Leaderboard

Check Ted's answer again: So if you want colors (any at all) or mix normal/bold then you will need to draw the items yourself using the GDI api SetTextColor and TextOut and those functions after responding to the draw item event by setting the owner draw flag.

Here is a working sample (in PureBasic) for you. This sets one of the menu items to be bold... If OpenWindow(0,0,0,250,100,"Right click in the window...", #PB_Window_SystemMenu | #PB_Window_ScreenCentered) If CreatePopupMenu(0) MenuItem(0,"MenuItem 0") MenuItem(1,"MenuItem 1") MenuItem(2,"MenuItem 2") MenuItem(3,"MenuItem 3") bold.MENUITEMINFO bold\cbSize = SizeOf(bold) bold\fMask = #MIIM_STATE bold\fState = #MFS_DEFAULT SetMenuItemInfo_(MenuID(0), 2, #True, bold) ;"2" is the MenuItem to be made bold EndIf Repeat Event = WaitWindowEvent() If Event = #WM_RBUTTONUP DisplayPopupMenu(0, WindowID(0)) EndIf Until Event = #PB_Event_CloseWindow EndIf If you want to add colours and the like you will have to consider using #MFT_OWNERDRAW and manually draw the menu items on #WM_DRAWITEM event... Ted. Bold Menu Item.exe

I use something like this if I want to make a menu item bold... bold.MENUITEMINFO bold\cbSize = SizeOf(bold) bold\fMask = #MIIM_STATE bold\fState = #MFS_DEFAULT SetMenuItemInfo_(MenuID(0), 2, #True, bold) ;"2" is the MenuItem to be made bold https://docs.microsoft.com/en-us/windows/desktop/api/winuser/nf-winuser-setmenuiteminfow https://docs.microsoft.com/en-au/windows/desktop/api/winuser/ns-winuser-tagmenuiteminfoa Ted.

