Programming and Coding

Just wondering if anyone can help me convert a c++ snippet to delphi, I have attempted myself but my C++ skills are not that good... Either one of these snippets does the job.. //In Globals typedef void (__cdecl *lpSetConsoleVariable)(unsigned long console,char* szVal); lpSetConsoleVariable SetConsoleVariable;//Usage SetConsoleVariable(0x8003F0,"ShowFps 1"); Or this snippet typedef int (__cdecl* RunConsoleCommand_t)(char* cmd); RunConsoleCommand_t pRunConsoleCommand = (RunConsoleCommand_t)0x00485E10;//Usage pRunConsoleCommand("ShowFPS 1"); Now for my attempts function Pu****(command: PChar):boolean;cdecl; var dwAddress: Dword; begin dwAddress:= $00484bc0; asm …

hey all here is another nice keygen source for deurus crackme#1 by me here is keygenme link : http://crackmes.de/users/deurus/crackme01/ here is Keygen Source in ASM Language : .data? szname db 512 Dup(?) buf db 512 Dup(?) buf3 db 512 Dup(?) s1 dd ?generate proc hWin:HWND invoke GetDlgItemText,hWin,1001,addr szname,512 test eax,eax je error MOV EAX,offset szname PUSH EAX call lstrlen MOV ESI,EAX TEST ESI,ESI JLE @Crackme_0044DE3A MOV DWORD PTR DS:[s1],0@Crackme_0044DDC5: PUSH EAX MOV ECX,1 MOV EAX,s1 XOR ECX,ECX MOV CL,BYTE PTR DS:[szname+eax] MOV…

I am curious about how peid loads signature database. Does Peid store the signature as an array and load it to memory? If I compare the used memory between peid and exeinfope Exeinfope Priv. Working Set : 316,676 K Commit Size : 318.068 K Peid Priv. Working Set : 2232 K Commit Size : 6792 K I know they are different program but they are quite similar with big difference about memory consumption. Actually, I have signature database, I put it as an array in a DLL. My EXE retrieve the array from DLL and assign the array to EXE's variable. The problem is my EXE will consume huge memory. What is the effective way?

This little function will return an offset inside a binary typed file by a given array of byte. function RetOffset(const FileName: String; const bSrc: Array Of Byte): DWORD; var hFile : DWORD; CompareArray : Array Of Byte; FileLength : DWORD; Pos : DWORD; BytesRead : DWORD; begin Result := 0; Pos := 0; hFile := CreateFile(PChar(FileName), GENERIC_READ, 0, nil, OPEN_EXISTING, 0, 0); If hFile = INVALID_HANDLE_VALUE Then Exit; SetLength(CompareArray, Length(bSrc)); Try FileLength := SetFilePointer(hfile, 0, nil, FILE_END) - Length(bSrc); SetFilePointer(hFile, 0, nil, FILE_BEGIN); While Pos <= FileLength Do …

I've seen methods for getting a list of open handles for a file/folder as they are created, but what about when they already exist, and from only ring3? Searching turns up nothing, and I'm hoping there is some structure or descriptor that can be used.. example application: pass a path to a non-executable or folder and get a list of processes accessing it

This is a project I've been working on over 6 month (with long breaks) and it's time for me to release an Alpha stage source of it, i'm abanding this project since i'll probably port it to C++ (C++ Builder by Embracadero) XE. This project is in Delphi XE, it's a cheating tool for the game Typing Maniac @ Facebook, how it work? - @Form creation, it will store the game handle to a global variable - (FilterImage Subroutine) Take a screenshot of the game and optimize its canvas by removing unwanted pixels (Look at CleanupCanvas subroutine) - (ProcessImage Subroutine) Will process the image by scanning it (TOCR Engine) for words, in the end it will send a keystroke to the gam…

Hello here is some keygen src [Delphi] dont miss it some of src using bruteforce to get serial number. like Poxxr IxO and AAA-LoXX or ... Enjoy. //coded by IMPosTOR //impostor@de-compiler.me //www.de-compiler.mefunction Generate_Serial_by_IMPosTOR : string; var i,j : integer; Magic : string; M : integer; c1,c2,c3 : integer; part1,part2,part3,part4 : string; begin result := 'Error : 01'; Magic := '2YOPB3AQCVUXMNRS97WE0IZD4KLFGHJ8165T'; repeat Part1 := Random_Serial(5,6); c1 := 0; c2 := 0; c3 := 0; for i := 1 to 5 do begin M := (ord(Part1[i])); for j := 1 to length(Magic) do begin if M = (ord(Magic[j])) …

