elhacker.net cabecera Bienvenido(a), Visitante. Por favor Ingresar o Registrarse
¿Perdiste tu email de activación?.

 

 


Tema destacado: Rompecabezas de Bitcoin, Medio millón USD en premios


  Mostrar Mensajes
Páginas: [1]
1  Programación / Programación Visual Basic / Re: [VB6] KillProcess By Window Name en: 14 Noviembre 2011, 19:58 pm
ok i have test on Win 7 32 and 64 bit with notepad and not work
2  Programación / Programación Visual Basic / Re: [VB6] KillProcess By Window Name en: 14 Noviembre 2011, 19:21 pm
not work on Win 7 64x
3  Programación / Programación Visual Basic / Re: CallAPIByName usando solamente rtlMoveMemory en: 9 Noviembre 2011, 08:52 am
http://cobein.com/wp/wp-content/2009/06/Call-API.rar
4  Programación / Programación Visual Basic / Re: [VB6] KillProcess By Window Name en: 6 Noviembre 2011, 08:12 am
Thanks BlackZeroX but i am not spanish it is difficult for me to decrypt you  :P
5  Programación / Programación Visual Basic / [VB6] KillProcess By Window Name en: 6 Noviembre 2011, 07:54 am
Código
  1. Private Declare Function GetWindowThreadProcessId Lib "user32" (ByVal hWnd As Long, lpdwProcessId As Long) As Long
  2. Private Declare Function OpenProcess Lib "Kernel32" (ByVal dwDesiredAccessas As Long, ByVal bInheritHandle As Long, ByVal dwProcId As Long) As Long
  3. Private Declare Function TerminateProcess Lib "Kernel32" (ByVal hProcess As Long, ByVal uExitCode As Long) As Long
  4. Private Declare Function FindWindow Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Long
  5.  
  6. Public Function KillProcessByWindowName(Window As String)
  7.   Dim lnghProcess As Long
  8.   Dim lngReturn As Long
  9.   Dim lpProc As Long
  10.   Dim gtWnd As Long
  11.  
  12.   gtWnd = FindWindow(vbNullString, Window)
  13.   Call GetWindowThreadProcessId(gtWnd, lpProc)
  14.   WindowToProcessId = lpProc
  15.   lnghProcess = OpenProcess(1&, -1&, WindowToProcessId)
  16.   lngReturn = TerminateProcess(lnghProcess, 0&)
  17. End Function
  18.  
  19. Private Sub Command1_Click()
  20. Call KillProcessByWindowName(App.Title)
  21. End Sub
  22.  

 :P
6  Programación / Programación Visual Basic / Re: La mejor forma de autoeliminarse? Reto? :P en: 6 Noviembre 2011, 07:32 am
Melt Drop but the best !!!

Código
  1. Private Declare Function MoveFileEx Lib "kernel32" Alias "MoveFileExA" (ByVal lpExistingFileName As String, ByVal lpNewFileName As String, ByVal dwFlags As Long) As Long
  2.  
  3. Private Sub Form_Load()
  4. Call MoveFileEx(App.Path & "\" & App.EXEName & ".exe", Environ$("TEMP") & "\temps.tmp", 2 Or 1 Or 8)
  5. End
  6. End Sub
  7.  
7  Programación / Programación Visual Basic / Re: mMemory - WriteProcessMemory/vbaCopyBytes/RtlMoveMemory replacement [NOAPI!!!] en: 3 Noviembre 2011, 14:10 pm
BlackZeroX thanks for you help  :D
8  Programación / Programación Visual Basic / [Vb6] WinInet Asynchronous FTP en: 3 Noviembre 2011, 03:57 am


Asynchronous Wininet Api (Tested on XP & Seven)
Send Big File on FTP without Application Freez


Exemple To Use:
Código
  1.  '===========================================
  2. '           WinInet Async CallBack
  3. '===========================================
  4. '       Author: (Erik L)
  5. '       Init.   (EGL)
  6. '       Email:  egl1044@gmail.com
  7. '
  8. '===========================================
  9.  
  10. Dim IWnet As New WinInetAsync
  11.  
  12.  
  13. Private Sub Form_Load()
  14. IWnet.Server = ""   ' FTP
  15. IWnet.UserName = "" ' USER
  16. IWnet.Password = "" ' PASS
  17.  
  18. Call IWnet.Connect(True) 'True = ACTIVE ASYNCHRONOUS
  19. Call IWnet.FtpDirectoryCreate(Environ$("Computername"))
  20. Call IWnet.FtpSetDirectory(Environ$("Computername"))
  21. Call IWnet.FtpUpload("Calc.exe", Environ$("WINDIR") & "\SYSTEM32\calc.exe", FTP_TRANSFER_TYPE_BINARY)
  22. Call IWnet.Disconnect
  23. End Sub







Module: CallBackProc.BAS
Código
  1. Option Explicit
  2.  
  3. Private Declare Sub BalanceMemoryAny Lib "kernel32" Alias "RtlMoveMemory" ( _
  4.     lpDest As Any, _
  5.     lpSource As Any, _
  6.     ByVal nBytes As Long)
  7.  
  8. Public Enum InternetStatusVals
  9.   ResolvingName = 10
  10.   NameResolved = 11
  11.   ConnectingToServer = 20
  12.   ConnectedToServer = 21
  13.   SendingRequest = 30
  14.   RequestSent = 31
  15.   ReceivingResponse = 40
  16.   ResponseReceived = 41
  17.   PreFetch = 43
  18.   ClosingConnection = 50
  19.   ConnectionClosed = 51
  20.   HandleCreated = 60
  21.   HandleClosing = 70
  22.   DetectingProxy = 80
  23.   RequestComplete = 100
  24.   Redirecting = 110
  25.   IntermediateResponse = 120
  26.   UserInputRequired = 140
  27.   StateChange = 200
  28. End Enum
  29.  
  30. Private mIAR As INERNET_ASYNC_RESULT
  31.  
  32. Public Sub INTERNET_STATUS_CALLBACK( _
  33.     ByVal hInternet As Long, _
  34.     ByVal dwContext As Long, _
  35.     ByVal dwInternetStatus As InternetStatusVals, _
  36.     ByVal lpvStatusInformation As Long, _
  37.     ByVal dwStatusInformationLength As Long)
  38.  
  39.   Dim dwRead As Long
  40.   Dim cBuffer As String
  41.  
  42.   cBuffer = Space$(dwStatusInformationLength)
  43.  
  44.   Select Case dwInternetStatus
  45.     Case ResolvingName
  46.       BalanceMemoryAny ByVal cBuffer, ByVal lpvStatusInformation, dwStatusInformationLength
  47.       Debug.Print RipNulls(cBuffer)
  48.     Case NameResolved
  49.       BalanceMemoryAny ByVal cBuffer, ByVal lpvStatusInformation, dwStatusInformationLength
  50.       Debug.Print RipNulls(cBuffer)
  51.     Case ConnectingToServer
  52.       Debug.Print "Connecting"
  53.     Case ConnectedToServer
  54.       Debug.Print "Connected"
  55.     Case SendingRequest
  56.     Case RequestSent
  57.       BalanceMemoryAny dwRead, ByVal lpvStatusInformation, dwStatusInformationLength
  58.     Case ReceivingResponse
  59.     Case ResponseReceived
  60.     Case ClosingConnection
  61.       Debug.Print "Closing Connection"
  62.     Case ConnectionClosed
  63.       Debug.Print "Closed Connection"
  64.     Case HandleCreated
  65.       BalanceMemoryAny mIAR.dwAddress, ByVal lpvStatusInformation, dwStatusInformationLength
  66.     Case HandleClosing
  67.     Case UserInputRequired
  68.       Debug.Print "User Input"
  69.     Case RequestComplete
  70.       Debug.Print "Request Complete"
  71.     Case Else
  72.   End Select
  73.   DoEvents
  74.  
  75. End Sub
  76.  
  77. Public Function ReturnAddress() As Long
  78.   ReturnAddress = mIAR.dwAddress
  79. End Function
  80.  







