Programming and Coding

//./g++ -fdata-sections -s -g -std=c++14 -masm=intel -m32 -o ldrdll.exe ldrdll.cpp //./g++ -fdata-sections -s -g -std=c++14 -masm=intel -m64 -o ldrdll.exe ldrdll.cpp #include <windows.h> #include <iostream> typedef struct _UNICODE_STRING { USHORT Length; USHORT MaximumLength; PVOID Buffer; } UNICODE_STRING, *PUNICODE_STRING; typedef struct _ANSI_STRING { USHORT Length; USHORT MaximumLength; PCHAR Buffer; } ANSI_STRING, *PANSI_STRING; typedef void (__stdcall *LdrLoadDll) ( IN PWCHAR PathToFile OPTIONAL, IN ULONG Flags OPTIONAL, IN PUNICODE_STRING ModuleFileName, OUT HMODULE *ModuleHandle ); typedef void (__stdcall *LdrGetProcedureAddress) ( IN HMODULE Mod…

Hello , I started working on my own PE parsing tool in assembly language (MASM) and am using RadASM as my main IDE. assume edi:ptr IMAGE_DOS_HEADER lea eax,[edi].e_magic invoke SendMessage,hEdit,WM_SETTEXT,0,eax This line of code suppose to output the following : " MZ ", it does for some executables exept Delphi executables it shows "MZP" instead. The question here is that what (e_cblp) byte is doing here ? as far as i know e_magic field is just a word sized. e_magic = $5A4D am really confused right now !

Hi everyone , Hope you're doing good I was looking for some assembly tutorials and I've found nothing useful , the majority of these tutorials talks about computer architechture such as registers and memory .... I want Pure assembly tutorials like using RadASM components , writing tools etc ... Unfortunately all good resources have gone like this website for example : https://web.archive.org/web/20050506040848/http://bib.universitas-virtualis.org/go.php?node=22 I have read Iczelion tutorials , and looking for more am hungry to assembly language Am asking everyone who has something in his drive to share it with me please . best…

Hello, I have BeaEngine unit source in delphi , which i've found quiet useful since I love low level stuff and I hope I will be able to code my own debugger oneday . It's hard to understand the code , @kao if you can please explain to me how it works since you've updated this unit , my other question is : does all debuggers and disassemblers use the same methodology ? I started reading Intel manual but my native language is not english therefore it's hard to understand each line . are there any alternatives ? all I did was making a simple diagram to avoid complexity because records are nested . after steping , The EIP doesn't p…

Hello everyone , hope you all are doing well . I was reading a book called ' The art of unpacking ' , on the page 13 the author was talking about both software and hardware breakpoint detection and patching techniques . This is a preview of what was written : The code is clear except (protected code start) and (protected code end) . I guess the first one is referring to the address of entry point of the target application ? if so , How can I determine the end of the code ? I wanted to include this method in my application which is written in delphi ( for testing purpose ) but I couldn't do it , Any piece of code will be more than wel…

Hello everyone. Im fairly new to c# and currently learning it ,but I came up on an error. I had someone suggest me to use an array ,but I still get errors. Any tips? Code: foreach (Process process in Process.GetProcessesByName("dnspy-x86")) { Environment.Exit(0); } I want it to accept more then 1 process. thanks !

Hi everyone. I was having trouble of creating and learning of patching with VB.NET Can anybody tell me what's wrong with that code? I tried many times but the bytes still not replacing Please help Imports System.Runtime.CompilerServices Imports System.IO Public Class Form1 Private Shared ReadOnly FindHex As Byte() = {&HE0, &H42, &HFC, &HB1, &H3, &H40, &H75, &H75, &H75, &H75, &H75, &H75, &H75, &H75, &H75, &H75, &H75, &H75, &H75, &H75, &H75, &H75, &H75, &H75, &H8F, &H75, &H74} Private Shared ReadOnly ReplaceHex As Byte() = {&H0, &H0, &a…

Hi all. i am new to the patching. i want to make a patch in vb.net , which will replace multiple bytes of a program. like when i load the original & patched file in DUP , its comparision : there are many patterns how to make its patch in vb.net

Hello I'm newbie here. I'm learning to make a patch using vb.net and I'm almost there but my problem is I cannot put million words into my code my visual studio is just freezing when I'm pasting the million bytes I just wanna ask how can I insert 6 million length of text

Hi, I'm new here. Thanks for the code in https://www.rohitab.com/discuss/topic/41529-stealthier-process-hollowing-code/ But, it only works with x86, then I was trying to make it work with both x86 and x64. But I received the following error when attached windbg to running x64 bit hollowing (in hollowed process). What would be wrong ? (768.edc): Access violation - code c0000005 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. ntdll!LdrpAllocateTlsEntry+0xda: 00000000`7759466a 8911 mov dword ptr [rcx],edx ds:00000000`00904b5c=???????? Here is my code for Proce…

Hello eveyone , Am looking for a source code for UPX unpacker written in Delphi, I couldn't find anything on the internet . Any article , link , code snippet will be more than helpful . thanks in advance .

Hello everyone , I hope you're doing good , I've been searching for a while about how to write a plugin for OllyDbg , with the help of the (plugin api unit) I was able to make a simple plugin that retreives the value of the flag (BeingDebugged) which is used by the function (IsDebuggerPresent) . now the problem is that i still can't change that byte . The function WriteProcessMemory isn't working , can you give me some help please , here's the full code : thanks in advance library AADebug; uses SysUtils, plugin, windows, Classes; {$R *.res} type PEB = record Reserved1: array [0 .. 1] of Byte; BeingDebugged: Byte; Reserved2: B…

Hello guys, I'm proud to announce the beta release of AMED (an Advanced Machine Decoder). It's extremely fast, lightweight and supports the following architectures : - x86(with all its extensions including xeon instruction set). - aarch32(arm, thumb, neon, ARMv8+). - aarch64(with all its extensions including SVE). I also released the new version (v3) of opcodesDB. https://github.com/MahdiSafsafi/AMED https://github.com/MahdiSafsafi/opcodesDB What do you think guys ?

