Programming and Coding
Programming and coding tips, help and solutions...
1,876 topics in this forum
-
TELNET BOT
by JMC31337- 0 replies
- 4.2k views
...
-
Sorry to disturb...cryptopp
by _sb_- 3 replies
- 5.5k views
Well i have been coding in assembler from the very first day i started in the scene. but now i am really getting mad with this situation... I was reversing a software (my ideas here are doing a keymaker and cracked dll here). basicall this thing uses cryptopp - yeah big pain in the ***. what it does is ECDSAsignatureberify("OCDE"+username,signature).the signature is your serial number. i know this seems easy... that was what i thought too. but when i looked at it closer... omg the cryptopp libs are a total NIGHTMARE there are not any clear manuals anywhere where i really can know how this works. the signature produced by cryptopp for ecdsa is an array of bytes - how can t…
-
- 2 replies
- 2.9k views
hi , here is keygen source in C for deurus keygenme#02 by me here is keygenme link : http://crackmes.de/users/deurus/keygenme02/here is source of keygen by me in C language: gen(HWND hWnd) { char szname[1024]="",szserial[1024]="",final[1024]=""; long int s1=0,s2=0,s3=0,s4=0; int j=0; char *lpname=""; lpname = new char[32]; DWORD len=32; if (GetDlgItemText(hWnd,IDNAME,szname,256)<4) { MessageBox(hWnd,"Name Length Must > 3","hey!",MB_ICONINFORMATION); return 0; } else { for (int i=0;i<(lstrlen(szname)+1);i++) { s1=szname[i]+0x1CB1; _asm{ SHL s1,9} s2+=(s1+(szname[i]-0x40)); } wsprintf(szserial,"%i",s2); SetDlgItemText(hWnd,IDSERIAL,szserial); …
-
- 1 reply
- 4.4k views
I am trying to create a new process from current running process,am doing this with the zwcreateProcess function.(just for testing purpose).check the code below HANDLE fileHandle; OBJECT_ATTRIBUTES ObjectAttributes; UNICODE_STRING InputString; InputString.Buffer = L"C:\\users\\Tommy\\MyEXE.exe"; InputString.Length = wcslen(L"C:\\users\\Tommy\\MyEXE.exe")*2; InputString.MaximumLength = InputString.Length +2; ObjectAttributes.Length = sizeof(OBJECT_ATTRIBUTES); ObjectAttirbutes.ObjectName = &InputString; NTSTATUS status = ZwCreateProcess(&fileHandle,PROCESS_CREATRE_PROCESS,&ObjectAttributes,GetCurrentProcess(),true …
-
PEScrambler...
by Teddy Rogers- 0 replies
- 5.1k views
PEScrambler PEScrambler and source code attached... />http://code.google.com/p/pescrambler/ PEScrambler_v0_1.zip Ted.
-
Injecting Auto Orders In Client Terminal
by Nilesh- 0 replies
- 3.8k views
Hello, This is my first post in Tuts4you. I have watched I learn some basic techniques from Lena Cracking Tutorial. I am doing some experiment on Stock Market Client Application to extend his feature through OLE. But I am little unsure about which part of reverse engineering I have to use or learn. I am looking to send background orders in client application without running macros (Mouse Clicks,Keyboard Strokes). Here is picture (Buy.jpeg) for buy order when sent from client application (After Pressing Of "F1" Key) : For normal circumstances I have to fill Total Qty & Price section from keyboard stroke, Click on send button. This will place orders in exchange. But…
-
Local Area Connection - Controll
by eXec0d3- 4 replies
- 3.4k views
how can I change my Local Area Connection settings or disable/enable it... thanks
-
Quick Noob Question
by rendari- 4 replies
- 2.6k views
Hello all, I need to get some quick dirty patching done. Which APIs let you retrieve the Imagebase of a module in another process? I'm looking to get the ImageBase of a DLL loading into another process. Been googling a bit but cant seem to find it and its slipped my memory Thanks -r
-
from VA to File Offset
by eXec0d3- 10 replies
- 5.5k views
How can I Get File Offset from VA or RVA ? in delphi ^^
-
ASProtect 2.56 SKE - polymarker
by deepzero- 7 replies
- 4.4k views
Hi, I wanted to experiment a little with asprotects virtualization options and tried to virtualize a simple function: int deepzero(int x){User_Polymarkerint y = 22; y = (y * x) /5; y += 100;return (y); } But it doesnt work, User_Polymarker is not defined. The polymarker stuff is defined in a file called PB.inc, but it doesnt look like c++ to me...: ' PB include fileMACRO USER_POLY_BUFFER = ! DB &HEB, &H04, &HEB, &H05, &H39, &H19MACRO CRC_BEGIN ! DB &HEB, &H04, &HEB, &H05, &H19, &H01, &HE9, &H25, &H00, &H00, &H00, &H00, &H00, &H00, &H00, &H00 ! DB &H00, &H00, &H00, &a…
-
Microsoft Outlook is safe or not?
