Programming and Coding

Hello everyone. Today i bumped onto one very crazy idea I am trying to preapre an exe file from scratch, not using any compiler, just create hex file. Im goin to create PE header, fill all values, create sections, directories, imports etc. So here comes my question. How much work has to be done to make windows loader successfully load the exe, map it and run the code inside? Is it only about creating the header with all its dependiences, or somehing more?

VirtualBox Hardened VM detection mitigation loader x64 from kernelmode.info.Step by step guide for VirtualBox Hardened (4.3.14+) VM detection mitigation configuring. http://www.kernelmode.info/forum/viewtopic.php?f=11&t=3478'>>http://www.kernelmode.info/forum/viewtopic.php?f=11&t=3478 https://github.com/hfiref0x/VBoxHardenedLoader'>>https://github.com/hfiref0x/VBoxHardenedLoader

exe is protected by dng3.68,unpack it using DNGuardHVMUnpacker, and it work well,but when i patch and save it in reflector,it show error. Round Trip with ILDASM ILASM fails: error -- Failed to open managed resource file '' error -- Failed to open managed resource file ' ' Output file contains errors ...... Now i want to add some codes in the exe ,what can i do ?

Hello, I decided to share some projects are difficult to find in Delphi.I hope it will be useful and that someone can improve - DbgThr - Fast and simple Debug in delphi - PE_LIB - library for manipulating File format PE32 / 64 - DAForge_IA - Artificial Intelligence in Delphi There is also another project(Private repository at this Moment), code generator based on nasm. It works very well but still is the first release and is to be tested and then I would also implement the syntax MASM. https://bitbucket.org/Pigreco6 Hello soon sorry for my bad english

/del pls Full here bellow Sorry tuts is lagging

Defeating Windows User Account Control from kernelmode.info.Defeating Windows User Account Control by abusing built-in Windows AutoElevate backdoor. http://www.kernelmode.info/forum/viewtopic.php?f=11&t=3643 https://github.com/hfiref0x/UACME

Did anybody ever created plugins for ollydbg in c#? is it worth it to try, as im more experiecned with c#, or should i rather do it in c/c++? or is it easier for simple tasks to use scripts? if this is not the proper section, please move the thread

Source code in OOP C++ for the Windows PE. In the next post I will post the source code of the functions, in this one I will post the header of it. Note that the most of the functions are coded by steve10120, but I modified/added some things to make it work for x64 files too and for windows 7+. PE.h #ifndef PEH #define PEH #include <vcl.h> class PE_management { protected: HANDLE hOpenFile; HANDLE hOpenFileMapping; public: HANDLE hFile; PIMAGE_DOS_HEADER pIDH; PIMAGE_NT_HEADERS32 pINH; PIMAGE_SECTION_HEADER pIFS; PIMAGE_SECTION_HEADER sectionHeaderOfOEP; PIMAGE_IMPORT_DESCRIPTOR pIID; String fileName; unsigned int sizeOf…

Hello guys, Have a some problem, need to make an encoder code from decoder code. It's possible? Here it is: private static byte[] ByteArray = new byte[] { 198, 155, 210, 181, 170, 198, 80, 247, 165, 134, 249, 215, 18, 204, 212, 8, 71, 122, 144, 187, 164, 225, 159, 57 }; private static string Decoder(string MOLmemeNWSgZXjzu, byte[] VEuOxZqRKRisj) { byte[] array = Convert.FromBase64String(MOLmemeNWSgZXjzu); for (int i = 0; i < array.Length; i++) { for (int j = 0; j < VEuOxZqRKRisj.Length; j++) { array[i] ^= VEuOxZqRKRisj[j]; } } string text = ""; byte[] array2 = array; for (int k = 0; k < array2.Length; k++) { byte …

hi all, i want to change the default text selection color of an edit control (which is blue) to another color. how can i do this? any help will be appreciated.

Virtual Machines Detection Enhanced from kernelmode.info Yes, as you've already noticed! I appreciate all projects coded by EP_X0FF https://github.com/hfiref0x/VMDE

Hi everyone, I was boring and I've coded a .dll in MASM32 to use the famous MetaBall effect on any language: MetaBalls.zip Also includes the source code and an example for some languages (MASM32, Delphi 7, VB6 and VB .NET). Maybe will be useful for someone. Regards. PS: Sorry for my English

Windows x64 Driver Signature Enforcement Overrider from kernelmode.info. Updated Source and binary: https://github.com/hfiref0x/DSEFix

Hello. I created simple tray application wih options of showing a messagebox and launching one .exe in same folder as the tray app. But for some reason it shows some blue bar on windows8 saying it will not allow to open or smth like that... What may be the reason?

