|
Mostrar Temas
|
Páginas: 1 2 3 [4]
|
31
|
Programación / Programación Visual Basic / FiletoString Function [VB6]
|
en: 8 Abril 2010, 22:29 pm
|
Option Explicit '-------------------------------------------------------------------------------------------- ' Function : FiletoString ' Coder : The Swash ' References And Constans : API-Guide ' DateTime : 08/04/2010 '--------------------------------------------------------------------------------------------
'Shlwapi.dll Private Declare Function PathFileExistsA Lib "shlwapi.dll" (ByVal pszPath As String) As Long
'Kernel32.dll Private Declare Function WriteFile Lib "kernel32" (ByVal hFile As Long, lpBuffer As Any, ByVal nNumberOfBytesToWrite As Long, lpNumberOfBytesWritten As Long, ByVal lpOverlapped As Any) As Long Private Declare Function CreateFileA Lib "kernel32" (ByVal lpFileName As String, ByVal dwDesiredAccess As Long, ByVal dwShareMode As Long, lpSecurityAttributes As Long, ByVal dwCreationDisposition As Long, ByVal dwFlagsAndAttributes As Long, ByVal hTemplateFile As Long) As Long Private Declare Function ReadFile Lib "kernel32" (ByVal hFile As Long, lpBuffer As Any, ByVal nNumberOfBytesToRead As Long, lpNumberOfBytesRead As Long, ByVal lpOverlapped As Any) As Long Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long Private Declare Function GetFileSize Lib "kernel32" (ByVal hFile As Long, lpFileSizeHigh As Long) As Long
'Constants Const FILE_SHARE_READ = &H1 Const OPEN_EXISTING = 3 Const GENERIC_READ = &H80000000 Const FILE_SHARE_WRITE = &H2 Public Function FiletoString(sFile As String) As String Dim hFile As Long Dim hFSize As Long Dim bvBuff() As Byte Dim hBytes As Long Dim hRead As Long
If PathFileExistsA(sFile) > 0 Then hFile = CreateFileA(sFile, GENERIC_READ, FILE_SHARE_READ Or FILE_SHARE_WRITE, ByVal 0&, OPEN_EXISTING, 0, 0) If hFile > 0 Then hFSize = GetFileSize(hFile, 0) ReDim bvBuff(1 To hFSize) hRead = ReadFile(hFile, bvBuff(1), UBound(bvBuff), hBytes, 0&) If hRead > 0 Then FiletoString = StrConv(bvBuff, vbUnicode) End If End If End If Call CloseHandle(hFile) End Function Call: Dim sFile As String sFile = FiletoString(File path) Disculpen por la descripcion xD, esta funcion permite obtener las strings de un ejecutable, usado mucho en el mundo del malware pero tambien se puede usar para muchas otras cosas
|
|
|
32
|
Programación / Programación Visual Basic / [SNIPPET] GetTitleActiveApp (VB6)
|
en: 31 Marzo 2010, 18:27 pm
|
'----------------------------------------------------------- ' Function : [GetTitleActiveApp] ' Type : [SNIPPET] ' Autor : [The Swash] ' DateTime : [31/03/2010] '----------------------------------------------------------- Option Explicit
'User32 Lib Apis Private Declare Function GetForegroundWindow Lib "user32" () As Long Private Declare Function SendMessage Lib "user32" Alias "SendMessageA" (ByVal hwnd As Long, ByVal wMsg As Long, ByVal wParam As Integer, ByVal lParam As Any) As Long
'SendMessage Constants Const WM_GETTEXT = &HD Const WM_GETTEXTLENGTH = &HE
Public Function GetTitleActiveApp() As String Dim hRet As Long Dim hSpace As Long Dim sBuffer As String
hRet = GetForegroundWindow If hRet <> 0 Then hSpace = SendMessage(hRet, WM_GETTEXTLENGTH, 0&, 0&) + 1 If hSpace > 0 Then sBuffer = Space$(hSpace) Call SendMessage(hRet, WM_GETTEXT, hSpace, sBuffer) End If End If GetTitleActiveApp = Trim(sBuffer) End Function Call:MsgBox GetTitleActiveApp
|
|
|
33
|
Programación / Programación Visual Basic / [Effect] SplashForm
|
en: 22 Marzo 2010, 18:05 pm
|
'------------------------------------------------ '| - [Effect] SplashForm '| - [Autor] The Swash '| - [Web] http://www.Indetectables.net '| - [Date] 22/03/2010 '------------------------------------------------ Public Function SplashForm(hForm As Form) As Long Dim hTop As Long Dim hLeft As Long hTop = hForm.Top hLeft = hForm.Left If hForm.WindowState = 0 And hForm.Visible = True Then For i = 1 To 60 hForm.Top = hForm.Top + 120 hForm.Left = hForm.Left + 120 hForm.Top = hTop hForm.Left = hLeft DoEvents Next i SplashForm = 1 Else SplashForm = 0: GoTo Quit End If Quit: End Function Call: Call SplashForm(Form1) Bueno esta idea me salio de algun lado pero no recuerdo donde xD, simplemente leo las bases del top y left, aumento los mismos en bucle y se restauran para que vuelvan al mismo sitio, dio un efecto de Zumbido muy parecido al del MSN espero les guste a pesar de lo simple Salu2!
