Jump to content
Tuts 4 You

All Activity

This stream auto-updates     

  1. Today
  2. Here's how i'd access the media.. ZDF-Mediathek "Die Subway-Falle" -> grab the "master.m3u8" https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/master.m3u8 instead of: https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/index_776000_av.m3u8 use: https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/master.m3u8 now have a looksy with FFMpeg -i Opening 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/index_229000_av.m3u8?null=0' for reading [https @ 00000000026807c0] Opening 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/index_476000_av.m3u8?null=0' for reading [https @ 00000000026807c0] Opening 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/index_776000_av.m3u8?null=0' for reading [https @ 00000000026807c0] Opening 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/index_1496000_av.m3u8?null=0' for reading [https @ 00000000026807c0] Opening 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/index_2296000_av.m3u8?null=0' for reading [https @ 00000000026807c0] Opening 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/index_3296000_av.m3u8?null=0' for reading [https @ 00000000026807c0] Opening 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/index_229000_a.m3u8?null=0' for reading [hls,applehttp @ 0000000002678c80] Opening 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/segment1_229000_av.ts?null=0' for reading [hls,applehttp @ 0000000002678c80] Opening 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/segment2_229000_av.ts?null=0' for reading [hls,applehttp @ 0000000002678c80] Opening 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/segment1_476000_av.ts?null=0' for reading [hls,applehttp @ 0000000002678c80] Opening 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/segment2_476000_av.ts?null=0' for reading [hls,applehttp @ 0000000002678c80] Opening 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/segment1_776000_av.ts?null=0' for reading [hls,applehttp @ 0000000002678c80] Opening 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/segment2_776000_av.ts?null=0' for reading [hls,applehttp @ 0000000002678c80] Opening 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/segment1_1496000_av.ts?null=0' for reading [hls,applehttp @ 0000000002678c80] Opening 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/segment2_1496000_av.ts?null=0' for reading [hls,applehttp @ 0000000002678c80] Opening 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/segment1_2296000_av.ts?null=0' for reading [hls,applehttp @ 0000000002678c80] Opening 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/segment2_2296000_av.ts?null=0' for reading [hls,applehttp @ 0000000002678c80] Opening 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/segment1_3296000_av.ts?null=0' for reading [hls,applehttp @ 0000000002678c80] Opening 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/segment2_3296000_av.ts?null=0' for reading [hls,applehttp @ 0000000002678c80] Opening 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/segment1_229000_a.ts?null=0' for reading [hls,applehttp @ 0000000002678c80] Opening 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/segment2_229000_a.ts?null=0' for reading Input #0, hls,applehttp, from 'https://zdfvodde-vh.akamaihd.net/i/meta-files/zdf/smil/m3u8/300/16/11/161124_subwaylfalle_inf/6/161124_subwaylfalle_inf.smil/master.m3u8': Duration: 00:44:43.44, start: 0.100511, bitrate: 0 kb/s Program 0 Metadata: variant_bitrate : 226000 Stream #0:0: Video: h264 (Main) ([27][0][0][0] / 0x001B), yuv420p, 320x176 [SAR 1:1 DAR 20:11], 25 fps, 25 tbr, 90k tbn, 50 tbc Metadata: variant_bitrate : 226000 Stream #0:1: Audio: aac (LC) ([15][0][0][0] / 0x000F), 44100 Hz, stereo, fltp Metadata: variant_bitrate : 226000 Program 1 Metadata: variant_bitrate : 474000 Stream #0:2: Video: h264 (Main) ([27][0][0][0] / 0x001B), yuv420p, 480x272 [SAR 1:1 DAR 30:17], 25 fps, 25 tbr, 90k tbn, 50 tbc Metadata: variant_bitrate : 474000 Stream #0:3: Audio: aac (LC) ([15][0][0][0] / 0x000F), 44100 Hz, stereo, fltp Metadata: variant_bitrate : 474000 Program 2 Metadata: variant_bitrate : 775000 Stream #0:4: Video: h264 (Main) ([27][0][0][0] / 0x001B), yuv420p, 640x360 [SAR 1:1 DAR 16:9], 25 fps, 25 tbr, 90k tbn, 50 tbc Metadata: variant_bitrate : 775000 Stream #0:5: Audio: aac (LC) ([15][0][0][0] / 0x000F), 44100 Hz, stereo, fltp Metadata: variant_bitrate : 775000 Program 3 Metadata: variant_bitrate : 1495000 Stream #0:6: Video: h264 (Main) ([27][0][0][0] / 0x001B), yuv420p, 852x480 [SAR 1:1 DAR 71:40], 25 fps, 25 tbr, 90k tbn, 50 tbc Metadata: variant_bitrate : 1495000 Stream #0:7: Audio: aac (LC) ([15][0][0][0] / 0x000F), 44100 Hz, stereo, fltp Metadata: variant_bitrate : 1495000 Program 4 Metadata: variant_bitrate : 2297000 Stream #0:8: Video: h264 (Main) ([27][0][0][0] / 0x001B), yuv420p, 1024x576 [SAR 1:1 DAR 16:9], 25 fps, 25 tbr, 90k tbn, 50 tbc Metadata: variant_bitrate : 2297000 Stream #0:9: Audio: aac (LC) ([15][0][0][0] / 0x000F), 44100 Hz, stereo, fltp Metadata: variant_bitrate : 2297000 Program 5 Metadata: variant_bitrate : 3298000 Stream #0:10: Video: h264 (Main) ([27][0][0][0] / 0x001B), yuv420p, 1280x720 [SAR 1:1 DAR 16:9], 25 fps, 25 tbr, 90k tbn, 50 tbc Metadata: variant_bitrate : 3298000 Stream #0:11: Audio: aac (LC) ([15][0][0][0] / 0x000F), 44100 Hz, stereo, fltp Metadata: variant_bitrate : 3298000 Program 6 Metadata: variant_bitrate : 95000 Stream #0:12: Audio: aac (LC) ([15][0][0][0] / 0x000F), 44100 Hz, stereo, fltp Metadata: variant_bitrate : 95000
  3. JMC31337

