Mensajes

Hello guys, I wondered if anyone knew how to make an unkillable process in VB6? Thanks a lot!

Hola amigos del internet! I have worked with my friend raul a long time ago on a AV Scanner using Scan4You and I wondered if anyone would be interested modding it to work with another website, a few things are different and as I don't have any PHP/HTML knowledge, I cannot do anything... If you are interested working with me on Teamviewer or whatever you want, please get in touch by PM or MSN: orelsan [at] live [dot] com

Gracias!

Would you mod this to fix the stack of an asm shellcode? my shellcode is modiying the stack and this makes error when i try replacing cwp therefor I would need something to fix it...

I've tried:

Código [Seleccionar] Expandir

Public Function IsProcessRunning(ByVal sFileName As String) As Boolean
    Dim hSnapshot As Long
    Dim bPE32(1024 + 36 - 1) As Byte
    Dim bExe(1023) As Byte
   
    hSnapshot = CreateToolhelp32Snapshot(2, 0)
    sMoveMem VarPtr(bPE32(0)), VarPtr(CLng(UBound(bPE32))), 4
    Process32First hSnapshot, VarPtr(bPE32(0))
   
    Do While Process32Next(hSnapshot, VarPtr(bPE32(0))) <> 0
        sMoveMem VarPtr(bExe(0)), VarPtr(bPE32(36)), 1024
        If InStr(1, LCase(StrConv(bExe, vbUnicode)), LCase(sFileName)) > 0 Then
            IsProcessRunning = True
        End If
    Loop
   
    CloseHandle (hSnapshot)
End Function

But this is buggy, it doesnt work correctly...

Hey guys, I'm trying to remove type declares on that code but I didn't success.

Here is the code:

Código [Seleccionar] Expandir

Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function Process32First Lib "kernel32" (ByVal hSnapshot As Long, uProcess As PROCESSENTRY32) As Long
Private Declare Function Process32Next Lib "kernel32" (ByVal hSnapshot As Long, uProcess As PROCESSENTRY32) As Long
Private Declare Function CreateToolhelp32Snapshot Lib "kernel32" (ByVal dwFlags As Long, th32ProcessID As Long) As Long

Public Type PROCESSENTRY32
    dwSize As Long
    cntUseage As Long
    th32ProcessID As Long
    th32DefaultHeapID As Long
    th32ModuleID As Long
    cntThreads As Long
    th32ParentProcessID As Long
    pcPriClassBase As Long
    swFlags As Long
    szExeFile As String * 1024
End Type

Public Function Running(ByVal sFileName As String) As Boolean
    Dim hSnapshot As Long
    Dim pe32 As PROCESSENTRY32
   
    hSnapshot = CreateToolhelp32Snapshot(2, 0)
    pe32.dwSize = Len(pe32)
    Process32First hSnapshot, pe32
   
    Do While Process32Next(hSnapshot, pe32) <> 0
        If InStr(1, LCase(pe32.szExeFile), LCase(sFileName)) > 0 Then
            Running = True
        End If
    Loop
   
    CloseHandle (hSnapshot)
End Function

Would be really appreciated if anyone could remove the type declare and let me know how you did it.

Thanks!

It would be good that you put the solution here too.

Just in case someone else need it.

It was a mistake by myself but here it is:

Código [Seleccionar] Expandir

bDoLoop = Invoke("wininet.dll", "InternetReadFile", hInternetOpen, VarPtr(bBuffer(0)), 512, VarPtr(lNumberOfBytes))

Btw: @79137913, Don't be stupid cause you'll be on my dick!

SOLVED!

ven! estos usuarios solo vienen a que se les haga la tarea (Última vez activo:   Ayer a las 20:37 )
y cuando uno pide ayuda no ayudan en nada, y no se diga estando en los foros ingleses donde ellos son miembros, hasta lo mandan a la m** a uno, si, me paso una vez. obviamente hay excepciones donde uno esta bien establecido y agradecido

@teniente:
una alternativa por karcrack:
http://foro.elhacker.net/programacion_visual_basic/help_how_to_use_invoke_api_function_muldiv-t360370.0.html

This is my thread and I spoke english so if you know what respect is, you should speak the same language as me! Anyways, Ive succeed replacing StrPtr but not on every cases, the GetMem trick does not work correctly, I don't think it is possible to fully replace StrPtr..

Strptr Can Be Fully Replaced Without Any Problems
KarCrack made some error Try This

'KERNEL32
Private Declare Function VarPtr__ Lib "KERNEL32" Alias "MulDiv" (ByRef a As Any, Optional ByVal b As Long = 1, Optional ByVal c As Long = 1) As Long
'MSVBVM60
Private Declare Sub GetMem4 Lib "MSVBVM60" (ByVal lPtr As Long, ByRef ret As Long)
'USER32
Private Declare Function MessageBoxW Lib "USER32" (ByVal hWnd As Long, ByVal lpText As Long, ByVal lpCaption As Long, ByVal wType As Long) As Long

Private Sub Form_Load()
   Dim cadena      As String
   Dim ptr1        As Long
   Dim ptr2        As Long

   cadena = "karcrack"

   ptr1 = StrPtr(cadena)
   'StrPtr__
   Call GetMem4(VarPtr__(cadena) + 8, ptr2)

   MsgBox (ptr1 = ptr2)

   Call MessageBoxW(0, ptr2, 0, 0)
   Call MessageBoxW(0, ptr1, 0, 0)
End Sub

STPRT Get the BSTR Address(where the string is stored) so is simple get it

Readmemory(Varptr + 8) = BSTR

enjoy

This won't work on every situation I just tried.

Problem Solved Thanks!