16,020,519 members
Sign in
Sign in
Email
Password
Forgot your password?
Sign in with
home
articles
Browse Topics
>
Latest Articles
Top Articles
Posting/Update Guidelines
Article Help Forum
Submit an article or tip
Import GitHub Project
Import your Blog
quick answers
Q&A
Ask a Question
View Unanswered Questions
View All Questions
View C# questions
View C++ questions
View Visual Basic questions
View Javascript questions
View .NET questions
discussions
forums
CodeProject.AI Server
All Message Boards...
Application Lifecycle
>
Running a Business
Sales / Marketing
Collaboration / Beta Testing
Work Issues
Design and Architecture
Artificial Intelligence
ASP.NET
JavaScript
Internet of Things
C / C++ / MFC
>
ATL / WTL / STL
Managed C++/CLI
C#
Free Tools
Objective-C and Swift
Database
Hardware & Devices
>
System Admin
Hosting and Servers
Java
Linux Programming
Python
.NET (Core and Framework)
Android
iOS
Mobile
WPF
Visual Basic
Web Development
Site Bugs / Suggestions
Spam and Abuse Watch
features
features
Competitions
News
The Insider Newsletter
The Daily Build Newsletter
Newsletter archive
Surveys
CodeProject Stuff
community
lounge
Who's Who
Most Valuable Professionals
The Lounge
The CodeProject Blog
Where I Am: Member Photos
The Insider News
The Weird & The Wonderful
help
?
What is 'CodeProject'?
General FAQ
Ask a Question
Bugs and Suggestions
Article Help Forum
About Us
Search within:
Articles
Quick Answers
Messages
Comments by WOLF 2018 (Top 56 by date)
WOLF 2018
12-Aug-24 4:20am
View
You are correct but I kinda planned to make two DLL for this project.
Hook64.dll and Hook32.dll. then the main program chooses what one to load depending on the process architecture. This kinda makes things easier to maintain. But this is mostly seeing what I can do. As I'm learning I wanted to explore hooking and next I will be learning about IAT hooking. So it all part of a process to become more knowledgeable in ASM and C++ as well as understanding hooking.
WOLF 2018
9-Aug-24 13:00pm
View
I'm trying to do using ASM as its a little low level
WOLF 2018
7-May-23 17:36pm
View
Yes your suggestion worked perfectly and thanks for clearing that up about the access fault. I guess im still learning. Tho thanks for letting me know that the TEB is at 30h i always thought from things i read it was 60h
WOLF 2018
7-May-23 14:09pm
View
Thank you for your answer. But does this not just return the TEB? Because i thought the TEB was at offset gs:[00000060h]. But the peb is 0x60 after the TEB hence why i did mov rax, [rax + 60h]
But Im using Windows headers but I dont call any functions. Because if i did i would have got an linker error because i removed all librarys with /NODEFAULTLIB and removed everything from Input from my linker setting in Visual Studio
WOLF 2018
7-May-23 4:06am
View
Because it does not import any librarys as i said in the questions i want to find the functions dynamically. So I need to find the PEB without using functions that windows header provides. Like i had to make my own strcmp to compaire string and everything leads to a binaries that have no imports.
Now I have tested my code with __readgsbytes to get the peb and it works great. I just want to remove my depends on that function. So I wrote the asm to try and give me another way to get access to it. But as i said in the question the mov rax, [rax + 60h] some reason wipes the rax register to null
WOLF 2018
7-May-23 3:57am
View
Well as stated in the question my plain was to have no dependency
WOLF 2018
7-May-23 3:53am
View
Because I don't have librarys, so I don't have access to api to get the NtQueryInformationProcess
WOLF 2018
5-Jan-22 11:57am
View
I use OpenPrcess because I can only get a Process handle from NtCreateProcess as far as i know
WOLF 2018
5-Jan-22 11:42am
View
You see I am using NtCreateProcess to make a process and that does not have an option to get the startup info and process info
WOLF 2018
5-Jan-22 11:06am
View
I believe NtQueryInformationProcess can get the first one but i am not sure on the startupinfo
https://docs.microsoft.com/en-us/windows/win32/api/winternl/nf-winternl-ntqueryinformationprocess
WOLF 2018
25-Apr-20 9:35am
View
ok i have update
IsExit = false
hello
Exited Loop // It exits loop
WOLF 2018
25-Apr-20 9:30am
View
well it was, but now i have been changing the code it not anymore
WOLF 2018
25-Apr-20 9:23am
View
because its a DLL i am unable to debug it in VS 2019
WOLF 2018
25-Apr-20 9:18am
View
this is what i get from the server
Ncat: Version 5.59BETA1 ( http://nmap.org/ncat )
Ncat: Listening on 0.0.0.0:3000
Ncat: Connection from 127.0.0.1:53169.
