Programming and Coding
Programming and coding tips, help and solutions...
1,882 topics in this forum
-
FindNextFileW hook ok but...
by DarkInjection- 2 replies
- 6.5k views
hello there im trying to make some usermode hooks to explorer.exe process my first goal is to hook findnextfileW api but when im going to open a directory explorer crashes.I have spot an access violation but i cant spot why that happened here is my source code diafora.h typedef struct AdressEs{ //....target DWORD FindNextFileW_; //....redirect DWORD FindNextFile_; //...data BYTE FindNextFileData[6]; }AdressEs;void HoonOnAddress(DWORD addr,DWORD dst); void UnHoonOnAddress(DWORD addr,BYTE *patch); int JMP(DWORD func,DWORD tramboline); bool FindNextFile_(HANDLE hAndle,WIN32_FIND_DATAW *FileData); void DumpFirstBytesBeforePatch(DWORD addr); void InitializeHook();DWORD p…
-
Best way to generate keys, if you know the routine
by redbeansoup- 1 reply
- 4.6k views
The key isn't generated from a username. I managed to get the key validation routine, and it is rather complex. I was able to translate it to Python code, and I tried generating random numbers and trying each generated number with the validating routine, but I was not able to get a valid key, since the chance of each randomly generated number being valid is near 0. What is the best way to generate a valid key?
-
FInding control init with known control ID
by kittmaster- 6 replies
- 4.9k views
I have a binary with 3 radio buttons, I want to change the default startup selection and resource hacker does not allow me to change the default value. So I must assume the GetDlgItem is where and how the control is initialized. When I break on GetDlgItem, the stack never shows the known control ID for the three buttons I want to switch in code. Since I don't have the source code, I have to do it in asm, but I can't really find any methods that deal with this. Any thoughts? Thanks
-
WM_COPYDATA in ASM?
by wwazzup- 2 replies
- 2.8k views
Hey I wonder how you would use WM_COPYDATA in ASM or more specifically how to create the COPYDATASTRUCT like defined in here: Clickity Click, I am hoping someone is willing to help out a bit Regards, Filiph
-
finding byte size register
by shan75- 1 reply
- 2.9k views
XOR BYTE PTR DS:[EAX],AL i am confusing about some piece of code.. AL is byte size register ... how can i find it in ollydbg..
-
Create Hidden Window With out VCL
by StreamLine- 2 replies
- 5.9k views
Trying to create a hidden window in delphi or (message only window) I have read up on the msdn, and come up with var WClass :TWndClass; TempClass :TWndClass; ClassRegistered :Boolean; begin WClass.style := 0; WClass.lpfnwndproc := @WndProc; WClass.cbClsExtra := 0; WClass.cbWndExtra := SizeOf(TWndClass); WClass.hinstance := hInstance; WClass.hIcon := 0; WClass.hCursor := 0; WClass.hbrbackground := 0; WClass.lpszMenuName := nil; WClass.lpszClassName := 'Server'; ClassRegistered := GetClassInfo(hInstance,WClass.lpszClassName,TempClass); if ClassRegistered = True then UnregisterClass(TempClass.lpszClassName,hInstance); Registerclass(Wclass); Res…
-
- 6 replies
- 7.9k views
Hello, i am reading quite a lot from ARTeam, unfortunately i only got The Weakness of the Windows API Part 1 (from a 3 part series) in my archives, therefore i wanted to ask, where i could find the other two parts as this topic is very interesting for me. May it be that there is only one part available?
-
Handles of a given file
by StreamLine- 4 replies
- 3.4k views
I am designing a delete function for a file manager i am coding however, i want to be able to delete a file even if you get that stupid windows "cant not delete due to blah" message. programs like unlocker. http://ccollomb.free.fr/unlocker/ search for all open handles for a given file and close them how is this acheived? i know after all handles are closed the obvious DeleteFileA is callled to delete the file. example, file1.txt has handle 1 and handle 2 open. search and find the handes CloseHandle(1) close handle(2) deleteFileA(file.txt); Delphi prefered but would settle with other langs and convert my self. TIA
-
[NET] Introduction To APIs
by whoknows- 1 reply
- 5.5k views
dn 870kb @: http://rapidshare.com/files/326470028/NET.Introduction_to_APIs-whoknows.7z.html
-
- 0 replies
- 2.4k views
NET.Reflection and Dynamic Class/Method Invocation Is this code will show you : -how you can load a DLL without add it as reference, call a method and get the return value -Create a class instance of DLL -show a FORM from 3rd party assembly! -as the 1st but the DLL in Resources! -export the Resource file dn (510kb) @: http://rapidshare.com/files/324777942/NET.Reflection_AppDomain-whoknows.7z.html
-
PECompact problem
by grabb- 1 reply
- 5.8k views
I'm attempting to uncompress and PECompact 2.XX file, and having a frustrating time. I followed a number of the tutorials here, but I think I'm missing some important stuff regarding the import tables. Here's what I've done: - Loaded .exe in IDA and saw junk - Used a hex editor to view the file, saw the "PECompact" string and knew it needed unpacking - Loaded .exe into ollydbg (using some stealth plugins) and found the signature PECompact "JMP EAX" instruction - Modified the JMP EAX to JMP EIP so it goes into infinite loop at that point - Ran the "infinite loop" version of the .exe, then attached to the process using ollydbg. Program is decrypted in memory! - The…
-
VB6 ReadProcessMemory Help
by CMoody1964- 4 replies
- 5.8k views
Hey guys, i am new to this forum but i have been looking at all the posts for the past day or two and i am just wandering if somebody could please help me, i enjoy reverse engineering and programming but yet i cannot seem to do a simple task using vb6 (i know i should be using c or c++ but i would like to use vb6 for this current project) i would like to create a serial sniffer like program using ReadProcessMemory and other APIs but for a beginner i would just like something simple like reading the display on calc.exe i did see a detailed tutorial posted here by root86 but every time i use PHandle = OpenProcess (PROCESS_ALL_ACCESS, False, pid) it just jumps to the error …
-
how to insert read text in exe
by midnewbie- 5 replies
- 3.4k views
hello dears there is a program exe i want to change its functionality i want to read a text file in the same directory and put it in memory i am using ollydbg. program runs program states switchs to my code ---> my code reads text put in memory ---> return to the program state. what are the requirements i mean it has nice code cave what else? i appreciate if u can gimme the asm code which reads text and puts it in memory thanks.
