Programming and Coding
Programming and coding tips, help and solutions...
1,892 topics in this forum
-
Ollydbg Plugin Plus Masm Source
by What- 15 replies
- 16.3k views
Here is the source for a plugin, I have decided to write a new one from scratch with completely custom code.. Its has fixes for stuff like IsDebuggerPresent, HeapFlags, and shows hooks for stuff like ZwQueryProcessInformation. Show how to apply fixes to ollydbg itself, remove ep breakpoint and break on tls. Hope this helps someone. Originally I used a thread on restart of plugin but it was kinda annoying, so I hooked ollydbg later on where all the fixes would work right, took forever to find a good spot.
-
antiodbg src -> Delphi
by D1N- 9 replies
- 6.3k views
Sometime last year I remember someone asking for an example of anti-odbg in Delphi. Though this is just a simple example code can be modified and updated. Original thread was on unpack.cn sometime ago and this evening while I was checking the board I came across this thread and figured it would be a good opportunity to post it on tuts4you. If you use the code or find it helpful be sure to email this guy and thank him. Dont be a JP function IsDebuggerPresent():BOOL; stdcall;external 'kernel32.dll' name 'IsDebuggerPresent'; <-- !patch Kernel32.IsDebuggerPresent SimpleAntiDBG2.zip
-
- 1 reply
- 5.5k views
Since I don't make nearly enough contributions around here, time to throw down a few of my projects I've posted on other communities __ Anti-debug library, "Siberian Tiger", build 0.900: http://www.sendspace.com/file/lknuyt. ASM files, as well as intrinsics, are used to be compatible with both x86 and x64 platforms. Strings are encrypted as a small layer of protection from reverse engineering. As the library approaches it's final revision, I'll be obfuscating the application a bit more to ensure all checks are able to run, and work a bit more on integrability. __ - Checks all modules entrypoint for being outside module space and the code segment; if size image or …
-
Hook/Call the same function?
by high6- 2 replies
- 3.3k views
So I have a C++ dll injected into a process and I want to hook/call the same function. Problem is that if I have the hook call the function then it can turn into some nasty recursion. What is the best way to Hook/Call the same function? Some thoughts -Could call the hook's trampoline instead which will cause it to skip over the hook. (Will only work if hooking the start of a function) -Could set a flag that will skip the hook. Not sure how I would do that without it being a giant mess though.
-
Reg. Dll and Exe
by b0mbh2k- 1 reply
- 15.9k views
Guyzz, how to view or judge the sample, whether its dll or exe or any other file into hex editor?
-
PE-Nightmare v1.3 decryptor
by bigboss-62- 6 replies
- 5.8k views
Hello guys... Just after updating Yoda's Decrypter to v1.1, i'm proud to bring you my PE-Nightmare v1.3 decryptor. This crypter is very easy to study, but it has a bad file alignement, causing not working on NT Technology. If you've crypted a proggy that can't be run on NT, just decrypt it with this decrypter and it should work. I have also included source code in masm for those who are interested... See you soon in my next decrypter... Laurent aka BIGBOSS from COPs Any remarks are welcome... CPS!UnPENightmare.zip PENightmare_v13.zip
-
ReadProcessMemory reports an Error
by yanes- 3 replies
- 3.2k views
hi all when using the "ReadProcessMemory" to make a dump an image from memory ,this API reports the Error 'Error_No_Access' , Note that it succeeds with a litte part of victim's memory but it fails to read the entire image (Number of bytes = SizeOfImage) ,Note that the VirtualProtectEx API reports also the same Error code How can I do it ? _
-
Visual C++ question
by thief386- 2 replies
- 3.4k views
Hello tuts4you guys I'm newbie in c++ and i have some questions 1 how add a good text scroll to form (like dUP patcher's text scroll) ? 2 please post a random number generate function here 3 how use skin in visual c++ ? 4 how add music (xm) to form (i know, but there is some problems that i have read all other topics about it but i can't solve it still) thanks
-
Fastest way to clear all REGs
by SunBeam- 21 replies
- 5.9k views
Hi guys. It's me again, with another kinky weird request from y'allz. Do you happen to know the fastest way to clear all registers? (e-a-c-d-b-x, e-s-d-i) I wrote something like this, keeping in mind I want code to be small: _WIPE proc push 6h pop ecx @loop: push 0 loop @loop pop eax pop ecx pop edx pop ebx pop esi pop edi ret _WIPE endp Pretty much looks like a Delphi function in prolog, lol. Post your thoughts, please!
-
Morse Code
by zugo- 5 replies
- 3.9k views
Hi guys, MorseCode is an application that converts the input text to Morse code and also plays the sound of it - comes with full source code. Regards. MorseCode.rar
-
- 3 replies
- 3.3k views
Hi all , i'm coding a MASM32 program under Winasm IDE how to add the List control SysListView32 on my Dialogbox Of course ,How to add and edit item in the list I think this ctrl is in the Ole32.dll (Not a custom one) waiting for your help THANX ...
