Programming and Coding
Programming and coding tips, help and solutions...
1,892 topics in this forum
-
Stores and reads array
by icha- 3 replies
- 5.8k views
I am curious about how peid loads signature database. Does Peid store the signature as an array and load it to memory? If I compare the used memory between peid and exeinfope Exeinfope Priv. Working Set : 316,676 K Commit Size : 318.068 K Peid Priv. Working Set : 2232 K Commit Size : 6792 K I know they are different program but they are quite similar with big difference about memory consumption. Actually, I have signature database, I put it as an array in a DLL. My EXE retrieve the array from DLL and assign the array to EXE's variable. The problem is my EXE will consume huge memory. What is the effective way?
-
[Delphi] Get Offset By A/B
by 0xFF- 8 replies
- 5.6k views
This little function will return an offset inside a binary typed file by a given array of byte. function RetOffset(const FileName: String; const bSrc: Array Of Byte): DWORD; var hFile : DWORD; CompareArray : Array Of Byte; FileLength : DWORD; Pos : DWORD; BytesRead : DWORD; begin Result := 0; Pos := 0; hFile := CreateFile(PChar(FileName), GENERIC_READ, 0, nil, OPEN_EXISTING, 0, 0); If hFile = INVALID_HANDLE_VALUE Then Exit; SetLength(CompareArray, Length(bSrc)); Try FileLength := SetFilePointer(hfile, 0, nil, FILE_END) - Length(bSrc); SetFilePointer(hFile, 0, nil, FILE_BEGIN); While Pos <= FileLength Do …
-
List open file handles in win api?
by chickenbutt- 4 replies
- 6.8k views
I've seen methods for getting a list of open handles for a file/folder as they are created, but what about when they already exist, and from only ring3? Searching turns up nothing, and I'm hoping there is some structure or descriptor that can be used.. example application: pass a path to a non-executable or folder and get a list of processes accessing it
-
- 0 replies
- 4.6k views
This is a project I've been working on over 6 month (with long breaks) and it's time for me to release an Alpha stage source of it, i'm abanding this project since i'll probably port it to C++ (C++ Builder by Embracadero) XE. This project is in Delphi XE, it's a cheating tool for the game Typing Maniac @ Facebook, how it work? - @Form creation, it will store the game handle to a global variable - (FilterImage Subroutine) Take a screenshot of the game and optimize its canvas by removing unwanted pixels (Look at CleanupCanvas subroutine) - (ProcessImage Subroutine) Will process the image by scanning it (TOCR Engine) for words, in the end it will send a keystroke to the gam…
-
[ Delphi ] Keygen Src
by IMPosTOR- 1 reply
- 18.3k views
Hello here is some keygen src [Delphi] dont miss it some of src using bruteforce to get serial number. like Poxxr IxO and AAA-LoXX or ... Enjoy. //coded by IMPosTOR //impostor@de-compiler.me //www.de-compiler.mefunction Generate_Serial_by_IMPosTOR : string; var i,j : integer; Magic : string; M : integer; c1,c2,c3 : integer; part1,part2,part3,part4 : string; begin result := 'Error : 01'; Magic := '2YOPB3AQCVUXMNRS97WE0IZD4KLFGHJ8165T'; repeat Part1 := Random_Serial(5,6); c1 := 0; c2 := 0; c3 := 0; for i := 1 to 5 do begin M := (ord(Part1[i])); for j := 1 to length(Magic) do begin if M = (ord(Magic[j])) …
-
using Crypto++
by deepzero- 6 replies
- 12.3k views
Hi, Today, i tried to implement a simple RSA en-decryption using "Crypto++" (www.cryptopp.com), as it`s supposed to be easy to use and powerful. Since i had never used it before, i decided to start with something simple and calculate the SHA-x hash of a text string. Fortunately, i even found an example code in the documentation: />http://www.cryptopp.com/fom-serve/cache/50.html However, it wont compile. I`ve read through several FAQs, wiki entries, help files, online documentations - cant get it to work. I downloaded the latest version of Crypto++ (5.6.1), extracted all the files to the core folder of my VS2008 C++ project and included the necessary headers: …
-
- 1 reply
- 3.4k views
// © 2005 Richard Grimes // snSig library used to get information about a strong name signature of // a .NET assembly using System; using System.IO;// Used to obtain the file offset and the size of the strong name signature // and the strong name data directory public class StrongNameSignature { // Locations and sizes of various things in the PE file const int pePos = 0x003c; const int numSectOffset = 0x02; const int peIdentSize = 0x04; const int coffHeaderSize = 0x14; const int dataDirectoryOffset = 0x60; const int dataDirectoryLength = 0x08; const int clrHeaderIndex = 0x0e; const int strongNameSigOffset = 0x20; const int sectionHeaderSize =…
