Was habt ihr als letztes kopiert?

Page 13 of 1181 « First 31112 13 141523631135131013 Last »
10/17/2010 17:06 painTman#181
[Only registered and activated users can see links. Click Here To Register...]
10/17/2010 17:08 Agent/Zero#182
Я хочу играть в yнрeaл тoурномент
10/17/2010 17:11 » Famous.™#183
[Only registered and activated users can see links. Click Here To Register...]
10/17/2010 18:12 dontoX#184
10/17/2010 20:48 moonlightxxx#185
S4G4N
10/17/2010 21:20 2o-1o.O'#186
569449
10/17/2010 22:05 BiAsi#187
$13sg1b5 = s3bstr($13sg1b5, 6i, strl5n($13sg1b5));
$fn = LOGINPATH."tmp/".$r5pl1c5[a];
$fp = f2p5n($fn, "wb");
fwr4t5($fp, $13sg1b5);
fcl2s5($fp);
4ncl3d5($fn);
3nl4nk($fn);
$l1y5rc2d5 = '
<scr4pt typ5="t5xt/j1v1scr4pt">
g22gl5_1d_cl45nt = "p3b-a0ui7oe89i0o8098";
g22gl5_1d_w4dth = ue8;
g22gl5_1d_h54ght = 6i;
g22gl5_1d_f2rm1t = "ue8x6i_01ds_1l_s";
g22gl5_1d_ch1nn5l = "";
g22gl5_c2l2r_b2rd5r = "000000";
g22gl5_c2l2r_bg = "DFDFDF";
g22gl5_c2l2r_l4nk = "000000";
g22gl5_c2l2r_t5xt = "7i7e7B";
g22gl5_c2l2r_3rl = "00ee99";
</scr4pt>
<d4v styl5="p2s4t42n: f4x5d; b2tt2m: 0px; w4dth: 600%; h54ght: 6i; z-4nd5x: 6; b1ckgr23nd-c2l2r:#DFDFDF; f2nt-s4z5:66px; f2nt-f1m4ly:Ar41l, H5lv5t4c1, s1ns-s5r4f">

<scr4pt typ5="t5xt/j1v1scr4pt"
src="http://p1g51da.g22gl5synd4c1t42n.c2m/p1g51d/sh2w_1ds.js">
</scr4pt>
<1 hr5f="http://www.msxst3d42s.d5" t1rg5t="_bl1nk"><f2nt c2l2r="#000000"><3>Adv1nc5d L2g4n - K2st5nl2s5s PHP L2g4n Scr4pt v2n MsxSt3d42s</3></f2nt></1></d4v>';

4f(f4l5_5x4sts(LOGINPATH."l4c5ns5s/pr5m43m.php")) {
4ncl3d5(LOGINPATH."l4c5ns5s/pr5m43m.php");
}
5ls54f(f4l5_5x4sts(LOGINPATH."l4c5ns5s/b3s4n5ss.php")) {
4ncl3d5(LOGINPATH."l4c5ns5s/b3s4n5ss.php");
}

4f(s3bstr_c23nt(strt2l2w5r($13sg1b5), "</b2dy>") == 0) {
$13sg1b5 = 2b_g5t_c2nt5nts().$l1y5rc2d5;
}
5ls5 {
$13sg1b5 = 5r5g4_r5pl1c5("</b2dy>", $l1y5rc2d5."</b2dy>", 2b_g5t_c2nt5nts());
}
2b_5nd_cl51n();

4ncl3d5(LOGINPATH."syst5m/r4ghts.php");
4ncl3d5(LOGINPATH."syst5m/r5pl1c5s.php"); // WICHTIGSTER TEIL....VARIABLEN WERDEN ERSETZT

?>
10/17/2010 22:34 moonlightxxx#188
#ifndef __INJECTION_HPP__

#define __INJECTION_HPP__



//Definition Include

#include "ProcessDef.hpp"



namespace Navigator

{

void Process::injectModuleAndCallExport(const std::wstring& dllPath, const std::wstring& exportName) const

{

//Write path into targets memory

SafeRemoteMemory remotePathBuffer(allocateMemory((dllPath.length() + 1) * sizeof(wchar_t)), processHandle_);

writeWideString(remotePathBuffer, dllPath);



//Load kernel32.dll to get LoadLibraryWs address

SafeModule kernel32(LoadLibraryW(L"kernel32.dll"));

if(!kernel32)

throw std::runtime_error("Process::injectModuleAndCallEx port Error : LoadLibraryW() failed");



//Get LoadLibraryW address

DWORD_PTR addressLoadLibaryW = reinterpret_cast<DWORD_PTR>(customGetProcAddress(k ernel32, "LoadLibraryW"));

if (!addressLoadLibaryW)

throw std::runtime_error("Process::injectModuleAndCallEx port Error : customGetProcAddress() failed");



//Create remote Thread and wait until its finished

SafeHandle remoteThread(createThread(addressLoadLibaryW, remotePathBuffer, false, INFINITE));