I knocked up a quick example, you could do something similar to this... Declare.i WinProc(hWnd, Msg, wParam, lParam) Declare.i SetMenuItemBold(MenuNum) Global hMenu If OpenWindow(0, 0, 0, 250, 100,"Right click in the window...", #PB_Window_SystemMenu | #PB_Window_ScreenCentered) If SetWindowCallback(@WinProc()) hMenu = CreatePopupMenu(0) If hMenu ; Create a text array for the menu item text. Global Dim menutext.s(4) menutext(0) = " MenuItem 0" menutext(1) = " MenuItem 1" menutext(2) = " MenuItem 2" menutext(3) = " End" ; Create the menu items and point to the array containing the text. MenuItem(0, menutext(0)) MenuItem(1, menutext(1)) MenuItem(2, menutext(2)) MenuItem(3, menutext(3)) ; Set menu items to #MFT_OWNERDRAW For a = 0 To 3 With tag.MENUITEMINFO \cbSize = SizeOf(MENUITEMINFO) \fMask = #MIIM_TYPE \fType = #MFT_OWNERDRAW \dwTypeData = @menutext(a) SetMenuItemInfo_(hMenu, a, #True, @tag) EndWith Next EndIf ; PureBasic window event loop. Repeat Event = WaitWindowEvent() Select Event Case #PB_Event_RightClick DisplayPopupMenu(0, WindowID(0)) ; When a menu item is clicked on set it to bold. Case #PB_Event_Menu Select EventMenu() Case 0 : SetMenuItemBold(EventMenu()) Case 1 : SetMenuItemBold(EventMenu()) Case 2 : SetMenuItemBold(EventMenu()) Case 3 : End EndSelect EndSelect Until Event = #PB_Event_CloseWindow EndIf EndIf Procedure.i WinProc(hWnd, Msg, wParam, lParam) Static hbrush Select Msg Case #WM_DESTROY ; Delete created objects once the window is destroyed. DeleteObject_(hbrush) Case #WM_MEASUREITEM ; lParam - Pointer to a MEASUREITEMSTRUCT structure that contains the dimensions of the owner-drawn control or menu item. *lpm.MEASUREITEMSTRUCT = lParam ; Define the width and height for the menu item to be created. *lpm\itemWidth = 200 *lpm\itemHeight = 30 Case #WM_DRAWITEM: ; lParam - Pointer to a DRAWITEMSTRUCT structure containing information about the item to be drawn and the type of drawing required. *lpd.DRAWITEMSTRUCT = lParam ; If a menu item is selected, use #COLOR_MENUHILIGHT. If *lpd\itemState & #ODS_SELECTED hbrush = CreateSolidBrush_(GetSysColor_(#COLOR_MENUHILIGHT)) SelectObject_(*lpd\hDC, hbrush) EndIf ; Set the background mix mode of the specified device context to #TRANSPARENT. ; This sets the text background to #TRANSPARENT (otherwise its background will be filled a different colour from that of the menu). SetBkMode_(*lpd\hDC, #TRANSPARENT) ; Set the device context boundary pen colour, the null pen draws nothing. SelectObject_(*lpd\hDC, GetStockObject_(#NULL_PEN)) ; A rectangle that defines the boundaries of the control to be drawn. ; When drawing menu items, the owner window must not draw outside the boundaries of the rectangle defined by the rcItem member. Rectangle_(*lpd\hDC, *lpd\rcItem\left, *lpd\rcItem\top, *lpd\rcItem\right, *lpd\rcItem\bottom) If menutext(*lpd\itemID) = menutext(1) SetTextColor_(*lpd\hDC, #Green) DrawText_(*lpd\hDC, menutext(*lpd\itemID), -1, @*lpd\rcItem, #Null) ElseIf menutext(*lpd\itemID) = menutext(2) ; Calculate the length of the menu item text. DrawText_(*lpd\hDC, menutext(*lpd\itemID), -1, @*lpd\rcItem, #DT_CALCRECT) ; Set the menu item text colour and then draw it. SetTextColor_(*lpd\hDC, #Blue) DrawText_(*lpd\hDC, menutext(*lpd\itemID), -1, @*lpd\rcItem, #Null) ; Save the old right co-ordinate so we can offset the additional menu item text. oldRight = *lpd\rcItem\right ; Calculate the length of the additional menu item text. DrawText_(*lpd\hDC, " Tuts4You", -1, @*lpd\rcItem, #DT_CALCRECT) ; Calculate the offset to add the new text in the menu. *lpd\rcItem\left = oldRight *lpd\rcItem\right + oldRight ; Set the menu item text colour and then draw it. SetTextColor_(*lpd\hDC, #Red) DrawText_(*lpd\hDC, " Tuts4You", -1, @*lpd\rcItem, #Null) Else DrawText_(*lpd\hDC, menutext(*lpd\itemID), -1, @*lpd\rcItem, #Null) EndIf EndSelect ProcedureReturn #PB_ProcessPureBasicEvents EndProcedure Procedure SetMenuItemBold(hMenuNumSel) bold.MENUITEMINFO bold\cbSize = SizeOf(bold) bold\fMask = #MIIM_STATE bold\fState = #MFS_DEFAULT SetMenuItemInfo_(hMenu, hMenuNumSel, #True, bold) EndProcedure Ted. Coloured Menu Item.exe

Hi LCF-AT, usually you have to use owner-drawn menus: you just tell windows you would take the burden to measure and draw the content by yourself. A very very quick Google search takes you to http://winapi.freetechsecrets.com/win32/WIN32Example_of_OwnerDrawn_Menu_Items.htm https://www.codeproject.com/Articles/8715/Owner-drawn-menus-in-two-lines-of-code https://www.codeguru.com/cpp/controls/menu/article.php/c3719/The-Easiest-Way-to-Code-the-Owner-Drawn-Menu.htm Don't know if there's available an example in pure ASM, I'm afraid. Regards, Tony

Probably have to create your own control with a WS_POPUP window and use DrawText for the individual parts in the different colors. And have to calc the 'menu item' positions, and store the 'menu text' strings in an array or structures etc. Also calc position of the control relative to where mouse/cursor position was, for the placement to show it at.

https://youtu.be/Sv8yu12y5zM bonus - VSCodium - Binary releases of VS Code without MS branding/telemetry/licensing - hxxps://github.com/VSCodium/vscodium

Program cannot start because VMprotect dll is missing Are you sure this is using no packer or protector?

Used protector (I've forget to specify): https://www.52pojie.cn/thread-652274-1-1.html http://distro.crack.vc/index.php?dir=RceTools/Packers/ Finally made scripts and a tutorial on how to restore stolen bytes: https://forum.tuts4you.com/topic/41211-obsidium-olly-scripts/ BR.