hello
Ncat: Version 5.59BETA1 ( http://nmap.org/ncat )
Ncat: Listening on 0.0.0.0:3000
Ncat: Connection from 127.0.0.1:53170.
and the client output is
Can't connect to server, Err #10061
Can't connect to server, Err #10061
IsExit = false
Disconnect = false
hello
IsExit = false
Disconnect = false
SOCKET ERROR (GETDATA()) // thats because i disconnected
WOLF 2018
25-Apr-20 9:16am
View
i tried that and it still does the samething
WOLF 2018
25-Apr-20 9:14am
View
ok i tried adding that at the start of Networking
with
IsExit = false;
Disconnect = false;
and it does the samething
WOLF 2018
25-Apr-20 9:11am
View
thats true, i will give thats a try
WOLF 2018
25-Apr-20 8:47am
View
well it is set to false
bool IsExit = false;
while (!IsExit)
{
std::string input;
std::getline(std::cin, input);
SendData(sock, input);
std::string output{ GetData(sock) };
std::cout << output << std::endl;
if (output == "exit\n") {
IsExit = true;
}
if (Disconnect) {
IsExit = true;
}
}
WOLF 2018
25-Apr-20 6:32am
View
disconnect is set to false
WOLF 2018
21-Feb-20 10:36am
View
well that checks to make sure the sender of the message doesn't get there own message back
WOLF 2018
14-Apr-19 12:10pm
View
I use https and I have RC4 encryption and base64 encoding and then that’s sent to the server that way I can’t read the message only they can
WOLF 2018
14-Apr-19 3:03am
View
Yes but what I meant is yes it encrypts it but when it gets to the server is completely visible. So it would get stored in clear text. That’s why the RC4 would stop it being stored like that. Plus I came up with a way of running the encryption and encoding from JavaScript and that thought ssl so I got both I guess. Anyway thanks
WOLF 2018
14-Apr-19 1:29am
View
But the messages would be sent to the server in clear text even if I have a ssl certificate. I want to promise my users that is end to end encrypted and they is no way I can view the messages.
WOLF 2018
12-Apr-19 16:26pm
View
I got it working it took some editing tho
WOLF 2018
12-Apr-19 8:14am
View
Yes, but is there a tutorial about setting up. Because I could extract the .iso file and then see what comes with it and edit the bootloader and I think they is a C Compiler for dos. I am just inquiring. Would that be possible
WOLF 2018
28-Mar-19 13:10pm
View
i typed in whoami
WOLF 2018
28-Mar-19 11:46am
View
i have displayed the work and it looked fine but i still can't compare.
this is me connecting to it
root@Unknown:~# nc 127.0.0.1 12344
whoami
root
this is the python script output
/usr/bin/python2.7 /root/wolf-python-projects/server.py
Connected to by ('127.0.0.1', 39468)
whoami
root is what the server told me i am. (well is right i am root)
WOLF 2018
28-Mar-19 11:34am
View
thats what i think. now i am getting this error
Traceback (most recent call last):
File "/root/wolf-python-projects/server.py", line 41, in <module>
main()
File "/root/wolf-python-projects/server.py", line 15, in main
a = threading.Thread(target=rootShell(r))
File "/root/wolf-python-projects/server.py", line 31, in rootShell
r.send("Error Running Command")
File "/usr/lib/python2.7/socket.py", line 174, in _dummy
raise error(EBADF, 'Bad file descriptor')
socket.error: [Errno 9] Bad file descriptor
WOLF 2018
28-Mar-19 11:22am
View
ok thanks man that second one worked, but why can't i just compare it as a string. because i am going to add a login and well i need to check if the username matches and the password matches
WOLF 2018
28-Mar-19 11:15am
View
no i know that i entered exit all lower case. but is just doesn't respond. ps but i did give it a shot
WOLF 2018
31-Jan-19 16:09pm
View
Thanks I will give that a try
WOLF 2018
29-Jan-19 6:46am
View
Just finished reading this but I don’t understand where I can return true or false. I just want a simple method.
