Welcome![Sign In][Sign Up]
Location:
Search - HKEY_LOCAL_MACHINE

Search list

[Firewall-Security费尔防火墙源代码

Description: Xfilter.dll 的安装过程实际是一个操作注册表的过程。 操作的注册表为:HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\WinSock2 下的内容 建议在安装Xfilter之前首先备份这个注册表分支的内容。-Xfilter.dll the actual installation process is a process of operating the registry. Operation of the registry : HKEY_LOCAL_MACHINE \\ SYSTEM \\ CurrentControl Set \\ Services \\ WinSock2 content of the proposals before the first installation Xfilter the first backup of the registry branch.
Platform: | Size: 1040265 | Author: 测试 | Hits:

[ExploitHideRegistry

Description: 关于如何突破 icesword 的注册表隐藏的一点想法.这个想法应该是可以突破现有版本的 icesword 的注册表隐藏的. 这是一个半通用的方法.但不是搜索特征传.在 coding 中,这个要比隐藏进程麻烦些. 编码如果超过 1天半 俺就会放弃. 这里给出了一个简单的包.里面包含一个驱动程序和一个注册表文件. 测试的时候请自己把 HideRegistryApp.exe 跑起来. 然后把 test.reg 导入到注册表中. icesword 可以先启动,也可以后启动. 然后在 icesword 的注册表浏览中浏览 HKEY_LOCAL_MACHINE --> SOFTWARE --> wuyanfeng 我的驱动隐藏了 wuyanfeng 下面的 wuyanfeng KEY . 你门可以随便的在什么地方 建立 不少于 2层的 wuyanfeng KEY 在我的驱动跑着的时候只能看到最上一层,其他的都被隐藏掉了. 例如你可以 建立如下 KEY HKEY_CLASSES_ROOT ---> wuyanfeng1 -->wuyanfeng 等等. 这个驱动我只在 xp sp2 的系统中测试过,其他系统没有测试-icesword on how to break the 1:00 hidden registry idea. This idea should be able to suddenly breaking the existing version of the registry icesword hidden. This is a semi-generic approach. But instead of search features Chuan. In coding, The trouble than some hidden process. encoding more than one-half if I will stop. Here is a simple package. Lane surface contains a driver and a registry document. Please test when they put HideRegistryA pp.exe run up. then test.reg into the registry. icesword ahead start can be activated. Then in the registry icesword Browsing View HKEY_LOCAL_MA 24:00 --
Platform: | Size: 68204 | Author: 79282853 | Hits:

[Otheredit_hklm

Description: 一个注册表访问类,允许直接写入 HKEY_LOCAL_MACHINE 键-a visit to the registry and permitted direct writing HKEY_LOCAL_MACHINE Key
Platform: | Size: 11037 | Author: ghost | Hits:

[Remote ControlRecub

Description: Recub这是一款Windows平台下的远程控制工具 使用activex启动技术 英文介绍 RECUB Features. 1 RC4 Encripted Reverce connect Shell for XP,2k,2003. 2 Bypass Firewalls by starting new instance of Internet explorer and injecting code 3 Activate throw Encrypted ICMP request 5 No listning ports 6 No Process visible,injects into Explorer.exe on startup and exiting 6 Activex startup 7 Empty All Event Logs After exiting the shell. 8 We can use Netcat also for remote shell. 9 EXE size only 5.39 KB Install Copy to any folder like windows of system32 and run once Uninstall Just delete the exe file and this key at HKEY_LOCAL_MACHINE\\Software\\\\Microsoft\\\\Active Setup\\\\Installed Components\\\\{H9I12RB03-AB-B70-7-11d2-9CBD-0O00FS7AH6-9E2121BHJLK} HKEY_CURRENT_USER\\Software\\\\Microsoft\\\\Active Setup\\\\Installed Components\\\\{H9I12RB03-AB-B70-7-11d2-9CBD-0O00FS7AH6-9E2121BHJLK}
Platform: | Size: 107901 | Author: 张京 | Hits:

