Programming and Coding
Programming and coding tips, help and solutions...
1,886 topics in this forum
-
How To Use Dr0,..,Dr7 In VB ?
by Sh4DoVV- 4 replies
- 3.5k views
Hi Friends How To Use Register Of Dr0,..,Dr7 In Visual Basic And Set Hardware BreakPoint ? Thanks
-
Saving and writing sections
by CrazyRider- 2 replies
- 3k views
Hi, I have the name, base address and size of a section which i have to save to disk. I have to do this with C/C++ and not PE tools or something like that. Well I guess that's not a big problem, just save each byte from base address to (base address + size) to a file right? Then I have to attach this section to a binary with c++, but i am not sure how to do this. First I have to write the section at some address in the binary, but what do i have to edit in the PE header? Is there a way to add a section and use it directly, while the program is in memory? Primarily I'm talking about code sections here.
-
Decorated Names by using masm32 how to?
by Unwake- 0 replies
- 2.9k views
I want to make dll with Decorated Names by using masm32 the export name is like ?MoleBox_GetUserMail@@YA?AVMoleString@@XZ when i wrote in .def file like this LIBRARY MYCLASS EXPORTS ?MoleBox_GetUserMail@@YA?AVMoleString@@XZ=MoleBox_GetUserMail @1 ?MoleBox_GetUserName@@YA?AVMoleString@@XZ=MoleBox_GetUserName @2 when i make the dll,i find it is ?MoleBox_GetUserMail rva: 00001006 ord: 1 ?MoleBox_GetUserName rva: 00001014 ord: 2
-
- 13 replies
- 5.1k views
Hey guys! Well I'm currently doing some experimenting with coding an exe packer/protector. I've got it working up to the point of loading and packing an executable written in C++ compiled with Dev-c++ and it works fine. Whenever I compile the same source code in Visual Studio 2008 pack it and run it I get "Not a valid executable file!" Anyone have an ideas? I can post the code if need be. Thanks in advance
-
VB.NET 08 - signed & unsigned values
by deepzero- 1 reply
- 6.7k views
Hi, I am stuck at converting a negative signed value to an unsigned value in vb.net 2008: e.g. signed: -1111111 unsigned: 4293856185 I am trying to do a "NEG" operation... any ideas? deep0
-
FindNextFileW hook ok but...
by DarkInjection- 2 replies
- 6.7k views
hello there im trying to make some usermode hooks to explorer.exe process my first goal is to hook findnextfileW api but when im going to open a directory explorer crashes.I have spot an access violation but i cant spot why that happened here is my source code diafora.h typedef struct AdressEs{ //....target DWORD FindNextFileW_; //....redirect DWORD FindNextFile_; //...data BYTE FindNextFileData[6]; }AdressEs;void HoonOnAddress(DWORD addr,DWORD dst); void UnHoonOnAddress(DWORD addr,BYTE *patch); int JMP(DWORD func,DWORD tramboline); bool FindNextFile_(HANDLE hAndle,WIN32_FIND_DATAW *FileData); void DumpFirstBytesBeforePatch(DWORD addr); void InitializeHook();DWORD p…
-
Best way to generate keys, if you know the routine
by redbeansoup- 1 reply
- 4.8k views
The key isn't generated from a username. I managed to get the key validation routine, and it is rather complex. I was able to translate it to Python code, and I tried generating random numbers and trying each generated number with the validating routine, but I was not able to get a valid key, since the chance of each randomly generated number being valid is near 0. What is the best way to generate a valid key?
-
FInding control init with known control ID
by kittmaster- 6 replies
- 5k views
I have a binary with 3 radio buttons, I want to change the default startup selection and resource hacker does not allow me to change the default value. So I must assume the GetDlgItem is where and how the control is initialized. When I break on GetDlgItem, the stack never shows the known control ID for the three buttons I want to switch in code. Since I don't have the source code, I have to do it in asm, but I can't really find any methods that deal with this. Any thoughts? Thanks
-
WM_COPYDATA in ASM?
by wwazzup- 2 replies
- 3k views
Hey I wonder how you would use WM_COPYDATA in ASM or more specifically how to create the COPYDATASTRUCT like defined in here: Clickity Click, I am hoping someone is willing to help out a bit Regards, Filiph
-
finding byte size register
by shan75- 1 reply
- 3.1k views
XOR BYTE PTR DS:[EAX],AL i am confusing about some piece of code.. AL is byte size register ... how can i find it in ollydbg..
