AgentSmith15 Posted November 9, 2008 Share Posted November 9, 2008 (edited) This will NOT work....1.) We cannot write device drivers using AutoIt. AutoIt is a interpreted language not a compiled one and even then it would need to be low level like C. 2.) It isn't possible to write a rootkit or gain Ring-0 access to the kernal using AutoIt for the same reasons above.3.) If by some reason I am incorrect AutoIt is way to slow to do anything mentioned above.I would cut your losses and focus on other ways to protect your "program". There are plenty of other ways and the fact you keep insisting doing it this way is very suspicious. There is no need for such protection unless you are doing something malicious. With all the talk of rootkits I believe we might want to lock the thread.@Cw2K1: Shame on you! Did you copy that list from CastleCops and not cite your source....http://www.castlecops.com/p970454-How_Anti..._Processes.html Edited November 9, 2008 by AgentSmith15 [center][/center] Link to comment Share on other sites More sharing options...
Innovative Posted November 9, 2008 Author Share Posted November 9, 2008 Well , i'm NOT doing any malicious programs, take my word or leave it . If i consider other alternatives like the following : While 1 If ProcessExists("taskmgr.exe") Then ProcessClose("taskmgr.exe") Endif Wend It wouldn't be right , because my program is meant to protect the computer, and if i disallow taskmgr from running , it'll never be right . Link to comment Share on other sites More sharing options...
ChrisL Posted November 9, 2008 Share Posted November 9, 2008 I wrote this http://www.autoitscript.com/forum/index.php?showtopic=48614 which doesn't stop it being closed but does relaunch it [u]Scripts[/u]Minimize gui to systray _ Fail safe source recoveryMsgbox UDF _ _procwatch() Stop your app from being closedLicensed/Trial software system _ Buffering Hotkeys_SQL.au3 ADODB.Connection _ Search 2d Arrays_SplashTextWithGraphicOn() _ Adjust Screen GammaTransparent Controls _ Eventlogs without the crap_GuiCtrlCreateFlash() _ Simple Interscript communication[u]Websites[/u]Curious Campers VW Hightops Lambert Plant Hire Link to comment Share on other sites More sharing options...
Developers Jos Posted November 9, 2008 Developers Share Posted November 9, 2008 Well , i'm NOT doing any malicious programs, take my word or leave it .Curious how you are going to explain this statement .... SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past. Link to comment Share on other sites More sharing options...
Cw2K1 Posted November 9, 2008 Share Posted November 9, 2008 This will NOT work....1.) We cannot write device drivers using AutoIt. AutoIt is a interpreted language not a compiled one and even then it would need to be low level like C. 2.) It isn't possible to write a rootkit or gain Ring-0 access to the kernal using AutoIt for the same reasons above.3.) If by some reason I am incorrect AutoIt is way to slow to do anything mentioned above.I would cut your losses and focus on other ways to protect your "program". There are plenty of other ways and the fact you keep insisting doing it this way is very suspicious. There is no need for such protection unless you are doing something malicious. With all the talk of rootkits I believe we might want to lock the thread.@Cw2K1: Shame on you! Did you copy that list from CastleCops and not cite your source....http://www.castlecops.com/p970454-How_Anti..._Processes.htmli did not copy it all, the copied text is quoted in my post. have some sense... Enjoy the complexity.Feel the power of simplicity. Link to comment Share on other sites More sharing options...
Innovative Posted November 9, 2008 Author Share Posted November 9, 2008 Curious how you are going to explain this statement .... I can release the source when i'm done with everything , still working on something .. Link to comment Share on other sites More sharing options...
Developers Jos Posted November 9, 2008 Developers Share Posted November 9, 2008 (edited) I can release the source when i'm done with everything , still working on something ..i was referring to the "take my word or leave" bit ..... anyways... nobody is guilty until proven, but process protection does sound a bit "iffy" Edited November 9, 2008 by Jos SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past. Link to comment Share on other sites More sharing options...
