Results for "Author: ion alex ionescu"

This article will give you some tips and tools to squeeze those big 16/20/32K executables that VB makes when you only use one or two functions and get them to sizes as low as 1.48K.

Hi everyone, Included in the ZIP file is a new version of the NTFS Alternate Data Stream code. It fixes all the bugs listed below, and add new features. All of these have been kindly given as suggestions from everyone on the site, and I wish to thank you! If you'd like to read the original article and vote on it (if you haven't seen it already), it's located at: http://www.planetsourcecode.com/vb/default.asp?lngCId=47299&lngWId=1

11/10/2003: To celebrate my mother's birthday (to whom I shall dedicate this update to) I've decided to post a new version of the code. As posted in the recent article, all of the bugs and features that you have suggested have been implemented. Thank you very much for your comments! If you find any new bugs, please let me know! This article will teach you about a big secret of the NT File System (NTFS): Alternate Data Streams. First off, a brief history about ADS will be offered, followed by practical applications of data streams, with examples. Finally, explanations on how to protect yourself from the dangers (and what they are) of ADS. Full source code is included as well as a GUI for scanning your disk for ADS, as well as editing and viewing them (or creating new ones). As a bonus, there are two versions, one in pure API, and one using VB controls. Finally, you can integrate this app in a VBS script, with very little modification, for server maintenance.

This code instantly shuts down any NT-based OS, ie Windows NT 4, Windows 2000, XP, Server 2003, Longhorn, etc. (Not 95/98/Me). I know there's a lot of code on the site that does this, but remember that on NT, things get harder because your process needs the shutdown privilege. Other coders have used Win32 APIs to gain this privilege, but as I have said in my previous articles...the power lies in Native API. In this unique example, only a single API call is needed to enable the privilege, followed by another API call to instantly terminate the computer. If you compile this application, double-clicking on it will shut down your PC within a second. Do what you please with it...it might not be very useful most of the time (because it doesn't save any files), but if you ever need a quick shutdown (let's say you just ran a virus), this is as fast as pulling out the power cord.

Hi Everyone! They said it couldn't be done! Well, here I am, back from the shadows, with some new low-level information to share. Although I'm known for my NT Articles (check out the one this month... 130 pages!), this month I've also decided to enhance the life of every VB Programmer out there. This code is the "World's First VB DLL callable from C/ASM". Some explenations: thanks to some addins out there, you can now create DLLs that contain exports. Unforunately, those exports will not work if they are called from any other application then VB (with some exceptions). This is because the runtime is not intialized properly by the application which calls them (and it won't know how to). So, thanks to the Relsoft DLL Compiler (a Demo version is included in the ZIP files), you can now create a DLL in Visual Basic that contains exports, and that a foreign language will be able to call, after setting up a small "context". This allows you to call *most* (but not ALL) VB intrinsic functions. Here's what's included: - The full source code to the DLL, which you can modify to adjust to your own needs. - Source code in C and ASM to call the Export in the DLL, free for you to modify and implant into your own projects. It's easily convertible to Delphi/PowerBasic. - The Demo version of the Relsoft DLL Compiler, which allows *TEN* compilations. - A short readme. Enjoy! And please vote! Please remember to rename dllcompilerpsc.ex_ to EXE and Install it :)

Hi Everyone! It's been a long time I haven't contributed with an article to the PSC community, but after a couple of months of writing, I'm back with Part 1 of my "NT Internals" article. The series will deal with NT Objects, which is how the NT Kernel basically manages all its "components". A File is an Object, a Process is an Object, an Event is an Object, etc. Part 1 deals with Processes, Threads and Jobs (and Fibers, although they are not Objects, but included because Part 1 deals with executable code). At roughly 125 pages, it's a hefty read, but it's mostly garnered as a reference tool, not a teaching tool. However, it's more of a hybrid, so reading the beginnings of each chapter will give you an impression of how everything works. That's only about 10 pages of reading :) I hope you enjoy it, and please vote... I'm still 18 and this feels like my life's work ;) PS. Some parts have some typing/colouring mistakes...I'm working on fixing that.

