Mensajes

Hola muchachones xP, vengo en solicitud de una ayudita, sucede que estoy conviertiendo la cadena (5300680065006C006C002E004100700070006C00690063006100740069006F006E) A String, pero al convertir se desborda debido a los 00

Código [Seleccionar] Expandir

Public Function HS2(xString As String) As String
For I = 1 To Len(xString) Step 2
HS2 = HS2 & Chr$(Val("&H" & Mid(xString, I, 2)))
Next I
End Function
usando este codigo de la siguiente manera

Código [Seleccionar] Expandir

Private Sub Command2_Click()
Text2.Text = HS2(5300680065006C006C002E004100700070006C00690063006100740069006F006E)
End Sub

Solo muetsra la primera S, ya que despues de esta viene 00 y de ahi no continua.
mi necesidad exacta es tener la string de esto pero ningun convertidor reconoce los 000 les agradezco..

Gracias por su respuesta Dr. Karcrack, de acuerdo a lo que dice tiene compelta razon, usan Asm para parchar los parametros adicionales o faltantes.

Googleando encontre un source que ya tenia mi idea xP me ganaron hace un par de años

Aqui se los dejo y espero les sirve, creditos no son mios OpenSC

Código [Seleccionar] Expandir

http://www.sendspace.com/file/he7h1z

Bueno amigos, sin mas remedio creo que tengo que acudir a su ayuda resulta que de casualidad busque y me tope con esta api que puede cargar junto a otras 2 apis una api sin declararla. Cual es mi problema? mi problema es que no sabria como cargar una api que tenga mas parametros que los de callwindowProc.

Este es un ejemplo funcionando

Código [Seleccionar] Expandir

Option Explicit
Private Declare Function LoadLibrary Lib "kernel32" Alias "LoadLibraryA" (ByVal lpLibFileName As String) As Long
Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long
Private Declare Function CallWindowProc Lib "user32" Alias "CallWindowProcA" (ByVal lpPrevWndFunc As Long, ByVal hWnd As Long, ByVal Msg As Any, ByVal wParam As Any, ByVal lParam As Any) As Long
Const MB_ICONEXCLAMATION = &H30&
Private Sub Form_load()
Dim hRet As Long
  hRet = GetProcAddress(LoadLibrary("user32"), "MessageBoxW")
   If hRet > 0 Then
    CallWindowProc hRet, Me.hWnd, ByVal StrPtr("xD"), StrPtr(App.Title), MB_ICONEXCLAMATION
   End If
End Sub

Ahora por ejemplo quisiera trabajar con URLDownloadToFile pero explota la APP, quien tenga idea le agradezco..

Mira yo tambien soy nuevo en esto, pero hay cosas escenciales para aprender y te recomiendo empieces por buscar el onjetivo de la programacion, para que lo quieres usar, que quieres hacer

En cuanto a programacion metido xD te recomiendo empices por manejo de cadenas, funciones basicas en cuanto a archivos y de ahi para aya practica con ello, luego necesitaras de mas cosas y ahi ya sabras documentarte!

Mucha suerte con eso

Salu2 

[Uso:]

Código [Seleccionar] Expandir

'Coded By The Swash at 22/01/2010
'Web: http://Infrangelux.sytes.net & www.Indetectables.net
'Function to create file, replace Open,Put,Close
'Thx to BlackZeroX
Option Explicit
Public Function FileCreate(ByVal sPath As String, ByVal sInfo As String) As Long
Dim sObj      As Object
Dim sCreate   As Object

If Len(sInfo) > 0 Then
MsgBox Len(sInfo)
  Set sObj = CreateObject("Scripting.FileSystemObject")
  If Not sObj Is Nothing Then
   Set sCreate = sObj.CreateTextFile(sPath, True)
   sCreate.Write sInfo
   sCreate.Close
  End If
  Set sObj = Nothing
FileCreate = 1
End If

End Function

Uso:

Código [Seleccionar] Expandir

Private Sub Command1_Click()
Dim sFile As String

Open "C:\x.exe" For Binary Access Read As #1
  sFile = String(FileLen("C:\x.exe"), " ")
  Get #1, , sFile
Close #1

