::
|
|
|
FuegoAlma
: 10.01.2010 : 222 : Ukraine
|
: 30, 2012 16:24 pm |
|
|
. - ? |
|
|
|
|
|
PoccuK
: 02.10.2006 : 417 : GakuenKino
|
: 30, 2012 17:12 pm |
|
|
, . -: share ex2 nodes . |
|
|
|
|
|
b-lize
|
|
|
|
FllearTM
: 06.12.2008 : 372 :
|
: 22, 2013 14:03 pm |
|
|
, Share windows 8 ? |
|
|
|
|
|
Shur
|
: 22, 2013 20:06 pm |
|
|
|
|
|
|
|
|
FllearTM
: 06.12.2008 : 372 :
|
: 23, 2013 17:09 pm |
|
|
. . |
|
|
|
|
|
Shur
|
|
|
|
FllearTM
: 06.12.2008 : 372 :
|
: 29, 2015 23:43 pm |
|
|
windows 8 - 8.1 - 10 |
|
|
|
|
|
smad
|
: 31, 2015 19:48 pm |
|
|
: |
#include <windows.h>
STARTUPINFO si;
PROCESS_INFORMATION pi;
void patch(int addr, int byte)
{
WriteProcessMemory(pi.hProcess, (void*)addr, &byte, 1, NULL);
}
int main()
{
si.cb = sizeof(si);
CreateProcess(NULL, "Share.exe", NULL, NULL, FALSE, CREATE_SUSPENDED, NULL, NULL, &si, &pi);
patch(0x0049B523, 0xEB);
patch(0x0049D1B8, 0xEB);
patch(0x0049B4B4, 0xEB);
patch(0x004b06b9, 0x00);
patch(0x004b06c4, 0xEB);
patch(0x0049B225, 0x00);
patch(0x0049B236, 0xEB);
patch(0x004b0743, 0xEB);
patch(0x004b0785, 0xEB);
patch(0x004b0821, 0xEB);
DWORD pmask, smask;
GetProcessAffinityMask(pi.hProcess, &pmask, &smask);
SetProcessAffinityMask(pi.hProcess, 1);
ResumeThread(pi.hThread);
Sleep(10000);
SetProcessAffinityMask(pi.hProcess, pmask);
return 0;
}
|
exe 7 ( je jne jle jae . jmp, )
, Shur.
Ps:
ShareLoader.7z - .Net,
" 1 "
: |
GetProcessAffinityMask(pi.hProcess, &pmask, &smask);
SetProcessAffinityMask(pi.hProcess, 1);
ResumeThread(pi.hThread);
Sleep(10000);
SetProcessAffinityMask(pi.hProcess, pmask); |
, - 8 , , , ... , 1 ( , ). |
|
|
|
|
|
Shur
|
: 06, 2015 22:39 pm |
|
|
start() , , 2
|
|
|
|
|
|
smad
|
: 07, 2015 18:38 pm |
|
|
( ), 7. 1 .
entry point, . , . YAGNI and KISS |
|
|
|
|
|
Shur
|
: 08, 2015 21:35 pm |
|
|
, |
|
|
|
|
|
|
|
,
|
xm0)m
h/`Ij`O瓈*>NOw*ӂY!tVe,vib |