25 April 2009

DLL Export Viewer 1.30

0 comments

DLL Export Viewer displays the list of all exported functions and their virtual memory addresses for the specified DLL files. You can easily copy the memory address of the desired function, paste it into your debugger and set a breakpoint for this memory address. When this function is called, the debugger will stop in the beginning of this function.

For example: If you want to break each time that a message box is going to be displayed, simply put breakpoints on the memory addresses of message-box functions: MessageBoxExA, MessageBoxA and MessageBoxIndirectA (or MessageBoxExW, MessageBoxW and MessageBoxIndirectW in unicode based applications)

When one of the message-box functions is called, your debugger should break in the entry point of that function, and then you can look at call stack and go backward into the code that initiated this API call.

DLL Export Viewer doesn't require any installation process or additional DLLs, in order to start using it, just run the executable file - dllexp.exe

When DLL Export Viewer is loaded, you have to choose one of the following options:
· Load all functions from standard system DLLs: This is the default option. If you select it, the exported API functions of standard Windows DLLs (kernel32.dll, user32.dll, and so on...) will be displayed.
· Load functions from the specified DLL file: If you select this option, you have to specify the DLL file that you want to load in the text-box below this option. You can also specify a wildcard for loading multiple DLL files. If for some reason, you want to view all API functions on your system, you can specify something like 'c:windowssystem32*.dll' - but I must warn you... You'll get a very long functions list, probably more than 50,000 functions !
· Load functions from the DLL files specified in the following text file: If you select this option, the specified text file should contain a list of DLL files, separated by Enter characters (CR-LF). All exported functions from the specified DLLs will be loaded.
· Load functions from all DLLs attached to the selected process: This is the most useful option if you want to use this utility for debugging. Select the process that you are currently debugging, and the exported functions of all DLLs attached to the selected process will be displayed.

Homepage: http://www.nirsoft.net/

Download: http://www.nirsoft.net.nyud.net/utils/dllexp.zip

24 April 2009

eMule 0.49c MorphXT+ v11.3

1 comments
.....:::: MorphXT+ ::::.....
- Versione NON bannata - risolve il problema dei nick -

update to 11.3 code base

Homepage: http://frankyfive.altervista.org.nyud.net:8080/morph+.html

Download:
BIN: eMule 0.49c [MorphXT+ 11.3]
SRC: eMule 0.49c [MorphXT+ 11.3]

23 April 2009

Microsoft Network Monitor 3.3

0 comments
Network Monitor 3.3 is a protocol analyzer. It allows you to capture network traffic, view and analyze it. Version 3.3 is an update and replaces Network Monitor 3.2. Network Monitor 3.x is a complete overhaul of the previous Network Monitor 2.x version.

Tool to allow capturing and protocol analysis of network traffic.

Homepage + Download: http://go.microsoft.com/fwlink/?LinkID=103158

Network Monitor 3.3 introduces the Experts menu. This feature allows you to run external analysis tools on an open capture file.

This page is points you to these useful “Experts” for your data analysis needs within Network Monitor. Also provided here is the Expert SDK.

Experts can only be invoked from Network Monitor 3.3 Beta and later versions. To install the latest version of Network Monitor please click here. To install an Expert, download the appropriate MSI for your platform from one of the following Expert Download pages. Then, on any new capture you open with Network Monitor, you will see the new Expert available to run on your capture. Experts should also provide specific help on their usage from within the Experts menu.
Expert SDK: http://nmexperts.codeplex.com/

7-Zip 9.02 Alpha

0 comments
7-Zip 9.02 alpha was released.

7-Zip for 32-bit Windows:
http://dl.7-zip.org/7z902.exe

7-Zip for 64-bit Windows x64:
http://dl.7-zip.org/7z902-x64.msi

What's new after 7-Zip 9.01 alpha:
- Some bugs were fixed.

What's new after 7-zip 4.65:
- 7-Zip now supports LZMA2 compression method.
- 7-Zip now supports XZ archives.
- 7-Zip now can unpack NTFS, FAT, VHD and MBR archives.
- 7-Zip now can unpack GZip, BZip2, LZMA, XZ and TAR archives from stdin.
- 7-Zip now can open/copy/compress disk images (like \\.\c:) from \\.\ folder.
- 7-Zip File Manager now doesn't use temp files to open nested archives
stored without compression.
- New -scrc switch to calculate total CRC-32 during extracting / testing.
- Some bugs were fixed.


BBS: http://sourceforge.net/forum/forum.php?forum_id=45797

extras: 7-Zip Theme Manager 1.1
Many users of the excellent file archiver 7-Zip criticized its nostalgic appearance. That's exactly where "7-Zip Theme Manager", in short "7zTM", coded by KillerCookie, comes in and offers the following features:

Stylish...
* Toolbar Themes - change the look of the toolbar of 7-Zip
* Filetype Themes - change the look of archived files, for instance in Explorer
* 38 Toolbar Themes and 14 Filetype Themes in version 1.0 are already integrated


Handy...
* automatic or manual search of the 7-Zip installation folder
* convenient activation of the Themes with just a click
* Themes previews integrated directly into the program
* multi-lingual user interface - see Download area
* online update for up to date Themes and features - see FAQ #6 / #7

Changelog:
22 new toolbar themes
1 new filetype theme
some minor fixes

Languages:
German, English, Italian

Bugs:
7-Zip 64-Bit files get corrupted when being patched, this bug will be fixed in one of the next versions.

