WSCPorts

i simple used the beta function TcpNameToIp($computer.name) it works great... ty so much for ur help ;}

#include <GuiConstants.au3> Global $NameSpace = ObjGet("WinNT:") Global $objDomain,$objPDC,$objComputer Dim $Filter[2] Dim $Stack[4096] Dim $StackPtr Dim $NetString,$DomString,$CompString,$oComputer GUICreate("Active Directory Computer Information Tool",300,250,100,300) GUISetState (@SW_SHOW) $DomList = GUICtrlCreateList("",10,10,250,100) $IPList = GUICtrlCreateList("",10,105,250,100) GetComputerNames() $msg = 0 While $msg <> $GUI_EVENT_CLOSE $msg = GUIGetMsg() Select case $msg = $DomList EndSelect Wend Exit ;stack[3~4096] are return areas unless otherwise stated in function ;Stack[2] = NumOfCurrentEntry ;Stack[1] = static Base ;Stack[0] = good or bad return 0 : 1 Func GetDomainNames() InitStack() $Filter[0] = "Domain" $NameSpace.Filter = $Filter For $objDomain in $NameSpace Push($objDomain.Name) Next DumpStack($DomList) EndFunc Func GetComputerNames() GetDomainNames() $DomString = Pop() $objPDC = ObjGet("WinNT://" & $DomString) If(IsObj($objPDC)) Then Cscl() $Filter[0] = "Computer" $objPDC.Filter = $Filter For $objComputer In $objPDC If(IsObj($objComputer)) Then Push("Computer Name: " & $objComputer.Name) Push("Computer OS: " & $objComputer.OperatingSystem) Push("Computer OS Version: " & $objComputer.OperatingSystemVersion) Push("Computer CPU: " & $objComputer.Processor) Push("Computer # CPU; " & $objComputer.ProcessorCount) EndIf DumpStack($IPList) Next Else;shouldnt Execute cleanup more later ... lol $DomString = Pop() Cscl() $objPDC = ObjGet("WinNT://" & $DomString) If(IsObj($objPDC)) Then $Filter[0] = "Computer" $objPDC.Filter = $Filter For $objComputer In $objPDC Push($objComputer.Name) Push($objComputer.OperatingSystem) Next DumpStack($IPList) EndIf EndIf EndFunc Func DumpStack($HWND);recvs WindowHandle to Dump Entries into If($Stack[2] > 0) Then $Stack[0] = 1 Local $NumStackEntry = $Stack[2] Do ;ConsoleWrite($StackPtr) GUICtrlSetData($HWND,$Stack[$Stack[1] + $Stack[2]]) If(@error <> 0) Then $Stack[0] = 0 Return $Stack[0] EndIf $Stack[2] = $Stack[2] - 1 Until $Stack[2] = 0 $Stack[2] = $NumStackEntry Return $Stack[0] Else $Stack[0] = 0 Return $Stack[0] EndIf EndFunc Func InitStack() $Stack[0] = 1;signify good ret $Stack[1] = 3;init stack current location $Stack[2] = 0;init stack Entries counter $StackPtr = $Stack[1] Do;clear rest $Stack[$StackPtr] = 0 $StackPtr = $StackPtr+1 Until $StackPtr >= 4096 $StackPtr = $Stack[1] EndFunc Func Cscl();clear stack current location $Stack[1] = 3 $Stack[2] = 0 EndFunc Func Push($Var) $Stack[2] = $Stack[2] + 1 $StackPtr = $Stack[1] + $Stack[2] $Stack[$StackPtr] = $Var EndFunc Func Pop() $StackPtr = $Stack[1] + $Stack[2] $Stack[2] = $Stack[2] - 1 Return $Stack[$StackPtr] EndFunc Func UserValidate($domain, $UserName, $Password) $Stack[0] = 1 Local $DomObj = $NameSpace.OpenDSObject("WinNT://" & $domain , $UserName, $Password, "&H0001") If @error <> 0 Then $Stack[0] = 0 EndIf Return $Stack[0] EndFunc well i got this far and i thought i saw something that had NSLookup and got the address from the output.. hard to find it...

how to call IADsComputer.get_NetAddress(BSTR *String)?? and can autotit call com methods? and why do i error out to olly when i do?

