![[Delphi] Volume Serial HWID HDD](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZTjjQQOpW7PKEnWdg-FtYWflSxdbbaFfhAMdh-2zyfStTykdUoqZn15POjC2Aipjos3sakLzhW3ACz5OaHtsk0PIAJcsQHGdhiNtBKbRGQI-jdoh1Wq-GN-IH2MuSqb-5mjczsXKmOB4/s280/delpi.png "[Delphi] Volume Serial HWID HDD")
function FindVolumeSerial(const Drive : PChar) : string;
var
fileSystemName, volumeName: array[0..99] of char;
fileSystemFlags, serialNo, maxFilenameLength: DWORD;
imp:String;
begin
Result:='';
GetVolumeInformation(Drive, volumeName,SizeOf(volumeName), @serialNo,maxFilenameLength, fileSystemFlags,fileSystemName, SizeOf(fileSystemName));
imp := inttostr(serialNo);
Result := imp;
end; (*FindVolumeSerial*)
![[C++]DWORD xor Encrypt Simple Mode](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uW4BZUQ1rn5reCf1MYIvJ9_jaD67I5l666NaIqCUKI3X5rPewBDhSbHgxZNl6vVxVRqbi5YyTlqlBaobQFFUzJOtWEO_ihG3dwZKV7xJpko9F-p3yF3IuoyEgFpK1NYY8p04kHK5nNQQ3xt8oFp9-sT5UkOn98Wpk=s0-d "[C++]DWORD xor Encrypt Simple Mode")
// xor byte.cpp : Defines the entry point for the console application.
// © heroich.net 20150227
#include "stdafx.h"
DWORD XorEncryp (DWORD vals, DWORD key)
{
BYTE * pbyte = (BYTE *) &vals;//misah DWORD ke array byte[]
BYTE x[4];
//tiap byte di xor
for(int i=0;i<4;i++)
{
x[i]=pbyte[i]^key;
}
printf( "x: %X \n" ,x[0]);
printf( "x: %X \n" ,x[1]);
printf( "x: %X \n" ,x[2]);
printf( "x: %X \n" ,x[3]);
return (x[0]) | (x[1] << 8) | (x[2] << 16) | (x[3] << 24);//gabung byte array to dword
}
int _tmain(int argc, _TCHAR* argv[])
{
DWORD dwValues = 0x0BDFA4;//ofset adr DWORD apa aja
DWORD ky= 0xC3;//key apa aja
DWORD encrypted = XorEncryp(dwValues ,ky);
printf( "Encrypted:%08X \n" ,encrypted);
DWORD decrypted = XorEncryp(encrypted,ky);
printf( "decrypted:%08X \n" ,decrypted);
system("pause");
return 0;
}
#include "
static const std::string base64_chars =
"ABCDEFGHIJKLMNOPQRSTUVWXYZ"
"abcdefghijklmnopqrstuvwxyz"
"0123456789+/";
static inline bool is_base64(unsigned char c) {
return (isalnum(c) || (c == '+') || (c == '/'));
}
std::string base64_encode(unsigned char const* bytes_to_encode, unsigned int in_len) {
std::string ret;
int i = 0;
int j = 0;
unsigned char char_array_3[3];
unsigned char char_array_4[4];
while (in_len--) {
char_array_3[i++] = *(bytes_to_encode++);
if (i == 3) {
char_array_4[0] = (char_array_3[0] & 0xfc) >> 2;
char_array_4[1] = ((char_array_3[0] & 0x03) << 4) + ((char_array_3[1] & 0xf0) >> 4);
char_array_4[2] = ((char_array_3[1] & 0x0f) << 2) + ((char_array_3[2] & 0xc0) >> 6);
char_array_4[3] = char_array_3[2] & 0x3f;
for(i = 0; (i <4) ; i++)
ret += base64_chars[char_array_4[i]];
i = 0;
}
}
if (i)
{
for(j = i; j < 3; j++)
char_array_3[j] = '\0';
char_array_4[0] = (char_array_3[0] & 0xfc) >> 2;
char_array_4[1] = ((char_array_3[0] & 0x03) << 4) + ((char_array_3[1] & 0xf0) >> 4);