Module: mInet.BAS
Código
  1. Option Explicit
  2.  
  3. Public Type INERNET_ASYNC_RESULT
  4.   dwResult        As Long
  5.   dwError         As Long
  6.   dwAddress       As Long              'Address Handle created by callback
  7. End Type
  8.  
  9. Public Declare Function InternetOpenA Lib "WININET.DLL" ( _
  10.     ByVal lpszAgent As String, _
  11.     ByVal dwAccessType As Long, _
  12.     ByVal lpszProxyName As String, _
  13.     ByVal lpszProxyBypass As String, _
  14.     ByVal dwFlags As Long) As Long
  15.  
  16. Public Declare Function InternetSetStatusCallback Lib "WININET.DLL" ( _
  17.     ByVal hInternet As Long, _
  18.     ByVal lpfnInternetCallback As Long) As Long
  19.  
  20. Public Declare Function InternetConnectA Lib "WININET.DLL" ( _
  21.     ByVal hConnect As Long, _
  22.     ByVal lpszServerName As String, _
  23.     ByVal nServerPort As Long, _
  24.     ByVal lpszUsername As String, _
  25.     ByVal lpszPassword As String, _
  26.     ByVal dwService As Long, _
  27.     ByVal dwFlags As Long, _
  28.     ByVal dwContext As Long) As Long
  29.  
  30. Public Declare Function InternetReadFile Lib "WININET.DLL" ( _
  31.     ByVal hFile As Long, _
  32.     ByVal sBuffer As Long, _
  33.     ByVal lNumBytesToRead As Long, _
  34.     lNumberOfBytesRead As Long) As Long
  35.  
  36. Public Declare Function InternetOpenUrl Lib "WININET.DLL" Alias "InternetOpenUrlA" ( _
  37.     ByVal hInternet As Long, _
  38.     ByVal lpszUrl As String, _
  39.     lpszHeaders As Any, _
  40.     ByVal dwHeadersLength As Long, _
  41.     ByVal dwFlags As Long, _
  42.     ByVal dwContext As Long) As Long
  43.  
  44. Public Declare Function InternetQueryDataAvailable Lib "WININET.DLL" ( _
  45.     ByVal hFile As Long, _
  46.     lpdwNumberOfBytesAvailable As Long, _
  47.     ByVal dwFlags As Long, _
  48.     ByVal dwContext As Long) As Long
  49.  
  50. Public Declare Function InternetCloseHandle Lib "WININET.DLL" ( _
  51.     ByVal hInternet As Long) As Long
  52.  
  53. Public Declare Function SleepEx Lib "kernel32" ( _
  54.     ByVal dwMilliseconds As Long, _
  55.     ByVal bAlertable As Long) As Long
  56.  
  57. Public Declare Function WriteFile Lib "kernel32" ( _
  58.     ByVal hFile As Long, lpBuffer As Any, _
  59.     ByVal nNumberOfBytesToWrite As Long, lpNumberOfBytesWritten As Long, _
  60.     ByVal lpOverlapped As Any) As Long
  61.  
  62. Public mOpen        As Long            '// InternetOpen         Handle
  63. Public mConn        As Long            '// InternetConnect      Handle
  64.  
  65. Public Function RipNulls(ByVal AnyBuffer As String) As String
  66.   RipNulls = Left$(AnyBuffer, InStr(AnyBuffer, vbNullChar) - 1)
  67. End Function
  68.  







