFix
-
My program will not run on win8
by Pancake- 4 replies
- 6.2k views
Hello. I created simple tray application wih options of showing a messagebox and launching one .exe in same folder as the tray app. But for some reason it shows some blue bar on windows8 saying it will not allow to open or smth like that... What may be the reason?
-
Bitwise rotation with C/C++ and Delphi
by ghandi- 10 replies
- 13.5k views
Hi all, I posted this topic over on ARTeam forum and thought that maybe someone might find this useful here also? If not, disregard this post and forget you ever read it, . I recently tried converting some of my assembler code across to C and Delphi and it required bitwise rotations. Although the C compiler will optimise in rotations, natively they are not accessible that i am aware of. To use them you either have to use intrinsics or inline assembler, the other option is to define macros which use bitwise SHL/SHR and and OR to achieve a psuedo-rotation. I'm not sure whether or not the Delphi 7 compiler will place rotations in, but i know you can use inline assembler or…
-
Using RtlAdjustPrivilege to detect debugger.
by Insid3Code- 8 replies
- 9.6k views
A basic way using RtlAdjustPrivilege to detect the debugger (OllyDbg and IDA demo 6.6)As usually but not (enabled by default) for all debugger, the Debugger must acquiring debug privilege to work with its complete capacity. The snippet is simple and probably already used but I write it as simple as possible to get a clear ASM code inside the debugger.RtlAdjustPrivilege: Enables or disables a privilege from the calling thread or process. NTSTATUS RtlAdjustPrivilege ( ULONG Privilege, //[In] Privilege index to change. BOOLEAN Enable, //[In] If TRUE, then enable the privilege otherwise disable. BOOLEAN CurrentThread, //[In] If TRUE, then enable in…
-
- 2 replies
- 4.7k views
how can i get ECC RSA DES DSA MD5 BASE64 C OR C++ SOUCE?
-
Remove space
by javed- 0 replies
- 7.7k views
Remove space from a string in php without using any php function.
-
reduce exe size in visual studio
by Dickyb0b- 4 replies
- 8.9k views
i cant seem to reduce my exe size that was built with VS 2010, ive followed many guides and everytime my file is 51kb and all it does is MessageBoxA I have followed this guide from start to finish http://linkyzer0.com/papers/Decrease_WinCppProject_FileSize.pdf what am i doing wrong ?
-
- 16 replies
- 7.3k views
Hello everybody : ) I am looking for a good guide for learning assembly x86, so that later I could learn reverse engineering. I have a limited knowledge of assembly, and I could solve easy/medium Crackme,I solved several from: HackThisSite and etc.. When I open debuggers/disassembler and trying to solve, I understand that the main part, but there are parts of the margin (less important) that I do not understand, so I want to learn assembly in a "pure" so I know it everything. Can you recommend me a book / website that teaches assembly x86 ?
-
Search n Replace byte VB.net
by andrextrap- 1 reply
- 7.6k views
i will make patch with vb.net but i dont know how read or write sepecific bytes ex: &HF7, &HD8, &H1B, &HC0, &H40, &H89, &H45, &HE0 i want to change &H1B to &H33 and &H40 to &H90 but skip other byte ( Skip(HF7),Skip(HD8), patch(H1B),Skip(HC0), Patch(H40), skip skip skip) like in uPPP search : F7 D8 1B C0 40 89 45 E0 Replace .. .. 33 .. 90 .. .. .. Private Shared ReadOnly PatchFind As Byte() = {&HF7, &HD8, &H1B, &HC0, &H40, &H89, &H45, &HE0} Private Shared ReadOnly PatchReplace As Byte() = {&HF7, &HD8, &H33, &HC0, &H90, &H89, &H…
-
Code one asm thing in cpp
by Pancake- 1 reply
- 12.2k views
Hello. I recently started reading about anti debug, found great reference with tons of great ideas, but i cant get one to work. http://anti-reversing.com/Downloads/Anti-Reversing/The_Ultimate_Anti-Reversing_Reference.pdf The one i want to try is "Instruction counting", page 30. Most of them work simply by copying asm code int __declspec(naked) but this oen is different, and i couldnt get it to work this way, and i dont have experience in using structured exceptin handlers. Could someone try to rewrite this small piece of code? Please? Thanks in advance
-
MD5 in Delphi 7?
by Artic- 12 replies
- 21.8k views
hey there, i am trying to write a keygen in Delphi 7. my problem is that i cant figure out how to make a MD5 in the keygen. do i need to write it by hand or are there some pre-made code parts somewhere?
