Programming and Coding

I want to make dll with Decorated Names by using masm32 the export name is like ?MoleBox_GetUserMail@@YA?AVMoleString@@XZ when i wrote in .def file like this LIBRARY MYCLASS EXPORTS ?MoleBox_GetUserMail@@YA?AVMoleString@@XZ=MoleBox_GetUserMail @1 ?MoleBox_GetUserName@@YA?AVMoleString@@XZ=MoleBox_GetUserName @2 when i make the dll,i find it is ?MoleBox_GetUserMail rva: 00001006 ord: 1 ?MoleBox_GetUserName rva: 00001014 ord: 2

Hey guys! Well I'm currently doing some experimenting with coding an exe packer/protector. I've got it working up to the point of loading and packing an executable written in C++ compiled with Dev-c++ and it works fine. Whenever I compile the same source code in Visual Studio 2008 pack it and run it I get "Not a valid executable file!" Anyone have an ideas? I can post the code if need be. Thanks in advance

Hi, I am stuck at converting a negative signed value to an unsigned value in vb.net 2008: e.g. signed: -1111111 unsigned: 4293856185 I am trying to do a "NEG" operation... any ideas? deep0

hello there im trying to make some usermode hooks to explorer.exe process my first goal is to hook findnextfileW api but when im going to open a directory explorer crashes.I have spot an access violation but i cant spot why that happened here is my source code diafora.h typedef struct AdressEs{ //....target DWORD FindNextFileW_; //....redirect DWORD FindNextFile_; //...data BYTE FindNextFileData[6]; }AdressEs;void HoonOnAddress(DWORD addr,DWORD dst); void UnHoonOnAddress(DWORD addr,BYTE *patch); int JMP(DWORD func,DWORD tramboline); bool FindNextFile_(HANDLE hAndle,WIN32_FIND_DATAW *FileData); void DumpFirstBytesBeforePatch(DWORD addr); void InitializeHook();DWORD p…

The key isn't generated from a username. I managed to get the key validation routine, and it is rather complex. I was able to translate it to Python code, and I tried generating random numbers and trying each generated number with the validating routine, but I was not able to get a valid key, since the chance of each randomly generated number being valid is near 0. What is the best way to generate a valid key?

I have a binary with 3 radio buttons, I want to change the default startup selection and resource hacker does not allow me to change the default value. So I must assume the GetDlgItem is where and how the control is initialized. When I break on GetDlgItem, the stack never shows the known control ID for the three buttons I want to switch in code. Since I don't have the source code, I have to do it in asm, but I can't really find any methods that deal with this. Any thoughts? Thanks

Hey I wonder how you would use WM_COPYDATA in ASM or more specifically how to create the COPYDATASTRUCT like defined in here: Clickity Click, I am hoping someone is willing to help out a bit Regards, Filiph

XOR BYTE PTR DS:[EAX],AL i am confusing about some piece of code.. AL is byte size register ... how can i find it in ollydbg..

Trying to create a hidden window in delphi or (message only window) I have read up on the msdn, and come up with var WClass :TWndClass; TempClass :TWndClass; ClassRegistered :Boolean; begin WClass.style := 0; WClass.lpfnwndproc := @WndProc; WClass.cbClsExtra := 0; WClass.cbWndExtra := SizeOf(TWndClass); WClass.hinstance := hInstance; WClass.hIcon := 0; WClass.hCursor := 0; WClass.hbrbackground := 0; WClass.lpszMenuName := nil; WClass.lpszClassName := 'Server'; ClassRegistered := GetClassInfo(hInstance,WClass.lpszClassName,TempClass); if ClassRegistered = True then UnregisterClass(TempClass.lpszClassName,hInstance); Registerclass(Wclass); Res…

I am designing a delete function for a file manager i am coding however, i want to be able to delete a file even if you get that stupid windows "cant not delete due to blah" message. programs like unlocker. http://ccollomb.free.fr/unlocker/ search for all open handles for a given file and close them how is this acheived? i know after all handles are closed the obvious DeleteFileA is callled to delete the file. example, file1.txt has handle 1 and handle 2 open. search and find the handes CloseHandle(1) close handle(2) deleteFileA(file.txt); Delphi prefered but would settle with other langs and convert my self. TIA

dn 870kb @: http://rapidshare.com/files/326470028/NET.Introduction_to_APIs-whoknows.7z.html