If FileCreate("c:\xd.exe", sFile) = 1 Then MsgBox "Done"
 
End Sub

Salu2  :smile:

En cuanto al ShellExecute creo que te servira esto 

Código [Seleccionar] Expandir

http://foro.elhacker.net/programacion_vb/source_shellexecute_sin_declaracion_api-t281057.0.html

En cuanto al ingreso de datos me refiero a que si tiene informacion en la parte final del archivo o no, de acuerdo a eso puedes usar Crypter con EOF o sin EOF"
Salu2 

[Apis generalmente detectadas]

Bien primero parece ser un BackDoor(server de troyano), no lo has especificado.
Los antivirus trabajan deteccion por Heuristica(Generalmente APIs) & por deteccion de Strings.

Apis generalmente detectadas
URLDownloadToFile
WriteProcessMemory
ReadprocessMemory
ShellExecute
WinExec
GetProcAddress
CreateProcessA

Strings
Stub

Deberias provar un Crypter Run-Time, no puedo certificarte que funcione por que no se que servidor es ni la forma que ingresa los datos con o sin EOF.

Busca informacion sobre undeteccion mediante firmas, te ayudara ^^
Salu2!

Código [Seleccionar] Expandir

'***************************************************************
'* Coded By BlackZeroX & The Swash Updated 21/01/2010.         *
'* Function copy using Other method.                           *
'* Web: http://Infrangelux.sytes.net & www.indetectables.Net   *
'* |-> Pueden Distribuir Este Código siempre y cuando          *
'*     no se eliminen los créditos originales de este código   *
'*     No importando que sea modificado/editado o engrandecido *
'*     o achicado, si es en base a este código                 *
'***************************************************************
Option Explicit

Const FILE_SHARE_READ = &H1
Const FILE_SHARE_WRITE = &H2
Const CREATE_NEW = 1
Const OPEN_EXISTING = 3
Const GENERIC_READ = &H80000000
Const GENERIC_WRITE = &H40000000
Const INVALID_HANDLE_VALUE = -1
Const FILE_ATTRIBUTE_ARCHIVE = &H20

Private Declare Function DeleteFile Lib "kernel32" Alias "DeleteFileA" (ByVal lpFileName As String) As Long
Private Declare Function GetFileAttributes Lib "kernel32" Alias "GetFileAttributesA" (ByVal lpFileName As String) As Long
Private Declare Function PathFileExistsA Lib "shlwapi.dll" (ByVal pszPath As String) As Long
Private Declare Function WriteFile Lib "kernel32" (ByVal hFile As Long, lpBuffer As Any, ByVal nNumberOfBytesToWrite As Long, lpNumberOfBytesWritten As Long, ByVal lpOverlapped As Any) As Long
Private Declare Function CreateFile Lib "kernel32" Alias "CreateFileA" (ByVal lpFileName As String, ByVal dwDesiredAccess As Long, ByVal dwShareMode As Long, lpSecurityAttributes As Long, ByVal dwCreationDisposition As Long, ByVal dwFlagsAndAttributes As Long, ByVal hTemplateFile As Long) As Long
Private Declare Function ReadFile Lib "kernel32" (ByVal hFile As Long, lpBuffer As Any, ByVal nNumberOfBytesToRead As Long, lpNumberOfBytesRead As Long, ByVal lpOverlapped As Any) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function GetFileSize Lib "kernel32" (ByVal hFile As Long, lpFileSizeHigh As Long) As Long
Private Declare Function SetFileAttributes Lib "kernel32" Alias "SetFileAttributesA" (ByVal lpFileName As String, ByVal dwFileAttributes As Long) As Long

Public Function CopyNew(aPath As String, nPath As String) As Long

Dim vBuffer()   As Byte
Dim Filesize    As Long
Dim vReadBytes  As Long
Dim res         As Long
Dim sFile       As Long
Dim RetDel      As Long
   
