Jump to content
Tuts 4 You

Leaderboard


Popular Content

Showing content with the highest reputation since 11/29/2019 in Posts

  1. 2 points
    I am glad you have a workaround for this in the end. You may find suspending operation for around ~10 milliseconds after setting the cursor position and before simulating the mouse down input, using the Sleep function, adds a little bit more reliability and may not require you to add a second call to SetWindowPos. If you are concerned about accidentally activating a menu when simulating the mouse down you can calculate the centre of the windows titlebar or populate NONCLIENTMETRICS structure. Just be mindful there may be occasions where this may still occur particularly with owner drawn windows and Windows 10 apps. I still recommend the timer option... 😎 Ted.
  2. 2 points
    Another variation by detecting user input then sending the window back from the foreground... Global User32 = OpenLibrary(#PB_Any, "user32.dll") Prototype.i AddClipboardFormatListener_(hWnd) Global AddClipboardFormatListener_.AddClipboardFormatListener_ AddClipboardFormatListener_ = GetFunction(User32, "AddClipboardFormatListener") Procedure LastInput(cWnd) Protected plii.LASTINPUTINFO Protected lastTime plii\cbSize = SizeOf(LASTINPUTINFO) If GetLastInputInfo_(@plii) lastTime = plii\dwTime Repeat GetLastInputInfo_(@plii) Delay(10) Until plii\dwTime > lastTime SetWindowPos_(WindowID(0), cWnd, #Null, #Null, #Null, #Null, #SWP_NOSIZE | #SWP_NOMOVE | #SWP_ASYNCWINDOWPOS) EndIf EndProcedure Procedure WindowToFocus(hWnd, uMsg, wParam, lParam) Static cOnr, cWnd #WM_CLIPBOARDUPDATE = $031D Select uMsg Case #WM_CLIPBOARDUPDATE If IsClipboardFormatAvailable_(#CF_TEXT) ; Find the last clipboard owner then bring our window to the foreground. cOnr = GetClipboardOwner_() cWnd = GetParent_(cOnr) SetWindowPos_(cWnd, hWnd, #Null, #Null, #Null, #Null, #SWP_NOSIZE | #SWP_NOMOVE | #SWP_ASYNCWINDOWPOS) ; Save the current mouse pointer coordinates. CreateThread(@LastInput(), cWnd) EndIf EndSelect ProcedureReturn #PB_ProcessPureBasicEvents EndProcedure If OpenWindow(0, 0, 0, 300, 200, "WindowToFocus", #PB_Window_ScreenCentered | #PB_Window_SizeGadget | #PB_Window_MaximizeGadget) AddClipboardFormatListener_(WindowID(0)) SetWindowCallback(@WindowToFocus()) Repeat Until WaitWindowEvent() = #PB_Event_CloseWindow EndIf Ted. LastInput.exe
  3. 2 points
    This seems to solve your problem. Give it a try, hopefully all good for you... Global User32 = OpenLibrary(#PB_Any, "user32.dll") Prototype.i AddClipboardFormatListener_(hWnd) Global AddClipboardFormatListener_.AddClipboardFormatListener_ AddClipboardFormatListener_ = GetFunction(User32, "AddClipboardFormatListener") Procedure WindowToFocus(hWnd, uMsg, wParam, lParam) Static lpPoint.POINT, tagINPUT.INPUT Static cOnr, cWnd, Timer #WM_CLIPBOARDUPDATE = $031D Select uMsg Case #WM_CLIPBOARDUPDATE If IsClipboardFormatAvailable_(#CF_TEXT) ; Find the last clipboard owner then bring our window to the foreground. cOnr = GetClipboardOwner_() cWnd = GetParent_(cOnr) SetWindowPos_(cWnd, hWnd, #Null, #Null, #Null, #Null, #SWP_NOSIZE | #SWP_NOMOVE | #SWP_ASYNCWINDOWPOS) ; Save the current mouse pointer coordinates. GetCursorPos_(@lpPoint.POINT) ; Find our window position then activate our window. GetWindowRect_(hWnd, @lpRect.RECT) SetCursorPos_(lpRect\left + 10, lpRect\top + 10) ; Simulate mouse down. tagINPUT\type = #INPUT_MOUSE tagINPUT\mi\dwFlags = #MOUSEEVENTF_LEFTDOWN SendInput_(1, @tagINPUT, SizeOf(INPUT)) ; Simulate mouse up. tagINPUT\mi\dwFlags = #MOUSEEVENTF_LEFTUP SendInput_(1, @tagINPUT, SizeOf(INPUT)) ; Return mouse pointer to original position. SetCursorPos_(lpPoint\x, lpPoint\y) EndIf EndSelect ProcedureReturn #PB_ProcessPureBasicEvents EndProcedure If OpenWindow(0, 0, 0, 300, 200, "WindowToFocus", #PB_Window_ScreenCentered | #PB_Window_SizeGadget | #PB_Window_MaximizeGadget) AddClipboardFormatListener_(WindowID(0)) SetWindowCallback(@WindowToFocus()) Repeat Until WaitWindowEvent() = #PB_Event_CloseWindow EndIf Ted. WindowToFocus.exe WindowToFocus x32.exe