Oracle is providing Java 14 as the Oracle OpenJDK release under an open-source GNU General Public License v2. It's also released under a commercial license using Oracle JDK. Most of the nearly 2,000 fixes in JDK 14 have been made by Oracle employees while 528 came from individual developers and other organizations. Some of the main contributors included Red Hat, SAP, Google, Arm, Intel, and NTT Data. @CodeExplorer happy? #haha https://www.techinvestornews.com/Oracle/Latest-Oracle-News/oracle-announces-java-14 bonus - github.com/sagarkarira/coronavirus-tracker-cli

hi all can some one please tell me what does this code do? private boolean d(String paramString) { boolean bool = false; byte[] arrayOfByte = paramString.getBytes(); if (arrayOfByte.length == 26) { byte b1 = 0; byte b2 = 0; while (b1 < 24) { b2 = (byte)(b2 ^ arrayOfByte[b1]); b1++; } if ((b2 & 0xF) == -65 + arrayOfByte[25] && (0xF & b2 >> 4) == -65 + arrayOfByte[24]) bool = true; } return bool; }

I'm making a project Please help me How can add adb devices connected port On combobox thanks

Hi guys, I have a new question I am trying to find a solution.I would like to drag a link from browser directly into my app to get the full link address without using any copy / paste functions manually via mouse.Now I see its not working and I can only just drag files from Windows / Explorer etc into my app window.So how can I enable the drag operations also from any browser to outside like into my app window etc? greetz

Hi everyone I'm making a project on Delphi How can show name like I'm select man See all man name And I'm select women the. Show women name Thanks

I am trying to build dnspy with dnlib as a dependency project in VS2019. So I can debug dnspy and follow whats happening in the dnlib source. Things I have tried: 1. git clone just dnspy and build using "dotnet build" works. But how can I add dnlib project to dnspy solution in vs2019 and make it build. 2. I also tried the NuGet from vs2019 and install dnlib, but it gets only the dnlib.dll not the entire project. 3. downloaded the dnlib project and added manually to the dnspy sln. it wasnt building at all. 4. dnlib byitself builds fine. 5. dnspy builds fine in git bash shell. Once this is done. the dnspy sln builds fine in vs2019 but only with…

My Question How to VMProtect Application Crc calcuated I Want embed hash into my application but , if embed any crc hash to application final checksum changed how VMProtect like software ex Themida calculating own hash I'm Deobfuscated VMProtect and i get this ;VMProtect CRC START： mov edx,dword ptr ss:[ebp] add ebp,0x4 LOOP： xor eax,eax mov ecx,eax shl eax,0x7 shr ecx,0x19 or eax,ecx xor al,byte ptr ds:[edx] inc edx dec dword ptr ss:[ebp] jnz LOOP mov dword ptr ss:[ebp],eax END But how crc values calculated and embeding into application i don't understand how it's work and i need i want to make my own protector…

File Name: Delphi patch template 10 by [sST] source code File Submitter: Bilbardfayim File Submitted: 12 Apr 2015 File Category: Source Code Delphi patch template 10 by [sST] source code Click here to download this file

Some time ago I found C source for playing the oldschool Reality AdLib Tracker (.rad) tunes, after a while of compiling and experimenting I managed to get a simple working delphi player. + no external dlls + no hassle compilation + music file embedded inside + fairly small size cca 50kb (not packed) Hope somebody finds it useful. RadPlay.zip

Dear All These is a Small KeygenMe with source Code(in Masm32). Thanks to Lena 151. KeygenMe With Source Code.rar

Hi guys, I have a small question.I would like to bring my app into front by itself when something was found in browser I am looking at.I tried using SetForegroundWindow but dosent work also AllowSetForegroundWindow either.Only way I am able to do is just using SetWindowPos function with HWND_TOPMOST paramter & again with HWND_NOTOPMOST paramter.So I wanna just bring my app window in front only without to have / keep HWND_TOPMOST flag. invoke SetWindowPos,hWin,HWND_TOPMOST,0,0,0,0, SWP_ASYNCWINDOWPOS or SWP_NOMOVE or SWP_NOSIZE invoke SetWindowPos,hWin,HWND_NOTOPMOST,0,0,0,0, SWP_ASYNCWINDOWPOS or SWP_NOMOVE or SWP_NOSIZE Using that 2 functions is working…

hi guys i have a SearchAndReplace patcher source in masm32 search a loop algo for patch more patternsequence can your help me PATTERNSIZE equ sizeof SearchPattern1 PATTERNSIZE2 equ sizeof SearchPattern2 PATTERNSIZE3 equ sizeof SearchPattern3 SearchPattern1 db ... SearchMask1 db ... ReplacePattern1 db ... ReplaceMask1 db ... SearchPattern2 db ... SearchMask2 db ... ReplacePattern2 db ... ReplaceMask2 db ... SearchPattern3 db ... SearchMask3 db ... ReplacePattern3 db ... ReplaceMask3 db ... .code ... ..... ...... PatchFile proc _targetfile:dword LOCAL local_hFile :DWORD LOCAL local_hFileMapping:DWORD LOCAL local_hViewOfFile :DWORD LOCA…