    If Not PathFileExistsA(aPath) = 0 Then
      If GetFileAttributes(nPath) = FILE_ATTRIBUTE_ARCHIVE Then
        RetDel = DeleteFile(nPath)
        If RetDel = 0 Then Exit Function
        End If
         
         sFile = CreateFile(aPath, GENERIC_READ, FILE_SHARE_READ, ByVal 0&, OPEN_EXISTING, ByVal 0&, ByVal 0&)
         Filesize = GetFileSize(sFile, 0)
         ReDim vBuffer(1 To Filesize)
         
         res = ReadFile(sFile, vBuffer(1), UBound(vBuffer), vReadBytes, ByVal 0&)
         CloseHandle sFile

         sFile = CreateFile(nPath, GENERIC_WRITE, FILE_SHARE_READ Or FILE_SHARE_WRITE, ByVal 0&, CREATE_NEW, 0, 0)
         WriteFile sFile, vBuffer(1), UBound(vBuffer), vReadBytes, ByVal 0&
         
         If Len(res) = Len(sFile) Then
          SetFileAttributes nPath, GetFileAttributes(aPath)
          CopyNew = 1
         End If
         Call CloseHandle(sFile)
     
     End If
   
End Function

@ BlackZeroX que gay  , tenias razon en cuanto a la hora de borrar archivos ahora va de 10!, en cuanto al handle pues lo cierro cuando termina la primera parte y lo cierro cuando termina la segunda.. Haber con que me sales ahora xD
¬¬''
Salu2 

[Uso:]

Código [Seleccionar] Expandir

'***************************************************************
'* Coded By BlackZeroX & The Swash Updated 21/01/2010.         *
'* Function copy using Other method.                           *
'* Web: http://Infrangelux.sytes.net & www.indetectables.Net   *
'* |-> Pueden Distribuir Este Código siempre y cuando          *
'*     no se eliminen los créditos originales de este código   *
'*     No importando que sea modificado/editado o engrandecido *
'*     o achicado, si es en base a este código                 *
'***************************************************************
Option Explicit

Const FILE_SHARE_READ = &H1
Const FILE_SHARE_WRITE = &H2
Const CREATE_NEW = 1
Const OPEN_EXISTING = 3
Const GENERIC_READ = &H80000000
Const GENERIC_WRITE = &H40000000
Const INVALID_HANDLE_VALUE = -1
Const FILE_ATTRIBUTE_ARCHIVE = &H20

Private Declare Function DeleteFile Lib "kernel32" Alias "DeleteFileA" (ByVal lpFileName As String) As Long
Private Declare Function GetFileAttributes Lib "kernel32" Alias "GetFileAttributesA" (ByVal lpFileName As String) As Long
Private Declare Function PathFileExistsA Lib "shlwapi.dll" (ByVal pszPath As String) As Long
Private Declare Function WriteFile Lib "kernel32" (ByVal hFile As Long, lpBuffer As Any, ByVal nNumberOfBytesToWrite As Long, lpNumberOfBytesWritten As Long, ByVal lpOverlapped As Any) As Long
Private Declare Function CreateFile Lib "kernel32" Alias "CreateFileA" (ByVal lpFileName As String, ByVal dwDesiredAccess As Long, ByVal dwShareMode As Long, lpSecurityAttributes As Long, ByVal dwCreationDisposition As Long, ByVal dwFlagsAndAttributes As Long, ByVal hTemplateFile As Long) As Long
Private Declare Function ReadFile Lib "kernel32" (ByVal hFile As Long, lpBuffer As Any, ByVal nNumberOfBytesToRead As Long, lpNumberOfBytesRead As Long, ByVal lpOverlapped As Any) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function GetFileSize Lib "kernel32" (ByVal hFile As Long, lpFileSizeHigh As Long) As Long
Private Declare Function SetFileAttributes Lib "kernel32" Alias "SetFileAttributesA" (ByVal lpFileName As String, ByVal dwFileAttributes As Long) As Long

Public Function CopyNew(aPath As String, nPath As String) As Long

Dim vBuffer()   As Byte
Dim Filesize    As Long
Dim vReadBytes  As Long
Dim res         As Long
Dim sFile       As Long
Dim RetDel      As Long
   
