Programming and Coding
Programming and coding tips, help and solutions...
1,882 topics in this forum
-
- 16 replies
- 6.7k views
Hello everybody : ) I am looking for a good guide for learning assembly x86, so that later I could learn reverse engineering. I have a limited knowledge of assembly, and I could solve easy/medium Crackme,I solved several from: HackThisSite and etc.. When I open debuggers/disassembler and trying to solve, I understand that the main part, but there are parts of the margin (less important) that I do not understand, so I want to learn assembly in a "pure" so I know it everything. Can you recommend me a book / website that teaches assembly x86 ?
-
Search n Replace byte VB.net
by andrextrap- 1 reply
- 7.1k views
i will make patch with vb.net but i dont know how read or write sepecific bytes ex: &HF7, &HD8, &H1B, &HC0, &H40, &H89, &H45, &HE0 i want to change &H1B to &H33 and &H40 to &H90 but skip other byte ( Skip(HF7),Skip(HD8), patch(H1B),Skip(HC0), Patch(H40), skip skip skip) like in uPPP search : F7 D8 1B C0 40 89 45 E0 Replace .. .. 33 .. 90 .. .. .. Private Shared ReadOnly PatchFind As Byte() = {&HF7, &HD8, &H1B, &HC0, &H40, &H89, &H45, &HE0} Private Shared ReadOnly PatchReplace As Byte() = {&HF7, &HD8, &H33, &HC0, &H90, &H89, &H…
-
Code one asm thing in cpp
by Pancake- 1 reply
- 11.7k views
Hello. I recently started reading about anti debug, found great reference with tons of great ideas, but i cant get one to work. http://anti-reversing.com/Downloads/Anti-Reversing/The_Ultimate_Anti-Reversing_Reference.pdf The one i want to try is "Instruction counting", page 30. Most of them work simply by copying asm code int __declspec(naked) but this oen is different, and i couldnt get it to work this way, and i dont have experience in using structured exceptin handlers. Could someone try to rewrite this small piece of code? Please? Thanks in advance
-
MD5 in Delphi 7?
by Artic- 12 replies
- 21k views
hey there, i am trying to write a keygen in Delphi 7. my problem is that i cant figure out how to make a MD5 in the keygen. do i need to write it by hand or are there some pre-made code parts somewhere?
-
API EstimateFileRiskLevel Hooking
by bin123485- 2 replies
- 5.5k views
I try to hook the api EstimateFileRiskLevel with python + pydbg, but failed to get the api address. Is there any way I can hook the api?
-
Any tools about run trace?
by Gegul- 0 replies
- 8.1k views
Hi all. I'm finding about run trace. Ollydbg had bug on run trace. Immunity debugger is really slow on run trace. So i'm finding tools. anyone knows? Or anyone knows Tutorial about building debugger? If anywhere don't exist, i will build run tracer. I really feeling It's important. Thanks.
-
Issues with TitanEngine StepInto()
by xSRTsect- 2 replies
- 5.9k views
As far as I can understand StepInto() function in titanengine steps into a instruction and contains a call back to execute after stepping into has been done. My code doesn't do what I want, wich is basically keep in a vector all instructions it executes until reaching handler_start. void vm::DoNothing(){ } std::vector<std::string> vm::fetch_handler(){ std::vector<std::string> handler; std::string disasm; static uint32_t eip_control = GetContextData(UE_EIP); void* dbg = 0; do { eip_control = GetContextData(UE_EIP); disasm.assign((const char*)Disassemble((LPVOID)eip_control)); handler.push_back(disasm); StepInto(&DoNothing); dump…
-
Compile a project VB.NET help !
by bieljtvz- 0 replies
- 8.2k views
how can I build a project in my project? For example in my project I compile a calculator with the name of one of the label give "PROFESSIONAL CALCULATOR" and I change a textbox with the name I want! How do I do this?