Hello Jonny this is very nice scripts u got here but it doesnt meet my needs at the moment what im trying to do is get a list of all computer names and with each Computer object Call get_NetAddresses($bStr) and print out the addresses this is what i got so far Global $NameSpace = ObjGet("WinNT:") Global $objDomain,$objPDC,$objComputer Dim $Filter[2] Dim $Stack[4096] Dim $StackPtr Dim $NetString,$DomString,$CompString GetComputerNames() Exit ;stack[3~4096] are return areas unless otherwise stated in function ;Stack[2] = NumOfCurrentEntry ;Stack[1] = static Base ;Stack[0] = good or bad return 0 : 1 Func GetDomainNames() InitStack() $Filter[0] = "Domain" $NameSpace.Filter = $Filter For $objDomain in $NameSpace Push($objDomain.Name) Next EndFunc Func GetComputerNames() GetDomainNames() $DomString = Pop() $objPDC = ObjGet("WinNT://" & $DomString) If(IsObj($objPDC)) Then Cscl() $Filter[0] = "Computer" $objPDC.Filter = $Filter For $objComputer In $objPDC $CompString = $objComputer.Name $CompString = $CompString & "." & $DomString $objComputer = ObjGet("WinNT://" & $CompString) With $objComputer .get_NetAddresses($NetString) EndWith Print($NetString) Next Else;shouldnt Execute cleanup more later ... lol $DomString = Pop() Cscl() $objPDC = ObjGet("WinNT://" & $DomString ) If(IsObj($objPDC)) Then $Filter[0] = "Computer" $objPDC.Filter = $Filter For $objComputer In $objPDC Push($objComputer.Name) $objComputer.get_NetAddresses($NetString) Print($String) Next EndIf EndIf EndFunc Func InitStack() $Stack[0] = 1;signify good ret $Stack[1] = 3;init stack current location $Stack[2] = 0;init stack Entries counter $StackPtr = $Stack[1] Do;clear rest $Stack[$StackPtr] = 0 $StackPtr = $StackPtr+1 Until $StackPtr >= 4096 $StackPtr = $Stack[1] EndFunc Func Cscl();clear stack current location $Stack[1] = 3 $Stack[2] = 0 EndFunc Func Push($Var) $Stack[$StackPtr] = $Var $Stack[2] = $Stack[2] + 1 $StackPtr = $Stack[1] + $Stack[2] EndFunc Func Pop() $Stack[2] = $Stack[2] - 1 $StackPtr = $Stack[1] + $Stack[2] Return $Stack[$StackPtr] EndFunc Func Print($str) ConsoleWrite($str) EndFunc

Technically u are all wrong... lol sc uses the LocalService Acct and not the system... if it comes up with the system, then that means there is a distinct vulnerabity just waiting to be exploited on 2k3 and xp and 2k systems.. privledge escalation is just one that comes to mind. this vulnerablity is described in pseudo code as such runAsSystem() EnableDebugPrivs() OpenProcessToken() DuplicateToken() use the duplicated token to do some nasty stuff;) even running as the LocalService Acct which is higher privledge then the administrator but lower then SYSTEM on can do some pretty nasty stuff.

