flat assembler
Message board for the users of flat assembler.
![]() |
Author |
|
vid
You really should start doing something proper, working on malware isn't very respectable.
|
|||
![]() |
|
Overflowz
Why you're saying that ?
![]() |
|||
![]() |
|
bitshifter
http://msdn.microsoft.com/en-us/library/aa364399(v=VS.85).aspx
How i get the link to display properly? |
|||
![]() |
|
Overflowz
bitshifter
I tried that already, CreateFile with dwShare value of NULL. but I was still able to read,write and copy.. I don't know what's problem, it works with another files but not with EXACT that file.. |
|||
![]() |
|
vid
Quote: How i get the link to display properly? Use some link shortener, eg. goo.gl |
|||
![]() |
|
typedef
Overflowz wrote: Hello everyone! I'm interested how can I lock files to deny acces on it from users ? For example I have file called "file.doc" and user tries to open it, but it says "Error access denied" or something like that.. Encrypt the file.... ![]() ![]() From 0 to it's end. If you use MS file security stuff, they can be changed again. The drawback is, if the file is a system file, then you are f**d. |
|||
![]() |
|
garystampa
You're not going to be able to do that exactly like you're wanting.
Typedef's reply is the only sure way to protect a file from viewing. But there's no way to keep it from being edited - even if they don't know what they're editing. |
|||
![]() |
|
Overflowz
If I'll encrypt it, than opera won't perceive it as valid file.. How about SAM file which is located at C:\Windows\System32\config ? It says always access denied when I'm copying, moving or editing it.. It's driver file job ?
|
|||
![]() |
|
typedef
Overflowz wrote: If I'll encrypt it, than opera won't perceive it as valid file.. How about SAM file which is located at C:\Windows\System32\config ? It says always access denied when I'm copying, moving or editing it.. It's driver file job ? Only the system can view that file. It uses Windows File Security to stop you from messing with it. If you want the file encrypted by you and that you also want the system to be able to read it, then I suggest you go with hooking. Inject your code before the system loads the file then decrypt it and jump to the code where the system reads it. But that's another story. |
|||
![]() |
|
typedef
Here's a simple start.
Make sure you have a file named file.txt Code: format pe gui 4.0 include 'win32ax.inc' entry main section '.txt' code executable readable writeable w dd 0 db 'Read a file for encrypting',0 db 11111111b dup(0),0 db 'file.txt',0 proc main pushad push 0 push $-100001100b;Not used for now push $-100101100b; push 0 call [MessageBox] push 0 push FILE_ATTRIBUTE_NORMAL push OPEN_EXISTING push 0 push FILE_SHARE_READ push GENERIC_READ push $-110000b call [CreateFile] push eax push 0 push w push 11111111b push $-101001000b push eax call [ReadFile] pop eax push eax call [CloseHandle] ; ; Encrypt data here, ie using XOR,etc ; push MB_OK+MB_ICONINFORMATION push $+10100b push $-101100011b push 0 call [MessageBox] popad ret endp db 'Text read from file',0 section '.idata' import data readable library user32,'user32.dll',kernel32,'kernel32.dll' include 'api/user32.inc' include 'api/kernel32.inc' |
|||
![]() |
|
Overflowz
Dude... I know how to encrypt file but I told already, It won't work if I'll crypt it.. If there is no other ways then I'll try to think myself. Thank you all.
|
|||
![]() |
|
s0rg
|
|||
![]() |
|
Overflowz
s0rg
Wow! I don't knew that! I'll try, thank you very much! ![]() |
|||
![]() |
|
garystampa
Locking the file is temporary. What you want to do is take complete ownership of the file so no one but your app can read it, right?
The problem is that if a program can set restrictions there is always going to be another program that can undo them. Knowledgeable programmers or power users know how to lift any restriction on a file. Therefore, encryption is the only way. As typedef describes you need to set up a registry entry to take association of the file extension and have Windows consult you whenever someone clicks the file. You can then decrypt it on-the-fly on request. If it's not one of your files, pass it thru untouched. |
|||
![]() |
|
Overflowz
Thanks, I'll try that if there's no way ))
|
|||
![]() |
|
< Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.
Website powered by rwasa.