This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ;Kernel32.Sleep(Int32) | |
| mov eax, 0x74c37990 | |
| ;1000 milliseconds | |
| push 1000 | |
| ;Sleep(1000) | |
| call eax |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include | |
| #include | |
| // Source: | |
| // http://www.emoticode.net/embed/c-plus-plus/win32-dll-injection-with-writeprocessmemory-and-opcode-patching.html | |
| // No original Copy of page available | |
| /***************************************************************************************************/ | |
| // Function: | |
| // Inject |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ;Suppose our code will be located at | |
| ;Following address in memory | |
| org 0xDEADBEEF | |
| mov eax, Sleep ;Sleep means [0xDEADBEEF+Sleep] | |
| push Time ;Time means [0xDEADBEEF+Time] | |
| call eax | |
| Sleep dw 0x74c37990 | |
| Time dw 1000 |
NaxAlpha
/ ProcessExtensions.cs
Last active
July 24, 2022 05:13
Remote Process Hacking with C# - Part 2
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Diagnostics; | |
| using System.Runtime.InteropServices; | |
| using System.Text; | |
| public static class ProcessExtensions { | |
| private static IntPtr kernel32; | |
| private static IntPtr loadlibrary; | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System.Diagnostics; | |
| using System.Windows.Forms; | |
| namespace Loader { | |
| public static class Library | |
| { | |
| [DllExport] | |
| static void ShowMessage() { | |
| using(var p = Process.GetCurrentProcess()) { | |
| // Add System.Windows.Forms reference |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Runtime.InteropServices; | |
| using System.Threading; | |
| using System.Windows.Forms; | |
| class Program { | |
| [DllImport("user32.dll")] | |
| static extern short GetAsyncKeyState(Keys vKey); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Runtime.InteropServices; | |
| using System.Text; | |
| public class NativeControl { | |
| public readonly IntPtr Handle; | |
| public string Text { | |
| get { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| using System; | |
| using System.Runtime.InteropServices; | |
| public class FxHook:IDisposable { | |
| const int nBytes = 5; | |
| IntPtr addr; | |
| Protection old; | |
| byte[] src = new byte[5]; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # 4th order implementation | |
| def iterate(tn, yn, h, f): | |
| k1 = h * f(tn, yn) | |
| k2 = h * f(tn + h/2, yn + k1/2) | |
| k3 = h * f(tn + h/2, yn + k2/2) | |
| k4 = h * f(tn + h, yn + k3) | |
| yx = yn + (1/6)*(k1 + 2*k2 + 2*k3 + k4) | |
| return yx |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <Windows.h> | |
| #include <winternl.h> | |
| #include <wchar.h> | |
| #include <tlhelp32.h> | |
| PPEB get_peb(void); | |
| DWORD __stdcall unicode_ror13_hash(const WCHAR *unicode_string); | |
| DWORD __stdcall ror13_hash(const char *string); | |
| HMODULE __stdcall find_module_by_hash(DWORD hash); |
OlderNewer