Programming and Coding
Programming and coding tips, help and solutions...
1,892 topics in this forum
-
ollydbg 2.01 plugin template
by njkermk- 0 replies
- 5.2k views
I've written a simple template of ollydbg2 plugin for latest flatassembler compiler. ollydbg2_plugin_template.7z
-
Debug Registers
by snoopy- 10 replies
- 13.3k views
Hey guys, I am reading up on ARteam securom information. What I am wondering is the following. Deroko in his post is posting a method to set hardware breakpoints to work his way around with the code splicing. What I am mis understanding is the following code from the goodies dir there is vmtrace.asm. In here he sets Dr0 with the following info: mov [ecx.context_dr0], eax //eax reg hold the address to breakpoint mov [ecx.context_dr7], 10101h //should be a breakpoint on write What I am missing here is how did he calculate 10101h. According to the intel manual, there is 31 bits: 19 18 17 16 15 14 13 12 11 10 9 8 7 6 5 4…
-
Magic_h2001 v2m player source
by Freefall63- 4 replies
- 7.4k views
Hey guys, I just wanted to ask if somebody has the delphi source of magicĀ“s v2 lib. Should be easier to translate .NET I think. Translation help is ofc appreciated, too.
-
VB .NET Low Level winmm Audio playback
by Freefall63- 8 replies
- 9k views
Hello guys, I tried to work the low level winmm.dll functionality out in VB .NET, but encountered several problems. My goal is to play a wave file from stream using WaveOutOpen, WaveOutPrepareHeader und WaveOutWrite, using it only once to play the whole file: Imports System.GlobalizationImports System.Runtime.InteropServicesImports System.TextImports System.IOImports System.ThreadingPublic Class Form1 <StructLayout(LayoutKind.Sequential)> _ Private Structure WAVEHDR Public lpData As Integer Public dwBufferLength As Integer Public dwBytesRecorded As Integer Public dwUser As Integer Public dwFlags As Integer Public d…
-
Yasp - Web-based Assembler/Emulator to Learn Assembly...
by Teddy Rogers- 1 reply
- 8.3k views
yasp-Assembler Title pretty much sums it up... http://demo.yasp.me/ Ted.
-
OllyDBG 2.01 plugin SDK bug ?!
by cypher- 0 replies
- 6.8k views
when using Ollys builtin options feature ODBG2_Pluginoptions with static WCHAR opt_ollyTitle[TEXTLEN] = {}; static t_control scyllahideoptions[] = ..... { CA_EDIT, OPT_16, 200, 30, 40, 10, NULL, opt_ollyTitle, L"Olly title" }, ... the SDK doc says that the opt_ollyTitle variable will be updated with the modifications you did on WM_CLOSE. however this doesnt work for some reason ! For CA_CHECK (checkboxes) it works... Am I doing sth wrong ? As a hacky workaround I now do extc t_control* ODBG2_Pluginoptions(UINT msg,WPARAM wp,LPARAM lp) { if(msg==WM_COMMAND) { if(LOWORD(wp)==OPT_16) { //yes this …
-
ollydbg 2.0 plugin
by walter1945- 2 replies
- 7.3k views
Hi all, i'm writing a small plugin for olly but i can't figure out how tell olly (from plugin) to resume process,do you know what's the right way to do that from plugin? thanks.
-
[Help] Inject x64 DLL into x64 PE File
by Gladiator- 15 replies
- 10k views
HelloI have problem with injection 64 bit dll into 64 bit exe file , in case i don't know what i should to do ? any one can help me with information , sources or some thing that solve my problemThanks
-
Generating a MethodDef signature
by ubbelol- 0 replies
- 10.2k views
Nevermind.
-
- 3 replies
- 4.4k views
Hello, I have coded a software, and its working fine on latin and english operative systems, but it does not work godd on Chinese Windoxs XPI have a module, for strings, conversion etc etc....Code is: st1 = HexToAsc("100404084A011004C8DC")Winsock2.SendData st1in latin server / client app, I receive very same string I sent.... I use winsock.GetData but on chinese windows xp it does not I receive this: 100404084A0110040000 (C8DC is now 0000)what could the problem be?? unicode related?? thanks
-
Firework LIB+DLL
by SmilingWolf- 1 reply
- 9.1k views
This is an implementation of the Fireworks effect by ronybc as a library with a little enhancement: you can now run multiple fireworks instances! Preview (3 instances): Documentation, sources, examples, compiled LIB and DLL are included. Hope you will like this Now go and set your CPU on fire! Firework.7z
-
.NET Reversing
by Elena Schneider- 11 replies
- 10.1k views
Hello!I)) I am reversing .NET web application which sends sockets to server through HTTP and RTSP protocol. I just want to change IP address where I send requests.My problem is...I can't find this right place in code. Look at that please. public WebWrapper() { this.UseProxy = false; this.UA = "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.107 Safari/535.1"; this.Proxy = new WebProxy(); this.LastPage = "http://google.com/"; this.cookies = new CookieContainer(); } public string httpGet(string Address, [Optional, DefaultParameterValue(true)] bool Redirect) string str; try { IEnumerator enumerat…
-
how to create a loader with visual basic 6?
by nicogalan- 0 replies
- 4.7k views
Hello, do you know how to create a loader in visual basic 6? where could I find source code for it? thanks regards
-
patch auto saved in memory map?
