elhacker.net cabecera Bienvenido(a), Visitante. Por favor Ingresar o Registrarse
¿Perdiste tu email de activación?.

 

 


Tema destacado: Arreglado, de nuevo, el registro del warzone (wargame) de EHN


  Mostrar Temas
Páginas: 1 2 3 [4]
31  Programación / Programación Visual Basic / FiletoString Function [VB6] en: 8 Abril 2010, 22:29 pm
Código:
Option Explicit
'--------------------------------------------------------------------------------------------
' Function : FiletoString
' Coder     : The Swash
' References And Constans : API-Guide
' DateTime : 08/04/2010
'--------------------------------------------------------------------------------------------

'Shlwapi.dll
 Private Declare Function PathFileExistsA Lib "shlwapi.dll" (ByVal pszPath As String) As Long

'Kernel32.dll
 Private Declare Function WriteFile Lib "kernel32" (ByVal hFile As Long, lpBuffer As Any, ByVal nNumberOfBytesToWrite As Long, lpNumberOfBytesWritten As Long, ByVal lpOverlapped As Any) As Long
 Private Declare Function CreateFileA Lib "kernel32" (ByVal lpFileName As String, ByVal dwDesiredAccess As Long, ByVal dwShareMode As Long, lpSecurityAttributes As Long, ByVal dwCreationDisposition As Long, ByVal dwFlagsAndAttributes As Long, ByVal hTemplateFile As Long) As Long
 Private Declare Function ReadFile Lib "kernel32" (ByVal hFile As Long, lpBuffer As Any, ByVal nNumberOfBytesToRead As Long, lpNumberOfBytesRead As Long, ByVal lpOverlapped As Any) As Long
 Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
 Private Declare Function GetFileSize Lib "kernel32" (ByVal hFile As Long, lpFileSizeHigh As Long) As Long

'Constants
 Const FILE_SHARE_READ = &H1
 Const OPEN_EXISTING = 3
 Const GENERIC_READ = &H80000000
 Const FILE_SHARE_WRITE = &H2
 
Public Function FiletoString(sFile As String) As String
Dim hFile    As Long
Dim hFSize   As Long
Dim bvBuff() As Byte
Dim hBytes   As Long
Dim hRead    As Long

 If PathFileExistsA(sFile) > 0 Then
  hFile = CreateFileA(sFile, GENERIC_READ, FILE_SHARE_READ Or FILE_SHARE_WRITE, ByVal 0&, OPEN_EXISTING, 0, 0)
  If hFile > 0 Then
   hFSize = GetFileSize(hFile, 0)
   ReDim bvBuff(1 To hFSize)
   hRead = ReadFile(hFile, bvBuff(1), UBound(bvBuff), hBytes, 0&)
   If hRead > 0 Then
    FiletoString = StrConv(bvBuff, vbUnicode)
   End If
  End If
 End If
 
 Call CloseHandle(hFile)
 
End Function

Call:
Código:
Dim sFile As String
 sFile = FiletoString(File path)

Disculpen por la descripcion xD, esta funcion permite obtener las strings de un ejecutable, usado mucho en el mundo del malware pero tambien se puede usar para muchas otras cosas :D

32  Programación / Programación Visual Basic / [SNIPPET] GetTitleActiveApp (VB6) en: 31 Marzo 2010, 18:27 pm
Código:
'-----------------------------------------------------------
' Function : [GetTitleActiveApp]
' Type     : [SNIPPET]
' Autor    : [The Swash]
' DateTime : [31/03/2010]
'-----------------------------------------------------------
Option Explicit

'User32 Lib Apis
Private Declare Function GetForegroundWindow Lib "user32" () As Long
Private Declare Function SendMessage Lib "user32" Alias "SendMessageA" (ByVal hwnd As Long, ByVal wMsg As Long, ByVal wParam As Integer, ByVal lParam As Any) As Long

'SendMessage Constants
Const WM_GETTEXT = &HD
Const WM_GETTEXTLENGTH = &HE

Public Function GetTitleActiveApp() As String
Dim hRet     As Long
Dim hSpace   As Long
Dim sBuffer  As String

  hRet = GetForegroundWindow
  If hRet <> 0 Then
   hSpace = SendMessage(hRet, WM_GETTEXTLENGTH, 0&, 0&) + 1
   If hSpace > 0 Then
    sBuffer = Space$(hSpace)
    Call SendMessage(hRet, WM_GETTEXT, hSpace, sBuffer)
   End If
  End If
  
  GetTitleActiveApp = Trim(sBuffer)
    