10001000 >/$ B8 01000000 MOV EAX,1 10001005 \. C3 RETN 10001006 >/$ FF75 08 PUSH DWORD PTR SS:[EBP+8] 10001009 |. 8F45 F0 POP DWORD PTR SS:[EBP-10] 1000100C |. 8B4D F0 MOV ECX,DWORD PTR SS:[EBP-10] 1000100F |. 6A 00 PUSH 0 10001011 |. 6A 00 PUSH 0 10001013 |. 6A 00 PUSH 0 10001015 |. 6A 16 PUSH 16 10001017 |. FF31 PUSH DWORD PTR DS:[ECX] 10001019 |. 6A 10 PUSH 10 1000101B |. E8 36000000 CALL <JMP.&ntdll.ZwSystemDebugControl> 10001020 \. C3 RETN 10001021 >/$ FF75 08 PUSH DWORD PTR SS:[EBP+8] 10001024 |. 8F45 F0 POP DWORD PTR SS:[EBP-10] 10001027 |. 8B4D F0 MOV ECX,DWORD PTR SS:[EBP-10] 1000102A |. 6A 00 PUSH 0 1000102C |. 6A 00 PUSH 0 1000102E |. 6A 00 PUSH 0 10001030 |. 6A 16 PUSH 16 10001032 |. FF31 PUSH DWORD PTR DS:[ECX] 10001034 |. 6A 11 PUSH 11 10001036 |. E8 1B000000 CALL <JMP.&ntdll.ZwSystemDebugControl> 1000103B \. C3 RETN 1000103C >/$ 8BE5 MOV ESP,EBP 1000103E |. EB 01 JMP SHORT Sysenter.10001041 10001040 | B8 DB B8 10001041 |> 0F34 SYSENTER 10001043 |. 90 NOP 10001044 |. 90 NOP 10001045 \. C3 RETN 10001046 >/$ 60 PUSHAD 10001047 |. 9C PUSHFD 10001048 |. FA CLI 10001049 |. 8B45 08 MOV EAX,DWORD PTR SS:[EBP+8] 1000104C |. E8 EBFFFFFF CALL Sysenter.SysEnterCall 10001051 |. FB STI 10001052 |. 61 POPAD 10001053 |. 9D POPFD 10001054 \. C3 RETN 10001055 CC INT3 10001056 $-FF25 00200010 JMP DWORD PTR DS:[<&ntdll.ZwSystemDebugC>; ntdll.ZwSystemDebugControl NOO SOURCE FOR JOO ~~~!!!!!

yea that was a ugly attempt at it i do have to say :] TY very much for the comments as i am very rusty in autoit :[ been spending alot of time with C++ and asm so imma try to implement the fixs u suggest and see if i can get a outcome :]