-
Create Hidden Window With out VCL
by StreamLine- 2 replies
- 6.1k views
Trying to create a hidden window in delphi or (message only window) I have read up on the msdn, and come up with var WClass :TWndClass; TempClass :TWndClass; ClassRegistered :Boolean; begin WClass.style := 0; WClass.lpfnwndproc := @WndProc; WClass.cbClsExtra := 0; WClass.cbWndExtra := SizeOf(TWndClass); WClass.hinstance := hInstance; WClass.hIcon := 0; WClass.hCursor := 0; WClass.hbrbackground := 0; WClass.lpszMenuName := nil; WClass.lpszClassName := 'Server'; ClassRegistered := GetClassInfo(hInstance,WClass.lpszClassName,TempClass); if ClassRegistered = True then UnregisterClass(TempClass.lpszClassName,hInstance); Registerclass(Wclass); Res…
-
Handles of a given file
by StreamLine- 4 replies
- 3.7k views
I am designing a delete function for a file manager i am coding however, i want to be able to delete a file even if you get that stupid windows "cant not delete due to blah" message. programs like unlocker. http://ccollomb.free.fr/unlocker/ search for all open handles for a given file and close them how is this acheived? i know after all handles are closed the obvious DeleteFileA is callled to delete the file. example, file1.txt has handle 1 and handle 2 open. search and find the handes CloseHandle(1) close handle(2) deleteFileA(file.txt); Delphi prefered but would settle with other langs and convert my self. TIA
-
[NET] Introduction To APIs
by whoknows- 1 reply
- 5.6k views
dn 870kb @: http://rapidshare.com/files/326470028/NET.Introduction_to_APIs-whoknows.7z.html
-
- 0 replies
- 2.6k views
NET.Reflection and Dynamic Class/Method Invocation Is this code will show you : -how you can load a DLL without add it as reference, call a method and get the return value -Create a class instance of DLL -show a FORM from 3rd party assembly! -as the 1st but the DLL in Resources! -export the Resource file dn (510kb) @: http://rapidshare.com/files/324777942/NET.Reflection_AppDomain-whoknows.7z.html
-
PECompact problem
by grabb- 1 reply
- 5.9k views
I'm attempting to uncompress and PECompact 2.XX file, and having a frustrating time. I followed a number of the tutorials here, but I think I'm missing some important stuff regarding the import tables. Here's what I've done: - Loaded .exe in IDA and saw junk - Used a hex editor to view the file, saw the "PECompact" string and knew it needed unpacking - Loaded .exe into ollydbg (using some stealth plugins) and found the signature PECompact "JMP EAX" instruction - Modified the JMP EAX to JMP EIP so it goes into infinite loop at that point - Ran the "infinite loop" version of the .exe, then attached to the process using ollydbg. Program is decrypted in memory! - The…
-
VB6 ReadProcessMemory Help
by CMoody1964- 4 replies
- 6k views
Hey guys, i am new to this forum but i have been looking at all the posts for the past day or two and i am just wandering if somebody could please help me, i enjoy reverse engineering and programming but yet i cannot seem to do a simple task using vb6 (i know i should be using c or c++ but i would like to use vb6 for this current project) i would like to create a serial sniffer like program using ReadProcessMemory and other APIs but for a beginner i would just like something simple like reading the display on calc.exe i did see a detailed tutorial posted here by root86 but every time i use PHandle = OpenProcess (PROCESS_ALL_ACCESS, False, pid) it just jumps to the error …
-
how to insert read text in exe
by midnewbie- 5 replies
- 3.5k views
hello dears there is a program exe i want to change its functionality i want to read a text file in the same directory and put it in memory i am using ollydbg. program runs program states switchs to my code ---> my code reads text put in memory ---> return to the program state. what are the requirements i mean it has nice code cave what else? i appreciate if u can gimme the asm code which reads text and puts it in memory thanks.
-
The Real, Protected, Long mode Assembly Tutorial...
by Teddy Rogers- 1 reply
- 3.2k views
/>http://www.codeproject.com/KB/system/asm.aspx Ted.
-
How to hide tray icons of other applications
by alaphate- 1 reply
- 2.7k views
How to hide tray icons of other applications? I got one app from: />http://www.perfectiontools.com/EasyWindow&SystemTrayIconsHider.exe It functions well. I'd like to code my own. Could any buddy show me some code? C/C++ is preferred. Thank you in advance!
-
How can make Memory Viewer?
by c0lo- 0 replies
- 2.7k views
Well i try build or make Memory viewer for my application... I like see example about this for have idea how begin project.. Thanks
-
need help for writing Ollydbg plugin
by tianna0370- 5 replies
- 6.3k views
Hi: I want to write an Ollydbg plugin and already downloaded plugin development kit 1.10, but I don't know how to start developing. Could anyone give me some reference or a simple sample, such like "hello world", that could help me to start it? Thank you very much. Fan
-
vertical marquee text on delphi
by aiman_yahoo- 1 reply
- 3.3k views
Hi guy ..how want make vertical marquee text on delphi?? can anyone help me ??
-
hex change (delphi) ?
by cdmesut- 1 reply
- 5.6k views
delphi soruce code myprogram.exe (olly) before 0046B376 . /74 0C JE SHORT 19_1.0046B384 after 0046B376 . /90 90 JE SHORT 19_1.0046B384 /// nop 90 90 How do delphi programing thanks
-
Question about Windows memory architecture
by M4RCKUS- 2 replies
- 3.1k views
I'm very confused about one thing in Windows memory architecture. Thought someone here could help me out. The Virtual Address space (numbering) is unique to every process, right? I.E. application "A" can have some data structure at address 0x12345678, while another completely different application "B" can have completely different data structure at same address 0x12345678. Correct me if this is wrong. Now, assuming this, why is that virtual address space is split into partitions like from 0x00010000 to 0x7FFEFFFF for user mode applications and from 0x80000000 to 0xFFFFFFFF for kernel-mode apps. Why can't user-mode app take the "higher" part of address space if the space n…
-
Cross process calling?
by high6- 8 replies
- 6.4k views
So the other day I learned about shared memory in dlls. I was wondering can a dll call a function in an external process that has the dll? Process1|Dll Process2|Dll Process1 calls AnExport AnExport(called from Process1) calls a callback in Process2 Is this possible?