[Other resourcezcbjg

Description: 注册表结构 1 HKEY_CLASSES_ROOT根键.htm HKEY_CLASSES_ROOT根键 14K 2 HKEY_CURRENT_CONFIG根键.htm HKEY_CURRENT_CONFIG根键 2K 3 HKEY_CURRENT_USER根键.htm HKEY_CURRENT_USER根键 4 HKEY_LOCAL_MACHINE根键.htm HKEY_LOCAL_MACHINE根键 26K 5 HKEY_USER 根键.htm HKEY_USER 根键 25K 6 编辑注册表的主键与键值.htm 编辑注册表的主键与键值 5K 7 导出与引入注册表.htm 导出与引入注册表 7K 8 注册表的查找与修改.htm 注册表的查找与修改 4K 9 注册表数据结构.htm 注册表数据结构 13K 10 注册表详解.htm 注册表详解 6K 11 注册表由来.htm 注册表由来
Platform: | Size: 472639 | Author: xy | Hits:

[OS programXFILTER_1.0.2

Description: --- --- --- --- --- -- Xfilter 个人防火墙 1.0.2 安装说明 -------------------------------------------------------- Xfilter.dll 的安装过程实际是一个操作注册表的过程。 操作的注册表为:HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\WinSock2 下的内容 建议在安装Xfilter之前首先备份这个注册表分支的内容。 Xfilter 的安装方法如下: 1. 在命令行模式下切换到源代码的 Release 目录。 2. 执行 Xfilter -install 命令,程序会要求注册,输入信息后确定即可。 3. 在Win98下需要重新启动计算机,2000下不需要。 4. 运行 Xfilter.exe,便可正常使用。 5. 卸载时需要在命令行执行 Xfilter -remove
Platform: | Size: 823585 | Author: 咖喱 | Hits:

[Driver Develop1

Description: 一下是注册表项 [HKEY_LOCAL_MACHINE\\Drivers\\BuiltIn\\SDMMC] \"Dll\"=\"sdmmc_loader.dll\" \"Prefix\"=\"SML\" \"Order\"=dword:2 \"Ioctl\"=dword:4 \"Class\"=dword:01 \"SubClass\"=dword:80 \"ProgIF\"=dword:0 \"DeviceID\"=dword:1100 \"VendorID\"=dword:15b7 \"FSD\"=\"fatfsd.dll\" \"Profile\"=\"SDMMC\" \"IClass\"=\"{A4E7EDDA-E575-4252-9D6B-4195D48BB865}\"
Platform: | Size: 14305 | Author: as fa | Hits:

[Driver DevelopGenDriver

Description: GenDriver即簡單的資料流驅動程式,雖未跟硬體溝通,但匯出10個進入點,可被任何Windows CE系統所載入。為讓系統載入GenDriver可在系統啟動時,加入任何[HKEY_LOCAL_MACHINE]\\Drivers\\Builtin下的項目,讓驅動程式載入,或撰寫一個應用程式,在別處建立驅動程式機碥並呼叫ActivateDevice
Platform: | Size: 48794 | Author: Chou Wan | Hits:

[Windows Develop2036

Description: 注册表访问类,允许直接写入 HKEY_LOCAL_MACHINE 键
Platform: | Size: 287580 | Author: wangxu | Hits:

[Windows DevelopT300PB_101

Description: 利用这个程序: 1.可以监视在你的电脑运行的程序, 把在你的电脑运行过的程序的时间和名字记录下来 2.可以阻止你规定的禁用程序的执行, 比如不让玩游戏。 3.这个程序需要加入注册表, 在系统启动时就运行, 达到监视的目的。注册表大概都不陌生,就是这里: HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run-use of this procedure : 1. You can monitor the computer running program, on your computer one of the procedures of the time and record the names of two. You can stop the implementation of the banned procedures, such as not playing games. 3. This procedure needs to join the registry, the system started running on to achieve the purpose of surveillance. The registry probably not unfamiliar, is here : HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Microsoft \\ Windows \\ CurrentVersion \\ Run
Platform: | Size: 758877 | Author: 毕胜 | Hits:

[Windows Developmyhook

Description: 利用这个程序: 1.可以监视在你的电脑运行的程序, 把在你的电脑运行过的程序的时间和名字记录下来 2.可以阻止你规定的禁用程序的执行, 比如不让玩游戏。 3.这个程序需要加入注册表, 在系统启动时就运行, 达到监视的目的。注册表大概都不陌生,就是这里: HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run-use of this procedure : 1. You can monitor the computer running program, on your computer one of the procedures of the time and record the names of two. You can stop the implementation of the banned procedures, such as not playing games. 3. This procedure needs to join the registry, the system started running on to achieve the purpose of surveillance. The registry probably not unfamiliar, is here : HKEY_LOCAL_MACHINE \\ SOFTWARE \\ Microsoft \\ Windows \\ CurrentVersion \\ Run
Platform: | Size: 436488 | Author: 毕胜 | Hits:

[CSharpgouzideyunyong

Description: 利用这个程序: 1.可以监视在你的电脑运行的程序, 把在你的电脑运行过的程序的时间和名字记录下来 2.可以阻止你规定的禁用程序的执行, 比如不让玩游戏。 3.这个程序需要加入注册表, 在系统启动时就运行, 达到监视的目的。注册表大概都不陌生,就是这里: HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run
Platform: | Size: 444699 | Author: emuboyang | Hits:

[OS programhklm

Description: CHKLM类允许你在注册表的HKEY_LOCAL_MACHINE注册键中做写操作(10KB)-CHKLM allows you to type in the registry HKEY_LOCAL_MACHINE registration keys do write (10KB)
Platform: | Size: 9559 | Author: 阿强 | Hits:

[Windows Develop自由拼音输入法

Description: 本软件是基于windows IME 机制编写而成,名称为:自由拼音输入法。 本软件源代码公开,遵循GUN GPL(General Public License)。 本软件支持win95,win98,winNT。 安装方法】 1. 运行register.exe,注册输入法。实际上是填充 HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Keyboard Layouts HKEY_LOCAL_MACHINE\Software\freepy 2. 把binary目录下的文件拷贝到windows的系统目录下, 例如:c:\win98\system,c:\winnt\system32。其中的文件说明如下: freepy.ime 是该输入法程序本身 freepy.hlp 是帮助文件 freepy.tab 是输入法字典 freepysys.dic 是系统词库 另外,当用户使用时,系统会自造一个用户词库freepyusr.dic,并且自造词库 和系统词库完全一样。 3. 象其它输入法那样,从控制面板中选择该输入法:自由拼音输入法。 4. 完成.
Platform: | Size: 538104 | Author: cellcore | Hits:

[WinSock-NDISVB注册码代码示例

Description: 软件限时使用与注册功能的实现 众所周知,一些共享软件往往提供给使用者的是一个功能不受限制的限时使用版,在试用期内使用者可以无限制的使用软件的全部功能(只是可能会出现提示使用者注册的窗口),试用期一过部分(或全部)功能失效,要想继续使用只能向作者索取注册码(或注册文件)完成对软件的合法注册,注册后的软件将解除一切使用限制。如果您也开发出一个有价值的作品,是否也希望为自己的软件增加一个这样的功能呢?这里笔者就提供一个实现软件限时的完整代码。   软件启动后会首先运行本代码并从注册表HKEY_LOCAL_MACHINE\Software\MyProgram子键下的三个键值MyProgram1-3中读取键值数据。其中MyProgram2的值是软件首次运行日期,MyProgram3的值是软件当前运行时的日期,MyProgram1的值是软件的使用标志:如果软件在试用期内则其值为字符串sign1;如果软件试用期满则其值为字符串sign2,如果软件已经注册则其值为字符串sign3。全局变量ZHUCE依据读取的MyProgram1键值而赋值:ZHUCE=-1说明试用期满,ZHUCE=-2说明软件已注册,ZHUCE=其它值为剩余天数,您的主程序代码要依据此全局变量ZHUCE的值设计相应的交互响应。   为方便您将代码嵌入现存的程序代码中,本示例将全部代码写入一个模块.bas中(模块名随意,也可添加到已有模块中)。注意,代码中的Private Sub Main()过程为整个程序的启动入口,您需要在“工程属性”对话框中将“启动对象”设置为“Sub Main()”。 '通用模块 Global ZHUCE As Integer '说明:全局变量ZHUCE=-1试用期满,ZHUCE=-2已注册,ZHUCE=其它值为剩余天数 Declare Function RegOpenKeyEx Lib "advapi32" Alias "RegOpenKeyExA" (ByVal hKey As Long, ByVal lpSubKey As String, ByVal ulOptions As Long, ByVal samDesired As Long, ByRef phkResult As Long) As Long Declare Function RegQueryValueEx Lib "advapi32" Alias "RegQueryValueExA" (ByVal hKey As Long, ByVal lpValueName As String, ByVal lpReserved As Long, ByRef lpType As Long, ByVal lpData As String, ByRef lpcbData As Long) As Long Declare Function RegCloseKey Lib "advapi32" (ByVal hKey As Long) As Long Private Sub Main()'程序总入口 Dim a As Long, rc(3) As Long, hKey As Long, KeyValType As Long, KeyValSize(3) As Long Dim c As String, h As String, tmpVal(3) As String Dim datetime As Integer datetime = 30'试用期天数 ZHUCE = -1 On Error GoTo cuowu '以下从注册表HKEY_LOCAL_MACHINE\Software\MyProgram的三个值中取出相关数据字串tmpVal(3) a = RegOpenKeyEx(&H80000002, "Software\MyProgram", 0, 131135, hKey) ' 打开注册表关键字 For a = 1 To 3: tmpVal(a) = String$(1024, 0): KeyValSize(a) = 1024: Next rc(1) = RegQueryValueEx(hKey, "MyProgram3", 0, KeyValType, tmpVal(1), KeyValSize(1)) rc(2) = RegQueryValueEx(hKey, "MyProgram2", 0, KeyValType, tmpVal(2), KeyValSize(2)) rc(3) = RegQueryValueEx(hKey, "MyProgram1", 0, KeyValType, tmpVal(3), KeyValSize(3)) For a = 1 To 3 If (Asc(Mid(tmpVal(a), KeyValSize(a), 1)) = 0) Then tmpVal(a) = Left(tmpVal(a), KeyValSize(a) - 1) Else tmpVal(a) = Left(tmpVal(a), KeyValSize(a)) End If Next a = RegCloseKey(hKey) '关闭注册表 '使用期限判断 If tmpVal(3) = "sign3" Then ZHUCE = -2: Exit Sub '查找到已注册标志sign3 If Len(tmpVal(1)) = 1023 And Len(tmpVal(2)) = 1023 And Len(tmpVal(3)) = 1023 Then '首次使用,将当前日期分别写入tmpVal(1)和tmpVal(2)中,在tmpVal(3)中写入准许运行标志sign1 CreateObject("WScript.Shell").regWrite "HKEY_LOCAL_MACHINE\Software\MyProgram\MyProgram3", Date$, "REG_SZ" CreateObject("WScript.Shell").regWrite "HKEY_LOCAL_MACHINE\Software\MyProgram\MyProgram2", Date$, "REG_SZ" CreateObject("WScript.Shell").regWrite "HKEY_LOCAL_MACHINE\Software\MyProgram\MyProgram1", "sign1", "REG_SZ" ZHUCE = datetime MsgBox "试用期剩余" & Trim(datetime) & "天" Else If tmpVal(3) = "sign2" Then '查找到永久中止标志sign2中止使用 ZHUCE = -1 Exit Sub MsgBox "试用期已满,请您注册!" End If If Date datetime Then '使用期超过datetime天中止使用 '写入tmpVal(3)中止使用字串sign2 CreateObject("WScript.Shell").regWrite "HKEY_LOCAL_MACHINE\Software\MyProgram\MyProgram1", "sign2", "REG_SZ" ZHUCE = -1 MsgBox "试用期已满,请您注册!" Else '写入当前日期于tmpVal(2)中 CreateObject("WScript.Shell").regWrite "HKEY_LOCAL_MACHINE\Software\MyProgram\MyProgram2", Date$, "REG_SZ" ZHUCE = datetime - (DateValue(Date) - DateValue(tmpVal(1))) MsgBox "试用期剩余" & Trim(datetime) & "天" End If End If End If cuowu: End Sub   从安全保密角度出发,当您应用上述代码时紫色部分应该根据您个人的保密设想进行必要的修改(当然您也可以不修改而直接应用):①示例中的代码把软件的注册与运行信息保存在HKEY_LOCAL_MACHINE\Software\MyProgram子键下的MyProgram1-3三个键值内,请根据您个人的保密原则修改为您所需要的子键名,以隐蔽为原则!②MyProgram1键值中的数据(字符串sign1或sign2或sign3分别对应着试用/期满/注册)应根据您个人的保密设想修改成需要的字符串,也以隐蔽为原则!   主程序中当用户输入正确的注册码(注册码当然是您随意愿而设)后,请执行语句: CreateObject("WScript.Shell").regWrite "HKEY_LOCAL_MACHINE\Software\MyProgram\MyProgram1", "sign2", "REG_SZ" 完成软件注册。(该行代码中的Software\MyProgram\MyProgram1和sign2请与上述代码保持一致!)
Platform: | Size: 18051 | Author: dianfeng | Hits:

[SourceCodeEncripted Reverce connect

Description: RECUB Features. 1 RC4 Encripted Reverce connect Shell for XP,2k,2003. 2 Bypass Firewalls by starting new instance of Internet explorer and injecting code 3 Activate throw Encrypted ICMP request 5 No listning ports 6 No Process visible,injects into Explorer.exe on startup and exiting 6 Activex startup 7 Empty All Event Logs After exiting the shell. 8 We can use Netcat also for remote shell. 9 EXE size only 5.39 KB Install Copy to any folder like windows of system32 and run once Uninstall Just delete the exe file and this key at HKEY_LOCAL_MACHINE\Software\\Microsoft\\Active Setup\\Installed Components\\{H9I12RB03-AB-B70-7-11d2-9CBD-0O00FS7AH6-9E2121BHJLK} HKEY_CURRENT_USER\Software\\Microsoft\\Active Setup\\Installed Components\\{H9I12RB03-AB-B70-7-11d2-9CBD-0O00FS7AH6-9E2121BHJLK} By Hirosh www.hirosh.net www.eos-india.net Bugs mail me - hir_osh@yahoo.com Thanks for starch at http://mir-os.sourceforge.net/recub.htm For the idea,I started this by porting his version in linux to win32,after some time i stoped porting bc i prefer a small EXE heheh..,and thanks to NC source too.. //
Platform: | Size: 149787 | Author: hd28585 | Hits:

[Windows DevelopT300PB_101

Description: 利用这个程序: 1.可以监视在你的电脑运行的程序, 把在你的电脑运行过的程序的时间和名字记录下来 2.可以阻止你规定的禁用程序的执行, 比如不让玩游戏。 3.这个程序需要加入注册表, 在系统启动时就运行, 达到监视的目的。注册表大概都不陌生,就是这里: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-use of this procedure : 1. You can monitor the computer running program, on your computer one of the procedures of the time and record the names of two. You can stop the implementation of the banned procedures, such as not playing games. 3. This procedure needs to join the registry, the system started running on to achieve the purpose of surveillance. The registry probably not unfamiliar, is here : HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run
Platform: | Size: 758784 | Author: 毕胜 | Hits:

[Windows Developmyhook

Description: 利用这个程序: 1.可以监视在你的电脑运行的程序, 把在你的电脑运行过的程序的时间和名字记录下来 2.可以阻止你规定的禁用程序的执行, 比如不让玩游戏。 3.这个程序需要加入注册表, 在系统启动时就运行, 达到监视的目的。注册表大概都不陌生,就是这里: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run-use of this procedure : 1. You can monitor the computer running program, on your computer one of the procedures of the time and record the names of two. You can stop the implementation of the banned procedures, such as not playing games. 3. This procedure needs to join the registry, the system started running on to achieve the purpose of surveillance. The registry probably not unfamiliar, is here : HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run
Platform: | Size: 436224 | Author: 毕胜 | Hits:

[OS programhklm

Description: CHKLM类允许你在注册表的HKEY_LOCAL_MACHINE注册键中做写操作(10KB)-CHKLM allows you to type in the registry HKEY_LOCAL_MACHINE registration keys do write (10KB)
Platform: | Size: 9216 | Author: 阿强 | Hits:

[OS programedit_hklm

Description: 一个注册表访问类,允许直接写入 HKEY_LOCAL_MACHINE 键-a visit to the registry and permitted direct writing HKEY_LOCAL_MACHINE Key
Platform: | Size: 10240 | Author: ghost | Hits:
« 12 3 4 »

CodeBus www.codebus.net