  4. 1 point
  5. 1 point
    sure u go with FastStone Capture
  6. 1 point
    Starting from the smallest: IrfanView, XNView Classic, Paint.NET. Rotate works in all 3; Saving transparency info is slightly crappy in IrfanView, works perfectly in all others; Resize on mouse scroller - haven't seen in any editor ever. Works in all 3 by entering resize % (eg. 200%) or target dimensions;
  7. 1 point
  8. 1 point
    Hi again, I changed the code a little... invoke GetClipboardOwner mov cOnr,eax invoke GetParent,cOnr mov cWnd,eax invoke SetWindowPos,cWnd,hWin,0,0,0,0,SWP_NOSIZE or SWP_NOMOVE or SWP_ASYNCWINDOWPOS invoke GetCursorPos,addr lp invoke GetWindowRect,hWin,addr rc mov eax, rc.left add eax, 30 mov ecx, rc.top add ecx, 10 invoke SetCursorPos,eax,ecx invoke SetWindowPos,hWin,HWND_TOPMOST,0,0,0,0,SWP_NOSIZE or SWP_NOMOVE or SWP_ASYNCWINDOWPOS invoke SetWindowPos,hWin,HWND_NOTOPMOST,0,0,0,0,SWP_NOSIZE or SWP_NOMOVE or SWP_ASYNCWINDOWPOS mov INP.INPUT._type,INPUT_MOUSE mov INP.INPUT.mi.dwFlags, MOUSEEVENTF_LEFTDOWN invoke SendInput,1,addr INP,sizeof INP mov INP.INPUT.mi.dwFlags, MOUSEEVENTF_LEFTUP invoke SendInput,1,addr INP,sizeof INP invoke SetCursorPos,lp.x,lp.y ...adding SetWindowPos x2.Now it works better.Also moved mouse more to left to prevent to open that menu.But also in this case its not working all over.When I do copy something from browser or other sources then WM_CLIPBOARDUPDATE seems to fail.Before I used WM_DRAWCLIPBOARD with SetClipboardViewer functon etc and there it was working.Strange is that its now no more working.Maybe using AddClipboardFormatListener function and RemoveClipboardFormatListener isnt a good choice or doing change something on my system = WM_DRAWCLIPBOARD fails.Now I need to reboot PC to check this out.Hhmm!!!So thats pretty bad,dont wanna each time do a reboot just to get my old stuff working again.Otherwise I will just using SetWindowPos x2 alone without getting the avtive window status if the other code examples doing some strange problems later. greetz EDIT: My fault about WM_DRAWCLIPBOARD so its still working.Just forgot that I added a check yesterday.So I think now its seems to work better using example from Ted WindowToFocus x32 just with adding SetWindowPos x2 and moving mousepointer some more to right side where it does click on.I think with this method I can live now so far. I can use it with WM_DRAWCLIPBOARD (SetClipboardViewer etc) or also with WM_CLIPBOARDUPDATE with AddClipboardFormatListener function.This seems to be easier just need to call this function once + RemoveClipboardFormatListener at the end. Thank again guys.
  9. 1 point
    Waiting on mouse movement this time... Global User32 = OpenLibrary(#PB_Any, "user32.dll") Prototype.i AddClipboardFormatListener_(hWnd) Global AddClipboardFormatListener_.AddClipboardFormatListener_ AddClipboardFormatListener_ = GetFunction(User32, "AddClipboardFormatListener") Procedure LastInput(cWnd) Protected lpPoint.POINT Protected oldx, oldy GetCursorPos_(@lpPoint.POINT) oldx = lpPoint\x oldy = lpPoint\y Repeat GetCursorPos_(@lpPoint.POINT) Delay(10) Until oldx <> lpPoint\x Or oldy <> lpPoint\y SetWindowPos_(WindowID(0), cWnd, #Null, #Null, #Null, #Null, #SWP_NOSIZE | #SWP_NOMOVE | #SWP_ASYNCWINDOWPOS) EndProcedure Procedure WindowToFocus(hWnd, uMsg, wParam, lParam) Static cOnr, cWnd #WM_CLIPBOARDUPDATE = $031D Select uMsg Case #WM_CLIPBOARDUPDATE If IsClipboardFormatAvailable_(#CF_TEXT) ; Find the last clipboard owner then bring our window to the foreground. cOnr = GetClipboardOwner_() cWnd = GetParent_(cOnr) SetWindowPos_(cWnd, hWnd, #Null, #Null, #Null, #Null, #SWP_NOSIZE | #SWP_NOMOVE | #SWP_ASYNCWINDOWPOS) ; Save the current mouse pointer coordinates. CreateThread(@LastInput(), cWnd) EndIf EndSelect ProcedureReturn #PB_ProcessPureBasicEvents EndProcedure Ted.