-
API EstimateFileRiskLevel Hooking
by bin123485- 2 replies
- 6k views
I try to hook the api EstimateFileRiskLevel with python + pydbg, but failed to get the api address. Is there any way I can hook the api?
-
Any tools about run trace?
by Gegul- 0 replies
- 8.5k views
Hi all. I'm finding about run trace. Ollydbg had bug on run trace. Immunity debugger is really slow on run trace. So i'm finding tools. anyone knows? Or anyone knows Tutorial about building debugger? If anywhere don't exist, i will build run tracer. I really feeling It's important. Thanks.
-
Issues with TitanEngine StepInto()
by xSRTsect- 2 replies
- 6.3k views
As far as I can understand StepInto() function in titanengine steps into a instruction and contains a call back to execute after stepping into has been done. My code doesn't do what I want, wich is basically keep in a vector all instructions it executes until reaching handler_start. void vm::DoNothing(){ } std::vector<std::string> vm::fetch_handler(){ std::vector<std::string> handler; std::string disasm; static uint32_t eip_control = GetContextData(UE_EIP); void* dbg = 0; do { eip_control = GetContextData(UE_EIP); disasm.assign((const char*)Disassemble((LPVOID)eip_control)); handler.push_back(disasm); StepInto(&DoNothing); dump…
-
Compile a project VB.NET help !
by bieljtvz- 0 replies
- 8.6k views
how can I build a project in my project? For example in my project I compile a calculator with the name of one of the label give "PROFESSIONAL CALCULATOR" and I change a textbox with the name I want! How do I do this?
-
- 1 follower
- 1 reply
- 8.2k views
Hey guys, This is a small project I did for a friend some time ago, basically it's a DLL you inject into an engima process (by loader, or by inline) and it will put a hardware breakpoint somewhere and write a new HWID. Attached the full source code, you have to manually find the HWID patch offset, but for someone who works with Enigma often this should be no problem... Little hint: 0044F168 ^\75 A7 JNZ SHORT test1.0044F1110044F16A 85F6 TEST ESI,ESI0044F16C /-7E 25 JLE SHORT test1.0044F193 ; This is the patch place.0044F16E | 8D45 EC LEA EAX,DWORD PTR SS:[EBP-0x14]0044F171 | 66:83E3 0F AND BX,0xF0044F175 …
-
[Resource Packed] LateBinding.LateCall
by Meteor2142- 7 replies
- 6.1k views
Hello! Trying to find some info about unpacking "resource-packed" .NET File The target exe file is not confused, but it using some method that gets the "main" assembly from resources. Code getted in Reflector: internal class Program { private static Assembly GetAssembly(byte[] data) { Type type = typeof(Assembly); object[] args = new object[2]; args[1] = new object[] { data }; return (Assembly) LateBinding.LateGet(type.GetMethod("Load", new Type[] { typeof(byte[]) }), typeof(MethodInfo), "Invoke", args, new string[] { "obj", "parameters" }, new bool[2]); } private static voi…
-
Catching remote WM_PAINT messages
by kolynet- 2 replies
- 9.7k views
hi all, i would like to ask ur help if you can guide me on how to subclass/detour remote (exe) control or simply catch remote process's wm paint messages using hook or whatsoever? preferred language delphi. would likely pay $$ for help. ty!
-
Modify IL Code during Run-time
by Codefans- 1 follower
- 5 replies
- 7.3k views
I have read a article about how to Modify IL Code during Run-time. http://www.codeproject.com/Articles/463508/NET-CLR-Injection-Modify-IL-Code-during-Run-time The author provide two version's binaries and code. (2012/11/05 and 2014/08/08) But In my pc just 2012/11/05 version's app can run normally, 2014/08/08 version's app throw some error "Initialization is failed with error [Failed to get addresses from server,Couldn't connect server.]!" My test PC : WinXP X86 test app: Test_x86_DotNet40_Release.exe The author said as below: "In previous version, the PDB file is downloaded and parsed locally with Microsoft symcheck.exe. In the current versio…