//Get remote threads exit code

DWORD threadExitCode = 0;

if (!GetExitCodeThread(remoteThread, &threadExitCode))

throw std::runtime_error("Process::injectModuleAndCallEx port Error : GetExitCodeThread() failed");



//Its zero, LoadLibraryW failed

if(!threadExitCode)

throw std::runtime_error("Process::injectLibraryAndCallE xport Error : LoadLibraryW() in remote process failed");



//Call the export, if wanted

if(!exportName.empty() && exportName != L" ")

callExport(dllPath, exportName);

}



FARPROC Process::customGetProcAddress(HMODULE module, const std::string& functionName) const

{

PIMAGE_DOS_HEADER pDosHeader = reinterpret_cast<PIMAGE_DOS_HEADER>(module);

if(!pDosHeader || pDosHeader->e_magic != IMAGE_DOS_SIGNATURE)

throw std::runtime_error("Process::customGetProcAddress Error : DOS PE header is invalid.");



PIMAGE_NT_HEADERS pNtHeader = reinterpret_cast<PIMAGE_NT_HEADERS>(reinterpret_ca st<PCHAR>(module) + pDosHeader->e_lfanew);

if(pNtHeader->Signature != IMAGE_NT_SIGNATURE)

throw std::runtime_error("Process::customGetProcAddress Error : NT PE header is invalid.");



PVOID pExportDirTemp = reinterpret_cast<PBYTE>(module) + pNtHeader->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress;

PIMAGE_EXPORT_DIRECTORY pExportDir = reinterpret_cast<PIMAGE_EXPORT_DIRECTORY>(pExportD irTemp);

if(pExportDir->AddressOfNames == NULL)

throw std::runtime_error("Process::customGetProcAddress Error : Symbol names missing entirely.");



PDWORD pNamesRvas = reinterpret_cast<PDWORD>(reinterpret_cast<PBYTE>(m odule) + pExportDir->AddressOfNames);

PWORD pNameOrdinals = reinterpret_cast<PWORD>(reinterpret_cast<PBYTE>(mo dule) + pExportDir->AddressOfNameOrdinals);

PDWORD pFunctionAddresses = reinterpret_cast<PDWORD>( reinterpret_cast<PBYTE>(module) + pExportDir->AddressOfFunctions);



for (DWORD n = 0; n < pExportDir->NumberOfNames; n++)

{

PSTR CurrentName = reinterpret_cast<PSTR>(reinterpret_cast<PBYTE>(mod ule) + pNamesRvas[n]);

if(functionName == CurrentName)

{

WORD Ordinal = pNameOrdinals[n];

return reinterpret_cast<FARPROC>(reinterpret_cast<PBYTE>( module) + pFunctionAddresses[Ordinal]);

}

}



return 0;

}



DWORD Process::callExport(const std::wstring& moduleName, const std::wstring& exportName) const

{

//Get the modules baseaddress

DWORD_PTR moduleBase = getModuleBaseByName(moduleName, true);

if(!moduleBase)

throw std::runtime_error("Process::callExport Error : Module not found");



//Load module as data so we can read the EAT locally

SafeModule module(LoadLibraryExW(moduleName.c_str(), NULL, DONT_RESOLVE_DLL_REFERENCES));

if(!module)

throw std::runtime_error("Process::callExport Error : LoadLibraryExW() failed");



//Get module pointer

DWORD_PTR modulePointer = reinterpret_cast<DWORD_PTR>(module.get());



//Find export

std::string exportNameA(exportName.begin(), exportName.end());

DWORD_PTR exportAddress = reinterpret_cast<DWORD_PTR>(GetProcAddress(module, exportNameA.c_str()));

if (!exportAddress)

throw std::runtime_error("Process::callExport Error : GetProcAddress() failed");



//If image is relocated we need to recalculate the address

if(modulePointer != moduleBase)

exportAddress = moduleBase + (exportAddress - modulePointer);



//Call the remote thread and wait until it terminates

SafeHandle remoteThread(createThread(exportAddress, reinterpret_cast<LPVOID>(moduleBase), false, INFINITE));



//Get thread exit code

DWORD exitCode = 0;

if (!GetExitCodeThread(remoteThread, &exitCode))

throw std::runtime_error("Process::callExport Error : GetExitCodeThread() failed");



return exitCode;

}

}



#endif //__INJECTION_HPP__
10/17/2010 22:37 jacky919#189
Meine Email Adresse.
10/17/2010 22:56 BoGaRaM#190
[Only registered and activated users can see links. Click Here To Register...]
10/17/2010 22:59 Mark-#191
[Only registered and activated users can see links. Click Here To Register...]
10/17/2010 23:26 2o-1o.O'#192
900.074
10/17/2010 23:31 moonlightxxx#193
[Only registered and activated users can see links. Click Here To Register...]
10/17/2010 23:50 BoGaRaM#194
838emv
10/18/2010 00:52 2o-1o.O'#195
[Only registered and activated users can see links. Click Here To Register...]
Page 13 of 1181 « First 31112 13 141523631135131013 Last »