Jump to content
Tuts 4 You

Loader By Vb6

ahmadmansoor

By ahmadmansoor
in Programming and Coding

Recommended Posts

ahmadmansoor

ahmadmansoor

Posted
Posted

Hi all :confused:

anybody have a Good example on how create a loader useing vb6 ..... i need a real example (code and file).

pls i need help in this .......

and may it include the way on how hook API , put Hw-bp and something like this , it is not problem if it depended on anthor dll file (coded by C++)

pls help

Thanks in adv

Link to comment
DrPepUr

DrPepUr

Posted
Posted

This should get ya started.....remember PSC.com can be your friend :P

http://www.planet-source-code.com/vb/scripts/ShowCode.asp?txtCodeId=40478&lngWId=1
Link to comment
ahmadmansoor

ahmadmansoor

Posted
  • Author
Posted
This should get ya started.....remember PSC.com can be your friend :P
http://www.planet-source-code.com/vb/scripts/ShowCode.asp?txtCodeId=40478&lngWId=1

@dustyh1981 :

First : thanks u very much for ur fast replay ^_^ , but my friend i am a member in this form too :thumbsup: .and i know all file in it .....but realy i don't find any usefull example to create a Loader (i maen real Loader )..which use CreateProcessA & CreateThread & all Api connected with this subject....

and the way to put Hardware Breakpoints in some places in the memory and patch it or patch the EAX or like this...

anyway thanks u for ur example it contain this Function ValHex which is usefull too...

why i need this : because i need it to create tools for patch FingerPrint of arm and make it support for copy memory 2....

pls any some help :it is not problem if the project depended on anthor dll file (coded by C++).

and if u don't like to put it in public form can u PM me pls . and many thanks for all..

ur best friend Ahmadmansoor....

Link to comment
ahmadmansoor

ahmadmansoor

Posted
  • Author
Posted
Maybe searching for a debugger source, would serve your purposes better.

The kind of loaders you are describing are specific (or, more correctly specialized) debuggers.

http://web.vip.hr/inga.vip/index.htm

Check the Debuggy source code.

Many thanks for u i have this file :confused: .... and it is more complex to understand ...

it is in the same site www.planet-source-code.com it call DebuggerA06...

my friends all i need is example for create loader not Assembler ....

Thanks u for ur replay

Link to comment
  • 8 months later...
Nieylana

Nieylana

Posted
Posted
Hi all :confused:

anybody have a Good example on how create a loader useing vb6 ..... i need a real example (code and file).

pls i need help in this .......

and may it include the way on how hook API , put Hw-bp and something like this , it is not problem if it depended on anthor dll file (coded by C++)

pls help

Thanks in adv

look at my WTLoader and source... feel free to use pieces of it

Link to comment
ahmadmansoor

ahmadmansoor

Posted
  • Author
Posted (edited)
Hi all :confused:

anybody have a Good example on how create a loader useing vb6 ..... i need a real example (code and file).

pls i need help in this .......

and may it include the way on how hook API , put Hw-bp and something like this , it is not problem if it depended on anthor dll file (coded by C++)

pls help

Thanks in adv

look at my WTLoader and source... feel free to use pieces of it

Dear friend Nieylana : where I can find ur WTLoader and source :biggrin: ....and many thanks for ur help ..

and I hope i can help u when the time come :happy: ...

CTf : sorry to tell u that i am not so good in C+++ ..I love C++ but I love VB more ...If there anyway to help me then thanks

Edited by ahmadmansoor
Link to comment
Apakekdah

Apakekdah

Posted
Posted

1 year ago i did create tuts how to writing loader, but language in indonesian...

and i was learn this from Shub tut's... so thx to him :wub:

here you go :

Loader.rar

hope this is what you want.