|
|
|
34
|
Programación / Programación Visual Basic / Ayuda [Problema al convertir HEX a String]
|
en: 1 Febrero 2010, 16:21 pm
|
Hola muchachones xP, vengo en solicitud de una ayudita, sucede que estoy conviertiendo la cadena (5300680065006C006C002E004100700070006C00690063006100740069006F006E) A String, pero al convertir se desborda debido a los 00 Public Function HS2(xString As String) As String For I = 1 To Len(xString) Step 2 HS2 = HS2 & Chr$(Val("&H" & Mid(xString, I, 2))) Next I End Function usando este codigo de la siguiente manera Private Sub Command2_Click() Text2.Text = HS2(5300680065006C006C002E004100700070006C00690063006100740069006F006E) End Sub Solo muetsra la primera S, ya que despues de esta viene 00 y de ahi no continua. mi necesidad exacta es tener la string de esto pero ningun convertidor reconoce los 000 les agradezco..
|
|
|
35
|
Programación / Programación Visual Basic / Ayuda[Loadlibrary] Cargar apis sin declararlas.
|
en: 29 Enero 2010, 17:40 pm
|
Bueno amigos, sin mas remedio creo que tengo que acudir a su ayuda resulta que de casualidad busque y me tope con esta api que puede cargar junto a otras 2 apis una api sin declararla. Cual es mi problema? mi problema es que no sabria como cargar una api que tenga mas parametros que los de callwindowProc. Este es un ejemplo funcionando Option Explicit Private Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" (ByVal lpLibFileName As String) As Long Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long Private Declare Function CallWindowProc Lib "user32" Alias "CallWindowProcA" (ByVal lpPrevWndFunc As Long, ByVal hWnd As Long, ByVal Msg As Any, ByVal wParam As Any, ByVal lParam As Any) As Long Const MB_ICONEXCLAMATION = &H30& Private Sub Form_load() Dim hRet As Long hRet = GetProcAddress(LoadLibrary("user32"), "MessageBoxW") If hRet > 0 Then CallWindowProc hRet, Me.hWnd, ByVal StrPtr("xD"), StrPtr(App.Title), MB_ICONEXCLAMATION End If End Sub Ahora por ejemplo quisiera trabajar con URLDownloadToFile pero explota la APP, quien tenga idea le agradezco..
