tyanhday
21-03-11, 10:08 PM
//an main hoac bat cu chuong trinh gi = driver!
//siu tam va fix boi dh
#include <windows.h>
#include<iostream>
using namespace std;
typedef struct _hpstruct{
UINT uPid;
UINT uFlinkOffset;
}hpstruct;
BOOL DeleteHideProcService();
UINT guOffset;
UINT win2k;
UINT winxp;
UINT winvista;
UINT win7;
void hidemain()
{
//cout<<GetCurrentProcessId()<<endl;
printf("PID goc:%d\n",GetCurrentProcessId());
if(sizeof(int *)==4)
{
MessageBoxA(0,"Ban chay tren moi truong 32 bit","DH",0);
win2k=0xA0;
winxp=0x88;
winvista=0xA0;
win7=0xB8;
}
else if(sizeof(int *)==8)
{
MessageBoxA(0,"Ban chay tren moi truong 64 bit","DH",0);
win2k=0xA0;
winxp=0x88;
winvista=0xE8;
win7=0x188;
}
HANDLE hFile;
DWORD dwReturn;
SC_HANDLE hSCManager;
SC_HANDLE hService;
SERVICE_STATUS ss;
char driverPath[MAX_PATH];
DeleteHideProcService();
GetSystemDirectory(driverPath, MAX_PATH);
strcat(driverPath, "\\drivers\\HideProc.sys");
CopyFile("HideProc.sys", driverPath, FALSE);
hSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_CREATE_SERVICE);
if(hSCManager){
hService = CreateService(hSCManager,
"HideProc",
"HideProc Driver",
SERVICE_START | DELETE | SERVICE_STOP,
SERVICE_KERNEL_DRIVER,
SERVICE_DEMAND_START,
SERVICE_ERROR_IGNORE,
driverPath,
NULL,
NULL,
NULL,
NULL,
NULL);
if(!hService){
hService = OpenService(hSCManager, "HideProc", SERVICE_START | DELETE | SERVICE_STOP);
}
if(hService){
StartService(hService, 0, NULL);
hFile = CreateFile("\\\\.\\HideProc",
GENERIC_READ | GENERIC_WRITE,
0,
NULL,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL,
NULL);
if(hFile){
hpstruct hps;
OSVERSIONINFO osvi;
BOOL bValidOS;
ZeroMemory(&osvi, sizeof(OSVERSIONINFO));
osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
GetVersionEx(&osvi);
if(osvi.dwPlatformId == VER_PLATFORM_WIN32_NT && osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 1){
MessageBoxA(0,"Win XP","MU",0);
guOffset = winxp;
bValidOS = TRUE;
}else if(osvi.dwPlatformId == VER_PLATFORM_WIN32_NT && osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 0){
MessageBoxA(0,"Win 2000","MU",0);
guOffset = win2k;
bValidOS = TRUE;
}else if(osvi.dwPlatformId == VER_PLATFORM_WIN32_NT && osvi.dwMajorVersion == 6 && osvi.dwMinorVersion == 0){
MessageBoxA(0,"Win Vista","MU",0);
guOffset = winvista;
}
else if(osvi.dwPlatformId == VER_PLATFORM_WIN32_NT && osvi.dwMajorVersion == 6 && osvi.dwMinorVersion == 1){
MessageBoxA(0,"Win 7","MU",0);
guOffset = win7;
}
else{
MessageBoxA(0,"Khong ho tro phien ban Windows nay","MU",0);
ExitProcess(0);
}
if(bValidOS){
ZeroMemory(&hps, sizeof(hpstruct));
hps.uPid=GetCurrentProcessId();
hps.uFlinkOffset = guOffset;
if(!WriteFile(hFile, &hps, sizeof(hpstruct), &dwReturn, NULL)){
MessageBoxA(0,"Loi khong the hide Loi file hideProc.sys","MU",0);
ExitProcess(0);
}
}
CloseHandle(hFile);
}else{
MessageBoxA(0,"Loi khong the hide","MU",0);
ExitProcess(0);
}
}
}
ControlService(hService, SERVICE_CONTROL_STOP, &ss);
CloseServiceHandle(hService);
DeleteService(hService);
DeleteFile(driverPath);
}
int main()
{
hidemain();
while(1)
{
Sleep(1);
}
return 1;
}
BOOL DeleteHideProcService() {
SC_HANDLE hSCManager;
SC_HANDLE hService;
hSCManager = OpenSCManager(
NULL,
NULL,
SC_MANAGER_ALL_ACCESS);
if (!hSCManager){
printf("Failed: %d\n", GetLastError());
}
hService = OpenService(hSCManager, TEXT("HideProc"), DELETE);
if (!hService){
printf("Failed: %d\n", GetLastError());
return FALSE;
}
if (!DeleteService(hService) ) {
printf("Failed: %d\n", GetLastError());
return FALSE;
}else{
}
CloseServiceHandle(hService);
return TRUE;
}
BOOL APIENTRY DllMain( HANDLE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
{
if(ul_reason_for_call==DLL_PROCESS_ATTACH)
{
hidemain();
}
else
{
}
return TRUE;
}
đây là soure code Hide main của DH_table gì đó share . nhưng ko có gọi hàm , ai biết cách thêm hàm gọị vào vs đc k
