Hi everybody,
I want to introduce to you a new API Monitor (freeware for non-commercial use) that is written entirely in win32asm. Visit our page to download and test it. I hope you will like it.
KaKeeware
http://www.kakeeware.com
I want to introduce to you a new API Monitor (freeware for non-commercial use) that is written entirely in win32asm. Visit our page to download and test it. I hope you will like it.
KaKeeware
http://www.kakeeware.com
kakeeware:
thanks you provide the tool.
Kam is a refinement and perfection tool.
kb_ie.exe is only 3k, but running as iexplore.exe(91k) fine.
regards.
thanks you provide the tool.
Kam is a refinement and perfection tool.
kb_ie.exe is only 3k, but running as iexplore.exe(91k) fine.
regards.
Considering the UPX license at http://upx.sourceforge.net/upx-license.html and the fact that I cannot use "upx -d" to uncompress kam.exe, you are violating the UPX license. If you further read the UPX license, this effectively makes your program GPL. So either release the source, stop making the exe uncompressable, or find another exe packer.
Hi,
yeah, you were right - I just didn't check it as I assumed UPX could handle it. Now it's fixed. Thx for pointing it out!
KaKeeware
http://www.kakeeware.com
yeah, you were right - I just didn't check it as I assumed UPX could handle it. Now it's fixed. Thx for pointing it out!
KaKeeware
http://www.kakeeware.com
No problem. Better having me mention it, rather than some insane GPL zealot...
F0dder.. buttom line.. who cares.. upx.. uncompressed or not...
big deal.. u can't uncompress the file.. wow end of the world..
than unpack it manually with a debugger.. 8)
geesh ppl making mountain from nothing.. go figure.. :roll:
big deal.. u can't uncompress the file.. wow end of the world..
than unpack it manually with a debugger.. 8)
geesh ppl making mountain from nothing.. go figure.. :roll:
Considering the UPX license at http://upx.sourceforge.net/upx-license.html and the fact that I cannot use "upx -d" to uncompress kam.exe, you are violating the UPX license. If you further read the UPX license, this effectively makes your program GPL. So either release the source, stop making the exe uncompressable, or find another exe packer.
Hypocritical to say:
GPL: as free as a police state
GNU: Generally Not Usable
then accuse others of violations, no?
Would it be improper to alert my enemy of theft by a third?
Triangles can be played many ways:
1) Tell enemy to remove future suspicion
2) Blackmail third
3) Remain quiet to leverage 1 or 2 later
f0dder's choice seems a rather favorable one - commendable even! Additionally, it seems he wanted to take a look before running the program which is preferred practice among many.
Triangles can be played many ways:
1) Tell enemy to remove future suspicion
2) Blackmail third
3) Remain quiet to leverage 1 or 2 later
f0dder's choice seems a rather favorable one - commendable even! Additionally, it seems he wanted to take a look before running the program which is preferred practice among many.
The monitor seems to have problems: my program uses it to load a dll, but monitor doesn't show any references to it. Interestingly, apimon from http://www.rohitab.com/apimonitor/ has the same problem.
You can find the program here: http://ry.pl/~omega/asm/cpuid.zip (NASM source, includes are at http://ry.pl/~omega/asm/inc.zip).
You can find the program here: http://ry.pl/~omega/asm/cpuid.zip (NASM source, includes are at http://ry.pl/~omega/asm/inc.zip).
archphase, no. It would be hypocritical if I myself violated the GPL, but I don't. I'm not going to touch any source under the GPL license.
Additionally, it seems he wanted to take a look before running the program which is preferred practice among many.
Exactly, bitRAKE. I don't like running executable code I haven't had a look at first. Not that UPX is hard to unpack manually, but whatever :)
Additionally, it seems he wanted to take a look before running the program which is preferred practice among many.
Exactly, bitRAKE. I don't like running executable code I haven't had a look at first. Not that UPX is hard to unpack manually, but whatever :)
The monitor seems to have problems: my program uses it to load a dll, but monitor doesn't show any references to it. Interestingly, apimon from http://www.rohitab.com/apimonitor/ has the same problem.
You can find the program here: http://ry.pl/~omega/asm/cpuid.zip (NASM source, includes are at http://ry.pl/~omega/asm/inc.zip).
You can find the program here: http://ry.pl/~omega/asm/cpuid.zip (NASM source, includes are at http://ry.pl/~omega/asm/inc.zip).
actually, your DLL is not present in the cpuid.zip package ;) - the monitor is unable to show any reference to the files that are not loaded into memory
I just created a dummy omega.dll library and here's what KAM shows after your program is started (hook is set on LoadLibraryA, LoadLibraryW, LoadLibraryExA and LoadLibraryExW):
00401016 LoadLibraryA, WinBase.h, kernel32.dll, DWORD
- 0040200F = Omega.dll
77E805D5 LoadLibraryExW, WinBase.h, kernel32.dll, DWORD
- 7FFDEC00 = Omega.dll
- 00000000 (0)
- 00000000 (0)
Module Omega.dll accessed at 10000000
KaKeeware
http://www.kakeeware.com
Oops, I knew I forgot something ;)
And I'm blind apparently, maybe because searching for LoadLibrary didn't show anything. ;)
Nice work!
And I'm blind apparently, maybe because searching for LoadLibrary didn't show anything. ;)
Nice work!