Page 2 of 2 FirstFirst 12
Results 16 to 21 of 21
  1. 02-07-2013 #16
    Raow
    Raow is offline
    Banned
    BANNED!
    Raow's Avatar
    Join Date
    Nov 2010
    Gender
    male
    Location
    47°37′39″N 122°14′32″W
    Posts
    2,720
    Reputation
    140
    Thanks
    594
    Send a message via Birdie™ to Raow Australia AsianSuicide raow25
    Or, create a separate application that checks for the original apps process, if it detects it, ermm, do nothing/kill shit that kills it, then if it doesn't detect it the original app i restarts it?
    Reply With Quote Reply With Quote
  2. 02-07-2013 #17
    giniyat101
    giniyat101 is offline
    MPGH Member
    giniyat101's Avatar
    Join Date
    Sep 2011
    Gender
    male
    Location
    Not telling.
    Posts
    1,935
    Reputation
    130
    Thanks
    1,380
    My Mood
    Dead
    Send a message via Birdie™ to giniyat101 Egypt
    code a driver that hooks ZwTerminateProcess?


     



    [img]https://i43.photobucke*****m/albums/e367/DeteSting/Steam-update.gif[/img]
    Reply With Quote Reply With Quote
  3. 02-07-2013 #18
    Matroix73
    Matroix73 is offline
    Honesty is an expensive gift do not expect it from cheap people!
    MPGH Member
    Matroix73's Avatar
    Join Date
    Jan 2013
    Gender
    male
    Posts
    706
    Reputation
    42
    Thanks
    5,624
    My Mood
    Confused
    Send a message via Birdie™ to Matroix73 Australia
    What this will do is it will set your process as a critical process, making it unkillable. However because .NET programs are run as user what, on kill it will result with a BSoD. When run as system it cannot be killed.

    Code:
    <DllImport("ntdll.dll", SetLastError:=True)> _
    Private Sub RtlSetProcessIsCritical(v1 As UInt32, v2 As UInt32, v3 As UInt32)
    End Sub

    Public Sub BulletProof()
        Process.EnterDebugMode()
        RtlSetProcessIsCritical(1, 0, 0)
    End Sub

    Public Sub Killable()
        RtlSetProcessIsCritical(0, 0, 0)
    End Sub
    Reply With Quote Reply With Quote
  4. 02-07-2013 #19
    Jason
    Jason is offline
    Hung like a rabbit
    Former Staff
    Jason's Avatar
    Join Date
    Apr 2010
    Gender
    male
    Location
    /dev/null
    Posts
    5,704
    Reputation
    918
    Thanks
    7,676
    My Mood
    Mellow
    Send a message via Birdie™ to Jason Australia
    Quote Originally Posted by Matroix73 View Post
    What this will do is it will set your process as a critical process, making it unkillable. However because .NET programs are run as user what, on kill it will result with a BSoD. When run as system it cannot be killed.

    Code:
    <DllImport("ntdll.dll", SetLastError:=True)> _
    Private Sub RtlSetProcessIsCritical(v1 As UInt32, v2 As UInt32, v3 As UInt32)
    End Sub

    Public Sub BulletProof()
        Process.EnterDebugMode()
        RtlSetProcessIsCritical(1, 0, 0)
    End Sub

    Public Sub Killable()
        RtlSetProcessIsCritical(0, 0, 0)
    End Sub
    Never, ever use RtlSetProcessIsCritical. This doesn't make the process "unkillable", it just means that if you DO kill the process, you will BSoD.

    Quote Originally Posted by Jeremy S. Anderson
    There are only two things to come out of Berkley, Unix and LSD,
    and I don’t think this is a coincidence
    You can win the rat race,
    But you're still nothing but a fucking RAT.

    ++Latest Projects++
    [Open Source] Injection Library
    Simple PE Cipher
    FilthyHooker - Simple Hooking Class
    CLR Injector - Inject .NET dlls with ease
    Simple Injection - An in-depth look
    MPGH's .NET SDK
    eJect - Simple Injector
    Basic PE Explorer (BETA)
    Reply With Quote Reply With Quote
  5. 02-07-2013 #20
    DawgiiStylz
    DawgiiStylz is offline
    Banned
    BANNED!
    DawgiiStylz's Avatar
    Join Date
    Aug 2009
    Gender
    male
    Location
    Dawg House
    Posts
    7,811
    Reputation
    219
    Thanks
    2,896
    My Mood
    Tired
    Send a message via Birdie™ to DawgiiStylz United States Nemesis-AR
    I wonder if there really is a way to do this
    Reply With Quote Reply With Quote
  6. 02-07-2013 #21
    Auxilium
    Auxilium is offline
    MPGH Member
    Auxilium's Avatar
    Join Date
    Jul 2010
    Gender
    male
    Location
    深い碧の果てに
    Posts
    4,518
    Reputation
    445
    Thanks
    609
    My Mood
    Happy
    Send a message via Birdie™ to Auxilium Japan pat19971997
    visual basic.net l33t virus maker in teh house
    Reply With Quote Reply With Quote
Page 2 of 2 FirstFirst 12
« Previous Thread | Next Thread »

Similar Threads

  1. [Application] Undetected Module Maker V1.0
    By radnomguywfq3 in forum Visual Basic Programming
    Replies: 72
    Last Post: 12-31-2009, 06:50 AM
  2. [Coder] Application
    By K2 WarHacker in forum General
    Replies: 12
    Last Post: 01-28-2008, 07:47 PM
  3. WarRock Mod Applications[DISCUSSION]
    By BPK in forum General
    Replies: 16
    Last Post: 12-22-2007, 07:25 PM
  4. Not a valid win32 application
    By terence in forum General Game Hacking
    Replies: 1
    Last Post: 02-03-2006, 06:52 AM