Programming and Coding
Programming and coding tips, help and solutions...
1,890 topics in this forum
-
x32 and x64 device drivers
by Pancake- 9 replies
- 7.4k views
Hello. I got few small technical problems - im developing my kernel mode driver, everything runs fine on x32 system but it doesnt work on x64. How can i make my driver compatible with x64 systems? Second question, is im lookin for flink offset in process list structure for windows 8 (i mean the list you use to hide process by modifying flink and blink in this system list). I digged the internet and found all working offsets for xp and higher up to win 7 but cant get win 8. Thanx in advance
-
patchLib v3 Release
by atom0s- 8 replies
- 6.4k views
No longer sharing this project on this site.
-
- 1 follower
- 8 replies
- 13.1k views
Hi,all We all know "pushad" command in x32 mode. Like these: Do you know how to use these code in x64 mode ? Now I know these code needed to be modified. Like But how to convert "pushfd" command ? This make me confused. :( Some examples will be nice if possible.
-
simple math issue
by FastLife- 3 replies
- 8.5k views
hello tuts4you, i got a simple math question. when a lenght of a string divisible by 36, the counter should be added by 10.So i got this working but i bet there is a better/cleaner way to do this. this is what i got and it works, but could someone help me to improve my function? invoke lstrlen, Addr szString .if eax <= 36 push 10 .elseif eax <= 72 ; + 36 push 20 ; + 10 .elseif eax <= 108 ; + 36 push 30 ; + 10 etc.. .elseif eax<= 144 push 40 .elseif eax <= 180 push 50 .elseif eax <= 216 push 60 .elseif eax <= 252 push 70 .else push 80 .endif
-
Exit process without api
by FastLife- 16 replies
- 8.3k views
Is there a way to shutdown/exit a process/application without using a api and without hardcoding?
-
- 1 reply
- 4.5k views
Hi,I would know if create a web proxy like Charles Proxy or Fiddler (but a minimal version) sounds possible. I want to know what was requested, then answer to these requests by what I want (the real page or a fake response)Thanks in advance and sorry for the incovenience
-
PureBasic Keyfilemaker Template
by tim619- 2 replies
- 7.1k views
File Name: PureBasic Keyfilemaker Template File Submitter: tim619 File Submitted: 13 Jul 2014 File Category: Source Code This is a Keygen and Keyfilemaker written in PureBasic 5, similar to this one. Unfortunaly the cpu usage is quite high and I had to make dirty hacks for not resetting gadget strings. This time I didn't use transparency and fading but again chiptune support After keygeneration the keyfile should be exported using "Export Key" and it will be saved in same dir as the keygen is. Hopefully it will help someone Click here to download this file
-
[.NET] Components For Working With PE & MetaData
by IllusiveMan- 1 reply
- 4.3k views
Hello, Language, i am using: C#. So, i need your advise. I am looking for a components (Libraries or Classes) for working with PE and MetaData Tables. Some examples: 1) MetadataReader by CodeCracker. ( Cool class, but i am looking for a complex solutions ) 2) Mono.Cecil edited for ConfuserEx. ( There is class, which helps to work with metadata tables, but it's so hard to understand how to use it ). I would like to make an analogue of PE_Tools or something for my own use and studying. Thank in advance. Sorry for my bad English.
-
may you help me?thanks all.
by diskgetor- 1 reply
- 19.3k views
//////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// + (7E80 ^ 0xA35C) / 99 + ((unsigned int)((unsigned __int64)(818089009i64 * AB50) >> 32) >> 31) + ((unsigned int)((unsigned __int64)(156180629i64 * (D075 ^ 0x701B)) >> 32) >> 31); D075 = D075; v22 = (unsigned __int8)(D075 ^ 0x1B); v23 = (v22 + 1) * ((unsigned __int8)(2929 ^ 0x79) + 211) + ((v22 + 1) * ((unsigned int)(unsigned __int8)(2929 ^ 0x79) + 211) >> 16) + (((unsigned __int16)(((unsigned __int16)(D075 ^ 7E80) ^ 0xD347) + ((D075 ^ 7E80 ^ 0xD347u) >&g…
-
hello guys,please help me this loop................