-
- 1 reply
- 7.5k views
Hey guys, This is a small project I did for a friend some time ago, basically it's a DLL you inject into an engima process (by loader, or by inline) and it will put a hardware breakpoint somewhere and write a new HWID. Attached the full source code, you have to manually find the HWID patch offset, but for someone who works with Enigma often this should be no problem... Little hint: 0044F168 ^\75 A7 JNZ SHORT test1.0044F1110044F16A 85F6 TEST ESI,ESI0044F16C /-7E 25 JLE SHORT test1.0044F193 ; This is the patch place.0044F16E | 8D45 EC LEA EAX,DWORD PTR SS:[EBP-0x14]0044F171 | 66:83E3 0F AND BX,0xF0044F175 …
-
[Resource Packed] LateBinding.LateCall
by Meteor2142- 7 replies
- 5.6k views
Hello! Trying to find some info about unpacking "resource-packed" .NET File The target exe file is not confused, but it using some method that gets the "main" assembly from resources. Code getted in Reflector: internal class Program { private static Assembly GetAssembly(byte[] data) { Type type = typeof(Assembly); object[] args = new object[2]; args[1] = new object[] { data }; return (Assembly) LateBinding.LateGet(type.GetMethod("Load", new Type[] { typeof(byte[]) }), typeof(MethodInfo), "Invoke", args, new string[] { "obj", "parameters" }, new bool[2]); } private static voi…
-
Catching remote WM_PAINT messages
by kolynet- 2 replies
- 9.2k views
hi all, i would like to ask ur help if you can guide me on how to subclass/detour remote (exe) control or simply catch remote process's wm paint messages using hook or whatsoever? preferred language delphi. would likely pay $$ for help. ty!
-
Modify IL Code during Run-time
by Codefans- 1 follower
- 5 replies
- 6.6k views
I have read a article about how to Modify IL Code during Run-time. http://www.codeproject.com/Articles/463508/NET-CLR-Injection-Modify-IL-Code-during-Run-time The author provide two version's binaries and code. (2012/11/05 and 2014/08/08) But In my pc just 2012/11/05 version's app can run normally, 2014/08/08 version's app throw some error "Initialization is failed with error [Failed to get addresses from server,Couldn't connect server.]!" My test PC : WinXP X86 test app: Test_x86_DotNet40_Release.exe The author said as below: "In previous version, the PDB file is downloaded and parsed locally with Microsoft symcheck.exe. In the current versio…
-
[Help] Authentication Login in executable
by teehist- 1 reply
- 5.9k views
I have a theory in mind but do not know if this is possible today, we assume has a program that requires authentication from an online site (Login) if the User exists and has vip days, the action from behind the executable (form, main) appears after giving the Login form. There are possibilities for type an illusion, bypassing the system making him think that the User has vip (premium) and accept the program (executable)... I hope you understand. Usually people speak it in Fiddler is possible, but I have no idea how. I think normally it checks the type of User that it is in the forum (group), does anyone have any idea how? I'm not asking tutorial, the more you…
-
c# need help with reflection
by sakurawill- 2 replies
- 6.3k views
how can i use reflection to print all the items of comboBox1 to textBox1? and just need to use reflection,can anyone help me? thans a lot^_^ this.comboBox1.Items.AddRange(new object[] { "CC1", "CC2", "CC3", "CC4", "CC5"});
-
help in delphi 8
by mdj- 4 replies
- 9.4k views
function VolSerialNumber(DriveChar: Char): DWORD; unsafe;varNotUsed: DWORD;VolFlags: DWORD;VolSerNumber: DWORD;Buf: array [0..MAX_PATH] of Char;beginGetVolumeInformation ((PChar(DriveChar + ':\'), Buf, sizeof(Buf), @VolSerNumber, NotUsed, VolFlags, nil, 0));Result := VolSerNumber;end;please help for error this code work well in delphi 7 but after upgrade delphi 8 error in GetVolumeInformation ((PChar(DriveChar + ':\'), Buf, sizeof(Buf), @VolSerNumber, NotUsed, VolFlags, nil, 0)); [Error] WinForm.pas(89): Invalid typecast [Error] WinForm.pas(89): There is no overloaded version of 'GetVolumeInformation' that can be called with these arguments
-
[Help] BoxedApp Packer ?
by teehist- 3 replies
- 7.3k views
I used " MegaDump " in a program and it has created several dll called " BoxedAppSDK_AppDomainManager.dll "Do what ? a packer ? There is this tool? she's like an eclipse ? a packer ?And is to reverse what he does ?Which program is more correct to give you unpacker ?Note: This is not asking for a crack , I'm just asking these questions only by wisdom, lately I 'm kind of focused on reverse engineering
-
How to find a installed target?