im having a lil trouble opening physical memory with autoit could someone helps me? heres what i got so far, i know its got no error handling yet i wanna see results b4 i add error handling ;] Func LibLoad( $lpLibFileName ) $hKrnl = DllOpen("kernel32.dll") Local $LibHandle = DllCall($hKrnl, "int", "LoadLibraryA", "str", $lpLibFileName) DllClose($hKrnl) Return $LibHandle[0] EndFunc Func LibLoadEx($lpLibFileName, $hFile = 0, $dwFlags = 0) $hKrnl = DllOpen("kernel32.dll") Local $LibExHandle = DllCall($hKrnl, "int", "LoadLibraryEx", "str", $lpLibFileName, "int", $hFile, "int", $dwFlags) DllClose($hKrnl) Return $LibExHandle[0] EndFunc Func LibFree($DllHandle) $hKrnl = DllOpen("kernel32.dll") Local $LibFreed = DllCall($hKrnl, "int", "FreeLibrary", "int", $DllHandle) return $LibFreed[0] EndFunc Func GetProcAddress( $hModule, $lpProcName) $hKrnl = DllOpen("Kernel32.dll") Local $ProcessAddy = DllCall($hKrnl,"int","GetProcAddress","int",$hModule,"str",$lpProcName) DllClose($hKrnl) Return $ProcessAddy[0] EndFunc Func InvokeVirtAllocEx($FuncPtr,$hProcess,$lpAddress,$dwSize,$flAllocationType,$flProtect) $DllInvoke = DllOpen("Invoke.dll") Local $Result = DllCall($DllInvoke,"int","InvokeFunc","int",$FuncPtr,"int",$hProcess, "int",$lpAddress, "int",$dwSize, "int",$flAllocationType, "int",$flProtect) DllClose($DllInvoke) Return $Result[0] EndFunc Func _MemOpen($i_Pid, $i_Access = 0x1F0FFF, $i_Inherit = 0) Local $av_Return[2] = [DllOpen('kernel32.dll') ] Local $ai_Handle = DllCall($av_Return[0], 'int', 'OpenProcess', 'int', $i_Access, 'int', $i_Inherit, 'int', $i_Pid) If @error Then DllClose($av_Return[0]) SetError(1) Return 0 EndIf $av_Return[1] = $ai_Handle[0] DllClose($av_Return[0]) Return $av_Return[1] EndFunc ;==>_MemOpen Const $STANDARD_RIGHTS_REQUIRED = 0xF0000 Const $SECTION_QUERY = 0x1 Const $SECTION_MAP_WRITE = 0x2 Const $SECTION_MAP_READ = 0x4 Const $SECTION_MAP_EXECUTE = 0x8 Const $SECTION_EXTEND_SIZE = 0x10 Const $SECTION_ALL_ACCESS = BitOr($STANDARD_RIGHTS_REQUIRED, $SECTION_QUERY, $SECTION_MAP_WRITE, $SECTION_MAP_READ, $SECTION_MAP_EXECUTE, $SECTION_EXTEND_SIZE) Const $FILE_MAP_ALL_ACCESS = $SECTION_ALL_ACCESS $oa = "int;int;char;int;int;int" $Object_Attributes = DllStructCreate($oa) DllStructSetData($Object_Attributes, 1, DllStructGetSize($Object_Attributes)) DllStructSetData($Object_Attributes, 2, 0) DllStructSetData($Object_Attributes, 3, "\Device\PhysicalMemory") DllStructSetData($Object_Attributes, 4, 0) DllStructSetData($Object_Attributes, 5, 0) DllStructSetData($Object_Attributes, 6, 0) ;OBJECT_ATTRIBUTES oa ={sizeof(oa),0,&name,0,0,0}; Func InvokeOpenPhysMem(ByRef $pHandle) $DllInvoke = DllOpen("Invoke.dll") $hNT = LibLoad("ntdll.dll") Local $OpenSectionPtr = GetProcAddress($hNT, "ZwOpenSection") $Status = DllCall($DllInvoke, "int", $OpenSectionPtr, "int", $pHandle, "int", $SECTION_ALL_ACCESS, "ptr", DllStructGetPtr($Object_Attributes)) LibFree($hNT) DllClose($DllInvoke) Return $Status EndFunc $Phys = InvokeOpenPhysMem($PhysMem) MsgBox(0, "", $Phys) DllCall("kernel32.dll", "int", "CloseHandle", "int", $PhysMem) is this a better example

origanal code by Vladimir Scherbina *crazy Props to him* /* gate function code */ VOID __declspec(naked) GateProc(VOID){ __asm { cli // disable interrupts pushad // store all registers mov di, 0x30 mov fs, di call g_dwRing0ProcAdrr // calling *our* function to be executed in kernel mode mov di, 0x3B mov fs, di popad // restore registers sti // enable interrupts retf } } i am still in BETA TESTING STAGES for this and a few other things but if anyone wants to see the sample Of retreiving the EPROCESS if the systemprocess ill glady post up the autoit code and the modified invoke.dll ;]

