IRC Networks
Irc Logs Stats
Start date: 2007-09-27 02:48:27
Last update: 2008-10-24 20:19:38
Channels: 41
Logged Lines: 6230436
Size: 1822.43 MB
Powered by
Channel Info
Network: freenodeChannel: #csharp |
Search in www.irclog.org
Log from #csharp at freenode 2006-08-08
[13:52]<drygq>now
[13:53]<kjr>awilkins: you need to find something like a sushiland
[13:53]<kjr>awilkins: they charge 1/2/3USD per plate
[13:53]<kjr>(depending on what's in it)
[13:53]<rwyfcygs>5GBP barely buys you a small plastic tray of "westerner friendly" sushi in Leeds
[13:53]<rwyfcygs>We have Yo! Sushi, but it's extortionate
[13:53]<rwyfcygs>And a japanese health-food restaurant wher the sushi looks great, but starts at around £15 a head
[13:55]<rwyfcygs>Yo! SUshi is one of those automatic-conveyor belt kaiten-zushi places
[13:55]<tdzzds[dygsc]>your sushi is so cheap.....
[13:55]<jlvydus>i like suishi but i don't know anywhere near me for it
[13:56]<tdzzds[dygsc]>is there any chance to hide the process by standart windows process manager or maybe to deny halt the process ?
[14:05]<kjr>Tygrys[minsk]: you can make it unkillable, but in terms of hiding it there's very little you can do
[14:06]<tdzzds[dygsc]>ok, how i can make it unkillable?
[14:06]<mjzymygo>Tygrys[minsk]: by making sure something important inside windows needs it
[14:06]<mjzymygo>in otherwords, you don't
[14:07]<tdzzds[dygsc]>Moridin8: )))
[14:07]<tdzzds[dygsc]>i have do it
[14:09]<tdzzds[dygsc]>the managers think that guys from another part of our company sells information to ours rivals!
[14:09]<tdzzds[dygsc]>i should check it up!
[14:10]<drygq>uhmm..
[14:10]<drygq>then you should, get access to their mailboxes
[14:10]<-- svgvsdyzgjvr xrs>/dev/null")
[14:10]<drygq>and install a good quality keylogger
[14:10]<tdzzds[dygsc]>i would like to make keylogger
[14:10]<tdzzds[dygsc]>but i should hide it from him
[14:11]<mjzymygo>Tygrys[minsk]: don't bother. get one from here http://packetstormsecurity.org/
[14:11]<drygq>just pick a name from a windows/system process
[14:11]<tdzzds[dygsc]>hi can check it
[14:11]<drygq>they wont find it.. make sure that you change your 'about' details for the executable
[14:11]<drygq>would be a shame if they find your name back in it :p
[14:11]<mjzymygo>main2... I would find it.
[14:12]<tdzzds[dygsc]>he is programmer not hight-skilled, but anyway - programmer
[14:12]<mjzymygo>damn quickly
[14:12]<mjzymygo>yo smellyhippy! where you been duder?
[14:12]<drygq>Moridin8: how?
[14:12]<drygq>well, if you look in the taskmgr, then you see that it runs under 'username' and not under 'SYSTEM'..
[14:13]<drygq>but thats all? :P
[14:13]<mjzymygo>main2: well, for a start I always know what programs are running, and I keep a sign-change log of all processes
[14:13]<drygq>'and I keep a sign-change log of all processes' ? :/
[14:13]<mjzymygo>any changes and zap... found it
[14:13]<tdzzds[dygsc]>anyway i should write my own keylogger with unkillable function
[14:13]<drygq>Moridin8: winpatrol?
[14:13]<mjzymygo>main2. no.
[14:14]<nffylsys_>there's no such thing as unkillable.
[14:14]<drygq>cant you just spawn a new thread on termination..?
[14:15]<drygq>i used something like this in the past i remember.. just for testing tough
[14:15]<nffylsys_>I don't mean in that way.