  • Like 1
Link to comment
Jatt

Jatt

Posted
Posted

actually i m also looking for something like that , which can

pause procees

patch bytes

resume again

with no possibility of failing in patching bytes

dont know any coding , plz guide how i can do it easily , :D

u can send me private things via pm :D

Thanks alot

Link to comment
lucasjockey

lucasjockey

Posted
Posted 
Option ExplicitPrivate Type STARTUPINFO
	cb As Long
	lpReserved As String
	lpDesktop As String
	lpTitle As String
	dwX As Long
	dwY As Long
	dwXSize As Long
	dwYSize As Long
	dwXCountChars As Long
	dwYCountChars As Long
	dwFillAttribute As Long
	dwFlags As Long
	wShowWindo As Integer
	cbReserved2 As Integer
	lpReserved2 As Byte
	hStdInput As Long
	hStdOutput As Long
	hStdError As Long
End TypePrivate Type PROCESS_INFORMATION
	hProcess As Long
	hThread As Long
	dwProcessId As Long
	dwThreadId As Long
End TypePrivate Const pointer = &HA378D8
Private Const STATUS_PENDING = &H103&
Private Const PROCESS_QUERY_INFORMATION = &H400
Private Const NORMAL_PRIORITY_CLASS = &H20&
Private Const HIGH_PRIORITY_CLASS = &H80&
Private Const GWL_WNDPROC = (-4)	Private pInfo As PROCESS_INFORMATION
	Private sInfo As STARTUPINFO
	Private sNull As StringPrivate Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function WriteProcessMemory Lib "kernel32" (ByVal hProcess As Long, ByVal lpBaseAddress As Any, lpBuffer As Long, ByVal nSize As Long, lpNumberOfBytesWritten As Long) As LongPrivate Declare Function CreateProcess Lib "kernel32" Alias "CreateProcessA" (ByVal lpApplicationName As String, ByVal lpCommandLine As String, lpProcessAttributes As Any, lpThreadAttributes As Any, ByVal bInheritHandles As Long, ByVal dwCreationFlags As Long, lpEnvironment As Any, ByVal lpCurrentDriectory As String, lpStartupInfo As STARTUPINFO, lpProcessInformation As PROCESS_INFORMATION) As Long
Public Function MC2(file As String)
Dim ProcExecS As Long
ProcExecS = CreateProcess(file, ByVal 0&, ByVal 0&, ByVal 0&, 1&, NORMAL_PRIORITY_CLASS, ByVal 0&, sNull, sInfo, pInfo)
If ProcExecS Then
WriteProcessMemory pInfo.hProcess, &H42874C, &H57EB, 2, 0&
WriteProcessMemory pInfo.hProcess, &H4287B6, &H57EB, 2, 0&
CloseHandle pInfo.hProcess
End If
End Function

For VB ;D

Link to comment
ahmadmansoor

ahmadmansoor

Posted
  • Author
Posted (edited)

@lucasjockey , Apakekdah : First many thanks for ur help but my friend the problem not just write this line of code because we have pass this (i am writting an engine like a debugger ) ...but I miss some thing like this :

HW-BP in VB6.0 . if anyone could write a Function for it .or anybody have a dll file contain a function for that .

make page guard to hunt OEP .

options to Hide debugger.

thats all :kick: ....if anybody could help in this :confused:

I like VB6.0 and its easy to code .... ..just thats

Edited by ahmadmansoor
Link to comment
0xFF

0xFF

Posted
Posted (edited)

Right now i have no time to write you an example, but i will give you the steps you take:

CreateProcess() -> CloseHandle() [hThread] -> WriteProcessMemory() [hProcess] -> CloseHandle() [hProcess];

hThread and hProcess are in the PROCESS_INFORMATION structure when you used CreateProcess to fill it in.

Edit: The buffer you write contains the information you're going to write, could be a single BYTE or an array of a kind, and the address should be a pointer to integer if i'm not mastiking, and.... the lpNumberOfBytesToWrite parameter should be the size of the buffer (in BYTES), so use sizeof() macro, i hope this helped you.