Had some major problems with the virtualAllocEx Function and then The openProcess func did wanna work so i resorted to useing w0oters func's and a mix of my dll invoke feature. a point of advice if u use this dll dont use a dllopen Handle with it cause's strange errors use a libload / libfree pair works much better ;] so as for these changes i made to get it working on 2003 server sp1 should works for u 2 Func LibLoad( $lpLibFileName ) $hKrnl = DllOpen("kernel32.dll") $LibHandle = DllCall($hKrnl, "int", "LoadLibraryA", "str", $lpLibFileName) DllClose($hKrnl) Return $LibHandle[0] EndFunc Func LibFree($DllHandle) $hKrnl = DllOpen("kernel32.dll") $LibFreed = DllCall($hKrnl, "int", "FreeLibrary", "int", $DllHandle) return $LibFreed[0] EndFunc Func GetProcAddress( $hModule, $lpProcName) $hKrnl = DllOpen("Kernel32.dll") $ProcessAddy = DllCall($hKrnl,"int","GetProcAddress","int",$hModule,"str",$lpProcName) DllClose($hKrnl) Return $ProcessAddy[0] EndFunc Func InvokeVirtAllocEx($FuncPtr,$hProcess,$lpAddress,$dwSize,$flAllocationType,$flProtect) $DllInvoke = DllOpen("Invoke.dll") $Result = DllCall($DllInvoke,"int","InvokeFunc","int",$FuncPtr,"int",$hProcess, "int",$lpAddress, "int",$dwSize, "int",$flAllocationType, "int",$flProtect) DllClose($DllInvoke) Return $Result[0] EndFunc Func _MemOpen($i_Pid, $i_Access = 0x1F0FFF, $i_Inherit = 0) Local $av_Return[2] = [DllOpen('kernel32.dll') ] Local $ai_Handle = DllCall($av_Return[0], 'int', 'OpenProcess', 'int', $i_Access, 'int', $i_Inherit, 'int', $i_Pid) If @error Then DllClose($av_Return[0]) SetError(1) Return 0 EndIf $av_Return[1] = $ai_Handle[0] Return $av_Return[1] EndFunc ;==>_MemOpen #include-once #include <invOllyOut.au3> Func _InjectDll($hWnd, $dllpath) ;make sure the user passed valid parameters If $hWnd <= 0 Then SetError(-1) Return False ElseIf StringLen($dllpath) <= 4 Or StringRight($dllpath, 4) <> ".dll" Then SetError(-2) Return False EndIf Local $pid, $pHandle, $pLibRemote, $modHandle, $LoadLibraryA, $hThread ;open dll that we'll be using Local $kernel32 = DllOpen("kernel32.dll") ;get the pid from the window provided $pid = WinGetProcess( $hWnd ) If $pid = 0 Then SetError(-3) Return False EndIf ;open the process for writing $pHandle = _MemOpen($pid) If $pHandle <= 0 Then SetError(-4) Return False EndIf $hKrnl = LibLoad("Kernel32.dll") $ProcAddressPtr = GetProcAddress($hKrnl, "VirtualAllocEx") $pLibRemote = InvokeVirtAllocEx($ProcAddressPtr, $pHandle, 0, 1024, 0x1000, 0x40) If $pLibRemote <= 0 Then SetError(-5) Return False EndIf For $i = 0 To StringLen($dllpath) $ret = DllCall("kernel32.dll", "int", "WriteProcessMemory", "int", $pHandle, "int", $pLibRemote + $i, "int_ptr", Asc(StringMid($dllpath, $i + 1, 1)), "int", 1, "int", 0) If IsArray($ret) Then If $ret[0] = 0 Then SetError(-7) Return False EndIf Else SetError(-8) Return False EndIf Next $modHandle = DllCall($kernel32, "long", "GetModuleHandle", "str", "kernel32.dll") If IsArray($modHandle) Then If $modHandle[0] > 0 Then $modHandle = $modHandle[0] Else SetError(-9) Return False EndIf Else SetError(-10) Return False EndIf $LoadLibraryA = DllCall($kernel32, "long", "GetProcAddress", "long", $modHandle, "str", "LoadLibraryA") If IsArray($LoadLibraryA) Then If $LoadLibraryA[0] > 0 Then $LoadLibraryA = $LoadLibraryA[0] Else SetError(-11) Return False EndIf Else SetError (-12) Return False EndIf $hThread = DllCall($kernel32, "int", "CreateRemoteThread", "int", $pHandle, "int", 0, "int", 0, "long", $LoadLibraryA, "long", $pLibRemote, "int", 0, "int", 0) If IsArray($hThread) Then ConsoleWrite($hThread[0] & @CR) If $hThread[0] > 0 Then $hThread = $hThread[0] Else SetError(-13) Return False EndIf Else SetError(-14) Return False EndIf DllCall($kernel32, "int", "VirtualFreeEx", "int", $pHandle, "int", $pLibRemote, "int", 0x1000, "int", 0x8000) DllCall($kernel32, "int", "CloseHandle", "int", $hThread) DllCall($kernel32, "int", "CloseHandle", "int", $pHandle) DllClose($kernel32) Return True EndFunc U need MY DLL inordder for this version to work :[if his version does not work for u]: TY SO MUCH outshynd for hooking up create remote thread