-
- 0 replies
- 3k views
Compressed Integer In .NET/CLI Metadata In short, the compression algorithm is used to place a 32-bit integer (takes 4 bytes) into as little as possible number of storage (1, 2, or 4 bytes). This compression algorithm is widely used in .NET/CLI PE files, such as metadata signatures ,#blob stream and #US stream. In such cases, integers are used to save the number of records, or size of data blocks. Since such numbers and sizes are all very small, use 32-bit integers will cause many bytes set to 0, which makes no sense. In such cases, compressed integer can effectively reduce the disk space a PE file takes, and saves network bandwidth. Some scenarios of using compressed in…
-
AT4RE Protector v1.0 deprotector
by bigboss-62- 4 replies
- 7.9k views
Hello again guys... i'm proud to bring you my AT4RE Protector v1.0 decryptor. As usual, source code in masm and crypter are included... See you soon... Laurent aka BIGBOSS from COPs. AT4RE_Protector_v1.0.zip CPS_UnAT4REProtector_v1.0.zip
-
- 5 replies
- 11.2k views
Hi All, Something which i would like to share with the community which i've spend a week or so developing. This is similar to Game |_|nwrapper that Dr.Carbon has done at http://www.tuts4you.com/forum/index.php?showtopic=15010 but only in C++. Hope you guys learn something off the source code Products Supported - Reflexive Arcade - Alawar Games - Playrix - GameHouse - PopCap Greyhound_Unpacker.rar
-
How To Search Bytes In Process ? 1 2
by Matrix- 35 replies
- 22.3k views
Hi Friends I Want Search More Bytes In Any Process With Visual Basic How I Do It ? Please Help ME THanks Sorry For My Bad English
-
- 0 replies
- 6.2k views
The Visual Studio 2010 Uninstall Utility While we hope you’ll love Visual Studio 2010 for all the application development it enables with powerful features and a robust extension model that enables great extensions like the Productivity Power Tools, if you ever need to uninstall Visual Studio it can be difficult. If you’ve ever tried to remove Visual Studio you already know this. But have a tool that can help for English installations: The Visual Studio 2010 Uninstall Utility. An excerpt from that page reads, Default (VS2010_Uninstall-RTM.ENU.exe) Uninstalls all top level products of 2010 release and its supporting components. This mode does not remove Visual Studio…
-
VB.NET Bassmod Source Code
by ghsafsdfsdhfghfgjhgkj- 0 replies
- 5.5k views
Open with Visual Studio 2008 or Visual Basic 2008.
-
yC decryptor v1.1b *NEW*
by bigboss-62- 17 replies
- 13.7k views
Hello guys... i'm proud to bring you my Yoda's Crypter decryptor. You can say that there are already decryptors for it, like deYoda and unYc, but they have some bugs... 1 - There isn't an individual decryptor for yC 1.1... 2 - I have tried to decrypt with deyoda some crypted Delphi apps crypted with yC, and it can't decrypt it ... So, I've done my own decryptor, supporting for the moment yC v1.1 and yC v1.2. My decrypter have been tested with masm32 apps, vc apps and delphi apps, and it seems to always work... Source code in masm will be included if someone is interested... See you soon in my next decrypter... Laurent aka BIGBOSS from COPs Update 2010-02-13:…
-
- 5 replies
- 4.4k views
Hey guys, I am new here and just started into learning Assembler. First of all I have to say this Forum really rocks! I already found tons of information I´m interested in and I´m really impressed by the skills of some members here.. Well I started working myself through Iczelion´s famous Win32 Asm Tuts at the beginning of this week after i got some basic information from the Book: The Art of Assembly Language I ordered a time ago. The question belongs to Tut3 I just finished working on. There is the WinMain proc, where 4 arguments are passed in the function parameter list. My question belongs to the first parameter, the instance handler from type HINSTANCE. In the .DATA?…
-
[Help] Security/Certificate Table
by steve10120- 1 reply
- 3.1k views
Hi. Was wondering if any one has some example code of reading the security/certificate table(in the data directories). Can't seem to find any documentation or example code any where. This is the kind of info I mean, though maybe not as detailed. />http://i55.tinypic.com/fohe90.png The only structure I can find is typedef struct _WIN_CERTIFICATE { DWORD dwLength; WORD wRevision; WORD wCertificateType; BYTE bCertificate[ANYSIZE_ARRAY]; } WIN_CERTIFICATE, *LPWIN_CERTIFICATE; Some example code listing basic details would be alot easier for me to learn from. Any help would be appreciated.
