This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
DWORD WINAPI Avtr_ThreadProc( pavtr_listelem Elem ) | |
{ | |
if ( !Elem ) | |
return 1; | |
if ( Elem->technique == 0x80000000 ) | |
{ | |
if ( Avtr_getKernelRoutines() ) | |
{ | |
int priv_value = Elem->privilege_value; | |
if ( ! --priv_value ) //1 => ordinary user |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/*2nd level dropper : DLL main function*/ | |
{ | |
/*[...]*/ | |
pavtr_listelem Elem = gList; | |
while ( Elem != NULL ) | |
{ | |
HANDLE hThread = CreateThread(NULL,NULL,Avtr_ThreadProc,Elem,0); | |
if ( ! hThread ) | |
break; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from idc import * | |
from ctypes import c_uint32 | |
def bruteforce_word(dword1,dword2): | |
for i in range(0,256) : | |
for j in range(0,256) : | |
k = 0 | |
result = c_uint32(0xffffffff) | |
while k < 2 : | |
if k == 0 : |
OlderNewer