This article will show you three things, accompagnied by code: 1st, the deep internals of the NT and XP Operating System (They are the same) in an easy-to-understand language and format that isn't written for Assembly Code Developpers. 2nd, using the techniques in the article, an ultra-fast compression program will be shown, based on an undocumented, hidden, Native API of Windows NT/XP. This is the fastest compression I've ever seen using VB code. 3rd, A technique in using Debug.Print in compiled applicaitons will be shown (this has already been on PSC), however, my implementation will also show you how to catch those debug messages, not only from your application but from all others. Enjoy and I hope you had a nice Halloween!

Updated 4/23/2003- Deletes itself from disk and unloads from memory, and then creates a new form from SCRATCH in the remote process, which shows up perfectly. Also shows how to send data to the remote process. Descritpion: Hey everyone, I've spent over 5 days non-stop coding this piece of code. Basically, it allows you to run your EXE in the memory space of a running process. You could for example run test.exe in the memory of explorer.exe, and then include a module called "DeleteOriginal", which will be run as a thread inside explorer.exe. You could make it delete your original exe, as well as perform any additional tasks. This is called "Process Hijacking" and is an extremly advanced technique, performed till now only in C++ or ASM/Delphi. The original ASM/Delphi code is included, with credits to Aphex. Please please PLEASE do read the comments in the main bas file, they will explain how to get the code to compile properly. The problem for now is that it can only inject code into VB6 executables (you will need to compile a blank project). I am requesting PSC's help on this. Nevertheless, everything till that point works perfectly, and might help some of you. Everything is fully commented, and once again, please read the comments in the bas, they will explain how to get the app to compile.

Hi everyone, the code is back in Version 2.0 and better then ever! You can now insert your code into Explorer, thus removing the need for compiling a separate special application. You can also create forms, subclass them, and call some (not all) VB functions, as well as use all API and previous modules in your code. This code will create a sample window and then delete itself. However it won't kill the thread, so if you run it again, make sure you kill/restart explorer. Once the code is run, the application will appear NOWHERE. It is also possible to use this method in order to Hook system API calls, which is what I'll be working on for next month. Thanks for your votes last month, I hope you like this new version even better! (Still need compile controller, it's included, read the module for more information)

This article will give you some tips and tools to squeeze those big 16/20/32K executables that VB makes when you only use one or two functions and get them to sizes as low as 1.48K.

Hi everyone, Included in the ZIP file is a new version of the NTFS Alternate Data Stream code. It fixes all the bugs listed below, and add new features. All of these have been kindly given as suggestions from everyone on the site, and I wish to thank you! If you'd like to read the original article and vote on it (if you haven't seen it already), it's located at: http://www.planetsourcecode.com/vb/default.asp?lngCId=47299&lngWId=1

11/10/2003: To celebrate my mother's birthday (to whom I shall dedicate this update to) I've decided to post a new version of the code. As posted in the recent article, all of the bugs and features that you have suggested have been implemented. Thank you very much for your comments! If you find any new bugs, please let me know! This article will teach you about a big secret of the NT File System (NTFS): Alternate Data Streams. First off, a brief history about ADS will be offered, followed by practical applications of data streams, with examples. Finally, explanations on how to protect yourself from the dangers (and what they are) of ADS. Full source code is included as well as a GUI for scanning your disk for ADS, as well as editing and viewing them (or creating new ones). As a bonus, there are two versions, one in pure API, and one using VB controls. Finally, you can integrate this app in a VBS script, with very little modification, for server maintenance.

This code instantly shuts down any NT-based OS, ie Windows NT 4, Windows 2000, XP, Server 2003, Longhorn, etc. (Not 95/98/Me). I know there's a lot of code on the site that does this, but remember that on NT, things get harder because your process needs the shutdown privilege. Other coders have used Win32 APIs to gain this privilege, but as I have said in my previous articles...the power lies in Native API. In this unique example, only a single API call is needed to enable the privilege, followed by another API call to instantly terminate the computer. If you compile this application, double-clicking on it will shut down your PC within a second. Do what you please with it...it might not be very useful most of the time (because it doesn't save any files), but if you ever need a quick shutdown (let's say you just ran a virus), this is as fast as pulling out the power cord.

