Exetools  

Go Back   Exetools > General > Community Tools

Notices

Reply
 
Thread Tools Display Modes
  #1  
Old 06-08-2010, 01:28
Fyyre's Avatar
Fyyre Fyyre is offline
Fyyre
 
Join Date: Dec 2009
Location: 0°N 0°E / 0°N 0°E / 0; 0
Posts: 259
Rept. Given: 75
Rept. Rcvd 85 Times in 38 Posts
Thanks Given: 141
Thanks Rcvd at 335 Times in 113 Posts
Fyyre Reputation: 85
x64 Process Hide/Unhide Utility

Simple tool I made... he will hide and unhide processes on x64 Windows 7 (assuming you disable PG with my other tool). I post it here, for the interested.

I will post the source code in x64 section later, maybe someone can learn from it.

-Fyyre
Attached Files
File Type: rar hide.rar (38.7 KB, 135 views)
Reply With Quote
  #2  
Old 06-08-2010, 04:57
Fyyre's Avatar
Fyyre Fyyre is offline
Fyyre
 
Join Date: Dec 2009
Location: 0°N 0°E / 0°N 0°E / 0; 0
Posts: 259
Rept. Given: 75
Rept. Rcvd 85 Times in 38 Posts
Thanks Given: 141
Thanks Rcvd at 335 Times in 113 Posts
Fyyre Reputation: 85
Here is the driver source code.

-Fyyre
Attached Files
File Type: rar hidex64src.rar (14.0 KB, 162 views)
Reply With Quote
The Following 5 Users Gave Reputation+1 to Fyyre For This Useful Post:
cyberbob (06-08-2010), Loki (06-08-2010), oVERfLOW (06-08-2010), redbull (06-30-2010), smallfox (06-08-2010)
  #3  
Old 05-08-2012, 09:21
ahmadmansoor's Avatar
ahmadmansoor ahmadmansoor is offline
Coder
 
Join Date: Feb 2006
Location: Syria
Posts: 1,044
Rept. Given: 505
Rept. Rcvd 373 Times in 142 Posts
Thanks Given: 326
Thanks Rcvd at 406 Times in 119 Posts
ahmadmansoor Reputation: 300-399 ahmadmansoor Reputation: 300-399 ahmadmansoor Reputation: 300-399 ahmadmansoor Reputation: 300-399
Many Thanks Fyyre for ur nice work .specially for source code
+ 10
__________________
Ur Best Friend Ahmadmansoor
Always My Best Friend: Aaron & JMI & ZeNiX
Reply With Quote
  #4  
Old 05-20-2012, 17:41
NeOXOeN NeOXOeN is offline
Friend
 
Join Date: Jan 2005
Posts: 273
Rept. Given: 2
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 2
Thanks Rcvd at 18 Times in 18 Posts
NeOXOeN Reputation: 3
thx for source code...
Reply With Quote
  #5  
Old 05-27-2012, 02:04
Newbie_Cracker's Avatar
Newbie_Cracker Newbie_Cracker is offline
VIP
 
Join Date: Jan 2005
Posts: 227
Rept. Given: 72
Rept. Rcvd 26 Times in 12 Posts
Thanks Given: 49
Thanks Rcvd at 25 Times in 18 Posts
Newbie_Cracker Reputation: 26
Finally a x64 process hider born. Thanks man.
__________________
In memory of UnREal RCE...
Reply With Quote
  #6  
Old 06-05-2012, 19:38
jump jump is offline
VIP
 
Join Date: Jan 2009
Posts: 305
Rept. Given: 84
Rept. Rcvd 51 Times in 26 Posts
Thanks Given: 22
Thanks Rcvd at 41 Times in 27 Posts
jump Reputation: 51
At first thanks for contribution.
What if i will have certificate for code signing accepted under Win7 x64 and sign your driver. Do i still have to use your tool to disable PG before? Hope not,right?
Reply With Quote
  #7  
Old 06-23-2012, 06:34
optimus_prime
 
Posts: n/a
Wow, amazing Just going through the code, small and efficient, thanks for sharing.
Reply With Quote
  #8  
Old 07-09-2012, 23:53
SlashZero SlashZero is offline
Friend
 
Join Date: Aug 2002
Posts: 28
Rept. Given: 4
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 0
Thanks Rcvd at 0 Times in 0 Posts
SlashZero Reputation: 0
That comes in handy! Just what I need now. Thanks
Reply With Quote
  #9  
Old 07-22-2012, 06:17
DMichael's Avatar
DMichael DMichael is offline
Family
 
Join Date: Apr 2012
Location: Israel
Posts: 197
Rept. Given: 138
Rept. Rcvd 281 Times in 72 Posts
Thanks Given: 13
Thanks Rcvd at 31 Times in 25 Posts
DMichael Reputation: 200-299 DMichael Reputation: 200-299 DMichael Reputation: 200-299
can we see one for 32bit?
Reply With Quote
  #10  
Old 03-07-2013, 03:15
securedsolutions
 
Posts: n/a
Is it possible to hide a process on a x64 machine without having to do anything prior to hiding? (without having to disable PG manually, for example)
Reply With Quote
  #11  
Old 03-10-2013, 00:33
Archer's Avatar
Archer Archer is offline
retired
 
Join Date: Aug 2005
Posts: 239
Rept. Given: 1
Rept. Rcvd 46 Times in 19 Posts
Thanks Given: 3
Thanks Rcvd at 387 Times in 57 Posts
Archer Reputation: 46
It isn't. And I hope you aren't going to implement rootkit-style technologies in some security product.
Reply With Quote
  #12  
Old 03-16-2013, 01:06
securedsolutions
 
Posts: n/a
You can say that to everybody here.... Yes, I need a solution which will not require disabling PG manually. Anyhow my intentions are lawful and for research purposes only. Fyyre, could you help me?
Reply With Quote
  #13  
Old 04-11-2013, 12:27
Fyyre's Avatar
Fyyre Fyyre is offline
Fyyre
 
Join Date: Dec 2009
Location: 0°N 0°E / 0°N 0°E / 0; 0
Posts: 259
Rept. Given: 75
Rept. Rcvd 85 Times in 38 Posts
Thanks Given: 141
Thanks Rcvd at 335 Times in 113 Posts
Fyyre Reputation: 85
Quote:
Originally Posted by securedsolutions View Post
You can say that to everybody here.... Yes, I need a solution which will not require disabling PG manually. Anyhow my intentions are lawful and for research purposes only. Fyyre, could you help me?
I do not have the time for anything like this, let alone time to work much on my own projects, due to work.

-Fyyre
__________________
Best Wishes,

Fyyre

--

https://github.com/Fyyre
Reply With Quote
  #14  
Old 04-29-2013, 05:19
straycat19
 
Posts: n/a
Couldn't download it here but got it from your web. Thanks very much for providing it there.
Reply With Quote
  #15  
Old 06-11-2013, 18:26
securedsolutions
 
Posts: n/a
Can you disable PG programatically without rebooting? If that is possible, the hide/unhide tool can first check if PG is on, and if it is, turn it off silently and then hide the process
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Hashing Utility v1.0 chessgod101 Community Tools 16 11-07-2021 11:58


All times are GMT +8. The time now is 18:44.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )