Programming and Coding
Programming and coding tips, help and solutions...
1,885 topics in this forum
-
Using RtlAdjustPrivilege to detect debugger.
by Insid3Code- 8 replies
- 9.1k views
A basic way using RtlAdjustPrivilege to detect the debugger (OllyDbg and IDA demo 6.6)As usually but not (enabled by default) for all debugger, the Debugger must acquiring debug privilege to work with its complete capacity. The snippet is simple and probably already used but I write it as simple as possible to get a clear ASM code inside the debugger.RtlAdjustPrivilege: Enables or disables a privilege from the calling thread or process. NTSTATUS RtlAdjustPrivilege ( ULONG Privilege, //[In] Privilege index to change. BOOLEAN Enable, //[In] If TRUE, then enable the privilege otherwise disable. BOOLEAN CurrentThread, //[In] If TRUE, then enable in…
-
- 2 replies
- 4.3k views
how can i get ECC RSA DES DSA MD5 BASE64 C OR C++ SOUCE?
-
Remove space
by javed- 0 replies
- 7.3k views
Remove space from a string in php without using any php function.
-
reduce exe size in visual studio
by Dickyb0b- 4 replies
- 8.5k views
i cant seem to reduce my exe size that was built with VS 2010, ive followed many guides and everytime my file is 51kb and all it does is MessageBoxA I have followed this guide from start to finish http://linkyzer0.com/papers/Decrease_WinCppProject_FileSize.pdf what am i doing wrong ?
-
- 16 replies
- 6.8k views
Hello everybody : ) I am looking for a good guide for learning assembly x86, so that later I could learn reverse engineering. I have a limited knowledge of assembly, and I could solve easy/medium Crackme,I solved several from: HackThisSite and etc.. When I open debuggers/disassembler and trying to solve, I understand that the main part, but there are parts of the margin (less important) that I do not understand, so I want to learn assembly in a "pure" so I know it everything. Can you recommend me a book / website that teaches assembly x86 ?
-
Search n Replace byte VB.net
by andrextrap- 1 reply
- 7.2k views
i will make patch with vb.net but i dont know how read or write sepecific bytes ex: &HF7, &HD8, &H1B, &HC0, &H40, &H89, &H45, &HE0 i want to change &H1B to &H33 and &H40 to &H90 but skip other byte ( Skip(HF7),Skip(HD8), patch(H1B),Skip(HC0), Patch(H40), skip skip skip) like in uPPP search : F7 D8 1B C0 40 89 45 E0 Replace .. .. 33 .. 90 .. .. .. Private Shared ReadOnly PatchFind As Byte() = {&HF7, &HD8, &H1B, &HC0, &H40, &H89, &H45, &HE0} Private Shared ReadOnly PatchReplace As Byte() = {&HF7, &HD8, &H33, &HC0, &H90, &H89, &H…
-
Code one asm thing in cpp
by Pancake- 1 reply
- 11.8k views
Hello. I recently started reading about anti debug, found great reference with tons of great ideas, but i cant get one to work. http://anti-reversing.com/Downloads/Anti-Reversing/The_Ultimate_Anti-Reversing_Reference.pdf The one i want to try is "Instruction counting", page 30. Most of them work simply by copying asm code int __declspec(naked) but this oen is different, and i couldnt get it to work this way, and i dont have experience in using structured exceptin handlers. Could someone try to rewrite this small piece of code? Please? Thanks in advance
-
MD5 in Delphi 7?
by Artic- 12 replies
- 21.2k views
hey there, i am trying to write a keygen in Delphi 7. my problem is that i cant figure out how to make a MD5 in the keygen. do i need to write it by hand or are there some pre-made code parts somewhere?
-
API EstimateFileRiskLevel Hooking
by bin123485- 2 replies
- 5.6k views
I try to hook the api EstimateFileRiskLevel with python + pydbg, but failed to get the api address. Is there any way I can hook the api?
-
Any tools about run trace?
by Gegul- 0 replies
- 8.2k views
Hi all. I'm finding about run trace. Ollydbg had bug on run trace. Immunity debugger is really slow on run trace. So i'm finding tools. anyone knows? Or anyone knows Tutorial about building debugger? If anywhere don't exist, i will build run tracer. I really feeling It's important. Thanks.
