Programming and Coding
Programming and coding tips, help and solutions...
1,889 topics in this forum
-
hex change (delphi) ?
by cdmesut- 1 reply
- 5.6k views
delphi soruce code myprogram.exe (olly) before 0046B376 . /74 0C JE SHORT 19_1.0046B384 after 0046B376 . /90 90 JE SHORT 19_1.0046B384 /// nop 90 90 How do delphi programing thanks
-
Question about Windows memory architecture
by M4RCKUS- 2 replies
- 3.2k views
I'm very confused about one thing in Windows memory architecture. Thought someone here could help me out. The Virtual Address space (numbering) is unique to every process, right? I.E. application "A" can have some data structure at address 0x12345678, while another completely different application "B" can have completely different data structure at same address 0x12345678. Correct me if this is wrong. Now, assuming this, why is that virtual address space is split into partitions like from 0x00010000 to 0x7FFEFFFF for user mode applications and from 0x80000000 to 0xFFFFFFFF for kernel-mode apps. Why can't user-mode app take the "higher" part of address space if the space n…
-
Cross process calling?
by high6- 8 replies
- 6.5k views
So the other day I learned about shared memory in dlls. I was wondering can a dll call a function in an external process that has the dll? Process1|Dll Process2|Dll Process1 calls AnExport AnExport(called from Process1) calls a callback in Process2 Is this possible?
-
[Solved] RSA Crypting in .NET
by tonyweb- 4 replies
- 6.8k views
Hi guys, this is my first attempt to use RSA in a .NET app. I looked for a solution for hours but I did not understand how to use RSACryptoServiceProvider to import my chosen keys. // Imposta parametri RSAParameters rsaParams = new RSAParameters(); rsaParams.Modulus = myData.getN; rsaParams.Exponent = myData.getExponent; // Istanzia il crypter CspParameters providerParam = new CspParameters(1, "Microsoft Enhanced Cryptographic Provider"); RSACryptoServiceProvider myRSA = new RSACryptoServiceProvider(48, providerParam); myRSA.ImportParameters(rsaParams); // ALWAYS BA…
-
PNG As Window/Region?
by Hyperlisk- 3 replies
- 3.7k views
Hi, I was wondering if anyone has any code they could share that demonstrates how to use a png image as a window. I have no idea where to start... I assume Either GDI+ or pnglib, but that's about it... But yeah... If anyone has anything they can share, I would be delighted to look at it. Hopefully in C/C++ or MASM, but I'm sure anything will be fine if I can adapt it. Thanks, Hyperlisk
-
convert long value to a byte array?(vb6)
by david_2000- 3 replies
- 9.5k views
hi guys is there any way to convert a long value to byte array in vb6? thank you
-
is there any way to reverse a text like this in vb6?
by david_2000- 1 reply
- 3.1k views
hi guys is there any way to reverse number or text in vb6 like this? example: 004519E0 to E0194500 i know StrReverse can do this but it reverses it completely not like i want. thank you
-
Detour 2.1 Hook problem
by Surrogate- 2 replies
- 5.2k views
Hi i seem to be having a problem with my LoadBitmapW hook, im using Detour 2.1 Im trying to hook SPIDER.EXE Windows XP version of the game, SPIDER.EXE resource has Numeric and String resources bitmaps for ids example 108,106, "FELT", "CARDBACK", "CARD1" etc etc FELT, CARDBACK will pass just fine in the LPCWSTR lpBitmapName, but when spider.exe resource has 2 images as Numbers resource bitmap id 108, 106.. the debugger tells me bad ptr 0x00006c (lpBitmapName) etc.. which is the 108 resource id for the bitmap HBITMAP __stdcall Mine_LoadBitmapW(HINSTANCE hInstance, LPCWSTR lpBitmapName) { HBITMAP hBitmap = NULL; TCHAR tszModuleName[MAX_PATH] = {0}; GetModuleBaseName(GetC…
-
- 6 replies
- 6.2k views
Is there a plugin that allows to translate basic asm code from olly to c++/c# commands? I'm talking really the most basic commands like: SHL EAX,0A --> EAX = EAX << 0x0A OR EAX, ESI --> EAX = EAX | ESI AND EAX, ESI -> EAX = EAX & ESI XOR EAX,EBX --> EAX = EAX ^ EBX MOV EAX, EDX -> EAX = EDX etc... Please don't tell me to use inline asm because I'm programming in C#, which apparently does not support inline asm. And at the same time please dont tell me to use C++ as i already coded a lot of code for this keygen I'm working on and I'm not going to translate the code to c++.