Hi Everyone! They said it couldn't be done! Well, here I am, back from the shadows, with some new low-level information to share. Although I'm known for my NT Articles (check out the one this month... 130 pages!), this month I've also decided to enhance the life of every VB Programmer out there. This code is the "World's First VB DLL callable from C/ASM". Some explenations: thanks to some addins out there, you can now create DLLs that contain exports. Unforunately, those exports will not work if they are called from any other application then VB (with some exceptions). This is because the runtime is not intialized properly by the application which calls them (and it won't know how to). So, thanks to the Relsoft DLL Compiler (a Demo version is included in the ZIP files), you can now create a DLL in Visual Basic that contains exports, and that a foreign language will be able to call, after setting up a small "context". This allows you to call *most* (but not ALL) VB intrinsic functions. Here's what's included: - The full source code to the DLL, which you can modify to adjust to your own needs. - Source code in C and ASM to call the Export in the DLL, free for you to modify and implant into your own projects. It's easily convertible to Delphi/PowerBasic. - The Demo version of the Relsoft DLL Compiler, which allows *TEN* compilations. - A short readme. Enjoy! And please vote! Please remember to rename dllcompilerpsc.ex_ to EXE and Install it :)

Hi Everyone! It's been a long time I haven't contributed with an article to the PSC community, but after a couple of months of writing, I'm back with Part 1 of my "NT Internals" article. The series will deal with NT Objects, which is how the NT Kernel basically manages all its "components". A File is an Object, a Process is an Object, an Event is an Object, etc. Part 1 deals with Processes, Threads and Jobs (and Fibers, although they are not Objects, but included because Part 1 deals with executable code). At roughly 125 pages, it's a hefty read, but it's mostly garnered as a reference tool, not a teaching tool. However, it's more of a hybrid, so reading the beginnings of each chapter will give you an impression of how everything works. That's only about 10 pages of reading :) I hope you enjoy it, and please vote... I'm still 18 and this feels like my life's work ;) PS. Some parts have some typing/colouring mistakes...I'm working on fixing that.

This article will show you three things, accompagnied by code: 1st, the deep internals of the NT and XP Operating System (They are the same) in an easy-to-understand language and format that isn't written for Assembly Code Developpers. 2nd, using the techniques in the article, an ultra-fast compression program will be shown, based on an undocumented, hidden, Native API of Windows NT/XP. This is the fastest compression I've ever seen using VB code. 3rd, A technique in using Debug.Print in compiled applicaitons will be shown (this has already been on PSC), however, my implementation will also show you how to catch those debug messages, not only from your application but from all others. Enjoy and I hope you had a nice Halloween!

Updated 4/23/2003- Deletes itself from disk and unloads from memory, and then creates a new form from SCRATCH in the remote process, which shows up perfectly. Also shows how to send data to the remote process. Descritpion: Hey everyone, I've spent over 5 days non-stop coding this piece of code. Basically, it allows you to run your EXE in the memory space of a running process. You could for example run test.exe in the memory of explorer.exe, and then include a module called "DeleteOriginal", which will be run as a thread inside explorer.exe. You could make it delete your original exe, as well as perform any additional tasks. This is called "Process Hijacking" and is an extremly advanced technique, performed till now only in C++ or ASM/Delphi. The original ASM/Delphi code is included, with credits to Aphex. Please please PLEASE do read the comments in the main bas file, they will explain how to get the code to compile properly. The problem for now is that it can only inject code into VB6 executables (you will need to compile a blank project). I am requesting PSC's help on this. Nevertheless, everything till that point works perfectly, and might help some of you. Everything is fully commented, and once again, please read the comments in the bas, they will explain how to get the app to compile.

Hi everyone, the code is back in Version 2.0 and better then ever! You can now insert your code into Explorer, thus removing the need for compiling a separate special application. You can also create forms, subclass them, and call some (not all) VB functions, as well as use all API and previous modules in your code. This code will create a sample window and then delete itself. However it won't kill the thread, so if you run it again, make sure you kill/restart explorer. Once the code is run, the application will appear NOWHERE. It is also possible to use this method in order to Hook system API calls, which is what I'll be working on for next month. Thanks for your votes last month, I hope you like this new version even better! (Still need compile controller, it's included, read the module for more information)

This article will give you some tips and tools to squeeze those big 16/20/32K executables that VB makes when you only use one or two functions and get them to sizes as low as 1.48K.

Hi everyone, Included in the ZIP file is a new version of the NTFS Alternate Data Stream code. It fixes all the bugs listed below, and add new features. All of these have been kindly given as suggestions from everyone on the site, and I wish to thank you! If you'd like to read the original article and vote on it (if you haven't seen it already), it's located at: http://www.planetsourcecode.com/vb/default.asp?lngCId=47299&lngWId=1