modify to VB.Net AS NEEDED oh btw u have to add a referece to autoitx.dll in the compiler pparams and if ur devious you can register autoitx.dll through a file install and AutoItmation of regsvr32.exe hopefully u understand this concept and C# enough to convert it to VB.net this was NOT written by me nor is it the complete source or even the regular source ive modified it a lil bit but not enough to make drastic changes to the outcome of it. using System; using System.Drawing; using System.Collections; using System.ComponentModel; using System.Windows.Forms; using System.Data; using Microsoft.CSharp; using System.CodeDom; using System.CodeDom.Compiler; using System.Reflection; using System.IO; namespace CSharpScripter { /// <summary> /// Zusammenfassung für Form1. /// </summary> public class FormMain : System.Windows.Forms.Form { private System.Windows.Forms.RichTextBox rtfCode; private System.Windows.Forms.Button btnCompile; private System.Windows.Forms.Button btnExecute; private System.Windows.Forms.Button btnQuit; private System.Windows.Forms.Button btnLoad; /// <summary> /// Erforderliche Designervariable. /// </summary> private System.ComponentModel.Container components = null; public FormMain() { // // Erforderlich für die Windows Form-Designerunterstützung // InitializeComponent(); // // TODO: Fügen Sie den Konstruktorcode nach dem Aufruf von InitializeComponent hinzu // } /// <summary> /// Die verwendeten Ressourcen bereinigen. /// </summary> protected override void Dispose( bool disposing ) { if( disposing ) { if (components != null) { components.Dispose(); } } base.Dispose( disposing ); } #region Vom Windows Form-Designer generierter Code /// <summary> /// Erforderliche Methode für die Designerunterstützung. /// Der Inhalt der Methode darf nicht mit dem Code-Editor geändert werden. /// </summary> private void InitializeComponent() { this.rtfCode = new System.Windows.Forms.RichTextBox(); this.btnCompile = new System.Windows.Forms.Button(); this.btnExecute = new System.Windows.Forms.Button(); this.btnQuit = new System.Windows.Forms.Button(); this.btnLoad = new System.Windows.Forms.Button(); this.SuspendLayout(); // // rtfCode // this.rtfCode.Anchor = ((System.Windows.Forms.AnchorStyles)((((System.Windows.Forms.AnchorStyles.Top | System.Windows.Forms.AnchorStyles.Bottom) | System.Windows.Forms.AnchorStyles.Left) | System.Windows.Forms.AnchorStyles.Right))); this.rtfCode.BackColor = System.Drawing.Color.Gainsboro; this.rtfCode.Font = new System.Drawing.Font("Courier New", 9.75F, System.Drawing.FontStyle.Regular, System.Drawing.GraphicsUnit.Point, ((byte)(0))); this.rtfCode.Location = new System.Drawing.Point(8, 8); this.rtfCode.Name = "rtfCode"; this.rtfCode.ReadOnly = true; this.rtfCode.Size = new System.Drawing.Size(624, 280); this.rtfCode.TabIndex = 0; this.rtfCode.Text = ""; this.rtfCode.TextChanged += new System.EventHandler(this.rtfCode_TextChanged); // // btnCompile // this.btnCompile.Anchor = ((System.Windows.Forms.AnchorStyles)((System.Windows.Forms.AnchorStyles.Bottom | System.Windows.Forms.AnchorStyles.Left))); this.btnCompile.Location = new System.Drawing.Point(104, 296); this.btnCompile.Name = "btnCompile"; this.btnCompile.Size = new System.Drawing.Size(75, 23); this.btnCompile.TabIndex = 1; this.btnCompile.Text = "Compile"; this.btnCompile.Click += new System.EventHandler(this.btnCompile_Click); // // btnExecute // this.btnExecute.Anchor = ((System.Windows.Forms.AnchorStyles)((System.Windows.Forms.AnchorStyles.Bottom | System.Windows.Forms.AnchorStyles.Left))); this.btnExecute.Location = new System.Drawing.Point(184, 296); this.btnExecute.Name = "btnExecute"; this.btnExecute.Size = new System.Drawing.Size(75, 23); this.btnExecute.TabIndex = 2; this.btnExecute.Text = "Execute"; this.btnExecute.Click += new System.EventHandler(this.btnExecute_Click); // // btnQuit // this.btnQuit.Anchor = ((System.Windows.Forms.AnchorStyles)((System.Windows.Forms.AnchorStyles.Bottom | System.Windows.Forms.AnchorStyles.Right))); this.btnQuit.Location = new System.Drawing.Point(560, 296); this.btnQuit.Name = "btnQuit"; this.btnQuit.Size = new System.Drawing.Size(75, 23); this.btnQuit.TabIndex = 3; this.btnQuit.Text = "Quit"; this.btnQuit.Click += new System.EventHandler(this.btnQuit_Click); // // btnLoad // this.btnLoad.Anchor = ((System.Windows.Forms.AnchorStyles)((System.Windows.Forms.AnchorStyles.Bottom | System.Windows.Forms.AnchorStyles.Left))); this.btnLoad.Location = new System.Drawing.Point(8, 296); this.btnLoad.Name = "btnLoad"; this.btnLoad.Size = new System.Drawing.Size(88, 23); this.btnLoad.TabIndex = 4; this.btnLoad.Text = "Load Example"; this.btnLoad.Click += new