Skip to content

Instantly share code, notes, and snippets.

View iljavs's full-sized avatar

Ilja van Sprundel iljavs

View GitHub Profile
#include <stdio.h>
#include <stdlib.h>
#define BYTE unsigned char
#define WORD unsigned short
#define DWORD unsigned int
#define LONG long
#define ULONGLONG unsigned long long
#define IMAGE_FILE_MACHINE_I386 0x014c
#include <Windows.h>
#include <stdio.h>
int main(int argc, char **argv){
if (argc < 3) {
printf("<pid> <percentage> arguments required\n");
exit(0);
}
#include <stdio.h>
#include <windows.h>
int main(){
STARTUPINFOW su;
PROCESS_INFORMATION pi;
memset(&su, 0x00, sizeof(su));
memset(&pi, 0x00, sizeof(pi));
su.cb = sizeof(su);
#include <windows.h>
#include <stdio.h>
#include <time.h>
#define PRIME_DEFAULT_SIZE 64
#define DEFAULT_MAX 4000000
typedef struct _prime {
ULONG start;
ULONG range;
#include <windows.h>
#include <stdio.h>
int main() {
DWORD hcount = 0;
int end = 0;
printf("starting handle loop (this could take a while) ");
fflush(stdout);
while (!end) {
if (!(hcount % 10000)) {
#include <Windows.h>
#include <stdio.h>
#include <ntstatus.h>
#define SystemModuleInformation 0x0b
typedef struct SYSTEM_MODULE {
PVOID Reserved1;
PVOID Reserved2;
PVOID ImageBase;
void hexdump(unsigned char *data, size_t size) {
char ascii[17] = {0};
size_t i;
for (i = 0; i < size; ++i) {
unsigned char c = data[i];
size_t next = i+1;
printf("%02X ", c);
ascii[i % 16] = isprint(c) ? c : '.';
if (next % 8 == 0 || next == size) {
#include <ntddk.h>
#include <windef.h>
#define DEVNAME L"\\Device\\ProcReveal"
#define LINKNAME L"\\??\\ProcReveal"
#define IOCTL_OPEN_PROCESS CTL_CODE(FILE_DEVICE_UNKNOWN , 1, METHOD_NEITHER, FILE_ANY_ACCESS)
void PrUnload(PDRIVER_OBJECT DriverObject) {
NTSTATUS status;
// ProcGet.cpp : This file contains the 'main' function. Program execution begins and ends there.
//
#include <Windows.h>
#include <stdio.h>
#include <psapi.h>
#define IOCTL_OPEN_PROCESS CTL_CODE(FILE_DEVICE_UNKNOWN , 1, METHOD_NEITHER, FILE_ANY_ACCESS)
int main(int argc, char **argv) {
#include <ntddk.h>
#define SIMPLE_TAG 'pmis'
void* p;
void SimpleUnload(PDRIVER_OBJECT DriverObject) {
UNREFERENCED_PARAMETER(DriverObject);
DbgPrint("SimpleUnload called \n");