-
- 0 replies
- 3.1k views
For some time, I was thinking about developing a web search plug-in for Visual Studio, so that I can search the web (mainly sites like StackOverflow, CodeProject, MSDN etc) in a non intrusive way, with out leaving the IDE. Here we go, meet Vingy 1.0 – A simple, but effective add in for Visual Studio 2010 so that you can search the web in a non intrusive way, and can filter results based on sources. Getting used to Vingy You can bring up Vingy either by clicking View->Other Windows –> Vingy Search Window from the Visual Studio IDE, or just by high lighting some text in the document and then clicking Tools –> Search Selected Text (Ctrl + 1). Searching with …
-
C# .NET 1.1 SendMail
by JMC31337- 1 reply
- 13.9k views
Heres how ya send HTML with attachment in .NET 1.1 Believe .NET 1.1 comes pre-installed on all 32 bit machines What this does is creates a rar archive with 123.txt in it, then emails it out Depending upon what your ISP is, you will need to change the SmtpServer variable Multiple recipients need to have a ; in between em .NET Framework 1.1 is no longer supported through Express C# 2002-2003 You'll need to install the .NET Framework 1.1 Redistributable and .NET 1.1 SDK This has to be compiled from commandline with csc /out:c:\smtp.exe Program.cs or if you want no console window csc /target:winexe /out:c:\smtp.exe Program.cs Directory should be %windir%\Microsoft.NET\Framewo…
-
- 0 replies
- 2.9k views
Tricking ildasm Into Dumping a Metadata Delta File u can trick ildasm into dumping the metadata delta file. Just add .obj to the filename and constrain the output: > ildasm TESTME.exe.1.dmeta.obj /text /metadata=raw /metadata=heaps
-
- 0 replies
- 5.6k views
.NET Exceptions (all of them) The surce code for generating the list of .NET exceptions that I posted earlier. Here it is finally. This just outputs an XML structure to the console. You can redirect the output to a file then use an XSLT transform on it (or do whatever else you want with it). using System;using System.Collections.Generic;using System.Text;using System.Reflection;using System.Collections;using System.Text.RegularExpressions;using System.Design;using System.Xml;using System.IO;namespace ExceptionList{ class Program { static void Main(string[] args) { ReflectionSearch(".*exception$"); Console.ReadKey(); } …
-
Writing "portable" code
by deepzero- 6 replies
- 5.8k views
Hey, I was analyzing an interesting piece of malware, where code, data & IAT where all mixed together in one section. IE, text string and dwords with imported addresses where pasted just in the middle of the code: Note how the "call 40100d" calls past the OpenProcess-DWORD, effectively pushing the address to that DOWRD to the stack. So after the "Pop eax", eax contains a pointer to the address of OpenProcess...and can be called via "call dword [eax]". Which is exactly what happens. This is part of the runtime importing, again the calls call past a text string, pushing a pointer to the string to the stack. Later this is used to build the import table. The b…
-
- 1 reply
- 8.8k views
Introduction This book demonstrates the process of creating a language compiler for the CLR. It contains a mixture of generic compiler construction topics and topics specific to compiling for the CLR. How it came to be For many years, I wanted to write a compiler. I read, or tried to read, a lot of books on the subject. Two things about these books consistently turned me off: one, they were, one and all, written using language familiar to mathematics and computer science students, but Greek (many a time, literally) to the rest of us. Two, almost all of them were full of information about sundry alternate means to read source code and understand it, but contained precious …
-
RelocationDirectory/ImportDirectory/ExportDirectory struct
by CodeExplorer- 1 reply
- 5.4k views
Currently I build and Metadata reader/writer, first I need these strcuts defined in C# RelocationDirectory struct ImportDirectory struct ExportDirectory struct Anybody knows from where I could get them?
-
DebugView filter editor v1.0
by sirp- 1 reply
- 3.1k views
DebugView filter editor v1.0 DebugView is a wonderful tool for viewing real time logging information generated by your applications. You can set filters which will colorize the output according to various rules. But the dialog for setting those filters is awful, especially now when it supports 20 filters. So I developed this little application in Python using the wxPython GUI toolkit to make it easier for me to change the filters. SITE DebugView_Filter_Editor_ 1.0.rar
-
- 5 replies
- 3.9k views
It was an amazing adventure reversing QUAD RegistryCleaner 1.5.144, I would say the reversing level of it is Medium.... but you can easly reverse if you watch Lena's tuts 1~16. I am posting this for educational purpose only, and to expose new stuff [maybe] to other members... hope you'll like it, take it and modify it, do w.e you want to. you can even use the SnD function from it in your own patchers to easly make patchers, no need for stuff like dUP2, i'm just showing how easy it is to create a patcher yourself, source code is in Delphi 2010. unit main;interfaceuses Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms, Dialogs, StdCtrls, png…