Homepage: http://killercookie-server.media-xshell.com/7zTM/
BBS: http://sourceforge.net/forum/forum.php?thread_id=3156949&forum_id=45797
Download http://killercookie-server.media-xshell.com/7zTM/index.php?cat=01_English&page=02_Download

21 April 2009

MorphXT v11.3 morph4u privat edition

1 comments
MorphXT v11.3 morph4u privat edition

Update to v11.3


MorphXT v.11.3 Privat Edition by morph4u
========================================

21.04.2009
==========

Update to v.11.3


MorphXT v.11.2 Privat Edition by morph4u
========================================

28.03.2009
==========

+ Random Modstring
+ Friendboost
+ Commboost
+ Unlimited Slot
+ Force Uploadslot
+ Single Reask
+ Copy eD2K link [/URL]
+ Select all in menu
+ UpPrio in downloadlist
+ Only Upload to eMule
+ Emulate Others
+ Enhanced Client Recognization
+ Auto Drop Immunity
+ Shutdown Options
+ Custom Prio
+ Variable bantime
+ Kick
+ Ban
+ Push
+ Changed Queuesize settings
+ Powershare in WebInterface
+ Some colors in lists
+ Changed some icons

- Removed all restrictions
- Removed/Changed many features i dont need ;-)

ed2k://|file|eMule.v0.49c.MorphXT.v11.3.morph4u.pe.rar|3906506|B698D1C51342ED98850377DB3DCA195E|h=MP55QIGCPLVXOSEZQFXOLCU6YEOEEF76|/
http filesharehost: eMule.v0.49c.MorphXT.v11.3.morph4u.pe.rar 3.73 MB

20 April 2009

P2P eMule Kad vulnerable alert!

0 comments
Kadermilla vulnerable against Sybil attacks

Montage einer Sybil Angriff ist sehr einfach in KAD und erlaubt es die Privatsphäre der Nutzer via KAD zu entlarven.

"mounting a Sybil attack is very easy in KAD and allows to compromise the privacy of KAD users"

Message link: http://twitter.com/godlaugh/status/1637309678

Background info: http://pastel.paristech.org/4443/?

Structures and Algorithms for Peer-to-Peer Cooperation

Steiner, Moritz (2008) Structures and Algorithms for Peer-to-Peer Cooperation. PhD thesis Informatique, Eurecom p.218.

Full text available as:
- SteinerDiss.pdf ( 3175 Kb )

Licence: Copyright

Alternative Locations: http://www.eurecom.fr/~btroup/BPublished/SteinerDiss.pdf, http://www.informatik.uni-mannheim.de/pi4/publications/Steiner2008d.pdf
Abstract

Peer-to-peer overlay networks are distributed systems, without any hierarchical organization or centralized control. Peers form self-organizing overlay networks that are on top of the Internet.



Both parts of this thesis deal with peer-to-peer overlay networks, the first part with unstructured ones used to build a large scale Networked Virtual Environment. The second part gives insights on how the users of a real life structured peer-to-peer network behave, and how well the proposed algorithms for publishing and retrieving data works. Moreover we analyze the security (holes) in such a system.



Networked virtual environments (NVEs), also known as distributed virtual environments, are computer-generated, synthetic worlds that allow simultaneous interactions of multiple participants. Many efforts have been made to allow people to interact in realistic virtual environments, resulting in the recent boom of Massively Multiplayer Online Games (MMOG).



In the first part of the thesis, we present a complete study of an augmented Delaunay-based overlay for peer-to-peer massively shared virtual worlds. We design an overlay network matching the Delaunay triangulation of the participating peers in a generalized d-dimensional space. Especially, we describe the selforganizing algorithms for peer insertion and deletion.



To reduce the delay penalty of overlay routing, we propose to augment each node of the Delaunay-based overlay with a limited number of carefully selected shortcut links creating a small-world. We show that a small number of shortcuts is sufficient to significantly decrease the delay of routing in the space.



We present a distributed algorithm for the clustering of peers. The algorithm is dynamic in the sense that whenever a peer joins or leaves the NVE, the clustering will be adapted if necessary by either splitting a cluster or merging clusters. The main idea of the algorithm is to classify links between adjacent peers into short intracluster and long inter-cluster links.



In a structured system, the neighbor relationship between peers and data locations is strictly defined. Searching in such systems is therefore determined by the particular network architecture. Among the strictly structured systems, some implement a distributed hash table (DHT) using different data structures. DHTs have been actively studied in literature and many different proposals have been made on how to organize peers in a DHT. However, very few DHTs have been implemented in real systems and deployed on a large scale. One exception is KAD, a DHT based on Kademlia, which is part of eDonkey, a peer-to-peer file sharing system with several million simultaneous users.



In the second part of this thesis we give a detailed background on KAD, the organization of the peers, the search and the publish operations, and we describe our measurement methodology. We have been crawling KAD continuously for more than a year. We obtained information about geographical distribution of peers, session times, peer availability, and peer lifetime. We found that session times are Weibull distributed and show how this information can be exploited to make the publishing Mechanism much more efficient.



As we have been studying KAD over the course of the last two years we have been both, fascinated and frightened by the possibilities KAD offers. We show that mounting a Sybil attack is very easy in KAD and allows to compromise the privacy of KAD users, to compromise the correct operation of the key lookup and to mount DDOS with very little resources.

Archive