Programming and Coding

/del pls Full here bellow Sorry tuts is lagging

Defeating Windows User Account Control from kernelmode.info.Defeating Windows User Account Control by abusing built-in Windows AutoElevate backdoor. http://www.kernelmode.info/forum/viewtopic.php?f=11&t=3643 https://github.com/hfiref0x/UACME

Did anybody ever created plugins for ollydbg in c#? is it worth it to try, as im more experiecned with c#, or should i rather do it in c/c++? or is it easier for simple tasks to use scripts? if this is not the proper section, please move the thread

Source code in OOP C++ for the Windows PE. In the next post I will post the source code of the functions, in this one I will post the header of it. Note that the most of the functions are coded by steve10120, but I modified/added some things to make it work for x64 files too and for windows 7+. PE.h #ifndef PEH #define PEH #include <vcl.h> class PE_management { protected: HANDLE hOpenFile; HANDLE hOpenFileMapping; public: HANDLE hFile; PIMAGE_DOS_HEADER pIDH; PIMAGE_NT_HEADERS32 pINH; PIMAGE_SECTION_HEADER pIFS; PIMAGE_SECTION_HEADER sectionHeaderOfOEP; PIMAGE_IMPORT_DESCRIPTOR pIID; String fileName; unsigned int sizeOf…

Hello guys, Have a some problem, need to make an encoder code from decoder code. It's possible? Here it is: private static byte[] ByteArray = new byte[] { 198, 155, 210, 181, 170, 198, 80, 247, 165, 134, 249, 215, 18, 204, 212, 8, 71, 122, 144, 187, 164, 225, 159, 57 }; private static string Decoder(string MOLmemeNWSgZXjzu, byte[] VEuOxZqRKRisj) { byte[] array = Convert.FromBase64String(MOLmemeNWSgZXjzu); for (int i = 0; i < array.Length; i++) { for (int j = 0; j < VEuOxZqRKRisj.Length; j++) { array[i] ^= VEuOxZqRKRisj[j]; } } string text = ""; byte[] array2 = array; for (int k = 0; k < array2.Length; k++) { byte …

hi all, i want to change the default text selection color of an edit control (which is blue) to another color. how can i do this? any help will be appreciated.

Virtual Machines Detection Enhanced from kernelmode.info Yes, as you've already noticed! I appreciate all projects coded by EP_X0FF https://github.com/hfiref0x/VMDE

Hi everyone, I was boring and I've coded a .dll in MASM32 to use the famous MetaBall effect on any language: MetaBalls.zip Also includes the source code and an example for some languages (MASM32, Delphi 7, VB6 and VB .NET). Maybe will be useful for someone. Regards. PS: Sorry for my English

Windows x64 Driver Signature Enforcement Overrider from kernelmode.info. Updated Source and binary: https://github.com/hfiref0x/DSEFix

Hello. I created simple tray application wih options of showing a messagebox and launching one .exe in same folder as the tray app. But for some reason it shows some blue bar on windows8 saying it will not allow to open or smth like that... What may be the reason?

Hi all, I posted this topic over on ARTeam forum and thought that maybe someone might find this useful here also? If not, disregard this post and forget you ever read it, . I recently tried converting some of my assembler code across to C and Delphi and it required bitwise rotations. Although the C compiler will optimise in rotations, natively they are not accessible that i am aware of. To use them you either have to use intrinsics or inline assembler, the other option is to define macros which use bitwise SHL/SHR and and OR to achieve a psuedo-rotation. I'm not sure whether or not the Delphi 7 compiler will place rotations in, but i know you can use inline assembler or…

A basic way using RtlAdjustPrivilege to detect the debugger (OllyDbg and IDA demo 6.6)As usually but not (enabled by default) for all debugger, the Debugger must acquiring debug privilege to work with its complete capacity. The snippet is simple and probably already used but I write it as simple as possible to get a clear ASM code inside the debugger.RtlAdjustPrivilege: Enables or disables a privilege from the calling thread or process. NTSTATUS RtlAdjustPrivilege ( ULONG Privilege, //[In] Privilege index to change. BOOLEAN Enable, //[In] If TRUE, then enable the privilege otherwise disable. BOOLEAN CurrentThread, //[In] If TRUE, then enable in…

how can i get ECC RSA DES DSA MD5 BASE64 C OR C++ SOUCE?

Remove space from a string in php without using any php function.

i cant seem to reduce my exe size that was built with VS 2010, ive followed many guides and everytime my file is 51kb and all it does is MessageBoxA I have followed this guide from start to finish http://linkyzer0.com/papers/Decrease_WinCppProject_FileSize.pdf what am i doing wrong ?

