typecasting

ok my fault I always tend to use specifically CreateFileA so it is LPSTR! And the question remains is typecasting needed?

Hi guys I have a simple question for your. Let say that I have CreateFile function that takes as a first argument a LPCTSTR pointer. Also there is a declared buffer as char* szBuffer . I' ve seen a lot of guys using a typecasting for calling CreateFile like this CreateFile((LPCTSTR)szBuffer,....). I simply use CreateFile(szBuffer,....) with no problems Is that typecasting needed, given that both char* and LPCTSTR are pointers. Are there any true gains by using typecasting? Thanx

Is it possible for a service under windows XP to hook for example mouse or keyboard? I have tried to call SetWindowsHookEx inside a windows service but the callback function receives no messages. If yes how can it be done. I know already about desktop interactive option for a service and SetTheadDesktop etc but none of them work. I also tried impersonation, to give the hooking thread a specific process token no luck there too. Thanx

Ok I managed to narrow it down. You where right about .exe it works fine. BUT in case of a dll run by rundll32.exe things change and GetProcAddress returns always wrong

Attach the Windbg and look for GetProcAddress it should be a different one. In my case it points to GetProcAddressStub instead of GetProcAddress. In some other examples I tried involving dll injection the address is far more out of the kernel32.dll range

Hello everybody I have observed a strange behaviour in Win Vista and 7 when I call the GetProcAddress to resolve it self GetProcAddress(GetModuleHandle("kernel32.dll"),"GetProcAddress") returns wrong value. I compare the return value with the windbg and its way different (though in a valid 0x7000000-0x7ffffff range). I 've seen some reports on the web about it but I dont know how to overcome this problem. Any ideas? Thanx

Hi guys I have the following problem when I insert the WINAPI calling convention while exporting a function for example __declspec(dllexport) VOID ServiceMain(DWORD dwArgc, LPTSTR *lpszArgv); the Visual Studio compiler exports the function in the dll as _ServiceMain@8 while without the WINAPI the ServiceName is exported like ServiceMain. Why is this happening??

Hi there I have a strange problem. I call the send function to send some bytes from a TCP sockets. The sends command blocks until the socket receives a packet from the other side. MSDN mentions that send blocks only if there is no buffer space in TCP stack. But I only send 100bytes (plus there is no other network traffic) Any ideas Thanx

Hi there gys, I'm looking for a way to update a crawler I 've created. Of course I want the update to be applied without system reboot plus the binary changes to be stored on disk. Can you give me some tips on how to do that? Thanx

Hi there people. I'm trying to redirect the stderr of a process let's say cmd.exe to a raw socket. I have completed this task by setting the sterr parameter = my socket handle. I was looking for a function that can take this handle and encrypt the stderr before sending it to the socket. I could use CreateFile for exampe in order to cache the data to a file and encrypt it here but it's a bad ugly solution. In fact I was looking something like CreateBuffer or CreateByte array or MemoryStream of C#. In other words an intermediate function with a HANDLE input that can return the bytes or something in order to encrypt them. Thanx

Hi there people, I have problem running the following driver code. It worked for sometime but without no obvious reason whenever I try to stop the driver service a BSOD appears with the PAGE_FAULT_IN_NON_PAGED_AREA error. I found out that when I remove the set DriverName code the problem disappears but the question is why. I'm desperate I cant find a way to fix this thing. I load the driver with the instdrv.In the Debug Viewer only the HI message apperars Any ideas? Here is the code VOID UnLoadMe(IN PDRIVER_OBJECT obj); UNICODE_STRING us; NTSTATUS DriverEntry ( IN PDRIVER_OBJECT theDriverObject, IN PUNICODE_STRING theRegistryPath ) { DbgPrint("HELLO"); RtlInitUnicodeString( &us, L"TEST\0" ); theDriverObject->DriverName=us; theDriverObject->DriverUnload=UnLoadMe; return STATUS_SUCCESS; } VOID UnLoadMe(IN PDRIVER_OBJECT obj) { DbgPrint("BYE"); }

Hi there I'm working on a project which involves digital signatures. I take custom made key files and import modulus public and private exponent on RSAParameters.With this info I can encrypt data without any problem Unforunately when I call the sign method I get an exception about including the private part of the key that means the P/Q/DP/DQ values of the keys. Anyway how can I calculate the P and Q values given that the only info I have about the private key is the D parameter and the exponent. Please help me Thank you in advance