Programming and Coding

i created a thread using CreateThread succesfully. the problem is that the thread is not directly after creating is executed. the thread will be executed after calling Sleep(). the thread is not created in suspended mode, but with the creation flag 0 (0 = The thread runs immediately after creation.). but still the thread is not executed direclty. any suggestions? invoke CreateThread, 0, 0, addr ThreadProc, NULL, 0, addr dwThreadID invoke Sleep, 200 ; when reaching this code the thread created above should be executed first

Hey all, It has been a long time since I posted to this forum,but I wanted to post here to this .NET library known to people who may find use of it. The name of the project is NIDebugger (for non-intrusive debugging). There are currently 2 variants, NIDebugger (x86) and NIDebugger64 (x64). The main page for the x86 project is here: http://tslater2006.github.io/NIDebugger/ Currently the x64 is experimental and can be found via the github repository: http://github.com/tslater2006/NIDebugger64 Because of the experimental state of the x64 library, I will only discuss the x86 one... One of the most simple examples of using it is shown below, ple…

Hi all, we can change the image base of executable file while linking with /BASE option. i.e. Link /BASE:0x600000 but is there any way to change the image base after linking? we may use PE editor to change the ImageBase value! but the problem raises when building import table! 00601060 FF25 08104000 JMP DWORD PTR DS:[401008] 00601066 FF25 00104000 JMP DWORD PTR DS:[401000] jump addresses must change to their appropriate values! any idea? Regards.

Hello I was wondering how this is coded? how i can make a lot of Unconditional branches forward/backward? how this is implemented? i mean how i can control the execution flow with jumps like themida VM, or VMP. I can make this only forward but backward/forward will interference with each other. Also one more question. Do these jmps random? or it has fixed addresses? Any ideas will be appreciated.

quick ? Why the hell does my dev-c++ crash with exception c0000005 for any memcpy memset memove Rootkit?? ridiculous!

Hi everyone, Some time ago I put this small utility together for a friend that needed it. Turns out to be a useful piece of code. Code was found on the internet, only slightly modified and cleaned up a little. Credits to the original author of the code (sorry, couldn't find the website I found it on). This is the code: #include <stdio.h>#include <windows.h>void ErrorDescription(DWORD p_dwError){ HLOCAL hLocal=0; FormatMessage(FORMAT_MESSAGE_FROM_SYSTEM|FORMAT_MESSAGE_ALLOCATE_BUFFER, 0, p_dwError, MAKELANGID(LANG_ENGLISH, SUBLANG_ENGLISH_US), (LPTSTR)&hLocal, 0, …

using this http://downloads.securityfocus.com/vulnerabilities/exploits/48179-poc.c and this http://blog.csdn.net/whispermemory/article/details/6754144 We could create a lil KRNL Scanner w/ Dev-C++ .. Getting the Module.ImageName is tricky, and if anyone has any suggestions? Another thing, dunno if its because of the token adjustment but, this scanner finds a few more sys drivers in the krnl in comparison to a module scanner that uses strictly: ZwQuerySystemInformation( SystemModuleInformation #include <windows.h> #include <stdio.h>#include <iostream>using namespace std; #define NT_SUCCESS(Status) ((NTSTATUS)(Status) >= 0) typedef enum _SYSDBG_COM…

Hello, I have tested a piece of malware today and after that i was surprised that each exe i load with ollydbg it hooks it's entrypoint with PUSH <address> ret the address contains also mov [entrypoint],originalbytes etc. So how is this done? is there any explanation about this?. Even if i set ollydbg to stop at system EP the hook is still there at entrypoint. Is this a usermode or kernelmode hook?

Hello, Could SomeOne Help Me Out ? Am Looking For A Unit to Calculate CRC - 16 For a String in Delphi. I Have Tried Quite a Number Of Implementations Yet They Give Me Wrong Results. I Tried Using Delphi Encryption Compendium v5.2 Yet it Kept Giving Me The Same OutPut For Different Input Strings. Please I Need This Urgently Cos am Almost Loosing My Mind Here. *** My IDE is Dephi 7.

here i start simple project make application for register families members names and family id numbers and diseases in villages i make excel sheet then import its data to oracle 10 g to scott user table then connected it to c sharp 2005 then made many text boxes and buttons problem i cant complet coding i dont know in coding so help me to complet project any one make me simple tut by steps how i add or remove or edit data from oracle to appear in text box in forms of c sharp and then how get this forms with its data base and make it as application to run on another computer with no need to set up another oracle pleas urgent i put all steps he…

with dev-c++ create a hello world .sys driver driver.cpp -------------- #include <stdio.h>#include "ddk/ntddk.h"__stdcall NTSTATUS DriverEntry(PDRIVER_OBJECT pDriverObject, PUNICODE_STRING pRegistryPath){ NTSTATUS status = STATUS_DEVICE_CONFIGURATION_ERROR; DbgPrint("enter DriverEntry,I'm Hopy!/n"); DbgPrint("Leave DriverEntry,byb :-) !/n"); return status;}C:\Documents and Settings\Owner\Desktop\Dev-Cpp>bin\gcc -o drv.sys -s -shared -Wl,--entry,_DriverEntry driver.cpp -nostartfiles -nostdlib -lntoskrnl using instdrv: E:\drv.sys (install , start) debug view shows: enter DriverEntry,I'm Hopy!/n Leave DriverEntry,byb :-) !/n now maybe with some C# using SCMana…