    Chinese Spy App

    MobileHunter base.apk
  4. Yesterday
  5. Hi Ted, thanks for that versions.Ok I have test it and see some issue.In default mode (my PC setting etc) its already working without problems to send any datas to another exe file what means in your receiver app I dont need to press the click button to call the ChangeWindowMessageFilterEx function.Now I tried to change the paramter of this function in your receiver app from 1 = allow to 2 disallow,the function returns success but your sender app can still send datas into receiver app and the text of button does change.Exactly thats the problem I also talked before already.Why isnt it working? 00401199 PUSH 0x0 0040119E PUSH 0x2 <--- disallow 004011A0 NOP 004011A1 NOP 004011A2 NOP 004011A3 PUSH 0xC 004011A8 PUSH 0x1 004011AD CALL 004026A7 004011B2 PUSH EAX 004011B3 CALL DWORD PTR DS:[0x40BE54] ; USER32.ChangeWindowMessageFilterEx eax = 1 You know what I mean right.So if I need to allow it in some cases then it should be also possible to disallow it but this does not work for me.If this isnt working from where should I know whether its working to allow it if I need it in any cases etc.So maybe you can check your files again but this time with the MSGFLT_DISALLOW 2 paramter just to verify whether this works and if yes then the button text of your receiver app shouldnt change anymore.Maybe you can check this on your PC so I dont know why its not working for me to disallow it. greetz
  6. x32 versions attached here... Ted. ChangeWindowMessageFilterEx.zip
  7. Hi Ted, thanks for that example so far.Could you compile the executable files again but this time for x86 / 32 bit please.You always forget that I dont use x64.Tha tks. Question: Do you have to call the code the whole time in a loop?Isnt is enough to call it only once like at WM_INIT.. message? As I see you do only use this ChangeWindowMessageFilterEx in the reciver app using the handle of the GadgetID.But if I see it right then I tried this already as I said before with paramter 2 = MSGFLT_DISALLOW and but the sender app could still send datas to the edit control of my receiver app.Just tried here to use MSGFLT_DISALLOW to see whether its working. Receiver App WM_INITDIALOG invoke GetDlgItem,hWnd,IDC_URL ; <--- Edit control of receiver mov edi, eax mov cbs.cbSize, sizeof cbs mov cbs.ExtStatus, NULL invoke LoadLibrary,chr$("user32.dll") invoke GetProcAddress,eax,chr$("ChangeWindowMessageFilterEx") lea esi, cbs push esi ; cbs struct push 2 ; 1 = MSGFLT_ALLOW 2 = MSGFLT_DISALLOW 0 = MSGFLT_RESET push WM_SETTEXT ; message push edi ; handle of Edit control above call eax ; ChangeWindowMessageFilterEx The code above should disallow WM_SETTEXT for this edit control to receive any text from extern apps right?So this app runs now.....and now I do start a other app manually via mouse what does send text to the edit control of reveiver app and its still working also if I have used disallow paramter above and the function ChangeWindowMessageFilterEx did return with eax 1 = success.Somehow it dosent work in my case. Ok,just send me your x86 compiled files then I can test it to see whether yours do work for me and if yes then I can debug it to see how to make it correctly etc. greetz
