I keep writing about Batch programming, so it is obvious by now that Batch files programming has become one of my favorite activities. Every time I have to write a quick script to automate a task, I go first for the Batch files programming language. If that does not do the job, I use the Python programming language and if that fails, I go for C/C++ before deciding to writing using the assembly language.
Now, what about combining the two languages to achieve what you want?
In this article, I am going to list half a dozen DLL injection techniques that can be used by a user mode process running on MS Windows. There could be more techniques but I am sharing with you the techniques that I had first hand experience with.
1. AppInit_DLLs
People used to rely on the AppInit_DLLs registry key. The OS loader queries this value and loads the DLLs specified there when a process is created. I have not used this technique in a long while (last time I used it was on Windows XP) and I heard it is now restricted or discontinued because it was widely used by malware.
2. SetWindowsHookEx API
The SetWindowsHookEx API installs an application-defined hook procedure into a given hook chain. There are various supported hook chains (CBT, Journal, Window messages, keyboard, mouse, etc).
When using the SetWindowsHookEx API, you are instructing the operating system to inject your custom hook DLL into other process where it is relevant. The Windows hooks work when the other processes import / use functionality from USER32.dll.
This is yet another article about Batch files. In this article, I am going to show you how to read a text file line by line using the Batch files scripting language.
For more advanced Batch scripting topics, please grab a copy of the Batchography book.
Hiew+ is based on the FsPlus project. FsPlus is an implementation of an idea that allows you to access non disk files as if they were disk files. Hiew+ is a real life example of FsPlus where we take Hiew (an excellent hex editor) and turn it into an excellent process editor. Each process will be viewed as a file with a size as much as SYSTEM_INFO.lpMaximumApplicationAddress returns. In theory FsPlus should work with any hex editor to provide process memory editing, but this release is just Hiew ready.
Hiew+ editing the process memory of a process being debugged by IDA Pro
Usage
To use FsPlus, you need to inject FsPlus.dll into Hiew’s process memory so that the APIs are hooked. After APIs are hooked, FsPlus will recognize and treat in a different manner any file name that has the following form: “pid|1234” where 1234 is a given PID. To make the usage even simpler, I provid a small GUI (FsPlusGui) to allow you launch Hiew conveniently.
In fact, Hiew+ can be considered as a nice addition to your reverse engineering tools arsenal (IDA Pro‘s debugger or any other debugger, etc.).
Here’s a screenshot of the FsPlusGui:
You will need to double click on a process to have Hiew or the desired process launched with FsPlus support.
Make sure you specify the settings correctly in FsPlus.ini:
After you run it successfully, you will be able to start editing processes as if you were editing files. The catch is every process virtual address is now a physical offset in Hiew.
Modules as IMAGE_SECTION_HEADERs
For your convenience we have created additional IMAGE_SECTION_HEADER structures in the PE header of the main process, so that each loaded module is view as a PE section:
Textual information about process’ modules
In addition to viewing modules as PE sections, you will have an actual representation of all loaded modules just after the end of the PE header: Do you want to master Batch Files programming? Look no further, the Batchography is the right book for you.
Available in print or e-book editions from Amazon.
No Read Errors
To avoid reading errors and such, any unreadable memory page is filled with “BAD!” pattern.
Physical and Logical disk editing
This is not something added by FsPlus, rather it is a undocumented feature of Hiew32 where you can use Hiew to edit/view logical and physical disk sectors:
Conclusion
Download – Release date: late 2008
This tool has been tested with Windows Vista (32) and Windows XP SP2 and with Hiew 7.29.
Hope you find this tool useful as Hiew itself. Note: Please don’t contact me if you run into trouble. This tool is no longer supported.
In various programming languages, you might sometimes need to convert numbers to characters. In simple terms, each character you see has a numerical representation. The ASCII table shows the numbers of each character and its corresponding glyph.
Converting numbers to their corresponding characters would be useful to generate a random string for instance. The first step to generating a random string is to generate random numbers between 65 and 90 (upper case ‘A’ to upper case ‘Z’) or between 97 and 122 (lower case ‘a’ to lower case ‘z’).
While the Batch language is pretty primitive, you would be surprised how many things you can do with it. In the Batchography book, I cover various topics that would bring your Batch programming skills to the next level.
You have found this blog post because you are wondering if there is a way to express a “switch/case” logic in Batch files.
The short answer is: “no, not exactly”. However, there are ways to achieve the same in Batch files.
In the Batchography book, I explain in details the “switch/case” construct, but in this blog post I will illustrate this mechanism briefly. For more advanced Batch scripting topics, please grab a copy of the Batchography book.
There are so many undocumented or obscure features in the Batch scripting language and in this article I am going to illustrate how to do string substitution.