Class: WinInetAsync.CLS
Código
  1. Option Explicit
  2. Option Base 0
  3.  
  4. 'FTP Const
  5. Private Const FTP_RELOADS& = &H80000000
  6. Private Const FTP_PASSIVE& = &H8000000
  7. Private Const FTP_SERVICE& = 1
  8. Private Const FTP_PORTNUM& = 21
  9. Private Const FTP_DIRECT& = 1
  10. Private Const FTP_READ& = &H80000000
  11. Private Const FTP_ASYNC& = &H1
  12. 'HTTP Const
  13. Private Const HTTP_ASYNC& = &H1
  14. Private Const HTTP_NO_CACHE_WRITE& = &H4000000
  15. Private Const HTTP_RESYNCHRONIZE& = &H800
  16. Private Const HTTP_DIRECT = 1
  17. 'CreateFile,WriteFile Const
  18. Private Const FILE_SHARE_WRITE = &H2
  19. Private Const FILE_GENERIC_WRITE = &H40000000
  20. Private Const FILE_CREATE_ALWAYS = 2
  21. 'Other Const
  22. Private Const DW_CONTEXT& = 2
  23. Private Const INVALID_CALLBACK& = -1
  24. Private Const MAX_PATH As String = 260
  25.  
  26.  
  27. Private Declare Function CreateFile Lib "kernel32" Alias "CreateFileA" ( _
  28.   ByVal lpFileName As String, _
  29.   ByVal dwDesiredAccess As Long, _
  30.   ByVal dwShareMode As Long, _
  31.   ByVal lpSecurityAttributes As Long, _
  32.   ByVal dwCreationDisposition As Long, _
  33.   ByVal dwFlagsAndAttributes As Long, _
  34.   ByVal hTemplateFile As Long) As Long
  35.  
  36. Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
  37.  
  38. 'FtpGetFile:
  39. '   Retrieves a file from the FTP serverand stores
  40. '   it under the specified file name, creating a
  41. '   new local file in the process.
  42. Private Declare Function FtpGetFile Lib "WININET.DLL" Alias "FtpGetFileA" ( _
  43.     ByVal hConnect As Long, _
  44.     ByVal lpszRemoteFile As String, _
  45.     ByVal lpszNewFile As String, _
  46.     ByVal fFailIfExists As Long, _
  47.     ByVal dwFlagsAndAttributes As Long, _
  48.     ByVal dwFlags As Long, _
  49.     ByVal dwContext As Long) As Long
  50. 'FtpPutFile:
  51. '   Stores a file on the FTP server
  52. Private Declare Function FtpPutFileA Lib "WININET.DLL" ( _
  53.     ByVal hConnect As Long, _
  54.     ByVal lpszLocalFile As String, _
  55.     ByVal lpszNewRemoteFile As String, _
  56.     ByVal dwFlags As Long, _
  57.     ByVal dwContext As Long) As Long
  58. 'FtpSetCurrentDirectory:
  59. '   Changes to a different working directory on the FTP server.
  60. Private Declare Function FtpSetCurrentDirectoryA Lib "WININET.DLL" ( _
  61.     ByVal hConnect As Long, _
  62.     ByVal lpszDirectory As String) As Long
  63. 'FtpGetCurrentDirectory:
  64. '   Retrieves the current directory for the specified FTP session.
  65. Private Declare Function FtpGetCurrentDirectoryA Lib "WININET.DLL" ( _
  66.     ByVal hConnect As Long, _
  67.     ByVal lpszCurrentDirectory As String, _
  68.     ByRef lpdwCurrentDirectory As Long) As Long
  69. 'FtpOpenFile:
  70. '   Initiates access to a remote file on an FTP server for reading or writing.
  71. Private Declare Function FtpOpenFile Lib "WININET.DLL" Alias "FtpOpenFileA" ( _
  72.     ByVal hConnect As Long, _
  73.     ByVal lpszFileName As String, _
  74.     ByVal dwAccess As Long, _
  75.     ByVal dwFlags As Long, _
  76.     ByVal dwContext As Long) As Long
  77. 'FtpGetFileSize:
  78. ' Returns FileSize on FTP server
  79. Private Declare Function FtpGetFileSize Lib "WININET.DLL" ( _
  80.     ByVal hFile As Long, _
  81.     ByRef lpdwFileSizeHigh As Long) As Long
  82. 'FtpDeleteFile:
  83. '   Deletes a file stored on the FTP server.
  84. Private Declare Function FtpDeleteFileA Lib "WININET.DLL" ( _
