Credits: BlackBerry, Microsoft, istealer, G36KV
Sprache: Mix aus C und C++, programmiert mit VS 2010
5 Anti-Wireshark Methoden
2 Anti-VM Methoden
werde wohl noch paar mehr adden, wenn ich Zeit hab… Wenn jemand noch welche hat einfach posten…
Includes und Prototypes weggekürzt so dass es in den Thread passt.
Code:
DWORD pid;
DWORD get_wireshark_1(void)
{
HWND hwnd;
pid = 0;
if ((hwnd = FindWindow("gdkWindowToplevel", 0)))
{
GetWindowThreadProcessId(hwnd, &pid);
return pid;
}
return 0;
}
DWORD get_wireshark_2(void)
{
DWORD processes[100];
DWORD szneeded1;
DWORD szneeded2;
HANDLE hProcess;
HMODULE mods[100];
char pname[50];
DWORD i;
DWORD j;
if (!EnumProcesses(processes, sizeof(processes), &szneeded1))
return 0;
for(i = 0; i < (szneeded1 / sizeof(DWORD) ); i++)
{
if (!(hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_WRITE | PROCESS_VM_READ, 0, processes[i])))
continue;
if (!(EnumProcessModules(hProcess, mods, sizeof(mods), &szneeded2)))
continue;