Hi all, I posted this topic over on ARTeam forum and thought that maybe someone might find this useful here also? If not, disregard this post and forget you ever read it, . I recently tried converting some of my assembler code across to C and Delphi and it required bitwise rotations. Although the C compiler will optimise in rotations, natively they are not accessible that i am aware of. To use them you either have to use intrinsics or inline assembler, the other option is to define macros which use bitwise SHL/SHR and and OR to achieve a psuedo-rotation. I'm not sure whether or not the Delphi 7 compiler will place rotations in, but i know you can use inline assembler or…

A basic way using RtlAdjustPrivilege to detect the debugger (OllyDbg and IDA demo 6.6)As usually but not (enabled by default) for all debugger, the Debugger must acquiring debug privilege to work with its complete capacity. The snippet is simple and probably already used but I write it as simple as possible to get a clear ASM code inside the debugger.RtlAdjustPrivilege: Enables or disables a privilege from the calling thread or process. NTSTATUS RtlAdjustPrivilege ( ULONG Privilege, //[In] Privilege index to change. BOOLEAN Enable, //[In] If TRUE, then enable the privilege otherwise disable. BOOLEAN CurrentThread, //[In] If TRUE, then enable in…

how can i get ECC RSA DES DSA MD5 BASE64 C OR C++ SOUCE?

Remove space from a string in php without using any php function.

i cant seem to reduce my exe size that was built with VS 2010, ive followed many guides and everytime my file is 51kb and all it does is MessageBoxA I have followed this guide from start to finish http://linkyzer0.com/papers/Decrease_WinCppProject_FileSize.pdf what am i doing wrong ?

Hello everybody : ) I am looking for a good guide for learning assembly x86, so that later I could learn reverse engineering. I have a limited knowledge of assembly, and I could solve easy/medium Crackme,I solved several from: HackThisSite and etc.. When I open debuggers/disassembler and trying to solve, I understand that the main part, but there are parts of the margin (less important) that I do not understand, so I want to learn assembly in a "pure" so I know it everything. Can you recommend me a book / website that teaches assembly x86 ?

i will make patch with vb.net but i dont know how read or write sepecific bytes ex: &HF7, &HD8, &H1B, &HC0, &H40, &H89, &H45, &HE0 i want to change &H1B to &H33 and &H40 to &H90 but skip other byte ( Skip(HF7),Skip(HD8), patch(H1B),Skip(HC0), Patch(H40), skip skip skip) like in uPPP search : F7 D8 1B C0 40 89 45 E0 Replace .. .. 33 .. 90 .. .. .. Private Shared ReadOnly PatchFind As Byte() = {&HF7, &HD8, &H1B, &HC0, &H40, &H89, &H45, &HE0} Private Shared ReadOnly PatchReplace As Byte() = {&HF7, &HD8, &H33, &HC0, &H90, &H89, &H…

Hello. I recently started reading about anti debug, found great reference with tons of great ideas, but i cant get one to work. http://anti-reversing.com/Downloads/Anti-Reversing/The_Ultimate_Anti-Reversing_Reference.pdf The one i want to try is "Instruction counting", page 30. Most of them work simply by copying asm code int __declspec(naked) but this oen is different, and i couldnt get it to work this way, and i dont have experience in using structured exceptin handlers. Could someone try to rewrite this small piece of code? Please? Thanks in advance

hey there, i am trying to write a keygen in Delphi 7. my problem is that i cant figure out how to make a MD5 in the keygen. do i need to write it by hand or are there some pre-made code parts somewhere?

I try to hook the api EstimateFileRiskLevel with python + pydbg, but failed to get the api address. Is there any way I can hook the api?

Hi all. I'm finding about run trace. Ollydbg had bug on run trace. Immunity debugger is really slow on run trace. So i'm finding tools. anyone knows? Or anyone knows Tutorial about building debugger? If anywhere don't exist, i will build run tracer. I really feeling It's important. Thanks.