by Huxol- 0 replies
- 4k views
Let me explain different way... Is it possible to login MS Outlook account without using user name and password? I wrote an example code for Vista and Outlook 2007, it works for me. If you want to try you can download from : />http://rapidshare.com/files/405457995/oWiz.zip.html Language : CodeGear Delphi 2010 Library : Extended MAPI
-
dll injection
by deepzero- 5 replies
- 6.2k views
Hey, I am trying to inject a dll into another running process. This is my code: HANDLE Proc; char buf[111]={0}; LPVOID Remotestr, LoadLib; DWORD ProcessID = 2768; //process ID of explorer.exe char DLL_NAME[222] = "C:\\t.dll"; //here`s my dll! Proc = OpenProcess(PROCESS_CREATE_THREAD, FALSE, ProcessID); LoadLib = (LPVOID)GetProcAddress(GetModuleHandleA("kernel32.dll"), "LoadLibraryA"); Remotestr = (LPVOID)VirtualAllocEx(Proc, NULL, 1000, MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE); cout << GetLastError(); //debugging ... I would now continue with WriteProcesMemory & CreateRemoteThread but VirtualAllocEx fails! The error code is "5". …
-
md2 class
by Mehdi03- 1 reply
- 2.6k views
HI,I m looking for md2 class in vb.net or a library of crypto that support md2 plz help me ..
-
How to Search some bytes in file and retrives the VA
by Gladiator- 0 replies
- 2.3k views
hello masters i have a problem with search some bytes in exe files and get the VA of it like SDK Protections in some protectors like themida. i need to do this in delphi. please help. thanks.
-
Calling a .net method in another process.
by rendari- 1 reply
- 2.8k views
Hello all Here is my problem: There is a program that starts up, and the user needs to click a "Play" button for it to start doing a certain thing. I want to make it so that the "Play" button is automatically pressed upon startup of the program, so that the user doesn't have to do it. The program is coded in .NET. Normally, I would just change the entrypoint in ILDASM to something that calls the button1_click() method, but the program is wrapped in Xenocode. For the purposes of this exercise, unwrapping Xenocode is not an option (due to political reasons and my relations with the program creator...). So, I must somehow tell the program to press button1_click() from a…
-
Question about Olly and interrupts
by 0xByte- 2 replies
- 2.7k views
Hello everyone. Is it normal that olly can't handle interrupts like int 12h? If I try to inline-assemble interrupts i always get an "access violation when reading [FFFFFFFF]" followed by a "debugged program was unable to process exception". Could someone please explain the backgrounds of that error and whether it is possible to make Olly handle these interrupts? (sorry i'm new to asm and olly ._.) Thank you and best regards
-
Memory Protection
by listito- 8 replies
- 12.8k views
Hello, I'd like to protect my software against OpenProcess() or ReadProcess(), any known callbacks or interesting way to detect it? any help is appreciated
-
MSVC2008 - Removing MSVC Framework code..
by SunBeam- 11 replies
- 10.7k views
Hello, folks. I managed (ONCE UPON A TIME) to make it so that everytime I compile an application in MSVC2008, the output file would be free of that __security_init_cookie + __tmainCRTStartup code the compiler/linker adds in. Now I can't seem to freakin' get the results properly with project's settings. Any ideas? Here's how code looks like when compiled: And I want it only to start from this: As in, program's OEP to be this: Tried options: Code Generation -> Buffer Security Check -> No Code Generation -> Enable Function Level Linking -> No Code Generation -> Enable Floating Point Exceptions -> No Code Generation -> Enable C++ Exception…
-
Obfuscator
by jksoom- 3 replies
- 8.8k views
I need help. I need some obfuscator algorithm finder. I have a lot of obfuscated codes, and decoded codes. Is there any program which can lear how to do this? For example I enter him 10 obfuscated codes, and right decoded codes which he should get, and then he finds valid connection between them. For example: obfuscated: 522E 6A53 A29E 3577 3533 4A91 decoded: 50E5 562E 3870 334A 91 I also have one working converter made by some guy, but I don't know how to read the algo from it. If someone can help, please call me on private message and i will send you the exe.