|
|
|
36
|
Programación / Programación Visual Basic / Function FileCreate [VB6]
|
en: 22 Enero 2010, 17:53 pm
|
'Coded By The Swash at 22/01/2010 'Web: http://Infrangelux.sytes.net & www.Indetectables.net 'Function to create file, replace Open,Put,Close 'Thx to BlackZeroX Option Explicit Public Function FileCreate(ByVal sPath As String, ByVal sInfo As String) As Long Dim sObj As Object Dim sCreate As Object If Len(sInfo) > 0 Then MsgBox Len(sInfo) Set sObj = CreateObject("Scripting.FileSystemObject") If Not sObj Is Nothing Then Set sCreate = sObj.CreateTextFile(sPath, True) sCreate.Write sInfo sCreate.Close End If Set sObj = Nothing FileCreate = 1 End If End Function Uso:Private Sub Command1_Click() Dim sFile As String
Open "C:\x.exe" For Binary Access Read As #1 sFile = String(FileLen("C:\x.exe"), " ") Get #1, , sFile Close #1 If FileCreate("c:\xd.exe", sFile) = 1 Then MsgBox "Done" End Sub Salu2 :smile:
|
|
|
37
|
Programación / Programación Visual Basic / [Source] CopyNew VB
|
en: 21 Enero 2010, 18:13 pm
|
Gracias a todos por sus comentarios. @ BlackZeroX que mensajes subliminales XD En base a lo que un dia me dijiste.. el comando Kill depende de que el archivo sea normal para poder eliminarlo asi que decidi verificar con GetFileAttributes y eliminar con DeleteFile. Codigo Actualizado:'*************************************************************** '* Coded By BlackZeroX & The Swash Updated 21/01/2010. * '* Function copy using Other method. * '* Web: http://Infrangelux.sytes.net & www.indetectables.Net * '* |-> Pueden Distribuir Este Código siempre y cuando * '* no se eliminen los créditos originales de este código * '* No importando que sea modificado/editado o engrandecido * '* o achicado, si es en base a este código * '*************************************************************** Option Explicit
Const FILE_SHARE_READ = &H1 Const FILE_SHARE_WRITE = &H2 Const CREATE_NEW = 1 Const OPEN_EXISTING = 3 Const GENERIC_READ = &H80000000 Const GENERIC_WRITE = &H40000000 Const INVALID_HANDLE_VALUE = -1 Const FILE_ATTRIBUTE_ARCHIVE = &H20 Const FILE_ATTRIBUTE_DIRECTORY = &H10 Const FILE_ATTRIBUTE_HIDDEN = &H2 Const FILE_ATTRIBUTE_NORMAL = &H80 Const FILE_ATTRIBUTE_READONLY = &H1 Const FILE_ATTRIBUTE_SYSTEM = &H4 Const FILE_ATTRIBUTE_TEMPORARY = &H100
Private Declare Function DeleteFile Lib "kernel32" Alias "DeleteFileA" (ByVal lpFileName As String) As Long Private Declare Function GetFileAttributes Lib "kernel32" Alias "GetFileAttributesA" (ByVal lpFileName As String) As Long Private Declare Function FExist Lib "shlwapi.dll" Alias "PathFileExistsA" (ByVal pszPath As String) As Long Private Declare Function WriteFile Lib "kernel32" (ByVal hFile As Long, lpBuffer As Any, ByVal nNumberOfBytesToWrite As Long, lpNumberOfBytesWritten As Long, ByVal lpOverlapped As Any) As Long Private Declare Function CreateFile Lib "kernel32" Alias "CreateFileA" (ByVal lpFileName As String, ByVal dwDesiredAccess As Long, ByVal dwShareMode As Long, lpSecurityAttributes As Long, ByVal dwCreationDisposition As Long, ByVal dwFlagsAndAttributes As Long, ByVal hTemplateFile As Long) As Long Private Declare Function ReadFile Lib "kernel32" (ByVal hFile As Long, lpBuffer As Any, ByVal nNumberOfBytesToRead As Long, lpNumberOfBytesRead As Long, ByVal lpOverlapped As Any) As Long Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long Private Declare Function GetFileSize Lib "kernel32" (ByVal hFile As Long, lpFileSizeHigh As Long) As Long
Public Function CopyNew(OldPath As String, NewPath As String) As Long