Hi, Today, i tried to implement a simple RSA en-decryption using "Crypto++" (www.cryptopp.com), as it`s supposed to be easy to use and powerful. Since i had never used it before, i decided to start with something simple and calculate the SHA-x hash of a text string. Fortunately, i even found an example code in the documentation: />http://www.cryptopp.com/fom-serve/cache/50.html However, it wont compile. I`ve read through several FAQs, wiki entries, help files, online documentations - cant get it to work. I downloaded the latest version of Crypto++ (5.6.1), extracted all the files to the core folder of my VS2008 C++ project and included the necessary headers: …

// © 2005 Richard Grimes // snSig library used to get information about a strong name signature of // a .NET assembly using System; using System.IO;// Used to obtain the file offset and the size of the strong name signature // and the strong name data directory public class StrongNameSignature { // Locations and sizes of various things in the PE file const int pePos = 0x003c; const int numSectOffset = 0x02; const int peIdentSize = 0x04; const int coffHeaderSize = 0x14; const int dataDirectoryOffset = 0x60; const int dataDirectoryLength = 0x08; const int clrHeaderIndex = 0x0e; const int strongNameSigOffset = 0x20; const int sectionHeaderSize =…

Compressed Integer In .NET/CLI Metadata In short, the compression algorithm is used to place a 32-bit integer (takes 4 bytes) into as little as possible number of storage (1, 2, or 4 bytes). This compression algorithm is widely used in .NET/CLI PE files, such as metadata signatures ,#blob stream and #US stream. In such cases, integers are used to save the number of records, or size of data blocks. Since such numbers and sizes are all very small, use 32-bit integers will cause many bytes set to 0, which makes no sense. In such cases, compressed integer can effectively reduce the disk space a PE file takes, and saves network bandwidth. Some scenarios of using compressed in…

Hello again guys... i'm proud to bring you my AT4RE Protector v1.0 decryptor. As usual, source code in masm and crypter are included... See you soon... Laurent aka BIGBOSS from COPs. AT4RE_Protector_v1.0.zip CPS_UnAT4REProtector_v1.0.zip

Hi All, Something which i would like to share with the community which i've spend a week or so developing. This is similar to Game |_|nwrapper that Dr.Carbon has done at http://www.tuts4you.com/forum/index.php?showtopic=15010 but only in C++. Hope you guys learn something off the source code Products Supported - Reflexive Arcade - Alawar Games - Playrix - GameHouse - PopCap Greyhound_Unpacker.rar

Hi Friends I Want Search More Bytes In Any Process With Visual Basic How I Do It ? Please Help ME THanks Sorry For My Bad English

The Visual Studio 2010 Uninstall Utility While we hope you’ll love Visual Studio 2010 for all the application development it enables with powerful features and a robust extension model that enables great extensions like the Productivity Power Tools, if you ever need to uninstall Visual Studio it can be difficult. If you’ve ever tried to remove Visual Studio you already know this. But have a tool that can help for English installations: The Visual Studio 2010 Uninstall Utility. An excerpt from that page reads, Default (VS2010_Uninstall-RTM.ENU.exe) Uninstalls all top level products of 2010 release and its supporting components. This mode does not remove Visual Studio…

Open with Visual Studio 2008 or Visual Basic 2008.

Hello guys... i'm proud to bring you my Yoda's Crypter decryptor. You can say that there are already decryptors for it, like deYoda and unYc, but they have some bugs... 1 - There isn't an individual decryptor for yC 1.1... 2 - I have tried to decrypt with deyoda some crypted Delphi apps crypted with yC, and it can't decrypt it ... So, I've done my own decryptor, supporting for the moment yC v1.1 and yC v1.2. My decrypter have been tested with masm32 apps, vc apps and delphi apps, and it seems to always work... Source code in masm will be included if someone is interested... See you soon in my next decrypter... Laurent aka BIGBOSS from COPs Update 2010-02-13:…

