Welcome, Guest: Register On Nairaland / LOGIN! / Trending / Recent / New
Stats: 3,154,434 members, 7,823,010 topics. Date: Thursday, 09 May 2024 at 09:21 PM

Pls Help With SW_HIDE - Programming - Nairaland

Nairaland Forum / Science/Technology / Programming / Pls Help With SW_HIDE (879 Views)

IT Gurus Here Pls Help Me Answer This Question / Where To Learn Web Application Development In Onitsha:pls Help / This Php Is About To Make Me Go Nuts. Pls Help (2) (3) (4)

(1) (Reply) (Go Down)

Pls Help With SW_HIDE by Gentin: 6:32am On Jan 19, 2017
Hi

I have been working on something lately, I'm working on something and I want it to work this way, I have 2 applications, and then I want to upload to a major application (like an extractor) so that when it's run, its going to extract the two applications and run them silently,

The second challenge I have is I use SW_HIDE but it just hides, but on task manager, I could still see the executable. Hence I want to hide everything, while the executable does the work on background.

Please I need real people answering this Question here. With good experience of c++ or delphi.

Thanks.
Re: Pls Help With SW_HIDE by Whytelyon(m): 6:39am On Jan 19, 2017
From my experience, SW_HIDE, isn't the best bet you should use here 100%.

You should be placing a function redirection call (API hooking) to NTQuerySystemInformation to hide the process. (if I understand you correctly) just like we discussed on PM's

You do function redirection to these API functions, NTQuerySystemInformation and NtOpenProcess

And the other part of the extraction, load the applications into memory (resource) and use this

FindResource, LoadResource, SizeofResource,LockResource and extract to disk then use ShellExecute to then execute

SW_HIDE can be used for silent installation, then when you call those functions it may help hide from taskmanager and processmanager.

I hope I helped here.
Re: Pls Help With SW_HIDE by Gentin: 7:05am On Jan 19, 2017
Mmm,

ZwQuerySystemInformation you mean?


Whytelyon:
From my experience, SW_HIDE, isn't the best bet you should use here 100%.

You should be placing a function redirection call (API hooking) to NTQuerySystemInformation to hide the process. (if I understand you correctly) just like we discussed on PM's

You do function redirection to these API functions, NTQuerySystemInformation and NtOpenProcess

And the other part of the extraction, load the applications into memory (resource) and use this

FindResource, LoadResource, SizeofResource,LockResource and extract to disk then use ShellExecute to then execute

SW_HIDE can be used for silent installation, then when you call those functions it may help hide from taskmanager and processmanager.

I hope I helped here.
Re: Pls Help With SW_HIDE by Gentin: 4:11pm On Jan 19, 2017
Thank you Lyon.
It worked just as I expected. What logic API hooking can solve.

Keep your good work up!

(1) (Reply)

Hello. Pls I Need Soft Copy Books On Ruby And Python / Enjoy Up To 75% OFF NEW Hosting + $2.99 On Select Domains At Hostgator.com! / An Entrepreneur's Guide To Pricing

(Go Up)

Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health
religion celebs tv-movies music-radio literature webmasters programming techmarket

Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10)

Nairaland - Copyright © 2005 - 2024 Oluwaseun Osewa. All rights reserved. See How To Advertise. 12
Disclaimer: Every Nairaland member is solely responsible for anything that he/she posts or uploads on Nairaland.