  8. I led you astray when I stated getting the higher privileged window to change the lower privileged window. Apologies for that! What you need to do is have the higher privileged window change its own handles (window, gadget, etc.) to accept specified messages. In the example below a lower window wants to send #WM_SETTEXT to a higher window. It will not be able to complete this because of UIPI... EnableExplicit Enumeration Windows #Window #Gadget EndEnumeration Declare ChangeWindowMessageFilter() If OpenWindow(#Window, 0, 0, 300, 60, "Window1 - Sender (Low UIPI)", #PB_Window_ScreenCentered | #PB_Window_SystemMenu) ButtonGadget(#Gadget, 5, 5, 290, 50, "CLICK ME!") Repeat Select WaitWindowEvent() Case #PB_Event_Gadget Select EventGadget() Case #Gadget ChangeWindowMessageFilter() EndSelect Case #PB_Event_CloseWindow End EndSelect ForEver EndIf Procedure ChangeWindowMessageFilter() Protected Window, Child Window = FindWindow_(#Null, "Window2 - Receiver (High UIPI)") Child = GetWindow_(Window, #GW_CHILD) SendMessage_(Child, #WM_SETTEXT, 0, "Some text") EndProcedure The example below is the higher window. It wants to receive #WM_SETTEXT from the lower window to change the text of a gadget. Note that I am getting the handle of the gadget and using ChangeWindowMessageFilterEx to allow window messages to be sent from the lower window. EnableExplicit Enumeration Windows #Window #Gadget EndEnumeration Declare ChangeWindowMessageFilter() Global User32 = OpenLibrary(#PB_Any, "user32.dll") Prototype.i ChangeWindowMessageFilterEx(hwnd, message, action, pChangeFilterStruct) Global ChangeWindowMessageFilterEx.ChangeWindowMessageFilterEx ChangeWindowMessageFilterEx = GetFunction(User32, "ChangeWindowMessageFilterEx") If OpenWindow(#Window, 0, 0, 300, 60, "Window2 - Receiver (High UIPI)", #PB_Window_ScreenCentered | #PB_Window_SystemMenu) ButtonGadget(#Gadget, 5, 5, 290, 50, "CLICK ME!") Repeat Select WaitWindowEvent() Case #PB_Event_Gadget Select EventGadget() Case #Gadget ChangeWindowMessageFilter() EndSelect Case #PB_Event_CloseWindow End EndSelect ForEver EndIf Procedure ChangeWindowMessageFilter() #MSGFLT_ALLOW = 1 ; Modifies the User Interface Privilege Isolation (UIPI) message filter for a specified window. If ChangeWindowMessageFilterEx(GadgetID(#Gadget), #WM_SETTEXT, #MSGFLT_ALLOW, #Null) SetGadgetText(#Gadget, "Sender Can Now Change This Text") Else SetGadgetText(#Gadget, "Something Went Wrong!") EndIf EndProcedure 1) Run both executables. 2) Click "CLICK ME!" in Window1 a few times and you will notice nothing changes in Window2 3) Click "CLICK ME!" in Window2 and it will update the message filter of its gadget to accept WM_SETTEXT. Button text should change now. 4) Click "CLICK ME!" in Window1 and the button (gadget) text in Window2 should now change. Ted. ChangeWindowMessageFilterEx.zip
  9. JMC31337

    Evil Gnome

    Linux Evil Gnome pass: infected HUGE APT collection with others where this came from at: https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/ 7ffab36b2fa68d0708c82f01a70c8d10614ca742d838b69007f5104337a4b869.zip
  10. JMC31337

    Visual Studios 2019 Pro - trial

    All of you are awesome thnx
  11. Last week
  12. Hi Ted, I still dont know how to use this function right.I tried to use it in both apps already but without success to disable it (for testing).As I said I have 2 apps. App 1 main app and App 2. 1.) If I am using ChangeWindowMessageFilterEx in App 1 at WM_INITDIALOG message then I get success in eax back... .if uMsg == WM_INITDIALOG invoke GetDlgItem,hWnd,IDC_URL ; Edit control mov edi, eax invoke LoadLibrary,chr$("user32.dll") invoke GetProcAddress,eax,chr$("ChangeWindowMessageFilterEx") push NULL push 2;TRUE ; MSGFLT_ALLOW 2 = MSGFLT_DISALLOW 0 = MSGFLT_RESET push WM_SETTEXT push edi call eax ...now if App 1 runs I start App 2 and send some text into the IDC_URL edit control of App 1 using SendMessage / WM_SETTEXT and its still working.In this example I thought it would no more work because I called ChangeWindowMessageFilterEx with paramter MSGFLT_DISALLOW = 2 but its still working.Why? I also tried to use it with main routine handle instaed of Edit control handle but also has no effect.Also tried to use the CHANGEFILTERSTRUCT.How its done right? greetz
  13. ...or just use MSDN key that's available on the net and avoid all that insanity. NYWVH-....
  14. Make sure the higher privileged application is the one changing the message filter of the lower privileged window. Ensure you have the correct window handle of the lower privileged window. Have a read through the remarks for ChangeWindowMessageFilterEx. Another thing to be mindful of is if you allow multiple instances of the same application. You may need to consider using mutex's or assigning unique identifiers to each application... Ted.
  15. or simply use tools like RunAsDate
  16. JMC31337

    Visual Studios 2019 Pro - trial

    didn’t mean to stir up arguments 1) I'm not signing into anything 2) not re-downloading vis studio 3) not paying point was just to show how dumb MCSFT is that this ide should have expired and forced me to do any of the above prior 1-3’s, and all it takes is a simple clock setback to continue to use it despite its being expired without any license ps: sure, I could vm my os and do it that way
  17. Apuromafo

    Visual Studios 2019 Pro - trial

    https://visualstudio.microsoft.com/es/vs/support/community-edition-expired-buy-license/ really need login for unlock the ide, only that Community Edition is free. You just need to sign-in with your Microsoft account and everything will be fine again. im was using from 2017 to today..never i was need a licence .. only login BR, Apuromafo
  18. CodeExplorer

    Visual Studios 2019 Pro - trial

    Visual Studio Community also expires: I mean you still have to register online: https://www.quora.com/Visual-Studio-Community-Edition-2017-is-alerting-me-that-Your-30-day-free-trial-has-ended-activate-license-or-close-Why-would-this-be-happening
  19. Apuromafo

    Visual Studios 2019 Pro - trial

    there exist visual studio community, maybe can use until you can found other licence/
  20. JMC31337

    Visual Studios 2019 Pro - trial

    yup i deleted the bin/debug/ project exe and added a msg box to test that and changes are saved added screenshots to show ya what I’m saying - no I don’t not wanna pay for any license on this thing
  21. mamo434376

    +36 Protection / MM-VMP

    is it too difficult to unpack xd
  22. CodeExplorer

    DNGuard HVM 3.8.4.0 - Enterprise

    I've seen that Drin user posted solutions but without any explanation/tutorial so it has removed from view!
  23. 身勝手のごくい