by PieterJones- 2 replies
- 4.7k views
hello tuts4you i suppose after mapping a file in memory, and after making a change/patch in this mapped memory, i need to save the bytes wich are changed using FlushViewOfFile , right? so the weird thing is, it saves the patch already without using the FlushViewOfFile api yet! so actually i don't have to use FlushViewOfFile because the bytes are automatic saved after unmapping it seems. can someone tell me why? hOpenFile = CreateFile(szFilePath, GENERIC_WRITE | GENERIC_READ, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL | FILE_FLAG_RANDOM_ACCESS, NULL) hOpenFileMapping = CreateFileMapping(hOpenFile, NULL, PAGE_READWRITE, 0, dwSizeOfFile, NULL) pFile = M…
-
BASS static lib v.2.4
by ::: - phpbb3 - :::- 14 replies
- 10.3k views
BASS static lib v.2.4 MASM32 player example BASS.static.lib.v.2.4.MASM32.player.zip
-
strongod driver
by PieterJones- 16 replies
- 9.3k views
Hi folks i want to change the drivername of the to strongOD plugin at runtime. i know i can change this in the olly.ini file, but i need to change it at runtime after the driver is created. So in example i want to change the default drivername ("fengue0") to "testing" at runtime programmatically. is there a way to do this?
-
How to use this procedue "FindOEPGenerically"
by darkbreak- 1 reply
- 4.6k views
Hi all, How to use this procedue "FindOEPGenerically" in TitanEngine please help Thank you
-
Rijndeal 128, 192 , 256 example
by ragdog- 5 replies
- 14.1k views
Hello I want a example about Rijndeal 128, 192 , 256 in Asm,Cpp Now have i searched many hours but without good results. I found this drizz cryptohash.lib but with differents results as this page http://www.tools4noobs.com/online_tools/encrypt/ Key=Tuts4You Text=Tuts4You Result in hex 256= 18fa02ae57bfc4d9e1414c37d2d5e49898b1c6ce59a2a10fced00a36c6492f64 192= 521b4e49d550cfa20856c254cac7a199a670af2f7aeb8829 128= 37f9ce5d255f5b4fb7c66cefe4331e97 Can your send code examples in Asm or Cpp?!? Regards, raggy
-
- 0 replies
- 4.6k views
c c++or MFC work for input's string mov of 2 VAR, then use them xor 12345678 ,anather xor 87654321,use them again of DES ,last .......... edit1,input application's hardwareID,same as: 1234-5678-abcd-efgj-ij then,edit2 get the string:345678ab cdefghij,how i shouid write the code?
-
- 3 replies
- 7.7k views
Hey everyone, its been a long time since i was last here so sorry if it is in the wrong section. I am pretty new to Lua and its not my language of choice but its the only language this program allows so i am stuck. I am trying to open a website using shellexecute in Lua but no matter what i do, i don't seem to get any results when the script runs. I have been googling for hours now and there were a few good reads but apparently i am the only one who is using shellexecute to open website or maybe no one else has this problem, there were a few examples using native os function (os.execute) but they didn't seem to work either for me, it just opened a cmd window w…
-
Start executable from memory
by wyrda- 13 replies
- 7.9k views
Hi, I'm new to this stuff so I think you can help me. Can I load into the memory an executable and start it from there? Something like this: fread("myexecutable.exe"), shellexecute_from_memory("myexecutable.exe"). Have a nice day, wyrda
-
Remove ASLR programmatically
by Readme- 3 replies
- 9.7k views
does someone of tuts4you know how to disable/remove the "dll can load" (IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE) in programming code? we know this IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE is equal to 0x40, so is it a correct way to substract 0x40 from the DllCharacteristics? so in example NTheader->OptionalHeader.DllCharacteristics = NTheader->OptionalHeader.DllCharacteristics - 0x40;
-
thread starting
by Readme- 8 replies
- 5.9k views
i created a thread using CreateThread succesfully. the problem is that the thread is not directly after creating is executed. the thread will be executed after calling Sleep(). the thread is not created in suspended mode, but with the creation flag 0 (0 = The thread runs immediately after creation.). but still the thread is not executed direclty. any suggestions? invoke CreateThread, 0, 0, addr ThreadProc, NULL, 0, addr dwThreadID invoke Sleep, 200 ; when reaching this code the thread created above should be executed first
-
NonIntrusive Debugger Library
by Nieylana- 17 replies
- 7.8k views
Hey all, It has been a long time since I posted to this forum,but I wanted to post here to this .NET library known to people who may find use of it. The name of the project is NIDebugger (for non-intrusive debugging). There are currently 2 variants, NIDebugger (x86) and NIDebugger64 (x64). The main page for the x86 project is here: http://tslater2006.github.io/NIDebugger/ Currently the x64 is experimental and can be found via the github repository: http://github.com/tslater2006/NIDebugger64 Because of the experimental state of the x64 library, I will only discuss the x86 one... One of the most simple examples of using it is shown below, ple…
-
How to change image base of exe file?
by Mr.reCoder- 6 replies
- 10.1k views
Hi all, we can change the image base of executable file while linking with /BASE option. i.e. Link /BASE:0x600000 but is there any way to change the image base after linking? we may use PE editor to change the ImageBase value! but the problem raises when building import table! 00601060 FF25 08104000 JMP DWORD PTR DS:[401008] 00601066 FF25 00104000 JMP DWORD PTR DS:[401000] jump addresses must change to their appropriate values! any idea? Regards.