-
The Real, Protected, Long mode Assembly Tutorial...
by Teddy Rogers- 1 reply
- 3.1k views
/>http://www.codeproject.com/KB/system/asm.aspx Ted.
-
How to hide tray icons of other applications
by alaphate- 1 reply
- 2.5k views
How to hide tray icons of other applications? I got one app from: />http://www.perfectiontools.com/EasyWindow&SystemTrayIconsHider.exe It functions well. I'd like to code my own. Could any buddy show me some code? C/C++ is preferred. Thank you in advance!
-
How can make Memory Viewer?
by c0lo- 0 replies
- 2.5k views
Well i try build or make Memory viewer for my application... I like see example about this for have idea how begin project.. Thanks
-
need help for writing Ollydbg plugin
by tianna0370- 5 replies
- 6.1k views
Hi: I want to write an Ollydbg plugin and already downloaded plugin development kit 1.10, but I don't know how to start developing. Could anyone give me some reference or a simple sample, such like "hello world", that could help me to start it? Thank you very much. Fan
-
vertical marquee text on delphi
by aiman_yahoo- 1 reply
- 3.2k views
Hi guy ..how want make vertical marquee text on delphi?? can anyone help me ??
-
hex change (delphi) ?
by cdmesut- 1 reply
- 5.4k views
delphi soruce code myprogram.exe (olly) before 0046B376 . /74 0C JE SHORT 19_1.0046B384 after 0046B376 . /90 90 JE SHORT 19_1.0046B384 /// nop 90 90 How do delphi programing thanks
-
Question about Windows memory architecture
by M4RCKUS- 2 replies
- 3k views
I'm very confused about one thing in Windows memory architecture. Thought someone here could help me out. The Virtual Address space (numbering) is unique to every process, right? I.E. application "A" can have some data structure at address 0x12345678, while another completely different application "B" can have completely different data structure at same address 0x12345678. Correct me if this is wrong. Now, assuming this, why is that virtual address space is split into partitions like from 0x00010000 to 0x7FFEFFFF for user mode applications and from 0x80000000 to 0xFFFFFFFF for kernel-mode apps. Why can't user-mode app take the "higher" part of address space if the space n…
-
Cross process calling?
by high6- 8 replies
- 6.3k views
So the other day I learned about shared memory in dlls. I was wondering can a dll call a function in an external process that has the dll? Process1|Dll Process2|Dll Process1 calls AnExport AnExport(called from Process1) calls a callback in Process2 Is this possible?
-
[Solved] RSA Crypting in .NET
by tonyweb- 4 replies
- 6.5k views
Hi guys, this is my first attempt to use RSA in a .NET app. I looked for a solution for hours but I did not understand how to use RSACryptoServiceProvider to import my chosen keys. // Imposta parametri RSAParameters rsaParams = new RSAParameters(); rsaParams.Modulus = myData.getN; rsaParams.Exponent = myData.getExponent; // Istanzia il crypter CspParameters providerParam = new CspParameters(1, "Microsoft Enhanced Cryptographic Provider"); RSACryptoServiceProvider myRSA = new RSACryptoServiceProvider(48, providerParam); myRSA.ImportParameters(rsaParams); // ALWAYS BA…
-
PNG As Window/Region?
by Hyperlisk- 3 replies
- 3.5k views
Hi, I was wondering if anyone has any code they could share that demonstrates how to use a png image as a window. I have no idea where to start... I assume Either GDI+ or pnglib, but that's about it... But yeah... If anyone has anything they can share, I would be delighted to look at it. Hopefully in C/C++ or MASM, but I'm sure anything will be fine if I can adapt it. Thanks, Hyperlisk
-
convert long value to a byte array?(vb6)
by david_2000- 3 replies
- 9.3k views
hi guys is there any way to convert a long value to byte array in vb6? thank you
-
is there any way to reverse a text like this in vb6?
by david_2000- 1 reply
- 2.9k views
hi guys is there any way to reverse number or text in vb6 like this? example: 004519E0 to E0194500 i know StrReverse can do this but it reverses it completely not like i want. thank you