char_array_4[2] = ((char_array_3[1] & 0x0f) << 2) + ((char_array_3[2] & 0xc0) >> 6);
char_array_4[3] = char_array_3[2] & 0x3f;
for (j = 0; (j < i + 1); j++)
ret += base64_chars[char_array_4[j]];
while((i++ < 3))
ret += '=';
}
return ret;
}
std::string base64_decode(std::string const& encoded_string) {
size_t in_len = encoded_string.size();
size_t i = 0;
size_t j = 0;
int in_ = 0;
unsigned char char_array_4[4], char_array_3[3];
std::string ret;
while (in_len-- && ( encoded_string[in_] != '=') && is_base64(encoded_string[in_])) {
char_array_4[i++] = encoded_string[in_]; in_++;
if (i ==4) {
for (i = 0; i <4; i++)
char_array_4[i] = static_cast<unsigned char>(base64_chars.find(char_array_4[i]));
char_array_3[0] = (char_array_4[0] << 2) + ((char_array_4[1] & 0x30) >> 4);
char_array_3[1] = ((char_array_4[1] & 0xf) << 4) + ((char_array_4[2] & 0x3c) >> 2);
char_array_3[2] = ((char_array_4[2] & 0x3) << 6) + char_array_4[3];
for (i = 0; (i < 3); i++)
ret += char_array_3[i];
i = 0;
}
}
if (i) {
for (j = i; j <4; j++)
char_array_4[j] = 0;
for (j = 0; j <4; j++)
char_array_4[j] = static_cast<unsigned char>(base64_chars.find(char_array_4[j]));
char_array_3[0] = (char_array_4[0] << 2) + ((char_array_4[1] & 0x30) >> 4);
char_array_3[1] = ((char_array_4[1] & 0xf) << 4) + ((char_array_4[2] & 0x3c) >> 2);
char_array_3[2] = ((char_array_4[2] & 0x3) << 6) + char_array_4[3];
for (j = 0; (j < i - 1); j++) ret += char_array_3[j];
}
return ret;
}
VL::RESULT VL::Hiding::HideModule(HMODULE hMod)
{
PPEB_LDR_DATA pPMI;
PLDR_MODULE pMIN;
unsigned int moduleSize = 0;
// fetch process module info from peb
_asm {
mov eax,dword ptr fs:[0x18]
mov eax,dword ptr ds:[eax+0x30]
mov eax,dword ptr ds:[eax+0x0c]
mov pPMI,eax
}
// search for module
pMIN = (PLDR_MODULE)(pPMI->InLoadOrderModuleList.Flink);
while (pMIN->BaseAddress && pMIN->BaseAddress != hMod) {
pMIN = (PLDR_MODULE)(pMIN->LoadOrder.Flink);
}
if (!pMIN->BaseAddress) {
return LogError(ERR_HIDING_NOTFOUND);
}
// remove module entrys from linked lists
pMIN->LoadOrder.Blink->Flink = pMIN->LoadOrder.Flink;
pMIN->LoadOrder.Flink->Blink = pMIN->LoadOrder.Blink;
pMIN->InitOrder.Blink->Flink = pMIN->InitOrder.Flink;
pMIN->InitOrder.Flink->Blink = pMIN->InitOrder.Blink;
pMIN->MemoryOrder.Blink->Flink = pMIN->MemoryOrder.Flink;
pMIN->MemoryOrder.Flink->Blink = pMIN->MemoryOrder.Blink;
pMIN->HashTable.Blink->Flink = pMIN->HashTable.Flink;
pMIN->HashTable.Flink->Blink = pMIN->HashTable.Blink;
// erase module name
memset(pMIN->FullPath.Buffer, 0, pMIN->FullPath.Length);
// erase unused mapped file headers from memory
DWORD dwOldProtection;
VirtualProtect(pMIN->BaseAddress, 0x1000, PAGE_EXECUTE_READWRITE, &dwOldProtection);
memset((void*)pMIN->BaseAddress, 0, 0x1000);
VirtualProtect(pMIN->BaseAddress, 0x1000, dwOldProtection, NULL);
// erase module info node
memset(pMIN, 0, sizeof(pMIN));
return ERR_SUCCESS;
}
