codepad
[
create a new paste
]
login
|
about
Language:
C
C++
D
Haskell
Lua
OCaml
PHP
Perl
Plain Text
Python
Ruby
Scheme
Tcl
#include <windows.h> #include <stdio.h> //original code by waliedassar #pragma pack(push,1) struct opcode { #ifdef _WIN64 unsigned short int mov; #else unsigned char mov; #endif ULONG_PTR addr; unsigned char push; unsigned char ret; }; #pragma pack(pop) int main() { //set helpful title char title[256]=""; #ifdef _WIN64 sprintf(title, "anti-attach x64, PID: 0x%X (%u)", GetCurrentProcessId(), GetCurrentProcessId()); #else //x86 sprintf(title, "anti-attach x86, PID: 0x%X (%u)", GetCurrentProcessId(), GetCurrentProcessId()); #endif // _WIN64 SetConsoleTitleA(title); //get ExitProcess address ULONG_PTR pExitProcess = (ULONG_PTR)GetProcAddress(GetModuleHandleA("kernel32.dll"), "ExitProcess"); if(!pExitProcess) { puts("ExitProcess not found!"); return -1; } //setup hook opcodes opcode hook; #ifdef _WIN64 hook.mov = 0xB848; #else hook.mov = 0xB8; #endif hook.addr = pExitProcess; hook.push = 0x50; hook.ret = 0xc3; //write hook to process memory if(!WriteProcessMemory(GetCurrentProcess(), (void*)GetProcAddress(GetModuleHandleA("ntdll.dll"), "DbgUiRemoteBreakin"), &hook, sizeof(opcode), 0)) { puts("WriteProcessMemory failed!"); return -1; } //wallie while(1) { puts("wallied"); Sleep(1000); } return 0; }
Private
[
?
]
Run code
Submit