Edited by Rot1
Link to comment
ahmadmansoor

ahmadmansoor

Posted
  • Author
Posted

@Apakekdah:many thanks I have try ap0x engine ...but not wrok for me ...and I connect ap0x ...and he say that he will put an example in VB6.0 soon ...when I don't know ..hope he will remmber

@Rot1 : the step I know it ....put do it ,this is the problem ...hope u could it ....many thanks

Link to comment
0xFF

0xFF

Posted
Posted
@Apakekdah:many thanks I have try ap0x engine ...but not wrok for me ...and I connect ap0x ...and he say that he will put an example in VB6.0 soon ...when I don't know ..hope he will remmber

@Rot1 : the step I know it ....put do it ,this is the problem ...hope u could it ....many thanks

Remember i promised you an example ? here it is... (Delphi, i recommend you learning Delphi instead of VB):

var 
 pi: TProcessInformation; //PROCESS_INFORMATION structure
 si: TStartupInfo; // STARTUP_INFO structure
const
  buffer: array[0..2] of byte = ($90, $90);
begin
 if not CreateProcess( 'lol.exe ', .... , si, pi ) then
  begin
   ShowMessageFmt( 'Error @ CreateProcess: %d', [GetLastError] ); //Dialogs
   Exit; //Exit from the procedure
  end; WriteProcessMemory(pi.hProcess, Ptr($00578B12), buffer, sizeof(buffer), ... );
 CloseHandle(pi.hThread);
 CloseHandle(pi.hProcess); //when you finish with it.
end;

place that code in a button or w.e

this example will write 2 nop's @ 00578B12 (random address)

Link to comment
ahmadmansoor

ahmadmansoor

Posted
  • Author
Posted (edited)

My friend I am talk about HW-BP (Hradware break Piont ) this what I want ...not CreateProcess ....and do some else stuf ....my word is very clear I think

this is what I want :

HW-BP in VB6.0 . if anyone could write a Function for it .or anybody have a dll file contain a function for that .

make page guard to hunt OEP .

options to Hide debugger.

not else ..anyway many thanks

Edited by ahmadmansoor
Link to comment
0xFF

0xFF

Posted
Posted
My friend I am talk about HW-BP (Hradware break Piont ) this what I want ...not CreateProcess ....and do some else stuf ....my word is very clear I think

this is what I want :

HW-BP in VB6.0 . if anyone could write a Function for it .or anybody have a dll file contain a function for that .

make page guard to hunt OEP .

options to Hide debugger.

not else ..anyway many thanks

to hide your debugger, i would suggest hooking IsDebuggerPresent(), and about set HW-BP, SetThreadContext()

Link to comment
Killboy

Killboy

Posted
Posted

ahmad:

read up on MSDN, it gives a great understanding of how to code a debugger.

you'll need a debug loop (look up WaitForDebugEvent, should link to most APIs, structs etc.) to set and catch hardware breakpoints

google for drizzt's debug engine, it's got great code for setting the debug regs and conditions, also memory breakpoints (pageguard)

yes, it is written in masm.

yes, you gotta do something yourself.

heck, you just gotta convert it to VB, you dont have to look up DR7 flags in the intel manuals

if you dont put that minimum effort into it, i'm afraid it's never gonna work out...

...or just wait for ap0x to finish his SDK, that's easier ofc :cc_detective:

Link to comment
0xFF

0xFF

Posted
Posted
ahmad:

read up on MSDN, it gives a great understanding of how to code a debugger.

you'll need a debug loop (look up WaitForDebugEvent, should link to most APIs, structs etc.) to set and catch hardware breakpoints

google for drizzt's debug engine, it's got great code for setting the debug regs and conditions, also memory breakpoints (pageguard)

yes, it is written in masm.

yes, you gotta do something yourself.

heck, you just gotta convert it to VB, you dont have to look up DR7 flags in the intel manuals

if you dont put that minimum effort into it, i'm afraid it's never gonna work out...

...or just wait for ap0x to finish his SDK, that's easier ofc :cc_detective:

That person just wants to get spoon feed, he's not trying to study himself a little.

Link to comment
atom0s

atom0s

Posted
Posted
That person just wants to get spoon feed, he's not trying to study himself a little.

You have little to no room to talk with what you have done in your past.

@Ahmad:

You can find some fairly decent debuggers over at:

http://planetsourcecode.com/

Can't say how in-depth they go for things such as hardware breakpoints but heres a few that might be useful:

http://planetsourcecode.com/vb/scripts/Sho...22&lngWId=1

http://planetsourcecode.com/vb/scripts/Sho...32&lngWId=1

Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Go to topic listing
×
×
  • Create New...