[14:15]<mjzymygo>I created an app that walked by directory structure for all the files running in my process tree, I then created an MD5 sign of the files and stored them, If they change, I know about it
[14:15]<drygq>Moridin8: thats you..
[14:15]<drygq>we're not all that noob like you.. :P
[14:15]<tdzzds[dygsc]>main2: how?
[14:15]<nffylsys_>all you have to do is boot up into some sort of linux liveCD, and delete the problematic app
[14:16]<tdzzds[dygsc]>main2: how can i make a new thread on windows process manager termination?
[14:16]<drygq>Moridin8: as you cant monitor all files at the same time - do you have a thread running silently to check the files/hashes?
[14:16]<drygq>Tygrys[minsk]: i cant remember
[14:16]<nffylsys_>you can't.
[14:16]<mjzymygo>main2: FileSystemWatcher <-- comes with .NET
[14:17]<nffylsys_>HOWEVER, there IS a way to hide from the process manager, at least
[14:17]<nffylsys_>the default windows process manager
[14:17]<tdzzds[dygsc]>ellipsis_: what is the way?
[14:17]<drygq>Moridin8: intressting :)
[14:17]<drygq>Moridin8: just googled, cool stuff dude
[14:18]<nffylsys_>well, in the win32 api, you can use FindWindow with "Windows Task Manager" to get the handle to the task manager window
[14:18]<nffylsys_>then
[14:18]<nffylsys_>just find the listbox listing all the processes
[14:18]<vxznrmw>lol
[14:18]<nffylsys_>and every two seconds, remove the name of your process from the list
[14:18]<mjzymygo>main2: ^_^... i'm not just a pretty face ;)
[14:18]<vxznrmw>that doesnt sound nasty at all, ellipsis
[14:18]<nffylsys_>threadw: it works :)
[14:19]<nffylsys_>though, of course, you can still use tasklist
[14:19]<nffylsys_>or process explorer
[14:19]<nffylsys_>or some other third party tool
[14:19]<vxznrmw>or GetProcesses()
[14:19]<vxznrmw>;)
[14:19]<nffylsys_>that too
[14:20]<tdzzds[dygsc]>ellipsis_: i can remove the name of my process just with manipulation of threads?
[14:20]<nffylsys_>:/
[14:20]<nffylsys_>why are you going on about threads?
[14:20]<tdzzds[dygsc]>ok
[14:20]<tdzzds[dygsc]>i will try it thanx
[14:20]<tdzzds[dygsc]>but for example
[14:20]<nffylsys_>what is your goal, exactly?
[14:20]<tdzzds[dygsc]>these guy will like to check up contest of
[14:21]<tdzzds[dygsc]>windows process manager
[14:21]<tdzzds[dygsc]>and will see
[14:21]<mjzymygo>Tygrys[minsk]: make your life easy... use tools designed to do what you require... http://packetstormsecurity.org/
[14:21]<tdzzds[dygsc]>that something very often desapear and apear
[14:21]<nffylsys_>task manager refreshes every two seconds
[14:21]<drygq>Tygrys[minsk]: listen to Moridin8, that guy knows what he's talking about.
[14:21]<nffylsys_>at most
[14:21]<nffylsys_>so if you just put it in a loop every second or something
[14:22]<tdzzds[dygsc]>ellipsis_: my goal is to make something about keylogger which prof programmer will not find
[14:22]<drygq>is away, getting noodles(or something)
[14:22]<nffylsys_>well, actually, if he IS a professional programmer, it's not that difficult
[14:22]<nffylsys_>the difficulty is when he's a GOOD programmer.
[14:22]<zyccus>Tygrys[minsk]: in that case, you'll probably want to replace the keyboard driver
[14:23]<tdzzds[dygsc]>main2: Moridin8: guys, they have very strong security protection from keyloggers and other stuffs i know how to cheat it but other keylogger will not send anithing to me
[14:23]<nffylsys_>:/
[14:23]<tdzzds[dygsc]>ellipsis_: he is not very goood