System.EventHandler(this.btnLoad_Click); // // FormMain // this.AutoScaleBaseSize = new System.Drawing.Size(5, 13); this.ClientSize = new System.Drawing.Size(640, 325); this.Controls.Add(this.btnLoad); this.Controls.Add(this.btnQuit); this.Controls.Add(this.btnExecute); this.Controls.Add(this.btnCompile); this.Controls.Add(this.rtfCode); this.Name = "FormMain"; this.Text = "CSharpScripter"; this.ResumeLayout(false); } #endregion /// <summary> /// Der Haupteinstiegspunkt für die Anwendung. /// </summary> [STAThread] static void Main() { Application.Run(new FormMain()); } private void btnQuit_Click(object sender, System.EventArgs e) { Application.Exit(); } private void btnLoad_Click(object sender, System.EventArgs e) { using System.ComponentModel; this.rtfCode.Text = "using System;" + System.Environment.NewLine; this.rtfCode.Text += "using System.Collections;" + System.Environment.NewLine; this.rtfCode.Text += "using System.Xml;" + System.Environment.NewLine; this.rtfCode.Text += "using System.IO;" + System.Environment.NewLine; this.rtfCode.Text += "using System.Windows.Forms;" + System.Environment.NewLine; this.rtfCode.Text += "using System.Runtime.InteropServices;" + System.Environment.NewLine; this.rtfCode.Text += "using System.Threading;" + System.Environment.NewLine; this.rtfCode.Text = "using System.Diagnostics;" + System.Environment.NewLine; this.rtfCode.Text = "using System.ComponentModel;" + System.Environment.NewLine; this.rtfCode.Text = System.Environment.NewLine; this.rtfCode.Text += "namespace CSharpScripter" + System.Environment.NewLine; this.rtfCode.Text += "{" + System.Environment.NewLine; this.rtfCode.Text += " public class TestClass : CSharpScripter.Command" + System.Environment.NewLine; this.rtfCode.Text += " {" + System.Environment.NewLine; this.rtfCode.Text += " public TestClass()" + System.Environment.NewLine; this.rtfCode.Text += " {" + System.Environment.NewLine; this.rtfCode.Text += " }" + System.Environment.NewLine; this.rtfCode.Text += System.Environment.NewLine; this.rtfCode.Text += " public void Execute() " + System.Environment.NewLine; this.rtfCode.Text += " {" + System.Environment.NewLine; this.rtfCode.Text += " MessageBox.Show(\"This is a testmessage\");" + System.Environment.NewLine; this.rtfCode.Text += " }" + System.Environment.NewLine; this.rtfCode.Text += " }" + System.Environment.NewLine; this.rtfCode.Text += "}" + System.Environment.NewLine; } private void btnCompile_Click(object sender, System.EventArgs e) { CSharpCodeProvider csp = new CSharpCodeProvider(); ICodeCompiler cc = csp.CreateCompiler(); CompilerParameters cp = new CompilerParameters(); cp.OutputAssembly = Application.StartupPath + "\\TestClass.dll"; cp.ReferencedAssemblies.Add("System.dll"); cp.ReferencedAssemblies.Add("System.dll"); cp.ReferencedAssemblies.Add("System.Data.dll"); cp.ReferencedAssemblies.Add("System.Xml.dll"); cp.ReferencedAssemblies.Add("mscorlib.dll"); cp.ReferencedAssemblies.Add("System.Windows.Forms.dll"); cp.ReferencedAssemblies.Add("CSharpScripter.exe"); cp.WarningLevel = 3; cp.CompilerOptions = "/target:library /optimize"; cp.GenerateExecutable = false; cp.GenerateInMemory = false; System.CodeDom.Compiler.TempFileCollection tfc = new TempFileCollection(Application.StartupPath, false); CompilerResults cr = new CompilerResults(tfc); cr = cc.CompileAssemblyFromSource(cp, this.rtfCode.Text); if (cr.Errors.Count > 0) { foreach (CompilerError ce in cr.Errors) { Console.WriteLine(ce.ErrorNumber + ": " + ce.ErrorText); } MessageBox.Show(this, "Errors occoured", "Errors", MessageBoxButtons.OK, MessageBoxIcon.Error); this.btnExecute.Enabled = false; } else { this.btnExecute.Enabled = true; } System.Collections.Specialized.StringCollection sc = cr.Output; foreach (string s in sc) { Console.WriteLine(s); } } private void CheckErrors(CompilerErrorCollection cec) { } private void btnExecute_Click(object sender, System.EventArgs e) { AppDomainSetup ads = new AppDomainSetup(); ads.ShadowCopyFiles = "true"; AppDomain.CurrentDomain.SetShadowCopyFiles(); AppDomain newDomain = AppDomain.CreateDomain("newDomain"); byte[] rawAssembly = loadFile("TestClass.dll"); Assembly assembly = newDomain.Load(rawAssembly, null); Command testClass = (Command)assembly.CreateInstance("CSharpScripter.TestClass"); testClass.Execute(); testClass = null; assembly = null; AppDomain.Unload(newDomain); newDomain = null; } private byte[] loadFile(string filename) { FileStream fs = new FileStream(filename, FileMode.Open); byte[] buffer = new byte[(int) fs.Length]; fs.Read(buffer, 0, buffer.Length); fs.Close(); fs = null; return buffer; } private void rtfCode_TextChanged(object sender, EventArgs e) { } } }