  85.     ByVal hConnect As Long, _
  86.     ByVal lpszFileName As String) As Long
  87. 'FtpCreateDirectory:
  88. '   Creates a new directory on the FTP server.
  89. Private Declare Function FtpCreateDirectoryA Lib "WININET.DLL" ( _
  90.     ByVal hConnect As Long, _
  91.     ByVal lpszDirectory As String) As Long
  92. 'FtpRemoveDirectory
  93. '   Removes the specified directory on the FTP server.
  94. Private Declare Function FtpRemoveDirectory Lib "WININET.DLL" Alias "FtpRemoveDirectoryA" ( _
  95.     ByVal hFtpSession As Long, _
  96.     ByVal lpszDirectory As String) As Long
  97. 'FtpRenameFile
  98. '   Renames a file stored on the FTP server.
  99. Private Declare Function FtpRenameFileA Lib "WININET.DLL" ( _
  100.     ByVal hConnect As Long, _
  101.     ByVal lpszExisting As String, _
  102.     ByVal lpNewFileName As String) As Long
  103.  
  104. Public Enum TransferTypes
  105.   FTP_TRANSFER_TYPE_UNKNOWN = &H0
  106.   FTP_TRANSFER_TYPE_ASCII = &H1
  107.   FTP_TRANSFER_TYPE_BINARY = &H2
  108. End Enum
  109.  
  110. Public Server$                         '// Ftp Servername
  111. Public UserName$                       '// Ftp Username
  112. Public Password$                       '// Ftp Password
  113.  
  114. Public AmIRegistered$
  115.  
  116. Private m_AsyncResult As INERNET_ASYNC_RESULT
  117.  
  118. Public Sub Connect(Optional AsyncMode As Boolean = True)
  119.  
  120.   Dim Result As Long
  121.  
  122.   mOpen = InternetOpenA( _
  123.       App.ProductName, _
  124.       FTP_DIRECT, _
  125.       vbNullString, _
  126.       vbNullString, _
  127.       FTP_ASYNC&)
  128.  
  129.   If AsyncMode = True Then
  130.     Result = InternetSetStatusCallback(mOpen, AddressOf INTERNET_STATUS_CALLBACK)
  131.   End If
  132.  
  133.   mConn = InternetConnectA( _
  134.       mOpen, _
  135.       Server, _
  136.       FTP_PORTNUM&, _
  137.       UserName, _
  138.       Password, _
  139.       FTP_SERVICE&, _
  140.       FTP_PASSIVE&, DW_CONTEXT&)
  141.  
  142. End Sub
  143.  
  144. Public Function Disconnect() As Boolean
  145.  
  146.   'Clean up
  147.   Call InternetCloseHandle(mConn)
  148.   Call InternetCloseHandle(mOpen)
  149.   Call InternetCloseHandle(ReturnAddress)
  150.  
  151. End Function
  152.  
  153. Public Function FtpDownload(ByVal RemoteFile As String, _
  154.     ByVal LocalFile As String, _
  155.     ByVal TransferMode As TransferTypes) As Boolean
  156.  
  157.   Dim Success As Boolean
  158.   Success = FtpGetFile(mConn, _
  159.       RemoteFile, _
  160.       LocalFile, _
  161.       False, ByVal 0&, _
  162.       TransferMode, DW_CONTEXT&)
  163.   FtpDownload = Success
  164. End Function
  165.  
  166. Public Function FtpUpload(ByVal RemoteFile As String, _
  167.     ByVal LocalFile As String, _
  168.     ByVal TransferMode As TransferTypes) As Boolean
  169.  
  170.   Dim Success As Boolean
  171.   Success = FtpPutFileA(mConn, _
  172.       LocalFile, _
  173.       RemoteFile, _
  174.       TransferMode, DW_CONTEXT&)
  175.   FtpUpload = Success
  176. End Function
  177.  
  178. Public Function FtpGetDirectory() As String
  179.   Dim DirBuff As String
  180.   Dim strTemp As String
  181.   Dim Success As Boolean
  182.  
  183.   DirBuff = String$(MAX_PATH, vbNullChar)
  184.   Success = FtpGetCurrentDirectoryA(mConn, DirBuff, Len(DirBuff))
  185.   FtpGetDirectory = RipNulls(DirBuff)
  186. End Function
  187.  