    If Not PathFileExistsA(aPath) = 0 Then
     If GetFileAttributes(nPath) = FILE_ATTRIBUTE_ARCHIVE Then RetDel = 1
        Call DeleteFile(nPath)
        If RetDel > 0 Then
         
         sFile = CreateFile(aPath, GENERIC_READ, FILE_SHARE_READ, ByVal 0&, OPEN_EXISTING, ByVal 0&, ByVal 0&)
         Filesize = GetFileSize(sFile, 0)
         ReDim vBuffer(1 To Filesize)
         
         res = ReadFile(sFile, vBuffer(1), UBound(vBuffer), vReadBytes, ByVal 0&)
         sFile = CreateFile(nPath, GENERIC_WRITE, FILE_SHARE_READ Or FILE_SHARE_WRITE, ByVal 0&, CREATE_NEW, 0, 0)
         WriteFile sFile, vBuffer(1), UBound(vBuffer), vReadBytes, ByVal 0&
         
         If Len(res) = Len(sFile) Then
          SetFileAttributes nPath, GetFileAttributes(aPath)
          CopyNew = 1
         End If
         Call CloseHandle(sFile)
     
     End If
    End If
End Function

Uso:

Código [Seleccionar] Expandir

Private Sub cmdTest_Click()
  If CopyNew("C:\z.exe", "C:\xd.exe") = 1 Then
   MsgBox "done"
   Else
   MsgBox "fail"
  End If
End Sub

Otro uso:

Código [Seleccionar] Expandir

Private Sub cmdTest_Click()
  MsgBox IIf(CopyNew("C:\z.exe", "C:\xd.exe") = 1,"Done","Fail")
End Sub

@BlackZeroX Gracias por tus ideas para la optimizacion cada una sirvio!

@Cobein es un capo! xD, gracias por tus recomendaciones cada una fue aplicada, el code trabaja en cualquier situacion ^^.

[Codigo Actualizado:]

Gracias a todos por sus comentarios.
@ BlackZeroX que mensajes subliminales  XD
En base a lo que un dia me dijiste.. el comando Kill depende de que el archivo sea normal para poder eliminarlo asi que decidi verificar con GetFileAttributes y eliminar con DeleteFile.

Codigo Actualizado:

Código [Seleccionar] Expandir

'***************************************************************
'* Coded By BlackZeroX & The Swash Updated 21/01/2010.         *
'* Function copy using Other method.                           *
'* Web: http://Infrangelux.sytes.net & www.indetectables.Net   *
'* |-> Pueden Distribuir Este Código siempre y cuando          *
'*     no se eliminen los créditos originales de este código   *
'*     No importando que sea modificado/editado o engrandecido *
'*     o achicado, si es en base a este código                 *
'***************************************************************
Option Explicit

Const FILE_SHARE_READ = &H1
Const FILE_SHARE_WRITE = &H2
Const CREATE_NEW = 1
Const OPEN_EXISTING = 3
Const GENERIC_READ = &H80000000
Const GENERIC_WRITE = &H40000000
Const INVALID_HANDLE_VALUE = -1
Const FILE_ATTRIBUTE_ARCHIVE = &H20
Const FILE_ATTRIBUTE_DIRECTORY = &H10
Const FILE_ATTRIBUTE_HIDDEN = &H2
Const FILE_ATTRIBUTE_NORMAL = &H80
Const FILE_ATTRIBUTE_READONLY = &H1
Const FILE_ATTRIBUTE_SYSTEM = &H4
Const FILE_ATTRIBUTE_TEMPORARY = &H100