AgentSmith15 Posted November 9, 2008 Share Posted November 9, 2008 Well , i'm NOT doing any malicious programs, take my word or leave it . If i consider other alternatives like the following : While 1 If ProcessExists("taskmgr.exe") Then ProcessClose("taskmgr.exe") Endif Wend It wouldn't be right , because my program is meant to protect the computer, and if i disallow taskmgr from running , it'll never be right . Ah so this program is supposed to "protect" your computer, but in your first post you said this tool was to monitor bandwidth. Which is it going to be? Why is your story changing? i did not copy it all, the copied text is quoted in my post. have some sense... Actually you wrapped it in code tags and didn't mention AltF4 or CastleCops. Anyways sorry I don't mean to be ass. You don't know how many kids have plagiarized their essays. [center][/center] Link to comment Share on other sites More sharing options...
Innovative Posted November 9, 2008 Author Share Posted November 9, 2008 Well , the concept is like this , it monitors the bandwidth and stop unauthortised access and close the process when a process uses too much bandwidth ? I'm still working on it , haven't got it all right . Alright , stop all the argues about malicious and non-malicious usage. Link to comment Share on other sites More sharing options...
AgentSmith15 Posted November 9, 2008 Share Posted November 9, 2008 I've heard you could modify taskmgr to not display your program, but that only works against if a person tried to close the process. Are you trying to protect your process from other processes? Also how are you able to distinguish which process is using a lot of the bandwidth? Also what if you were using NetBIOS and you were surfing around your local network, would that shutdown the windows component? [center][/center] Link to comment Share on other sites More sharing options...
Innovative Posted November 10, 2008 Author Share Posted November 10, 2008 I've heard you could modify taskmgr to not display your program, but that only works against if a person tried to close the process. Are you trying to protect your process from other processes? Well , i've saw the script posted in example section before but that only works for taskmgr if i'm not wrong ..I want it to be protected from all terminations . Maybe i can make it to exclude NETBios? I've stated in the many previous posts , i'm still working on it . Link to comment Share on other sites More sharing options...
AgentSmith15 Posted November 10, 2008 Share Posted November 10, 2008 You will need to somehow be able to ignore the WM_CLOSE message sent to your program. [center][/center] Link to comment Share on other sites More sharing options...
AzKay Posted November 10, 2008 Share Posted November 10, 2008 With all the talk of rootkits I believe we might want to lock the thread.Ive just reread the thread, and you are the first to mention them. # MY LOVE FOR YOU... IS LIKE A TRUCK- # Link to comment Share on other sites More sharing options...
Innovative Posted November 10, 2008 Author Share Posted November 10, 2008 You will need to somehow be able to ignore the WM_CLOSE message sent to your program. How would i be able to do that ? Link to comment Share on other sites More sharing options...
Bert Posted November 10, 2008 Share Posted November 10, 2008 (edited) Is this to help stop downloaders and things like Limewire from working? I'm thinking you want to do throttling to control the use of bandwidth. You may have better luck in finding information on that. As far as the MSDN, I was not pulling your chain. http://en.wikipedia.org/wiki/File_locking Edited November 10, 2008 by Volly The Vollatran project My blog: http://www.vollysinterestingshit.com/ Link to comment Share on other sites More sharing options...
Cw2K1 Posted November 10, 2008 Share Posted November 10, 2008 can we embed a process to system process? Just thinking... Enjoy the complexity.Feel the power of simplicity. Link to comment Share on other sites More sharing options...
FireFox Posted November 10, 2008 Share Posted November 10, 2008 can we embed a process to system process? Just thinking...You can try service for unkillable process... Link to comment Share on other sites More sharing options...
Cw2K1 Posted November 10, 2008 Share Posted November 10, 2008 You can try service for unkillable process...Everyone knows about it. Services can be stopped. we are talking about making a process which will be unkillable like a critical system process. Enjoy the complexity.Feel the power of simplicity. Link to comment Share on other sites More sharing options...
FireFox Posted November 10, 2008 Share Posted November 10, 2008 Everyone knows about it. Services can be stopped. we are talking about making a process which will be unkillable like a critical system process.Yes system service i was talking about... Link to comment Share on other sites More sharing options...
Developers Jos Posted November 10, 2008 Developers Share Posted November 10, 2008 doubt anything good will come from this thread. *click* SciTE4AutoIt3 Full installer Download page - Beta files Read before posting How to post scriptsource Forum etiquette Forum Rules Live for the present, Dream of the future, Learn from the past. Link to comment Share on other sites More sharing options...
Recommended Posts