Info 1: Bass is powerful audio Library. http://www.un4seen.com/ Info 2: This Static Library is Visual Basic 6 only. Info 3: uFMOD Visual Basic Compiler was used in this Project. Updated: Bass_SampleLoad Bass.rar

Hi, has anyone used the ImpRec DLL ? I added to my cpp the prototypes and code: DWORD SetModule(DWORD pid, DWORD base); void LogIATEntry(DWORD rva_iat_slot, DWORD va_api); DWORD MakeImportTable(LPTSTR dump_filename); .... ... SetModule(fdProcessInfo->dwProcessId, fdLoadedBase); included the header with error codes and link against ImpREC_DLL.lib still getting error : error LNK2019: unresolved external symbol ""unsigned long __cdecl SetModule(unsigned long,unsigned long)" (?SetModule@@YAKKK@Z)" SOLVED: add to header #ifdef __cplusplus extern "C" { #endif /*__cplusplus*/ __declspec(dllimport) DWORD SetModule(DWORD pid, DWORD base); __declspe…

Im trying to invoke ZwCreateThread. But since it is a undocumented function i don't know how to do it. The 7'th arguement of the function is PINITIAL_TEB UserStack. How to initialize this structure to use it in ZwCreateThread? This is my code so far. invoke RtlInitializeContext, -1, Addr threadContext, NULL, Addr ThreadStartupRoutine, Addr userStack invoke ZwCreateThread, Addr processHandle, PROCESS_ALL_ACCESS, Addr oa, -1, Addr ClientId, Addr threadContext, Addr userStack, FALSE

Wanted to ask a question before I wasted 20 bucks trying it myself on a fun project. I have some SPI sensors I want to get info from. A friend gave me a linux eval board w/SPI sensor soldered to the eval board, and I could see the SPI device in /dev, open it up and get any info I needed from the resigters on the SPI sensor. I'd like to know if I can take a device like this - http://www.ftdichip.com/Products/ICs/FT220X.html Plug the SPI sensor into the USB stick, then plug the USB stick into a Rasberry PI or other device that accepts USB... And using the free USB drivers, open a Windows COM port or linux open() function & talk directly with the register…

ManagedDllInjectorKnown limitation: The target process must a window!This program has two options: 1. Inject the current assembly itself on selected process Inject button. Look on the code InjectedClass.cs and you will see the code that load an assembly: // Here load the assembly from string Assembly asm = Assembly.Load("SSA.Business.Input, Version=1.0.0.0, Culture=neutral, PublicKeyToken=a58bfd68363575ef"); if (asm==null) { MessageBox.Show("Failed to load assembly!"); } else { MessageBox.Show("Loaded ok!"); } You can add here asm = Assembly.Load("assemly string") to load more assemblies. 2…

Hey guys, I want to compile the adplug C/C++ source into a unmanaged *.dll to use it in .NET with PInvoke, but I don´t get the makefile compiling to work. Could anybody please tell me how to compile that package? Thanks for your effort! adplug-2.2.1.tar.gz

Hello Tuts4You, Danny from ARTeam here. I am stuck with creating a child process. Edit: Problem is solved, thanks huntingspace

i want to open a .exe file using ZwOpenFile. No i dont want to use OpenFile or other winapi's, just ZwOpenFile. I created a simple project based upon the link down, but when i try to open calc.exe nt-status error = C0000008 == STATUS_INVALID_HANDLE. my code is almost the same as http://www.asmcommunity.net/forums/topic/?id=15345

Hi, here's my compiled Static LIB of LibV2M Version 1.5 with Replay-Function. It's the last version of Farbrausch Viruz Sound System. Thanks to kb and all other Farbrausch members for releasing the source. Note that you can only replay sounds made or converted to V1.5. goto http://www.1337haxorz.de/products.html to get the Content Creation tools. LibV2M_v15_with_Replay.zip

i created a gui with a few controls in c++. is there a way to use this gui in my asm project?

Hello guys, I just wanted to post a example for my latest lib called NV2, that is able to play *.v2m files with .NET: https://nv2.codeplex.com/ I thought it would be helpful for many people out there, as the interest in *.v2m modules is growing. Examples are included, source code is actually given as a patch in the coding section on my website. Some users might have to run it as admin, tune was made by me for my latest demo. Ofc you can include the nv2.dll statically with ilmerge after compiling!! Have fun, Feedback appreciated! NV2 tutorial VB .NET.rar

Hi, I am just wondering if something like this will work; static short(__stdcall*_GetAsyncKeyState)(int vKey); _GetAsyncKeyState = (short(__stdcall*)(int))((DWORD)GetAsyncKeyState + 0x5); if( GetAsyncKeyState(VK_XBUTTON1) ) { RelevantFunction(); Sleep(50); } }

Qt Creator tutorials on youtube over 200 tutorials http://www.youtube.com/user/VoidRealms/videos?sort=p&shelf_index=4&view=0

This Libraries are Rebuilded. V2M Lib Old : 650+ KB New : 73 KB uFMOD Lib Old : 26.1 KB New : 25.5 KB uFMOD-V2M.rar