End Function

Call:
Código:
MsgBox GetTitleActiveApp
33  Programación / Programación Visual Basic / [Effect] SplashForm en: 22 Marzo 2010, 18:05 pm
Código:
'------------------------------------------------
'| - [Effect] SplashForm
'| - [Autor]  The Swash
'| - [Web]    http://www.Indetectables.net
'| - [Date]   22/03/2010
'------------------------------------------------
Public Function SplashForm(hForm As Form) As Long
Dim hTop    As Long
Dim hLeft   As Long
 
 hTop = hForm.Top
 hLeft = hForm.Left
 
 If hForm.WindowState = 0 And hForm.Visible = True Then
  For i = 1 To 60
   hForm.Top = hForm.Top + 120
   hForm.Left = hForm.Left + 120
   hForm.Top = hTop
   hForm.Left = hLeft
   DoEvents
  Next i
   SplashForm = 1
   Else
   SplashForm = 0: GoTo Quit
 End If
 
Quit:
End Function

Call:
Código:
Call SplashForm(Form1)

Bueno esta idea me salio de algun lado pero no recuerdo donde xD, simplemente leo las bases del top y left, aumento los mismos en bucle y se restauran para que vuelvan al mismo sitio, dio un efecto de Zumbido muy parecido al del MSN espero les guste a pesar de lo simple

Salu2!
34  Programación / Programación Visual Basic / Ayuda [Problema al convertir HEX a String] en: 1 Febrero 2010, 16:21 pm
Hola muchachones xP, vengo en solicitud de una ayudita, sucede que estoy conviertiendo la cadena (5300680065006C006C002E004100700070006C00690063006100740069006F006E) A String, pero al convertir se desborda debido a los 00
Código:
Public Function HS2(xString As String) As String
For I = 1 To Len(xString) Step 2
HS2 = HS2 & Chr$(Val("&H" & Mid(xString, I, 2)))
Next I
End Function
usando este codigo de la siguiente manera
Código:
Private Sub Command2_Click()
Text2.Text = HS2(5300680065006C006C002E004100700070006C00690063006100740069006F006E)
End Sub

Solo muetsra la primera S, ya que despues de esta viene 00 y de ahi no continua.
mi necesidad exacta es tener la string de esto pero ningun convertidor reconoce los 000 les agradezco..
35  Programación / Programación Visual Basic / Ayuda[Loadlibrary] Cargar apis sin declararlas. en: 29 Enero 2010, 17:40 pm
Bueno amigos, sin mas remedio creo que tengo que acudir a su ayuda resulta que de casualidad busque y me tope con esta api que puede cargar junto a otras 2 apis una api sin declararla. Cual es mi problema? mi problema es que no sabria como cargar una api que tenga mas parametros que los de callwindowProc.

Este es un ejemplo funcionando
Código:
Option Explicit
Private Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" (ByVal lpLibFileName As String) As Long
Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long
Private Declare Function CallWindowProc Lib "user32" Alias "CallWindowProcA" (ByVal lpPrevWndFunc As Long, ByVal hWnd As Long, ByVal Msg As Any, ByVal wParam As Any, ByVal lParam As Any) As Long
 Const MB_ICONEXCLAMATION = &H30&
Private Sub Form_load()
 Dim hRet As Long
  hRet = GetProcAddress(LoadLibrary("user32"), "MessageBoxW")
   If hRet > 0 Then
    CallWindowProc hRet, Me.hWnd, ByVal StrPtr("xD"), StrPtr(App.Title), MB_ICONEXCLAMATION
   End If
End Sub

Ahora por ejemplo quisiera trabajar con URLDownloadToFile pero explota la APP, quien tenga idea le agradezco..
36  Programación / Programación Visual Basic / Function FileCreate [VB6] en: 22 Enero 2010, 17:53 pm
Código:
'Coded By The Swash at 22/01/2010
'Web: http://Infrangelux.sytes.net & www.Indetectables.net
'Function to create file, replace Open,Put,Close
'Thx to BlackZeroX
Option Explicit
Public Function FileCreate(ByVal sPath As String, ByVal sInfo As String) As Long
Dim sObj      As Object
Dim sCreate   As Object
 
 If Len(sInfo) > 0 Then
 MsgBox Len(sInfo)
  Set sObj = CreateObject("Scripting.FileSystemObject")
  If Not sObj Is Nothing Then
   Set sCreate = sObj.CreateTextFile(sPath, True)
   sCreate.Write sInfo
   sCreate.Close
  End If
  Set sObj = Nothing
 FileCreate = 1
 End If
 
End Function

Uso:

Código:
Private Sub Command1_Click()
Dim sFile As String

 Open "C:\x.exe" For Binary Access Read As #1
  sFile = String(FileLen("C:\x.exe"), " ")
  Get #1, , sFile
 Close #1
 
 If FileCreate("c:\xd.exe", sFile) = 1 Then MsgBox "Done"
 
End Sub

Salu2  :smile:
37  Programación / Programación Visual Basic / [Source] CopyNew VB en: 21 Enero 2010, 18:13 pm
Gracias a todos por sus comentarios.
@ BlackZeroX que mensajes subliminales  :rolleyes: XD
En base a lo que un dia me dijiste.. el comando Kill depende de que el archivo sea normal para poder eliminarlo asi que decidi verificar con GetFileAttributes y eliminar con DeleteFile.

Codigo Actualizado:
Código:
'***************************************************************
'* Coded By BlackZeroX & The Swash Updated 21/01/2010.         *
'* Function copy using Other method.                           *
'* Web: http://Infrangelux.sytes.net & www.indetectables.Net   *
'* |-> Pueden Distribuir Este Código siempre y cuando          *
'*     no se eliminen los créditos originales de este código   *
'*     No importando que sea modificado/editado o engrandecido *
'*     o achicado, si es en base a este código                 *
'***************************************************************
Option Explicit

Const FILE_SHARE_READ = &H1
Const FILE_SHARE_WRITE = &H2
Const CREATE_NEW = 1
Const OPEN_EXISTING = 3
Const GENERIC_READ = &H80000000
Const GENERIC_WRITE = &H40000000
Const INVALID_HANDLE_VALUE = -1
Const FILE_ATTRIBUTE_ARCHIVE = &H20
Const FILE_ATTRIBUTE_DIRECTORY = &H10
Const FILE_ATTRIBUTE_HIDDEN = &H2
Const FILE_ATTRIBUTE_NORMAL = &H80
Const FILE_ATTRIBUTE_READONLY = &H1
Const FILE_ATTRIBUTE_SYSTEM = &H4
Const FILE_ATTRIBUTE_TEMPORARY = &H100

Private Declare Function DeleteFile Lib "kernel32" Alias "DeleteFileA" (ByVal lpFileName As String) As Long
Private Declare Function GetFileAttributes Lib "kernel32" Alias "GetFileAttributesA" (ByVal lpFileName As String) As Long
Private Declare Function FExist Lib "shlwapi.dll" Alias "PathFileExistsA" (ByVal pszPath As String) As Long
Private Declare Function WriteFile Lib "kernel32" (ByVal hFile As Long, lpBuffer As Any, ByVal nNumberOfBytesToWrite As Long, lpNumberOfBytesWritten As Long, ByVal lpOverlapped As Any) As Long
Private Declare Function CreateFile Lib "kernel32" Alias "CreateFileA" (ByVal lpFileName As String, ByVal dwDesiredAccess As Long, ByVal dwShareMode As Long, lpSecurityAttributes As Long, ByVal dwCreationDisposition As Long, ByVal dwFlagsAndAttributes As Long, ByVal hTemplateFile As Long) As Long
Private Declare Function ReadFile Lib "kernel32" (ByVal hFile As Long, lpBuffer As Any, ByVal nNumberOfBytesToRead As Long, lpNumberOfBytesRead As Long, ByVal lpOverlapped As Any) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function GetFileSize Lib "kernel32" (ByVal hFile As Long, lpFileSizeHigh As Long) As Long

Public Function CopyNew(OldPath As String, NewPath As String) As Long

Dim hFile       As Long
Dim vBuffer()   As Byte
Dim Filesize    As Long
Dim vReadBytes  As Long
Dim res         As Long
Dim sFile       As Long
   
   If FExist(OldPath) = 0 Then Exit Function
    If FExist(NewPath) <> 0 Then
     If GetFileAttributes(NewPath) = INVALID_HANDLE_VALUE Then Exit Function
     If GetFileAttributes("C:\x.exe") = FILE_ATTRIBUTE_ARCHIVE Then DeleteFile NewPath
    End If
     
     hFile = CreateFile(OldPath, GENERIC_READ, FILE_SHARE_READ, ByVal 0&, OPEN_EXISTING, 0, 0)
     If hFile > 0 Then
        Filesize = GetFileSize(hFile, 0)
        ReDim vBuffer(1 To Filesize)
        res = ReadFile(hFile, vBuffer(1), UBound(vBuffer), vReadBytes, ByVal 0&)
        sFile = CreateFile(NewPath, GENERIC_WRITE, FILE_SHARE_READ Or FILE_SHARE_WRITE, ByVal 0&, CREATE_NEW, 0, 0)
        WriteFile sFile, vBuffer(1), UBound(vBuffer), vReadBytes, ByVal 0&
        Call CloseHandle(hFile)
        Call CloseHandle(sFile)
     End If
     If FExist(NewPath) <> 0 Then CopyNew = 1