For more advanced Batch scripting topics, please grab a copy of the Batchography book.
In chapter 4 of the Batchography book, I illustrate 3 methods that you can use to check if your Batch file script is running as an Administrator.
In this blog post, I will share with you the method entitled “Using known commands that fail to run without elevated privileges” from the book.
The idea behind this method is to run commands that are known to fail and return a non-zero error code if they are not executed with administrative privilege.
The Batch script would then check the return code and act accordingly:
@echo off
::
:: The Batchography book by Elias Bachaalany
::
net session >nul 2>&1
if %errorlevel% neq 0 (
echo Requires administrative privilege.
goto :eof
)
echo Script starts here...
Do you want to master Batch Files programming?
Look no further, the Batchography is the right book for you.
Available in print or e-book editions from Amazon.com!
In this blog post, I introduce a “one-click” solution to automate getting free internet at airports. This is very useful for those who don’t want to get their hands dirty!
Step 1 – Download and install
To get started, download the application from my GitHub repository here:
When you unzip the archive, you should have the following three files:
Run the “UnlimitedAirportInternet.exe” program to get started.
Step 2 – Get unlimited internet
If this was the first time you connect to the airport’s Wi-Fi, then you should have your free internet session for a while.
Each time you run out of free internet time, just press the “Give me more free internet” button.
In a previous post entitled “How to get unlimited free Internet at Airports“, I showed you how to circumvent the time limit imposed by the “free” Wi-Fi connections in certain airports.
For that trick to work, you were required to update the MAC address of your computer each time the free time is over.
In this blog post, I am going to share with you the ChangeMACAddressBatch script that I wrote with the help and instructions from the excellent Batchography book.
The script makes use of various recipes illustrated in the Batchography book (in Chapter 4) and uses the various Batch scripting language syntax (Chapters 1 and 2) and methodologies (Chapter 3). Therefore, I will not be explaining the script’s contents or how it works because it will become evident if you read the Batchography book.
Get the book from Amazon:
Paperback edition
E-book edition
How to use the script interactively
To begin with, you need to run the script with administrative privileges.
Running the script as an administrator
On Windows 8 and above, just press Win+X and choose “Command Prompt (Admin)” like this:
Otherwise, if you are using the Windows Explorer window, then right-click on your script and choose “Run as Administrator”:
Starting the script
When you first run the script, you will be presented with the main menu that will show you a list of all the adapters you have on your system.
On my laptop for instance, I have 4 adapters:
An Ethernet adapter
2 x VMWare virtual adapters
A Wi-Fi adapter
Using the keyboard, type the adapter number that you want to inspect and/or change its MAC address:
In the Batchography book, not only you will learn about the command prompt’s keyboard shortcuts, macros and what not, but you will also learn the basic and fundamental topics for programming in the Batch language.
In this blog post, I present to you an excerpt from Chapter 1 in the Batchography book that covers all the useful keyboard shortcuts. My new favorite one is the F11 keyboard shortcut that is present in Windows 10 and up.
The benefits of the e-book Kindle edition is that you can buy the book from many countries in just a few clicks: USA, United Kingdom, Germany, France, Spain, Italy, Netherlands, Japan, Brazil, Canada, Mexico, Australia, India.
In the Batchography book, you will learn about:
The “How to show saved Windows 7 Wifi passwords” turned out to be a popular article and to make the life of my readers easier, I decided to apply a newly acquired knowledge and write a tool to make it SUPER EASY to get all the saved WiFi passwords without needing administrative privileges and without having to click through various settings dialogs.
Long gone are the days when you had to use search engines to jump from one website to another in order to figure out the syntax or how to solve a problem using a Batch file script. The Batchography book is a boon for system administrators, build engineers, programmers and home users alike. It takes you on a journey of re-discovery of the lost art of Batch files programming. Whether you are an experienced user or new to the language, you will be surprised by the clarity and the abundance of the material presented in this book. With more than 140 scripting recipes, you will learn about things that you never thought were possible to achieve using the Batch files scripting language.
As part of Windows apps development cycle, especially WinForms applications in Visual Studio, you may want to pick the right colors for your ListViews, Buttons, Labels, etc…
The best way to pick the colors is to visualize them.
With Control Color Explorer, you can visualize all the colors in the System.Drawing.Color type. You have the option to render the colors using the BackColor attribute or the ForeColor attribute:
Once you chose the colors you like, you may simply click the “Copy Color names” to copy them and use them in your application.
I keep writing about Batch programming, so it is obvious by now that Batch files programming has become one of my favorite activities. Every time I have to write a quick script to automate a task, I go first for the Batch files programming language. If that does not do the job, I use the Python programming language and if that fails, I go for C/C++ before deciding to writing using the assembly language.