//siu tam va fix boi dh
#include <windows.h>
#include<iostream>
using namespace std;
typedef struct _hpstruct{
UINT uPid;
UINT uFlinkOffset;
}hpstruct;
BOOL DeleteHideProcService();
UINT guOffset;
UINT win2k;
UINT winxp;
UINT winvista;
UINT win7;
void hidemain()
{
//cout<<GetCurrentProcessId()<<endl;
printf("PID goc:%d\n",GetCurrentProcessId());
if(sizeof(int *)==4)
{
MessageBoxA(0,"Ban chay tren moi truong 32 bit","DH",0);
win2k=0xA0;
winxp=0x88;
winvista=0xA0;
win7=0xB8;
}
else if(sizeof(int *)==8)
{
MessageBoxA(0,"Ban chay tren moi truong 64 bit","DH",0);
win2k=0xA0;
winxp=0x88;
winvista=0xE8;
win7=0x188;
}
HANDLE hFile;
DWORD dwReturn;
SC_HANDLE hSCManager;
SC_HANDLE hService;
SERVICE_STATUS ss;
char driverPath[MAX_PATH];
DeleteHideProcService();
GetSystemDirectory(driverPath, MAX_PATH);
strcat(driverPath, "\\drivers\\HideProc.sys");
CopyFile("HideProc.sys", driverPath, FALSE);
hSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_CREATE_SERVICE);
if(hSCManager){
hService = CreateService(hSCManager,
"HideProc",
"HideProc Driver",
SERVICE_START | DELETE | SERVICE_STOP,
SERVICE_KERNEL_DRIVER,
SERVICE_DEMAND_START,
SERVICE_ERROR_IGNORE,
driverPath,
NULL,
NULL,
NULL,
NULL,
NULL);
if(!hService){
hService = OpenService(hSCManager, "HideProc", SERVICE_START | DELETE | SERVICE_STOP);
}
if(hService){
StartService(hService, 0, NULL);
hFile = CreateFile("\\\\.\\HideProc",
GENERIC_READ | GENERIC_WRITE,
0,
NULL,
OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL,
NULL);
if(hFile){
hpstruct hps;
OSVERSIONINFO osvi;
BOOL bValidOS;
ZeroMemory(&osvi, sizeof(OSVERSIONINFO));
osvi.dwOSVersionInfoSize = sizeof(OSVERSIONINFO);
GetVersionEx(&osvi);
if(osvi.dwPlatformId == VER_PLATFORM_WIN32_NT && osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 1){
MessageBoxA(0,"Win XP","MU",0);
guOffset = winxp;
bValidOS = TRUE;
}else if(osvi.dwPlatformId == VER_PLATFORM_WIN32_NT && osvi.dwMajorVersion == 5 && osvi.dwMinorVersion == 0){
MessageBoxA(0,"Win 2000","MU",0);
guOffset = win2k;
bValidOS = TRUE;
}else if(osvi.dwPlatformId == VER_PLATFORM_WIN32_NT && osvi.dwMajorVersion == 6 && osvi.dwMinorVersion == 0){
MessageBoxA(0,"Win Vista","MU",0);
guOffset = winvista;
}
else if(osvi.dwPlatformId == VER_PLATFORM_WIN32_NT && osvi.dwMajorVersion == 6 && osvi.dwMinorVersion == 1){
MessageBoxA(0,"Win 7","MU",0);
guOffset = win7;
}
else{
MessageBoxA(0,"Khong ho tro phien ban Windows nay","MU",0);
ExitProcess(0);
}
if(bValidOS){
ZeroMemory(&hps, sizeof(hpstruct));
hps.uPid=GetCurrentProcessId();
hps.uFlinkOffset = guOffset;
if(!WriteFile(hFile, &hps, sizeof(hpstruct), &dwReturn, NULL)){
MessageBoxA(0,"Loi khong the hide Loi file hideProc.sys","MU",0);
ExitProcess(0);
}
}
CloseHandle(hFile);
}else{
MessageBoxA(0,"Loi khong the hide","MU",0);
ExitProcess(0);
}
}
}
ControlService(hService, SERVICE_CONTROL_STOP, &ss);
CloseServiceHandle(hService);
DeleteService(hService);
DeleteFile(driverPath);
}
int main()
{
hidemain();
while(1)
{
Sleep(1);
}
return 1;
}
BOOL DeleteHideProcService() {
SC_HANDLE hSCManager;
SC_HANDLE hService;
hSCManager = OpenSCManager(
NULL,
NULL,
SC_MANAGER_ALL_ACCESS);
if (!hSCManager){
printf("Failed: %d\n", GetLastError());
}
hService = OpenService(hSCManager, TEXT("HideProc"), DELETE);
if (!hService){
printf("Failed: %d\n", GetLastError());
return FALSE;
}
if (!DeleteService(hService) ) {
printf("Failed: %d\n", GetLastError());
return FALSE;
}else{
}
CloseServiceHandle(hService);
return TRUE;
}
BOOL APIENTRY DllMain( HANDLE hModule, DWORD ul_reason_for_call, LPVOID lpReserved)
{
if(ul_reason_for_call==DLL_PROCESS_ATTACH)
{
hidemain();
}
else
{
}
return TRUE;
}
đây là soure code Hide main của DH_table gì đó share . nhưng ko có gọi hàm , ai biết cách thêm hàm gọị vào vs đc k