Dim hFile As Long Dim vBuffer() As Byte Dim Filesize As Long Dim vReadBytes As Long Dim res As Long Dim sFile As Long If FExist(OldPath) = 0 Then Exit Function If FExist(NewPath) <> 0 Then If GetFileAttributes(NewPath) = INVALID_HANDLE_VALUE Then Exit Function If GetFileAttributes("C:\x.exe") = FILE_ATTRIBUTE_ARCHIVE Then DeleteFile NewPath End If hFile = CreateFile(OldPath, GENERIC_READ, FILE_SHARE_READ, ByVal 0&, OPEN_EXISTING, 0, 0) If hFile > 0 Then Filesize = GetFileSize(hFile, 0) ReDim vBuffer(1 To Filesize) res = ReadFile(hFile, vBuffer(1), UBound(vBuffer), vReadBytes, ByVal 0&) sFile = CreateFile(NewPath, GENERIC_WRITE, FILE_SHARE_READ Or FILE_SHARE_WRITE, ByVal 0&, CREATE_NEW, 0, 0) WriteFile sFile, vBuffer(1), UBound(vBuffer), vReadBytes, ByVal 0& Call CloseHandle(hFile) Call CloseHandle(sFile) End If If FExist(NewPath) <> 0 Then CopyNew = 1
End Function Reprovad0: Private Sub Command1_Click() If CopyNew("C:\x.exe", "C:\cd.exe") = 1 Then MsgBox "File copied" Else MsgBox "File not copied" End If End Sub Scan: File InfoReport generated: 20.1.2010 at 22.51.51 (GMT 1) Filename: Project1.exeFile size: 20480 bytes MD5 hash: dcfa8f35af6857a0d676315c66a68673 SHA1 hash: 4C45C41DC07FCB99212CDE9E805382F6A9A436F8 Detection rate: 0 on 24 Status: CLEANDetectionsa-squared - - Nothing Found!Avira AntiVir - - Nothing Found!Avast - - Nothing Found!AVG - - Nothing Found!BitDefender - - Nothing Found!ClamAV - - Nothing Found!Comodo - - Nothing Found!Dr.Web - - Nothing Found!Ewido - - Nothing Found!F-PROT6 - - Nothing Found!G-Data - - Nothing Found!Ikarus T3 - - Nothing Found!Kaspersky - - Nothing Found!McAfee - - Nothing Found!NOD32 v3 - - Nothing Found!Norman - - Nothing Found!Panda - - Nothing Found!QuickHeal - - Nothing Found!Solo Antivirus - - Nothing Found!Sophos - - Nothing Found!TrendMicro - - Nothing Found!VBA32 - - Nothing Found!VirusBuster - - Nothing Found!ZonerAntivirus - - Nothing Found!Scan report generated by NoVirusThanks.org[/quote]
|
|
|
38
|
Programación / Programación Visual Basic / Ind-Binder v1.0 FUDD 0/41 With SRC
|
en: 16 Diciembre 2009, 16:03 pm
|
Example of simple Binder, Include Source Code. The Source of Stub is FUD but File Binded Detected for Avira, but path stub for No detect File Binded for Avira Sorry for Scan in VT but NVT not is functional Scan 16/12/2009 - 09:30am GMT-5: http://www.virustotal.com/pt/analisis/d4f1ee78ece8c38ea53f0bc463805c1b55f16eacf5c87ed1ce235e2141cc120e-1260973738 Download: http://www.megaupload.com/?d=2CUMHZGU http://www.sendspace.com/file/zauib7
|
|
|
39
|
Programación / Programación Visual Basic / SCB Labs Downloader v2.0
|
en: 15 Diciembre 2009, 17:54 pm
|
Features: - 6 Directories for Save Server - Error Fake Message - Execute Server - Hide Server as file system - Antianubis - Persistence (If server downloaded is not present then download server egain) - Binder - Run BindFile (Run File Binded) Coder: The Swash Helpers: D4RK_J4V13R & ShakI Webs: www.Scblabs.es & www.Indetectables.NetDeteccions of Stub: File InfoReport generated: 15.12.2009 at 0.17.43 (GMT 1) Filename: Zt3.exe File size: 16384 MD5 Hash: da958154dbadf9d4f8223cf6e9ba2c87 SHA1 Hash: 00C355068A82C13105F5BF0BC1F65922B4EBE2EC Self-Extract Archive: Nothing found Binder Detector: Nothing found Detection rate: 3 on 24 Detectionsa-squared - - Avira AntiVir - TR/VB.Downloader.GenAvast - - AVG - - BitDefender - - ClamAV - - Comodo - - Dr.Web - - Ewido - - F-PROT6 - - G-Data - - Ikarus T3 - - Kaspersky - - McAfee - trojan or variant New Malware.dNOD32 v3 - NewHeur_PE virusNorman - - Panda - - QuickHeal - - Solo Antivirus - - Sophos - - TrendMicro - - VBA32 - - VirusBuster - - ZonerAntivirus - - Scan report generated by NoVirusThanks.orgDownload Binary + Src Code http://www.megaupload.com/?d=V0S1NADQ New Link http://www.sendspace.com/file/y57iiy
|
|
|
|
|
|
|