This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
if (HCERTSTORE hCertStore = CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, | |
CERT_STORE_OPEN_EXISTING_FLAG|CERT_STORE_READONLY_FLAG| | |
CERT_SYSTEM_STORE_LOCAL_MACHINE, L"root")) | |
{ | |
PCCERT_CONTEXT pCertContext = 0; | |
while (pCertContext = CertEnumCertificatesInStore(hCertStore, pCertContext)) | |
{ | |
UCHAR hash[20]; | |
ULONG cb = sizeof(hash); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
typedef struct KERB_SMARTCARD_CSP_INFO | |
{ | |
ULONG dwCspInfoLen; // size of this structure w/ payload | |
ULONG MessageType; // info type, currently CertHashInfo | |
// payload starts, marshaled structure of MessageType | |
union { | |
PVOID ContextInformation; // Reserved | |
ULONG64 SpaceHolderForWow64; | |
}; | |
ULONG flags; // Reserved |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
************************ | |
//++ObjectSecurity | |
DACL: | |
T FL AcessMsK Sid | |
A 00 000F01FF [S-1-5-18] 'NT AUTHORITY\SYSTEM' [WellKnownGroup] | |
A 00 00020008 [S-1-5-32-544] 'BUILTIN\Administrators' [Alias] | |
A 00 000F01FF [S-1-5-32-544] 'BUILTIN\Administrators' [Alias] | |
A 00 000F01FF [S-1-5-21-3349500742-45979764-2889026240-500] 'AAA\Administrator' [User] | |
A 00 000F01FF [S-1-5-21-3349500742-45979764-2889026240-1109] 'AAA\Kelly' [User] | |
LABEL: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
сейчас у нас есть 2 формата ответов ( FAILURE / OK ) | |
<responseHolder> | |
<status>FAILURE</status> | |
<error> | |
<code>%u</code> | |
<message>%s</message> | |
</error> | |
</responseHolder> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
void MinimizeAll(_In_ BOOL bDialogsToo, _In_opt_ HWND hwndMy = 0) | |
{ | |
if (HWND hwnd = FindWindowW(L"Shell_TrayWnd", 0)) | |
{ | |
ULONG dwProcessId; | |
if (GetWindowThreadProcessId(hwnd, &dwProcessId)) | |
{ | |
AllowSetForegroundWindow(dwProcessId); | |
//WCHAR name[0x100]; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include "stdafx.h" | |
_NT_BEGIN | |
NTSTATUS CreatePlaceHolder(PCWSTR lpFileName, ULONG SizeOfImage) | |
{ | |
struct SEF : IMAGE_DOS_HEADER, IMAGE_NT_HEADERS, IMAGE_SECTION_HEADER | |
{ | |
} y {}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
NTSTATUS ShowAuthPackage() | |
{ | |
HANDLE hToken; | |
NTSTATUS status = NtOpenProcessToken(NtCurrentProcess(), TOKEN_QUERY, &hToken); | |
if (0 <= status) | |
{ | |
TOKEN_STATISTICS ts; | |
status = NtQueryInformationToken(hToken, TokenStatistics, &ts, sizeof(ts), &ts.DynamicAvailable); | |
NtClose(hToken); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#define printf DbgPrint | |
#ifndef IDC_STATIC | |
#define IDC_STATIC 65535 // MAXUSHORT | |
#endif | |
struct DTimer | |
{ | |
HANDLE _M_hTimer = 0; | |
LONG _M_dwRefCount = 1; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
struct DTimer | |
{ | |
HANDLE _M_hTimer = 0; | |
LONG _M_dwRefCount = 1; | |
ULONG _M_n = 0; | |
ULONG _M_dwThreadId = GetCurrentThreadId(); | |
LONG _M_stopping = FALSE; | |
void AddRef() | |
{ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
BOOL timer_create( | |
_Outptr_ PHANDLE phTimer, | |
_In_ WAITORTIMERCALLBACK Callback, | |
_In_opt_ PVOID Parameter, | |
_In_ DWORD DueTime, | |
_In_ DWORD Period | |
); | |
void timer_release(HANDLE /*hTimer*/); |