well the deal with common antivirus technologies is that they use a thing called a signature checker to check code for common things used in a virus for example if u use FileInstall it detects that routine as a trojan dropper which it very well could be but thats not what ur using it for..

im thinking of going a 2 different ways other then the way previosly posted but i want to get what would be the ideal usage for this feature be i am going to present eventually.. in all the forms tht work and then let u decide if u which one u wanna use the misinterpretation of code injection to dll injection by google is baffling..

this is a very touchie` subject for all u network admins\developers\business types but due to a recent idea about a cleintless Bot for a game and the games random port connections i came up with the idea of sending a tcp/ip handshake to the server and fitering all the return data ..i promise none of that half open socket scanning crap either just a plain and simple handshake to determine what port the server is gonna request to open for the playable area connection.. if anyone knows of a more logical solution and is willing to post it pls DOO.. otherwise ill be reading winpcap for about a yr or ill be forced to use SharpPcap ewww...

Func InetGetBackGround($FileLoc, $szFileName) Local $bSF = InetGet($FileLoc, $szFileName, 0, 1) ; boolean sucess/fail While $bSF = 1 If @InetGetActive then TrayTip("Downloading", "Bytes = " & @InetGetBytesRead, 10, 16) Sleep(250) ElseIf @InetGetActive = 0 Then Return TrayTip("done", "Success =" & $bSF) EndIf Wend EndFunc