NET.Reflection and Dynamic Class/Method Invocation Is this code will show you : -how you can load a DLL without add it as reference, call a method and get the return value -Create a class instance of DLL -show a FORM from 3rd party assembly! -as the 1st but the DLL in Resources! -export the Resource file dn (510kb) @: http://rapidshare.com/files/324777942/NET.Reflection_AppDomain-whoknows.7z.html

I'm attempting to uncompress and PECompact 2.XX file, and having a frustrating time. I followed a number of the tutorials here, but I think I'm missing some important stuff regarding the import tables. Here's what I've done: - Loaded .exe in IDA and saw junk - Used a hex editor to view the file, saw the "PECompact" string and knew it needed unpacking - Loaded .exe into ollydbg (using some stealth plugins) and found the signature PECompact "JMP EAX" instruction - Modified the JMP EAX to JMP EIP so it goes into infinite loop at that point - Ran the "infinite loop" version of the .exe, then attached to the process using ollydbg. Program is decrypted in memory! - The…

Hey guys, i am new to this forum but i have been looking at all the posts for the past day or two and i am just wandering if somebody could please help me, i enjoy reverse engineering and programming but yet i cannot seem to do a simple task using vb6 (i know i should be using c or c++ but i would like to use vb6 for this current project) i would like to create a serial sniffer like program using ReadProcessMemory and other APIs but for a beginner i would just like something simple like reading the display on calc.exe i did see a detailed tutorial posted here by root86 but every time i use PHandle = OpenProcess (PROCESS_ALL_ACCESS, False, pid) it just jumps to the error …

hello dears there is a program exe i want to change its functionality i want to read a text file in the same directory and put it in memory i am using ollydbg. program runs program states switchs to my code ---> my code reads text put in memory ---> return to the program state. what are the requirements i mean it has nice code cave what else? i appreciate if u can gimme the asm code which reads text and puts it in memory thanks.

/>http://www.codeproject.com/KB/system/asm.aspx Ted.

How to hide tray icons of other applications? I got one app from: />http://www.perfectiontools.com/EasyWindow&SystemTrayIconsHider.exe It functions well. I'd like to code my own. Could any buddy show me some code? C/C++ is preferred. Thank you in advance!

Well i try build or make Memory viewer for my application... I like see example about this for have idea how begin project.. Thanks

Hi: I want to write an Ollydbg plugin and already downloaded plugin development kit 1.10, but I don't know how to start developing. Could anyone give me some reference or a simple sample, such like "hello world", that could help me to start it? Thank you very much. Fan

Hi guy ..how want make vertical marquee text on delphi?? can anyone help me ??

delphi soruce code myprogram.exe (olly) before 0046B376 . /74 0C JE SHORT 19_1.0046B384 after 0046B376 . /90 90 JE SHORT 19_1.0046B384 /// nop 90 90 How do delphi programing thanks

I'm very confused about one thing in Windows memory architecture. Thought someone here could help me out. The Virtual Address space (numbering) is unique to every process, right? I.E. application "A" can have some data structure at address 0x12345678, while another completely different application "B" can have completely different data structure at same address 0x12345678. Correct me if this is wrong. Now, assuming this, why is that virtual address space is split into partitions like from 0x00010000 to 0x7FFEFFFF for user mode applications and from 0x80000000 to 0xFFFFFFFF for kernel-mode apps. Why can't user-mode app take the "higher" part of address space if the space n…

So the other day I learned about shared memory in dlls. I was wondering can a dll call a function in an external process that has the dll? Process1|Dll Process2|Dll Process1 calls AnExport AnExport(called from Process1) calls a callback in Process2 Is this possible?

Hi guys, this is my first attempt to use RSA in a .NET app. I looked for a solution for hours but I did not understand how to use RSACryptoServiceProvider to import my chosen keys. // Imposta parametri RSAParameters rsaParams = new RSAParameters(); rsaParams.Modulus = myData.getN; rsaParams.Exponent = myData.getExponent; // Istanzia il crypter CspParameters providerParam = new CspParameters(1, "Microsoft Enhanced Cryptographic Provider"); RSACryptoServiceProvider myRSA = new RSACryptoServiceProvider(48, providerParam); myRSA.ImportParameters(rsaParams); // ALWAYS BA…

Hi, I was wondering if anyone has any code they could share that demonstrates how to use a png image as a window. I have no idea where to start... I assume Either GDI+ or pnglib, but that's about it... But yeah... If anyone has anything they can share, I would be delighted to look at it. Hopefully in C/C++ or MASM, but I'm sure anything will be fine if I can adapt it. Thanks, Hyperlisk