Hello everybody : ) I am looking for a good guide for learning assembly x86, so that later I could learn reverse engineering. I have a limited knowledge of assembly, and I could solve easy/medium Crackme,I solved several from: HackThisSite and etc.. When I open debuggers/disassembler and trying to solve, I understand that the main part, but there are parts of the margin (less important) that I do not understand, so I want to learn assembly in a "pure" so I know it everything. Can you recommend me a book / website that teaches assembly x86 ?

i will make patch with vb.net but i dont know how read or write sepecific bytes ex: &HF7, &HD8, &H1B, &HC0, &H40, &H89, &H45, &HE0 i want to change &H1B to &H33 and &H40 to &H90 but skip other byte ( Skip(HF7),Skip(HD8), patch(H1B),Skip(HC0), Patch(H40), skip skip skip) like in uPPP search : F7 D8 1B C0 40 89 45 E0 Replace .. .. 33 .. 90 .. .. .. Private Shared ReadOnly PatchFind As Byte() = {&HF7, &HD8, &H1B, &HC0, &H40, &H89, &H45, &HE0} Private Shared ReadOnly PatchReplace As Byte() = {&HF7, &HD8, &H33, &HC0, &H90, &H89, &H…

Hello. I recently started reading about anti debug, found great reference with tons of great ideas, but i cant get one to work. http://anti-reversing.com/Downloads/Anti-Reversing/The_Ultimate_Anti-Reversing_Reference.pdf The one i want to try is "Instruction counting", page 30. Most of them work simply by copying asm code int __declspec(naked) but this oen is different, and i couldnt get it to work this way, and i dont have experience in using structured exceptin handlers. Could someone try to rewrite this small piece of code? Please? Thanks in advance

hey there, i am trying to write a keygen in Delphi 7. my problem is that i cant figure out how to make a MD5 in the keygen. do i need to write it by hand or are there some pre-made code parts somewhere?

I try to hook the api EstimateFileRiskLevel with python + pydbg, but failed to get the api address. Is there any way I can hook the api?

Hi all. I'm finding about run trace. Ollydbg had bug on run trace. Immunity debugger is really slow on run trace. So i'm finding tools. anyone knows? Or anyone knows Tutorial about building debugger? If anywhere don't exist, i will build run tracer. I really feeling It's important. Thanks.

As far as I can understand StepInto() function in titanengine steps into a instruction and contains a call back to execute after stepping into has been done. My code doesn't do what I want, wich is basically keep in a vector all instructions it executes until reaching handler_start. void vm::DoNothing(){ } std::vector<std::string> vm::fetch_handler(){ std::vector<std::string> handler; std::string disasm; static uint32_t eip_control = GetContextData(UE_EIP); void* dbg = 0; do { eip_control = GetContextData(UE_EIP); disasm.assign((const char*)Disassemble((LPVOID)eip_control)); handler.push_back(disasm); StepInto(&DoNothing); dump…

how can I build a project in my project? For example in my project I compile a calculator with the name of one of the label give "PROFESSIONAL CALCULATOR" and I change a textbox with the name I want! How do I do this?

Hey guys, This is a small project I did for a friend some time ago, basically it's a DLL you inject into an engima process (by loader, or by inline) and it will put a hardware breakpoint somewhere and write a new HWID. Attached the full source code, you have to manually find the HWID patch offset, but for someone who works with Enigma often this should be no problem... Little hint: 0044F168 ^\75 A7 JNZ SHORT test1.0044F1110044F16A 85F6 TEST ESI,ESI0044F16C /-7E 25 JLE SHORT test1.0044F193 ; This is the patch place.0044F16E | 8D45 EC LEA EAX,DWORD PTR SS:[EBP-0x14]0044F171 | 66:83E3 0F AND BX,0xF0044F175 …

Hello! Trying to find some info about unpacking "resource-packed" .NET File The target exe file is not confused, but it using some method that gets the "main" assembly from resources. Code getted in Reflector: internal class Program { private static Assembly GetAssembly(byte[] data) { Type type = typeof(Assembly); object[] args = new object[2]; args[1] = new object[] { data }; return (Assembly) LateBinding.LateGet(type.GetMethod("Load", new Type[] { typeof(byte[]) }), typeof(MethodInfo), "Invoke", args, new string[] { "obj", "parameters" }, new bool[2]); } private static voi…