augustoproiete

// Credits: John Stewien
// From: http://code.cheesydesign.com/?p=572

/*
Reading the Portable Executable (PE) header in C#
My job consists of writing fully custom applications for groups of people. The time pressure of these projects is quite high, so generally people start using the application while I’m still writing it, which means I write it modularly and add features as I go along. I also fix bugs as they are discovered. My clients are 2 tiered where expert users get a new build first, they test if for a while, and if they think it’s acceptable they then pass it on to others.

This method of distribution is quite ad-hoc so when a client rings me up and asks me to view their screen to look at something, it’s useful to know what build they are running. To facillitate this I print the link date in the main Window Title so I instantly have an idea about how old the version is that I am looking at. This date is calculated at run time. To do this requires reading in the Portable Executable (PE) header from th

gabemarshall

# Not secure by any means, just a PoC for XOR'ing data using powershell
# Credit to http://stackoverflow.com/questions/3478954/code-golf-xor-encryption

$enc = [System.Text.Encoding]::UTF8

function xor {
    param($string, $method)
    $xorkey = $enc.GetBytes("secretkey")

    if ($method -eq "decrypt"){

NaxAlpha

using System;
using System.Runtime.InteropServices;

public class FxHook:IDisposable {

	const int nBytes = 5;

	IntPtr addr;
	Protection old;
	byte[] src = new byte[5];

c0d3inj3cT

/* 
This code will hook the IAT by overwriting the function pointer of Sleep() imported from Kernel32.dll
It can be modified to hook any other function in the IAT
*/

#include <stdio.h>
#include <windows.h>

void spoofedfunction(DWORD);