    Visual Studios 2019 Pro - trial

    Hai, Are u sure the changes u make are in the binary u debug? VS has this bad predefined option which doesnt build changes on 'start debugging'. There are 2 options the one is under solution properties irc and the other one in options projects & solutions build & run. VS licensing is like this from as far i remember 2013?+, depending on the version checks for further data and ur 'trick' there, wont work if ur date is over month. Ive digged this shit some time ago to make a loader since their community products require microsoft account logins. If u keep face this problem or any license related let me know. Regards
  24. Dunno if this is in the right topic forum or not but I found something ridiculous in vis studios Apparently MCSFT gives you a time limitation evaluation in its vis studios 2019 trial after my time expired I decided to set my system clock back 2 weeks Instead of the “your trial license has expired,” it fired up but at first any changes made in my cs files wouldn’t stick when debugging my prog i deleted the VS backup folder and deleted the VS splash open recent’s solution selected the open local folder and headed to my prog’s directory of cs files hit F5 debug and it let me continue running it with 14 more days trial license —lost my designer window though so no ez drag n drop toolbox stuff
  25. JMC31337

    BIOS Rootkit ?

    Old post but... id recommend getting ROOTKITS AND BOOTKITS Reversing Modern Malware and Next Generation Threats by Alex Matrosov, Eugene Rodionov, and Sergey Bratus
  26. , totaling nearly 21 GB. https://www.zdnet.com/article/hacker-steals-data-of-millions-of-bulgarians-emails-it-to-local-media/
  27. Hi guys, I will check this WM_COPYDATA too fearless.Thanks for that info. Ok Ted,so on my tests all seems to work without getting any error but I already did wonder why its working so easy.Before I thought also I need to set some access rights for the other process or something.So could you explain this ChangeWindowMessageFilterEx function a little for me?I dont get it yet.Or just tell me how to check this. Lets say I execute my example code from above from App 2 to send text to App 1's edit control via SendMessage WM_SETTEXT.After this function I check eax for TRUE = success or FALSE = failed.In a case of failed I should now call GetLastError function and checking for ERROR_ACCESS_DENIED.Ok,lets say it is this case so what then?Calling now ChangeWindowMessageFilterEx.The HWND = main HWND of App 1 itself right?So I mean the first handle I got from FindWindow function.What to enter in message paramter = WM_SETTEXT?For 3 paramter = MSGFLT_ALLOW and 4 parameter = nothing.Do you mean this so? Example: invoke FindWindow,NULL,chr$("App1") .if eax != FALSE mov edi, eax xor esi, esi .while eax != FALSE invoke FindWindowEx,edi,esi,chr$("Edit"),NULL .if eax != FALSE mov esi, eax invoke GetDlgCtrlID,esi .if eax != FALSE .if eax == 1002 ; Edit control ID of App1 invoke SendMessage,esi,WM_SETTEXT,0,_buffer .if eax == FALSE invoke GetLastError .if eax == ERROR_ACCESS_DENIED invoke LoadLibrary,chr$("user32.dll") invoke GetProcAddress,eax,chr$("ChangeWindowMessageFilterEx") .if eax != FALSE push NULL push TRUE ; MSGFLT_ALLOW push WM_SETTEXT push edi call eax .if eax != FALSE invoke SendMessage,esi,WM_SETTEXT,0,_buffer .break .endif .endif .endif .endif .break .endif .endif .endif .endw .endif So I tried this code.In my case WM_SETTEXT does work before ...I bypassed this and did call this ChangeWindowMessageFilterEx function and here I get this error 5 of ERROR_ACCESS_DENIED back and eax FALSE.Have I dont it wrong etc?Or do you mean I need to use this function ChangeWindowMessageFilterEx in App1 and not in App2? I also tried to use ChangeWindowMessageFilterEx in App1 calling with MSGFLT_DISALLOW with WM_SETTEXT.Now in app2 I did call WM_SETTEXT with handle of Edit control of App1 and its still working = no access denied etc. Do you have a small example code using this function to set to allow / disallow correctly?Just wanna test whether it works in both directions to verify it. Thank you
  28. Just be mindful of UIPI and process elevation levels if you plan on using SendMessage. Otherwise you will need to look at changing window message filters (ChangeWindowMessageFilterEx) of lower privileged windows. You can check if your messages are being blocked by calling GetLastError and checking for access denied (5)... Ted.
  1. Load more activity
×
×
  • Create New...