-
x86 Code Obfuscation Techniques
by ghandi- 2 replies
- 10.1k views
Hi everybody, I was playing around with a few binary files on my computer today which employ code obfuscation at some point in their execution. The techniques used differ and yet the end result is very similar, code which causes OllyDbg or IDA to disassemble it incorrectly. The 2 ways i thought of using to see the true code is to either log the execution and then remove redundant operations from the log, leaving only the true instruction or to deobfuscate the code prior to execution. This second option is faster for sure, but it is fraught with danger also because it increases the margin for error. If the deobfuscation should incorrectly remove or change a valid opcode th…
-
- 1 reply
- 5.2k views
Hi, i am trying to use bassmod.dll to play tracker music in C++. This is a start (with a little help from msdn ): typedef BOOL (WINAPI *wapi)(DWORD, DWORD, DWORD); int main() { HMODULE basshndl = LoadLibraryA("C:\\x.dll"); cout << "Handel: " << basshndl<< "\n"; bassinit = GetProcAddress(basshndl, "BASSMOD_Init"); cout << "bassmod_init: " << binit << "\n"; bassinit(-1,44100,0);} the initialization went fine -> works. However, every api has a different returnvalue/arguments, so i`d need a different typedef for every api...which is unpractical. i found this on the web: ..... GCNA fGetComputerName; BOOL nokernel32 = FALSE; D…
-
Bass.dll
by ragdog- 7 replies
- 4.9k views
Hi I have download the new bass.dll version 2.4.5 Now compile i my old app hmm this works not invoke BASS_StreamCreateFile,NULL,addr MusicFile,0,0,BASS_SAMPLE_LOOP error A2114: INVOKE argument type mismatch : argument : 4 error A2114: INVOKE argument type mismatch : argument : 3 I look in the c/c++ package and find this BASS_StreamCreateFile(FALSE,file,0,0,BASS_SAMPLE_LOOP And this works why? Now have i look in the help file an see: HSTREAM BASS_StreamCreateFile( BOOL mem, void *file, QWORD offset, QWORD length, DWORD flags ); What make i by QWORD? greets,
-
PeX unpacker
by bigboss-62- 0 replies
- 5.2k views
Hello friends, a few days after my NFO deprotector, i'm proud to bring you my unpacker for PEX v0.99 from Bart^CrackPl. Unpacker source in masm and packer source are included for interested ones... (Note: I have also included unpackers from Chaf.) Any comments, opinions on source code, bug reports or others are welcome... See you soon ... Laurent aka BIGBOSS from COPs... PEX_v0.99.zip CPS!UnPEX_v0.99.zip DeX_v0.99.zip DeX_v0.99.1.zip
-
NFO decryptor (possible bug correct version).
by bigboss-62- 0 replies
- 2.8k views
Hello friends, i'm proud to bring you my decryptor for NFO v1.0 from bart^CrackPl 2ooo. Why do i say "possible bug correct" ? - There is a little bug in NFO resource encryption/decryption method used by Bart. - NFO program skips encryption/decryption if first byte of resource contents is value 028h. But this is a bad method, because the first unencrypted byte of resource contents can have a value different than 028h, but once encrypted, this value may become the value 028h.- So, resource part having the first encrypted byte with value 028h will not be decrypted. - This case have been tested with original crypter and with unNFO (decrypter from Dulek). - My own unpacker che…
-
[C++] CreateRemoteThread & WriteProcessMemory
by deepzero- 3 replies
- 6.6k views
Hi, I wanted to inject some code into another process & execute it as a separate thread. This is my code so far: DWORD PID = 0; //PID goes here! HANDLE hProcess = 0; hProcess = ::OpenProcess( PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ, FALSE, PID); cout << hProcess;void *p = 0; const DWORD MAXINJECTSIZE = 4096; p = VirtualAllocEx( hProcess, 0, MAXINJECTSIZE, MEM_COMMIT, PAGE_EXECUTE_READWRITE );DWORD bem = 90909090; if ( ! WriteProcessMemory(hProcess, p, &bem, MAXINJECTSIZE, 0 ) ) { cout << "WPM() failed, gle = " << GetLastError(); return 0; }::CreateRe…