-
Issues with TitanEngine StepInto()
by xSRTsect- 2 replies
- 5.9k views
As far as I can understand StepInto() function in titanengine steps into a instruction and contains a call back to execute after stepping into has been done. My code doesn't do what I want, wich is basically keep in a vector all instructions it executes until reaching handler_start. void vm::DoNothing(){ } std::vector<std::string> vm::fetch_handler(){ std::vector<std::string> handler; std::string disasm; static uint32_t eip_control = GetContextData(UE_EIP); void* dbg = 0; do { eip_control = GetContextData(UE_EIP); disasm.assign((const char*)Disassemble((LPVOID)eip_control)); handler.push_back(disasm); StepInto(&DoNothing); dump…
-
Compile a project VB.NET help !
by bieljtvz- 0 replies
- 8.2k views
how can I build a project in my project? For example in my project I compile a calculator with the name of one of the label give "PROFESSIONAL CALCULATOR" and I change a textbox with the name I want! How do I do this?
-
- 1 reply
- 7.6k views
Hey guys, This is a small project I did for a friend some time ago, basically it's a DLL you inject into an engima process (by loader, or by inline) and it will put a hardware breakpoint somewhere and write a new HWID. Attached the full source code, you have to manually find the HWID patch offset, but for someone who works with Enigma often this should be no problem... Little hint: 0044F168 ^\75 A7 JNZ SHORT test1.0044F1110044F16A 85F6 TEST ESI,ESI0044F16C /-7E 25 JLE SHORT test1.0044F193 ; This is the patch place.0044F16E | 8D45 EC LEA EAX,DWORD PTR SS:[EBP-0x14]0044F171 | 66:83E3 0F AND BX,0xF0044F175 …
-
[Resource Packed] LateBinding.LateCall
by Meteor2142- 7 replies
- 5.7k views
Hello! Trying to find some info about unpacking "resource-packed" .NET File The target exe file is not confused, but it using some method that gets the "main" assembly from resources. Code getted in Reflector: internal class Program { private static Assembly GetAssembly(byte[] data) { Type type = typeof(Assembly); object[] args = new object[2]; args[1] = new object[] { data }; return (Assembly) LateBinding.LateGet(type.GetMethod("Load", new Type[] { typeof(byte[]) }), typeof(MethodInfo), "Invoke", args, new string[] { "obj", "parameters" }, new bool[2]); } private static voi…
-
Catching remote WM_PAINT messages
by kolynet- 2 replies
- 9.3k views
hi all, i would like to ask ur help if you can guide me on how to subclass/detour remote (exe) control or simply catch remote process's wm paint messages using hook or whatsoever? preferred language delphi. would likely pay $$ for help. ty!
-
Modify IL Code during Run-time
by Codefans- 1 follower
- 5 replies
- 6.8k views
I have read a article about how to Modify IL Code during Run-time. http://www.codeproject.com/Articles/463508/NET-CLR-Injection-Modify-IL-Code-during-Run-time The author provide two version's binaries and code. (2012/11/05 and 2014/08/08) But In my pc just 2012/11/05 version's app can run normally, 2014/08/08 version's app throw some error "Initialization is failed with error [Failed to get addresses from server,Couldn't connect server.]!" My test PC : WinXP X86 test app: Test_x86_DotNet40_Release.exe The author said as below: "In previous version, the PDB file is downloaded and parsed locally with Microsoft symcheck.exe. In the current versio…
-
[Help] Authentication Login in executable
by teehist- 1 reply
- 6k views
I have a theory in mind but do not know if this is possible today, we assume has a program that requires authentication from an online site (Login) if the User exists and has vip days, the action from behind the executable (form, main) appears after giving the Login form. There are possibilities for type an illusion, bypassing the system making him think that the User has vip (premium) and accept the program (executable)... I hope you understand. Usually people speak it in Fiddler is possible, but I have no idea how. I think normally it checks the type of User that it is in the forum (group), does anyone have any idea how? I'm not asking tutorial, the more you…
-
c# need help with reflection
by sakurawill- 2 replies
- 6.4k views
how can i use reflection to print all the items of comboBox1 to textBox1? and just need to use reflection,can anyone help me? thans a lot^_^ this.comboBox1.Items.AddRange(new object[] { "CC1", "CC2", "CC3", "CC4", "CC5"});
-
help in delphi 8
by mdj- 4 replies
- 9.5k views
function VolSerialNumber(DriveChar: Char): DWORD; unsafe;varNotUsed: DWORD;VolFlags: DWORD;VolSerNumber: DWORD;Buf: array [0..MAX_PATH] of Char;beginGetVolumeInformation ((PChar(DriveChar + ':\'), Buf, sizeof(Buf), @VolSerNumber, NotUsed, VolFlags, nil, 0));Result := VolSerNumber;end;please help for error this code work well in delphi 7 but after upgrade delphi 8 error in GetVolumeInformation ((PChar(DriveChar + ':\'), Buf, sizeof(Buf), @VolSerNumber, NotUsed, VolFlags, nil, 0)); [Error] WinForm.pas(89): Invalid typecast [Error] WinForm.pas(89): There is no overloaded version of 'GetVolumeInformation' that can be called with these arguments
-
[Help] BoxedApp Packer ?