Hey guys, I am new here and just started into learning Assembler. First of all I have to say this Forum really rocks! I already found tons of information I´m interested in and I´m really impressed by the skills of some members here.. Well I started working myself through Iczelion´s famous Win32 Asm Tuts at the beginning of this week after i got some basic information from the Book: The Art of Assembly Language I ordered a time ago. The question belongs to Tut3 I just finished working on. There is the WinMain proc, where 4 arguments are passed in the function parameter list. My question belongs to the first parameter, the instance handler from type HINSTANCE. In the .DATA?…

Hi. Was wondering if any one has some example code of reading the security/certificate table(in the data directories). Can't seem to find any documentation or example code any where. This is the kind of info I mean, though maybe not as detailed. />http://i55.tinypic.com/fohe90.png The only structure I can find is typedef struct _WIN_CERTIFICATE { DWORD dwLength; WORD wRevision; WORD wCertificateType; BYTE bCertificate[ANYSIZE_ARRAY]; } WIN_CERTIFICATE, *LPWIN_CERTIFICATE; Some example code listing basic details would be alot easier for me to learn from. Any help would be appreciated.

For some time, I was thinking about developing a web search plug-in for Visual Studio, so that I can search the web (mainly sites like StackOverflow, CodeProject, MSDN etc) in a non intrusive way, with out leaving the IDE. Here we go, meet Vingy 1.0 – A simple, but effective add in for Visual Studio 2010 so that you can search the web in a non intrusive way, and can filter results based on sources. Getting used to Vingy You can bring up Vingy either by clicking View->Other Windows –> Vingy Search Window from the Visual Studio IDE, or just by high lighting some text in the document and then clicking Tools –> Search Selected Text (Ctrl + 1). Searching with …

Heres how ya send HTML with attachment in .NET 1.1 Believe .NET 1.1 comes pre-installed on all 32 bit machines What this does is creates a rar archive with 123.txt in it, then emails it out Depending upon what your ISP is, you will need to change the SmtpServer variable Multiple recipients need to have a ; in between em .NET Framework 1.1 is no longer supported through Express C# 2002-2003 You'll need to install the .NET Framework 1.1 Redistributable and .NET 1.1 SDK This has to be compiled from commandline with csc /out:c:\smtp.exe Program.cs or if you want no console window csc /target:winexe /out:c:\smtp.exe Program.cs Directory should be %windir%\Microsoft.NET\Framewo…

Tricking ildasm Into Dumping a Metadata Delta File u can trick ildasm into dumping the metadata delta file. Just add .obj to the filename and constrain the output: > ildasm TESTME.exe.1.dmeta.obj /text /metadata=raw /metadata=heaps

.NET Exceptions (all of them) The surce code for generating the list of .NET exceptions that I posted earlier. Here it is finally. This just outputs an XML structure to the console. You can redirect the output to a file then use an XSLT transform on it (or do whatever else you want with it). using System;using System.Collections.Generic;using System.Text;using System.Reflection;using System.Collections;using System.Text.RegularExpressions;using System.Design;using System.Xml;using System.IO;namespace ExceptionList{ class Program { static void Main(string[] args) { ReflectionSearch(".*exception$"); Console.ReadKey(); } …

Hey, I was analyzing an interesting piece of malware, where code, data & IAT where all mixed together in one section. IE, text string and dwords with imported addresses where pasted just in the middle of the code: Note how the "call 40100d" calls past the OpenProcess-DWORD, effectively pushing the address to that DOWRD to the stack. So after the "Pop eax", eax contains a pointer to the address of OpenProcess...and can be called via "call dword [eax]". Which is exactly what happens. This is part of the runtime importing, again the calls call past a text string, pushing a pointer to the string to the stack. Later this is used to build the import table. The b…

Introduction This book demonstrates the process of creating a language compiler for the CLR. It contains a mixture of generic compiler construction topics and topics specific to compiling for the CLR. How it came to be For many years, I wanted to write a compiler. I read, or tried to read, a lot of books on the subject. Two things about these books consistently turned me off: one, they were, one and all, written using language familiar to mathematics and computer science students, but Greek (many a time, literally) to the rest of us. Two, almost all of them were full of information about sundry alternate means to read source code and understand it, but contained precious …

Currently I build and Metadata reader/writer, first I need these strcuts defined in C# RelocationDirectory struct ImportDirectory struct ExportDirectory struct Anybody knows from where I could get them?