WoW Memory EditingWoW Memory Editing for learning purposes only.
This section is more advanced than others on MMOwnedRead the section specific rules, infractions will be given out if u break them!That is including the expectations! - If you don't meet them then don't post
Starting work again on my 'usermode rootkit' (codenamed 'WinNinja'), from scratch this time however.
It's going to be part of a generic anti-anti-cheat library I'm writing for both x86 and x64 (plus, it's fun).
First off, processes: [Only registered and activated users can see links. ]
TaskMgr is running as x64 in that screenshot (ProcessExplorer is shown to both show that and provide a comparison).
One funny thing I found whilst writing the process stuff is that if you hide all processes on the system TaskMgr will actually crash under Window 7. I haven't tested it recently on Vista, however on my old usermode rootkit if you did the same thing on Vista it would actually bring down the whole system! I'll be reinstalling my Vista VM later so I'll check then (currently I only have VMs of Windows 7 and Windows XP).
Files next. Woot woot.
__________________
[Only registered and activated users can see links. ]Back online!
"Science is interesting, and if you don't agree you can **** off." [Only registered and activated users can see links. ]
"I can write very coherent things when I try that sound very good" -- Styles
Donate to remove ads, get your "DONATOR title, and get access to the MMOwned community's elite Shoutbawx.
Its looking good quick question simple enough i guess but is windows 7 interface vastly different than the vista i dont wanna upgrade from my vista or xp yet.....scared lol is it worth the money to up? any major bugs in the interface or crashes like ur screen shot above?
Comming along pretty nicely!
Tell me... What is next on the roadmap?
Registry, modules (currently only hides itself, not arbitrary modules), windows, drivers, services, ports, network connections, etc.
Quote:
Originally Posted by apmad
Its looking good quick question simple enough i guess but is windows 7 interface vastly different than the vista i dont wanna upgrade from my vista or xp yet.....scared lol is it worth the money to up? any major bugs in the interface or crashes like ur screen shot above?
The screenshot is not a bug, it's my rootkit. >_>
Anyway, Windows 7 is awesome. Then again, I liked Windows Vista, so what teh **** do I know (or at least, that's the impression I get when I talk to the sheep who all hated Vista simply because they were told to).
__________________
[Only registered and activated users can see links. ]Back online!
"Science is interesting, and if you don't agree you can **** off." [Only registered and activated users can see links. ]
"I can write very coherent things when I try that sound very good" -- Styles
Then again, I liked Windows Vista, so what teh **** do I know (or at least, that's the impression I get when I talk to the sheep who all hated Vista simply because they were told to).
I saw your code last time I checked your blog, seems to be pretty simple & uncomplicated, I will certainly play a bit with it
Very nice stuff, thanks for sharing.
Just...what is the best way to do global WinAPI hooks?
Is there a different way except injecting into every newly created process ?
(or register your dll for automatic loading on every process-startup)
I saw your code last time I checked your blog, seems to be pretty simple & uncomplicated, I will certainly play a bit with it
Very nice stuff, thanks for sharing.
Just...what is the best way to do global WinAPI hooks?
Is there a different way except injecting into every newly created process ?
(or register your dll for automatic loading on every process-startup)
If you're in usermode you have to do it on a per-process basis.
__________________
[Only registered and activated users can see links. ]Back online!
"Science is interesting, and if you don't agree you can **** off." [Only registered and activated users can see links. ]
"I can write very coherent things when I try that sound very good" -- Styles
Anyway, Windows 7 is awesome. Then again, I liked Windows Vista, so what teh **** do I know (or at least, that's the impression I get when I talk to the sheep who all hated Vista simply because they were told to).
Vista has been good to me. I really have to try Windows 7 some day.
Perhaps you could also try a real programming language at the same time
Keep your goals realistic.
__________________
“Saying that Java is nice because it works on all OSes is like saying that anal sex is nice because it works on all genders.”
“If Java had true garbage collection, most programs would delete themselves upon execution.”
TOTM/W Award(s): 1