WOLF 2018
29-Jan-19 6:44am
View
Unfortunately that didn’t work. My computer can’t find std::filesystem and I have included it.
WOLF 2018
28-Jan-19 18:57pm
View
No I am not trying to do anything malicious. I am trying to show them a message in they open process. Ps. If I do find a way. I can really do the matrix thing at home to my friend. You know when he opens cmd write “hello neo” and then “follow the white rabbit” as a bit of a joke for him.
WOLF 2018
28-Jan-19 18:46pm
View
Thanks you for this. I will try it out later and see if it works and hopefully that will let me write them a message to tell them to stop. :)
WOLF 2018
28-Jan-19 18:44pm
View
Can’t have students try and access things they shouldn’t. Plus I am working on scanning USBs using VirusTotal api. That will stop them trying to install malware on the computer.
WOLF 2018
28-Jan-19 18:41pm
View
Well it only happens if the process gets closed by force. I make a client to talk to it and I can close it though that and it won’t cause a BSOD. And with the power to stop access to power shell as well.
WOLF 2018
28-Jan-19 16:46pm
View
I use task Scheduler and run as admin and not just that the process protects itself because if you close it you will get a BSOD.
WOLF 2018
28-Jan-19 16:45pm
View
Deleted
I use task Scheduler and run as admin and not just that the process protects itself because if you close it you will get a BSOD.
WOLF 2018
28-Jan-19 16:44pm
View
Deleted
I use task Scheduler and run as admin and not just that the process protects itself because if you close it you will get a BSOD.
WOLF 2018
28-Jan-19 16:37pm
View
Not true I have disabled task manager and if the watchdog closes the company will go to a blue screen of death.
WOLF 2018
28-Jan-19 2:50am
View
As I said I need a method of inputting information into cmd when run by user that way I can give them a scare and let them know I am watching.
WOLF 2018
28-Jan-19 2:46am
View
I know but I want to scare them a bit lol. As I thought them seeing that cmd is telling them not to use it is more fun.
WOLF 2018
27-Jan-19 16:36pm
View
No I am doing it because I wanted to Learn more about the window boot process and get a program in to log the info to a txt file to read when I login.
WOLF 2018
27-Jan-19 16:16pm
View
Ok I will give that a try but I thought you could boot Windows OS and use they bootloader and inject a process.
WOLF 2018
26-Oct-18 20:52pm
View
is a Windows form so thats a lot of code. so i added all the info that you need. just make two lists and try and putting 5 numbers in to them and then check if the any of the 5 numbers in list 1 match list 2. thats all i am trying to do.
WOLF 2018
15-Jul-18 17:27pm
View
ok well how would i do this.
WOLF 2018
15-Jul-18 17:17pm
View
yes. I want my program to check if a the file esists and if they don't then i want it to make them so that i don't have to download them.
WOLF 2018
15-Jul-18 17:11pm
View
yes but not i don't want it to run silently. I just thought if i could get the bytes in to a string, then i view the bytes and put them in another program so that it could use the bytes to make the file again. I know it sounds like a mind f*** but i think it could be done, or can you complie C# code from a file to make an exe without a complier. (sorry about my spelling.)
WOLF 2018
14-Jul-18 12:19pm
View
Deleted
and that ant the full file
WOLF 2018
14-Jul-18 12:18pm
View
Deleted
this is what the bytes.txt looks like
MZ� �� � @ � � � �!�L�!This program cannot be run in DOS mode.
[Remainder deleted to save screen space - OriginalGriff]
WOLF 2018
14-Jul-18 12:10pm
View
my antivirus is disabled. so thats not the case
WOLF 2018
14-Jul-18 12:07pm
View
i am using C# exe and i am trying to turn it in to a string that i can use on other programs i make. the file is called bit.exe. they not much info then that
WOLF 2018
14-Jul-18 12:04pm
View
i can't because the file the bytes are in is a text and it won't let me read it as bytes
WOLF 2018
14-Jul-18 12:02pm
View
i will try that now
WOLF 2018
14-Jul-18 12:01pm
View
they come from a exe file
Show More