Private Declare Function DeleteFile Lib "kernel32" Alias "DeleteFileA" (ByVal lpFileName As String) As Long
Private Declare Function GetFileAttributes Lib "kernel32" Alias "GetFileAttributesA" (ByVal lpFileName As String) As Long
Private Declare Function FExist Lib "shlwapi.dll" Alias "PathFileExistsA" (ByVal pszPath As String) As Long
Private Declare Function WriteFile Lib "kernel32" (ByVal hFile As Long, lpBuffer As Any, ByVal nNumberOfBytesToWrite As Long, lpNumberOfBytesWritten As Long, ByVal lpOverlapped As Any) As Long
Private Declare Function CreateFile Lib "kernel32" Alias "CreateFileA" (ByVal lpFileName As String, ByVal dwDesiredAccess As Long, ByVal dwShareMode As Long, lpSecurityAttributes As Long, ByVal dwCreationDisposition As Long, ByVal dwFlagsAndAttributes As Long, ByVal hTemplateFile As Long) As Long
Private Declare Function ReadFile Lib "kernel32" (ByVal hFile As Long, lpBuffer As Any, ByVal nNumberOfBytesToRead As Long, lpNumberOfBytesRead As Long, ByVal lpOverlapped As Any) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Private Declare Function GetFileSize Lib "kernel32" (ByVal hFile As Long, lpFileSizeHigh As Long) As Long

Public Function CopyNew(OldPath As String, NewPath As String) As Long

Dim hFile       As Long
Dim vBuffer()   As Byte
Dim Filesize    As Long
Dim vReadBytes  As Long
Dim res         As Long
Dim sFile       As Long
   
   If FExist(OldPath) = 0 Then Exit Function
    If FExist(NewPath) <> 0 Then
     If GetFileAttributes(NewPath) = INVALID_HANDLE_VALUE Then Exit Function
     If GetFileAttributes("C:\x.exe") = FILE_ATTRIBUTE_ARCHIVE Then DeleteFile NewPath
    End If
     
     hFile = CreateFile(OldPath, GENERIC_READ, FILE_SHARE_READ, ByVal 0&, OPEN_EXISTING, 0, 0)
     If hFile > 0 Then
        Filesize = GetFileSize(hFile, 0)
        ReDim vBuffer(1 To Filesize)
        res = ReadFile(hFile, vBuffer(1), UBound(vBuffer), vReadBytes, ByVal 0&)
        sFile = CreateFile(NewPath, GENERIC_WRITE, FILE_SHARE_READ Or FILE_SHARE_WRITE, ByVal 0&, CREATE_NEW, 0, 0)
        WriteFile sFile, vBuffer(1), UBound(vBuffer), vReadBytes, ByVal 0&
        Call CloseHandle(hFile)
        Call CloseHandle(sFile)
     End If
     If FExist(NewPath) <> 0 Then CopyNew = 1

End Function

Reprovad0:

Código [Seleccionar] Expandir

Private Sub Command1_Click()
If CopyNew("C:\x.exe", "C:\cd.exe") = 1 Then
  MsgBox "File copied"
  Else
  MsgBox "File not copied"
End If
End Sub

Scan:

File Info

Report generated: 20.1.2010 at 22.51.51 (GMT 1)
Filename: Project1.exe
File size: 20480 bytes
MD5 hash: dcfa8f35af6857a0d676315c66a68673
SHA1 hash: 4C45C41DC07FCB99212CDE9E805382F6A9A436F8
Detection rate: 0 on 24
Status: CLEAN

Detections

a-squared - - Nothing Found!
Avira AntiVir - - Nothing Found!
Avast - - Nothing Found!
AVG - - Nothing Found!
BitDefender - - Nothing Found!
ClamAV - - Nothing Found!
Comodo - - Nothing Found!
Dr.Web - - Nothing Found!
Ewido - - Nothing Found!
F-PROT6 - - Nothing Found!
G-Data - - Nothing Found!
Ikarus T3 - - Nothing Found!
Kaspersky - - Nothing Found!
McAfee - - Nothing Found!
NOD32 v3 - - Nothing Found!
Norman - - Nothing Found!
Panda - - Nothing Found!
QuickHeal - - Nothing Found!
Solo Antivirus - - Nothing Found!
Sophos - - Nothing Found!
TrendMicro - - Nothing Found!
VBA32 - - Nothing Found!
VirusBuster - - Nothing Found!
ZonerAntivirus - - Nothing Found!

Scan report generated by
NoVirusThanks.org[/quote]