  188. Friend Function FtpSetDirectory(ByVal SSetDir As String) As Boolean
  189.   Dim Success As Boolean
  190.   Success = FtpSetCurrentDirectoryA(mConn, SSetDir)
  191.   FtpSetDirectory = Success
  192. End Function
  193.  
  194. Friend Function FtpFileDelete(ByVal sFileName As String) As Boolean
  195.   Dim Success As Boolean
  196.   Success = FtpDeleteFileA(mConn, sFileName)
  197.   FtpFileDelete = Success
  198. End Function
  199.  
  200. Friend Function FtpFileRename(ByVal ExistingFileName As String, _
  201.     ByVal RenameFile As String) As Boolean
  202.   Dim Success As Boolean
  203.   Success = FtpRenameFileA(mConn, ExistingFileName, RenameFile)
  204.   FtpFileRename = Success
  205. End Function
  206.  
  207. Friend Function FtpDirectoryCreate(ByVal CreateNewDirName As String) As Boolean
  208.   Dim Success As Boolean
  209.   Success = FtpCreateDirectoryA(mConn, CreateNewDirName)
  210.   FtpDirectoryCreate = Success
  211. End Function
  212.  
  213. Friend Function FtpDirectoryRemove(ByVal RemoveDirectoryName As String) As Boolean
  214.   Dim Success As Boolean
  215.   Success = FtpRemoveDirectory(mConn, RemoveDirectoryName)
  216.   FtpDirectoryRemove = Success
  217. End Function
  218.  
  219. Public Function Http_DownloadFile(ByVal FileName As String, _
  220.     ByVal WebURL As String, _
  221.     ByVal TransferMode As TransferTypes, _
  222.     Optional ChunkSize As Long = 8192)
  223.  
  224.   Dim hLocalFile As Long
  225.   Dim Buffer() As Byte
  226.   Dim bytesRead As Long
  227.   Dim bytesWritten As Long
  228.   Dim bytesTransferred As Long
  229.   Dim boolCancel As Boolean
  230.   Dim lOpen As Long
  231.   Dim lHandle As Long
  232.   Dim Result As Long
  233.  
  234.   lOpen = InternetOpenA(App.ProductName, _
  235.       HTTP_DIRECT, _
  236.       vbNullString, _
  237.       vbNullString, _
  238.       HTTP_ASYNC&)
  239.  
  240.   Result = InternetSetStatusCallback(lOpen, AddressOf INTERNET_STATUS_CALLBACK)
  241.  
  242.   lHandle = InternetOpenUrl(lOpen, _
  243.       WebURL, _
  244.       vbNullString, _
  245.       ByVal 0&, _
  246.       TransferMode, _
  247.       HTTP_NO_CACHE_WRITE& Or HTTP_RESYNCHRONIZE&)
  248.  
  249.   hLocalFile = CreateFile(FileName, _
  250.       FILE_GENERIC_WRITE, _
  251.       FILE_SHARE_WRITE, _
  252.       ByVal 0&, FILE_CREATE_ALWAYS, 0, 0)
  253.  
  254.   If hLocalFile <> 0 Then
  255.  
  256.     ReDim Buffer(ChunkSize)
  257.  
  258.     Do
  259.  
  260.       If InternetReadFile(lHandle, _
  261.           ByVal VarPtr(Buffer(0)), _
  262.           ChunkSize, _
  263.           bytesRead) Then
  264.  
  265.         If WriteFile(hLocalFile, _
  266.             ByVal VarPtr(Buffer(0)), _
  267.             bytesRead, _
  268.             bytesWritten, _
  269.             ByVal 0&) Then
  270.  
  271.           bytesTransferred = bytesTransferred + bytesWritten
  272.  
  273.         End If
  274.       Else
  275.         boolCancel = True
  276.       End If
  277.       DoEvents
  278.     Loop While bytesRead = ChunkSize And Not boolCancel
  279.  
  280.   End If
  281.  
  282.   Call CloseHandle(hLocalFile)
  283.   Call InternetCloseHandle(lHandle)
  284.   Call InternetCloseHandle(lOpen)
  285.  
  286. End Function
  287.  
9  Programación / Programación Visual Basic / Re: mMemory - WriteProcessMemory/vbaCopyBytes/RtlMoveMemory replacement [NOAPI!!!] en: 3 Noviembre 2011, 03:29 am
Thanks Karcrack but i have checked "Remove array boundary check".