-
Navigate Olly from external tool
by F.L.A.M- 2 replies
- 2.8k views
Hello, guys! I'm writting some app for unpacking and i would like to navigate in Olly to certain address from it. Is it somehow possible? Maybe throigh some WM_ messages? Thanks!
-
Move window
by wyrda- 6 replies
- 3.5k views
When I paint a window with a picture and set its Style to None I can't move it.I use mouse events to move it but it is using a lot of resources(proc) because my window actually move with the cursor. How can I move my window just like a normal one?(with that rectangle surrounding it)
-
Questing about a dll
by crypto- 4 replies
- 6.7k views
This is a code snippet from a tutorial I was reading. It reads the IAT of a exe. // Globals: typedef void (WINAPI *ProcessEvent_typedef)(class UFunction*,void*,void*); ProcessEvent_typedef orgProcessEvent; // IAT MAJIC void ReDirectFunction (char* strDllName, char* strFunctionName, DWORD newFuncAddy) { DWORD dwBackup; DWORD dwIndex; DWORD dwOffset; HMODULE hEng; PIMAGE_DATA_DIRECTORY pDataDirectory; PIMAGE_DOS_HEADER pDosHeader; PDWORD pdwIAT; PDWORD pdwINT; PIMAGE_IMPORT_DESCRIPTOR pImportDescr…
-
Custom Button Video Tutorial: C# By papanyquiL
by papanyquiL- 2 replies
- 2.7k views
This is an example of how to create your own custom button control with a specified visual style. It is intended for beginners and can be used at any discretion. Download Here MD5: 663925296845ACF99AE1107FC18CA7B4 This link won't stay up for very long... For this and more tutorials go to theBlackStorm portal.
-
Disabling (Self Defense ) / Nod32 / With an script
by __Genius__- 3 replies
- 5.9k views
if you are one of Nod32 Antivirus system's users, you may be aware of the self defense system, you can simply disable it by disabling the check box in the settings of Nod32. I want to know is there any available method for disabling / enalbling this feature programmatically, for example with a snippet C/C++ code ? if you aware of this then let me know please . cheers, / Genius
-
More than 8 bytes
by xsp!d3r- 2 replies
- 3.2k views
hi guys does anyone know how to encrypt more than 8 bytes by using drizz's cryptohash library in asm?
-
Irregular shaped applications
by HellSpider- 6 replies
- 5.7k views
Hi. I've started to learn coding with MASM and I'm coding a program with an irregular shape atm. The problem is that my region and the bitmap that should get placed on the region are not one the same place. The bitmap is like one centimeter below the region. So what I'm asking is for a solution to fix this. Here is a picture of the mismatch of the region and the bitmap: Now my code looks like this: ... invoke LoadIcon, hInstance, 2001 invoke SendMessage, edi, WM_SETICON,TRUE,eax invoke SetWindowText, edi, offset lpAppName invoke SetWindowPos,edi,HWND_TOPMOST,0,0,0,0,SWP_NOACTIVATE + SWP_NOMOVE + SWP_NOSIZE invoke LoadBitmap, hInstance, 2003 invoke CreatePatternBru…
-
Protected char
by wyrda- 4 replies
- 5.5k views
I work in c++ at a project and I can say that if someone change a char array with a debugger my app is hacked. How should I protect that array? I was thinking to have more arrays and if I join them(when I need) to result my array.