  10. 1 point
    I might point out that perhaps what is missing is the task at hand. If I copy a magnet:// link, my torrent app will automatically come to the front and offer to download if it is open. In Windows 10, clicking on a link which has magnet:// now brings up a would you like such and such app to open this warning. The only Windows-sanctioned solution is to use the correct mechanisms like registering your app to handle all of these events. Clipboard Viewer Chain: https://docs.microsoft.com/en-us/windows/win32/dataxchg/using-the-clipboard#adding-a-window-to-the-clipboard-viewer-chain Protocol Handlers: https://docs.microsoft.com/en-us/windows/win32/search/-search-3x-wds-ph-install-registration There are probably tricks you can do. I don't know how the torrent programs monitor and bring to front, but I imagine you could monitor the clipboard for a change, modify the clipboard to contain a protocol that you are registered for e.g. myapp:// and then the system will bring your app to the forefront. I imagine this works in Win7 as well. But its a cleaner and better route in modern windows than hijacking the foreground window which due to annoying apps that have overused that ability has become increasingly complicated, difficult and with all sorts of nuances and details to check for. For example accessibility features, custom keyboard mappings, system style of windows that might make keyboard/mouse simulation complex, privileged windows, UAC elevation prompts, 2 apps that both are trying to capture and bring to front could end up getting in deadlock fight for it, etc. A professional solution probably is not worth it unless its absolutely necessary with no alternatives and could require reversing Windows a bit to get some peculiar details. I've browsed the Win2k source more than few times :). IMO, Microsoft should open source the UI drawing parts of the basic windows controls so its easy to derive clean professional owner-draw solutions and the like which deals with every possible circumstance. That seems long overdue and who knows at the current rate maybe they will some day.
  11. 1 point
    I have made 2 small files for you to test as a workaround for your problem... SetForegroundWindow Keypress Test.exe (Simulates ALT Press & Release) keybd_event(VK_MENU,0, 0 , 0); //Alt Press keybd_event(VK_MENU,0,KEYEVENTF_KEYUP,0); // Alt Release SetForegroundWindow Mousebutton Test.exe (Simulates Left Mouse Button Press & Release) mouse_event(MOUSEEVENTF_ABSOLUTE or MOUSEEVENTF_LEFTDOWN, 0, 0, 0, 0); // Left Button Press mouse_event(MOUSEEVENTF_ABSOLUTE or MOUSEEVENTF_LEFTUP, 0, 0, 0, 0); // Left Button Up SetForegroundWindowTest.rar Both worked for me in all programs I tried including Olly A workaround like this is the only way you can reliably steal focus due to the restrictions, simulating a mouse press or a keypress tricks it into taking away the focus from the window you are working with, ALT apparently allows SetForegroundWindow due to the ALT+TAB feature of windows which will always be on top
  12. 1 point
    I think I already answered it 😋 When a user is working/interacting in an active window you can't steal focus away from it to another application. The user passes on focused privileges by activating the window. If you are really, really, really intent on stealing focus you can do something immensely annoying by simulating a mouse click on screen in a window. Something like this... Global User32 = OpenLibrary(#PB_Any, "user32.dll") Prototype.i AddClipboardFormatListener_(hWnd) Global AddClipboardFormatListener_.AddClipboardFormatListener_ AddClipboardFormatListener_ = GetFunction(User32, "AddClipboardFormatListener") Procedure WindowToFocus(hWnd, uMsg, wParam, lParam) Static cOnr, cWnd, Timer #WM_CLIPBOARDUPDATE = $031D Select uMsg Case #WM_CLIPBOARDUPDATE If IsClipboardFormatAvailable_(#CF_TEXT) cOnr = GetClipboardOwner_() cWnd = GetParent_(cOnr) SetWindowPos_(cWnd, hWnd, #Null, #Null, #Null, #Null, #SWP_NOSIZE | #SWP_NOMOVE | #SWP_ASYNCWINDOWPOS) ;GetWindowRect_(cWnd, @lpRect.rect) GetWindowRect_(hWnd, @lpRect.rect) SetCursorPos_(lpRect\left + 10, lpRect\top + 10) tagINPUT.INPUT ; Mouse down... tagINPUT\type = #INPUT_MOUSE tagINPUT\mi\dwFlags = #MOUSEEVENTF_LEFTDOWN SendInput_(1, @tagINPUT, SizeOf(INPUT)) ; Mouse up... tagINPUT\mi\dwFlags = #MOUSEEVENTF_LEFTUP SendInput_(1, @tagINPUT, SizeOf(INPUT)) EndIf EndSelect ProcedureReturn #PB_ProcessPureBasicEvents EndProcedure If OpenWindow(0, 0, 0, 300, 200, "WindowToFocus", #PB_Window_ScreenCentered | #PB_Window_SizeGadget | #PB_Window_MaximizeGadget) AddClipboardFormatListener_(WindowID(0)) SetWindowCallback(@WindowToFocus()) Repeat Until WaitWindowEvent() = #PB_Event_CloseWindow EndIf Ted.