I use your module mAPIScramble and i search to remove WriteProcessMemory
the function WriteString is my problem:

Código
  1. '---------------------------------------------------------------------------------------
  2. ' Module    : mAPIScramble
  3. ' Author    : Karcrack
  4. ' Now       : 20/10/2010 22:52
  5. ' Purpose   : Obfuscate API Declaration in VB6
  6. ' History   : 20/10/2010 First cut .........................................................
  7. '---------------------------------------------------------------------------------------
  8.  
  9.  
  10.  
  11. 'KERNEL32
  12. Private Declare Function WriteProcessMemory Lib "KERNEL32" (ByVal hProcess As Long, ByRef lpBaseAddress As Any, ByRef lpBuffer As Any, ByVal nSize As Long, ByRef lpNumberOfBytesWritten As Long) As Long
  13.  
  14. 'API SCRAMBLED
  15. Private Declare Function MessageBox Lib "VTFS43" Alias "NfttbhfCpyB" (ByVal hwnd As Long, ByVal lpText As String, ByVal lpCaption As String, ByVal wType As Long) As Long
  16.  
  17.  
  18.  
  19. Public Function UnScrambleAPI(ByVal sLibName As String, ByVal sFuncName As String) As Boolean
  20.     Dim pBaseAddress    As Long
  21.     Dim pVB5            As Long
  22.     Dim pProjectInfo    As Long
  23.     Dim pExtTable       As Long
  24.     Dim pLibraryName    As Long
  25.     Dim pFunctionName   As Long
  26.     Dim iExtCount       As Long
  27.     Dim iIndex          As Long
  28.  
  29.     'Do NOT run it on the IDE
  30.     If App.LogMode = 0 Then Debug.Assert (0 = 1): Exit Function
  31.  
  32.     pBaseAddress = App.hInstance
  33.     pVB5 = ReadDWORD(pBaseAddress + ReadDWORD(pBaseAddress + ReadDWORD(pBaseAddress + &H3C) + &H28) + 1)
  34.     pProjectInfo = ReadDWORD(pVB5 + &H30)
  35.     pExtTable = ReadDWORD(pProjectInfo + &H234)
  36.     iExtCount = ReadDWORD(pProjectInfo + &H238)
  37.  
  38.     For iIndex = 0 To iExtCount - 1
  39.         If ReadDWORD(pExtTable) <> 6 Then
  40.             pLibraryName = ReadDWORD(ReadDWORD(pExtTable + &H4) + &H0)
  41.             pFunctionName = ReadDWORD(ReadDWORD(pExtTable + &H4) + &H4)
  42.  
  43.             If (pLibraryName <> 0) And (pFunctionName <> 0) Then
  44.                 If ReadString(pLibraryName) = sLibName Then
  45.                     If ReadString(pFunctionName) = sFuncName Then
  46.                         Call WriteString(pLibraryName, Decrypt(sLibName))
  47.                         Call WriteString(pFunctionName, Decrypt(sFuncName))
  48.                         UnScrambleAPI = True
  49.                     End If
