1101
Developer's Corner / Re: super simple language?
« on: March 22, 2008, 03:20 PM »
Try AutoIt. It's a much cleaner language than AutoHotKey and provides equivalent functionality.
Ehtyar.
Ehtyar.
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
Disreputable websites?Sorry, was a bit unclear there. I found the link to that page on the disreputable website. Just for clarification, ntcore.com is NOT a disreputable website.-f0dder (March 07, 2008, 06:00 PM)
you could also try Winspector.I lost faith in it just recently, because it doesn't seem to work on vista And no updates it seems :S-lanux128 (January 26, 2008, 01:08 AM)
Sorry for the trouble Ehtyar, but FARR and foobar users will eternally thank you for this. Its only because your plugin is good that it is in demand.Hell, it's just nice to know someone actually uses it at all. Hopefully it won't be too long...-icekin (January 24, 2008, 04:04 AM)
Of course this isn't as important as a lot of developers probably think, since the window class namespace is per-process and not shared, but heyMy point exactly...-f0dder (January 24, 2008, 05:04 AM)
you're welcome, Ehtyar. that's Firefox for you, nothing that an add-on can't fix..Uh uh uh you forget about my thread on getting firefox to show the size of a download. Got ya there eh?-lanux128 (January 23, 2008, 09:32 PM)
someone make a utility that lets us swap our info for that of bill gates.Well the rich signature shown in the image in my first post is from cl.exe, so perhaps just substitute your rich signature for the one found there. Make their head spin a little if they ever wanted to know who made it.-mouser (January 23, 2008, 02:20 PM)
Did someone there got some insight about what it's contained in the signature? Personal information about the owner of the computer in which the program was compiled, or what? And hidden underneath which scheme?This was actually mostly what i was looking for. As much as i would like to say I'm an uber reverse engineer, my skills are nowhere near that level. I have picked up hints that the information is hardware-related, so things like MAC address, OS serial number, CPUID etc are likely candidates and the information is then encrypted with, of all things, xor. This information could be discerned by REing link.exe, but as I said, I'm just not that good.
Mmmm, the page is not working at the moment-Lashiec (January 23, 2008, 01:54 PM)
The topic appeared several years ago at the ASM Community, dunno if it's possible to dig up the stuff (should be easier after we installed Wordzillas search mod ), one of the members iirc reverse-engineered link.exe enough to prevent generation of the information.Indeed. I have already found instructions on preventing generation of the signature, at the location mentioned in my last post (google for "disable rich signature") but as i said earlier, my question is simply related more to knowing more about the signature itself, and what it contains and/or is used for.
I started work on a little tool to nuke the information post-link time, but never really finished it (as in, it nuked a hardcoded amount of bytes at a hardcoded file offset, so it won't work for all EXEs).-f0dder (January 23, 2008, 05:07 AM)