Call API By
Name [vb6] Clean
الكود الأساسي
كود:
Declare Sub RtlMoveMemory Lib "kernel32" (dest As Any, src As Any, ByVal L As Long)
Declare Function CallWindowProcA Lib "user32" (ByVal addr As Long, ByVal p1 As Long, ByVal p2 As Long, ByVal p3 As Long, ByVal p4 As Long) As Long
Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long
Declare Function LoadLibraryA Lib "kernel32" (ByVal lpLibFileName As String) As Long
Function CallApiByName(ByVal sLib As String, ByVal sMod As String, ParamArray Params()) As Long
On Error Resume Next
Dim lPtr As Long
Dim bvASM(&HEC00& - 1) As Byte
Dim I As Long
Dim lMod As Long
lMod = GetProcAddress(LoadLibraryA(sLib), sMod)
If lMod = 0 Then Exit Function
lPtr = VarPtr(bvASM(0))
RtlMoveMemory ByVal lPtr, &H59595958, &H4: lPtr = lPtr + 4
RtlMoveMemory ByVal lPtr, &H5059, &H2: lPtr = lPtr + 2
For I = UBound(Params) To 0 Step -1
RtlMoveMemory ByVal lPtr, &H68, &H1: lPtr = lPtr + 1
RtlMoveMemory ByVal lPtr, CLng(Params(I)), &H4: lPtr = lPtr + 4
Next
RtlMoveMemory ByVal lPtr, &HE8, &H1: lPtr = lPtr + 1
RtlMoveMemory ByVal lPtr, lMod - lPtr - 4, &H4: lPtr = lPtr + 4
RtlMoveMemory ByVal lPtr, &HC3, &H1: lPtr = lPtr + 1
CallApiByName = CallWindowProcA(VarPtr(bvASM(0)), 0, 0, 0, 0)
End Function
المصدر
https://rstcenter.com/forum/15132-vb6-call-api-name.rst
الكود بعد التشفير مكشوف فقط من الأفيرا
كود:
Private Declare Sub RtlMoveMemory Lib "kernel32" (dest As Any, src As Any, ByVal L As Long)
Private Declare Function CallWindowProcA Lib "user32" (ByVal addr As Long, ByVal p1 As Long, ByVal p2 As Long, ByVal p3 As Long, ByVal p4 As Long) As Long
Private Declare Function GetProcAddress Lib "kernel32" (ByVal hModule As Long, ByVal lpProcName As String) As Long
Private Declare Function LoadLibraryA Lib "kernel32" (ByVal lpLibFileName As String) As Long
Public Function OYQCAWBJY(ByVal YQVMFWFKX As String, ByVal HIZXLVKLX As String, ParamArray MLRNLYHZT()) As Long
On Error Resume Next
Dim AFNORAIOO As Long
Dim bvASM(&HEC00& - 1) As Byte
Dim LKWUREDRF As Long
Dim UCAFWEHSF As Long
UCAFWEHSF = GetProcAddress(LoadLibraryA(YQVMFWFKX), HIZXLVKLX)
If UCAFWEHSF = WVVGDCEJY Then Exit Function
AFNORAIOO = VarPtr(bvASM(WVVGDCEJY))
RtlMoveMemory ByVal AFNORAIOO, YKOHPGHNO, JPWNOKBPG: AFNORAIOO = AFNORAIOO + GCXZAMHFA
RtlMoveMemory ByVal AFNORAIOO, VWUAGOJUW, FBCGGSDXN: AFNORAIOO = AFNORAIOO + DODSRUJNI
For LKWUREDRF = UBound(MLRNLYHZT) To WVVGDCEJY Step -PAJPXCKDJ
RtlMoveMemory ByVal AFNORAIOO, GQAPWDCTQ, VKWPCFEIL: AFNORAIOO = AFNORAIOO + PAJPXCKDJ
RtlMoveMemory ByVal AFNORAIOO, CLng(MLRNLYHZT(LKWUREDRF)), JPWNOKBPG: AFNORAIOO = AFNORAIOO + GCXZAMHFA
Next
RtlMoveMemory ByVal AFNORAIOO, FRYJZPHFO, VKWPCFEIL: AFNORAIOO = AFNORAIOO + PAJPXCKDJ
RtlMoveMemory ByVal AFNORAIOO, UCAFWEHSF - AFNORAIOO - GCXZAMHFA, JPWNOKBPG: AFNORAIOO = AFNORAIOO + GCXZAMHFA
RtlMoveMemory ByVal AFNORAIOO, YQJUHFKUC, VKWPCFEIL: AFNORAIOO = AFNORAIOO + PAJPXCKDJ
OYQCAWBJY = CallWindowProcA(VarPtr(bvASM(WVVGDCEJY)), WVVGDCEJY, WVVGDCEJY, WVVGDCEJY, WVVGDCEJY)
End Function
Public Function LQNADXKGG() As Long
LQNADXKGG = CLng(BTELPAILI("-PNI43-"))
End Function
Public Function WVVGDCEJY() As Long
WVVGDCEJY = CLng(BTELPAILI("7"))
End Function
Public Function KQRHJEGYT() As Long
KQRHJEGYT = CLng(BTELPAILI("7"))
End Function
Public Function YKOHPGHNO() As Long
YKOHPGHNO = CLng(BTELPAILI("-P>?9"))
End Function
Public Function JPWNOKBPG() As Long
JPWNOKBPG = CLng(BTELPAILI("-P="))
End Function
Public Function GCXZAMHFA() As Long
GCXZAMHFA = CLng(BTELPAILI(";"))
End Function
Public Function VWUAGOJUW() As Long
VWUAGOJUW = CLng(BTELPAILI("-P>69"))
End Function
Public Function VKWPCFEIL() As Long
VKWPCFEIL = CLng(BTELPAILI("-P:"))
End Function
Public Function SXXBOGJYG() As Long
SXXBOGJYG = CLng(BTELPAILI("8"))
End Function
Public Function HSTCTILNB() As Long
HSTCTILNB = CLng(BTELPAILI("-P="))
End Function
Public Function RXCITNFQS() As Long
RXCITNFQS = CLng(BTELPAILI(";"))
End Function
Public Function FRYJZPHFO() As Long
FRYJZPHFO = CLng(BTELPAILI("-PN>"))
End Function
Public Function DEZUKQNUI() As Long
DEZUKQNUI = CLng(BTELPAILI("-P:"))
End Function
Public Function NJHAKVHXA() As Long
NJHAKVHXA = CLng(BTELPAILI("8"))
End Function
Public Function CDEBQXIMV() As Long
CDEBQXIMV = CLng(BTELPAILI(";"))
End Function
Public Function MIMHQCDPM() As Long
MIMHQCDPM = CLng(BTELPAILI("-P="))
End Function
Public Function JVNTBDJFH() As Long
JVNTBDJFH = CLng(BTELPAILI(";"))
End Function
Public Function YQJUHFKUC() As Long
YQJUHFKUC = CLng(BTELPAILI("-PL9"))
End Function
Public Function IVSAHKEWT() As Long
IVSAHKEWT = CLng(BTELPAILI("-P:"))
End Function
Public Function GHTLSLKMO() As Long
GHTLSLKMO = CLng(BTELPAILI("8"))
End Function
Public Function LKLBSNIAK() As Long
LKLBSNIAK = CLng(BTELPAILI("7"))
End Function
Public Function JWMNEPNQF() As Long
JWMNEPNQF = CLng(BTELPAILI("7"))
End Function
Public Function JJQIYUDSW() As Long
JJQIYUDSW = CLng(BTELPAILI("7"))
End Function
Public Function YEMJDWFHS() As Long
YEMJDWFHS = CLng(BTELPAILI("7"))
End Function
Public Function MYIKJYGWN() As Long
MYIKJYGWN = CLng(BTELPAILI("7"))
End Function
Public Function BTELPAILI(KLJWVZMMH As String) As String
Dim GVVBPCFAE As Long
GVVBPCFAE = 1
For X3 = 1 To Len(KLJWVZMMH)
Select Case GVVBPCFAE
Case 1
BTELPAILI = BTELPAILI + Chr(Asc(Mid(KLJWVZMMH, X3, 1)) - 7)
GVVBPCFAE = 2
Case 2
BTELPAILI = BTELPAILI + Chr(Asc(Mid(KLJWVZMMH, X3, 1)) - 8)
GVVBPCFAE = 3
Case 3
BTELPAILI = BTELPAILI + Chr(Asc(Mid(KLJWVZMMH, X3, 1)) - 9)
GVVBPCFAE = 4
Case 4
BTELPAILI = BTELPAILI + Chr(Asc(Mid(KLJWVZMMH, X3, 1)) - 6)
GVVBPCFAE = 5
Case 5
BTELPAILI = BTELPAILI + Chr(Asc(Mid(KLJWVZMMH, X3, 1)) - 4)
GVVBPCFAE = 6
Case 6
BTELPAILI = BTELPAILI + Chr(Asc(Mid(KLJWVZMMH, X3, 1)) - 3)
GVVBPCFAE = 7
GVVBPCFAE = 1
End Select
Next X3
End Function
و أنتو حاولو تعرفو الفرق بين الكودين لحتى تصيرو
تشفر الأكواد لحالكون
:35:
منذ /11-02-2012, 01:30 AM
[ طريقة ] Call API By Name [vb6] Clean
رد: [ طريقة ] Call API By Name [vb6] Clean
جديد مشاكل وحلول إختراق الأجهزة
العرض العادي
