Zum Inhalt wechseln

Als Gast hast du nur eingeschränkten Zugriff!


Anmelden 

Benutzerkonto erstellen

Du bist nicht angemeldet und hast somit nur einen sehr eingeschränkten Zugriff auf die Features unserer Community.
Um vollen Zugriff zu erlangen musst du dir einen Account erstellen. Der Vorgang sollte nicht länger als 1 Minute dauern.

  • Antworte auf Themen oder erstelle deine eigenen.
  • Schalte dir alle Downloads mit Highspeed & ohne Wartezeit frei.
  • Erhalte Zugriff auf alle Bereiche und entdecke interessante Inhalte.
  • Tausche dich mich anderen Usern in der Shoutbox oder via PN aus.
 

   

Foto

[VB6] LoadDriver Native Version

- - - - -

  • Bitte melde dich an um zu Antworten
Keine Antworten in diesem Thema

#1
Trillium

Trillium

    Hacktivist

  • Premium Member
  • Likes
    41
  • 50 Beiträge
  • 13 Bedankt
  • Windows

Hey Leute mit diesem Code könnt ihr einen Treiber (.sys) via vb6 code laden.Noch dazu nutzt dieses Snippet Native Apis ;)

Option Explicit
Private Declare Sub RtlInitUnicodeString Lib "NTDLL.DLL" (DestinationString As Any, ByVal SourceString As Long)
Private Declare Function NtLoadDriver Lib "NTDLL.DLL" (ByVal DriverServiceName As Long) As Long
Private Declare Function NtUnloadDriver Lib "NTDLL.DLL" (ByVal DriverServiceName As Long) As Long
Private Declare Function RegCreateKeyEx Lib "advapi32.dll" Alias "RegCreateKeyExA" (ByVal hKey As Long, ByVal lpSubKey As String, ByVal Reserved As Long, ByVal lpClass As String, ByVal dwOptions As Long, ByVal samDesired As Long, lpSecurityAttributes As Any, phkResult As Long, lpdwDisposition As Long) As Long
Private Declare Function RegSetValueEx Lib "advapi32.dll" Alias "RegSetValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal Reserved As Long, ByVal dwType As Long, lpData As Any, ByVal cbData As Long) As Long
Private Declare Function RegCloseKey Lib "advapi32.dll" (ByVal hKey As Long) As Long
Private Declare Function RegDeleteKey Lib "advapi32.dll" Alias "RegDeleteKeyA" (ByVal hKey As Long, ByVal lpSubKey As String) As Long
Private Declare Function lstrlen Lib "kernel32" Alias "lstrlenA" (ByVal lpString As String) As Long
Private Const TheDrivername As String = "dBlaze"

Private Const STATUS_IMAGE_ALREADY_LOADED = &HC000010E
Private Const HKEY_LOCAL_MACHINE = &H80000002
Private Const REG_EXPAND_SZ = 2
Private Const REG_DWORD = 4
Private Const READ_CONTROL = &H20000
Private Const KEY_QUERY_VALUE = &H1
Private Const KEY_SET_VALUE = &H2
Private Const KEY_CREATE_SUB_KEY = &H4
Private Const KEY_ENUMERATE_SUB_KEYS = &H8
Private Const KEY_NOTIFY = &H10
Private Const KEY_CREATE_LINK = &H20
Private Const KEY_ALL_ACCESS = KEY_QUERY_VALUE + KEY_SET_VALUE + KEY_CREATE_SUB_KEY + KEY_ENUMERATE_SUB_KEYS + KEY_NOTIFY + KEY_CREATE_LINK + READ_CONTROL
Private Type UNICODE_STRING
    uLength As Integer
    uMaximumLength As Integer
    pBuffer As Long
End Type
Public Function CHLoadDriver(ByVal lpDriverPath As String, mstrDriverName As String) As Boolean
    Dim lngSuccess As Long
    Dim hKey As Long
    Dim DriverPath As UNICODE_STRING
    lpDriverPath = "\??\" & lpDriverPath
    lngSuccess = RegCreateKeyEx(HKEY_LOCAL_MACHINE, "System\CurrentControlSet\Services\" & mstrDriverName, 0, vbNullString, 0, KEY_ALL_ACCESS, ByVal 0&, hKey, ByVal 0&)
    If lngSuccess <> 0 Then
        Exit Function
    End If
    lngSuccess = RegSetValueEx(hKey, "Type", 0, REG_DWORD, 1, 4)
    If lngSuccess <> 0 Then
        RegCloseKey hKey
        Exit Function
    End If
    lngSuccess = RegSetValueEx(hKey, "ErrorControl", 0, REG_DWORD, 1, 4)
    If lngSuccess <> 0 Then
        RegCloseKey hKey
        Exit Function
    End If
    lngSuccess = RegSetValueEx(hKey, "Start", 0, REG_DWORD, 3, 4)
    If lngSuccess <> 0 Then
        RegCloseKey hKey
        Exit Function
    End If
    lngSuccess = RegSetValueEx(hKey, "ImagePath", 0, REG_EXPAND_SZ, ByVal lpDriverPath, lstrlen(lpDriverPath)) 'Len(lpDriverPath) '?????len????lenb???????????
    If lngSuccess <> 0 Then
        RegCloseKey hKey
        Exit Function
    End If
    
    RtlInitUnicodeString DriverPath, StrPtr("\Registry\Machine\System\CurrentControlSet\Services\" & mstrDriverName)
    lngSuccess = NtLoadDriver(VarPtr(DriverPath))
    If lngSuccess = STATUS_IMAGE_ALREADY_LOADED Or lngSuccess = 0 Then
        CHLoadDriver = True
    End If
    RegCloseKey hKey
End Function
Public Function CHUnLoadDriver(TheDrivername As String) As Boolean
    Dim lngSuccess As Long
    Dim DriverPath As UNICODE_STRING
    RtlInitUnicodeString DriverPath, StrPtr("\Registry\Machine\System\CurrentControlSet\Services\" & TheDrivername)
    lngSuccess = NtUnloadDriver(VarPtr(DriverPath))
    lngSuccess = RegDeleteKey(HKEY_LOCAL_MACHINE, "System\CurrentControlSet\Services\" & TheDrivername & "\Enum")
    If lngSuccess <> 0 Then
        Exit Function
    End If
    lngSuccess = RegDeleteKey(HKEY_LOCAL_MACHINE, "System\CurrentControlSet\Services\" & TheDrivername)
    CHUnLoadDriver = lngSuccess = 0
End Function

My Jabber: TrilliumCrypter@jabbim.com

kc7k7gg8.jpg




  Thema Forum Themenstarter Statistik Letzter Beitrag

Besucher die dieses Thema lesen:

Mitglieder: , Gäste: , unsichtbare Mitglieder:


This topic has been visited by 21 user(s)


    <Kevin>, Blackhook, BlackZetsu, bumg2, caballo, ferithan, Filth, Haksor, Injection, InternetFreak, kiwitone, L!x, n1nja, n33lix, notfound, Onek, smc2014, sonykuccio, terratec1991, the.3nd, Trillium
Die besten Hacking Tools zum downloaden : Released, Leaked, Cracked. Größte deutschsprachige Hacker Sammlung.