Tools: dnSpy, ConfuserEx Tools, de4dot ConsoleApplication3_unpacked.exe

Thanks much Teddy... Any ideas why I keep getting error that I have exceeded download quota? I can download 4mb's and get that error every time... Then have to wait until tomorrow, and hope it continues it. Frustrating as heck lol... Thank you for taking time to put the link. ËÞIãLèS666

@ramjane I'm sharing my private script to reach OEP on all 5.xx (and maybe 4.xx). First it tries to find static OEP address in Enigma VM section. If failed, it tries to dynamically reach OEP. lc log "Enigma 5.xx OEP Finder by PC-RET v 1.1 started" bc dbh bphwc gmi eip, MODULEBASE MOV IMAGEBASE, $RESULT //gmi eip, CODEBASE //MOV CODEBASE, $RESULT //gmi eip, CODESIZE //MOV CODESIZE, $RESULT pusha mov eax, IMAGEBASE mov edi, eax add eax, 3C mov eax, edi+[eax] mov SECTIONS, [eax+06], 02 mov esi, eax+0F8 mov edi, 28 mov ebp, SECTIONS mov ecx, edi mul edi, 1 // second section add edi, esi sub edi, 28 mov CODEBASE, [edi+0C] add CODEBASE, IMAGEBASE mov CODESIZE, [edi+08] popa GPA "VirtualAlloc", "kernel32.dll" mov VirtualAlloc, $RESULT GPA "VirtualProtect", "kernel32.dll" mov VirtualProtect, $RESULT GPA "VirtualQuery", "kernel32.dll" mov VirtualQuery, $RESULT bphws VirtualAlloc run rtr esti bphwc VirtualAlloc gmemi eip, MEMORYBASE mov ENIGMA_SECTION, $RESULT mov startsearch, ENIGMA_SECTION find startsearch, #8945F8EB0C8BCF8BD68B45FCE8????????F6C304740B8B55F88B45FC# // structure cmp $RESULT, 0 je dynamic_find static_find: bp $RESULT esto gmemi esi, MEMORYBASE mov startsearch, $RESULT gmemi esi, MEMORYSIZE mov searchend, $RESULT add searchend, startsearch alloc 100 mov eval_section, $RESULT mov [eval_section], #609CB8AAAAAAAABBBBBBBBBBB9CCCCCCCCBADDDDDDDD3BC20F831F0000003918740D813800004000740583C004EBE73948100F840800000083C004EBD99D61908B70F803F39D6190# mov [eval_section+3], startsearch mov [eval_section+8], IMAGEBASE mov [eval_section+D], CODESIZE mov [eval_section+12], searchend bp eval_section+3f bp eval_section+45 bp eval_section+47 mov bakeip, eip mov eip, eval_section esto cmp eip, eval_section+3f je notfound_static cmp eip, eval_section+45 je found_static jmp error found_static: ///////////////////////You can stop here and see OEP in ESI register/////////////////////// mov oep, esi esto mov eip, bakeip bc free eval_section gmemi oep, MEMORYBASE cmp $RESULT, 0 jne not_invalid_oep eval "Invalid OEP found: {oep}. Now script will try another method." msg $RESULT jmp dynamic_find not_invalid_oep: mov oepbytes, [oep], 2 cmp oepbytes, 25ff je risc_oep cmp $RESULT, CODEBASE je good_oep eval "Some weird OEP found: {oep}. Do you want to continue or try using another method? \r\n\r\n\r\nContinue: NO\r\nAnother method: YES" msgyn $RESULT cmp $RESULT, 01 je dynamic_find good_oep: bphws oep esto msg "OEP found!" bphwc ret risc_oep: eval "It seems that OEP: {oep} is RISC-protected. Continuing in another mode." msg $RESULT jmp dynamic_find notfound_static: mov eip, bakeip bc free eval_section dynamic_find: bphws VirtualProtect esto bphwc VirtualProtect bphws VirtualQuery mov hits, 0 VirtualQueryloop: esto cmp [esp+4], IMAGEBASE je checkhits jmp VirtualQueryloop checkhits: inc hits cmp hits, 2 jne VirtualQueryloop bc bphwc bprm CODEBASE, CODESIZE run bpmc msg "Possible OEP(near OEP) found." ret error: msg "Fatal error occured." ret

Read the FULL ARTICLE HERE . Full SOURCES and set of tools can be DOWNLOADED FROM HERE . A PDF created from the website article is attached for the convenience of the readers. PRACTICAL uses : The principles discussed can be used for reversing the firmware of Routers, Dongles etc etc. Please note that while the author has focussed on firmware which is Open Source, the same principles can also be used for Closed-Source Firmware. Firmware Hooking - Using Capstone and Keystone.pdf