-
delphi keygenning help
by Accede- 13 replies
- 5.1k views
Can any god keygener me help on this mistake her is the code: procedure TForm1.btn1Click(Sender: TObject); const chars = 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'; var N,A,B,C,D,E,F,i:Integer; serial1,S,U,V,W,X:string; Activation:array of Char; begin serial1 :=''; begin if cbb1.Text = 'OJOsoft DVD Ripper'then//cbb is combobox if cbb1.Text = 'OJOsoft Total Video Converter' then if cbb1.Text = 'OJOsoft iPod Video Converter' then if cbb1.Text = 'OJOsoft DVD Audio Ripper' then if cbb1.Text = 'OJOsoft WMA to MP3 Converter' then if cbb1.Text = 'OJOsoft DVD to AVI Converter' then if cbb1.Text = 'OJOsoft WAV to MP3 Converter' then if cbb1.Text = 'OJOsoft DVD to PSP Converter' then…
-
Problem with PE section Injection
by DarkInjection- 4 replies
- 4.7k views
hello this is my first post here i m writing a program to add a new section into the PE at the moment.... but somegthing goes wrong im trying to locate what its worng but nothing yet u can find the source here: infection.h typedef struct _StaffToUse { DWORD EIP; DWORD IMAGE_BASE; DWORD VEP; DWORD NumbOfSections; DWORD WinExec_; DWORD LoadLib_; DWORD ExitProc_; DWORD *VirtualS[32]; DWORD *SizeOfRaw[32]; DWORD *PointerToRaw[32]; DWORD *VirtualAddr[32]; BYTE *SectionNames[32];} StaffToUse;typedef struct _DWDataStorage{ BYTE *dwData;}DWDataStorage;//cracps HANDLE hFile,oFile = NULL; DWORD dwBytesRead; DWORD Sections; DWORD fSize = 0; PCHAR pMem; IMAGE_NT_HEA…
-
Nice op-code reference program
by DoNotUseFoulLanguage- 12 replies
- 4.6k views
Hope you like this, i found it pretty useful Made by Yury Lukach opcodes.zip
-
debugging the errors
by ajaytvish- 1 reply
- 3.2k views
//can somebody help me with the solution of this error : //I am trying to compile the below assembly code on borland v5.02 & tasm assembler v5.0 ;PROGRAM filename setpath.asm .386p ;enable Intel 386 (with privileged) instructions .model flat,stdcall ;flat memory model, for Win32 applications .radix 10 ;numbers default to base-10 jumps ;jumps get calculated and adjusted include Win32.inc ;basic Win32 application constants and structures ;Advapi32.dll extrn RegOpenKeyExA:proc ;external API declaration extrn RegSetValueExA:proc extrn RegCloseKey:proc ;Kernel32.dll extrn GetCurrentDirectoryA:proc extrn E…
-
Call c++ member function through asm
by urbanyoung- 2 replies
- 3.8k views
Hey, I'm trying to call a c++ class member function through asm. I believe the this param (class id) is passed using ECX in the function call, getting this is no problem. However, when I call the function (with the class id in ECX) the function doesn't crash like before, but it returns incorrect data. I was wondering if anything else needs to be passed to the function or if ECX is infact the class id used to associate data with the caller. Any tips would be appreciated.
-
x64 assembly
by sakr22- 6 replies
- 11.9k views
in visual c++ 2005 x64 it doesn't support the inline assembly __asm so to write assembly i must write it in a .asm file then call it from my code i need a tutorials for writing x64 assembly and how to call it as a function from c++ or at least i nead an x64 IDE assembler thnx in advance
-
dl help asmcom
by magicrain@hotmail.com- 2 replies
- 6.6k views
Hey folks i need some help with a asm line...how i could do that in delphi ? SAR EAX,1 ROL EAX,3 XCHG EAX,ESI < i need that in delphi but how :S?
-
- 0 replies
- 2.8k views
Hi, I am just asking how to read text that is multilined, in a text box, into a formatted memory buffer. This is needed because the required function that needs the text, expects it to be formatted. And so, the app fails because the text is not formatted properly (with newlines etc). The language the project is written in is C++, with zero MFC or .NET. Any assistance at all would be appreciated. EDIT: Worked it out. For some odd reason, the edit control's contents (which are on tabs) are not read...
-
HOW MAKE A LINT IN C++
by DavidOliveira- 1 reply
- 3.1k views
i wanna make a link in my application go to a site anyone can helpe like to do
-
*delete thread*
by mudlord- 6 replies
- 5k views
*plz kill this people.*
-
[Delphi] Resource section help
by steve10120- 0 replies
- 3.2k views
Hi, I've got another problem. I'm trying to read the read and parse data in the resource section, after reading some articles I've got a pretty good idea about what needs to be done. But, I'm stuck on one little thing, which none of the articles seem to cover. The problem is with the IMAGE_RESOURCE_DIRECTORY_ENTRY values, the Name value seems correct(checked with Index refs), but the OffsetToData value is wrong, or at least the value in the field is way way above even the filesize. Is there something I need to do to the OffsetToData to get the right offset of the IMAGE_RESOURCE_DATA_ENTRY? var dwOffset: DWORD; bFile: TByteArray; IDH: TImageDosHeader; INH: TImageN…
-
how to get data from edit
by DavidOliveira- 2 replies
- 4.9k views
hey people,i want to get data from edit and show to the user,
-
how to generate a random number
by DavidOliveira- 7 replies
- 4.3k views
i wanna generate random numbers with no repeats, i have this code #include <cstdlib> #include <iostream> using namespace std; int main() { int randomNumber; for(int i = 0; i < 15 ; i++) //print random #s 15 times {randomNumber = (rand() % 25) + 1; cout << randomNumber << endl;getchar( ); } return 0; } but it generate the same sequence 17-18-10-1-20-25-4-9-13-15-6-21-7-3-12 everytime how can i fix it
-
Unpacker
by Busted- 18 replies
- 34.9k views
Hey all, I am searching for an unpacker source code coded in assembly , the reason for this is I want to start coding unpackers you know teach myself. I havn't found any tutorials on coding unpacker's if you happen to come across any let me know , anyways... your help is appreciated! Tipidy