by LCF-AT- 3 replies
- 4.1k views
Hi guys, just have a short question again. Can you show me a exsample how to check the registry to find some specific installed targets filenames?So I wanna find the target name as "ABC.exe" + the path to this file.So I tried already to use RegOpenKey../ RegEnumKey..like this.. 0012FFB4 0046A03D /CALL to RegOpenKeyA from UnPackMe.0046A038 0012FFB8 80000002 |hKey = HKEY_LOCAL_MACHINE 0012FFBC 0046A081 |Subkey = "software\*\ABC.exe" 0012FFC0 0046A094 \pHandle = OFFSET <UnPackMe.handle> ...but its not working to find the filename on that way. Problem also is that the file can be installed in any folder xy not same as ABC folder etc.So …
-
- 1 reply
- 3.7k views
HI. For example: I have a program for the source code like so..... if ( str == " Hello World") { MessageBox.Show (" Welcome ") ; } To if ( str == " Hello World") { MessageBox.Show (" Merci ") ; } How do I modify it with programming...
-
(Delphi) Define global flag?
by iChallengeYou- 4 replies
- 9.3k views
First a happy new year So I want to define a global flag which can be used everywhere in the project. So in example i want something like this: isUnpackMe = false; Button1.Click() { if (isUnpackMe) { ShowMessgae('This is an unpackme'); } } So i don't want to declare isUnpackMe as an variabele but want to define it like the pre-defined {$IFDEF CPUX86}. Does anyone know how to do that?
-
- 2 replies
- 6k views
CPU Core Faker aka Dual Core Fix is a DLL that overrides a few kernel32 functions to give the impression to the library user that the system has a different number of CPU cores. It was originally developed for Far Cry 4, which won't load if executed on a CPU with less than four logical cores. This fix is really generic and could work with other games, there is no FC4 specific code.I've uploaded the source code to CodePlex: https://cpucorefaker.codeplex.com/ There you can find a brief explanation, here are the returned values from Dual Core Fix v1/v2/v3:API function / Original (DC) / DC Fix v3 / DC Fix v2 / DC Fix v1 --------------------------------------------------------…
-
TET in delphi 7
by omar911- 2 replies
- 6.9k views
would like to know how to add parahgraaphs in delphi like this YOU MAY USE OUR RELEASE FOR EVALUATION PRUPOSES ONLY. WE WILL NOT BE HELD RESPONSIBLE FOR OUR RELEASE. IF YOU LIKE THIS SOFTWARE, YOU'RE STRONGLY ADVISED TO BUY IT AND SUPPORT THE DEVELOPERS AND ALSO SOFTWARE COMPANIES NEED OUR SUPPORT FOR QUALITY PRODUCTS.YOU MAY NOT USE, SELL OR DISTRIBUTE OUR RELEASE TO MAKE MONEY OR USE IT FOR ANY OTHER COMMERCIAL PURPOSE. any help would be great and yes i have tried it but for some reason it will not do the tet like above but in a straight line instead without space. thank you in advance and have a nice XMAS everyone.
-
- 2 replies
- 4.8k views
I see a few skins around the forum and I want to build my own skins with photoshop or some graphics program. Example: Currently I have this written in win32/64 old school c / c++ using the windows api. Basically I have an outter main window with a child window inside the main window and you can move it around and minimize it. I want to create something like the above picture with buttons that are clickable and some check boxes. So, the question is how do I map the pictures to the window and make the pictures clickable? -Bit_Hacker
-
XM
by omar911- 22 replies
- 11.9k views
XM (file format) XM, standing for "extended module", is an audio file type introduced by Triton's FastTracker 2. XM introduced multisampling-capable instruments with volume and panning envelopes, and basic pattern compression. It also expanded the available effect commands and channels, added 16-bit sample support, and offered an alternative frequency table for portamentos. www.modarchive.org uses this format. XM is a common format for many chiptunes. I would like some help on how to emmbed a XM file in my delphi code, so when it is run the music is played, i have searched the net and found codes but they font wot=rk at all, i use DELPHI 7 so i woild be grateful…
-
what is overlay meaning in detail?
by rever_ser- 8 replies
- 7k views
hi guys! can anybody say in detail WHAT IS OVERLAY? i just know the overlay in somewhere outside of PE. but what is this meaning indeed. thanks in advance!
-
Delphi packing assistance.
by mudlord- 4 replies
- 13.2k views
Hi, I ran into a bug with processing Delphi/FreePascal executables. All Delphi versions seem to be affected. I am unsure as to the problem. I checked in non Delphi executables and TLS callbacks/tables seem to work correctly, so atm I am at a loss to see what I am missing. This seems to be a final bug of my exe packer, and the main thing stopping its release. Any help at all would be great. test.rar