by diskgetor- 3 replies
- 4.5k views
8C7A:canstants now you known this: char [10]={7A D0 07 71 DE 82 5F 40 AA 13} next is the cacl: 78787879 imul 7A=00000039:696969AA //get char[0] 39 SAR 3=7 7A ADD 7=81 8C7A ADD 81=8CFB 78787879 imul 8CFB=00004258:00004AA3 4258 SAR 3=084B 084B ADD 8CFB=9546 78787879 imul D0=00000061:E1E1E250 //get char[1] 61 SAR 3=0C D0 ADD 0C=DC 9546 ADD DC=9622 78787879 imul 9622=000046A6:9696E612 46A6 SAR 3=08D4 08D4 ADD 9622=9EF6//D0 78787879 imul 07=00000003:4B4B4B4F //get char[2] 3 SAR 3=0 07 ADD 0=07 9EF6 ADD 7=9EFD 78787879 imul 9EFD=00004AD1:6969BD95 4AD1 SAR 3=095A 095A ADD 9EFD=A857//07 78787879 imul 71=00000035:2D2D2D69 //get char[3] 35 SAR 3=6 71 ADD 6=…
-
memory breakpoints like olly
by snoopy- 0 replies
- 19.1k views
Hey Guys I am having a question about memory breakpoints, like Olly implements. The main issue is that doing it myself with a dll I am injecting into the process, the concept is extremely slow. While breakpointing with Olly it's just as fast as any other breakpoints. I am having a spot inside the program I want to set the breakpoint on. I copied this spot into a variable called: [HardwareBreakpointAddress] I am hooking KiUserExceptionDispatcher to catch the exceptions. I know I could also install a Vectored Exception Handler but this seems to suit just fine aswell. The code is WORKING, it's just I am wondering why it is so terrible slow. Is it because of the wa…
-
Ways to use .Net Reflector #2.1: Creating your own add-ins
by CodeExplorer- 1 reply
- 4.2k views
Ways to use .Net Reflector #2.1: Creating your own add-ins: Link: http://jasonhaley.com/blog/post/2007/08/25/Ways-to-use-Net-Reflector-21-Creating-your-own-add-ins.aspx and http://jasonhaley.com/blog/post/2008/11/05/Extending-Reflector-Menus-ContextMenus-and-Toolbars.aspx
-
[.NET][Cecil] ILProcessor
by XenocodeRCE- 1 reply
- 6.1k views
IL code i'm trying to inject n assembly : IL_0000: nop IL_0001: ldc.i4.0 IL_0002: stloc.0 IL_0003: ldc.i4.5 IL_0004: stloc.1 IL_0005: br IL_00b1 IL_000a: ldc.i4.s 63 IL_000c: call string [Microsoft.VisualBasic]Microsoft.VisualBasic.CompilerServices.Conversions::ToString(int32) IL_0011: call int64 [mscorlib]System.Int64::Parse(string) IL_0016: conv.ovf.u8 IL_0017: stloc.s 4 IL_0019: ldc.i8 -9223372036854775808 IL_0022: stloc.3 IL_0023: ldc.i4.1 IL_0024: stloc.s 5 IL_0026: nop IL_0027: ldc.i4.s 42 IL_0029: call string [Microsoft.VisualBasic]Microsoft.VisualBasic.CompilerServices.Conversions::ToString(int32) IL_002e: …
-
de-allocate memory necessary?
by FastLife- 6 replies
- 5.8k views
i allocated memory using VirtualAlloc. this i have done 9 times. now i don't need those memory anymore so do i have to free/remove them to improve the application's cpu? i mean, i know when the application is gonna terminate, all memory will be freed, but while the application is running, and i don't need the allocated memory anymore, is it better to remove/free that memory to have a lower pcu usage or something?
-
.NET support to a packer
by Lostin- 1 follower
- 8 replies
- 10.4k views
Hi I am wondering how to add .NET support to a native packer? because i tried using RLPack but the packed file failed to run with an error Unable to find a version of the runtime to run this application Is there something missed to be fixed before running the file like the Metadata or something.