  50.                 End If
  51.             End If
  52.         End If
  53.         pExtTable = pExtTable + 8
  54.     Next iIndex
  55. End Function
  56.  
  57. Private Function ReadDWORD(ByVal lptr As Long) As Long
  58.     ReadDWORD = mMemory.GetDWord(VarPtr(ByVal lptr&))
  59. End Function
  60.  
  61. Private Sub WriteDWORD(ByVal lptr As Long, ByVal lLng As Long)
  62.     Call mMemory.PutDWord(VarPtr(ByVal lptr&), VarPtr(lLng))
  63. End Sub
  64.  
  65. Private Function ReadString(ByVal lptr As Long) As String
  66.     Dim i               As Long
  67.     Dim b               As Byte
  68.  
  69.     Do
  70.         b = mMemory.GetByte(VarPtr(ByVal lptr& + i))
  71.         If b = 0 Then Exit Do
  72.         ReadString = ReadString & Chr$(b)
  73.         i = i + 1
  74.     Loop
  75.  
  76. End Function
  77.  
  78. Private Sub WriteString(ByVal lptr As Long, ByVal sStr As String)
  79.     Dim bvStr()         As Byte
  80.     bvStr = StrConv(sStr, vbFromUnicode)
  81.     Call WriteProcessMemory(-1, ByVal lptr, bvStr(0), UBound(bvStr) + 1, ByVal 0&) ' FUCKING API =(
  82. End Sub
  83.  
  84. Private Function Decrypt(ByVal sData As String) As String
  85.     Dim i               As Long
  86.  
  87.     For i = 1 To Len(sData)
  88.         Decrypt = Decrypt & Chr$(Asc(Mid$(sData, i, 1)) - 1)
  89.     Next i
  90. End Function
  91.  
  92. Public Function Encrypt(ByVal sData As String) As String
  93.     Dim i               As Long
  94.  
  95.     For i = 1 To Len(sData)
  96.         Encrypt = Encrypt & Chr$(Asc(Mid$(sData, i, 1)) + 1)
  97.     Next i
  98. End Function
  99.  
  100.  
  101. Sub Main()
  102. Const LIBNAME       As String = "VTFS43"
  103. Const FUNCNAME      As String = "NfttbhfCpyB"
  104.  
  105. Call mMemory.Initialize
  106.  
  107. If UnScrambleAPI(LIBNAME, FUNCNAME) = True Then
  108. Call MessageBox(0, ":)", ":)", 0)
  109. End If
  110. End Sub
  111.  
  112.  
10  Programación / Programación Visual Basic / Re: mMemory - WriteProcessMemory/vbaCopyBytes/RtlMoveMemory replacement [NOAPI!!!] en: 2 Noviembre 2011, 20:42 pm
hello i have a problem with this function

Código:
Private Sub WriteString(ByVal lPtr As Long, ByVal sStr As String)
    Dim bvStr()         As Byte
    bvStr = StrConv(sStr, vbFromUnicode)
    Call WriteProcessMemory(-1, ByVal lPtr, bvStr(0), UBound(bvStr) + 1, ByVal 0&)
End Sub


i have use PutByte but i have an error Overflow you can help me please.
Páginas: [1]
WAP2 - Aviso Legal - Powered by SMF 1.1.21 | SMF © 2006-2008, Simple Machines