G
Guest
Does anyone know of any good examples or sites explaining how to create an application using C# that can run as a true stealth program, hidden from any process programs such as task manager, etc?
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
J
Jochen Kalmbach
=?Utf-8?B?RGVtZXRyaQ==?= said:Does anyone know of any good examples or sites explaining how to
create an application using C# that can run as a true stealth program,
hidden from any process programs such as task manager, etc?
Create a remote thread and terminate.
--
Greetings
Jochen
Do you need a memory-leak finder ?
http://www.codeproject.com/tools/leakfinder.asp
Do you need daily reports from your server?
http://sourceforge.net/projects/srvreport/
V
Vladimir Scherbina
as far as i know you cant hide running process from windows task manager
Vladimir Scherbina,
Ukraine, Kiev.
process programs such as task manager, etc?
Vladimir Scherbina,
Ukraine, Kiev.
application using C# that can run as a true stealth program, hidden from anyDemetri said:Does anyone know of any good examples or sites explaining how to create an
process programs such as task manager, etc?
G
Guest
Explain please
----- Jochen Kalmbach wrote: ----
=?Utf-8?B?RGVtZXRyaQ==?= wrote
Create a remote thread and terminate
--
Greeting
Joche
Do you need a memory-leak finder
http://www.codeproject.com/tools/leakfinder.as
Do you need daily reports from your server
http://sourceforge.net/projects/srvreport
----- Jochen Kalmbach wrote: ----
=?Utf-8?B?RGVtZXRyaQ==?= wrote
Does anyone know of any good examples or sites explaining how t
create an application using C# that can run as a true stealth program
hidden from any process programs such as task manager, etc?
Create a remote thread and terminate
--
Greeting
Joche
Do you need a memory-leak finder
http://www.codeproject.com/tools/leakfinder.as
Do you need daily reports from your server
http://sourceforge.net/projects/srvreport
J
Jochen Kalmbach
=?Utf-8?B?RGVtZXRyaQ==?= said:Explain please?
It is hard to do in C#...
For C you can create a remote thread...
But you need the apropriate access right to do this...
See: CreateRemoteThread
http://msdn.microsoft.com/library/en-us/dllproc/base/createremotethread.asp
For C# you also need to host the CLR...
--
Greetings
Jochen
Do you need a memory-leak finder ?
http://www.codeproject.com/tools/leakfinder.asp
Do you need daily reports from your server?
http://sourceforge.net/projects/srvreport/
G
Guest
Ah hah...so write code that launches some process and call the CreateRemoteThread function then terminate the launced process and the remote thread will still be running
----- Jochen Kalmbach wrote: ----
=?Utf-8?B?RGVtZXRyaQ==?= wrote
It is hard to do in C#..
For C you can create a remote thread..
But you need the apropriate access right to do this..
See: CreateRemoteThrea
http://msdn.microsoft.com/library/en-us/dllproc/base/createremotethread.as
For C# you also need to host the CLR..
--
Greeting
Joche
Do you need a memory-leak finder
http://www.codeproject.com/tools/leakfinder.as
Do you need daily reports from your server
http://sourceforge.net/projects/srvreport
----- Jochen Kalmbach wrote: ----
=?Utf-8?B?RGVtZXRyaQ==?= wrote
Explain please
It is hard to do in C#..
For C you can create a remote thread..
But you need the apropriate access right to do this..
See: CreateRemoteThrea
http://msdn.microsoft.com/library/en-us/dllproc/base/createremotethread.as
For C# you also need to host the CLR..
--
Greeting
Joche
Do you need a memory-leak finder
http://www.codeproject.com/tools/leakfinder.as
Do you need daily reports from your server
http://sourceforge.net/projects/srvreport
W
Willy Denoyette [MVP]
Not sure where you get this from, but IMO If you terminate the process you
terminate all threads too, did I miss something fundamental about processes
and threads?
Willy.
terminate all threads too, did I miss something fundamental about processes
and threads?
Willy.
S
Sherif ElMetainy
Hello
No, it means you open a process that is already running like explorer.exe,
create a remote thread in that process, and end your program. Your thread
will run until the other process terminates (in case of explorer.exe, this
happens when shutting down or logging off). So your thread will be hiding in
another process. This is very difficult to accomplish with unmanaged C/C++,
and would be harder in C#. You can easily crash the other process if you do
something wrong.
Best regards,
Sherif
remote thread will still be running?
No, it means you open a process that is already running like explorer.exe,
create a remote thread in that process, and end your program. Your thread
will run until the other process terminates (in case of explorer.exe, this
happens when shutting down or logging off). So your thread will be hiding in
another process. This is very difficult to accomplish with unmanaged C/C++,
and would be harder in C#. You can easily crash the other process if you do
something wrong.
Best regards,
Sherif
CreateRemoteThread function then terminate the launced process and theDemetri said:Ah hah...so write code that launches some process and call the
remote thread will still be running?
W
Willy Denoyette [MVP]
Jochen,
I'm sorry, forget about this, you were talking about terminating the callers
process not the target.
Willy.
I'm sorry, forget about this, you were talking about terminating the callers
process not the target.
Willy.
J
Jochen Kalmbach
Willy said:I'm sorry, forget about this, you were talking about terminating the
callers process not the target.
Yes. But it is not so easy as it will look like...
Because if the calling process terminates, it will also close the allocated
memory, and therefor the target-prcess will crash...
So you need to make one more step...
1. Create remote thread
2. Inside this remote methode you have to create a local copy if the data
and code and create a "normal" (local) thread
3. Terminate remote thread
I wrote a small example:
http://srvreport.kalmbachnet.de/CreateRemoteThread.zip
--
Greetings
Jochen
Do you need a memory-leak finder ?
http://www.codeproject.com/tools/leakfinder.asp
Do you need daily reports from your server ?
http://sourceforge.net/projects/srvreport/
W
Willy Denoyette [MVP]
Jochen,
Thanks for the sample, I've done this a couple of years ago, and you are
right there are some pitfalls.
I'm not clear on why OP would need this, after all the thread still run's in
a "visible" process. Another way to achieve this is to set-up the
application as a COM+ server type application.
Willy.
Thanks for the sample, I've done this a couple of years ago, and you are
right there are some pitfalls.
I'm not clear on why OP would need this, after all the thread still run's in
a "visible" process. Another way to achieve this is to set-up the
application as a COM+ server type application.
Willy.
Ask a Question
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.