Programming and Coding

Hello friends, a few days after my NFO deprotector, i'm proud to bring you my unpacker for PEX v0.99 from Bart^CrackPl. Unpacker source in masm and packer source are included for interested ones... (Note: I have also included unpackers from Chaf.) Any comments, opinions on source code, bug reports or others are welcome... See you soon ... Laurent aka BIGBOSS from COPs... PEX_v0.99.zip CPS!UnPEX_v0.99.zip DeX_v0.99.zip DeX_v0.99.1.zip

Hello friends, i'm proud to bring you my decryptor for NFO v1.0 from bart^CrackPl 2ooo. Why do i say "possible bug correct" ? - There is a little bug in NFO resource encryption/decryption method used by Bart. - NFO program skips encryption/decryption if first byte of resource contents is value 028h. But this is a bad method, because the first unencrypted byte of resource contents can have a value different than 028h, but once encrypted, this value may become the value 028h.- So, resource part having the first encrypted byte with value 028h will not be decrypted. - This case have been tested with original crypter and with unNFO (decrypter from Dulek). - My own unpacker che…

Hi, I wanted to inject some code into another process & execute it as a separate thread. This is my code so far: DWORD PID = 0; //PID goes here! HANDLE hProcess = 0; hProcess = ::OpenProcess( PROCESS_CREATE_THREAD | PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ, FALSE, PID); cout << hProcess;void *p = 0; const DWORD MAXINJECTSIZE = 4096; p = VirtualAllocEx( hProcess, 0, MAXINJECTSIZE, MEM_COMMIT, PAGE_EXECUTE_READWRITE );DWORD bem = 90909090; if ( ! WriteProcessMemory(hProcess, p, &bem, MAXINJECTSIZE, 0 ) ) { cout << "WPM() failed, gle = " << GetLastError(); return 0; }::CreateRe…

Can anyone help me with this by giving me example source? Thanks.

http://delphi.icm.ed...wl/midxd60f.htm In this link more then 400 delphi library components. Some of these components might be useful for some people.

Hi, I am new to assembly and want to know how to print integers in assembly on stdout. As printing string is straight forward. But i am not able to find how to put integers on stdout. I am using as and ld in linux to compile my program and run. I am not using HLA or MASM etc. Thanks.

I want to make my own detours class. What reference should I use for the instructions and their sizes? Also is there anything more to it then just calculating their sizes and figuring out how much you need to copy?

Hello! I tried to list modules of foreign processes with and without admin rights under Windows 7 Pro 64bit by using APIs Module32First, Module32Next and CreateToolhelp32Snapshot. It only works on my own process and like 10% of other the ones like Firefox. For the rest the Module32* APIs return FALSE. Is this associated with the Windows 7 "protected processes" security model where even administrator can't use a debugger on every process? While it makes injection to even notepad.exe impossible, is there a way around this besides not using Windows 7? I could not find a new tutorial on DLL-Injection in Windows 7.

Sorry for the bad title . Anyways... How would this look in C++? PUSH 2 ; Constant PUSH ESI ; CWorld LEA ECX, [ESP+0xE4] ; std::string CALL 1521ED60 ; AddString What I don't get is why ECX is being set to std::string. It is used inside the function. I don't think it is a fast call. But I have no idea what it is. It is like the first push and ecx are backwards 0,o...

I'm using regini to set a registry key's permission. one parameter is called ACL(Access Control List) number. Microsoft says people can use regdmp to retrieve the ACL number of a registry key. I tried, however, no ACL number was displayed. I found regdmp cannot show permissions of registry keys. Refer to: />http://support.microsoft.com/kb/264584 Any buddy knows any tools to retrieve the ACL number of a registry key? Thanks.

Hi! I would like to write an application which shows all file accesses in system. With the help of madshi component I was easily able to list the file accesses, but unfortunately I can't find anything on the internet (maybe I'm using the wrong keywords :S) to prevent access from certain files. What should I look after to do that? Thanks Oh I almost forgot it I'm using delphi, but almost anything helps... except asm

I'm writing a basic CrackMe with Visual C++ 2008, MFC. And I want to create a solution too, but when I load my application to OllyDbg, there is no any symbols loaded. MFC version is 9. I decided to try another MFC version, when I load a MFC 7 application OllyDbg load symbols. If you'll say load pdb or something, please show me another way. Thanks in advance.

how write assembly code by ollydbg compile and debug it thanks

Hi, guys i am working on a self extracting project and i need some ideas. What i want to do: I have 2 files, File1 and file2. File1 will open file2 and add some data into file2. And when file2 is run, it will simply dump the data. What i need to know is that the size od data to be added is not specific, so what will be a better option: a. Add the data as overlay b. Add the data as a resource Please help. *If you have an example in asm, your most welcome. Thankyou starzboy

Just thought I'd give a heads-up to people that don't know. Today is Google's programming competition, Google Code Jam. If you're in to programming, join in! It shall be fun~!

...

I've found a nice-looking keygen background bmp, with name/serial fields included on it. The problem is, when I add a text field in with WinASM's resource editor, the text field is white and covers up the background bmp. I've gotten rid of the borders, but I want the text field to be transparent. How would I do this? Also, is it possible to change the font/size of a text field? Thanks for the help.

hi all does anyone know how to inject a code into pe using asm?! and thank's

Can somebody please show me the method on how to make Windows "think" that a new hardware has been inserted into the usb slot - i mean simulate existance of some hardware. thnx.

I'm trying to get ufmod to work with c#. I've followed their example and it works perfect! The problem is that if I add any images or icons to my c# app and compile those resources into the it with the build script then the application crashes every time. I think it might be because the final link with the .res file which contains the .xm overwrites the previous images resources... maybe? Anyway, I'm lost and can't think of anything else to do. Does anyone have any experience with this? Here is what I'm doing: 1. Compile my .net resources with "resgen /compile MainForm.resx" which creates MainForm.resources 2. Run build.bat MainForm.resources contains the .net app icon an…

Hi Do you have any code for retrieving the list of running processes without using any API from Windows? Thank you for your help.

Hi can some one make theMagicV2mEngine.lib how dont need LIBC.lib,i can not found the LIBC.lib. I thing this dll is needed for make the lib file. her is the downloadlink for the dll.dll

I us ufmod code on asm(masm) it dont work for me i see two errors. As ide i us Winasm. her the errors Assembling: C:\WinAsm\projects\me2\base.asm C:\masm32\include\cryptohash.inc(48) : error A2008:syntax error : proto //if i copy the lib from the archiv to the masm32 lib folder is ar error on line 63 C:\WinAsm\projects\me2\base.asm(78) : error A2070:invalid instruction operands Make finished. 2 error(s) occured the frist error is on this line. 78 : invoke uFMOD_PlaySong, addr table, xmSize, XM_MEMORY the second error is from the file on the downloadlink. inc I us ml.exe version 8.

Download Link: http://www.tuts4you.com/download.php?view.1200Ted.

Well guys, I went back to school as I went through the certicom ecc theories. Now, I wanna implement ECC, & I am having a lil problem. I am using delphi, & FGInt. I am using ECB as the parameter generator. But the Point G (base point of the curve), is represented as X & Y coordinate. I But in the ECDSA unit available, the G is a function parameter of TECPoint type. I saw in Crypto++ there is a function to combine the X & Y coordinates into a Point. Is there any delphi eqivalent of that ? Would be glad if any 1 points me 2 the right direction