-
Import redirection - a basic idea
by The_SSJ - retired- 10 replies
- 4.3k views
Hi guys, This morning (in my time zone ) I wrote a little txt-file explaining the basic approach to redirect imports of an app. This would be especially useful when u write your own protector or something else... It is not finished yet - There are many things I plan to do... You will find it attached in this post. Greets The_SSJ /Edit: By the way - examples are coded in pseudo-asm... Import redirection by The_SSJ.txt
-
[Delphi] Add Imports problem
by steve10120- 11 replies
- 6.8k views
Hi. Got a problem with some code I've written to add imports to a file. Its working fine on something like a Delphi Hello World, but on notepad.exe its crashing for some reason, can't work out why. { Add Imports Example Author: steve10120 Description: Add imports to a PE file. Website: http://hackhound.org History: First try Added multiple import support. }unit uAddImport;interfaceuses Windows;type TFuncArray = array of string; TImports = packed record szLibName: string; Funcs: TFuncArray; end;procedure AddImport(szFilePath:string; Imports:TImports);type PImageImportDescriptor = ^TImageImportDescriptor; TImageImportDescriptor = …
-
Coding our own little packer
by azfk- 1 reply
- 3k views
I'm just curious about this because if we were to code our own packers, it would be a great learning experience in programming, improving our thinking skills (doing anything really), and understand how to unpack better, I've made my own little project, I'm just going to generate a few keys and encrypt blocks of data accordingly, but I'm still stuck on how the unpacking stub works, do I code it manually beforehand and just write the code over what I'm protecting? If so that seems godawful for more complex packers like execryptor and themida so I think thats impractical, or is it an engine? If so... I would need to code my own engine? any comments? thoughts, ideas, will be…
-
Ollydbg text assembler (concept)
by Guest Dreamer9210- 6 replies
- 3.4k views
Hello! I'm using OllyDbg quite often, and sometimes I use it to add/edit functionality to existing binary applications. It's very convenient to see the changes in real time, being able to insert breakpoints while writing/editing the code. But the main problem, in my opinion, is that it's difficult to maintain already written code - if I have to insert or remove commands, I have to manually fix calls/jumps. That's why I wanted to write a plugin to fix the situation, but I am not experienced in writing OllyDbg plugins, and I don't have much time for it, so I want to share the concept with you: Click here It's similar to the known Code Ripper plugin, with an extra feat…
-
ASM help
by Mr. X- 5 replies
- 4.2k views
Hi, I am just a newbie and trying to learn ASM language and i have just started with MSG box. I have just used the source code of MSG box for learning purpose to create a msg box. But on execution, i am continuously getting this error. If anyone can provide me any help over this then it would be great. This is the pic of error which i am getting on execution. Cheers, Mr. X
-
Ollydbg Plugin Plus Masm Source
by What- 15 replies
- 16k views
Here is the source for a plugin, I have decided to write a new one from scratch with completely custom code.. Its has fixes for stuff like IsDebuggerPresent, HeapFlags, and shows hooks for stuff like ZwQueryProcessInformation. Show how to apply fixes to ollydbg itself, remove ep breakpoint and break on tls. Hope this helps someone. Originally I used a thread on restart of plugin but it was kinda annoying, so I hooked ollydbg later on where all the fixes would work right, took forever to find a good spot.
-
antiodbg src -> Delphi
by D1N- 9 replies
- 6k views
Sometime last year I remember someone asking for an example of anti-odbg in Delphi. Though this is just a simple example code can be modified and updated. Original thread was on unpack.cn sometime ago and this evening while I was checking the board I came across this thread and figured it would be a good opportunity to post it on tuts4you. If you use the code or find it helpful be sure to email this guy and thank him. Dont be a JP function IsDebuggerPresent():BOOL; stdcall;external 'kernel32.dll' name 'IsDebuggerPresent'; <-- !patch Kernel32.IsDebuggerPresent SimpleAntiDBG2.zip
-
- 1 reply
- 5.2k views
Since I don't make nearly enough contributions around here, time to throw down a few of my projects I've posted on other communities __ Anti-debug library, "Siberian Tiger", build 0.900: http://www.sendspace.com/file/lknuyt. ASM files, as well as intrinsics, are used to be compatible with both x86 and x64 platforms. Strings are encrypted as a small layer of protection from reverse engineering. As the library approaches it's final revision, I'll be obfuscating the application a bit more to ensure all checks are able to run, and work a bit more on integrability. __ - Checks all modules entrypoint for being outside module space and the code segment; if size image or …