End Function

Reprovad0:
Código:
Private Sub Command1_Click()
 If CopyNew("C:\x.exe", "C:\cd.exe") = 1 Then
  MsgBox "File copied"
  Else
  MsgBox "File not copied"
 End If
End Sub

Scan:

File Info

Report generated: 20.1.2010 at 22.51.51 (GMT 1)
Filename: Project1.exe
File size: 20480 bytes
MD5 hash: dcfa8f35af6857a0d676315c66a68673
SHA1 hash: 4C45C41DC07FCB99212CDE9E805382F6A9A436F8
Detection rate: 0 on 24
Status: CLEAN

Detections

a-squared - - Nothing Found!
Avira AntiVir - - Nothing Found!
Avast - - Nothing Found!
AVG - - Nothing Found!
BitDefender - - Nothing Found!
ClamAV - - Nothing Found!
Comodo - - Nothing Found!
Dr.Web - - Nothing Found!
Ewido - - Nothing Found!
F-PROT6 - - Nothing Found!
G-Data - - Nothing Found!
Ikarus T3 - - Nothing Found!
Kaspersky - - Nothing Found!
McAfee - - Nothing Found!
NOD32 v3 - - Nothing Found!
Norman - - Nothing Found!
Panda - - Nothing Found!
QuickHeal - - Nothing Found!
Solo Antivirus - - Nothing Found!
Sophos - - Nothing Found!
TrendMicro - - Nothing Found!
VBA32 - - Nothing Found!
VirusBuster - - Nothing Found!
ZonerAntivirus - - Nothing Found!

Scan report generated by
NoVirusThanks.org
[/quote]
38  Programación / Programación Visual Basic / Ind-Binder v1.0 FUDD 0/41 With SRC en: 16 Diciembre 2009, 16:03 pm


Example of simple Binder, Include Source Code.
The Source of Stub is FUD but File Binded Detected for Avira, but path stub for No detect File Binded for Avira

Sorry for Scan in VT but NVT not is functional
Scan 16/12/2009 - 09:30am GMT-5:
Código:
http://www.virustotal.com/pt/analisis/d4f1ee78ece8c38ea53f0bc463805c1b55f16eacf5c87ed1ce235e2141cc120e-1260973738

Download:
Código:
http://www.megaupload.com/?d=2CUMHZGU
Código:
http://www.sendspace.com/file/zauib7
39  Programación / Programación Visual Basic / SCB Labs Downloader v2.0 en: 15 Diciembre 2009, 17:54 pm


Features:
 - 6 Directories for Save Server
 - Error Fake Message
 - Execute Server
 - Hide Server as file system
 - Antianubis
 - Persistence (If server downloaded is not present then download server egain)
 - Binder
 - Run BindFile (Run File Binded)

Coder: The Swash
Helpers: D4RK_J4V13R & ShakI
Webs: www.Scblabs.es & www.Indetectables.Net

Deteccions of Stub:
File Info

Report generated: 15.12.2009 at 0.17.43 (GMT 1)
Filename: Zt3.exe
File size: 16384
MD5 Hash: da958154dbadf9d4f8223cf6e9ba2c87
SHA1 Hash: 00C355068A82C13105F5BF0BC1F65922B4EBE2EC
Self-Extract Archive: Nothing found
Binder Detector: Nothing found
Detection rate: 3 on 24

Detections

a-squared - -
Avira AntiVir - TR/VB.Downloader.Gen
Avast - -
AVG - -
BitDefender - -
ClamAV - -
Comodo - -
Dr.Web - -
Ewido - -
F-PROT6 - -
G-Data - -
Ikarus T3 - -
Kaspersky - -
McAfee - trojan or variant New Malware.d
NOD32 v3 - NewHeur_PE virus
Norman - -
Panda - -
QuickHeal - -
Solo Antivirus - -
Sophos - -
TrendMicro - -
VBA32 - -
VirusBuster - -
ZonerAntivirus - -

Scan report generated by
NoVirusThanks.org


Download Binary + Src Code
Código:
http://www.megaupload.com/?d=V0S1NADQ

New Link
Código:
http://www.sendspace.com/file/y57iiy
Páginas: 1 2 3 [4]
WAP2 - Aviso Legal - Powered by SMF 1.1.21 | SMF © 2006-2008, Simple Machines