flat assembler
Message board for the users of flat assembler.

Index > Windows > Hiding a Process

Author
Thread Post new topic Reply to topic
holes



Joined: 01 Jul 2004
Posts: 4
Location: Eastern Europe
holes
Does anyone know a way to hide a process from the Ctrl+Alt+Del List? I tried RegisterServiceProcess, but it doesnt work in Win NT/2k/XP.
Post 01 Jul 2004, 07:18
View user's profile Send private message Reply with quote
neetocin



Joined: 02 Jul 2004
Posts: 2
neetocin
Other than coding something malignant like I am doing right now, there is no real need to hide an application unless you are making a vital system process Twisted Evil Twisted Evil Twisted Evil But if you insist, go to http://spiff.tripnet.se/~iczelion/source.html look for "Invisibility" by yoda and study it. It is very complicated since it involved hooking mysterious undocumented APIs and modifying Service Descriptor Tables and creating *.sys files to make a KMD (what is this?) for ring 0 coding. Very troublesome indeed.
Post 02 Jul 2004, 06:53
View user's profile Send private message Reply with quote
R4DX



Joined: 26 Jul 2004
Posts: 1
R4DX
All u talking about is good, but its really complicated. I think the best way of hiding is injecting some module into another process. Its 3d-ring operation and u dont even have to have administrator rights to inject ur code into explorer for example. And if u use some tricks it would be multiplatform ;)

I can give u my module (multiplatform 1-module(u dont have to use additional libraries) method), but its written in masm... But i can give u obj file if u want...

PS. Sorry for my english
Post 26 Jul 2004, 15:51
View user's profile Send private message Reply with quote
scientica
Retired moderator


Joined: 16 Jun 2003
Posts: 689
Location: Linköping, Sweden
scientica
neetocin wrote:
there is no real need to hide an application unless you are making a vital system process Twisted Evil Twisted Evil Twisted Evil

even if it's an vital sys proc there is no reason to hide it...

_________________
... a professor saying: "use this proprietary software to learn computer science" is the same as English professor handing you a copy of Shakespeare and saying: "use this book to learn Shakespeare without opening the book itself.
- Bradley Kuhn
Post 28 Jul 2004, 12:39
View user's profile Send private message Visit poster's website Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3170
Location: Denmark
f0dder
perhaps he meant "viral sys proc" >_<
Post 28 Jul 2004, 13:14
View user's profile Send private message Visit poster's website Reply with quote
pelaillo
Missing in inaction


Joined: 19 Jun 2003
Posts: 878
Location: Colombia
pelaillo
Maybe a typo error, you know, 't' key is besides 'r'
Laughing Laughing
Post 28 Jul 2004, 13:38
View user's profile Send private message Yahoo Messenger Reply with quote
scientica
Retired moderator


Joined: 16 Jun 2003
Posts: 689
Location: Linköping, Sweden
scientica
yup, on qwerty (though not on dvorak - I really must try it someday - everyone else seems to use it, and they praise it...).
Post 28 Jul 2004, 20:32
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on GitHub, YouTube, Twitter.

Website powered by rwasa.