by teehist- 3 replies
- 7.4k views
I used " MegaDump " in a program and it has created several dll called " BoxedAppSDK_AppDomainManager.dll "Do what ? a packer ? There is this tool? she's like an eclipse ? a packer ?And is to reverse what he does ?Which program is more correct to give you unpacker ?Note: This is not asking for a crack , I'm just asking these questions only by wisdom, lately I 'm kind of focused on reverse engineering
-
How to find a installed target?
by LCF-AT- 3 replies
- 4.1k views
Hi guys, just have a short question again. Can you show me a exsample how to check the registry to find some specific installed targets filenames?So I wanna find the target name as "ABC.exe" + the path to this file.So I tried already to use RegOpenKey../ RegEnumKey..like this.. 0012FFB4 0046A03D /CALL to RegOpenKeyA from UnPackMe.0046A038 0012FFB8 80000002 |hKey = HKEY_LOCAL_MACHINE 0012FFBC 0046A081 |Subkey = "software\*\ABC.exe" 0012FFC0 0046A094 \pHandle = OFFSET <UnPackMe.handle> ...but its not working to find the filename on that way. Problem also is that the file can be installed in any folder xy not same as ABC folder etc.So …
-
- 1 reply
- 3.8k views
HI. For example: I have a program for the source code like so..... if ( str == " Hello World") { MessageBox.Show (" Welcome ") ; } To if ( str == " Hello World") { MessageBox.Show (" Merci ") ; } How do I modify it with programming...
-
(Delphi) Define global flag?
by iChallengeYou- 4 replies
- 9.4k views
First a happy new year So I want to define a global flag which can be used everywhere in the project. So in example i want something like this: isUnpackMe = false; Button1.Click() { if (isUnpackMe) { ShowMessgae('This is an unpackme'); } } So i don't want to declare isUnpackMe as an variabele but want to define it like the pre-defined {$IFDEF CPUX86}. Does anyone know how to do that?
-
- 2 replies
- 6.2k views
CPU Core Faker aka Dual Core Fix is a DLL that overrides a few kernel32 functions to give the impression to the library user that the system has a different number of CPU cores. It was originally developed for Far Cry 4, which won't load if executed on a CPU with less than four logical cores. This fix is really generic and could work with other games, there is no FC4 specific code.I've uploaded the source code to CodePlex: https://cpucorefaker.codeplex.com/ There you can find a brief explanation, here are the returned values from Dual Core Fix v1/v2/v3:API function / Original (DC) / DC Fix v3 / DC Fix v2 / DC Fix v1 --------------------------------------------------------…
-
TET in delphi 7
by omar911- 2 replies
- 7k views
would like to know how to add parahgraaphs in delphi like this YOU MAY USE OUR RELEASE FOR EVALUATION PRUPOSES ONLY. WE WILL NOT BE HELD RESPONSIBLE FOR OUR RELEASE. IF YOU LIKE THIS SOFTWARE, YOU'RE STRONGLY ADVISED TO BUY IT AND SUPPORT THE DEVELOPERS AND ALSO SOFTWARE COMPANIES NEED OUR SUPPORT FOR QUALITY PRODUCTS.YOU MAY NOT USE, SELL OR DISTRIBUTE OUR RELEASE TO MAKE MONEY OR USE IT FOR ANY OTHER COMMERCIAL PURPOSE. any help would be great and yes i have tried it but for some reason it will not do the tet like above but in a straight line instead without space. thank you in advance and have a nice XMAS everyone.