  13. 1 point
    SetWindowPos can change the z order but it doesn't activate the window You can use SetActiveWindow after you have brought to front, if its not in front it will not set as active Have you tried SetForegroundWindow ?
  14. 1 point
    I use a free app which I think does what your asking, it is a downloader which monitors the clipboard for new links to sites it supports such as youtube, clicknupload etc. and when a new link is copied to clipboard it pops up a window asking if you want to download it if that's what you want your app to do then maybe you could see how they do it there http://wordrider.net/freerapid/
  15. 1 point
    You cannot take (steal) focus away from another window you do not control whilst the user is currently active inside it. You will not be notified of the other windows' events to make a judgement call when to send your window to back. As @kao mentioned above the only way to do this would be to attach to the thread input queue of that window. You can then change its z-order position whilst focused. There are a few caveats. If the process is elevated you will not be able to attach to the input queue. If there is a problem with the process you are attached to you run the risk of inheriting those problems. Some more questions; Why do you need to bring your window to the front? What is the purpose of your window whilst it is in front, what will it do when it is front? If you need to bring the window to the front how long do you need it to be there? Why do you need to send it to the back? If you only need your window to be front for a short period set a timer event to send it back when its work is done. There are some other methods whilst another window has focus though they are hit-and-miss. Waiting for WM_NCACTIVATE is one, though this event may never occur and shouldn't be relied upon. Global User32 = OpenLibrary(#PB_Any, "user32.dll") Prototype.i AddClipboardFormatListener_(hWnd) Global AddClipboardFormatListener_.AddClipboardFormatListener_ AddClipboardFormatListener_ = GetFunction(User32, "AddClipboardFormatListener") Procedure WindowToFocus(hWnd, uMsg, wParam, lParam) Static cOnr, cWnd, Timer #WM_CLIPBOARDUPDATE = $031D Select uMsg Case #WM_CLIPBOARDUPDATE If IsClipboardFormatAvailable_(#CF_TEXT) cOnr = GetClipboardOwner_() cWnd = GetParent_(cOnr) SetWindowPos_(cWnd, hWnd, #Null, #Null, #Null, #Null, #SWP_NOSIZE | #SWP_NOMOVE | #SWP_ASYNCWINDOWPOS) SetTimer_(hWnd, Timer, 500, #Null) EndIf Case #WM_TIMER Select wParam Case Timer SetWindowPos_(hWnd, cWnd, #Null, #Null, #Null, #Null, #SWP_NOSIZE | #SWP_NOMOVE | #SWP_ASYNCWINDOWPOS) EndSelect EndSelect ProcedureReturn #PB_ProcessPureBasicEvents EndProcedure If OpenWindow(0, 0, 0, 300, 200, "WindowToFocus", #PB_Window_ScreenCentered | #PB_Window_SizeGadget | #PB_Window_MaximizeGadget) AddClipboardFormatListener_(WindowID(0)) SetWindowCallback(@WindowToFocus()) Repeat Until WaitWindowEvent() = #PB_Event_CloseWindow EndIf Ted.