-
HELP
by h4t- 4 replies
- 11.8k views
Help needed! I want to add my chiptune background music code from this project "projects.zip\1\" To this project here "projects.zip\2\" But i get alot of errors when i try it. Please can sombody help me with that projects.zip
-
Signature Scanner for Delphi by ArxLex
by arxlex- 1 reply
- 6k views
Signature scanner written by ArxLex specifically for site members Cheaton.ru. Material purely for informational purposes. As a basis and work were taken functions from C++. Example is written for beginners and amateurs of WINAPI as a console application, for more comfort and understand the code. Enjoy! program signaturescanner; {$APPTYPE CONSOLE} uses Windows, SysUtils, TlHelp32; var m_pID: integer; m_hProc: THandle; module: TModuleEntry32; m_Sign: integer; const procName = 'D3D9Test.exe'; procedure GetPID; var snapshot: THandle; pInfo: PROCESSENTRY32; begin snapshot := CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); pInfo.dwSize := si…
-
- 9 replies
- 9.3k views
Help needed! I want to be able to push one button only, and when I do it the text in the two boxes will be different. I want to just push the bottun and then the different texts are visible, but without me needing to write anything in the 'name' box, then push 'keygen' and then the serial is visible. ONLY me pushing 'keygen' and then both name and serial will appear. I can only get the same text in both 'name' and 'serial' boxes to appear when pressing 'keygen' button. I using "WinAsm Studio" base.zip
-
close window
by FastLife- 9 replies
- 9.6k views
i want to inject some code into a running process. This process have a gui and uses a window. (I know the handle of this window) so i want to close this window, but let the process running. i used the API DestroyWindow but get a 0x5 error ( acces denied ), because i dont know the thread which created the window. ( GetCurrentThreadId is not the answer). so my question is do you know a way how to close/destroy a window knowing its handle, but NOT closing the process, just the window of it?
-
get handle from window
by FastLife- 5 replies
- 6.7k views
hello i injected a new thread into a running process, the thread displays a MessageBox. This is working fine. However i want to get the handle (hwnd) of the running window to pass them as parameter in the MessageBox api, like: MessageBox(hWnd, str1,str1,1); but i can't retrieve the right handle of the window. i already tried api's such as Get(ForeGround)Window etc. Any ideas how to get the handle of the running window?
-
NetBox - the secret beyond!
by CodeExplorer- 1 follower
- 4 replies
- 13.3k views
1. First build the program! The most important code is this: Process process = new Process(); process.StartInfo.FileName = FileName; process.StartInfo.WorkingDirectory = Path.GetDirectoryName(FileName); process.StartInfo.UseShellExecute = true; processes.Add(process); It is very important to set UseShellExecute to true else won't work! And finaly the code which start the process: public List<Process> processes; void RunSelectedToolStripMenuItemClick(object sender, EventArgs e) { if (assemblieslist.Items.Count>0&&assemblieslist.SelectedIndices.Count!=0) { if (File.Exist…
-
Batch file programming
by zingle- 2 replies
- 8.8k views
Hello, I have this small batch file to make computer shutdown or reboot after "xx" seconds, to change the value "xx " the user should edit the file each time, i do not know how to make the program ask the user to chose the value of "xx" for example a dialog : "Please enter the value "xx". @echo off Title Scheduled ShutdownPC,RestartPc or Abort the two previous actions. cls echo. echo Please select an action : echo *********************** echo. echo 1) Shutdown computer in 01 minutes echo 2) Restart computer in 01 minutes echo 3) Abort all actions echo 4) exit echo. set /p web=Type option : if "%web%"=="1" shutdown -s -t 60 if "%web%"=="2" shutdown -r…
-
Keygen Template in C
by Cyclops- 18 replies
- 9.8k views
Hi all! Just thought to share my keygen template coded in C. Enjoy! src+bin: http://cyclops.ueuo.com/sources/Template.rar
-
ollydbg 2.01 plugin template
by njkermk- 0 replies
- 5.1k views
I've written a simple template of ollydbg2 plugin for latest flatassembler compiler. ollydbg2_plugin_template.7z
-
Debug Registers
by snoopy- 10 replies
- 13k views
Hey guys, I am reading up on ARteam securom information. What I am wondering is the following. Deroko in his post is posting a method to set hardware breakpoints to work his way around with the code splicing. What I am mis understanding is the following code from the goodies dir there is vmtrace.asm. In here he sets Dr0 with the following info: mov [ecx.context_dr0], eax //eax reg hold the address to breakpoint mov [ecx.context_dr7], 10101h //should be a breakpoint on write What I am missing here is how did he calculate 10101h. According to the intel manual, there is 31 bits: 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4…