  16. 1 point
    I am a simple man and not sure what you are trying to achieve. I think you may be over complicating things. Is this in the correct order of what you are trying to do? Wait for WM_DRAWCLIPBOARD message, On CF_TEXT bring window to front, When user clicks on window set window to the back. If it is, an alternate option; Wait for WM_DRAWCLIPBOARD message, On CF_TEXT call GetClipboardOwner to obtain hWnd of current clipboard owner, In your windows event handler wait for WM_KILLFOCUS, Call SetWindowPos with hWndInsertAfter to position your window after the last clipboard owner. You'll obviously have to add some code to manage when you want to act on WM_KILLFOCUS events or you will have your window bouncing around behind every clipboard owner. There are a few other ways you could do this. If you step out nice and simple what you are trying to do so I understand I'll be able to help better... Ted.
  17. 1 point
    GetWindowThreadProcessId you might wanna check that doesnt destroy ebx
  18. 1 point
    Injector uses VB P-Code, you'll need to use VB decompiler or some P-Code disassembler for analysis. It's pretty funky code using shellcode, resolving APIs by hash and what not. Or you can simply put breakpoint on RtlDecompressBuffer and then dump decompressed payload from memory. It's an old shitty backdoor called XpertRAT. BTW, injector works just fine in my VMWare (32bit Win7).
  19. 1 point
    Step 1: Few notes: is used .NET module trick; you can dump the .NET module with memcpyLogger, You just have find to the first the block which starts with MZ. You get the module assembly entry point token with ConfuserExConstant.exe - as file input you enter original protected file, The Entry Point Token value is 600009C Tools used: https://www115.zippyshare.com/v/HETHPm4D/file.html Step 1: Dumping .NET module explained before; Step2: Confuser Exceptions Restore - anti-tamper: - this is for decrypting MSIL: https://forum.tuts4you.com/topic/41025-confuser-exceptions-restore-anti-tamper It works just fine you must unmark "Invoke EP" and "Patch Anti-tamper". So after we nop first method from <Module>.ctor - this was the anti-tamper; we also fix the entry point of koi module with 600009C Here is the partial unpacked exe: https://www8.zippyshare.com/v/M78VMowQ/file.html or string decryption I've used this: https://github.com/cawk/ConfuserEx-Static-String-Decryptor/releases Check/Mark "Invoke". For c-flow I've used ConfuserExSwitchKiller. ConfuserExCallFixer.exe for inline methods. Here is completly deobfuscated exe: https://www119.zippyshare.com/v/YFwpUuCv/file.html private void method_1(object sender, EventArgs e) { if (this.textBox_1.get_Text().Length >= 5) { string str = this.textBox_1.get_Text(); if (!Directory.Exists(@"Data\\License")) { MessageBox.Show("Password was not found!", str); } else { StreamReader reader = new StreamReader(@"Data\\License\license.dat"); reader.ReadLine(); string str3 = reader.ReadLine(); reader.Close(); if (Class7.smethod_1(str3) == this.textBox_1.get_Text()) { MessageBox.Show("Good Job !"); } else { MessageBox.Show("password is wrong!"); } } } else { MessageBox.Show("Password is invaled or too short!"); } } public static string smethod_1(string string_2) { byte[] inputBuffer = Convert.FromBase64String(string_2); AesCryptoServiceProvider provider = new AesCryptoServiceProvider { BlockSize = 0x80, KeySize = 0x100, Key = Encoding.ASCII.GetBytes(string_1), IV = Encoding.ASCII.GetBytes(string_0), Padding = PaddingMode.PKCS7, Mode = CipherMode.CBC }; ICryptoTransform transform = provider.CreateDecryptor(provider.Key, provider.IV); byte[] bytes = transform.TransformFinalBlock(inputBuffer, 0, inputBuffer.Length); transform.Dispose(); return Encoding.ASCII.GetString(bytes); }
  20. 1 point
    Good times! I still play UT every once in while, last time was with my son. Happy to participate in a game night/day if someone is able to organise an event and it falls at a suitable date and time... Ted.
  21. 0 points
    I do miss the old times with people actually posting new and interesting stuff in here. Last few years have been really tough. I don't have a solution to that, just the feeling that it's the biggest problem that needs addressing. As for smaller and easier to solve things: 1) It would be nice to have faster actions to stop troll-fights between techlord's fans and their opponents. Last thing we need here is the toxic atmosphere they bring; 2) It's time to stop "Difficulty 10/10" nonsense in crackmes that contain nothing more than a rebranded ConfuserEx. For example, create a rule that members with "Junior" title are not allowed to post crackmes, as they almost inevitably submit total garbage. Or maybe crackme section moderators could do more filtering (I'm not saying they are not doing a good job - they are!, just that the acceptance rules are too relaxed); My 2 cents. kao.
  • Newsletter

    Want to keep up to date with all our latest news and information?
    Sign Up
×
×
  • Create New...